search

RfidResearchGroup / proxmark3

Iceman Fork - Proxmark3
http://www.icedev.se
GNU General Public License v3.0
3.62k stars 979 forks source link

DESfire DeleteApp authenticates to wrong AID #2336

Closed craftbyte closed 3 months ago

craftbyte commented 3 months ago

Describe the bug When using hf mfdes deleteapp, the client authenticates and selects the AID being deleted instead of the PICC AID, which needs to be selected to manage apps (unless they are delegated). I would suggest either adding another CLI argument for the auth AID or having the default be to have the aid parameter specify the AID being deleted instead of the AID used for authentication.

To Reproduce Steps to reproduce the behavior:

  1. Make sure that unauthenticated app management is disabled in the PICC config
  2. Create a DESfire app with any AID
  3. Try to delete the same app

Expected behavior The client authenticates to the PICC AID and then deletes the app.

iceman1001 commented 3 months ago

Interesting,

We don't have many developers anymore, so you are the best candidate to do it.

Feel free to make pull request with the changes.