![]() This card, that is also known as “UID Changeable Card” is a special card, in which you can manipulate the UID and the full sector 0. So, if “the money” is related to it, the attack won’t work.Ī couple of years ago, a “ Magic Chinese Card” appeared. Remember that the only block in a mifare card that you cannot modify is the block 0 in sector 0, where the UID of the cards is burnt in the Factory. Easy, right? In some poor implementations, this could work! In other implementations, you can even take “the money” from a card, and “paste it” into another one. Basically, it’s like a dump of the contents of the card but only the trail blocks, where keys are stored.Ī really simple attack to an electronic wallet implementation using this type of cards is to dump the contents aka “money” and then use the credit and, after that, restore the contents, filling it with our “stored” money inside a binary file. If you take a look inside the current folder where the client is running, you’ll find a binary file called “ dumpkeys.bin”. ![]() Proxmark3> hf mf nested 1 0 A XXXXXXXXXXXX d ![]() Just as a quick reminder, the steps to crack the keys were: Now that we own the keys of a Mifare Classic card, we can move onto cloning them.
0 Comments
Leave a Reply. |