Can PM3 read & write MIFARE Desfire® EV1 4K

PACMAC · 2015-10-25 06:15:48

Hi Everyone,

I have been surfing through the net and also reading the proxmark forums but I was not able to find any clear information about my problem.

My question is very simple:
Can pm3 read & write MIFARE Desfire® EV1 4K cards?

I got a pm3 from my friend and I simply want to clone my building access card but so far I was not able to find anything on the internet.

Hope someone on the forums will be able to assist me with this.

Thanks pm3 community.

Danz · 2015-10-26 04:37:29

your building access uses MIFARE Desfire® EV1 !!! Kadus for that

to your question it can read and write but would require authentication key, (I think it is unbreakable unless you can sniff the communication between your card and reader).

hope someone will correct me on this incase

OBP · 2015-10-26 05:28:17

Thanks for the reply Danz, I hope the process is not that difficult but from what you have said it does not look like an easy process...

PACMAC · 2015-10-26 10:41:19

Danz wrote:

your building access uses MIFARE Desfire® EV1 !!! Kadus for that
to your question it can read and write but would require authentication key, (I think it is unbreakable unless you can sniff the communication between your card and reader).
hope someone will correct me on this incase

How can I do what you have suggested?
Any clear instructions or how to guides anywhere that you might know of?

PACMAC · 2015-10-26 10:45:13

OBP wrote:

Thanks for the reply Danz, I hope the process is not that difficult but from what you have said it does not look like an easy process...

Hey, are you trying to achieve the same thing?
Do you know any good websites to read other than pm3 forums or any how to guides?

iceman · 2015-10-26 11:13:17

the crypto modes available for desfire is DES/3DES/AES/PLAIN.
If your tag system doesn't use crypto (ie PLAIN mode) then you should be able to sniff the traffic.
Other modes doesn't send the key ( 3-way handshake) and there is no known attack for the newer desfire products. Only a side-channel attack on an older tag model.

-- if someone takes the most common default passwords and tries them, you might get lucky. Nothing that is implemented.

cardix · 2015-10-26 13:29:03

Iceman, this boob PACMAN he is the also using the nickname Mr Nobot,
He is trying to duplicate the key to make profit, there is no point helping him since he cannot understand anything by himself.

Let him get lost.

cardix · 2015-10-26 13:37:36

talk to 0xFFFF, he knows who I am

iceman · 2015-10-26 13:46:03

When it comes to Desfire, nobody will succeed at the moment. No need to be alarmed.

cardix · 2015-10-26 13:46:28

I think too many intelligent guys here are giving away too much to the noobs, there is a big difference between someone trying to learn about RFID and someone just asking stupid questions to turn it into a business!

We saw not long time ago this Chinese guy from xfpga asking hits of question in this forum to finally create a cloner and sell it everywhere in the world, this idiot certainly didn't realised that they used his cloner on the tv show Mr Robot ah ah ah
Thanks to all smart guys here, giving him too much information, he is now rich and instead of using the Proxmark they used his noob cloner, what a shame...

If you want to keep helping noobs this is going to turn into dodgy businesses at the end!
You are smart enough to make the difference!

PACMAC · 2015-10-27 03:49:24

cardix wrote:

Iceman, this boob PACMAN he is the also using the nickname Mr Nobot,
He is trying to duplicate the key to make profit, there is no point helping him since he cannot understand anything by himself.
Let him get lost.

I am not Mr Nobot or Robot or whatever so don't judge a book by the cover.

It is not up to you Cardix to decide if people can help others or not.
I want to duplicate my key, which you have no right to interfere or comment.
This is an open forum so people like me who have little knowledge come here to learn/understand from more knowledgable people. That is the whole idea about a forum and how forums work.

You just created your account yeaterday to comment on these posts so most probably you actually are one of those guys who are making money out of this as a business and you are trying to protect your business by trying to prevent others to learn or have the same knowledge as you do.

But you forget one thing, it is those "smart" people who decide if they want to share their knowledge with the "noob" people, not you.

So talk nicely and learn to respect people!

If someone needs to get lost that is you not people like us...

Danz · 2015-10-27 06:42:21

Guys Chillax... no solution or whatever was exposed here,

That said, I may have something to create the cracking process on
I've made one DESFIRE with my own keys, "yes, everyone who use desfire use their own keys, not default, otherwise company would stick to classic if they don't want this security",

now testing the cracking process, the card to tag reply is much shorter when you the first digit/letter of key are same,

if someone can create brute force method that can put those measurement into action, it will be great.

iceman · 2015-10-27 10:38:00

For which crypto-mode does the tag behave like that?
and does this repeat itself when the first+second byte of key is the same?

Danz · 2015-10-27 18:38:43

Hello Iceman, it was for AES, haven't test on other crypto yet.

The deauth replay is comes faster "talking about time" the closer to the right key.

tic toc, I think it is processing issue that can lead to something !?!

iceman · 2015-10-27 19:09:01

That is definite something to verify...

PACMAC · 2015-10-28 07:51:00

Danz wrote:

Hello Iceman, it was for AES, haven't test on other crypto yet.
The deauth replay is comes faster "talking about time" the closer to the right key.
tic toc, I think it is processing issue that can lead to something !?!

Hey Danz, I hope you can successfully figure things out and help me with my task as well.
If there is anything that I can assist you with please let me know.

iceman · 2015-10-28 13:52:39

@danz, so what you are saying is that tagresponse "0b 00 ae c6 c0 " 0xAE comes faster if the first byte of the given key is correct? or do you mean the "0b 00 af 0a ...." response comes faster?

If only I had a desfire tag with a known key, this would be some much easier to verify...

--snippet log AUTH/AES for a Desfire 4k

        0 |        992 | Rdr |52                                                               |     | WUPA
     2244 |       4612 | Tag |44  03                                                           |     |
     7040 |       9504 | Rdr |93  20                                                           |     | ANTICOLL
    10692 |      16516 | Tag |88  04  77  29  d2                                               |     |
    18688 |      29216 | Rdr |93  70  88  04  77  29  d2  6c  76                               |  ok | SELECT_UID
    30404 |      33924 | Tag |24  d8  36                                                       |     |
    35200 |      37664 | Rdr |95  20                                                           |     | ANTICOLL-2
    38852 |      44740 | Tag |5a  86  34  80  68                                               |     |
    46848 |      57376 | Rdr |95  70  5a  86  34  80  68  22  58                               |  ok | ANTICOLL-2
    58564 |      62148 | Tag |20  fc  70                                                       |     |
    63488 |      68256 | Rdr |e0  80  31  73                                                   |  ok | RATS
    69444 |      78724 | Tag |06  75  77  81  02  80  02  f0                                   |  ok |
    85504 |      92512 | Rdr |0a  00  aa  00  21  d8                                           |  ok | ?
   128452 |     152772 | Tag |0a  00  af  f7  a2  cf  33  2e  68  e1  b7  d9  27  b6  13  ce   |     |
          |            |     |8d  b6  b4  ef  8c                                               |  ok |
   162816 |     205600 | Rdr |0b  00  af  0a  b2  ad  48  77  78  56  2f  39  52  66  2c  ca   |     |
          |            |     |14  63  13  b7  6d  54  ad  b9  fc  28  a1  c5  f9  fc  ee  83   |     |
          |            |     |1c  72  5f  27  ea                                               |  ok | ?
   228676 |     234500 | Tag |0b  00  ae  c6  c0                                               |     |
   563584 |     567136 | Rdr |c2  e0  b4                                                       |  ok | RESTORE(224)

Last edited by iceman (2015-10-28 19:56:25)

key · 2015-11-04 11:45:54

iceman wrote:

the crypto modes available for desfire is DES/3DES/AES/PLAIN.
If your tag system doesn't use crypto (ie PLAIN mode) then you should be able to sniff the traffic.
Other modes doesn't send the key ( 3-way handshake) and there is no known attack for the newer desfire products. Only a side-channel attack on an older tag model.
-- if someone takes the most common default passwords and tries them, you might get lucky. Nothing that is implemented.

if sniff on wires, can get info about crypto key used?

iceman · 2015-11-04 11:57:39

maybe if you have access to the sourcecode of the system or the firmware of the reader you might find the cryptokeys.

key · 2015-12-07 15:42:50

same question here:Can PM3 read & write MIFARE Desfire® EV1 4K
so what is answer????

dylanger · 2016-10-09 23:21:59

As far as I'm aware, there's still nothing on this specific card, she's crazy secure, best bet is to obtain the reader and extract the key from it.

cjbrigato · 2016-10-11 07:50:39

I was reading some "Knowledgable Insider's" internal paper (which I strongly hope to get pas the "internal" and become public),
anyway it seems that Side-channel attacks had successful implementation as now-"easy" way on getting more or less what you want from an accessible desfire card, without invasive treatment shuch as MITM/Sniff etc.
Power Consumptions and alikes side channel attacks seems of nothing very promising (as I am aware, maybe wrong but I doubt it ?)
E.M. leakage Side channels are on their side very,very,very more interesting.

You can build the necessary to start such implementation within very constrained budget.

Proxmark3 community

Announcement

#1 2015-10-25 06:15:48

Can PM3 read & write MIFARE Desfire® EV1 4K

#2 2015-10-26 04:37:29

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#3 2015-10-26 05:28:17

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#4 2015-10-26 10:41:19

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#5 2015-10-26 10:45:13

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#6 2015-10-26 11:13:17

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#7 2015-10-26 13:29:03

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#8 2015-10-26 13:37:36

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#9 2015-10-26 13:46:03

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#10 2015-10-26 13:46:28

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#11 2015-10-27 03:49:24

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#12 2015-10-27 06:42:21

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#13 2015-10-27 10:38:00

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#14 2015-10-27 18:38:43

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#15 2015-10-27 19:09:01

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#16 2015-10-28 07:51:00

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#17 2015-10-28 13:52:39

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#18 2015-11-04 11:45:54

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#19 2015-11-04 11:57:39

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#20 2015-12-07 15:42:50

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#21 2016-10-09 23:21:59

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

#22 2016-10-11 07:50:39

Re: Can PM3 read & write MIFARE Desfire® EV1 4K

Board footer