Proxmark developers community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

#1 2019-06-13 02:25:08

pm3script
Contributor
Registered: 2019-06-11
Posts: 3

Auto crack/write mifare 1k cards

I have been able to crack a few mifare 1k cards and dump the keys and data, but I am working on a project to automatically dump the keys for a given card and then use those keys to write specific data back to the card.  I've found mifare_autopwn and formatMifare, and it seems that a combination of the two would do the trick.  I was wondering though, is there an existing script anywhere to do this?  I was thinking of parsing the output of this into an array where the elements map to the block numbers, or something similar?  Then I could use those to do the equivalent of restoring a dump to a blank card, but instead I'd be writing my template onto any mifare 1k card.

Also, totally open to hearing that this is the complete wrong approach and there's a different/better way to accomplish.  Thanks

Offline

#2 2019-06-14 10:58:07

einstein
Contributor
Registered: 2019-05-19
Posts: 2

Re: Auto crack/write mifare 1k cards

commands i use to write into a card are

pm3 --> hf mf rdbl 4 a ffffffffffff
--block no:4, key type:A, key:FF FF FF FF FF FF           
isOk:01 data:00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Write 0's into block 4
hf mf wrbl 4 a ffffffffffff 00000000000000000000000000000000

you could use these commands directly from commandline ./proxmark3 /dev/ttyACM0 -c "hf mf wrbl 4 a ffffffffffff 00000000000000000000000000000000"

happy hacking smile

Offline

#3 2019-06-14 14:08:21

pm3script
Contributor
Registered: 2019-06-11
Posts: 3

Re: Auto crack/write mifare 1k cards

Right, what I'm looking for is a way to automatically map the cracked keys of a given card to the `wrbl` process appropriately.  Not every block for every card will have a key of ffffffffffff.

Offline

Board footer

Powered by FluxBB