Relaying a contact-based smart card with pcsc-relay NOT working NEED help

[0dayfrp]

Expected behavior.

Hello and Congrats for your hard work and dedication!!! (JUST SETTING UP THIS ALLREADY EXOSTED ME LOL)

When I hold phone to reader communication should start and exchange of apdu's should show on phone .

Actual behavior

ubuntu-22.04.3-desktop-amd64 on VBox everything installed and working.

In PC: ubuntu OMNIKEY 3121 working and detected.
In phone: Smart Card Emulator in S4 mini CM12.1 fail to read (reader: EMV Analytic Tool). Build in simulator is working.
Smart Card Reader in S4 mini CM12.1 connect but nothing happens. (I tested just to see if phone and pc are on the same network.)
Does the phone need to be rooted/magisk/exposed to work?
What phone is best used for this purpose?

Steps to reproduce

1. install ubuntu-22.04.3-desktop-amd64 on VBox and vsmartcard
2. start pcscd -f -d and pcsc-relay --emulator=vpcd and connect to phone
   3.no exchange happens

###Logs

https://gist.github.com/0dayfrp/7a21088b8fc85483003b3ded9807dc1d)

[frankmorgner]

could you elaborate on what you're tryping to do? what should be relayed where, what application should be able to use what card?

[0dayfrp]

Thanks for quick answer, I'm trying to relay a contact emv card to a contactless reader ,I have used EMV Analytic Tool ( https://apkcombo.com/emv-analytic-tool/cz.pb.emv.analytic_tool/ )as a contactless reader to simulates a PoS which will send APDU commands.
I found that it was possible to extract Chip data with NFC technology. It is possible because both technologies shared the same application layer(APDU).

This means that the EMV Chip Card does not need to have built-in NFC technology to be read it using NFC commands, which makes it quite interesting for research.

[frankmorgner]

Thanks for the explanation, I am aware of the protocol stack, but haven't tested EMV.

If I remember correctly, then this should work using the smart card emulator on the phone. There, you need to configure the remote virtual smart card instead of the built-in java card simulator. This explains, why you are connecting to a vicc, instead of using vpcd. Additionally, you want to use the "reversed" mode, where the card is waiting for an incoming connection. The latter is currently not possible with pcsc-relay (I believe), instead you should use vicc --reversed --type=relay. Now, vicc should wait for your app to connect, which will happen once you hold the phone near to the pos terminal simulator.

[0dayfrp]

Hello and thanks again for your time. I have tried vicc --reversed --type=relay but could not get it to work instead I've switched to libnfc and after few attempts this is my results. This are 2 different PoS simulators,


Is this normal is this limitation(soft/hard) or is just code error.

[0dayfrp]

@frankmorgner Any advice on what should I do next ? ( it keep me awake at night not knowing LOL :-) ). Thanks

[frankmorgner]

I pushed a new commit, which makes the error handling a little more relaxed by allowing no-ops (780cc7c), which may avoid the allocation error. However, I'm not sure what is going wrong inside libnfc.

Unfortunately, I cannot make any promises when/if I can reproduce any of the relay examples soon.