- Joined
- Nov 26, 2020
- Messages
- 716
CardPeek is a tool for reading the contents of ISO7816 smart cards. It has a graphical interface for representing map data as a tree and is extensible with the scripting language (LUA). The goal of this project is to provide smart card holders with a better way to know what personal information is stored on these devices. Currently, the tool reads the contents of: EMV bank cards, Calypso public transport cards (such as Navigo, RavKav and Mobib), Belgian eID cards, GSM SIM cards, Vitale 2 French health card, some Mifare cards and Moneo e-wallet. postcards.
CardPeekis a cross-platform open source program designed to read information from the memory of contact and contactless smart cards. Supports Windows, Linux and MacOS (OSX) operating systems. Unlike many free (and free) utilities for working with smart cards, it has a graphical interface. Also, the program supports the LUA scripting language : by default there are scripts for reading the most common chips. Today (version 0.8.4)
CardPeek is able to read and display content in a convenient form:
What CardPeek can't do :
Usage
The interface of the program is very simple, but there is a small nuisance: at the first start, a window for selecting a reader will appear, a window for updating available scripts and a list of known smart cards. Unfortunately, the update mechanism does not work. The developer has not updated the program for a long time, therefore, the list of known smart cards is hopelessly outdated. A current list can be downloaded from the link and save it as a text file named " smartcard_list.txt " (without the quotes) in the folder with the scripts: the C: \ users \ <your user name> \ cardpeek \ scripts directory \ etc. . Please note: on subsequent launches, you should refuse to update the scripts, otherwise CardPeek will download the outdated version of the list again. ] Reader selection window.
There are three tabs in the main window of the program: Card View (View the card. This is the main tab.), Reader (connect / disconnect the reader manually) and Logs (view events). All the functionality of the program is located in the Card View tab . The second and third tabs are rather diagnostic, under normal conditions they are unlikely to be useful.
Before starting work, connect the reader to your PC and install the necessary drivers.
Launch CardPeek, select a reader, insert a card and click on the Analyzer icon . Drop-down menu. Select the script you want to run from the drop-down menu. If you have your own script, you can open it by selecting
Load a script ; if the required script is not available, press atr .
ATR - A nswer T o R eset is the card's response to the discard procedure. CardPeek has a built-in database of such answers and tries to identify the type of card from it. This can be useful, for example, to further search for information about the chip or the operating system of the card. Script loading window. At the end of the script, CardPeek will display all the information received in the form of a tree structure. This information can be saved to an XML file by clicking the Save button. The result of reading the fuel map Shell by the atr script.
Please note: the ATR sequence is not unique, so the accuracy of the card type determination is not guaranteed. In the example above, CardPeek was able to correctly identify the Shell Fuel Card Chip Model (Gemplus GemClub Memo), but was unable to identify the organization. This happens because different organizations use the same chips and a bunch of [ATR = value Organization] program takes from open sources such as these . The result of reading Carte Jeunes by the atr. The result of reading is displayed in the form of a table of three columns: Items (what data was received), Size (the size of this data in bytes) and Raw Value / Interpeted Value
(the data itself is in its original or readable form. You can switch the view by clicking on the column name). Different data will be available depending on the script used. ] Interpreted result of reading a bank card by the EMV script. ... and it is in its original form (HEX).
Problems
Sometimes, when trying to execute a script, an error appears in the status bar ERROR backtrace: called at [string "<script name> .lua"] :
This happens the first time you try to read a card since starting Cardpeek. To solve this problem, Select ATR from the drop-down menu and after receiving the results, run the script you need again.
Another unpleasant problem: if the reader was disconnected from the PC while Cardpeek was running, the program will not be able to reconnect with it. The list of available readers appears only at the start, so to continue working, you will have to restart the program.
That, in fact, is all.
You can download the compiled version of the program from the official website of the developer orhere . The source code is available in the GitHub repository .
A reference guide for using the program in English with illustrations can be found in the attachment.
CardPeekis a cross-platform open source program designed to read information from the memory of contact and contactless smart cards. Supports Windows, Linux and MacOS (OSX) operating systems. Unlike many free (and free) utilities for working with smart cards, it has a graphical interface. Also, the program supports the LUA scripting language : by default there are scripts for reading the most common chips. Today (version 0.8.4)
CardPeek is able to read and display content in a convenient form:
- EMV - most modern bank cards with a chip. The program supports PayPass and PayWave, so reading can be done with any reader (contact / contactless). Supports contactless MIR cards.
- Biometric Passports - Electronic passports with contactless smart cards.
- Belgian eID - Belgium's electronic identity card.
- Calypso is a standard for transport microprocessor cards, widespread in Belgium, France, Israel, Canada, Italy, Latvia, Portugal, and others. MOBIB, Navigo, RavKav, VIVA cards are supported.
- Tachograph cards - smart cards for recording driver activity. In addition to displaying the contents of the file system, it can also export all available data to a ".ddd" file. Please note: the date and time of the last data export will be saved on the card.
- GSM SIM - most of the SIM cards for cell phones. CardPeek does not support USIM data found in most newer cards, so it cannot be displayed.
- Vitale 2 is a French health insurance policy.
- OpenPGP - smart cards used to encrypt email. Test mode support.
What CardPeek can't do :
- Change the data in the card memory. CardPeek was designed as a reading utility. When reading, in most cases it uses standard ISO 7816 commands. At the same time, to write data, you will not only need to add similar commands for writing, but also implement mechanisms for transferring the card to write mode + authorization for different types of cards. This can be done by modifying the source code, but the standard version does not have such functionality.
- Crack, extract keys, read protected data without keys. The program is not intended for this.
- Work with readers via COM / LPT. CardPeek can only work with PC / SC compatible devices.
Read the contents of synchronous cards (memory cards).Reading uses standard ISO 7816 commands (see above), but synchronous cards do not support them. Also, COM / LPT readers are most often used to read memory cards, but they are not already supported by the program itself.UPD: In fact, it can, if the reader supports translation (translation of commands into a format understandable to the memory card). These readers themselves recognize the type of card and present it to the operating system as a standard smart card.
Usage
The interface of the program is very simple, but there is a small nuisance: at the first start, a window for selecting a reader will appear, a window for updating available scripts and a list of known smart cards. Unfortunately, the update mechanism does not work. The developer has not updated the program for a long time, therefore, the list of known smart cards is hopelessly outdated. A current list can be downloaded from the link and save it as a text file named " smartcard_list.txt " (without the quotes) in the folder with the scripts: the C: \ users \ <your user name> \ cardpeek \ scripts directory \ etc. . Please note: on subsequent launches, you should refuse to update the scripts, otherwise CardPeek will download the outdated version of the list again. ] Reader selection window.
There are three tabs in the main window of the program: Card View (View the card. This is the main tab.), Reader (connect / disconnect the reader manually) and Logs (view events). All the functionality of the program is located in the Card View tab . The second and third tabs are rather diagnostic, under normal conditions they are unlikely to be useful.
Before starting work, connect the reader to your PC and install the necessary drivers.
Launch CardPeek, select a reader, insert a card and click on the Analyzer icon . Drop-down menu. Select the script you want to run from the drop-down menu. If you have your own script, you can open it by selecting
Load a script ; if the required script is not available, press atr .
ATR - A nswer T o R eset is the card's response to the discard procedure. CardPeek has a built-in database of such answers and tries to identify the type of card from it. This can be useful, for example, to further search for information about the chip or the operating system of the card. Script loading window. At the end of the script, CardPeek will display all the information received in the form of a tree structure. This information can be saved to an XML file by clicking the Save button. The result of reading the fuel map Shell by the atr script.
Please note: the ATR sequence is not unique, so the accuracy of the card type determination is not guaranteed. In the example above, CardPeek was able to correctly identify the Shell Fuel Card Chip Model (Gemplus GemClub Memo), but was unable to identify the organization. This happens because different organizations use the same chips and a bunch of [ATR = value Organization] program takes from open sources such as these . The result of reading Carte Jeunes by the atr. The result of reading is displayed in the form of a table of three columns: Items (what data was received), Size (the size of this data in bytes) and Raw Value / Interpeted Value
(the data itself is in its original or readable form. You can switch the view by clicking on the column name). Different data will be available depending on the script used. ] Interpreted result of reading a bank card by the EMV script. ... and it is in its original form (HEX).
Problems
Sometimes, when trying to execute a script, an error appears in the status bar ERROR backtrace: called at [string "<script name> .lua"] :
This happens the first time you try to read a card since starting Cardpeek. To solve this problem, Select ATR from the drop-down menu and after receiving the results, run the script you need again.
Another unpleasant problem: if the reader was disconnected from the PC while Cardpeek was running, the program will not be able to reconnect with it. The list of available readers appears only at the start, so to continue working, you will have to restart the program.
That, in fact, is all.
You can download the compiled version of the program from the official website of the developer orhere . The source code is available in the GitHub repository .
A reference guide for using the program in English with illustrations can be found in the attachment.