Card not vulnerable

MaBi · 2017-03-11 12:50:51

Hi
I'm trying to hack a card but result it's not what I aspected.
I have flashed SW v2.2.0 on my Proxmark3 rdv2:

[[[ Cached information ]]]
Prox/RFID mark3 RFID instrument          
bootrom: /-suspect 2015-08-16 18:49:55
os: /-suspect 2015-08-16 18:50:03
LF FPGA image built for 2s30vq100 on 2015/03/06 at 07:38:04
HF FPGA image built for 2s30vq100 on 2015/06/22 at 21:47:54
uC: AT91SAM7S512 Rev B          
Embedded Processor: ARM7TDMI          
Nonvolatile Program Memory Size: 512K bytes. Used: 166521 bytes (32%). Free: 357767 bytes (68%).          
Second Nonvolatile Program Memory Size: None          
Internal SRAM Size: 64K bytes          
Architecture Identifier: AT91SAM7Sxx Series          
Nonvolatile Program Memory Type: Embedded Flash Memory

This is my hw tune output:

Measuring antenna characteristics, please wait...#db# DownloadFPGA(len: 42096)                 
......#db# DownloadFPGA(len: 42096)                 
.          
# LF antenna: 46.06 V @   125.00 kHz          
# LF antenna: 20.49 V @   134.00 kHz          
# LF optimal: 46.75 V @   123.71 kHz          
# HF antenna: 30.13 V @    13.56 MHz

Card is a MIFARE Classic 1k:

 UID : 8b 3a 5b 1d           
ATQA : 00 04          
 SAK : 08 [2]          
TYPE : NXP MIFARE CLASSIC 1k | Plus 2k SL1          
proprietary non iso14443-4 card found, RATS not supported          
Answers to chinese magic backdoor commands: NO

The only good result is a key found with "Test Block Keys" command. So I have one key:

--sector: 0, block:  3, key type:A, key count:13           
Found valid key:[a0a1a2a3a4a5]

Now, if I try a Darkside attack I obtain the output "Card is not vulnerable to Darkside attack (its random number generator is not predictable)." and similar with a Nested attack: "Tag isn't vulnerable to Nested Attack".

What could I do?
Thanks

MaBi · 2017-03-13 23:17:43

What are steps to use the "hardnested" attack ?
I have read many posts where it seems easy but I can't launch command.
If I try something like this:

hf mf hardnested 0 A a0a1a2a3a4a5 44 B w

I receive only the help with commands listed.

I don't understand. Is it a software version problem ?

iceman · 2017-03-14 08:13:49

Does the "hardnested" command show in that list of commands? if not, then you have your answer to your question.

piwi · 2017-03-14 08:28:46

Your software version 2.2.0 doesn't include the hf mf hardnested command. You have the following options:

download one of the newer precompiled binaries (see http://www.proxmark.org/forum/viewtopic … 586#p26586)
download the source code from github (my hardnested branch or iceman's fork) and compile it yourself

MaBi · 2017-03-14 23:25:37

Thank you very much. Now I know why I couldn't use it.
Unfortunately I have problems with both options...
Precompiled binaries crash and I can't compile source code of your hardnested branch.

ntk · 2017-03-15 02:58:06

you can either use proxspace or minGW build environment to compile the SW .... there is detailed instruction to setup somewhere on the forum.

MaBi · 2017-03-21 23:38:03

Now I can compile correctly source code. I have a valid ProxSpace with Qt v4.6.2 and miniGW v5.3.0.
I don't get any compiling errors but every time I try to lunch my new compiled sw it crashes again.
I have tried both version (piwi and iceman 1.7.0, 1.6.8, ...)

I have flashed bootrom and fullimage files correctly on device. With an old client version (pm3-bin-2.2.0) I can verify it

iceman · 2017-03-22 06:03:22

Regard: sw crash.
There is little to go with when all you say "it crashes again". You need to supply more information if you expect anyone to help out.
Start a new thread regarding this crash in relevant category, but search the forum first to see if its already been answered.

MaBi · 2017-03-23 23:04:00

Crash is due to two missing files in output folder (client): QtCore4.dll and QtGui4.dll.
But there is no difference if I add them in the folder and lunch proxmark3 again.
With JIT Debugger and VS I obtain that error code is 0xC0000005.
In another post I have read that I need probabily to recompile Qt4. Unfortunately I'm using ProxSpace by gator where Qt is "light" version and links in the post are broken...

Is this the correct way?
Thanks

iceman · 2017-03-24 03:20:38

download a build env / or setut it up yourself, pull latest sourcecode, recompile, and you should be good to go.

MaBi · 2017-03-29 22:01:35

Is there a list of commands where I can find more informations about syntax and parameters ?
I have found Wiki list but I'm looking for hf mf hardnested or hf mf chk *4 (iceman fork) for example.

Thanks

iceman · 2017-03-29 22:22:47

many commands has a help text nowdays with h parameter.

hf mf gives some help
hf mf hardnest h gives some more help

You find Iceman fork command set here http://www.icedev.se/pm3cmds.aspx

Proxmark3 community

Announcement

#1 2017-03-11 12:50:51

Card not vulnerable

#2 2017-03-13 23:17:43

Re: Card not vulnerable

#3 2017-03-14 08:13:49

Re: Card not vulnerable

#4 2017-03-14 08:28:46

Re: Card not vulnerable

#5 2017-03-14 23:25:37

Re: Card not vulnerable

#6 2017-03-15 02:58:06

Re: Card not vulnerable

#7 2017-03-21 23:38:03

Re: Card not vulnerable

#8 2017-03-22 06:03:22

Re: Card not vulnerable

#9 2017-03-23 23:04:00

Re: Card not vulnerable

#10 2017-03-24 03:20:38

Re: Card not vulnerable

#11 2017-03-29 22:01:35

Re: Card not vulnerable

#12 2017-03-29 22:22:47

Re: Card not vulnerable

Board footer