Closed ghost closed 4 years ago
The card:
[=] --- Tag Information --------------------------- [=] ------------------------------------------------------------- [+] UID: 33 1D 6F E2 71 32 76 [+] Batch number: AE AC D3 51 91 [+] Production date: week 23 / 2019 [=] --- Hardware Information [=] Vendor Id: NXP Semiconductors Germany [=] Type: 0x02 (Plus) [=] Subtype: 0x01 [=] Version: 11.0 (Plus EV1) [=] Storage size: 0x16 (2048 bytes) [=] Protocol: 0x04 (ISO 14443-3 MIFARE, 14443-4) [=] --- Software Information [=] Vendor Id: NXP Semiconductors Germany [=] Type: 0x02 (Plus) [=] Subtype: 0x01 [=] Version: 1.1 [=] Storage size: 0x16 (2048 bytes) [=] Protocol: 0x04 (ISO 14443-3 MIFARE, 14443-4) [=] --- Tag Signature [=] IC signature public key name: Mifare Plus EV1 [=] IC signature public key value: 044109ADC42F91A8394066BA833272FB [=] : 394066BE83D872FB1D16803734A91112 [=] : 1D16803734E921170412DDF8BAD1A4DA [=] : 0412D2F8BAD1A7DADFD0436291AFE1C7 [=] Elliptic curve parameters: NID_secp224r1 [=] TAG IC Signature: 2F401E99257FF8FE83051D25C39BFEAF [=] : 592480BA23642EE1F756863D53177EF7 [=] : 90515994D43214B3C09D82AFAA69FB70 [=] : 962BB25429AD1F97 [+] Signature verified: successful [=] --- Fingerprint [=] Tech: MIFARE Plus EV1 [=] SIZE: 2K (7 UID) [=] SAK: MIFARE Plus SL0/SL3 or MIFARE DESFire [=] ICEE: 0B BD 68 [=] --- Security Level (SL) [+] SL mode: SL3 [=] SL 3: 3-Pass authentication based on AES, data manipulation commands secured by AES encryption and an AES based MACing method.
Bug after I had ran a script with the same card as id requirements
[+] args '' <sent>: D01100 <recvd>: D07387 Connected to Type : NXP MIFARE DESFire 4k | DESFire EV1 2k/4k/8k | Plus 2k/4k | JCOP 31/41 UID : 044D3FF2926580 <sent>: 03F0 <recvd>: 02900106A007D210 OPT = 01 pubRespTime = 06A0 pps = 07 <sent>: 03F20100 <recvd>: 0357F212 <sent>: 03F20101 <recvd>: 02E5B39D <sent>: 03F20102 <recvd>: 039041A0 <sent>: 03F20103 <recvd>: 024FE397 <sent>: 03F20104 <recvd>: 03B9821C <sent>: 03F20105 <recvd>: 02DF6A03 <sent>: 03F20106 <recvd>: 03D9847F <sent>: 03F20107 <recvd>: 02F28DF9 RndC = 0001020304050607 RndR = 57E5904FB9DFD9F2 Concatenation of random numbers = 57E5904FB9DFD9F20001020304050607 Final PCD concatenation before input into MAC function = FD0106A00757E5904FB9DFD9F20001020304050607 Padded MAC Input = FD0106A00757E5904FB9DFD9F200010203040506078000000000000000000000, length (bytes) = 32 8-byte PCD MAC_tag (placeholder - currently incorrect) = E5014F03DF05F207 <sent>: 03FDE5014F03DF05F207 <recvd>: 07 2 07 ERROR: Wrong response length (expected 20, got 2) exiting <sent>: OFF [+] finished mifareplus [usb] pm3 -->
Since you running the script without knowing what you are doing, this isn't a bug. Closing
The card:
Bug after I had ran a script with the same card as id requirements