New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[idea] Mifare Classic with fixed nonce #133
Comments
Now I tried some more approaches. Even thought I had a solution which was totally wrong of me. Maybe add that to Sniffing the trafic between reader and tag would still work. |
@xtigmh I saw in aczid's issue that you have been experimenting with a solution for fixed nonces. Did you see two nonces? I seen one so far but I have not tested the nested authentication. |
I see two nonce in hardnested, only one nonce in nested authentication. I guess there are 3 nonces for this card: |
It uses the same nonce as you. I haven't seen the second or third nonce that you have. How do you bruteforce it?
|
Sorry, you can only see second nonce in nested auth. |
If you send 60/61 xx xx xx to auth, tag always return 01200145, so you must know one key to do nested auth. |
Yes, I read your issue over at Aczid's repo. |
I changed default key, nonoce 3 is never appear. It looks like online bruteforce is the only method to carck this card. |
I don't know of your card but mine is a Gen1A magic, so I can read it using chinese backdoor commands. |
I modified nested auth, it works with one nonce, second step is tesing each key. I only use this: nt=7eef3586, ks1=ffff93b7 for nested auth. Maybe your card is different from my card, but nonce 1 01200145 is same.
|
But how do you do a nested authentication without knowing the first key to make the initial authentication? |
bascially j-run's nested auth solver then. But it still needs a valid authentication trace... |
I removed the check for a valid key and fast check in order to trigger the nested part.
|
We should know at least one key. |
nt2enc will change depends on target block key. |
Good job, mf_nonce_brute works well if we have trace.
|
|
mf_nonce_brute get wrong key for true random card such as mifare plus.
mf_nonce_brute: key is wrong, next cmd is right.
|
mf_nonce_brute is not in this repo. @iceman1001 should we add it to RRG repo ? Else this issue should rather be discussed at https://github.com/J-Run/mf_nonce_brute |
Hi. I've come across such a card as well. I get the same nt as @iceman1001 had in #133 (comment) but my nt2enc is different:
I'm not sure if I understand you guys correctly: Can I recover the keys if I know one key? Does it work for both PRNGs (weak/hard)? How does it work? |
@doegox remember that tools/Makefile you wanted to remove stuff from? ...thats how I link to external tools :) Making a nested authentication and save the statelists, compare, and use the intersection to find a valid card sounds more or less lite j-run's implementation which has a offline phase1 and online against card in phase2... It sounds like this is how @xtigmh solves his card. |
Yes, it need bruteforce like j-run's implementation phase2. |
Sigh, no comment |
So, offical repo and the user @uzlonewolf has about the same idea as @xtigmh had. As a side bonus, @pwpiwi did come up with some impressive check keys speed ups. Its up to 206 auths / second now, from 85,... Massive speedup. All in once timeout change. I will implement a seperate command for this type of solution, since I don't like to mess up functions even more with edge cases. |
Ok, I managed to make an implementation of hf mf staticnested today. I think I pretty soon can close this one :) |
…tags that has a static nonce. \n See #133 \n See Proxmark/proxmark3#899 \n This solution is based upon the ideas and solutions of @uzlonewolf and @xtigmh . Thanks!
Done! |
Is your feature request related to a problem? Please describe.
There has been in the wild some clones, like Fudan and some uid changeable card which doesn't have the NACK bug and they use somewhat odd a fixed nonce. Rendering all current Mifare classic attacks useless.
Describe the solution you'd like
A new command hf mf fixednonce that can recover the keys from such a card
Describe alternatives you've considered
Some progress has been done with Fudan cards but they involve sniffing traffic and reuse.
The text was updated successfully, but these errors were encountered: