Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.

"Learn the tools of the trade the hard way." +Fravia

You are not logged in.


Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2021-12-24 14:18:54

Registered: 2021-12-18
Posts: 56

[QUESTION] random ideas

So yes, I always wonder.
When I encrypt a disk, if I don't know the password I can copy all the chunk of data to another disk; it will be exactly the same data.
And if I introduce the correct password on both disk, I end up decrypting the original and the copied disk.

I always wonder, why I cannot do the same on NFC/RFID cards? Just copy all the chunk of data and then pasting the chunk of data in another blanked card, even if I don't know the keys to access each block or stuff like that. And when I read it with the card reader, both the original and the clone displaying the same output (or data)

Any ideas?



#2 2022-06-06 17:52:41

Registered: 2017-06-25
Posts: 46

Re: [QUESTION] random ideas


When you encrypt a disk, the data which is written on the disk is encrypted, but it can be freely read and copied to another disk. Then, you can decrypt it, should you know the key which was used to encrypt the data.

For RFID cards it depends on which card you want to copy. In a properly designed system, the data is encrypted with a key, which is dependent on the card's serial number. If you want to copy the card, you need to use a "magic" card which serial number can be rewritten. Otherwise, if you copy the data to a card with a different serial number, the reader will try to decipher the data with another key, the decryption will fail, and the card will not be recognized.

Also, unlike disks which can be freely read, some RFID chips such as MIFARE require the reader to authenticate with the chip.
The card sends an encrypted random number to the reader, the reader decrypts it and sends it back to the card.
If the numbers match, access to the block is granted.
Then, all subsequent communications between the reader and the card are encrypted, no matter whether the data stored in the cars is encrypted or not.
If you do not know the key, the card won't even allow you to read the block. This is why you need to crack the keys of a MIFARE card before reading it.



Last edited by atmel9077 (2022-06-06 17:54:22)


Board footer

Powered by FluxBB