My school uses the Eaccount app to have a passive student id on our phones, I know that there are some people who use a card so there must be some way to clone that student id’s onto a magic card, I would assume that it is hf but would it be possible to clone it? Would I maybe have to sniff an exchange between the phone and the reader to gather the correct data? is it possible to emulate the reader with the proxmark so I can gather the data? just looking for ideas on how I can create a physical card instead of just using my phone.
It really just depends on what type of chip they’re using. If you can, try to get your hands on one of the cards and scan it with your phone using an app like taginfo. If you’re lucky it’ll be able to be cloned, but you should go into it knowing that there’s a good chance you won’t be able to do copy it.
I have one that I can get my hands on ill update when I have the info on it
I have come to basically the same conclusion unless I can do a side-channel attack but I would have to do lots of research on how they work and creating a device that is capable of that as well as having a card that is capable of that transmission
you aren’t hacking desfires encryption any day soon. you could grab a proxmark and scan the phone when it’s emulating a card to see if it’s using a different card type most likely ultralight or classic depending on the cost of the install
there’s every chance the emulation could be desfire too if it’s on ur iphone
I would assume that those are more hackable than the ev2?
There is no practical attack for Desfire.
The only way would be to get your own card enrolled by the administrator.
there are a lot of computer science majors where I am at would it in theory be possible to do it with enough man power?
unless they’re specifically cryptography experts who know the ins and outs of DES 3DES and other specifically formatted encryption methods im gonna bet against the odds of a handful of computer science students tbh
As a current CS student, I 100% agree. You’re looking at cryptography way beyond our paygrade.
as an RFID guy and cysec student i can confidently say if no one’s done it ever my expectations are low
that being said i certainly implore you try if you want to, just don’t expect it to work without modifying conditional variables that allow it to work properly. breaking the legs before you start beating it doesn’t count