Proxmark3 community
Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Announcement
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Pages: 1
#1 2019-03-14 13:04:54
- sher96
- Contributor
- Registered: 2019-03-06
- Posts: 12
distributor coffee key problem PM3
I'm trying to read all the keys of a coffee dispenser key (mifage kay), I have an easy proxmark3 and it doesn't find any key for the attack, even the dice that the attack is not vulnerable, these are the results achieved.
Prox/RFID mark3 RFID instrument
bootrom: master/v3.1.0-70-g1338d24-suspect 2019-03-04 13:25:10
os: master/v3.1.0-70-g1338d24-suspect 2019-03-04 13:25:13
fpga_lf.bit built for 2s30vq100 on 2015/03/06 at 07:38:04
fpga_hf.bit built for 2s30vq100 on 2019/02/15 at 20:40:32
SmartCard Slot: not available
uC: AT91SAM7S512 Rev B
Embedded Processor: ARM7TDMI
Nonvolatile Program Memory Size: 512K bytes. Used: 205228 bytes (39%). Free: 319060 bytes (61%).
Second Nonvolatile Program Memory Size: None
Internal SRAM Size: 64K bytes
Architecture Identifier: AT91SAM7Sxx Series
Nonvolatile Program Memory Type: Embedded Flash Memory
proxmark3> hf se
UID : ad 80 11 96
ATQA : 00 04
SAK : 08 [2]
TYPE : NXP MIFARE CLASSIC 1k | Plus 2k SL1
proprietary non iso14443-4 card found, RATS not supported
No chinese magic backdoor command detected
Prng detection: HARDENED (hardnested)
Valid ISO14443A Tag Found - Quiting Search
proxmark3> hf mf chk *1 ? t
--chk keys. sectors:16, block no: 0, key type:B, eml:y, dmp=n checktimeout=471 us
No key specified, trying default keys
chk default key[ 0] ffffffffffff
chk default key[ 1] 000000000000
chk default key[ 2] a0a1a2a3a4a5
chk default key[ 3] b0b1b2b3b4b5
chk default key[ 4] aabbccddeeff
chk default key[ 5] 1a2b3c4d5e6f
chk default key[ 6] 123456789abc
chk default key[ 7] 010203040506
chk default key[ 8] 123456abcdef
chk default key[ 9] abcdef123456
chk default key[10] 4d3a99c351dd
chk default key[11] 1a982c7e459a
chk default key[12] d3f7d3f7d3f7
chk default key[13] 714c5c886e97
chk default key[14] 587ee5f9350f
chk default key[15] a0478cc39091
chk default key[16] 533cb6c723f6
chk default key[17] 8fd0a4f256e9
To cancel this operation press the button on the proxmark...
--#db# ChkKeys: Can't select card (UID) lvl=1
#db# ChkKeys: Can't select card
#db# ChkKeys: Can't select card
#db# ChkKeys: Can't select card (UID) lvl=1
#db# ChkKeys: Can't select card (UID) lvl=1
#db# ChkKeys: Can't select card
#db# ChkKeys: Can't select card (UID) lvl=1
#db# ChkKeys: Can't select card (UID) lvl=1
#db# ChkKeys: Can't select card (UID) lvl=1
#db# ChkKeys: Can't select card (UID) lvl=1
#db# ChkKeys: Can't select card
#db# ChkKeys: Can't select card
.
No valid keys found.
Found keys have been transferred to the emulator memory
proxmark3> hf mf mifare
-------------------------------------------------------------------------
Executing command. Expected execution time: 25sec on average
Press button on the proxmark3 device to abort both proxmark3 and client.
-------------------------------------------------------------------------
..Card is not vulnerable to Darkside attack (its random number generator is not predictable).
WHAT AM I DOING WRONG ?
Offline
#2 2019-03-14 13:12:05
- marshmellow
- Contributor
- From: US
- Registered: 2013-06-10
- Posts: 2,302
Re: distributor coffee key problem PM3
You're not reading the results. Your tag doesn't contain any known keys so it is not vulnerable to a nested attack, and it is hardened so it is not vulnerable to a darkside attack... only one attack path left. Happy hunting.
Last edited by marshmellow (2019-03-14 13:51:44)
Offline
#3 2019-03-14 13:14:57
- iceman
- Administrator
- Registered: 2013-04-25
- Posts: 9,537
- Website
Re: distributor coffee key problem PM3
Don't spam forum with redundant posts.
Offline
#4 2019-03-16 15:12:22
- sher96
- Contributor
- Registered: 2019-03-06
- Posts: 12
Re: distributor coffee key problem PM3
sorry I couldn't get rid of the old post.
since the darkside doesn't work, what procedure should I use to find the codes? , I'm using mifare mobile tool to find sector 1 but can't find it, I stay without even 1 code found, I don't know how to move
Offline
#5 2019-03-16 22:43:25
- Petrolhead
- Contributor
- Registered: 2019-01-24
- Posts: 22
Re: distributor coffee key problem PM3
sher96:
What are you babling about, android, sector 1.
You need a key to read sectors. no key no read!
Please read the forum, marshmellow gave you a good tip (get more keys to try read or sniff) please dont ask about these tips before trying to search the forum.
Offline
#6 2019-03-18 19:04:19
- sher96
- Contributor
- Registered: 2019-03-06
- Posts: 12
Re: distributor coffee key problem PM3
1 key I found it through MCT Android tool, but even if I insert the key found it tells me that it is not vulnerable, what should I deal with all this?
proxmark3> hf mf nested 1 0 B DA95DEF51953
--nested. sectors:16, block no: 0, key type:B, eml:n, dmp=n checktimeout=471 us
Testing known keys. Sector count=16
#db# ChkKeys: Can't select card (UID) lvl=1
#db# ChkKeys: Can't select card (UID) lvl=1
#db# ChkKeys: Can't select card (UID) lvl=1
#db# ChkKeys: Can't select card (UID) lvl=1
nested...
-----------------------------------------------
#db# Authentication failed. Error card response.
#db# Nested: Auth1 error
#db# Nested: Can't select card
#db# Authentication failed. Card timeout.
#db# Nested: Auth2 error
Tag isn't vulnerable to Nested Attack (random numbers are not predictable).
here it tells me that it is not vulnerable even having a key (I have 6 of them, only that entry is in sector 0, but none of these works to proceed with the attack)
Offline
Pages: 1