Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2014-09-04 22:56:52

Nimbex
Member
Registered: 2014-09-04
Posts: 4

Cloning my Mifare Classic card.

Hi guys,

First of all, sorry for my poor English...

I just read two RFID cards using my Samsung SIII Neo, using the Mifare Classic Tool app.
These cards are used for acces control and paying things.

These are the results:

Card 1:

+Sector: 0
D4ED244D5088040047C11D345D003105
00000000000000000000000000000000
00000000000000000000000000000000
FFFFFFFFFFFFFF078069FFFFFFFFFFFF
+Sector: 1
00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
FFFFFFFFFFFFFF078069FFFFFFFFFFFF
+Sector: 2
00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
FFFFFFFFFFFFFF078069FFFFFFFFFFFF
+Sector: 3
00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
FFFFFFFFFFFFFF078069FFFFFFFFFFFF
+Sector: 4
00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
FFFFFFFFFFFFFF078069FFFFFFFFFFFF



Card 2:

+Sector: 0
D63B3C64B5880400468E24D75D503702
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFF078069FFFFFFFFFFFF
+Sector: 1
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFF078069FFFFFFFFFFFF
+Sector: 2
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFF078069FFFFFFFFFFFF
+Sector: 3
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFF078069FFFFFFFFFFFF
+Sector: 4
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFF078069FFFFFFFFFFFF


Sectors 5-15 gave: "No keys found (or dead sector)".

Am I correct when I think that both cards contain no specific data?
So they just use the UID to give acces or to pay something?

Or is there data on sectors 5-15 for wich I don't have the right keys?

Is there a difference between the 0000000000's on card 1 and the FFFFFFFFFFF's on card 2?

Thanks for the answers!

Offline

#2 2014-09-05 06:25:24

iceman
Administrator
Registered: 2013-04-25
Posts: 9,538
Website

Re: Cloning my Mifare Classic card.

If you could give the other information on the cards?

Offline

#3 2014-09-05 08:10:01

Nimbex
Member
Registered: 2014-09-04
Posts: 4

Re: Cloning my Mifare Classic card.

Wich information do you need?

Thanks !

Offline

#4 2014-09-05 08:13:57

Nimbex
Member
Registered: 2014-09-04
Posts: 4

Re: Cloning my Mifare Classic card.

UID: D4ED244D (4 byte)
RF technologie: ISO/IEC 14443, type A
ATQA: 0004
SAK: 08
ATS: -
Tag type and manufacturer: Mifare Classic 1K, NXP.

Offline

#5 2014-09-05 08:45:41

iceman
Administrator
Registered: 2013-04-25
Posts: 9,538
Website

Re: Cloning my Mifare Classic card.

If you had an pm3, you could have tried some different approaches but now I suspect that you are locked to your phone and the app.
But that would only analyse the card,  not in what context the card is used.  So if the system which the card belongs to have everything in a backend server based on the UID,  then you can't "change" the system.  You could get the uid for another card and pretend to be that card.

Offline

#6 2014-09-05 09:41:46

Nimbex
Member
Registered: 2014-09-04
Posts: 4

Re: Cloning my Mifare Classic card.

So I better buy me a RFID card reader/writer?

Offline

#7 2014-09-05 09:49:01

iceman
Administrator
Registered: 2013-04-25
Posts: 9,538
Website

Re: Cloning my Mifare Classic card.

Well... No..
Depends if you have an interest in this stuff and not to concerned about money.  Then you should be a pm3 and look into it.
Otherwize,  buy a r/w device which the libnfc works on,  then you will have more insight on the carddata.

Much of all things you can do with this nfc/rfid tech is hands-on lowlevel stuff.  The existing software like  nfc-tools, (libnfc, libfreefare) give you access to the cards. 
But if you want to create a new attack vector on a specific card,  then you need more knowledge.  And that takes effort and quite some time.

Offline

Board footer

Powered by FluxBB