Proxmark3 developers community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

#1 2017-11-07 21:40:19

joshb
Contributor
Registered: 2017-11-07
Posts: 2

Need Help Simulating Campus ID

I am working on a project that involves simulating a campus ID.

We are able to use hf search to get the following information:

https://imgur.com/a/1C6QE

We are trying

hf mf sim as well as hf 14a sim to attempt to simulate the card. We are getting no error codes, but we are also not getting any response from the card reader.

We were able to snoop the card, but we are unsure of what to do with this information.

If anyone has some gentle guidance, it would be appreciated!

Last edited by joshb (2017-11-07 21:44:46)

Offline

#2 2017-11-07 22:55:19

iceman
Administrator
Registered: 2013-04-25
Posts: 6,654
Website

Re: Need Help Simulating Campus ID

Well, post traces so ppl can look into it.

questions like,  is the UID only used for identifcation?  Then I belive there is a "hf 14a sim t" type for desfire.
but its usually not that way.   Then look at what the reader tries to ask the card..  ie your sniffed traffic.


If you feel the love,  https://www.patreon.com/iceman1001

modhex(hkhehghthbhudcfcdchkigiehgduiehg)

Offline

#3 2017-11-08 18:19:57

MQTGuy
Contributor
Registered: 2017-11-08
Posts: 2

Re: Need Help Simulating Campus ID

I am a team member in joshb's group. I snooped communication between the card and the reader, and this is what I got when I listed it.

http://textuploader.com/dlupy

Both of us are pretty inexperienced with this, so any guideace is greatly appreciated.

Offline

#4 2017-11-08 19:54:04

iceman
Administrator
Registered: 2013-04-25
Posts: 6,654
Website

Re: Need Help Simulating Campus ID

A nice trace,  with a complete authentication aswell.
So much to learn.   There are some desfire support in my fork, but the fork is not so stable.  If you take a release, it should be ok.
Anyway,  it just tries to gather info about the tag abit.    I suggest you start reading a full datasheet for desfire and 7816

ISO 7816 COMMAND SET:
ISO SELECT 		(A4)
ISO GET	CHALLENGE	(84)
ISO EXTERNAL AUTHENTICATE	(82)
ISO INTERNAL AUTHENTICATE	(88)
ISO READ BINARY		(B0)
ISO UPDATE BINARY	(D6)
ISO READ RECORDS	(B2)
ISO APPEND RECORD 	(E2)

If you feel the love,  https://www.patreon.com/iceman1001

modhex(hkhehghthbhudcfcdchkigiehgduiehg)

Offline

Board footer

Powered by FluxBB