Flipper freeze when emulating Mifare DESfire on a STID card reader

mojitopop · June 8, 2023, 12:58pm

I originally posted this on UL github but i’ve been told to post it here too since it happens on the latest official fw too

I work at a place where you access doors with your pass with STID readers and Simons Voss readers
we use Mifare DESfire 7b however the readers only read the UID that’s not encrypted

I cloned/wrote my badge on a 7b keyfob n it work just fine however when i use the FZ to emulate the key it works on the Simons Voss readers without issues but on the STID readers it works but the screen get stuck on the emulation screen n i gotta reset it everytime after using it

issue doesn’t happen when i use a magic nfc

Same issue both on latest official firmwares and unoffical ones

Another odd thing is maybe 1/4 times if i swipe quickly enough for the STID to read my FZ but not too long it doesn’t get stuck so idk if it’s something about the reader sending something /after/ recognizing the card that makes the FZ freeze

i can provide pics of the card reader or my nfc file if it can help

jmr · June 10, 2023, 1:32am

I can’t say why your Flipper crashes but have you tried emulating a different capture from a different card? There may be something strange in your capture that causes the crash. If your Flipper doesn’t crash with other captures and your work only uses UID you could potentially modify your own capture. In a text editor zero out the extra information after the UID or replace the data with data from a donor card.

mojitopop · June 10, 2023, 1:14pm

I actually did try several different captured cards and i also tried to edit the nfc file to manually edit the uid of a card with higher priviledge ( I’m handling the database w all employee’s currents work passes) still same issue

filetype: fz nfc device
version: 3

Nfc device type can be UID, Mifare Ultralight, Mifare Classic, Bank card

Device type: Mifare DESFire

UID, ATQA and SAK are common for all formats

UID: 04 5F 3E 0A 29 6F 80
ATQA: 03 44
SAK: 20

Mifare DESFire specific data

PICC Version: 04 01 01 12 00 1A 05 04 01 01 02 01 1A 05 04 5F 3E 0A 29 6F 80 CF 0E 56 45 30 28 20
PICC Free Memory: 8192
PICC Change Key ID: 00
PICC Config Changeable: true
PICC Free Create Delete: true
PICC Free Directory List: true
PICC Key Changeable: true
PICC Max Keys: 01
PICC Key 0 Version: 00
Application Count: 0

here’s the content of the nfc btw knowing that the readers only check uid idk if i could get rid of all the mifare specific data part

maqumih · June 10, 2023, 6:46pm

NFC -> Other Actions -> Read specific card type -> Read NFC-A data allows you to get UID only without MIFARE data.

jmr · June 11, 2023, 10:32pm

Please let us know how this goes. I’m curious if the solution in the above post works. It might also be interesting to try with older firmware versions if you haven’t tried that. Sometimes bugs are introduced in newer versions.

mojitopop · June 12, 2023, 8:05am

weird i tried read n save as nfc-A card still freeze

can’t try other fw my internal battery is full n i can’t install qflipper on my work pc

maqumih · June 12, 2023, 6:36pm

Turn debug on, start emulation, touch the reader, reboot the Flipper, turn debug off, get a file at nfc/debug.txt.
Hopefully, the file will contain the request that causes hang. I’ll then try to reproduce it on my Flipper to make a better bug report.

Looks like you are not the only one with DESFire problems: NFC Emulation Mifare Worked but now Doesnt - #7 by littleBird.
Symptoms are different, though.

mojitopop · June 12, 2023, 7:56pm

that’s nice of u i’ll try n lyk tomorrow

jmr · June 13, 2023, 1:38am

There are several way to update firmware.

Android/IOS App
Chrome Web browser https://lab.flipper.net/
qFlipper App
Load directly from SD card. Explore the “/updates” folder by Down then left from the main menu.