Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Pages: 1
To my knowledge when you run hf mf restore it uses the default keys to restore can you set a custom list of keys the same way the hf mf dump uses that list of keys?
Offline
I've never used the command, but looking at around line 611 in https://code.google.com/p/proxmark3/source/browse/trunk/client/cmdhfmf.c, it seems to do some strange stuff. It requires both a dumpfile and a dumpkeys-file, which is odd, since afaik, all necessary information is contained within a dumpfile, including keys.
Nevertheless, as far as I can tell, it uses the key 0xFFFFFFFFF to talk to the card. It is trivial to swap it to another key and just recompile it (just change the value), but in order to make it use another keydump for card communication is a bit more to do. If you're up to programming a bit in C then it's a good excercise...
Offline
Ok i know nothing about C so i might be in trouble . How would i write a .LUA script to do it block by block then for example what would i write in a lua script to output:
"hf mf wrbl 1 B FFFFFFFFFFFF 12345678912345678912345678912345" the "hf mf wrbl 2 B FFFFFFFFFFFF 12345678912345678912345678912345" ect?
Offline
hf mf restore.. Dont you need the output from "nested" as the input keys for it?
ie:
dumpdata.bin
dumpkeys.bin
maybe not optimal, but with the lua possibilities you can write a set on hf mf wrbl commands using the dumpdata.bin file as input.
Offline
I have those 2 files already but lets say i change the data in the dumpdata.bin and the try and restore it to the same card i got it from it tries to use the default keys to restore the data not the keys from the dumpkeys.bin so the only way to change the data on the card is block by block which would take forever thats why im now wondering if i could do it with a .bat file or a .lua script
Last edited by The Enterprise (2013-10-29 21:27:53)
Offline
I tried it, a couple of months back, to restore to a blank card.. which would explain why it worked the first time. Gives me an idea that I might need to erase my card first, then run the hf mf restore.. I agree, a lua-script would be better. Might even need a lua-script to "wipe" a card too.
Offline
Simplest script
core.console('hf mf wrbl 1 B FFFFFFFFFFFF 12345678912345678912345678912345');
core.console('hf mf wrbl 2 B FFFFFFFFFFFF 12345678912345678912345678912345');
Less simple:
local cmd = 'hf mf wrbl %d B %s 12345678912345678912345678912345'
local key = 'FFFFFFFFF
core.console(string.format(cmd, 1, key))
core.console(string.format(cmd, 2, key))
And then you can complicate it further, loop it and use different keys and whatever you want. Additionally, you can handle input-parameters, take a look at the existing scripts to see how that is done, but the code above should work even without all extra stuff that can be added
Offline
Ok thats easy enough thank you holiman! Yes iceman a wipe script would be awesome i tried wiping a card my self and failed miserably and i think messed up my uid changeable card.
Offline
I'm half throu with one, as we speak. Lua-scripting is new to me.
Offline
Ok if you can post it when your done that would be great.
Offline
I'm half throu with one, as we speak. Lua-scripting is new to me.
Let me know if you have any questions; you can email me directly (martin; the domain is swende.se)
Offline
You got mail..
The script, well, works in the sense it creates all the "hf mf wrbl" commands.. I haven't tried it with working keys yet.
An enhancement would be to read the dumpkeys.bin or the dumpdata.bin file for correct keys.
Offline
Pages: 1