I made a nonce bruteforce tool

andrew892 · 2016-09-06 17:19:52

hi,
i made a nonce bruteforce tool for recover key from sniffed nested authentications starting from J-Run's bruteforce tool.
Mine tool implements the information that leaks through the parity bits to speed up the attack.
With old prng can recover directly the key. (~1min)
With new prng can recover candidate key, that has to be used with J-Run's second phase to recover the correct one. (few minutes)

i don't know if it's useful for someone, if it's bug-free or anything else.
i just made it and i want to share with you.

https://github.com/andrew892/mf_bruteforce_nonce

iceman · 2016-09-06 17:48:26

Sweet work,
I was fiddeling with j-run's two parts about a month ago, made the 2d part about 3-5times faster. There is a thread about it somehwere here. Also on github.

iceman · 2016-09-07 00:02:48

Its even faster now

pm3 ~/tools/mf_nonce_brute$ ./mf_nonce_brute fa247164 fb47c594 0000 71909d28 0c254817 1000 0dc7cfbd 1110
Mifare classic nested auth key recovery. Phase 1.
uid:            fa247164
nt encrypted:   fb47c594
nt parity err:  0000
nr encrypted:   71909d28
ar encrypted:   0c254817
ar parity err:  1000
at encrypted:   0dc7cfbd
at parity err:  1110

Now let's try to bruteforce encrypted tag nonce last bytes


**** Possible key candidate ****
thread #3
current nt(fb47c594)  ar_enc(0c254817)  at_enc(0dc7cfbd)
ks2:a842ccc6
ks3:549661c0
ks4:b028b50d

Key candidate: [ffffffffffff]

Time in mf_nonce_brute (Phase 1): 4758 ticks 4.0 seconds

ntk · 2016-09-07 00:12:15

Is it the one you mean @iceman? Is there a tutorial for the layman to learn this technique iceman?

J-Run's bruteforce tool

oh sry mistake not layman... I mean lazy man!

"
Sorry if the question is primitive, but can you please explain how to choose parameters for mf_nonce_brute. I have a Mifare Classic 1K/4K card and ACR122u reader."

"
...
To use a mf_nonce_brute you must have a snoop(sniff) log of card and reader. It is all explained in a Readme file. If you have any trouble please post details about your input data (please don't post here real deployed systems dump data) and what goes wrong. Feel free to ask any questions but give a info to help you :-)"

I think I have found the missing part.

Last edited by ntk (2016-09-07 00:23:01)

iceman · 2016-09-07 00:21:39

Not quite,

Its based on J-Runs two tools. His version takes a long time. fbfuzier did a faster version but still very slow.
Now OP (andrew892) did a really fast version. Its fast because it doesnt need to check so many nonces.

The readme.md tells the story quite well. Its for traces where the nested authentication is used. Now you can recover the keys also in two steps. Phase1 one is a standalone program, and you find an optimised phase2 in my fork. (hf mf )

Phase1
Andrew892 singelthread version https://github.com/andrew892/mf_bruteforce_nonce
iceman multithread version https://github.com/iceman1001/mf_nonce_brute

Look at this old thread for samples:
http://www.proxmark.org/forum/viewtopic … d=550#p550

ntk · 2016-09-07 00:31:56

thank for this old thread
http://www.proxmark.org/forum/viewtopic … d=550#p550

thanks you, Iceman.

iceman · 2016-09-07 00:44:45

Don't thank me, thank @andrew892 who made this speedup possible.

Proxmark3 community

Announcement

#1 2016-09-06 17:19:52

I made a nonce bruteforce tool

#2 2016-09-06 17:48:26

Re: I made a nonce bruteforce tool

#3 2016-09-07 00:02:48

Re: I made a nonce bruteforce tool

#4 2016-09-07 00:12:15

Re: I made a nonce bruteforce tool

#5 2016-09-07 00:21:39

Re: I made a nonce bruteforce tool

#6 2016-09-07 00:31:56

Re: I made a nonce bruteforce tool

#7 2016-09-07 00:44:45

Re: I made a nonce bruteforce tool

Board footer