Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Pages: 1
Why not try this idea?
Can I get the password directly?
in mifarehost.c
// the statelists now contain possible keys. The key we are searching for must be in the
// intersection of both lists
qsort(statelists[0].head.keyhead, statelists[0].len, sizeof(uint64_t), compare_uint64);
qsort(statelists[1].head.keyhead, statelists[1].len, sizeof(uint64_t), compare_uint64);
// Create the intersection
statelists[0].len = intersection(statelists[0].head.keyhead, statelists[1].head.keyhead);
Is the above code suitable for staticnested?
I've tested it, but the intersection is 0
In theory, create two lists. Each list should have real password data. The intersection of the two lists should be the only password data, but why is the intersection 0?
But in China, it has been studied to let the staticnested command calculate the password directly in three seconds.
Look this!
http://ls.txts.fun/Desktop.rar
Please let me know after you download it! I'm going to delete it!
[+] UID: B3 45 5B A0
[+] ATQA: 00 04
[+] SAK: 08 [2]
[+] Possible types:
[+] MIFARE Classic 1K
[=] proprietary non iso14443-4 card found, RATS not supported
[#] 1 static nonce 01200145
[+] Static nonce: yes
[#] Auth error
The card is 【1 static nonce 01200145】
Last edited by wdywmz (2022-02-17 16:57:19)
I got it. Thanks.
The pictures shows that they are reading Key B from having Key A. Not sure if thats how they do it, but if it is then it's a known way and already implemented both in pm3 and libnfc.
It only works if the access rights (ACL) allows for it.
Speaking of which, the video show that they are using libnfc stuff. Around 1.20-1.30 you see that they use staticnested to get a key. They got 55526 candidate keys, which they are now trying to find which is the correct.
It actually looks like they are using mylazycracker .... but translated to Chinese.
The only thing in that video that I am curious of is how they are getting the KEY A that fast..... There might be something there.
in mifarehost.c
// the statelists now contain possible keys. The key we are searching for must be in the
// intersection of both lists
qsort(statelists[0].head.keyhead, statelists[0].len, sizeof(uint64_t), compare_uint64);
qsort(statelists[1].head.keyhead, statelists[1].len, sizeof(uint64_t), compare_uint64);
// Create the intersection
statelists[0].len = intersection(statelists[0].head.keyhead, statelists[1].head.keyhead);
Is the above code suitable for staticnested?
Create two lists of data. Will there be an intersection between them?
Can we quickly calculate the password from this intersection?