Mifare classic attack rework

holiman · 2013-06-26 22:13:14

I have now changed the way the mifare classic attack works (hf mf mifare). There are two big changes.
1. A tuning-phase is used. This phase determines how long time the tag requires to power off, and thus start delivering predictable nonces.
2. Multiple attack states are used. This means that we don't just wait for a particular nonce, but keep track of several, and the first to reach the number of repeats required is the one that gets cracked.

Another change is that I have deprecated the use of sending in an no-attack-nonce. Instead, I used a 'random' offset-time, which means that two consequtive runs should use different offset times, and hopefully not catch the same bad nonce.

The device supports sending these parameters in via a usbcommand, so if anyone wants to add it as a parameter, be my guest. Also, if invoked through the lua-scripting engine, it's easy to pass along offset_time and powerdown-time when crafting the packet. But the scripting-stuff is not yet committed to the trunk.

This is what it looks like :

proxmark3> hf mf mifare
-------------------------------------------------------------------------
Executing command. It may take up to 30 min.
Press the key on the proxmark3 device to abort both proxmark3 and client.
-------------------------------------------------------------------------
#db# Tuning... testing a delay of 25 ms (press button to skip)                 
#db#       ... results for 25 ms : 100 %                 
#db# Tuning... testing a delay of 50 ms (press button to skip)                 
#db#       ... results for 50 ms : 100 %                 
#db# Tuning... testing a delay of 100 ms (press button to skip)                 
#db#       ... results for 100 ms : 100 %                 
#db# Tuning... testing a delay of 200 ms (press button to skip)                 
#db#       ... results for 200 ms : 9 %                 
#db# Using power-down-time of 200 ms, offset time 1720 us                 
#db# Recovery progress: 1/8, NTs attacked: 3                  
#db# Recovery progress: 2/8, NTs attacked: 3                  
#db# Recovery progress: 3/8, NTs attacked: 5                  
#db# Recovery progress: 4/8, NTs attacked: 5                  
#db# Recovery progress: 5/8, NTs attacked: 5                  
#db# Recovery progress: 6/8, NTs attacked: 5                  
#db# Recovery progress: 7/8, NTs attacked: 5                  
#db# COMMAND mifare FINISHED                 


isOk:01          


uid(2bbf3053) nt(b7184935) par(2921f1b911798961) ks(0f02050a0305030d)

          
|diff|{nr}    |ks3|ks3^5|parity         |
+----+--------+---+-----+---------------+
| 00 |00000000| f |  a  |1,0,0,1,0,1,0,0|
| 20 |00000020| 2 |  7  |1,0,0,0,0,1,0,0|
| 40 |00000040| 5 |  0  |1,0,0,0,1,1,1,1|
| 60 |00000060| a |  f  |1,0,0,1,1,1,0,1|
| 80 |00000080| 3 |  6  |1,0,0,0,1,0,0,0|
| a0 |000000a0| 5 |  0  |1,0,0,1,1,1,1,0|
| c0 |000000c0| 3 |  6  |1,0,0,1,0,0,0,1|
| e0 |000000e0| d |  8  |1,0,0,0,0,1,1,0|
0033debd|004c2016
------------------------------------------------------------------
Key found:a0a1a2a3a4a5

Committed as r752. Some previous discussions about this can be found here:
http://www.proxmark.org/forum/viewtopic.php?id=1656
http://www.proxmark.org/forum/viewtopic.php?id=1639

Last edited by holiman (2013-06-26 22:13:29)

Tsim · 2013-07-11 13:22:53

Hi,

Thank you so much for this update, indeed it is working again. I had a mifare card on which I was unable to recover keys, now it is working.

But since 754, the attack is not working anymore, same problem as before, it loops and says "lfsr_common_prefix list is null".
I tried with the same mifare card on 752 and 754.
752 : Key found in about 1 minute
754 : Not found, loops forever

piwi · 2013-07-12 10:11:13

Can you please provide some more information? E.g. any more output besides "lfsr_common_prefix list is null"?

Tsim · 2013-07-12 11:50:56

Of course.

The 752 output :

proxmark3> hw version
#db# Prox/RFID mark3 RFID instrument
#db# bootrom: svn 752 2013-07-04 15:50:38
#db# os: svn 752 2013-07-04 15:50:40
#db# FPGA image built on 2012/ 1/ 6 at 15:27:56
proxmark3> hf mf mifare
-------------------------------------------------------------------------
Executing command. It may take up to 30 min.
Press the key on the proxmark3 device to abort both proxmark3 and client.
-------------------------------------------------------------------------
#db# Tuning... testing a delay of 25 ms (press button to skip)
#db#       ... results for 25 ms : 99 %
#db# Tuning... testing a delay of 50 ms (press button to skip)
#db#       ... results for 50 ms : 45 %
#db# Using power-down-time of 50 ms, offset time 438 us
#db# Recovery progress: 1/8, NTs attacked: 13
#db# Recovery progress: 2/8, NTs attacked: 14
#db# Recovery progress: 3/8, NTs attacked: 15
#db# Recovery progress: 4/8, NTs attacked: 34
#db# Recovery progress: 5/8, NTs attacked: 34
#db# Recovery progress: 6/8, NTs attacked: 36
#db# Recovery progress: 7/8, NTs attacked: 37
#db# COMMAND mifare FINISHED


isOk:01


uid(3cf0cea3) nt(058d8c5b) par(0ee6364e96fe6ef6) ks(0106040d0c070607)


|diff|{nr}    |ks3|ks3^5|parity         |
+----+--------+---+-----+---------------+
| 00 |00000000| 1 |  4  |0,1,1,1,0,0,0,0|
| 20 |00000020| 6 |  3  |0,1,1,0,0,1,1,1|
| 40 |00000040| 4 |  1  |0,1,1,0,1,1,0,0|
| 60 |00000060| d |  8  |0,1,1,1,0,0,1,0|
| 80 |00000080| c |  9  |0,1,1,0,1,0,0,1|
| a0 |000000a0| 7 |  2  |0,1,1,1,1,1,1,1|
| c0 |000000c0| 6 |  3  |0,1,1,1,0,1,1,0|
| e0 |000000e0| 7 |  2  |0,1,1,0,1,1,1,1|
0033c3a4|004cfa50
------------------------------------------------------------------
Key found:a0a1a2a3a4a5

Found valid key:a0a1a2a3a4a5

The 754 output :

proxmark3> hw version
#db# Prox/RFID mark3 RFID instrument
#db# bootrom: svn 752 2013-07-04 15:50:38
#db# os: svn 752 2013-07-04 15:50:40
#db# FPGA image built on 2012/ 1/ 6 at 15:27:56
proxmark3> hf mf mifare
-------------------------------------------------------------------------
Executing command. Expected execution time: 25sec on average  :-)
Press the key on the proxmark3 device to abort both proxmark3 and client.
-------------------------------------------------------------------------
.#db# Tuning... testing a delay of 25 ms (press button to skip)
...#db#       ... results for 25 ms : 100 %
#db# Tuning... testing a delay of 50 ms (press button to skip)
.....#db#       ... results for 50 ms : 36 %
#db# Using power-down-time of 50 ms, offset time 1184 us
..............................#db# Recovery progress: 1/8, NTs attacked: 13
......#db# Recovery progress: 2/8, NTs attacked: 14
..........#db# Recovery progress: 3/8, NTs attacked: 16
.#db# Recovery progress: 4/8, NTs attacked: 17
.........#db# Recovery progress: 5/8, NTs attacked: 17
.....#db# Recovery progress: 6/8, NTs attacked: 18
.......#db# Recovery progress: 7/8, NTs attacked: 18
.................................................................................................................................#db# COMMAND mifare FINISHED           




uid(3cf0cea3) nt(07271e9b) par(74ac6c541ce4844c) ks(0d05020b0b040106)


|diff|{nr}    |ks3|ks3^5|parity         |
+----+--------+---+-----+---------------+
| 00 |0cf12000| d |  8  |0,0,1,0,1,1,1,0|
| 20 |0cf12020| 5 |  0  |0,0,1,1,0,1,0,1|
| 40 |0cf12040| 2 |  7  |0,0,1,1,0,1,1,0|
| 60 |0cf12060| b |  e  |0,0,1,0,1,0,1,0|
| 80 |0cf12080| b |  e  |0,0,1,1,1,0,0,0|
| a0 |0cf120a0| 4 |  1  |0,0,1,0,0,1,1,1|
| c0 |0cf120c0| 1 |  4  |0,0,1,0,0,0,0,1|
| e0 |0cf120e0| 6 |  3  |0,0,1,1,0,0,1,0|
00b07a11|00516684
------------------------------------------------------------------
Key found:80862eb3e640

Failing is expected to happen in 25% of all cases. Trying again with a different reader nonce...
.#db# Tuning... testing a delay of 25 ms (press button to skip)
..#db#       ... results for 25 ms : 100 %
.#db# Tuning... testing a delay of 50 ms (press button to skip)
....#db# Tuning aborted prematurely
#db#       ... results for 50 ms : 30 %
#db# Using power-down-time of 50 ms, offset time 780 us
#db# COMMAND mifare FINISHED


Proxmark can't get statistic info. Execution aborted.

At this point, I realized that updating the OS was unsucessful... Well this is awkward.

I tried after updating, then :

proxmark3> hw version
#db# Prox/RFID mark3 RFID instrument
#db# bootrom: svn 754 2013-07-11 11:52:42
#db# os: svn 754 2013-07-11 11:52:43
#db# FPGA image built on 2012/ 1/ 6 at 15:27:56
proxmark3> hf mf mifare
-------------------------------------------------------------------------
Executing command. Expected execution time: 25sec on average  :-)
Press the key on the proxmark3 device to abort both proxmark3 and client.
-------------------------------------------------------------------------
...................



uid(3cf0cea3) nt(a0278143) par(7e76361ed6aebeb6) ks(0b07030c03060203)


|diff|{nr}    |ks3|ks3^5|parity         |
+----+--------+---+-----+---------------+
| 00 |00000000| b |  e  |0,1,1,1,1,1,1,0|
| 20 |00000020| 7 |  2  |0,1,1,0,1,1,1,0|
| 40 |00000040| 3 |  6  |0,1,1,0,1,1,0,0|
| 60 |00000060| c |  9  |0,1,1,1,1,0,0,0|
| 80 |00000080| 3 |  6  |0,1,1,0,1,0,1,1|
| a0 |000000a0| 6 |  3  |0,1,1,1,0,1,0,1|
| c0 |000000c0| 2 |  7  |0,1,1,1,1,1,0,1|
| e0 |000000e0| 3 |  6  |0,1,1,0,1,1,0,1|
0033dcd1|004c2360
------------------------------------------------------------------
Key found:a0a1a2a3a4a5

Found valid key:a0a1a2a3a4a5

I guess all is working fine... Sry.

Then, even if this inst the topic, I put these keys on the mifare simulator, but the mf hf ecfill does not work :

proxmark3> hf mf ekeyprn
|---|----------------|----------------|
|sec|key A           |key B           |
|---|----------------|----------------|
|000|  a0a1a2a3a4a5  |  b0b1b2b3b4b5  |
|001|  a21235bde83c  |  e7cc385a3512  |
|002|  bf627553cadf  |  dd6579335a45  |
|003|  a0a1a2a3a4a5  |  87ad9c20f929  |
|004|  a0a1a2a3a4a5  |  314fc2f48d76  |
|005|  a0a1a2a3a4a5  |  e2a1372585dc  |
|006|  ffffffffffff  |  ffffffffffff  |
|007|  ffffffffffff  |  ffffffffffff  |
|008|  ffffffffffff  |  ffffffffffff  |
|009|  ffffffffffff  |  ffffffffffff  |
|010|  ffffffffffff  |  ffffffffffff  |
|011|  ffffffffffff  |  ffffffffffff  |
|012|  ffffffffffff  |  ffffffffffff  |
|013|  ffffffffffff  |  ffffffffffff  |
|014|  ffffffffffff  |  ffffffffffff  |
|015|  ffffffffffff  |  ffffffffffff  |
|016|  f89fd17af9a5  |  03be37790b6a  |
|017|  e4a06b8809b8  |  4e6092382f38  |
|018|  acd5429ac6bf  |  5d0f9fc37ac4  |
|019|  128000d66b7c  |  9c4d3888395e  |
|020|  fff1fd9e9507  |  e9e6bde1bf9a  |
|021|  75c06381ab00  |  cc30822a8d08  |
|022|  d76daf7d95d3  |  d6eb506d97bf  |
|023|  28a95b15f0e3  |  5a2626882276  |
|024|  d5ebfee7e4fb  |  bfbfa6e13ff5  |
|025|  34b402665a92  |  b948cc1099c5  |
|026|  c2db7a09af9b  |  63c574f83a75  |
|027|  43b0be45b494  |  452a8830ed22  |
|028|  3c7deff81eeb  |  efc913c8e106  |
|029|  750c260b083d  |  3d042f29a504  |
|030|  c9d77713ab6b  |  25ab0757ee9d  |
|031|  0c5784b960b8  |  89839aed95a0  |
|032|  631e2d60b2bb  |  458224f80183  |
|033|  020b00e2d039  |  7054669c6cdf  |
|034|  937205909582  |  c5ffb47b3b9a  |
|035|  1791049130ce  |  ba5002834755  |
|036|  a32b5883b195  |  b5882ac93875  |
|037|  09e919640dfb  |  43000190201b  |
|038|  7523518346e7  |  87793bbe8b1b  |
|039|  a35a0764b0a0  |  46a56e663eda  |
|---|----------------|----------------|
proxmark3> hf mf ecfill A
#db# Cmd Error: 04
#db# Read block 1 error
#db# EMUL FILL SECTORS FINISHED
proxmark3> hf mf ecfill B
#db# Cmd Error: 04
#db# Read block 0 error
#db# EMUL FILL SECTORS FINISHED

Is there any way to load my mifare card data into the mifare simulator ?

Thanks a lot !

moebius · 2013-07-12 15:25:17

Tsim wrote:

Is there any way to load my mifare card data into the mifare simulator ?
Thanks a lot !

I'm trying to fix the emul. Right now, if you try to authenticate, you'll always get a bad auth attempt. Any help is appreciated.

piwi · 2013-07-13 08:17:51

Tsim wrote:

proxmark3> hf mf ecfill A
#db# Cmd Error: 04
#db# Read block 1 error
#db# EMUL FILL SECTORS FINISHED
proxmark3> hf mf ecfill B
#db# Cmd Error: 04
#db# Read block 0 error
#db# EMUL FILL SECTORS FINISHED

Is there any way to load my mifare card data into the mifare simulator ?

Hmmm. Did you check the Access Conditions? Maybe it is simply denied to read the blocks with the respective key?

Proxmark3 community

Announcement

#1 2013-06-26 22:13:14

Mifare classic attack rework

#2 2013-07-11 13:22:53

Re: Mifare classic attack rework

#3 2013-07-12 10:11:13

Re: Mifare classic attack rework

#4 2013-07-12 11:50:56

Re: Mifare classic attack rework

#5 2013-07-12 15:25:17

Re: Mifare classic attack rework

#6 2013-07-13 08:17:51

Re: Mifare classic attack rework

Board footer