Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2022-11-29 14:11:00

phaseloop
Contributor
Registered: 2021-08-17
Posts: 5

Password derived Mifare key

Hello!

Recently I've been researching some RFID car wash payments systems by company called Alberici.
Their installation manual describes initialisation of readers/cards/programmers using common password - 6 character 0-9, A-Z passphrase chosen by the installation owner. 6 chars looks awfully a lot like a 48-bit Mifare key wink So I assume they just convert it to ascii.

I'll try to verify it as I bought a initialised keyfob from a car wash using their system.

So if you cannot crack a Mifare, you can try reducing keyspace to ASCII 0-9, A-Z - I don't know the "chk" speed of proxmark but it's better than nothing I guess.

https://www.alberici.it/eng/products/cashless-systems/readers/rfid-keys

Last edited by phaseloop (2022-11-29 14:11:13)

Offline

#2 2022-11-29 18:49:00

phaseloop
Contributor
Registered: 2021-08-17
Posts: 5

Re: Password derived Mifare key

So, it turned out this is not a mifare but EM4x50 chip. I'll try to bruteforce it.

Last edited by phaseloop (2022-11-29 19:13:55)

Offline

Board footer

Powered by FluxBB