xM1+ doesn't work for use case. 😭 Can't crack Mifare Classic


#1

So, I bought the xM1+ and had it placed in my hand by a local body piercer about a month back.
(I’ll upload the video another time.)

Unfortunately, the chip under my skin can’t be read by the door scanners where I intended to use it. The LED Field Tester it came with lights up (dimly, I’ll admit). So, I assumed the xM1 Plus would also make contact. Though, it appears the door readers are simply not strong enough. Which is unfortunate, as this use case was the entire reason I decided to get my first implant. :expressionless: Oh well, life goes on.

Per @amal 's instructional article I purchased the ACR122U (as the proxmark3 was out of budget) and it arrived in the mail today! Pairing it with the recommended drivers and software, I went on a mission to crack a Mifare Classic card. The MiFare Offline Cracker tool worked great on the demo cards that arrived with the reader, giving me a dump of all the data in under 5 seconds. Though, the Mifare Classic card that I needed it to crack, didn’t have the same luck.

It ran for over an hour, before the program crashed. As I type, it has been running again for over two hours without making progress. It jumped directly to Sector 15, type A and it has been in the same spot. It has now made it past probe 285 of the same sector, but I expect it to crash before getting even this one key.

All this being said, I was initially under the impression that my use case only actually needs the card’s UID. Based on the trouble I’m having cracking the card, I may be wrong. Though, I thought it would be worth a try to only clone block 0. My problem is not knowing how to have the ACR122U give me block 0 without needing to crack the entire card. Also, how would I go about writing this information (without having to compile a full dump) using the recommended Card Recovery tool?

Thanks for any insight or suggestions @amal !


Shipping Address is NOT What I Used
#2

One thing to be careful of is that NXP now sells “Mifare Classic 1k” cards that are not the same old chip version… they look exactly the same, but the crypto-1 key cracking problem has been solved on these. Sometimes they are called Mifare S50 EV1 chips, but basically they are not vulnerable to cracking like the original mifare S50 1k chips are… it might be that you do have one of these newer chips in your desired source card. If possible, can you try reading your source card with TagInfo on an Android phone that supports reading non-NFC compliant Mifare cards and posting the info screens here?


#3

I’d be shocked if they went with EV1 cards. Seems like the type of place that would buy whatever is cheapest. Though, it looks as though I may have been wrong in that assumption.

Once I get my hands on an Android phone, I’ll get that information for you. Thanks @amal !

Any other ideas as to what I can do with my xM1+ implant? Can the ACR122U be used to output the UID as keystrokes, to facilitate unlocking a laptop?


#4

You could use the kbr1 reader to output the uid as keystrokes, but the acr122u would need some serious programming to do that… it’s a PC/SC reader.