nfc-tools / mfcuk Goto Github PK
View Code? Open in Web Editor NEWMiFare Classic Universal toolKit (MFCUK)
License: GNU General Public License v2.0
MiFare Classic Universal toolKit (MFCUK)
License: GNU General Public License v2.0
I can not recover the key with an 7 bytes uid card .
¿Do you have idea than how to solve this problem?
I intent change the "define" of size of uid of 4 to 7 bytes without results.
I tried change the "define" of size of uid of 4 to 7 bytes without results.
mfcuk r65
libnfc 1.5
Original issue reported on code.google.com by [email protected]
on 19 Jan 2014 at 5:46
Since the last change on nfc-utils.c it is not able to compile:
nfc-utils.c:213:20: error: ‘nfc_device_desc_t’ has no member named
‘acPort’
Original issue reported on code.google.com by [email protected]
on 25 Sep 2011 at 2:21
Like many others, I was unable to recover any keys, even from 'blank' cards with 0xffffffffffff default keys, getting an indefinite number of 0x03 errors.
Attempting to debug, I discovered that my cards were responding with NACK to all failed authentication attempts, regardless of parity bits, as described in section 4.3 of http://eprint.iacr.org/2009/137.pdf .
It appears that mfcuk 0.3.8 has no logic to detect or handle this behavior, and gets confused by assuming that all 'hits' have good plaintext parity, even though (with this card type) most do not.
I don't know enough about cryptography to implement (or even understand) the elegant solution proposed in section 6.1 of the same paper.
However, I was able to recover keys by commenting out the parity checking logic in check_pfx_parity , putting candidate keys in a histogram table, and waiting until the same value was seen 4 times (with different nonces).
Sorry, I was just patching and don't have any production code for this method (and I know it's not the best method anyway).
The end result was that I got the desired data; many thanks for the program.
have run command nfc-list:
displaying:
nfc-list uses libnfc 1.7.1
NFC device: pn532_uart:/dev/ttyUSB0 opened
1 ISO14443A passive target(s) found:
ISO/IEC 14443A (106 kbps) target:
ATQA (SENS_RES): 00 04
UID (NFCID1): d3 a7 a3 12
SAK (SEL_RES): 28
ATS: 78 80 a0 02 20 90 00 00 00 00 00 d3 a7 a3 12
I have looked up information from AN10833, according the document it seems like be MIFARE
Classic 1KB+ MIFARE plus or MIFARE Classic 1KB+ MIFARE DESFire or…
or even maybe a java card JCOP41 v2.3.1?
I cant determine which type so I can't do other things. when I use mfoc, it tells me " Cannot determine card type from SAK"
any idea?
What steps will reproduce the problem?
1. Device: ACR122u; Install acsccid pcsc drivers, pcscd, libnfc-1.7.1,
mfoc-0.10.7
2. Pcsc_scan and libnfc recognize device and card.
3. Run 'mfoc -P 500 -O dump1.mfd'
What is the expected output? What do you see instead?
I expect to see a recovery of keys, instead. After guessing the default keys,
I'm getting an error:
"Using sector 00 as an exploit sector
nfc_initiator_init: Input / Output Error"
The device shuts down after this.
What version of the product are you using? On what operating system?
mfoc 0.10.7 on Ubuntu 12.04LTS.
Please provide any additional information below.
Full mfoc run log:
http://pastebin.com/09XZhDWH
Original issue reported on code.google.com by [email protected]
on 2 Apr 2014 at 10:29
Hello,
As title explains it, mfcuk need to be maintain to run on top of libnfc.
I already do the major part of the job: it now compile and should run similar
than the old one, but unfortunately, I can't get it works.
Original issue reported on code.google.com by [email protected]
on 6 Sep 2010 at 11:29
What should we do when we use ubuntu 9.10 386 version.
It works ,but not actually what we expected.
Original issue reported on code.google.com by [email protected]
on 25 Apr 2010 at 12:46
I want to learn the authentication phase deeply by use the program.
Hi, I have segmentation fault each time I'm trying to recover keys.
What steps will reproduce the problem?
1. gdb ./mfcuk -C -R 0 -s 250 -S 250 -v 1
2. after a while I have this:
Program received signal SIGSEGV, Segmentation fault.
0x00000000004031d0 in mfcuk_key_recovery_block
(ui64KeyRecovered=0x7fffffff9938, uiBlock=3, bTagType=<optimized out>,
bKeyType=<optimized out>, uiUID=843309002, pnd=0x130c820, ui64Key=<optimized out>) at mfcuk.c:650
650 for (i = 0; (states_list) && ((states_list + i)->odd != 0 ||
(states_list + i)->even != 0) && (i < MAX_COMMON_PREFIX_STATES); i++) {
What version of the product are you using? On what operating system?
mfcuk from repository and 0.3.7,
Ubuntu 12.10, 64bit (I've been trying also on 32bit version, I didn't have seg
fault, but recovered keys were wrong, only last bytes correct).
gcc version 4.7.2
I appreciate any suggestion on how to use mfcuk,
Best Regards,
Krzysiek
Original issue reported on code.google.com by [email protected]
on 15 Mar 2013 at 10:37
PN544 in Nexus 7 can't use mfcuk?
What steps will reproduce the problem?
1. When I try to compile 'make'
2.
3.
What is the expected output? What do you see instead?
nfc-utils.o: In function `print_nfc_target':
/home/wender/Downloads/mfcuk-read-only/src/nfc-utils.c:121: undefined reference
to `str_nfc_target'
collect2: error: ld returned 1 exit status
make[2]: *** [mfcuk] Error 1
make[2]: Leaving directory `/home/wender/Downloads/mfcuk-read-only/src'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/home/wender/Downloads/mfcuk-read-only'
make: *** [all] Error 2
What version of the product are you using? On what operating system?
mfcuk r80 / Ubuntu 12.10
Please provide any additional information below.
I'm trying to compile mfcuk r80 using ubuntu 12.10 with libnfc-1.6.0-rc1.
I have one SCL3711 usb dongle PN53x.
Thanks
Original issue reported on code.google.com by [email protected]
on 19 Dec 2012 at 7:40
I'm using the libnfc 1.5 with mfcuk (i have to use it. the PR532 + UART) need
it.
The problem is: looks like some APIs from NFC lib changed.
libnfc (from trunk)
mfcuk from trunk
Ubuntu 11.04, 64 bits
error:
[~/mfcuk-read-only] make
make all-recursive
make[1]: Betrete Verzeichnis '/home/xxx/mfcuk-read-only'
Making all in src
make[2]: Betrete Verzeichnis '/home/xxx/mfcuk-read-only/src'
CC crapto1.o
CC crypto1.o
CC mfcuk_finger.o
mfcuk_finger.c: In function ‘mfcuk_finger_skgt_decoder’:
mfcuk_finger.c:68:20: warning: unused variable ‘car_number’
CC mfcuk_keyrecovery_darkside.o
mfcuk_keyrecovery_darkside.c: In function ‘mfcuk_verify_key_block’:
mfcuk_keyrecovery_darkside.c:265:5: error: too few arguments to function
‘nfc_initiator_transceive_bytes’
/usr/local/include/nfc/nfc.h:80:19: note: declared here
mfcuk_keyrecovery_darkside.c:272:5: warning: dereferencing type-punned pointer
will break strict-aliasing rules
mfcuk_keyrecovery_darkside.c: In function ‘mfcuk_key_recovery_block’:
mfcuk_keyrecovery_darkside.c:417:5: error: too few arguments to function
‘nfc_initiator_transceive_bytes’
/usr/local/include/nfc/nfc.h:80:19: note: declared here
mfcuk_keyrecovery_darkside.c:427:5: warning: dereferencing type-punned pointer
will break strict-aliasing rules
mfcuk_keyrecovery_darkside.c: In function ‘main’:
mfcuk_keyrecovery_darkside.c:1108:21: warning: dereferencing type-punned
pointer will break strict-aliasing rules
mfcuk_keyrecovery_darkside.c:1326:61: warning: comparison between signed and
unsigned integer expressions
mfcuk_keyrecovery_darkside.c:1488:13: warning: dereferencing type-punned
pointer will break strict-aliasing rules
mfcuk_keyrecovery_darkside.c:1539:5: warning: dereferencing type-punned pointer
will break strict-aliasing rules
mfcuk_keyrecovery_darkside.c:1545:9: warning: dereferencing type-punned pointer
will break strict-aliasing rules
mfcuk_keyrecovery_darkside.c: At top level:
crapto1.h:60:23: warning: ‘parity’ defined but not used
mfcuk_keyrecovery_darkside.c: In function ‘main’:
mfcuk_keyrecovery_darkside.c:992:5: warning: ignoring return value of
‘system’, declared with attribute warn_unused_result
make[2]: *** [mfcuk_keyrecovery_darkside.o] Fehler 1
make[2]: Verlasse Verzeichnis '/home/victor.pereira/mfcuk-read-only/src'
make[1]: *** [all-recursive] Fehler 1
make[1]: Verlasse Verzeichnis '/home/victor.pereira/mfcuk-read-only'
make: *** [all] Fehler 2
Original issue reported on code.google.com by [email protected]
on 23 Sep 2011 at 8:36
mfcuk -C -R 0:A -v 1 -o lalal.dmp
mfcuk - 0.3.8
Mifare Classic DarkSide Key Recovery Tool - 0.3
by Andrei Costin, [email protected], http://andreicostin.com
WARN: cannot open template file './data/tmpls_fingerprints/mfcuk_tmpl_skgt.mfd'
WARN: cannot open template file './data/tmpls_fingerprints/mfcuk_tmpl_ratb.mfd'
WARN: cannot open template file
'./data/tmpls_fingerprints/mfcuk_tmpl_oyster.mfd'
INFO: Connected to NFC reader: ACS / ACR122U PICC Interface
INITIAL ACTIONS MATRIX - UID fb d5 dc 7f - TYPE 0x08 (MC1K)
---------------------------------------------------------------------
Sector | Key A |ACTS | RESL | Key B |ACTS | RESL
---------------------------------------------------------------------
0 | 000000000000 | . R | . . | 000000000000 | . . | . .
1 | 000000000000 | . . | . . | 000000000000 | . . | . .
2 | 000000000000 | . . | . . | 000000000000 | . . | . .
3 | 000000000000 | . . | . . | 000000000000 | . . | . .
4 | 000000000000 | . . | . . | 000000000000 | . . | . .
5 | 000000000000 | . . | . . | 000000000000 | . . | . .
6 | 000000000000 | . . | . . | 000000000000 | . . | . .
7 | 000000000000 | . . | . . | 000000000000 | . . | . .
8 | 000000000000 | . . | . . | 000000000000 | . . | . .
9 | 000000000000 | . . | . . | 000000000000 | . . | . .
10 | 000000000000 | . . | . . | 000000000000 | . . | . .
11 | 000000000000 | . . | . . | 000000000000 | . . | . .
12 | 000000000000 | . . | . . | 000000000000 | . . | . .
13 | 000000000000 | . . | . . | 000000000000 | . . | . .
14 | 000000000000 | . . | . . | 000000000000 | . . | . .
15 | 000000000000 | . . | . . | 000000000000 | . . | . .
VERIFY:
Key A sectors: 0 1 2 3 4 5 6 7 8 9 a b c d e f
Key B sectors: 0 1 2 3 4 5 6 7 8 9 a b c d e f
ACTION RESULTS MATRIX AFTER VERIFY - UID fb d5 dc 7f - TYPE 0x08 (MC1K)
---------------------------------------------------------------------
Sector | Key A |ACTS | RESL | Key B |ACTS | RESL
---------------------------------------------------------------------
0 | 000000000000 | . R | . . | 000000000000 | . . | . .
1 | 000000000000 | . . | . . | 000000000000 | . . | . .
2 | 000000000000 | . . | . . | 000000000000 | . . | . .
3 | 000000000000 | . . | . . | 000000000000 | . . | . .
4 | 000000000000 | . . | . . | 000000000000 | . . | . .
5 | 000000000000 | . . | . . | 000000000000 | . . | . .
6 | 000000000000 | . . | . . | 000000000000 | . . | . .
7 | 000000000000 | . . | . . | 000000000000 | . . | . .
8 | 000000000000 | . . | . . | 000000000000 | . . | . .
9 | 000000000000 | . . | . . | 000000000000 | . . | . .
10 | 000000000000 | . . | . . | 000000000000 | . . | . .
11 | 000000000000 | . . | . . | 000000000000 | . . | . .
12 | 000000000000 | . . | . . | 000000000000 | . . | . .
13 | 000000000000 | . . | . . | 000000000000 | . . | . .
14 | 000000000000 | . . | . . | 000000000000 | . . | . .
15 | 000000000000 | . . | . . | 000000000000 | . . | . .
RECOVER: 0mfcuk: ERROR: mfcuk_key_recovery_block() (error code=0x03)
mfcuk: ERROR: mfcuk_key_recovery_block() (error code=0x03)
and he cant recover any key
Original issue reported on code.google.com by [email protected]
on 1 Mar 2014 at 7:41
1. git clone https://code.google.com/p/libnfc/
2. autoreconf -vis
3. ./configure --with-driver=pn32_uart --enable-serial-autoprobe
4. make
5. make install
6. sudo ldconfig
1. svn checkout http://mfcuk.googlecode.com/svn/trunk/ mfcuk-read-only
2. autoreconf -vis
3. ./configure
4. make
5. src/mfcuk -C -R 0:A -s 250 -S 250 -v 3
after a long!!! time this is what i get
[code]
Let me entertain you!
uid: -xxxxxxx-
type: 18
key: 000000000000
block: 5b
diff Nt: 65535
auths: 65537
-----------------------------------------------------
-----------------------------------------------------
Let me entertain you!
uid: -xxxxxx-
type: 18
key: 000000000000
block: 5b
diff Nt: 65536
auths: 65538
-----------------------------------------------------
mfcuk_keyrecovery_darkside: ERROR: mfcuk_key_recovery_block() (error code=0x09)
[/code]
when compiling mfcuk i have a make warning;
[code]
mfcuk.c:248:17: warning: ‘mfcuk_verify_key_block’ defined but not used
[-Wunused-function]
static uint32_t mfcuk_verify_key_block(nfc_device *pnd, uint32_t uiUID, uint64_t ui64Key, mifare_key_type bKeyType, uint8_t bTagType, uint32_t uiBlock)
[/code]
this problem is here with versions 0.3.5-0.3.8
i can use the -V option with the -D and it will find the default key's
but for some reason the -R option will not work, even when i add a default key
with the -d option.
please help.....!!!
uname
Linux 3.10-2-amd64 #1 SMP Debian 3.10.7-1 (2013-08-17) x86_64 GNU/Linux
i am using the pn532_uart breakout board v1.6
Original issue reported on code.google.com by [email protected]
on 15 Sep 2013 at 5:08
Here the time experiment with same commands on mfcuk and mfoc and the same tag&reader but diferent versions of nfc-tools.
Results (min aprox):
MFCUK 0.3.3, libnfc 1.5.1 & mfoc 0.10.3 > Time to obtain all keys: 15 min (2min mfcuk and 10min mfoc with only one probe by sector)
MFCUK 0.3.8, libnfc 1.7,1 & mfoc 0.10.7 > Time to obtain all keys: 60 min (15min mfcuk and 45min mfoc with 20-45 probes by sector)
In two case i use these commands: "mfcuk -C -R 0:A -v 2" and "mfoc -k xxxxxxxxxxx -O keys.mfd -P 100"
Tag&reader: Mifare classic 1k tag, reader SCL3711.
Why the lastest version of nfc-tools are more slow?
Since 1.4.x, libnfc offers error handling, so it could be great to use it to
better understand what happend.
Original issue reported on code.google.com by [email protected]
on 1 Apr 2011 at 9:31
What steps will reproduce the problem?
1. make
What is the expected output? What do you see instead?
of course successfully make,but error reported and failed. i think there's
something changed in the new libnfc-1.7.0-rc7 version.
What version of the product are you using? On what operating system?
Distributor ID: Ubuntu
Description: Ubuntu 12.04
Release: 12.04
libnfc-1.7.0-rc7
Please provide any additional information below.
xxx@xxx-laptop:~/Downloads/mfcuk-0.3.7$ make
make all-recursive
make[1]: Entering directory `/home/xxx/Downloads/mfcuk-0.3.7'
Making all in src
make[2]: Entering directory `/home/xxx/Downloads/mfcuk-0.3.7/src'
CC crapto1.o
CC crypto1.o
CC mifare.o
CC nfc-utils.o
nfc-utils.c: In function ‘print_nfc_target’:
nfc-utils.c:121:3: error: incompatible type for argument 2 of
‘str_nfc_target’
/usr/local/include/nfc/nfc.h:146:18: note: expected ‘const struct nfc_target
*’ but argument is of type ‘nfc_target’
make[2]: *** [nfc-utils.o] Error 1
make[2]: Leaving directory `/home/xxx/Downloads/mfcuk-0.3.7/src'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/home/xxx/Downloads/mfcuk-0.3.7'
make: *** [all] Error 2
Original issue reported on code.google.com by [email protected]
on 11 Jun 2013 at 4:51
the are to bugs int the code.
1º
if you want to compile on 32-bit you have to change in crapto1.h
asm( "movl %1, %%eax\n"
to this
__asm__("movl %1, %%eax\n"
2º
when any version if is compiled on 32-bit system, dosen't work
the last 2 bytes of the keys are always good, but the first 4 bytes are always
wrong (sometimes random, sometimes the same).
the problem is here i think
#if !defined __i386__ || !defined __GNUC__
x ^= x >> 16;
x ^= x >> 8;
x ^= x >> 4;
return BIT(0x6996, x & 0xf);
i think this is not correct, i have to look more deep
lot of people have problems with this issue
http://www.libnfc.org/community/topic/98/mifare-classic-key-recovery-tool-dark-s
ide-attack/page/3/
Original issue reported on code.google.com by [email protected]
on 18 Dec 2012 at 8:45
I tried to use mfcuk-0.3.7, mfcuk-0.3.8 (different revisions, including r-65), compiled with various versions of libnfc (starting from 1.5.1 to current one) with acr122u reader on OSX 10.6.3. Compilation/installation works fine (few warnings though) but neither of these combinations (mfcuk+libnfc) seems to even start attack. When i launch mfcuk with -v 3 option i get bus error:
`artaud$ sudo /Users/artaud/nfc/prefix/bin/mfcuk -C -R -1 -v 3
mfcuk - 0.3.8
Mifare Classic DarkSide Key Recovery Tool - 0.3
by Andrei Costin, [email protected], http://andreicostin.com
WARN: cannot open template file './data/tmpls_fingerprints/mfcuk_tmpl_skgt.mfd'
WARN: cannot open template file './data/tmpls_fingerprints/mfcuk_tmpl_ratb.mfd'
WARN: cannot open template file './data/tmpls_fingerprints/mfcuk_tmpl_oyster.mfd'
Bus error
Without -v option attack never starts too, i get only this:
mfcuk - 0.3.8
Mifare Classic DarkSide Key Recovery Tool - 0.3
by Andrei Costin, [email protected], http://andreicostin.com
WARN: cannot open template file './data/tmpls_fingerprints/mfcuk_tmpl_skgt.mfd'
WARN: cannot open template file './data/tmpls_fingerprints/mfcuk_tmpl_ratb.mfd'
WARN: cannot open template file './data/tmpls_fingerprints/mfcuk_tmpl_oyster.mfd'
INFO: Connected to NFC reader: ACS / ACR122U PICC Interface
VERIFY:
Key A sectors: 0 1 2 3 4 5 6 7 8 9 a b c d e f
Key B sectors: 0 1 2 3 4 5 6 7 8 9 a b c d e f
RECOVER: 0 1 2 3 4 5 6 7 8 9 a b c d e f
artaud$
`
Which, if i get it right, means that the execution of mfcuk is stoped after a second after start.
Adding "-s 250 -S 250" causes bus error too, starting/killing pcscd doesn't affect this issue.
Similar issue (#17) was already desripted here: #17 on OSX too.
I used two versions of MFCUK, one is the latest and another is a r55 binary that is precompiled and came with libnfc.dll (I had to provide libusb0.dll for this). I'm not sure what version of libnfc I have on both (probably different versions).
When compiling MFCUK, I did "autoreconf -is", "./configure", and "make". However, there was this message while executing the configure script (it still compiled though):
EDIT: link because GitHub removed lots of spaces: http://pastebin.com/kAhZwyeM
In both cases, I left MFCUK to recover a key (because MFOC couldn't do it and spent hours probing to no success), and when I came back to it, I returned to a screenful of "ERROR: mfcuk_key_recovery_block() (error code=0x09)"
I couldn't find anything about error code 0x09 anywhere, any help would be appreciated.
I read in some Mfcuk installation:
autoreconf -vis
automake --add-missing
autoconf
./configure
Now open the Makefiles in /mfcuk-read-only & /mfcuk-read-only/src and search for the line LIBS =
.Replace it with:
LIBS = $(LIBNFC_LIBS)
Is this last step of edit Makefiles really required in new versions of mfcuk installation?
How compile mfcuk on ubuntu linux ?
I can't compile this tools.
At revision 57:
Steps followed:
1. svn checkout http://mfcuk.googlecode.com/svn/trunk/ mfcuk-read-only
2. cd mfcuk-read-only
3. autoreconf -vis
4. automake
5. autoconf
6. PKG_CONFIG_PATH=../libnfc-read-only/ ./configure
7. make
When compiling on a eee pc 1000 h running Mac OS X Snow Leopard 10.6.3 with all
the required libs (including libnfc 1.5.1) installed I get this error:
make all-recursive
Making all in src
CC crapto1.o
CC crypto1.o
CC mifare.o
CC nfc-utils.o
nfc-utils.c: In function ‘parse_args’:
nfc-utils.c:654: error: ‘nfc_device_desc_t’ has no member named ‘pcPort’
nfc-utils.c:655: error: ‘nfc_device_desc_t’ has no member named ‘pcPort’
nfc-utils.c:655: error: ‘nfc_device_desc_t’ has no member named ‘pcPort’
nfc-utils.c:655: error: ‘nfc_device_desc_t’ has no member named ‘pcPort’
nfc-utils.c:655: error: ‘nfc_device_desc_t’ has no member named ‘pcPort’
nfc-utils.c: In function ‘print_nfc_target’:
nfc-utils.c:698: warning: enumeration value ‘NMT_ISO14443BI’ not handled in
switch
nfc-utils.c:698: warning: enumeration value ‘NMT_ISO14443B2SR’ not handled
in switch
nfc-utils.c:698: warning: enumeration value ‘NMT_ISO14443B2CT’ not handled
in switch
make[2]: *** [nfc-utils.o] Error 1
make[1]: *** [all-recursive] Error 1
make: *** [all] Error 2
Original issue reported on code.google.com by [email protected]
on 16 Oct 2011 at 8:06
(originally reported by thefkboss on issue 19)
the last 2 bytes of the keys are always good, but the first 4 bytes are always
wrong (sometimes random, sometimes the same).
the problem is here i think
#if !defined __i386__ || !defined __GNUC__
x ^= x >> 16;
x ^= x >> 8;
x ^= x >> 4;
return BIT(0x6996, x & 0xf);
i think this is not correct, i have to look more deep
lot of people have problems with this issue
http://www.libnfc.org/community/topic/98/mifare-classic-key-recovery-tool-dark-s
ide-attack/page/3/
Original issue reported on code.google.com by [email protected]
on 18 Feb 2013 at 8:20
What steps will reproduce the problem?
1. ./configure
2. make
3. src/mfcuk_keyrecovery_darkside -C
What is the expected output?
That should find data files
What do you see instead?
mfcuk - 0.3.2
Mifare Classic DarkSide Key Recovery Tool - 0.3
by Andrei Costin, [email protected], http://andreicostin.com
WARN: cannot open template file './data/tmpls_fingerprints/mfcuk_tmpl_skgt.mfd'
WARN: cannot open template file './data/tmpls_fingerprints/mfcuk_tmpl_ratb.mfd'
WARN: cannot open template file
'./data/tmpls_fingerprints/mfcuk_tmpl_oyster.mfd'
Original issue reported on code.google.com by [email protected]
on 1 Apr 2011 at 9:29
Hi, just as tip
To compile it with Linux 32 bits I took the following approach
I passed to configure the following flags:
I commented the following lines at configure.ac
AC_FUNC_MALLOC
AC_FUNC_REALLOC
both functions are specific for 64 bits
./configure CFLAGS="-m32" LDFLAGS="-m32"
can we do this check automatically and just add the two AC_FUNC_*LLOC
directives if our target is 64 bits?
Original issue reported on code.google.com by [email protected]
on 26 Sep 2011 at 10:22
hello,
i use "mfcuk -C -R 0 -v 3 -o dump" to try to find a key with the last version of mfcuk
it seams not to work cause the key is always 000000000 in the verbose output
Let me entertain you!
uid: d3e215f3
type: 08
key: 000000000000
block: 03
diff Nt: 3351
auths: 9997
is it normal? or do i have to change something in the source code to make it change the key?
thanks in advance.
Is there any way to retrieve old revisions of mfcuk after googlecode down?
Hi,
I am running root@kali:~# mfcuk -C -R 0 -s 250 -S 250 -v3
for days now, output is still:
----------------------------------------------------- Let me entertain you! uid: 242e0eb3 type: 08 key: 000000000000 block: 03 diff Nt: 190 auths: 368007 -----------------------------------------------------
Is this going the right way?
libnfc 1.7.1
mfcuk 0.3.8
Hello to everybody. Can anyone help me with this error?
rosario@rosario:~/mfcuk/src$ ./mfcuk -C -R 0:A -w 6 -v 3
mfcuk - 0.3.8
Mifare Classic DarkSide Key Recovery Tool - 0.3
by Andrei Costin, [email protected], http://andreicostin.com
TRESHOLD: 6
INFO: Connected to NFC reader: ACS / ACR122U PICC Interface
VERIFY:
Key A sectors: 0Errore di segmentazione (core dump creato)
rosario@rosario:~/mfcuk/src$ nfc-list
nfc-list uses libnfc 1.7.1
NFC device: ACS / ACR122U PICC Interface opened
1 ISO14443A passive target(s) found:
ISO/IEC 14443A (106 kbps) target:
ATQA (SENS_RES): 00 04
UID (NFCID1): de 09 9e 6e
SAK (SEL_RES): 09
At revision 57:
Steps followed:
1. svn checkout http://mfcuk.googlecode.com/svn/trunk/ mfcuk-read-only
2. cd mfcuk-read-only
3. autoreconf -vis
4. automake
5. autoconf
6. PKG_CONFIG_PATH=../libnfc-read-only/ ./configure
7. make
When compiling on a eee pc 1000 h running Mac OS X Snow Leopard 10.6.3 with all
the required libs (including libnfc 1.5.1) installed I get this error:
make all-recursive
Making all in src
CC crapto1.o
In file included from crapto1.c:20:
crapto1.h: In function ‘parity’:
crapto1.h:64: warning: implicit declaration of function ‘asm’
crapto1.h:70: error: expected ‘)’ before ‘:’ token
make[2]: *** [crapto1.o] Error 1
make[1]: *** [all-recursive] Error 1
make: *** [all] Error 2
The specified lines in crapto1.h look like this:
asm( "movl %1, %%eax\n"
"mov %%ax, %%cx\n"
"shrl $0x10, %%eax\n"
"xor %%ax, %%cx\n"
"xor %%ch, %%cl\n"
"setpo %%al\n"
"movzx %%al, %0\n": "=r"(x): "r"(x): "eax","ecx");
I'm not a C guru but I don't see the problem.
Original issue reported on code.google.com by [email protected]
on 16 Oct 2011 at 7:56
What steps will reproduce the problem?
1. /mfcuk-0.3.8
2. ./configure
3. make
What is the expected output? What do you see instead?
when running make it gives a output.
[code]
make all-recursive
make[1]: Entering directory `/nfc/mfcuk-0.3.8'
Making all in src
make[2]: Entering directory `/nfc/mfcuk-0.3.8/src'
CC crapto1.o
CC crypto1.o
CC mifare.o
CC nfc-utils.o
CC mfcuk_mifare.o
CC mfcuk_finger.o
CC mfcuk_utils.o
CC xgetopt.o
CC mfcuk.o
mfcuk.c:248:17: warning: ‘mfcuk_verify_key_block’ defined but not used
[-Wunused-function]
static uint32_t mfcuk_verify_key_block(nfc_device *pnd, uint32_t uiUID, uint64_t ui64Key, mifare_key_type bKeyType, uint8_t bTagType, uint32_t uiBlock)
^
CCLD mfcuk
make[2]: Leaving directory `/nfc/mfcuk-0.3.8/src'
make[2]: Entering directory `/mfcuk-0.3.8'
make[2]: Leaving directory `/nfc/mfcuk-0.3.8'
make[1]: Leaving directory `/nfc/mfcuk-0.3.8'
[/code]
it wont crack any keys, output of mfcuk -C -R 0:A -v 3
[code]
Let me entertain you!
uid: -xxxxxxx-
type: 18
key: 000000000000
block: 5b
diff Nt: 65535
auths: 65537
-----------------------------------------------------
-----------------------------------------------------
Let me entertain you!
uid: -xxxxxx-
type: 18
key: 000000000000
block: 5b
diff Nt: 65536
auths: 65538
-----------------------------------------------------
mfcuk_keyrecovery_darkside: ERROR: mfcuk_key_recovery_block() (error code=0x09)
[/code]
What version of the product are you using? On what operating system?
uname -a
Linux 3.10-2-amd64 #1 SMP Debian 3.10.7-1 (2013-08-17) x86_64 GNU/Linux
libnfc-1.7.0
mfcuk-0.3.8
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 8 Sep 2013 at 2:20
Maintainance update to work with a recent version of libnfc.
Attached patch seems to work. Please verify.
Greetings
Volker Zeihs
Jonas Groß
Original issue reported on code.google.com by [email protected]
on 18 Mar 2011 at 12:52
Attachments:
My ACR122U can detect the tag : ISO14443B-2 ST Rx and show me his UID.
But when I launch MFCUK, I got : Error no tag was found
Hello, I am running mfcuk on a single key from a single sector. It is running for long time but what is surprising to me is that I always get Diff Nt and Auth equals:
Let me entertain you!
uid:
type: 08
key: 000000000000
block: 03
diff Nt: 5936
auths: 5936
I tried with many different timeouts (including 250/250). Result is the same. Any idea?
nfc-utils.c should be updated to work with the current libnfc svn.
This change was introduced in libnfc r1116.
===================================================================
--- nfc-utils.c (revision 49)
+++ nfc-utils.c (working copy)
@@ -210,8 +210,7 @@
strcpy(pndd->pcDriver, strtok(buffer, ":"));
// Port.
- pndd->pcPort = (char *)malloc(256);
- strcpy(pndd->pcPort, strtok(NULL, ":"));
+ strcpy(pndd->acPort, strtok(NULL, ":"));
// Speed.
sscanf(strtok(NULL, ":"), "%u", &pndd->uiSpeed);
Original issue reported on code.google.com by [email protected]
on 22 Jul 2011 at 8:16
'./mfcuk_keyrecovery_darkside -h' has switched the descriptions for the 2 sleep
settings -s and -S:
fprintf(fp, "-S - miliseconds to sleep for CONSTANT DELAY\n");
fprintf(fp, "-s - miliseconds to sleep for DROP FIELD\n");
should be changed to that:
fprintf(fp, "-S - milliseconds to sleep for SLEEP_AT_FIELD_OFF (Default: %d ms)\n", SLEEP_AT_FIELD_OFF);
fprintf(fp, "-s - milliseconds to sleep for SLEEP_AFTER_FIELD_ON (Default: %d ms)\n", SLEEP_AFTER_FIELD_ON);
Original issue reported on code.google.com by [email protected]
on 11 Aug 2011 at 8:38
What steps will reproduce the problem?
svn checkout http://mfcuk.googlecode.com/svn/trunk mfcuk
cd mfcuk
autoreconf -vis
./configure
make
What is the expected output? What do you see instead?
In file included from crapto1.c:20:
crapto1.h: In function âparityâ:
crapto1.h:69: warning: implicit declaration of function âasmâ
crapto1.h:75: error: expected â)â before â:â token
make[2]: *** [crapto1.o] Error 1
make[2]: Leaving directory `/root/mfcuk/src'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/root/mfcuk'
make: *** [all] Error 2
What version of the product are you using? On what operating system?
Version 80
OS: Debian 2.6.32-5-686
Please provide any additional information below.
Change line 69 in crapto1.h to
__asm__("movl %1, %%eax\n"
(add four underscores)
Original issue reported on code.google.com by [email protected]
on 24 Oct 2012 at 4:46
This issue was created by revision r46.
Currently there is some code that is not clean:
- code indentation is not always the same
- useless blank lines
- turn on "-Wall -pedantic -Wextra" C-flags and see all code that have to be cleaned
Original issue reported on code.google.com by [email protected]
on 1 Apr 2011 at 9:11
At revision 62:
Steps followed:
1. svn checkout http://mfcuk.googlecode.com/svn/trunk/ mfcuk-read-only
2. cd mfcuk-read-only
3. autoreconf -vis
4. PKG_CONFIG_PATH=../libnfc-read-only/ ./configure
5. make
Compile works just fine.
When running "mfcuk -C -R 0:A" it works just fine, but if I change the
verbosity level, let's say I add "-v 2" or "-v 3" to this command, I get:
"mfcuk - 0.3.3
Mifare Classic Darkside Key Recovery Tool - 0.3
by Andrei Costin, ***@gmail.com, http://andreicostin.com
Bus error"
The system I use is an ACR122U/Touchatag connected to an eee pc 1000 h running
Mac OS X Snow Leopard 10.6.3 with all the required libs (including libnfc
1.5.1) installed. Just for the record, all nfc-* scripts and mfoc run just fine.
/Dimitrios
Original issue reported on code.google.com by [email protected]
on 17 Oct 2011 at 4:22
PN532 Breakout Board + Kali-Linux-Light-2016.2-vbox-amd64.ova
libnfc 1.7.1
What must I do?
`mfcuk - 0.3.8
Mifare Classic DarkSide Key Recovery Tool - 0.3
by Andrei Costin, [email protected], http://andreicostin.com
WARN: cannot open template file './data/tmpls_fingerprints/mfcuk_tmpl_skgt.mfd'
WARN: cannot open template file './data/tmpls_fingerprints/mfcuk_tmpl_ratb.mfd'
WARN: cannot open template file './data/tmpls_fingerprints/mfcuk_tmpl_oyster.mfd'
INFO: Connected to NFC reader: pn532_uart:/dev/ttyUSB0
VERIFY:
Key A sectors: 0 1 2 3 4 5 6 7 8 9 a b c d e f
Key B sectors: 0 1 2 3 4 5 6 7 8 9 a b c d e f
RECOVER: 0mfcuk: ERROR: configuring NP_ACTIVATE_FIELD
mfcuk: ERROR: mfcuk_key_recovery_block() (error code=0x08)
mfcuk: ERROR: configuring NP_ACTIVATE_FIELD
mfcuk: ERROR: mfcuk_key_recovery_block() (error code=0x08)
mfcuk: ERROR: configuring NP_ACTIVATE_FIELD
mfcuk: ERROR: mfcuk_key_recovery_block() (error code=0x08)
mfcuk: ERROR: configuring NP_ACTIVATE_FIELD
`
Hi,
I'm running r94. I've been trying with two different readers now (ACL122U and
SCL3711) and three different series of cards. The basic symptom is that the
random generator in the card is still weak, but the attack doesn't progress
nevertheless; it seems MFCUK never gets to the point where it gets the 1/256
guess right and gets the NACK back. Example:
-----------------------------------------------------
Let me entertain you!
uid: <removed>
type: 08
key: 000000000000
block: 03
diff Nt: 144
auths: 92264
-----------------------------------------------------
With 92k auths and only 144 different Nts, every Nt should have _at least_ 638
attempts on it (in reality probably much more, as some Nt values are much more
common than others), which is above 256, and the attack should have succeeded
long ago as I understand it.
MFOC succeeds for the card where I have a known key, so the basics of my NFC
setup appears to be okay.
Has anyone seen this before?
Original issue reported on code.google.com by [email protected]
on 5 Jun 2014 at 8:31
Is there any chance to run mfcuk on android phone.
What steps will reproduce the problem?
1. autoreconf -vis
2. ./configure
3. make distcheck
Original issue reported on code.google.com by [email protected]
on 1 Apr 2011 at 9:37
I try hack mifare classic card with MFCUK on kali linux.
But I get an error every 10-20 authorizations (auth)
My log from mfcuk after about one hour.
Let me entertain you!
uid: 7412d10c
type: 08
key: 000000000000
block: 03
diff Nt: 45
mfcuk: ERROR: mfcuk_key_recovery_block() (error code=0x03)
Can you say me that about error code = 03 ? Is it fixed card or not ?
Brute force is necessary to stop?
Anyone knows how to fix this error?
I'm trying to use mfcuk on windows with an acr122u.
I made a fresh windows install, installed cygwin and ran the following commands to compile it:
libtoolize
aclocal
autoconf
autoheader
automake --add-missing
./configure
make
then when I run: ./mfcuk -C -R 0 -s 250 -S 250
it outputs:
mfcuk - 0.3.8
Mifare Classic DarkSide Key Recovery Tool - 0.3
by Andrei Costin, [email protected], http://andreicostin.com
Segmentation fault (core dumped)
What am I doing wrong?
Hello I'm french, so sorry for the translation, here is my problem:
I have a chip reader ACS 122U-A9 and I want to hack a Mifare Classic 1k (ISO
14443 Type A), I use a virtual machine (VirtualBox and Backtrack 5 R3) under
64-bit Windows 7, I installed :
libnfc-1.7.0-rc7
ACR122 drivers on www.acs.com.hk website
mfoc0.10.2
Thank you very much for answering me because I'm desperate not to find the keys
A and B
I came not to do detect my card reader with libnfc-1.7.0-rc7 with nfc-list
function why?
I get to do detect the card reader with libnfc-1.4.2
I try to use MFOC-0.10.2, I 500-O-P MFOC dump, but it reads the sector 8, 500
times without finding the key B, which then try?
thank you to answer me please.
Original issue reported on code.google.com by [email protected]
on 12 Jun 2013 at 6:00
Using a mifare classic mini causes a segfault as the program is expecting a tag type of 0x8 or 0x18, not 0x9.
the main thread is not checking for get_trailer_block_for_sector()
to return MIFARE_CLASSIC_INVALID_BLOCK
and segfaults.
A solution would be a simple sanity check:
if (block == 0xFFFFFFFF) {
printf("The card is not a Mifare Classic card");
return 1;
}
when i tried to compile with cygwin it give me this error
$ make
gcc -DHAVE_CONFIG_H -I. -I.. -g -O2 -I/usr/local/include -I/usr/include/PCSC
-MT mfcuk_keyrecovery_darkside.o -MD -MP -MF .deps/mfcuk_keyrecovery_darkside
.Tpo -c -o mfcuk_keyrecovery_darkside.o mfcuk_keyrecovery_darkside.c
mv -f .deps/mfcuk_keyrecovery_darkside.Tpo .deps/mfcuk_keyrecovery_darkside.Po
gcc -g -O2 -I/usr/local/include -I/usr/include/PCSC -o mfcuk_keyrecovery_da
rkside.exe crapto1.o crypto1.o mfcuk_finger.o mfcuk_keyrecovery_darkside.o mfcuk
_mifare.o mfcuk_utils.o mifare.o nfc-utils.o -lnfc -lusb -lpcsclite -lnfc
mfcuk_keyrecovery_darkside.o: In function `mfcuk_verify_key_block':
/home/yoyoy/mf/src/mfcuk_keyrecovery_darkside.c:253: undefined reference to
`_iso14443a_crc_append'
mfcuk_keyrecovery_darkside.o: In function `mfcuk_key_recovery_block':
/home/yoyoy/mf/src/mfcuk_keyrecovery_darkside.c:407: undefined reference to
`_iso14443a_crc_append'
collect2: ld returned 1 exit status
make: *** [mfcuk_keyrecovery_darkside.exe] Error 1
i have tried with r45 and r49 and have the same problem with r45 give me more
errors
if i erase this line `_iso14443a_crc_append' it works but the program when i
try to recover the keys it always give me error 0x04 all the time
Original issue reported on code.google.com by [email protected]
on 9 May 2011 at 7:55
What steps will reproduce the problem?
1. ./configure
2. make
3. src/mfcuk_keyrecovery_darkside -C
Original issue reported on code.google.com by [email protected]
on 1 Apr 2011 at 9:26
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.