project:freakcard:start
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | Last revisionBoth sides next revision | ||
| project:freakcard:start [2019/11/05 22:54] – [High Frequency (HF) card] Magic Desfire abyssal | project:freakcard:start [2019/12/02 01:26] – [High Frequency (HF) card] ISO-15693 magic cards abyssal | ||
|---|---|---|---|
| Line 430: | Line 430: | ||
| Proxmark can read them and so can some android phones. | Proxmark can read them and so can some android phones. | ||
| - | They contain UID and 64 bytes of data. Reading with proxmark can be done with: | + | They contain UID and 4-byte blocks |
| < | < | ||
| - | hf 15 dumpmemory | + | pm3 --> |
| + | | ||
| + | TYPE : EM-Marin SA (Skidata); EM4233 [IC id = 09] 23,5pF CustomerID-102 | ||
| + | pm3 --> hf 15 dump | ||
| + | [=] Using UID as filename | ||
| + | Reading memory from tag UID E0 16 24 66 1E C1 A5 AD | ||
| + | ....................................................[-] Tag returned Error 15: Unknown error. | ||
| + | |||
| + | |||
| + | block# | ||
| + | ---------+--------------+---+---------- | ||
| + | 0/0x00 | 3F 08 1A 4D | 0 | ?..M | ||
| + | 1/0x01 | 82 18 60 20 | 0 | ..` | ||
| + | 2/0x02 | 00 38 00 50 | 0 | .8.P | ||
| + | 3/0x03 | 1C 48 33 00 | 0 | .H3. | ||
| + | 4/0x04 | 1B 00 00 00 | 0 | .... | ||
| + | 5/0x05 | 00 00 00 00 | 0 | .... | ||
| + | 6/0x06 | 00 00 00 00 | 0 | .... | ||
| + | 7/0x07 | 00 00 00 00 | 0 | .... | ||
| + | 8/0x08 | 00 00 00 00 | 0 | .... | ||
| + | 9/0x09 | 00 00 00 00 | 0 | .... | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| + | | ||
| </ | </ | ||
| - | Latest proxmark 2.3.0 has some basic ISO 15693 simulation functionality, but it's not working properly yet. | + | Rfxsecure.com sells magic ISO-15693 cards with changeable UID. Either you need the iso15_magic from RRG repo or "hf 15 csetuid" |
| - | AFAIK there are no " | + | Changing |
| + | < | ||
| + | proxmark3> | ||
| + | #db# 12 octets read from IDENTIFY request: | ||
| + | #db# NoErr CrcOK | ||
| + | #db# 00 00 bf a5 c1 1e 66 24 | ||
| + | #db# 16 e0 56 a3 | ||
| + | #db# UID = E01624661EC1A5BF | ||
| + | proxmark3> | ||
| + | | ||
| + | new UID | e0 16 24 66 1e c1 a5 ca | ||
| + | Using backdoor Magic tag function | ||
| + | received -1 octets | ||
| + | Thread 4 " | ||
| + | </ | ||
| + | |||
| + | With the magic scripts: | ||
| + | |||
| + | < | ||
| + | script run iso15_magic.lua -u E004013344556677 | ||
| + | </ | ||
| + | Neither will work on the first time likely. Retry at least 3 times. Same with "hf 15 dump" and "hf 15 restore" | ||
| + | Note on cloned skipass ISO-15693 cards - they have counter in sector 2, so as soon as your cloned cards will desync, one of them will stop working. | ||
| ==== Low Frequency card ==== | ==== Low Frequency card ==== | ||
| Emulation in general: http:// | Emulation in general: http:// | ||
project/freakcard/start.txt · Last modified: 2021/06/05 17:28 by abyssal