Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Hi Iceman,
I noticed after the sectors write successfully, the chinese card GEN1 is reporting different SAK number. 88 [2] instead of 08 [2].
Card type also have changed from NXP MIFARE CLASSIC 1k | Plus 2k SL1 to Infineon MIFARE CLASSIC 1K.
have tested the clone card and it works successfully. Are these normal?
I used following command to change the UID --> hf mf csetblk 0 90AB7926648804000000000000000000
Last edited by earlneo (2016-10-19 15:20:11)
Offline
just write the SAK byte to what you want and bob's your uncle.
Offline
Hi Iceman,
I know the question is silly, but why the original card is detected as SAK 08 even the SAK byte is 88?
data : 90 AB 79 26 64 88 04 00 00 00 00 00 00 00 00 00
Offline
most likely because it doesn't read the sak from block 0
Offline
ok. thanks
Offline
Hello,
I see you have one of the infineon's mifare classic tag.
For a complete answer, here it is :
- We are talking about Infineon tag which does _ONLY_ Mifare 1k classic,with* / or * whithout emulation, vulnerable to darkside _OR_NOT_ depending on year of the tag
- It has two property
-- 1. The UID of the Tag is ENCARVED in the metalic par of the badge, but written BACKWARD (little-endian VS big endian like)
------ Edit : 1 is Confirmed not to be compulsary but more deployed with such tags
-- 2. The SAK is reported to be 0x08, but block 0 alway is 0x88
the second property is an important part : Infineon through Hexact/Cogeco's centrals, maybe also other centrals, provide with their software a way of "cloning" some of their badge, but also to be "aware" if such cloning has been made if it was not by the Access Central itself.
Still, the rules in regards to the apearance of a clone, (detected by the 0x88), the rules are up to the Administrator but usually the result a Silent Alarm. So please beware of this possibility.
If you are not in the case of such central and/or tag, then it is spurious. All I can say is that such implementation is now common, AND is 100%certain with the described tags.
Edit : got the whole info on the tags you are manipulating. Made a warning on every post I found, with _strong_ invitation on editing your posts.
Last edited by cjbrigato (2016-10-15 10:52:23)
Offline
earlneo, plese review as quick as possible the other post which might be related to your experiment.
Add : To add to the story, remember that is these tag are cloned and used, you have strictly _NO_ way to avoid the silent alarm :
original tag is SAK 08 with BLOCK0-SAK88
clone tag is eiher SAK88 with BLOCK0-SAK88 -> Clone
or is SAK08 with correspondance in block0-sak08 -> Clone
Chinese UID magic cards doesnt _not_ reproduce such behavior, unless you got manufacturer test special ones under your arm, which for sure you don't have.
Last edited by cjbrigato (2016-10-15 11:18:02)
Offline
thanks cj. i have removed all the codes.
Offline