Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2013-07-18 20:14:49

iceman
Administrator
Registered: 2013-04-25
Posts: 9,497
Website

what to do after a complete mifare dump?

You might call it the next stage.  It was time for me to start analyzing some dumps.

What to pick? Well, In my town, there public transportation company uses a mifare 1k card as their favorite.   Its been done before,  see the dutch original papers on mifare,  see the german ones aswell,  or take the northen Swedish release.

This last spring, someone, published a fake a ticket app on andriod  for the towns transport system.   So I got curious on how it works. Turns out that in Sweden, a lot of people has been looking in to it.  There is a video on youtube around 2010 from a "defcon"-like conferece in Stockholm or the "umeå-hackerspace" debacle.

So I read the dumps,   I found out the specifications on the net. Talk about bit-level information.  16bytes gives 128 possible bits of information which needs to map to some kind of context.  Even if the acceskeys is easily broken via PM3,  the next layer is kind of good.  The specs started out end of the nineties but still holds.

The fake-a-ticket worked because it only swapped two correct blocks of info with correct authentication for two tickets.   However if there is a control, nowdays it is easy to see that the blocks been swapped. 

However,  the core protection is a table of 64 master keys.  If you find them out,  then all travels in the scandinavien countries are totally broken since the same system w mifare card is used there.   So, there I stand with a thought.  How to get the keys?   I think that the whole system is sensitive for a padding oracle attack,   using a pm3 (or similar) to ask the ticket maching for correct authenticated blocks of data...  Remember that this is a layer above the mifare standard and it sometimes breaks the mifare standard like on S0:B1,B2

Have someone been down this road before?   

And yes,  I have started develop a tool that reads a dumpdata.bin file and I can read silly stuff like how much money,  the 6 latest tickets you did, if the card is blocked,  you know..

Offline

Board footer

Powered by FluxBB