I’ve been working on a Python script that interfaces with the Proxmark. My goal was to create something that allows you to easily manipulate data on DESFire chips. It should work via USB, Bluetooth, and TCP on Linux and Android.
I hope this tool is useful. I’m not experienced in writing code that enables DESFire to interface directly with card readers, so using the Proxmark was the next best option. Let me know if you come across any weird issues. I’ll update it with more functionality in the future.
I added options for changing the PICC and application master key. You can also set up file restrictions. I hope this assists in managing your xDF3 and flexDF2 implants. (Use a test card first.)
Using Proxmark as an interface for DESFire is a good idea for cross-platform compatibility (USB/BT/TCP). Testing should only be done on proprietary cards or with the owner’s explicit permission.
Separate the transport layer from the APDU logic, log frames with the option to disable logging, and don’t store keys in plaintext (use encrypted storage).
For Bluetooth/TCP, a secure channel is required; add timeouts, retries, and authentication for TCP.
On Android, consider USB-OTG permissions and power saving; abstract hardware access.
It’s useful to have a “simulator” mode for testing and a “read-only” option for securely testing commands.
