Emulate and sniff Legic Prime cards with Proxmark 3
we have to investigate our university system, which used the Legic
Prime chip and is now changing to Legic Advant. So for our seminar we
have to attack the old system which we succeed by writing valid values
to the card. The next step would be to emulate "own" cards with the
proxmark3 and it would be nice to sniff to the traces.
So first: Emulating: Proxmark has already a function: "hf legic sim" [phase drift [frame drift [req/resp drift]]] Start tag simulator (use after load or read)
Which we used after reading a valid card but it didn't worked. Maybe someone can help us with that.
Second: Sniff traffic: We'd like to sniff the traffic between card and reader. But proxmark has no function to sniff legic traffic. We can only sniff 14a traffic without annotations but that didn't worked neither.
So first: Emulating: Proxmark has already a function: "hf legic sim" [phase drift [frame drift [req/resp drift]]] Start tag simulator (use after load or read)
Which we used after reading a valid card but it didn't worked. Maybe someone can help us with that.
Second: Sniff traffic: We'd like to sniff the traffic between card and reader. But proxmark has no function to sniff legic traffic. We can only sniff 14a traffic without annotations but that didn't worked neither.
No comments:
Post a Comment