Last week I cloned my apartment FOB as a back up to leave in my car. I confirmed that it worked on all the places it should (garage,elevator, pool etc) and it did.
This morning I tried using it and I just got ‘Access Denied’ at the elevator. Security just buzzed me up so no issues. I then tried it on a few other readers and I got the same.
I’m very curious as to why this happened? Is is a known issue?
Emulation on the flipper also stopped working so it’s not a faulty fob.
When reading the initial card I got 30/32 keys and 15/16 sectors.
Despite this I was able to write it to a blank card with NFC magic.
I played with Mifare32 trying to pull nonces from one of the readers while connected to it app. It said - Complete 10/10 nonces on the flipper but after searching for the new keys on the app it said ‘no new keys found’
I know that several people seem to have had issues cloning these cards, which I honestly think is a good thing for security but I’m scratching my head as to why it worked for a couple days and then stopped.
I’m looking at trying a nested attack now but any thoughts, or tips on what to do would be appreciated.
This feels exactly like your access system is updating the card’s user memory space with data and checking for that data next time it’s used. It’s a shitty security mechanic but it works to block this very thing - makes clones of access cards impractical and at best only have a very short window of use… and even if used successfully the original cardholder will know something is up because their card won’t work anymore… But nobody knows about this security mechanism or cares.
Anyway… if you want to test, clone your fob again and use your clone for a while… a week maybe… I’m sure it will work fine for weeks but your original fob will no longer work. Clone your clone’s user data sectors back to your fob and I’m sure the fob will start working again.
How do things like that work if say there’s 2 or three people living in the same apartment? I guess all their fobs have individual UID’s so it wouldn’t really matter.
This is what stops my emulator working on the apartment building system. Normally it updates on the main entrance and then allows me to continue use all the way upnto my apartment door. Had to compromise with using a gen1a magic mifare. Presumably you’ve been using your original fob and there was a certain period between using the backup fob? I just run all my cards including the back ups on the main entrance reader once a week. That’s the timeout period for an unused card on our building i was tokd by management. Completely ridiculous when I’m away longer than that as i cant get back in and have to get security to reset my keys. Waste of time.
Thats pretty crazy - good for security I guess.
In my place I don’t think it times out, but I lost my FOB once and had to wait a few hours for a guy to come and get me a new one. They outsource all that, and don’t have anyone on site capable of making new keys.
I guess the only workaround would be to somehow create a ‘fake fob’ with its own UID so the system thinks it’s separate or something like that ?