search

RfidResearchGroup / proxmark3

Iceman Fork - Proxmark3
http://www.icedev.se
GNU General Public License v3.0
3.65k stars 981 forks source link

Improved magic detection #2223

Closed nvx closed 6 months ago

nvx commented 6 months ago

Magic detection no longer stops when a single type is found as cards may support multiple types of magic, so all detected types will be reported now. GDM/USCUID chips are now detected when GDM magic auth is disabled but magic WUP (40 or 20) is enabled. Gen2/CUID/DirectWrite is now detected when default keys and ACLs are used by attempting to write to block 0 but aborting before actually completing the write.

Some example hf 14a info output

CUID chip (factory defaults, default keys/etc) Before:

[+]  UID: F1 E6 A9 30
[+] ATQA: 00 04
[+]  SAK: 08 [2]
[+] Possible types:
[+]    MIFARE Classic 1K
[=] proprietary non iso14443-4 card found, RATS not supported
[+] Prng detection: weak
[#] Auth error
[#] Auth error
[?] Hint: try `hf mf` commands

Now:

[+]  UID: F1 E6 A9 30
[+] ATQA: 00 04
[+]  SAK: 08 [2]
[+] Possible types:
[+]    MIFARE Classic 1K
[=] proprietary non iso14443-4 card found, RATS not supported
[+] Magic capabilities : Gen 2 / CUID
[+] Prng detection: weak
[#] Auth error
[#] Auth error
[?] Hint: try `hf mf` commands

USCUID/GDM ZUID chip Before:

[+]  UID: 24 D8 2D 19
[+] ATQA: 00 04
[+]  SAK: 08 [2]
[+] Possible types:
[+]    MIFARE Classic 1K
[=] proprietary non iso14443-4 card found, RATS not supported
[+] Magic capabilities : Gen 1a
[+] Prng detection: weak
[#] Auth error
[#] Auth error
[?] Hint: try `hf mf` commands

Now:

[+]  UID: 24 D8 2D 19
[+] ATQA: 00 04
[+]  SAK: 08 [2]
[+] Possible types:
[+]    MIFARE Classic 1K
[=] proprietary non iso14443-4 card found, RATS not supported
[+] Magic capabilities : Gen 1a
[+] Magic capabilities : Gen 4 GDM / USCUID (Gen1 Magic Wakeup)
[+] Prng detection: weak
[#] Auth error
[#] Auth error
[?] Hint: try `hf mf` commands

Bonus, GDM/USCUID chip with a bunch of things enabled:

[+]  UID: 0A F5 3D 18
[+] ATQA: 00 04
[+]  SAK: 08 [2]
[+] Possible types:
[+]    MIFARE Classic 1K
[=] proprietary non iso14443-4 card found, RATS not supported
[+] Magic capabilities : Gen 2 / CUID
[+] Magic capabilities : Gen 4 GDM / USCUID (Magic Auth)
[+] Magic capabilities : Gen 4 GDM / USCUID (Alt Magic Wakeup)
[+] Prng detection: weak
[#] Auth error
[#] Auth error
[?] Hint: try `hf mf` commands
nvx commented 6 months ago

Actually that Gen2 being out of order is bugging me and I just noticed astyle did some silly things, going to fix those up and force push

nvx commented 6 months ago

There, that looks nicer

iceman1001 commented 6 months ago

Nice improvement,

Its almost like we should move it to the new hf mf info command instead.

nvx commented 6 months ago

Its almost like we should move it to the new hf mf info command instead.

It shows up there too :D

[usb] pm3 --> hf mf info

[=] --- ISO14443-a Information ---------------------
[+]  UID: A0 AE E9 9F
[+] ATQA: 00 04
[+]  SAK: 08 [2]

[=] --- Magic Tag Information
[+] Magic capabilities : Gen 1a
[+] Magic capabilities : Gen 4 GDM / USCUID (Gen1 Magic Wakeup)

[=] --- Keys Information
[+] loaded 59 keys from hardcoded default array
[+] Sector 0 key A... FFFFFFFFFFFF
[+] Sector 0 key B... FFFFFFFFFFFF
[+] Block 0.......... A0 AE E9 9F 78 08 04 00 62 63 64 65 66 67 68 69

[=] --- RNG Information
[+] Prng... weak
iceman1001 commented 6 months ago

yeah, but remove it from 14a info...