Posted   by 

Mifare Cracking



Cracking

MFOC is an open source implementation of “offline nested” attack by Nethemba. It allows to recover authentication keys from MIFARE Classic card.

Project on Github

The Proxmark is the tool behind all major RFID Security Research breakthroughs: Mifare Classic Crypto cracking, Mifare PRNG analysis, VingCard exploitation & defeat to name a few. Jan 22, 2019 Think of MIFARE as being the most used type of RFID tags. NFC is simply a newer technology to interact with the first two. With that little bit of knowledge, let’s focus on MIFARE. The MIFARE family is split into subcategories which can be briefly describe here: MIFARE Classic 1K/4K: basically just a memory storage device. This memory, either. May 11, 2019 It turned out they were using a Mifare Classic card. This type of card can easily be hacked as the encryption keys protecting the data are vulnerable to several exploits. Hackers Find a Way to Crack Popular Smartcard in Minutes. The actual decryption work by the researchers was done on the widely deployed Mifare Classic wireless smartcard, now manufactured.

Build from Source

Usage Help

Example

Have a try

  1. Connect PN532 to Linux, macOS, Windows or Android Devices.

2. Open a terminal and read the card type with the cmd nfc-list.

3. Start to crack keys with the command mfoc -O card.mfd.

3. The keys of Sector 03 is unknown, so the program start to use other known keys to crack the key in sector 03.

4. Then we get the mifare classic dump file – card.mfd.

5. Open dump file vim card.mfd and read as HEX type:%!xxd

Tips

  1. MFOC is useful if it exist known key of one sector.
  2. MFOC is only for recover keys for Mifare Classic type card.
  3. The speed of cracking is depending on the sectors that encrypted.
  4. The mfd file can be used to clone to another card.

In this blog post I will cover some quick basics about NFC, Mifare Classic and how to set up everything for reading and writing a NFC tag. At the end I show you how to reprogram a vending machine’s NFC tag to contain more credits.

NFC stands for Near Field Communication and is used to communicate over short distances. For more Infos on NFC you can read the Wikipedia article. NFC nowadays is used for access cards, public transport, some more and in this case: Vending Machines. Basically there is an active NFC enabled device (the reader) and a passive device (the tag). The active device scans for the passive one and establishes a connection on contact. It also powers the passive device via an electromagnetic field. There is also an active - active mode where both endpoints can send data and need to be powered seperately. This is usually used when sending data for example in “Android Beam”.

In this example the vending machine has an active NFC reader built in. You can touch it with your tag to buy some drinks and the corresponding price is subtracted from the ammount stored on the tag. You can also recharge your tag via the machine if you run out of credits.

The NFC tag I analyzed is a so called “Mifare Classic 1k” tag. 1k stands for the size of data the tag can store. There are also other types like the “Mifare Classic 4k” and the “Mifare Mini” each having a different memory size.

Mifare Classic in general is stated insecure, because it’s encryption protocol has been cracked.More deatiled Information about this can be found in the following links:

A Mifare Classic 1k tag contains 16 sectors. Each of these sectors has 3 blocks of data storage and 1 block for storing the secret access keys and access controls. Each block contains 16 bytes of data.Before reading a sector, the reader must authenticate to the tag with a secret access key. Each sector has two keys: Key A and Key BEach of the 16 sectors can define it’s own access right and wich key is needed for a particular action. As an example you can define to use Key A for reading the block and Key B for writing to it.Sector 0 Block 0 also contains a non changeable UID (the tags unique ID) and some manufacturer data. This section is only writeable on some special chinese tags.

Here is a basically memory layout of a Mifare Classic tag:

Cracking Mifare Plus

(taken from the Mifare Datasheet, link see below)

More about Mifare in general can be found on Wikipedia. For more information on Mifare 1k Tags, the memory layout and more details you can visit these pages:

Now I will demonstrate how to get all access keys for all sectors, locate the credits and modify them.

For this example I used the PN532 Breakout Board from Adafruit connected via an USB UART TTL Cable and as an alternative a Raspberry Pi with the PN352 Breakout Board. These items can be purchased from various online shops around the world.

For connection instructions on the Raspberry Pi please refer to https://learn.adafruit.com/adafruit-nfc-rfid-on-raspberry-pi/testing-it-out.

Important notice: NFC and the used attack depend a lot on timing. Connecting a NFC device to a VM running linux will not work reliable because the drivers mess with this timing. I spent a lot of time finding this out, so please boot into a linux live cd for the following example or use a Raspberry Pi.

Here are the basics to set your machine up for getting the access keys.

The first step is to set up libnfc so the OS can communicate with the NFC reader. You can get the latest libnfc version from https://github.com/nfc-tools/libnfc/releases. At the time of writing the current version was 1.7.1.

When using the USB TTL cable issue the following command:

If you connect the breakout board directly to your Raspberry PI’s UART pins you need to copy the following file:

There are other config files like SPI too, just look in the contrib/libnfc/ folder and select the appropriate file.

If you use Kali the libnfc library is already installed, but missing some drivers (in my case the uart driver). You can overwrite the Kali installation with the setup from above.

After installing we need to test the communication to the NFC-reader. Connect your NFC device and run the following command

it should output something like (example with USB-UART Cable)

Cracking mifare plus

On a Raspberry Pi it shows

Now your reader is connected and we can start cracking our keys. We will use the tool “mfoc - Mifare Classic Offline Cracker” available from https://github.com/nfc-tools/mfoc. Kali linux has it already installed.

If you are not on KALI or you want the latest version of mfoc you need to compile it on your own by executing the following commands.

or clone via git

configure and install it

To start the key cracking connect your reader, place the tag on the antenna and run

This command first looks for some default keys used by many Miface Classic tags and then tries to crack the missing keys. On my sample tag the whole procedure was done in under one minute.

2004 cub cadet rzt 50 parts manual. If the tool outputs “Maybe you should increase the number of probes”, the cracking was not successful. I got this message when running in a VMWare environment or by using crappy hardware. Switching to the Adafruit breakout board and a dedicated linux solved the problem for me.

If you manage to crack all the keys you can see the HEX encoded contents of the key on your terminal and also in the output file output.mfd.

The terminal output is upside down - the first block containing the UID is at the bottom. If you view the output.mfd file with hexdump you can see it in the right order.

The file shows all 16 sectors. Here is an example of one sector: 3x16 bytes of data followed by 16 bytes of access keys and accecss bits.

This is an empty block, Key A is a0 a1 a2 a3 a4 a5, Key B is b0 b1 b2 b3 b4 b5 and the access bits are 78 77 88. The value 69 is contained in a special register available for user data (see the Mifare Classic Datasheet for more information).

The next step is to locate the credits on the tag. The vending machine shows you the credits left on the tag when holding it to reader.

So the tag currently contains exactly 3,45€. So lets first search for the Hex value of 45 (0x2d): Nothing found. Next we try to convert our 3,45€ to cents which will be 345 (0x01 0x59): Gotcha! The credits are located in sector 12 block 2 (counting starts at zero).

We can verify this block by buying something from the machine or put some more credits on the tag and then read the appropriate sector again.

You can decode the Access Bits via the App NFC TagInfo.

The App decodes the access bits for Sector 12 Block 2 to: “Key B is needed for reading and writing to this block”

The next step will be to reprogram the tag and add credits without paying for it.

Mifare Cracking Software

PS: I never abused this finding for getting free drinks. I always subtracted my test buyings from the initial ammount. If you use this findings to get free drinks, this may have legal consequences for you so please do not abuse it.

To reprogram the tag I used the android app “Mifare Classic Tool” available under https://play.google.com/store/apps/details?id=de.syss.MifareClassicTool.Sadly not every Android Phone supports these Mifare Classic tags. For example my old Samsung Galaxy S3 can read and write the tag, on my Nexus 5 it’s not supported. You can find a list of supported and unsupported devices on the homepage https://github.com/ikarus23/MifareClassicTool/.This app lets you add your own keyfile (“Add/Remove Keys”) cracked by mfoc. Just create a new key file and insert your keys one per line. Using the write option you can write exactly one block back to the tag, or reflash a complete memory dump. Be careful when writing a direct block because if you overwrite the last block of a sector (the one containg the keys), your tag will be irreversible damaged. I did this to mine because I didn’t notice the block numbers start at 0. So you can also create a full memory dump of your tag and when you have no credits left, reflash the old image and your credits will be reset.

Mifare Cracking

Another method is to reflash the captured output of mfoc via nfc-mfclassic:

Mifare Cracking Video

After examining other tags for the same vending machine I noticed that these all have different keys. It seems like the vending machine calculates the keys based on the tags unique UID or something else to add an extra layer of security. So far I have not managed to crack the scheme. If you manage to derive the key from the captures below please contact me so I can verify it with other tags.

I put some dumps here for download if you want to investigate the key derivation scheme:

Mifare Cracking Code

  • Copyright by Christian Mehlmauer
  • source code available on Github