Proxmark3 community
Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Announcement
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Pages: 1
#1 2017-03-28 05:09:30
- samburner3
- Contributor
- From: Sydney AUS
- Registered: 2015-03-01
- Posts: 51
HF MF Restore does not write keys.
I have added a comment here (https://github.com/Proxmark/proxmark3/issues/201) but thought I'd post here for help / thoughts.
Currently when I have dumped a cracked card using nested etc, and I have the entire dumpdata file (including keys ie. exact copy of original cloned card) and I use hd mf restore, it restores the data as on the original, however it does not put on the original keys. It inserts the default F keys...
My idea of how it should work:
1. When you do a hf mf restore, it should use the dumpkeys file to ACCESS the card to be written to (I think it does?)
2. The card is restored EXACTLY as dumpdata (including keys in dump data).
This photo is comparing two dumps, the original on the right, and the clone on the left after using hf mf restore. As you can see hf mf restore has just inserted default F keys not the original keys as in the dumpfile.
As you can see I have to go back and set all the keys on the clone manually to be the same as the original.
Is there a way to get the exact contents of dumpdata onto the card?
Is there a script or something?
Offline
#2 2017-03-28 07:21:51
- piwi
- Contributor
- Registered: 2013-06-04
- Posts: 704
Re: HF MF Restore does not write keys.
proxmark3> hf mf help
help This help
dbg Set default debug mode
rdbl Read MIFARE classic block
rdsc Read MIFARE classic sector
dump Dump MIFARE classic tag to binary file
restore Restore MIFARE classic binary file to BLANK tagNote the "BLANK" in capital letters.
Therefore the answer to your first question is a No. It uses the default key ffffffffffff to access the card. And I have answered on https://github.com/Proxmark/proxmark3/issues/201 why it isn't a good idea to try to restore to non-blank cards.
Offline
#3 2017-03-28 07:41:53
- iceman
- Administrator
- Registered: 2013-04-25
- Posts: 9,502
- Website
Re: HF MF Restore does not write keys.
The hf mf cload is used to restore dumps onto magic generation1 tags. It behavies differently.
Some users seems to miss this command and use hf mf restore on their magic tags.
Offline
#4 2017-03-28 07:57:21
- piwi
- Contributor
- Registered: 2013-06-04
- Posts: 704
Re: HF MF Restore does not write keys.
I forgot to answer the second question: No, keys are restored from dumpkeys.bin.
Offline
#5 2017-03-28 08:36:06
- iceman
- Administrator
- Registered: 2013-04-25
- Posts: 9,502
- Website
Re: HF MF Restore does not write keys.
I would say yes to the first question and no to the second.
Yes, there is way to get the exact contents of dumpdata onto the card by making your own write commands. Not the answer you were looking for but its quite easy.
No, there is no script or something implemented in the current PM3 master. You can very easily make a lua script yourself to write data from a file to the card in the way you want it. For reference take a look at dump scripts works, and think that you would need to write instead.
core.console("hf mf wrbl "..blk.." "..keytype.." "..key.." "..data)I'm looking forward to see you enhanced restore-script!
Offline
Pages: 1