Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2016-03-04 08:57:49

firebell
Member
Registered: 2016-03-04
Posts: 2

key32/64 with mifare simulation

hi, this is my first post on this great forum. I have a little issue with my test.
I trying to recover a key from my reader with chip PN533 and nfc-tool on proxmark I use mifare simulation.

My client is linux 64 bit:

nfc-mfclassic r A mifare_test.mfd

and I got:

NFC reader: SCM Micro / SCL3711-NFC&RW opened
Found MIFARE Classic card:
ISO/IEC 14443A (106 kbps) target:
    ATQA (SENS_RES): 00  04  
       UID (NFCID1): 2a  8a  ec  b2  
      SAK (SEL_RES): 08  
Guessing size: seems to be a 1024-byte card
Reading out 64 blocks |nfc_initiator_transceive_bytes: Mifare Authentication Failed
nfc_initiator_transceive_bytes: Mifare Authentication Failed
nfc_initiator_transceive_bytes: Mifare Authentication Failed
nfc_initiator_transceive_bytes: Mifare Authentication Failed
nfc_initiator_transceive_bytes: Mifare Authentication Failed
nfc_initiator_transceive_bytes: Mifare Authentication Failed
nfc_initiator_transceive_bytes: Mifare Authentication Failed
nfc_initiator_transceive_bytes: Mifare Authentication Failed
nfc_initiator_transceive_bytes: Mifare Authentication Failed
!
Error: authentication failed for block 0x3f

On proxmark I use this command:

proxmark3> hf mf sim u 2a8aecb2 n 0 i x
 uid:2a 8a ec b2 , numreads:0, flags:11 (0x0b)           
Press pm3-button to abort simulation          
#db# 4B UID: 2a8aecb2                 

I got:

#db# AUTH FAILED for sector 15 with key A. cardRr=087c972e, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=5526252c, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=6c056ab4, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=660ecc30, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=c2d1b0ba, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=c9ac1cae, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=360eb77a, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=cdc6b3ef, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=d2dfa702, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=204d9cc8, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=c0d45444, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=ca09ebed, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=758e476d, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=8ba491fa, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=1d543fe2, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=34c55cdc, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=f0166319, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=e37d2406, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=75c6b5d8, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=128edb0c, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=fc27dbc5, succ=20f8ed56                 
#db# AUTH FAILED for sector 15 with key A. cardRr=f90a4d28, succ=20f8ed56                 
#db# Collected two pairs of AR/NR which can be used to extract keys from reader:                 
#db# ../tools/mfkey/mfkey32 2a8aecb2 01020304 df2d9ca9 a34618fe ac495dc7 6d0daf8e                 
#db# Emulator stopped. Tracing: 1  trace length: 4685                  

but when I try to execute mfkey64 with collected data I got always a wrong password and always different for each test. Why?
If I try to execute mfkey32 but doesn't work, stop to ks2 and doesn't write "Found key".

KEY A should be f11d1e155470 for sector 15
I tried to compile mfkey32 with option -m32 so it's a 32bit elf file but always stop to ks2 and doesn't write "Found key"

Have you suggestions for me?
Thank you

Offline

#2 2016-03-04 09:18:43

iceman
Administrator
Registered: 2013-04-25
Posts: 9,538
Website

Re: key32/64 with mifare simulation

Somethings the keyrecovery failes for mfkey32,  you need to collect another set of nonces. 
Using the sim x.

Offline

#3 2016-03-04 22:40:22

firebell
Member
Registered: 2016-03-04
Posts: 2

Re: key32/64 with mifare simulation

I tried about 20 times without success. I tried to run proxmark3 on windows without success. I got always wrong results.
Sure I'm using sim x from latest git

Offline

Board footer

Powered by FluxBB