Proxmark3 developers community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

#1 2016-04-21 13:05:12

trilby
Contributor
Registered: 2016-04-21
Posts: 10

(Solved) Key Extraction from trace

Hoping you can help me out with this. As I am well and truly stuck.

I have been using the proxmark3 HF MF Sniff command. I have been trying to extract the keys from the following trace

received trace len: 383 packages: 1         

tag select uid:9b 30 52 81  atqa:0x0004 sak:0x08         

RDR(0):60 03 6e 49           

TAG(1):62 90 ba 99           

RDR(2):57 98 b7 de d7 44 07 39           

TAG(3):3d 53 7e 54           

RDR(4):70 73 28 2a           

TAG(5):cc b3 db b3 33 47 08 81 3c df 65 bd 6f 60 f7 07 3e 8d           

RDR(6):df ac d5 43           

TAG(7):60 04 9e d5 a8 4d 50 99 30 10 04 ad 36 05 6c 40 b3 7f           

RDR(8):02 64 b9 fa           

TAG(9):b6 3b d2 fb           

RDR(10):b5 02 67 75 3f d6 63 45           

TAG(11):b8 af c4 e0           

RDR(12):fc a2 f3 d0           

TAG(13):f9 01 ac 8e 5c 43 18 36 a1 3c f0 92 8c bb 80 d0 f4 18           

RDR(14):48 b8 78 05           

TAG(15):8f 3c 91 cf 24 c8 59 26 eb 5d af f8 e2 9f da ae 68 70           

RDR(16):94 41 8d 76           

TAG(17):d8 54 9f 3a 1e cd 92 9b d4 90 ea 97 4b 12 c1 42 f1 11           

tag select uid:9b 30 52 81  atqa:0x0004 sak:0x08         

RDR(18):50 00 57 cd       

While testing what I believed to be the key I have been unsuccessful.

Can you help me extract the following

tag challenge,

reader challenge,

reader response

tag response.

Last edited by trilby (2016-04-22 11:47:01)

Offline

#2 2016-04-21 13:06:13

trilby
Contributor
Registered: 2016-04-21
Posts: 10

Re: (Solved) Key Extraction from trace

Below is another trace if it helps

received trace len: 383 packages: 1         

tag select uid:9b 30 52 81  atqa:0x0004 sak:0x08         

RDR(0):60 03 6e 49           

TAG(1):fe 2c a4 9d           

RDR(2):1c 2d 93 ae e5 9c cc 15           

TAG(3):49 bf 6b d4           

RDR(4):12 7b ab af           

TAG(5):0a 12 2f bf 83 e3 99 ed df 73 b0 0f bc 75 da cc 76 f1           

RDR(6):bc 73 84 92           

TAG(7):52 fb 2d f1 14 62 bc 8f 10 10 57 fd 4a 00 e4 7a 9a 97           

RDR(8):f6 8a 85 8a           

TAG(9):e1 f6 48 f8           

RDR(10):e6 01 a3 d8 f5 85 5f f2           

TAG(11):0c ef da 99           

RDR(12):4c 2d 7a 82           

TAG(13):b0 d2 c7 ee 83 42 88 ff 96 f4 4f 40 83 a9 e1 c2 8e 01           

RDR(14):d2 e8 2f 27           

TAG(15):bb 8a dd 04 42 db 07 f6 0b 48 ce af 54 8a bf 09 7a df           

RDR(16):91 38 44 25           

TAG(17):08 76 dc dc c2 5e 39 da f0 b1 b9 fa b6 04 be 13 b4 01           

tag select uid:9b 30 52 81  atqa:0x0004 sak:0x08         

RDR(18):50 00 57 cd

Offline

#3 2016-04-21 13:16:24

iceman
Administrator
Registered: 2013-04-25
Posts: 6,692
Website

Re: (Solved) Key Extraction from trace

In that case, you could use the mfkey* commands.  You find them under the /tools/mfkey folder.  You need to build them.

If you look at the sample below, you can figure out which data goes where.

taken from your trace:
mfkey64.exe 9b305281 6290ba99 5798b7de d7440739 3d537e54

MIFARE Classic key recovery - based 64 bits of keystream
Recover key from only one complete authentication!

Recovering key for:
  uid: 9b305281
   nt: 6290ba99
 {nr}: 5798b7de
 {ar}: d7440739
 {at}: 3d537e54

LFSR succesors of the tag challenge:
  nt': aa7f482c
 nt'': b1cb7616

Keystream used to generate {ar} and {at}:
  ks2: 7d3b4f15
  ks3: 8c980842

Found Key: [a0a1a2a3a4a5]

Time : 62 ticks

If you feel the love,  https://www.patreon.com/iceman1001

modhex(hkhehghthbhudcfcdchkigiehgduiehg)

Offline

#4 2016-04-21 13:22:50

trilby
Contributor
Registered: 2016-04-21
Posts: 10

Re: (Solved) Key Extraction from trace

iceman wrote:

In that case, you could use the mfkey* commands.  You find them under the /tools/mfkey folder.  You need to build them.

If you look at the sample below, you can figure out which data goes where.

taken from your trace:
mfkey64.exe 9b305281 6290ba99 5798b7de d7440739 3d537e54

MIFARE Classic key recovery - based 64 bits of keystream
Recover key from only one complete authentication!

Recovering key for:
  uid: 9b305281
   nt: 6290ba99
 {nr}: 5798b7de
 {ar}: d7440739
 {at}: 3d537e54

LFSR succesors of the tag challenge:
  nt': aa7f482c
 nt'': b1cb7616

Keystream used to generate {ar} and {at}:
  ks2: 7d3b4f15
  ks3: 8c980842

Found Key: [a0a1a2a3a4a5]

Time : 62 ticks

I have just tryed the key but this only provides the sector 0 key A. I am trying to access other sectors within the card that have different keys.

I am unable to work out what sector the reader is authenticating against aswell.

Offline

#5 2016-04-21 13:28:11

iceman
Administrator
Registered: 2013-04-25
Posts: 6,692
Website

Re: (Solved) Key Extraction from trace

Have you tried the nested command now that you have one key?
and read up on the mifare procotol regarding which block the authentication aiming at.


If you feel the love,  https://www.patreon.com/iceman1001

modhex(hkhehghthbhudcfcdchkigiehgduiehg)

Offline

#6 2016-04-21 13:33:21

trilby
Contributor
Registered: 2016-04-21
Posts: 10

Re: (Solved) Key Extraction from trace

iceman wrote:

Have you tried the nested command now that you have one key?
and read up on the mifare procotol regarding which block the authentication aiming at.


Unfortunatly the card is not vunrable to a nested attack. It appears to be a card with the RNG fixed

Offline

#7 2016-04-21 13:36:16

iceman
Administrator
Registered: 2013-04-25
Posts: 6,692
Website

Re: (Solved) Key Extraction from trace

Lucky for you that you have a key and the hardnested attack.


If you feel the love,  https://www.patreon.com/iceman1001

modhex(hkhehghthbhudcfcdchkigiehgduiehg)

Offline

#8 2016-04-21 14:42:30

trilby
Contributor
Registered: 2016-04-21
Posts: 10

Re: (Solved) Key Extraction from trace

iceman wrote:

Lucky for you that you have a key and the hardnested attack.


Are there any guides for the hard nested attack as I shall need to update the version of proxmark I am running, as the "HF MF hardnested" is missing

Offline

#9 2016-04-21 15:08:32

iceman
Administrator
Registered: 2013-04-25
Posts: 6,692
Website

Re: (Solved) Key Extraction from trace

Blessed is he who searches, for him it shall be given.


If you feel the love,  https://www.patreon.com/iceman1001

modhex(hkhehghthbhudcfcdchkigiehgduiehg)

Offline

#10 2016-04-22 08:24:38

trilby
Contributor
Registered: 2016-04-21
Posts: 10

Re: (Solved) Key Extraction from trace

iceman wrote:

Blessed is he who searches, for him it shall be given.


Ok Iceman.

Can you maybe help me with this error when building your fork of proxmark.

I run the command make clean && make all
it runs for a while then fails with the following error

I/opt/local/include -I../liblua -Wall -g -DHAVE_GUI -DZ_SOLO -DZ_PREFIX -DNO_GZIP -DZLIB_PM3_TUNED  -c -o obj/cmdhfmfhard.o cmdhfmfhard.c
/tmp/ccpU6ywp.s: Assembler messages:
/tmp/ccpU6ywp.s:3472: Error: no such instruction: `vfmadd312sd 80(%rsp),%xmm0,%xmm1'
make[1]: *** [obj/cmdhfmfhard.o] Error 1
make[1]: Leaving directory `/home/user/iceman/proxmark3/client'
make: *** [client/all] Error 2

Any thoughts as I have used my google-fu and all i am getting is links to cmake.

Offline

#11 2016-04-22 08:49:51

iceman
Administrator
Registered: 2013-04-25
Posts: 6,692
Website

Re: (Solved) Key Extraction from trace

remove the "-march=native"  in the client\makefile

You can try to replace it with:  "-mmmx"  or "-msse"
Read more on this commit:   https://github.com/aczid/crypto1_bs/com … e5694d53f2


If you feel the love,  https://www.patreon.com/iceman1001

modhex(hkhehghthbhudcfcdchkigiehgduiehg)

Offline

#12 2016-04-22 09:44:13

trilby
Contributor
Registered: 2016-04-21
Posts: 10

Re: (Solved) Key Extraction from trace

iceman wrote:

remove the "-march=native"  in the client\makefile

You can try to replace it with:  "-mmmx"  or "-msse"
Read more on this commit:


Many thanks for all the help Iceman that it is now compiling and running.

When I run "hf mf hardnested 0 A A0A1A2A3A4A5 4 A"

I get alot of the following errors

"#db# AcquireNonces: Auth1 error"

I have tested the key A against sector 0 and reading the card is fine with readers I have here so I know that the key is correct.

Here is the startup information
bootrom: master/v2.2.0-57-g9dd0ac5-suspect 2015-09-23 15:21:34
os: icemanmaster/v1.1.0-1252-g92243fc-dirty-suspect 2016-04-21 16:55:00
LF FPGA image built for 2s30vq100 on 2015/03/06 at 07:38:04
HF FPGA image built for 2s30vq100 on 2015/11/ 2 at  9: 8: 8
         
uC: AT91SAM7S512 Rev B         
Embedded Processor: ARM7TDMI         
Nonvolatile Program Memory Size: 512K bytes. Used: 213601 bytes (41%). Free: 310687 bytes (59%).         
Second Nonvolatile Program Memory Size: None         
Internal SRAM Size: 64K bytes         
Architecture Identifier: AT91SAM7Sxx Series         
Nonvolatile Program Memory Type: Embedded Flash Memory

Offline

#13 2016-04-22 10:08:34

iceman
Administrator
Registered: 2013-04-25
Posts: 6,692
Website

Re: (Solved) Key Extraction from trace

That good that it compiles.
There is options for hardnested to collect nonces slower,  or maybe your tag is not so good positioned above your antenna.


If you feel the love,  https://www.patreon.com/iceman1001

modhex(hkhehghthbhudcfcdchkigiehgduiehg)

Offline

#14 2016-04-22 10:16:31

trilby
Contributor
Registered: 2016-04-21
Posts: 10

Re: (Solved) Key Extraction from trace

iceman wrote:

That good that it compiles.
There is options for hardnested to collect nonces slower,  or maybe your tag is not so good positioned above your antenna.


I have tried using "s" at the end to slow down nonce collection but it still has the same result. I have also re-positioned the tag in multiple positions.

Here is the results from the 14a read command

hf 14a read
Card doesn't support standard iso14443-3 anticollision         
ATQA : 20 00

I am at a major loss as to what could be causing my issues. sad

Offline

#15 2016-04-22 10:28:13

iceman
Administrator
Registered: 2013-04-25
Posts: 6,692
Website

Re: (Solved) Key Extraction from trace

since your output from "hf 14a read" suggests bad reading of tag.   You need to have about 1-2cm distance between tag and antenna.   Find the spot where you get consistent reads,  then try running hardnested..


If you feel the love,  https://www.patreon.com/iceman1001

modhex(hkhehghthbhudcfcdchkigiehgduiehg)

Offline

#16 2016-04-22 11:24:30

trilby
Contributor
Registered: 2016-04-21
Posts: 10

Re: (Solved) Key Extraction from trace

iceman wrote:

since your output from "hf 14a read" suggests bad reading of tag.   You need to have about 1-2cm distance between tag and antenna.   Find the spot where you get consistent reads,  then try running hardnested..

I have managed to get the data I needed many thanks for your help Iceman.

I have had to mount the coil about 5cm from the card.

Offline

#17 2016-04-22 11:42:48

iceman
Administrator
Registered: 2013-04-25
Posts: 6,692
Website

Re: (Solved) Key Extraction from trace

Great,  I may suggest that you rename the topic (in your first post)  to it says [solved] in the beginning of your title.

And thats one strong antenna you have.


If you feel the love,  https://www.patreon.com/iceman1001

modhex(hkhehghthbhudcfcdchkigiehgduiehg)

Offline

#18 2016-04-22 11:45:53

trilby
Contributor
Registered: 2016-04-21
Posts: 10

Re: (Solved) Key Extraction from trace

iceman wrote:

Great,  I may suggest that you rename the topic (in your first post)  to it says [solved] in the beginning of your title.

And thats one strong antenna you have.

I do not appear to have the ability to edit posts yet

Edit never mind the ability appeared on my 10th post

Last edited by trilby (2016-04-22 11:46:39)

Offline

Board footer

Powered by FluxBB