Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2016-02-22 03:54:58

bigboyq
Contributor
From: China
Registered: 2015-09-22
Posts: 38

Using PM3 read apple pay

 UID : 08 eb 84 xx
ATQA : 00 04
 SAK : 20 [1]
TYPE : NXP MIFARE DESFire 4k | DESFire EV1 2k/4k/8k | Plus 2k/4k SL3 | JCOP 31/41
 ATS : 05 78 80 70 02 a5 46
       -  TL : length is 5 bytes
       -  T0 : TA1 is present, TB1 is present, TC1 is present, FSCI is 8 (FSC = 256)
       - TA1 : different divisors are NOT supported, DR: [], DS: []
       - TB1 : SFGI = 0 (SFGT = (not needed) 0/fc), FWI = 7 (FWT = 524288/fc)
       - TC1 : NAD is NOT supported, CID is supported
Answers to chinese magic backdoor commands: NO
proxmark3> hf 14a read
 UID : 08 4f cb xx
ATQA : 00 04
 SAK : 20 [1]
TYPE : NXP MIFARE DESFire 4k | DESFire EV1 2k/4k/8k | Plus 2k/4k SL3 | JCOP 31/41
 ATS : 05 78 80 70 02 a5 46
       -  TL : length is 5 bytes
       -  T0 : TA1 is present, TB1 is present, TC1 is present, FSCI is 8 (FSC = 256)
       - TA1 : different divisors are NOT supported, DR: [], DS: []
       - TB1 : SFGI = 0 (SFGT = (not needed) 0/fc), FWI = 7 (FWT = 524288/fc)
       - TC1 : NAD is NOT supported, CID is supported
Answers to chinese magic backdoor commands: NO

For security reason, I have eliminated last two UID bits
It seems that, apple pay simulate uids randomly, and the uid begins with 08

So my question is, is it possible that, we can control the uid generation, so our apple pay could be any kind of mifare card, it is useful for many purpose, we could migrate our M1 cards into apple

Offline

#2 2016-02-22 07:59:06

iceman
Administrator
Registered: 2013-04-25
Posts: 9,497
Website

Re: Using PM3 read apple pay

You'll need to figure out the uid-gen algo.  Collect as many uid you can then start compairing and looking at them.

Offline

#3 2016-02-22 13:39:47

marshmellow
Contributor
From: US
Registered: 2013-06-10
Posts: 2,302

Re: Using PM3 read apple pay

Wait, apple pay makes an iPhone emulate a desfire card?  Interesting.  if someone was able to jailbreak their iPhone could they write an app to emulate anything?  I believe that is the question.

Last edited by marshmellow (2016-02-22 13:40:33)

Offline

#4 2016-02-22 14:31:12

iceman
Administrator
Registered: 2013-04-25
Posts: 9,497
Website

Re: Using PM3 read apple pay

@OP you can use my fork and run "hf mfdes info"  against it.

You can atleast emulate Mifare Classic / desfire tags and apple pay must support crypto1, des, 3des, aes support.. cool.

All of a sudden I want to jailbreak... or at least try coding an app...

Offline

#5 2016-02-24 07:22:55

bigboyq
Contributor
From: China
Registered: 2015-09-22
Posts: 38

Re: Using PM3 read apple pay

I think we have too much forks now ......
As I have seen mfdes fork.... EMV fork ...... hardnested fork......
Why not merge together as an experiment fork?
@iceman

Offline

#6 2016-02-24 08:31:38

iceman
Administrator
Registered: 2013-04-25
Posts: 9,497
Website

Re: Using PM3 read apple pay

this is beside the thread,   but my fork has des and hardnested wink  and not long ago I've started to merge the emv.. 

The best thing would be if some forks got merged into pm3-master.  Its the main reason why I started my fork,  with all kinds of stuff,  that never got into pm3. The stuff in my fork usually gets in to pm3 master after some months.   Thats voluntary open source development in a nutshell. It is a different discussion. 

Back to apple pay instead.  Which modell supports it?  iphone 6?

Offline

#7 2016-02-24 08:39:35

bigboyq
Contributor
From: China
Registered: 2015-09-22
Posts: 38

Re: Using PM3 read apple pay

yup, I am using ip6 plus
firstly, you should add bank card into your wallet
then, you should active the apple pay mod,
lastly, you should put your mobile near the pm3 board.(The most effective position I found is iphone's camera over the hf antenna)
btw, let me know your fork, thanks

Offline

#8 2016-02-24 09:16:52

iceman
Administrator
Registered: 2013-04-25
Posts: 9,497
Website

Re: Using PM3 read apple pay

My fork works, it usually do.  However the emv merging is on hold.  No time for it.

Offline

Board footer

Powered by FluxBB