Mifare Cracking

Posted on  by

MFOC is an open source implementation of “offline nested” attack by Nethemba. It allows to recover authentication keys from MIFARE Classic card.

  1. Mifare Cracking System
  2. Mifare Cracking Software

Think of MIFARE as being the most used type of RFID tags. NFC is simply a newer technology to interact with the first two. With that little bit of knowledge, let’s focus on MIFARE. The MIFARE family is split into subcategories which can be briefly describe here: MIFARE Classic 1K/4K: basically just a memory storage device. This memory, either.

MFOC is an open source implementation of 'offline nested' attack by Nethemba. This program allow to recover authentication keys from MIFARE Classic card. Please note MFOC is able to recover keys from target only if it have a known key: default one (hardcoded in MFOC) or custom one (user provided using command line). Cracking an RFID Card The ultimate goal when attacking a Mifare card, or any RFID card, is to achieve read/write access on the contents of the card's memory. From here it would be possible to clone a card, write arbitrary values (such as stored subway credits), and, if. Hackers Find a Way to Crack Popular Smartcard in Minutes. The actual decryption work by the researchers was done on the widely deployed Mifare Classic wireless smartcard, now manufactured. The Proxmark is the tool behind all major RFID Security Research breakthroughs: Mifare Classic Crypto cracking, Mifare PRNG analysis, VingCard exploitation & defeat to name a few.

Project on Github

Build from Source

Usage Help

Example

Have a try

  1. Connect PN532 to Linux, macOS, Windows or Android Devices.

2. Open a terminal and read the card type with the cmd nfc-list.

3. Start to crack keys with the command mfoc -O card.mfd.

3. The keys of Sector 03 is unknown, so the program start to use other known keys to crack the key in sector 03.

4. Then we get the mifare classic dump file – card.mfd.

5. Open dump file vim card.mfd and read as HEX type:%!xxd

Tips

  1. MFOC is useful if it exist known key of one sector.
  2. MFOC is only for recover keys for Mifare Classic type card.
  3. The speed of cracking is depending on the sectors that encrypted.
  4. The mfd file can be used to clone to another card.

Overview

  1. Why?
  2. MIFARE Classic?
  3. MIFARE Ultralight?
  4. Reading and capturing contents of the card
  5. About this manufacturer block (Sector 0 – Block 0)
  6. The UID thing that messes with my head
  7. Writing a 4Byte dump on a different card

Why?

The MIFARE NFC card is used in many environments. I got a trash card, a card that I have to use to open the underground trash bin, that I want to clone. As the replacement costs for a lost / broken card is 10 a clone would be a good investment.

By holding the card in front of the reader, I can open the trashcan, ohw happy days.

In my search for information, I found the following pages interesting:

  • http://www.proxmark.org/forum/viewtopic.php?id=1535
  • http://www.shopnfc.it/en/content/7-nfc-device-compatibility
  • http://publications.icaria.de/mct/releases/2.0/
  • http://www.scnf.org.uk/smartstore/4-7_B_ID_Questions_Answeres_V8.pdf
  • http://cache.nxp.com/documents/data_sheet/MF1S70YYX_V1.pdf?pspll=1
  • https://learn.adafruit.com/adafruit-pn532-rfid-nfc/mifare
  • http://www.nxp.com/documents/data_sheet/MF0ICU1.pdf (Ultralight / 7Byte UID)
  • https://www.kismetwireless.net/code-old/svn/hardware/kisbee-02/firmware/drivers/rf/pn532/helpers/
  • http://stackoverflow.com/questions/21700718/serials-on-nfc-tags-truly-unique-cloneable
  • http://stackoverflow.com/questions/28409934/editing-functionality-of-host-card-emulation-in-android
  • https://store.ryscc.com/products/new-proxmark3-kit

MIFARE Classic?

Some informational dumps:

  • 16 bits CRC per block
  • Anticollision loop
  • 1kB or 4kB of EEPROM
  • CRYPTO1 strem cipher (mjah, closetozerosecurity)
  • Manufacturer / data / value blocks

MIFARE Ultralight?

MiFare Ultralight cards typically contain 512 bits (64 bytes) of memory, including 4 bytes (32-bits) of OTP (One Time Programmable) memory where the individual bits can be written but not erased.

MiFare Ultralight cards have a 7-byte UID that uniquely identifies the card.

Reading and capturing contents of the card

After some investigation I noticed that my Samsung mobile phone has a NFC reader.
I used the https://github.com/ikarus23/MifareClassicTool on my Samsung S6, the the result was a bit disappointing:

After some googling, I found that the hardware chip, used to read NFC tags, was just not on my S6.
But it showed that it was on an old S3, that I had laying around, it just worked like a charm on my Samsung Galaxy S3 with Android 6:

On a Samsung S3

In order to read the contents of the card, the MIFARE card can be red easily.

Use the supplied key sets and start mapping and read tag

Detailed information about every sector on the card (if any data would be present except the UID)

Mifare cracking software

So the only interesting information is in Sector: 0, also called the manufacturer block.
I also noticed that the UID was 7Byte, making it a MIFARE Ultralight card grrrrrrr…

About this manufacturer block (Sector 0 – Block 0)

This part of the card is the only interesting part, as no other data is written to any sector/block as far as I can see.
In order to understand the difference between a 4Byte and 7Byte UID (i.e. MIFARE Classic vs MIFARE Utralight), I have added some pictures:

Mifare cracking system

A more detailed picture explains some more information is included after the serial number on block 0:

A more detailed picture of the 7byte UID:

The UID thing that messes with my head

As you could see on my tag info, the UID on my trash card is 7 byte, so it works a bit different than the 4 byte one.

The different types of UID are explained as follows:

ISO/IEC 14443 Type A defines a Unique IDentifer to be used for card selection and activation. The standard defines single, double and triple size UIDs which correspondingly consist of 4, 7 and 10 Byte.
What is the difference between a 4 Byte UID and a 4 Byte ID?
A 4 byte UID is an identifier which has been assigned by the card manufacturer using a controlled database. This database ensures that a
single identifier is not used twice. In contradiction, a 4 byte ID is an identifier which may be assigned to more then one contactless chip over the production time of a product so that more then one card with the same identified may be deployed into one particular contactless system.

Writing a 4Byte dump on a different card

As it is just cool to write a cards dump back, I have found a 4Byte UID MIFARE Classic 1kB card.

Content of Sector: 0

Ebay has a solution for everyting. UID writable MIFARE Classic cards. These cards make it possible to write Sector 0 – block 0 (i.e. the manufacturer block).

Write tag and enable writing to manufacturer block

Click start mapping and write dump

Mifare Cracking System

Compare the two tags, only the SAK is different, I hope that will still work in a real live situation

Mifare Cracking Software

Original card