Proxmark3 community
Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Announcement
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Pages: 1
#1 2018-01-09 19:16:00
- Danz
- Contributor
- From: Dubai
- Registered: 2015-10-24
- Posts: 98
New NXP mifare S50 hardened
Hello everyone,
New cards from nxp doesn't have any known keys (not even one on the common ones), darkside and nested wont work.
Is nonce bruteforce is the way to go or have to get sniffing to get keys from reader ?
Thanks,
Offline
#2 2018-01-09 19:21:10
- iceman
- Administrator
- Registered: 2013-04-25
- Posts: 9,537
- Website
Re: New NXP mifare S50 hardened
easiest to sniff. Not sure how you were going to bruteforce a nonce. Would you care to elaborate?
Offline
#3 2018-01-10 14:16:10
- piwi
- Contributor
- Registered: 2013-06-04
- Posts: 704
Re: New NXP mifare S50 hardened
Hello everyone,
New cards from nxp doesn't have any known keys (not even one on the common ones), darkside and nested wont work.
Can you please elaborate? What type of cards are these? Without known keys they would be quite useless because nobody would be able to write anything to them.
Offline
#4 2018-01-23 18:12:21
- xiaojin1985
- Contributor
- From: China
- Registered: 2017-12-21
- Posts: 27
Re: New NXP mifare S50 hardened
I have the same card with fully encoded sectors........and there is NO WAY to sniff.....
Offline
#5 2018-01-23 18:21:48
- iceman
- Administrator
- Registered: 2013-04-25
- Posts: 9,537
- Website
Re: New NXP mifare S50 hardened
Please explain why you can't sniff traffic between reader & card?
Offline
#6 2018-01-23 19:58:57
- Danz
- Contributor
- From: Dubai
- Registered: 2015-10-24
- Posts: 98
Re: New NXP mifare S50 hardened
For me, software issue, I just crack it with chameleonmini then bruteforced the other keys out .. I am sure sniff the decrypt will do the same for proxmark as chameleonmini did 
Offline
#7 2018-01-23 20:08:00
- iceman
- Administrator
- Registered: 2013-04-25
- Posts: 9,537
- Website
Re: New NXP mifare S50 hardened
PM3 can get a key quite fast from simulation x, but sniffing requires knowledge on what data to use for in mfkey32.
well, not if you use the "hf mf sniff" that one will also find it. However I removed that command from the fork, still exists in offical pm3.
Chameleon mini makes that process a bit smoother. @danz, which device do you have?
Offline
#8 2018-01-25 17:49:07
- xiaojin1985
- Contributor
- From: China
- Registered: 2017-12-21
- Posts: 27
Re: New NXP mifare S50 hardened
Please explain why you can't sniff traffic between reader & card?
My staff-id card is linked with some restricted area,if I do sniffering,the security guard may arrest me...
Offline
#9 2018-01-25 17:52:12
- xiaojin1985
- Contributor
- From: China
- Registered: 2017-12-21
- Posts: 27
Re: New NXP mifare S50 hardened
and there is a monitor above any card-reader...I want backup my card data,but no way....
Offline
#10 2018-01-25 20:31:17
- piwi
- Contributor
- Registered: 2013-06-04
- Posts: 704
Re: New NXP mifare S50 hardened
You should always have a printout of your management approval for the penetration test.
Offline
#11 2018-01-28 00:07:25
- Danz
- Contributor
- From: Dubai
- Registered: 2015-10-24
- Posts: 98
Re: New NXP mifare S50 hardened
@iceman I have rdv2 and for chameleonmini .. got RevE and official ReveG.
Incase you need to run some tests let me know
Offline
#12 2018-01-28 00:11:33
- iceman
- Administrator
- Registered: 2013-04-25
- Posts: 9,537
- Website
Re: New NXP mifare S50 hardened
That would be outside of the purpose of this thread. However revg and the new gui would be nice if you tested
Offline
Pages: 1