Proxmark3 developers community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

#1 2020-04-15 15:17:11

simbl
Contributor
Registered: 2018-07-03
Posts: 10

Can't read (Application Master key settings) with hf mfdes info / enum

Thanks to iceman and GitHub user @bkerler, I´ve played with some updated mfdes commands. Most of my Mifare DESFire Cards works, but some doesn't. Here are two examples. How can I help to get the missing informations?

First MIFARE DESFire Card

[usb] pm3 --> hf mfdes info
          
[=] --- Tag Information ---------------------------          
[=] -------------------------------------------------------------          
[+]               UID: xx xx xx xx xx xx xx            
[+]      Batch number: xx xx xx xx xx              
[+]   Production date: week 40 / 2015           
          
[=] --- Hardware Information           
[=]      Vendor Id: NXP Semiconductors Germany           
[=]           Type: 0x01           
[=]        Subtype: 0x01           
[=]        Version: 1.0 ( DESFire EV1 )          
[=]   Storage size: 0x18 ( 4096 bytes )          
[=]       Protocol: 0x05 ( ISO 14443-2, 14443-3 )          
          
[=] --- Software Information           
[=]      Vendor Id: NXP Semiconductors Germany           
[=]           Type: 0x01           
[=]        Subtype: 0x01           
[=]        Version: 1.4           
[=]   Storage size: 0x18 ( 4096 bytes )          
[=]       Protocol: 0x05 ( ISO 14443-3, 14443-4 )          
          
[=] --- Card capabilities           
[=] 	1.4 - DESFire Ev1 MF3ICD21/41/81, EAL4+, N/A (report to iceman!)          
[!]  ⚠️     Can't read Application Master key settings           
[+]    Operation of PICC master key          : (3)DES           
[!!]  ? APDU: No APDU response.          
[+]    [0x0A] Authenticate      : NO          
[+]    [0x1A] Authenticate ISO  : NO          
[+]    [0xAA] Authenticate AES  : YES           
[=] -------------------------------------------------------------          
          
[=] --- Free memory           
[+]    Available free memory on card         : 1152 bytes           
[=] -------------------------------------------------------------

Second MIFARE DESFire Card

[usb] pm3 --> hf mfdes info
 
[=] --- Tag Information ---------------------------          
[=] -------------------------------------------------------------          
[+]               UID: xx xx xx xx xx xx xx             
[+]      Batch number: xx xx xx xx xx            
[+]   Production date: week 41 / 2012           
          
[=] --- Hardware Information           
[=]      Vendor Id: NXP Semiconductors Germany           
[=]           Type: 0x01           
[=]        Subtype: 0x01           
[=]        Version: 1.0 ( DESFire EV1 )          
[=]   Storage size: 0x16 ( 2048 bytes )          
[=]       Protocol: 0x05 ( ISO 14443-2, 14443-3 )          
          
[=] --- Software Information           
[=]      Vendor Id: NXP Semiconductors Germany           
[=]           Type: 0x01           
[=]        Subtype: 0x01           
[=]        Version: 1.4           
[=]   Storage size: 0x16 ( 2048 bytes )          
[=]       Protocol: 0x05 ( ISO 14443-3, 14443-4 )          
          
[=] --- Card capabilities           
[=] 	1.4 - DESFire Ev1 MF3ICD21/41/81, EAL4+, N/A (report to iceman!)          
[+]    Number of Masterkeys                  : 1           
[+]    [0x08] Configuration changeable       : YES           
[+]    [0x04] CMK required for create/delete : YES           
[+]    [0x02] Directory list access with CMK : YES           
[+]    [0x01] CMK is changeable              : YES           
[+]    Operation of PICC master key          : (3)DES           
[+]    PICC Master key Version               : 0 (0x00)           
[=]    ----------------------------------------------------------          
[+]    [0x0A] Authenticate      : YES           
[+]    [0x1A] Authenticate ISO  : YES           
[+]    [0xAA] Authenticate AES  : NO          
[=] -------------------------------------------------------------          
          
[=] --- Free memory           
[+]    Available free memory on card         : 1856 bytes           
[=] ------------------------------------------------------------- 
[usb] pm3 --> hf mfdes enum
          
[=] -- Mifare DESFire Enumerate applications --------------------          
[=] -------------------------------------------------------------          
[+]  Tag report 1 application           
          
[+] --- AMK - Application Master Key settings           
[+]   AID : C26001           
[+]   AID Function Cluster 0xC2: reserved           
[!]  ⚠️     Can't read Application Master key settings           
[!!]  ? APDU: No APDU response.          
[!]  ⚠️     Can't read AID master key version. Trying all keys          
[!]  ⚠️     Can't get file ids -> Current authentication status does not allow the requested command           
[=] -------------------------------------------------------------          
[usb] pm3 --> 

Offline

#2 2020-04-15 16:17:00

iceman
Administrator
Registered: 2013-04-25
Posts: 6,654
Website

Re: Can't read (Application Master key settings) with hf mfdes info / enum

The first one looks like a bad coupling,   the desfire cards I have tested with seems to be picky about placement.

The second card looks locked down,  will need a valid authentication before you can extract data.


If you feel the love,  https://www.patreon.com/iceman1001

modhex(hkhehghthbhudcfcdchkigiehgduiehg)

Offline

#3 2020-06-30 11:04:46

iceman
Administrator
Registered: 2013-04-25
Posts: 6,654
Website

Re: Can't read (Application Master key settings) with hf mfdes info / enum

The command auth process has changed a bit,  try pulling latest and do your tests again


If you feel the love,  https://www.patreon.com/iceman1001

modhex(hkhehghthbhudcfcdchkigiehgduiehg)

Offline

Board footer

Powered by FluxBB