• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

OV-Chipkaart

Search This thread

timmiej93

Senior Member
Aug 12, 2011
72
1
Hello people,
So I recently was playing around with some NFC apps, and I found out my OV-Chipkaart (Dutch public transit card) was read by my phone. Unfortunately I got a lot of numbers and stuff I didn't understand. Does anybody know more about this?
 

PieP

Member
Jul 9, 2009
17
5
The card is encrypted. If you get the key (there are a couple of articles on the internet which tell you how to get it), you should be able to read the entire card. Without the key you can only see the expiration date.
I saw it was possible to add your own MIFARE key in the TagInfo app. The only thing you need to get this key is an RFID-reader for your PC and some processing power (and the appropriate software).
 
  • Like
Reactions: killerskincanoe

htcsnap93

Senior Member
Nov 14, 2010
844
191
My acces card for school does the same. Found this out because everytime i put my phone kn my wallet it made a sound.

Sent from my GT-I9300 using xda premium
 

buraki

New member
Nov 16, 2010
4
0
UID

Each contactless chip (incuding the Mifare you have) has a unique id which is accessible to any contactless reader, in this case you phone. Unique id enables the reader to overcome collision for reading one chip at a time. This is is probably used as the id of your card by the system it is being used.

My acces card for school does the same. Found this out because everytime i put my phone kn my wallet it made a sound.

Sent from my GT-I9300 using xda premium
 

ahvipardik

Senior Member
Aug 3, 2012
423
77
I also recently checked my bus-card and the phone could read some of the info in the card, so i was wondering if it is possible to clone the info in the card to some other nfc tag, which would be cool, and also if i use the phone as rifid reader, mentioned above, connected to pc with usb then theoretically it would be possible to reprogram the card...?
And also another question, is it possible for the phone to send out same info which is on the card so i could use phone instead of bus-card at the bus?
EDIT: I read previous topics and realized that this is impossible.
 
Last edited:

Factionwars

Member
Jul 1, 2009
37
4
The ov-chipkaart part is now available and working in the source of github/wandcode/farebot. I have tried and confirmed that this is working. You will need to crack the MiFare classic keys first, this is only possible on a ov-chipkaart by NXP-semiconductors (so not the Infineon version)
 

leto78

Member
Nov 22, 2011
26
3
I don't have a RFID card reader... Is it possible to dump the chipkaart keys with the Samsung Nexus and then crack the keys with the PC?
 
  • Like
Reactions: meessenroy

Factionwars

Member
Jul 1, 2009
37
4
I don't have a RFID card reader... Is it possible to dump the chipkaart keys with the Samsung Nexus and then crack the keys with the PC?

No that's where the power of chip-cards come in play. There are no keys on it who a external device will receive and decipher. A Mifare Classic card has a built-in authentication system which you will have to pass to read/write onto the card.

The only possible way i could think of is to take the known key from the card, generate a dictionary on a computer and then bruteforce with a phone. But i think that would be more time/hassle then buying a 20 dollar NFC reader.
 

leto78

Member
Nov 22, 2011
26
3
The only possible way i could think of is to take the known key from the card, generate a dictionary on a computer and then bruteforce with a phone. But i think that would be more time/hassle then buying a 20 dollar NFC reader.

All the Mifare card readers I could find cost at least 40 euros... Do you recommend any cheap ones?
 

Factionwars

Member
Jul 1, 2009
37
4
All the Mifare card readers I could find cost at least 40 euros... Do you recommend any cheap ones?

Ah you have to take a look around, there are loads of people owning a acr122u(touchatag) who bought them when the ov chipkaart got cracked, prices have been rising i guess. Try second hand ;)
 
Last edited:

Factionwars

Member
Jul 1, 2009
37
4
Anyone heard about the news today? The OV got hacked again.

You guys know any of this?

Here a hidden post on the details http://www.totalov.nl/m/index.php?type=n&n=166
I have been on it all morning, and it seems to be more of a theoretical hack rather than a real PoC. I also still don't understand how you could attach a sticker to a nfc card and the reader will read the sticker instead of the nfc card, it will read both in my logic.
 

wm6.5

Member
Sep 16, 2010
10
0
Amsterdam
Any news or how to's available.

Hi guys any app or news available on how to do this.:eek:
If anyone in holland is willing to help me with a dumpfile of my 0V chip card for a reward, sent me a pm please.:good:
 

dragonwith

Member
Jan 8, 2013
29
0
Here a hidden post on the details http://www.totalov.nl/m/index.php?type=n&n=166
I have been on it all morning, and it seems to be more of a theoretical hack rather than a real PoC. I also still don't understand how you could attach a sticker to a nfc card and the reader will read the sticker instead of the nfc card, it will read both in my logic.

Isnt it kinda obvious that you have a huge sticker on your OV. Like Checkers can just take of the sticker and they can see its fake.
 

Factionwars

Member
Jul 1, 2009
37
4
Isnt it kinda obvious that you have a huge sticker on your OV. Like Checkers can just take of the sticker and they can see its fake.


No Mifare classic stickers can be very small, and then again you can also attach it to the card holder it's in and when you get asked to take it out you just have bad luck. Though i am more interested in the Tech and Security rather then abusing it.
 

DamianSewo

Member
Jun 6, 2013
15
1
Hey guys. I'm willing to help and work together to make this work. I've also noticed that the forum of the last hack, ov-chipkaart.me is down. Does anyone know anything about this?
 

Toxicity123

Member
Jun 3, 2013
7
1
Here a hidden post on the details ---
I have been on it all morning, and it seems to be more of a theoretical hack rather than a real PoC. I also still don't understand how you could attach a sticker to a nfc card and the reader will read the sticker instead of the nfc card, it will read both in my logic.

The sourcecode of Farebot is avalible on github if you didn't already find it.

Since it can already read the data it must not be hard to be able to write it back to a new tag..

If you need any help or a Mifare reader you can contact me.

---------- Post added at 12:42 PM ---------- Previous post was at 12:37 PM ----------

Hey guys. I'm willing to help and work together to make this work. I've also noticed that the forum of the last hack, ov-chipkaart.me is down. Does anyone know anything about this?

Just visit archive (I cant link, since < 10 posts. Google it, 1st link) and use the Way Back Macine. :D
 

Top Liked Posts

  • There are no posts matching your filters.
  • 1
    The card is encrypted. If you get the key (there are a couple of articles on the internet which tell you how to get it), you should be able to read the entire card. Without the key you can only see the expiration date.
    I saw it was possible to add your own MIFARE key in the TagInfo app. The only thing you need to get this key is an RFID-reader for your PC and some processing power (and the appropriate software).
    1
    I don't have a RFID card reader... Is it possible to dump the chipkaart keys with the Samsung Nexus and then crack the keys with the PC?
    1
    The sourcecode of Farebot is avalible on github if you didn't already find it.

    Since it can already read the data it must not be hard to be able to write it back to a new tag..

    If you need any help or a Mifare reader you can contact me.

    ---------- Post added at 12:42 PM ---------- Previous post was at 12:37 PM ----------



    Just visit archive (I cant link, since < 10 posts. Google it, 1st link) and use the Way Back Macine. :D

    http://web.archive.org/web/*/http://ov-chipkaart.me

    That one yeah.

    What is the difference between the source code of Farebot on Git and the one in the Play store? Neither of them have encryption keys and I do not own a Mifare reader :(

    Suddenly alot of OV-kaart hacking activity because of: http://www.nu.nl/tech/3493455/hack-ov-chipkaart-met-sticker-en-app.html ?

    http://tweakers.net/redactieblogs/89527/paniek-is-de-ov-chipkaart-echt-weer-gekraakt.html

    Anyone know a site where I can buy a Mifare Reader?
    1
    I'm trying to get more information about this method for the last couple of hours, but I can't find the specifics. The last hack (of 2010) does not work anymore because when you are checked by a conductor at the end of the day the information of the pda of the conductor goes through the central servers and your (anonymous) ov card is blocked. This new method uses the cheap nfc stickers instead of the old 7,50 anonymous cards. So in theory you can use a new sticker every day (around 1 euro). But the whole issue is the unique code of the card. So the new method needs to be fundamentally different.

    And if you can do it with a android nfc reader you also can use a mifare nfc reader...
    1
    huuf info / ovdumps / getDumps.php

    Put a dot between huuf and info for some sample dumps.


    Put a dot between goo and gl for a lot of information about this hack.