Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

Pages: 1

#1 2017-06-17 16:49:43

brantz
Contributor
Registered: 2014-03-19
Posts: 50

[solved] A special M1 Classic

Hi guys,

I just happened experienced a new M1 classic that isn't vulnerable to nested and mifare attack.

Here is what it looks like

pm3 --> hf 14a reader
 UID : 93 01 60 1B
ATQA : 00 04
 SAK : 08 [2]
TYPE : NXP MIFARE CLASSIC 1k | Plus 2k SL1
proprietary non iso14443-4 card found, RATS not supported
Answers to magic commands: NO

after checking the possible keys, it returns Fs for all sectors

testing to read key B...
|---|----------------|---|----------------|---|
|sec|key A           |res|key B           |res|
|---|----------------|---|----------------|---|
|000|  ffffffffffff  | 1 |  ffffffffffff  | 1 |
|001|  ffffffffffff  | 1 |  ffffffffffff  | 1 |
|002|  ffffffffffff  | 1 |  ffffffffffff  | 1 |
|003|  ffffffffffff  | 1 |  ffffffffffff  | 1 |
|004|  ffffffffffff  | 1 |  ffffffffffff  | 1 |
|005|  ffffffffffff  | 1 |  ffffffffffff  | 1 |
|006|  ffffffffffff  | 1 |  ffffffffffff  | 1 |
|007|  ffffffffffff  | 0 |  ffffffffffff  | 1 |
|008|  ffffffffffff  | 1 |  ffffffffffff  | 1 |
|009|  ffffffffffff  | 1 |  ffffffffffff  | 1 |
|010|  ffffffffffff  | 1 |  ffffffffffff  | 1 |
|011|  ffffffffffff  | 1 |  ffffffffffff  | 1 |
|012|  ffffffffffff  | 1 |  ffffffffffff  | 1 |
|013|  ffffffffffff  | 1 |  ffffffffffff  | 1 |
|014|  ffffffffffff  | 1 |  ffffffffffff  | 1 |
|015|  ffffffffffff  | 0 |  ffffffffffff  | 1 |
|---|----------------|---|----------------|---|

But when I dump it, it warns that "Could not read block  0 of sector  7"

So I tried nested and PM3 says 

Tag isn't vulnerable to Nested Attack (its random number generator is not predictable).

Then I noticed the res on key A for sector 7 and 15 is both "0", compare to other sectors value "1"
tried to read all sectors with key A 12Fs, only 7 and 15 got authentication failed.

after that, using hardnested got key A for sector 7 and 15 cracked, read the sectors data out

pm3 --> hf mf rdsc 7 A 12xxxxxxxxxx
--sector no:7 key type:A key:12 xx xx xx xx xx

#db# READ SECTOR FINISHED
isOk:01
data   : 51 00 F0 00 00 00 00 00 00 00 A1 07 08 99 12 30
data   : 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00
data   : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
trailer: 00 00 00 00 00 00 FF 07 80 69 FF FF FF FF FF FF
pm3 --> hf mf rdsc 15 A 05xxxxxxxxxx
--sector no:15 key type:A key:05 xx xx xx xx xx

#db# READ SECTOR FINISHED
isOk:01
data   : 93 01 60 9B 00 00 00 00 00 29 D4 00 00 00 04 01
data   : 41 11 00 00 00 00 44 44 45 55 46 66 47 77 00 00
data   : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
trailer: 00 00 00 00 00 00 FF 07 80 69 FF FF FF FF FF FF

Here are my questions
1. According to MIFARE Classic 1k Memory Structure, the first and last 12 hex symbols in each sector trailer should be key A and key B respectively. In my case, first 12 hex symbols from the output trailer are 0s, but clearly the valid key A is 12xxxxxxxxxx for sector 7 and  05xxxxxxxxxx for sector 15. How does this work?
Answer to myself after research: key A is not readable accoring to the transport configuration

2, I tired to read block and sector using key B, FFFFFFFFFFFF, none of them works. Again, according to memory structure, they should work. How does this work?
Answer to myself after research: "the access conditions "ff 07 80" (transport configuration) state that key B is readable. If key B is readable it is no longer considered a key but user data. Authenticating with key B will still work, but reading blocks will fail. This is the intended behavior.

3. what is the meaning of res in key table? Reset?
still unknown

4. Hence I know the first dumpkey.bin is incorrect, how can I modify the key A for sector 7 and 15 to make it valid for dump data?
Answer to myself after research: put these keys into default key table.


Thank you fellows for answering my questions. cheers

Last edited by brantz (2017-06-18 03:33:08)

Offline

#2 2017-06-17 19:39:11

iceman
Administrator
Registered: 2013-04-25
Posts: 9,507
Website

Re: [solved] A special M1 Classic

3) res  =  result (?)  ie,  if nested succeed to find key.  0 = failure,  1 = success.

4)  use a hexeditor

Offline

#3 2017-06-17 20:27:44

ntk
Contributor
Registered: 2015-05-24
Posts: 701

Re: [solved] A special M1 Classic

no key found on sector 7 and sector 15, pls check, perhap you need run several times and merge or use hardnested.

edit: Ah, I saw later on you did it

is the xxxx where you dont want to release the key on public forum? Read your next line...

Apropos could you pls. PM me why this mifare classic should be special?!

Last edited by ntk (2017-06-17 20:40:46)

Offline

#4 2017-06-18 03:35:41

brantz
Contributor
Registered: 2014-03-19
Posts: 50

Re: [solved] A special M1 Classic

ntk wrote:

no key found on sector 7 and sector 15, pls check, perhap you need run several times and merge or use hardnested.

edit: Ah, I saw later on you did it

is the xxxx where you dont want to release the key on public forum? Read your next line...

Apropos could you pls. PM me why this mifare classic should be special?!

Thanks for reminding me smile

Offline

#5 2017-06-18 13:11:09

ntk
Contributor
Registered: 2015-05-24
Posts: 701

Re: [solved] A special M1 Classic

You are welcome, but pls don't forget your second task.... thanks

Last edited by ntk (2017-06-18 13:11:37)

Offline

#6 2017-06-22 05:53:56

samburner3
Contributor
From: Sydney AUS
Registered: 2015-03-01
Posts: 51

Re: [solved] A special M1 Classic

I have also come across this 'secured mifare' as one security company refers it to as. Not sure if OP's card is this type.

The tell tail sign it is one of these is 7 and 15 are unknown / can't get them by nested or hard nested. I was however able to get 7 via sniffing with the reader but not 15.

Security Company Website wrote:

Secured Mifare
This is ***[security company]’s implementation of the Mifare standard. Card data is protected with a diversified authentication key and encrypted with an AES256 algorithm, effectively plugging the known security flaw in the Mifare standard. These cards are not as secure as DESFire but still provide high security against cloning.

Anyway is this "AES" claim even possible?
All i know is these cards from this one company seem to be these 'secured mifare cards' and act very strangely to the usual mifare tools.

This is marked as 'solved' did anyone successfully clone / dump?

Offline

#7 2017-06-22 06:06:01

marshmellow
Contributor
From: US
Registered: 2013-06-10
Posts: 2,302

Re: [solved] A special M1 Classic

@samburner3 did you use the full hardnested from the latest master repo?
also the data on the sector could very well be encrypted using AES256.  (although i doubt very much @brantz card was)
it doesn't necessarily have to have anything to do with the authentication process.

Offline

#8 2017-06-22 06:19:39

samburner3
Contributor
From: Sydney AUS
Registered: 2015-03-01
Posts: 51

Re: [solved] A special M1 Classic

marshmellow wrote:

@samburner3 did you use the full hardnested from the latest master repo?

Not the latest on master no, but used icman's fork hard nested version:
JGCegXO.png

But I will use the hardnested on the latest master repo when I come across this type again (I know where uses it and could go back).

If I do come across it, what data is good to collect and paste on the forum? (Never used trace dump etc before).

marshmellow wrote:

the data on the sector could very well be encrypted using AES256.?

So in theory it could be referring to the data is encrypted for the purpose of the reader / door controller, but as long as the proxmark can read it and put onto another card it should work?

Unless it has some incrementing command on the card which is another method of defence.
I had come across a mifare 4k that I was able to crack (Auth'ed all keys) but changed the data on the card between reader scans, so was impossible to clone.

Offline

#9 2017-06-22 08:01:25

iceman
Administrator
Registered: 2013-04-25
Posts: 9,507
Website

Re: [solved] A special M1 Classic

Mifare Plus tags has different security modes,  which SL2 uses AES.   So the claim could very much be true.

@samburner3, I recommend you try the v3.0.1 PM3 Master.

Offline

#10 2017-06-22 10:24:43

samburner3
Contributor
From: Sydney AUS
Registered: 2015-03-01
Posts: 51

Re: [solved] A special M1 Classic

The hf search returned it as a classic 1k.

Ill try that master next time.

Offline

#11 2017-06-22 14:35:48

piwi
Contributor
Registered: 2013-06-04
Posts: 704

Re: [solved] A special M1 Classic

If it is a Mifare Plus it would be in SL1 mode - otherwise reading a sector would not have been possible. I.e. if there is AES encryption, it is the sector data which is encrypted by the back end.

Offline

#12 2017-06-22 15:39:30

iceman
Administrator
Registered: 2013-04-25
Posts: 9,507
Website

Re: [solved] A special M1 Classic

@piwi got a point there. Its most likely the correct case for @samburner3.  The improved hardnested in pm3 master will find the key.
Still this is beside the orginal post's intent.   I suggest starting new thread with relevant information/question.

Offline

Pages: 1

Board footer

Powered by FluxBB