proxmark3 icon indicating copy to clipboard operation
proxmark3 copied to clipboard
verified publisher icon RfidResearchGroup

[idea] Decode trace list when sniffing done

Open Yenniiii opened this issue 1 year ago • 5 comments

Is your feature request related to a problem? Please describe. We sniff NFC system with proxmark3 and find that some key personal information is leaked; however, interpreting it required additional effort.

Describe the solution you'd like We wish there was a code in client/src/cmd_trace that could decode it and output it.

Describe alternatives you've considered We want to be able to output refined personal information through the command trace decode after the trace_save to cmd_trace.

Yenniiii avatar Dec 02 '24 07:12 Yenniiii

This is to generic formulated. You need to specify with examples and in with more details

iceman1001 avatar Dec 02 '24 19:12 iceman1001

When we decoded the sniffing communication between the nfc tag and reader by utf-8 and euc-kr, the personal information came out. We don't know which encoding method is commonly used in countries other than Korea, but if there are nfc system that vulnerable in security, it will be possible to see the personal information in the card using only Proxmark3's sniffing and simple decoding logic. We have written code that can extract personal information from our dataset. We’ll attach results obtained by our code. This is some of the extracted personal information that we can disclose. Thank you very much :) sniffing_decoding

Yenniiii avatar Dec 03 '24 08:12 Yenniiii

Which personal information did you see from that trace?

iceman1001 avatar Dec 03 '24 15:12 iceman1001

We could check student number, name, and birth with student ID card. The student number is a unique number for each student in our school.

Yenniiii avatar Dec 04 '24 13:12 Yenniiii

You will need to provide sample trace, sample information in order to made a decoder.

iceman1001 avatar Dec 05 '24 08:12 iceman1001