Thursday, June 9, 2011

Reading Chase Visa PayPass Credit Cards

On occasion I use a VivoPay 3500 for reading RFID enabled cards, usually for demos. Well, recently, the VivoPay went missing and I was looking for something to read the data from a Chase Visa PayPass/Blink card. There is ChAP.py from RFIDIOt (http://rfidiot.org/) but it stumbled reading the Chase card. So I took ChAP.py and slimmed it down to work specifically with the Chase card. The one think I noticed is that i cant seem to identify the Expiration date.

Nonetheless here it is, at the moment it can pull name and card number (thanks goes to samy from the proxmark forums for the query command).

Usage:

./ChasePayPassBlink.py -h

ChasePayPassBlink.py
usage:

 ChasePayPassBlink.py [options]

By Brad A. - Completely stripped down version of ChAP.py
             from rfidiot.org

Options:

        -d              Debug - Show PC/SC APDU data
        -h              Print detailed help message
        -r              Raw output - do not interpret EMV data
        -v              Verbose on
        -u              UnHide CC info
        -m              Minimal Info (just CC)




Source:



root@bt:/work# cat ChasePayPassBlink.py
#! /usr/bin/env python
"""
This is a modified ChAP.py from RFIDIOt
-Brad Antoniewicz

Script that tries to select the EMV Payment Systems Directory on all inserted cards.

Original Copyright 2008 RFIDIOt
Author: Adam Laurie, mailto:adam@algroup.co.uk
        http://rfidiot.org/ChAP.py
"""

from smartcard.CardType import AnyCardType
from smartcard.CardRequest import CardRequest
from smartcard.CardConnection import CardConnection
from smartcard.CardConnectionObserver import ConsoleCardConnectionObserver
from smartcard.Exceptions import CardRequestTimeoutException
from smartcard.Exceptions import CardConnectionException

import getopt
import sys
import string
import binascii
from operator import *
import time
# default global options
TryCommand= False
Debug= False
Protocol= CardConnection.T0_protocol
Verbose= False
HideCC= True
MinInfo= False
AID = [0xa0,0x00,0x00,0x00,0x03]

# define the apdus used in this script
GET_RESPONSE = [0x00, 0xC0, 0x00, 0x00 ]
SELECT = [0x00, 0xA4, 0x04, 0x00]
CMD = [0x00, 0xB2, 0x01, 0x0C, 0x00]

# define SW1 return values
SW1_RESPONSE_BYTES= 0x61
SW1_WRONG_LENGTH= 0x6c
SW12_OK= [0x90,0x00]
SW12_NOT_SUPORTED= [0x6a,0x81]
SW12_NOT_FOUND= [0x6a,0x82]
SW12_COND_NOT_SAT= [0x69,0x85]          # conditions of use not satisfied

def printhelp():
        print '\nChasePayPassBlink.py'
        print 'usage:\n\n ChasePayPassBlink.py [options]'
        print
        print 'By Brad A. - Completely stripped down version of ChAP.py'
        print '             from rfidiot.org'
        print '\nOptions:\n'
        print '\t-d\t\tDebug - Show PC/SC APDU data'
        print '\t-h\t\tPrint detailed help message'
        print '\t-r\t\tRaw output - do not interpret EMV data'
        print '\t-v\t\tVerbose on'
        print '\t-u\t\tUnHide CC info'
        print '\t-m\t\tMinimal Info (just CC)'
        print


def hexprint(data):
        index= 0

        while index < len(data):
                print '%02x' % data[index],
                index += 1
        print


def textprint(data):
        index= 0
        out= ''

        while index < len(data):
                if data[index] >= 0x20 and data[index] < 0x7f:
                        out += chr(data[index])
                else:
                        out += '.'
                index += 1
        print out

def try_cmd(cardservice):
        le= 0x00
        apdu = CMD
        response, sw1, sw2 = send_apdu(cardservice,apdu)
        if response:
                if Verbose:
                        print '\t[VERBOSE] Got Response!'
                return response
        else:
                print '\t[ERROR] No Response'
                return False, 0, ''


def parse_ccdata(response2):
        OFFSET_HDR= 3
        OFFSET_CC= 4
        OFFSET_NAMEFIELD= 23
        OFFSET_NAMELEN= 26
        print "Response:"
        if not MinInfo:
                print "\tHeader: ",
                index=0
                while index <= len(response2[:OFFSET_HDR]):
                        print '%02x' % response2[index],
                        print "(%d)" % response2[index],
                        index += 1
                print

        print "\tCard Number: ",
        index=0
        ccnum=""
        count=0
        while index < len(response2[OFFSET_CC:OFFSET_CC + 8]):
                if HideCC:
                        if count<6:
                                ccnum += '**'
                        else:
                                ccnum += '%02x' % response2[OFFSET_CC + index]
                else:
                        ccnum += '%02x' % response2[OFFSET_CC + index]
                index +=1
                count +=1
        print ccnum

        if not MinInfo:
                print "\tStuff: ",
                index=0
                while index < len(response2[OFFSET_CC + 8:OFFSET_NAMEFIELD]):
                        print '%02x' % response2[OFFSET_CC + 8 + index],
                        print '(%d)' % response2[OFFSET_CC + 8 + index],
                        index +=1
                print

        if response2[OFFSET_NAMEFIELD] == 0x5f and response2[OFFSET_NAMEFIELD + 1] == 0x20:
                if Verbose:
                        print "\tName Field Code Found!: %02x" % response2[OFFSET_NAMEFIELD],
                        print "%02x" % response2[OFFSET_NAMEFIELD + 1]
        else:
                print "\t[WARNING]Could not find Name Field Code!! Something might not be good"


        length = '%d' % response2[OFFSET_NAMEFIELD + 2]
        if Verbose:
                print "\t[VERBOSE] Length:",length,"(",int(length),") %02x" % response2[OFFSET_NAMEFIELD + 2]

        print "\tName:",
        textprint(response2[OFFSET_NAMEFIELD+3:OFFSET_NAMEFIELD+3+int(length)])
        if Verbose:
                print "\t[VERBOSE] Name (Hex):",
                index=0
                while index < len(response2[OFFSET_NAMEFIELD+3:OFFSET_NAMEFIELD+3+int(length)]):
                        print '%02x' % response2[OFFSET_NAMEFIELD + 3 + index],
                        print '(%s)' % chr(response2[OFFSET_NAMEFIELD + 3 + index]),
                        index +=1
                print

        if not MinInfo:
                print "\tThe Rest: ",
                index=0
                while index < len(response2[OFFSET_NAMEFIELD + 3 + int(length):]):
                        print '%02x' % response2[OFFSET_NAMEFIELD + 3 + int(length) + index],
                        print '(%d)' % response2[OFFSET_NAMEFIELD + 3 + int(length) + index],
                        index += 1
                print


def check_return(sw1,sw2):
        if [sw1,sw2] == SW12_OK:
                return True
        return False

def send_apdu(cardservice,apdu):
        # send apdu and get additional data if required
        response, sw1, sw2 = cardservice.connection.transmit( apdu, Protocol )
        if sw1 == SW1_WRONG_LENGTH:
                # command used wrong length. retry with correct length.
                apdu= apdu[:len(apdu) - 1] + [sw2]
                return send_apdu(apdu)
        if sw1 == SW1_RESPONSE_BYTES:
                # response bytes available.
                apdu = GET_RESPONSE + [sw2]
                response, sw1, sw2 = cardservice.connection.transmit( apdu, Protocol )
        return response, sw1, sw2

def select_aid(cardservice,aid):
        # select an AID and return True/False plus additional data
        apdu = SELECT + [len(aid)] + aid + [0x00]
        #apdu = SELECT
        response, sw1, sw2= send_apdu(cardservice,apdu)
        if check_return(sw1,sw2):
                return True, response, sw1, sw2
        else:
                return False, [], sw1,sw2
def waitforcard():
        while(1):
                # request any card type
                cardtype = AnyCardType()
                # request card insertion
                print 'Waiting for a Card to enter the reader\'s field...'
                # cardrequest = CardRequest( timeout=10, cardType=cardtype )
                cardrequest = CardRequest(timeout=None, cardType=cardtype )
                cardservice = cardrequest.waitforcard()

                # attach the console tracer
                if Debug:
                        observer=ConsoleCardConnectionObserver()
                        cardservice.connection.addObserver( observer )

                # connect to the card
                cardservice.connection.connect(Protocol)


                print 'Connecting with AID:  ',
                hexprint(AID)
                selected, response, sw1, sw2= select_aid(cardservice,AID)
                if selected:
                        print "\tSuccess!"
                        print "Response: \n\t",
                        textprint(response)

                        if Verbose:
                                print "\t[VERBOSE]: ",
                                hexprint(response)
                        if not MinInfo:
                                print '\nRequesting Track Info: \n\t',
                                hexprint(CMD)
                        response2 = try_cmd(cardservice)
                        if Verbose:
                                print "\t[VERBOSE]: ",
                                hexprint(response2)
                                print "\t[VERBOSE]: ",
                                textprint(response2)
                        parse_ccdata(response2)


# main loop

try:
        # 'args' will be set to remaining arguments (if any)
        opts, args  = getopt.getopt(sys.argv[1:],'dtvum')
        for o, a in opts:
                if o == '-d':
                        Debug= True
                if o == '-t':
                        Protocol= CardConnection.T1_protocol
                if o == '-v':
                        Verbose= True
                if o == '-u':
                        HideCC= False
                if o == '-m':
                        MinInfo= True

except getopt.GetoptError:
        # -h will cause an exception as it doesn't exist!
        printhelp()
        sys.exit(True)


try:
        waitforcard()
except CardConnectionException:
        print 'Wait what happened? Did you remove the card from the field?'
        time.sleep(2)
        waitforcard()

except KeyboardInterrupt:
        print 'Quiting'

76 comments:

  1. Hey, I'm trying to use your chasepaypassblink.py by typing python chasepaypassblink.py and I get this error

    Fourlakes:~ marius$ python ./ChasePayPassBlink.py -h
    Traceback (most recent call last):
    File "./ChasePayPassBlink.py", line 12, in
    from smartcard.CardType import AnyCardType
    ImportError: No module named smartcard.CardType

    any help would be grate. Thanks

    ReplyDelete
  2. Awe-inspiring blogs, I love reading your articles.
    free-credit-report.net

    ReplyDelete
  3. The information you have given in the blog really marvelous and more interesting. www.creditrepair.com

    ReplyDelete
  4. This info you provided in the blog that was really unique I love it!!! advanced loans

    ReplyDelete
  5. This is actually a fantastic blogs! More of these details are superb -it is nice to see one that current.

    payday loans online

    ReplyDelete
  6. credit repair companiesIt's been good to see your blog when I always look for such type of blogs. It’s great to discover the post here.

    ReplyDelete
  7. Highly vigorous blog, I liked that much.
    payday advance

    ReplyDelete
  8. Great blog post! I don’t understand how long it will require me to obtain through all of them!
    cashin

    ReplyDelete
  9. Amiable articles and the blogs really helped me a lot, thanks for the valuable information.
    credit repair services

    ReplyDelete
  10. Amiable articles and the blogs really helped me a lot, thanks for the valuable information.
    Bill Poulos options income engine

    ReplyDelete
  11. cheap payday loansAwesome! Immense information there.

    ReplyDelete
  12. I’m trampled by your contents carry on the wonderful work. 3 credit scores

    ReplyDelete
  13. I have really inspired from your blog post, I truly never got this type of informative things which I got from there. monument capital group

    ReplyDelete
  14. The information you have shared with us is really so great, nice effort!! free credit reports from all 3 bureaus

    ReplyDelete
  15. Hey buddy, you have done the fantastic job, your post is genuinely amazing. Monument Capital Group

    ReplyDelete
  16. You have discusses incredible points that sounds good, keep up the great work. professional networking

    ReplyDelete
  17. Keep on great working!! I didn’t expect that I will get such great thing from here. build business credit

    ReplyDelete
  18. Sure this is quite wonderful! That’s why this gives the enhanced quality of information. payday advance garden grove blvd

    ReplyDelete
  19. Nice to read this article will be very helpful in the future, share more info with us. Good job! building business credit fast

    ReplyDelete
  20. I wanted to learn something different and this blog is really like my all needs. consumer change

    ReplyDelete
  21. I just wanted to say you that your blog is highly energetic, I love that! Thanks payday loans

    ReplyDelete
  22. I frequently don’t respond to the posts but I have been dotty of your blog, it has compelled me to do this. personal loans

    ReplyDelete
  23. I know this website is perfect for everyone because it is quite beneficial information. start up business loans

    ReplyDelete
  24. What a nice information you have kept in your blog. The work is grateful. Self Employed Health Insurance

    ReplyDelete
  25. As a newcomer, I search for all time online for great posts and articles that will help me. So thank you for this awesome site.
    weblink

    ReplyDelete
  26. Thanks a lot guys you have helped me wonderfully by providing the great information... top credit repair companies

    ReplyDelete
  27. It’s an outstanding blog to help new comers I am also getting benefit from it, thanks vendors to build business credit

    ReplyDelete
  28. Thanks for the tips. i really got some good points form the post. its really nice. i am using credit card and its from Alliance Bankcard . and i think its good for me. thanks

    ReplyDelete
  29. These are actually wonderful some ideas in the blog. You have touched good quality points here. In whatever way continue writing. Allach Porcelain

    ReplyDelete
  30. Wonderful illustrated information. I thank you about that. No doubt it will be very useful for my future projects. Would like to see some other posts on the same subject!
    free credit report gov

    ReplyDelete
  31. oro gold
    School was designed to help answer your skin care questions.One thing we are really excited to introduce it OROpedia...
    the OROGOLD Encyclopedia. Not only will it include a comprehensive list of OROGOLD ingredient but we will keep you updated on the latest scientific updates in the
    skin care and cosmetics industry.

    ReplyDelete
  32. I am glad to see such amazing things at one place, how did you do this? I am still surprised.
    credit repair services

    ReplyDelete
  33. Hi, I just desired to give you quick thumbs up on your work, really fantastic blog!
    quick cash loans

    ReplyDelete
  34. Excellent post! I had been fed up for a long time searching lots of sites, but now I have come on the right place. Thanks
    payday loans

    ReplyDelete
  35. For a long time me & my friend were searching for informative blogs, but now I am on the right place guys, you have made a room in my heart! insurance rates

    ReplyDelete
  36. Each time I used to always check blog posts within the first hours in the break of day, because I like to get information increasingly more.online payday

    ReplyDelete
  37. Hey very nice blog!! Man you have done the Amazing efforts to make this blog... I will surely bookmark your blog. car insurance rates

    ReplyDelete
  38. If you should be opting for finest contents like me, just visit this blog site daily because it provides the feature contents, thanks.life insurance quotes

    ReplyDelete
  39. An unbelievable blog. This blog will indisputably be definitely recommended to my friends as well.generators 2016

    ReplyDelete
  40. This is my destiny to visit this site and got the necessary details here that are also in quality. cash advance

    ReplyDelete
  41. Bundles of thanks for providing such an awesome information, I have been a die heart fan of yours!! direct payday loan

    ReplyDelete
  42. Of course, what a superb site with wonderful posts, enlightening issues has been discussed I like it. payday direct lenders

    ReplyDelete
  43. I conclude I have selected the smart and inconceivable website along with interesting stuff.best convertible life insurance

    ReplyDelete
  44. Your blog is really one amongst my most favorite blogs, it’s so creative. payday loans

    ReplyDelete
  45. I think this is a charming issue, I expect you would surely post on it again sometime near the future. Thanks guys!MacFarlane Curry

    ReplyDelete
  46. The information you have given in the blog really marvelous and more interesting. whole life insurance

    ReplyDelete
  47. Very informative article which is about the solicitar cartão de crédito and i must bookmark it, keep posting interesting articles.



    solicitar cartão de crédito

    ReplyDelete
  48. A very awesome blog post. We are really grateful for your blog post. You will find a lot of approaches after visiting your post.
    Credit Card Application
    Credit Card Payment
    walmart credit card application
    Apply for Sears Credit Card
    Chase Credit Card Payment


    ReplyDelete
  49. Hi Friends ! Welcome to an Amazing Free Platform. Are you locking for best Visa Virtual Credit card? If i am right then don't worry you have found an right place.
    Best Credit Card For Online Shopping click here
    we Recomind you best visa virtual credit name is CashMaal Visa Virtual Card. You Can Use this Card for.
    Online Shopping from Internet (Only Visa Card Accepted Websites)
    Use PayPal Account Verification
    Use for Skrill Account Verification
    Use for Perfect Money Verification
    Use for PayZa Verification
    Use for Facebook, Google, Twitter , bing Advertising
    Get any Mobile Number Owner Details Within One Click Download This Amazing App

    How To Get CashMaal Visa Virtual Credit Card?

    Simple Follow These Some Steps:
    Click Below Join Now Button and Join CashMaal (A Virtual Bank)
    After Registeration and Verification of CashMaal Account.
    Generate your Cashmaal Account Secret 5 Digits Pin Code.
    Deposit Some Dollars For Card Activation (Minimum 13 $)($10 Card Fee and $3 Card Balance. You Can Withdraw this Balance any Time )
    Now go To Visa Virtual Card Tab Click on Create New Card.
    type any amount for card balance give your Secret Pin Code and Click on Create Card! Button.
    you will See a message "Success your Card Activation Request Recevied you Card will Active within 1-3 days".
    Wait for Activation..... after activation you can use this card .

    ReplyDelete

  50. There are very simple ways to verify your chase credit card and if you are looking for chase.com/verifycard
    this means you want activation and verification of your chase credit card

    Chase Credit Card Verification

    Chase.com/Verifycard Chase Credit Card Verification

    ReplyDelete



  51. Sears Credit Card Account Login! Again, for I know. Ready to share new things that are useful. You and your friends.

    sears credit card customer service

    ReplyDelete

  52. Pay attention here, in order to get aware of Capital One Activation or Capital One Credit Card Activation. Fresh Capital One cardholders can collect all the information that they are looking for Capital One Card Activation. capital one credit card activation, capital one activate your card, activate credit card, apital one customer service

    ReplyDelete
  53. Your blog provided us with valuable information to work with. Each & every tips of your post are awesome. Thanks a lot for sharing. Keep blogging, Credit cards details for sale

    ReplyDelete
  54. Amazing website. Great information provided. Learned a lot. Thank you
    getmyoffers capital one

    ReplyDelete
  55. Very useful post. This is my first time i visit here. I found so many interesting stuff in your blog especially its discussion. Really its great article. Keep it up. false Belgium id passport

    ReplyDelete
  56. Thanks a lot we are using that code on my website plano celular

    ReplyDelete
  57. For my credit card company we try to use this as well. I saw many options there cartao

    ReplyDelete
  58. Mexico there is a great website for finance Tarjeta de credito

    ReplyDelete
  59. I have read your whole blog you have mentioned points deeply.
    platinumoffers

    ReplyDelete
  60. At GetDailyUpdate.com, getupdatedaily We share all the trending things happening in the world, news, tech, business, lifestyle, crypto kind of topics here.

    ReplyDelete
  61. This article are supper help full if you want to now more about How To Activate Zipcard then please click here:

    ReplyDelete
  62. This article are supper help full if you want to now more about SEO services for small businessthen please click here:

    ReplyDelete
  63. This article are supper help full if you want to now more about zipcar.com/activate then please click here:

    ReplyDelete
  64. This article are supper help full if you want to know more about Astrologer in London then please click here.

    ReplyDelete
  65. This article are supper help full if you want to know more about Best Astrologer in london then please click here.

    ReplyDelete
  66. This article are supper help full if you want to know more about Astrologer in Melbourne then please click here.

    ReplyDelete
  67. Wells Fargo Activate Card: Customers can activate Wells Fargo credit card
    online via the bank’s website

    ReplyDelete