{% hint style="success" %}
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
For info about RFID and NFC check the following page:
{% content-ref url="../pentesting-rfid.md" %} pentesting-rfid.md {% endcontent-ref %}
{% hint style="danger" %} Apart from NFC cards Flipper Zero supports other type of High-frequency cards such as several Mifare Classic and Ultralight and NTAG. {% endhint %}
New types of NFC cards will be added to the list of supported cards. Flipper Zero supports the following NFC cards type A (ISO 14443A):
- Bank cards (EMV) — only read UID, SAK, and ATQA without saving.
- Unknown cards — read (UID, SAK, ATQA) and emulate an UID.
For NFC cards type B, type F, and type V, Flipper Zero is able to read an UID without saving it.
Flipper Zero can only read an UID, SAK, ATQA, and stored data on bank cards without saving.
Bank card reading screenFor bank cards, Flipper Zero can only read data without saving and emulating it.
When Flipper Zero is unable to determine NFC card's type, then only an UID, SAK, and ATQA can be read and saved.
Unknown card reading screenFor unknown NFC cards, Flipper Zero can emulate only an UID.
For NFC cards types B, F, and V, Flipper Zero can only read and display an UID without saving it.
For an intro about NFC read this page.
Flipper Zero can read NFC cards, however, it doesn't understand all the protocols that are based on ISO 14443. However, since UID is a low-level attribute, you might find yourself in a situation when UID is already read, but the high-level data transfer protocol is still unknown. You can read, emulate and manually input UID using Flipper for the primitive readers that use UID for authorization.
In Flipper, reading 13.56 MHz tags can be divided into two parts:
- Low-level read — reads only the UID, SAK, and ATQA. Flipper tries to guess the high-level protocol based on this data read from the card. You can't be 100% certain with this, as it is just an assumption based on certain factors.
- High-level read — reads the data from the card's memory using a specific high-level protocol. That would be reading the data on a Mifare Ultralight, reading the sectors from a Mifare Classic, or reading the card's attributes from PayPass/Apple Pay.
In case Flipper Zero isn't capable of finding the type of card from the low level data, in Extra Actions
you can select Read Specific Card Type
and manually indicate the type of card you would like to read.
Apart from simply reading the UID, you can extract a lot more data from a bank card. It's possible to get the full card number (the 16 digits on the front of the card), validity date, and in some cases even the owner's name along with a list of the most recent transactions.
However, you can't read the CVV this way (the 3 digits on the back of the card). Also bank cards are protected from replay attacks, so copying it with Flipper and then trying to emulate it to pay for something won't work.
{% hint style="success" %}
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.