logo

Knowledge Is Power

 
 

- Reinit des nouveaux posts -

- Recherche -

Messages Privés - Derniers posts
S'enregistrer - Login - Liste des membres
Vous logger : Login Pass

Challenges >> Besoin d'aide pour duplication Mifare Mini 0.3 K ... Newtopic | Reply
poster txt
skappy
Inscrit le 19-06-2015
Posté le 05-07-2016 09:48

Salut à tous,

Voilà ce qui m'amène ... J'étais l'heureux propriétaire d'un Proxmark 3, lequel m'a permi de dupliquer avec succès une carte mifare mini 0.3 K . Tout était parfait jusqu'à ce qu'un foutu brin de soudure vienne court circuiter l'engin ... resultat , PM3 HS . Aussi je cherche désormais à dupliquer cette même carte avec un ACR122U..... Je possède toutes les clés A & B necessaires,elles sont rassemblées dans un fichier keys.txt ... J'ai ensuite suivi le 'protocole' habituel, à savoir dump de la carte magique chinoise (déjà flashé par le PM3, je veux ré-ecrire dessus) puis dump de la carte originale, tout se déroule correctement :
Voici le déroulé des operations :

skappy@skappy-portable:~/Téléchargements$ mfoc -f keys.txt -O chine.mfd

The custom key 0xA0A1A2A3A4A5 has been added to the default keys
The custom key 0xB4C132439EEF has been added to the default keys
The custom key 0xA2ED01B6221A has been added to the default keys
The custom key 0xAABF2FAC83B2 has been added to the default keys
The custom key 0x008A92A439D0 has been added to the default keys
The custom key 0x2874320169D2 has been added to the default keys
The custom key 0x498D1A3C87F6 has been added to the default keys
The custom key 0xF1DEB8890D3D has been added to the default keys
The custom key 0x9A85ECBCEF6F has been added to the default keys
The custom key 0xEB808CD8766E has been added to the default keys
Found Mifare Classic Mini tag
ISO/IEC 14443A (106 kbps) target:
ATQA (SENS_RES): 00 04
* UID size: single
* bit frame anticollision supported
UID (NFCID1): ab ff 5b 93
SAK (SEL_RES): 09
* Not compliant with ISO/IEC 14443-4
* Not compliant with ISO/IEC 18092

Fingerprinting based on MIFARE type Identification Procedure:
* MIFARE Mini 0.3K
* SmartMX with MIFARE 1K emulation
Other possible matches based on ATQA & SAK values:

Try to authenticate to all sectors with default keys...
Symbols: '.' no key found, '/' A key found, '\' B key found, 'x' both keys found
[Key: a0a1a2a3a4a5] -> [/....]
[Key: b4c132439eef] -> [x....]
[Key: a2ed01b6221a] -> [x/...]
[Key: aabf2fac83b2] -> [xx...]
[Key: 008a92a439d0] -> [xx/..]
[Key: 2874320169d2] -> [xxx..]
[Key: 498d1a3c87f6] -> [xxx/.]
[Key: f1deb8890d3d] -> [xxxx.]
[Key: 9a85ecbcef6f] -> [xxxx/]
[Key: eb808cd8766e] -> [xxxxx]
[Key: ffffffffffff] -> [xxxxx]
[Key: a0a1a2a3a4a5] -> [xxxxx]
[Key: d3f7d3f7d3f7] -> [xxxxx]
[Key: 000000000000] -> [xxxxx]
[Key: b0b1b2b3b4b5] -> [xxxxx]
[Key: 4d3a99c351dd] -> [xxxxx]
[Key: 1a982c7e459a] -> [xxxxx]
[Key: aabbccddeeff] -> [xxxxx]
[Key: 714c5c886e97] -> [xxxxx]
[Key: 587ee5f9350f] -> [xxxxx]
[Key: a0478cc39091] -> [xxxxx]
[Key: 533cb6c723f6] -> [xxxxx]
[Key: 8fd0a4f256e9] -> [xxxxx]

Sector 00 - Found Key A: a0a1a2a3a4a5 Found Key B: b4c132439eef
Sector 01 - Found Key A: a2ed01b6221a Found Key B: aabf2fac83b2
Sector 02 - Found Key A: 008a92a439d0 Found Key B: 2874320169d2
Sector 03 - Found Key A: 498d1a3c87f6 Found Key B: f1deb8890d3d
Sector 04 - Found Key A: 9a85ecbcef6f Found Key B: eb808cd8766e

We have all sectors encrypted with the default keys..

Auth with all sectors succeeded, dumping keys to a file!
Block 19, type A, key 9a85ecbcef6f :00 00 00 00 00 00 78 77 88 00 00 00 00 00 00 00
Block 18, type A, key 9a85ecbcef6f :55 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Block 17, type A, key 9a85ecbcef6f :00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01
Block 16, type A, key 9a85ecbcef6f :00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Block 15, type A, key 498d1a3c87f6 :00 00 00 00 00 00 78 77 88 00 00 00 00 00 00 00
Block 14, type A, key 498d1a3c87f6 :55 33 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Block 13, type A, key 498d1a3c87f6 :00 00 00 00 00 00 00 06 00 00 00 00 00 00 06 33
Block 12, type A, key 498d1a3c87f6 :00 00 00 00 00 00 00 05 00 00 00 00 00 00 05 32
Block 11, type A, key 008a92a439d0 :00 00 00 00 00 00 78 77 88 10 00 00 00 00 00 00
Block 10, type A, key 008a92a439d0 :aa a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Block 09, type A, key 008a92a439d0 :00 cd 00 cd 00 00 00 1e 69 00 00 00 00 00 00 9f
Block 08, type A, key 008a92a439d0 :00 37 00 37 00 00 00 1e 69 00 00 00 00 00 00 a0
Block 07, type A, key a2ed01b6221a :00 00 00 00 00 00 78 77 88 07 00 00 00 00 00 00
Block 06, type A, key a2ed01b6221a :aa 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Block 05, type A, key a2ed01b6221a :01 00 00 01 00 00 80 01 00 01 00 00 00 00 80 01
Block 04, type A, key a2ed01b6221a :0d 00 00 8d 37 e5 80 60 00 60 00 00 00 00 d2 02
Block 03, type A, key a0a1a2a3a4a5 :00 00 00 00 00 00 78 77 88 c1 00 00 00 00 00 00
Block 02, type A, key a0a1a2a3a4a5 :00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Block 01, type A, key a0a1a2a3a4a5 :62 00 48 88 49 88 4a 88 4b 88 00 00 00 00 00 00
Block 00, type A, key a0a1a2a3a4a5 :ab ff 5b 93 9c 09 04 00 c2 43 00 00 00 00 00 14

skappy@skappy-portable:~/Téléchargements$ mfoc -f keys.txt -O originale.mfd

The custom key 0xA0A1A2A3A4A5 has been added to the default keys
The custom key 0xB4C132439EEF has been added to the default keys
The custom key 0xA2ED01B6221A has been added to the default keys
The custom key 0xAABF2FAC83B2 has been added to the default keys
The custom key 0x008A92A439D0 has been added to the default keys
The custom key 0x2874320169D2 has been added to the default keys
The custom key 0x498D1A3C87F6 has been added to the default keys
The custom key 0xF1DEB8890D3D has been added to the default keys
The custom key 0x9A85ECBCEF6F has been added to the default keys
The custom key 0xEB808CD8766E has been added to the default keys
Found Mifare Classic Mini tag
ISO/IEC 14443A (106 kbps) target:
ATQA (SENS_RES): 00 04
* UID size: single
* bit frame anticollision supported
UID (NFCID1): ab ff 5b 93
SAK (SEL_RES): 09
* Not compliant with ISO/IEC 14443-4
* Not compliant with ISO/IEC 18092

Fingerprinting based on MIFARE type Identification Procedure:
* MIFARE Mini 0.3K
* SmartMX with MIFARE 1K emulation
Other possible matches based on ATQA & SAK values:

Try to authenticate to all sectors with default keys...
Symbols: '.' no key found, '/' A key found, '\' B key found, 'x' both keys found
[Key: a0a1a2a3a4a5] -> [/....]
[Key: b4c132439eef] -> [x....]
[Key: a2ed01b6221a] -> [x/...]
[Key: aabf2fac83b2] -> [xx...]
[Key: 008a92a439d0] -> [xx/..]
[Key: 2874320169d2] -> [xxx..]
[Key: 498d1a3c87f6] -> [xxx/.]
[Key: f1deb8890d3d] -> [xxxx.]
[Key: 9a85ecbcef6f] -> [xxxx/]
[Key: eb808cd8766e] -> [xxxxx]
[Key: ffffffffffff] -> [xxxxx]
[Key: a0a1a2a3a4a5] -> [xxxxx]
[Key: d3f7d3f7d3f7] -> [xxxxx]
[Key: 000000000000] -> [xxxxx]
[Key: b0b1b2b3b4b5] -> [xxxxx]
[Key: 4d3a99c351dd] -> [xxxxx]
[Key: 1a982c7e459a] -> [xxxxx]
[Key: aabbccddeeff] -> [xxxxx]
[Key: 714c5c886e97] -> [xxxxx]
[Key: 587ee5f9350f] -> [xxxxx]
[Key: a0478cc39091] -> [xxxxx]
[Key: 533cb6c723f6] -> [xxxxx]
[Key: 8fd0a4f256e9] -> [xxxxx]

Sector 00 - Found Key A: a0a1a2a3a4a5 Found Key B: b4c132439eef
Sector 01 - Found Key A: a2ed01b6221a Found Key B: aabf2fac83b2
Sector 02 - Found Key A: 008a92a439d0 Found Key B: 2874320169d2
Sector 03 - Found Key A: 498d1a3c87f6 Found Key B: f1deb8890d3d
Sector 04 - Found Key A: 9a85ecbcef6f Found Key B: eb808cd8766e

We have all sectors encrypted with the default keys..

Auth with all sectors succeeded, dumping keys to a file!
Block 19, type A, key 9a85ecbcef6f :00 00 00 00 00 00 78 77 88 00 00 00 00 00 00 00
Block 18, type A, key 9a85ecbcef6f :55 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Block 17, type A, key 9a85ecbcef6f :00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01
Block 16, type A, key 9a85ecbcef6f :00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Block 15, type A, key 498d1a3c87f6 :00 00 00 00 00 00 78 77 88 00 00 00 00 00 00 00
Block 14, type A, key 498d1a3c87f6 :aa 32 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Block 13, type A, key 498d1a3c87f6 :00 00 00 00 00 00 00 04 00 00 00 00 00 00 04 31
Block 12, type A, key 498d1a3c87f6 :00 00 00 00 00 00 00 05 00 00 00 00 00 00 05 32
Block 11, type A, key 008a92a439d0 :00 00 00 00 00 00 78 77 88 10 00 00 00 00 00 00
Block 10, type A, key 008a92a439d0 :55 97 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Block 09, type A, key 008a92a439d0 :00 f3 02 f1 00 00 00 1c 6b 00 00 00 00 00 00 97
Block 08, type A, key 008a92a439d0 :00 df 02 dd 00 00 00 1c 6b 00 00 00 00 00 00 96
Block 07, type A, key a2ed01b6221a :00 00 00 00 00 00 78 77 88 07 00 00 00 00 00 00
Block 06, type A, key a2ed01b6221a :aa 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Block 05, type A, key a2ed01b6221a :01 00 00 01 00 00 80 01 00 01 00 00 00 00 80 01
Block 04, type A, key a2ed01b6221a :0d 00 00 8d 37 e5 80 60 00 60 00 00 00 00 d2 02
Block 03, type A, key a0a1a2a3a4a5 :00 00 00 00 00 00 78 77 88 c1 00 00 00 00 00 00
Block 02, type A, key a0a1a2a3a4a5 :00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Block 01, type A, key a0a1a2a3a4a5 :62 00 48 88 49 88 4a 88 4b 88 00 00 00 00 00 00
Block 00, type A, key a0a1a2a3a4a5 :ab ff 5b 93 9c 89 04 00 c2 43 00 00 00 00 00 14

et au moment d'écrire sur la carte chinoise via nfc-mfclassic,

skappy@skappy-portable:~/Téléchargements$ sudo nfc-mfclassic W X originale.mfd chine.mfd
NFC reader: ACS / ACR122U PICC Interface opened
Found MIFARE Classic card:
ISO/IEC 14443A (106 kbps) target:
ATQA (SENS_RES): 00 04
UID (NFCID1): ab ff 5b 93
SAK (SEL_RES): 09
Guessing size: seems to be a 320-byte card
Could not read keys file: chine.mfd
skappy@skappy-portable:~/Téléchargements$

Je ne comprends pas le message d'erreur, tous les fichiers .dmp sont dans le même répertoire ... j'ai testé plusieurs synthaxe pour nfc-mfclassic , x, X, w, W...)
Pourriez vous m'indiquer ou ça coince s'il vous plait ?

Je vous remercie beaucoup
Excellente journée
profil | edit | quote
dudeOo
Inscrit le 08-07-2016
Posté le 08-07-2016 15:59

Salut skappy,

Quelle version de nfclib et mfoc utilises-tu ? As-tu essayé de remplacer x par a ou b :
- nfc-mfclassic w a originale.mfd chine.mfd
Si ta puce ne permet pas le rewriting UID
- nfc-mfclassic W A originale.mfd chine.mfd
Si ta puce le permet
profil | edit | quote
khaliloo
Inscrit le 24-06-2016
Posté le 11-07-2016 17:28

j'ai eu un pb avec mfoc et les cartes en 0.3k ...
Mes dump était tronqués, j'ai du compléter à la main avec la sortie de la console.

Vérifie le contenu de tes dump avec un éditeur hexa.
profil | edit | quote
Newtopic | Reply

Online : eptujuedoop, igayofeiju, osavibeloiehi, piguzowa, spalayamonatu, ukuriis et 72 Guests


Retour Index NewFFR Repository : http://taz.newffr.com
Cagades à Stick : http://alcane.newffr.com
Forum HTML et Archive -> ici
ForumFR Sql/Xml (2006/04) (SF pas à jour du tout...) - Alive since 2001 Newffr.com
Pour toute plainte ou problème -> Contacter Borax, Hyatus, Tweakie ou Stick par message privé (ou Gueulez sur le forum :) )
Retour haut de page