Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2018-02-09 08:13:40

Charlie
Contributor
Registered: 2017-01-27
Posts: 129

[SOLVED] hard_autopwn script - attempt to call field 'read1443a

So trying to copy a mifare fob and getting stuck when I try and run the hard_autopwn script. Am i on the right track?

proxmark3> hf mf hardnested 3 A FFFFFFFFFFFF 4 a
--target block no:  4, target key type:A, known target key: 0x000000000000 (not set), file action: none, Slow: No, Tests: 0
Using AVX SIMD core.



 time    | #nonces | Activity                                                | expected to brute force
         |         |                                                         | #states         | time
------------------------------------------------------------------------------------------------------
       0 |       0 | Start using 4 threads and AVX SIMD core                 |                 |
       0 |       0 | Brute force benchmark: 234 million (2^27.8) keys/s      | 140737488355328 |    7d
       1 |       0 | Using 235 precalculated bitflip state tables            | 140737488355328 |    7d
       6 |     112 | Apply bit flip properties                               |      8999392256 |   38s
       7 |     224 | Apply bit flip properties                               |       664515968 |    3s
       8 |     335 | Apply bit flip properties                               |       606409280 |    3s
       9 |     446 | Apply bit flip properties                               |       606409280 |    3s
      10 |     557 | Apply bit flip properties                               |       548302656 |    2s
      10 |     667 | Apply bit flip properties                               |       496621312 |    2s
      11 |     777 | Apply bit flip properties                               |       353569344 |    2s
      12 |     888 | Apply bit flip properties                               |       274736640 |    1s
      13 |    1000 | Apply bit flip properties                               |       274736640 |    1s
      14 |    1111 | Apply bit flip properties                               |       274736640 |    1s
      14 |    1220 | Apply bit flip properties                               |       274736640 |    1s
      15 |    1329 | Apply bit flip properties                               |       274736640 |    1s
      17 |    1439 | Apply Sum property. Sum(a0) = 136                       |        17536420 |    0s
      17 |    1439 | (Ignoring Sum(a8) properties)                           |        17536420 |    0s
      18 |    1439 | Starting brute force...                                 |        17536420 |    0s
      18 |    1439 | Brute force phase completed. Key found: d44565083934    |               0 |    0s



proxmark3> hf mf hardnested 4 A d44565083934 4 b
--target block no:  4, target key type:B, known target key: 0x000000000000 (not set), file action: none, Slow: No, Tests: 0
Using AVX SIMD core.



 time    | #nonces | Activity                                                | expected to brute force
         |         |                                                         | #states         | time
------------------------------------------------------------------------------------------------------
       0 |       0 | Start using 4 threads and AVX SIMD core                 |                 |
       0 |       0 | Brute force benchmark: 230 million (2^27.8) keys/s      | 140737488355328 |    7d
       1 |       0 | Using 235 precalculated bitflip state tables            | 140737488355328 |    7d
       6 |     112 | Apply bit flip properties                               |    715362271232 | 52min
       7 |     224 | Apply bit flip properties                               |    418175123456 | 30min
       8 |     336 | Apply bit flip properties                               |    416504676352 | 30min
       9 |     448 | Apply bit flip properties                               |    389158567936 | 28min
      10 |     559 | Apply bit flip properties                               |    382348263424 | 28min
      11 |     671 | Apply bit flip properties                               |    382348263424 | 28min
      12 |     782 | Apply bit flip properties                               |    364511657984 | 26min
      13 |     894 | Apply bit flip properties                               |    364511657984 | 26min
      13 |    1005 | Apply bit flip properties                               |    355892789248 | 26min
      16 |    1116 | Apply Sum property. Sum(a0) = 128                       |     40830763008 |  3min
      17 |    1227 | Apply bit flip properties                               |     41199341568 |  3min
      18 |    1334 | Apply bit flip properties                               |     89560702976 |  6min
      18 |    1445 | Apply bit flip properties                               |     86784499712 |  6min
      19 |    1557 | Apply bit flip properties                               |     86897336320 |  6min
      20 |    1668 | Apply bit flip properties                               |     85424586752 |  6min
      21 |    1777 | Apply bit flip properties                               |     34266048512 |  2min
      22 |    1882 | Apply bit flip properties                               |     34263932928 |  2min
      23 |    1991 | Apply bit flip properties                               |     18216908800 |   79s
      24 |    2096 | Apply bit flip properties                               |      6521998848 |   28s
      24 |    2201 | Apply bit flip properties                               |      6521998848 |   28s
      25 |    2307 | Apply bit flip properties                               |      6521998848 |   28s
      26 |    2418 | Apply bit flip properties                               |      6521998848 |   28s
      27 |    2418 | (1. guess: Sum(a8) = 0)                                 |      6521998848 |   28s
      29 |    2418 | Apply Sum(a8) and all bytes bitflip properties          |      4434902016 |   19s
      34 |    2418 | Brute force phase completed. Key found: 8396a2abf5ca    |               0 |    0s



proxmark3> script run hard_autopwn -k d44565083934 -b -s 4
--- Executing: hard_autopwn.lua, args '-k d44565083934 -a -s 4'
C:\Github\ProxSpace\pm3\client\scripts/hard_autopwn.lua:132: attempt to call field 'read1443a' (a nil value)

-----Finished
#db# Debug level: 0
proxmark3>

Last edited by Charlie (2018-02-09 17:35:28)

Offline

#2 2018-02-09 09:58:52

iceman
Administrator
Registered: 2013-04-25
Posts: 9,538
Website

Re: [SOLVED] hard_autopwn script - attempt to call field 'read1443a

that old version of the hard_autopwn script is out-of-date.

Offline

#3 2018-02-09 16:41:11

Charlie
Contributor
Registered: 2017-01-27
Posts: 129

Re: [SOLVED] hard_autopwn script - attempt to call field 'read1443a

Thx, I got it working another way.

Offline

#4 2018-02-18 00:37:32

rfidboi
Contributor
Registered: 2017-01-31
Posts: 17

Re: [SOLVED] hard_autopwn script - attempt to call field 'read1443a

iceman wrote:

that old version of the hard_autopwn script is out-of-date.

Interesting. Do you know where I can find the latest hard_autopwn script? I only see mifare_autopwn in your git repo I cloned.

When I tried to use mifare_autopwn I get “Card is not vulnerable to Darkside attack...”. And when I tried “hf mf hard” commands, the client crashes- I get a “Killed” message soon after. I suspect the issue is I’m tunning it on a very weak device with only 512MB of ram. I’m going to try again on another machine.

Edit: I was able to successfully upgrade the firmware on my pm3.

Last edited by rfidboi (2018-02-18 02:55:34)

Offline

#5 2018-02-18 04:16:27

iceman
Administrator
Registered: 2013-04-25
Posts: 9,538
Website

Re: [SOLVED] hard_autopwn script - attempt to call field 'read1443a

512mb ram will be an issue for running 'hf mf hardnested' -  lowest recommendations is 1.5gb ram.

New hard_autopwn script is not released.

Offline

#6 2018-02-18 04:30:54

rfidboi
Contributor
Registered: 2017-01-31
Posts: 17

Re: [SOLVED] hard_autopwn script - attempt to call field 'read1443a

iceman wrote:

512mb ram will be an issue for running 'hf mf hardnested' -  lowest recommendations is 1.5gb ram.

New hard_autopwn script is not released.

Thanks. I got things running on a nee machine with much more RAM.  What’s the best way to get the latest released version of the script / what’s the best commit to sync to that’s compatible with said script? Would love to try it out! Thanks!

Offline

#7 2018-03-06 13:24:42

evin
Contributor
Registered: 2018-03-05
Posts: 4

Re: [SOLVED] hard_autopwn script - attempt to call field 'read1443a

Facing a similar issue when running hard_autopwn script. Hardnested attack works perfect, but "hard_autopwn" script seems to have an issue. I understand this is an outdated script, so any alternate methods here?

If I were to do it manually how do I save the retrieved keys from "hf mf hardnested" command and then dump data?

I get the below error -

pm3 --> sc r hard_autopwn -k ffffffffffff -s 1
[+]Executing: hard_autopwn.lua, args '-k ffffffffffff -s 1'
          
...ktop/proxmark3/proxmark3/client/scripts/hard_autopwn.lua:132: attempt to call field 'read1443a' (a nil value)
          
[+]Finished
          
#db# Debug level: 0          
pm3 --> 

I'm running this on Ubuntu 16.04 VM machine with 12 GB ram.

Last edited by evin (2018-03-06 13:27:32)

Offline

#8 2018-03-06 13:33:55

iceman
Administrator
Registered: 2013-04-25
Posts: 9,538
Website

Re: [SOLVED] hard_autopwn script - attempt to call field 'read1443a

yeah, that is an outdated script trying to run on a newer client/firmware...

Offline

#9 2019-03-04 05:48:06

ChicoChe
Contributor
Registered: 2018-10-23
Posts: 4

Re: [SOLVED] hard_autopwn script - attempt to call field 'read1443a

When is the new hard autopwn script being released?

Offline

Board footer

Powered by FluxBB