I’m not sure if this is the right place to ask a question like this, but it’s the most relevant community I could find using google!
At my university, we use NXP - Mifare DESfire EV2 4k cards for access control, presumably using the 7-byte UID as an identifier. I believe I’m correct in thinking that I could use Chinese magic cards and a Proxmark to replicate one of these cards by writing to sector/block 0, but I do not know whether the same is possible with UID-changeable nfc stickers.
I want to use stickers similar to these ones from AliExpress:
shorturl.at/IMWX6 or shorturl.at/aFHI0
Would stickers like these work for what I want, given the type of NFC card that my university uses? If I wanted to do something like this, would the Proxmark sold by DangerousThings be the appropriate hardware to buy in order to clone my card?
Many thanks in advanced, and please feel free to point out anything of importance that I may have missed - I’m not extremely knowledgable in this domain!
If your campus card is a Mifare DESfire EV2 then the short answer is probably not.
DESfire is a fairly secure and well trusted product line within the Mifare family from NXP.
Your card could be from one of the lucky and badly implemented systems that only used UID for access control. In that case, you just need to clone the UID from your original to a magic DESfire or, possibly, Mifare Classic.
If you have an Android phone, download NXP TagInfo and scan the campus card. If it has several applications contained in it, then its most likely cannot be cloned.
Seems like school campus cards have a almost 95% chance of being desfire from what Ive read and seen
That seems like a much higher rate than I would expect, different individual entities making actually good security choices rather than cheeping out
I wonder if there’s some larger governing body or grant or government funds allocated, that have set desfire as a specification
2 big players in campus commerce; blackboard and cbord. Blackboard uses desfire. If the DF aid is a string of Bs, it should be blackboard from what I’ve seen.
That’s for the confirmation…
A bunch of schools all having their shit relatively together was sus lol
As an aside, cbord tend to favor HID from my subjective experience. (And mag…)
I scanned the card using the app you mentioned and screenshotted the results:
Might these 2 unkown DESFire applications be the ones you’re referring to which indicate that it probably can’t be cloned?