| blob | 46816f248069976cac5099b5340b7e2a8957bee6 |
1 ## Sample trace
2 ```
3 + 50422: : 26
4 + 64: 0: TAG 04 00
5 + 944: : 93 20
6 + 64: 0: TAG 9c 59 9b 32 6c
7 + 1839: : 93 70 9c 59 9b 32 6c 6b 30
8 + 64: 0: TAG 08 b6 dd
9 + 3783: : 60 32 64 69
10 + 113: 0: TAG 82 a4 16 6c
11 + 1287: : a1 e4 58 ce 6e ea 41 e0
12 + 64: 0: TAG 5c ad f4 39
13 ```
14 Usage with sample trace:
15 `./mfkey64 9C599B32 82A4166C A1E458CE 6EEA41E0 5CADF439`
17 ## Other examples
19 For mfkey32, you want to get two different NR_0/NR_1 values.
21 ```
22 # <uid> <nt> <{nr_0}> <{ar}_0> <{nr_1}> <{ar}_1>
23 ./mfkey32 57DA41DA 01200145 7B70C62C 909121F2 F9206A8B 908B8981
24 ```
26 For mfkey32v2 (moebius), you want to get two different NT/NT1 values. (like in the SIM commands)
27 ```
28 # <uid> <nt> <nr_0> <ar_0> <nt1> <nr_1> <ar_1>
29 ./mfkey32v2 12345678 1AD8DF2B 1D316024 620EF048 30D6CB07 C52077E2 837AC61A
30 ./mfkey32v2 52B0F519 5417D1F8 4D545EA7 E15AC8C2 A1BA88C6 DAC1A7F4 5AE5C37F
31 ```
33 For mfkey64, you want to have the AT response from tag.
34 ```
35 # <uid> <nt> <nr> <ar> <at>
36 ./mfkey64 9C599B32 82A4166C A1E458CE 6EEA41E0 5CADF439
37 ./mfkey64 52B0F519 5417D1F8 4D545EA7 E15AC8C2 5056E41B
38 ```
40 ### Communication decryption
41 A new functionality from @zhovner
43 Example: given the following trace
44 ```
45 RDR 26
46 TAG 04 00
47 RDR 93 20
48 TAG 14 57 9f 69 b5
49 RDR 93 70 14 57 9f 69 b5 2e 51
50 TAG 08 b6 dd
51 RDR 60 14 50 2d
52 TAG ce 84 42 61
53 RDR f8 04 9c cb 05 25 c8 4f
54 TAG 94 31 cc 40
55 RDR 70 93 df 99
56 TAG 99 72 42 8c e2 e8 52 3f 45 6b 99 c8 31 e7 69 dc ed 09
57 RDR 8c a6 82 7b
58 TAG ab 79 7f d3 69 e8 b9 3a 86 77 6b 40 da e3 ef 68 6e fd
59 RDR c3 c3 81 ba
60 TAG 49 e2 c9 de f4 86 8d 17 77 67 0e 58 4c 27 23 02 86 f4
61 RDR fb dc d7 c1
62 TAG 4a bd 96 4b 07 d3 56 3a a0 66 ed 0a 2e ac 7f 63 12 bf
63 RDR 9f 91 49 ea
64 ```
66 `./mfkey64 14579f69 ce844261 f8049ccb 0525c84f 9431cc40 7093df99 9972428ce2e8523f456b99c831e769dced09 8ca6827b ab797fd369e8b93a86776b40dae3ef686efd c3c381ba 49e2c9def4868d1777670e584c27230286f4 fbdcd7c1 4abd964b07d3563aa066ed0a2eac7f6312bf 9f9149ea`
68 ```
69 Recovering key for:
70 uid: 14579f69
71 nt: ce844261
72 {nr}: f8049ccb
73 {ar}: 0525c84f
74 {at}: 9431cc40
75 {enc0}: 7093df99
76 {enc1}: 9972428ce2e8523f456b99c831e769dced09
77 {enc2}: 8ca6827b
78 {enc3}: ab797fd369e8b93a86776b40dae3ef686efd
79 {enc4}: c3c381ba
80 {enc5}: 49e2c9def4868d1777670e584c27230286f4
81 {enc6}: fbdcd7c1
82 {enc7}: 4abd964b07d3563aa066ed0a2eac7f6312bf
83 {enc8}: 9f9149ea
85 LFSR successors of the tag challenge:
86 ar: 76d4468d
87 at: d5f3c476
89 Keystream used to generate {ar} and {at}:
90 ks2: 73f18ec2
91 ks3: 41c20836
93 Decrypted communication:
94 {dec0}: 3014a7fe
95 {dec1}: c26935cfdb95c4b4a27a84b8217ae9e48217
96 {dec2}: 30152eef
97 {dec3}: 493167c536c30f8e220b09675687067d4b31
98 {dec4}: 3016b5dd
99 {dec5}: 493167c536c30f8e220b09675687067d4b31
100 {dec6}: 30173ccc
101 {dec7}: 0000000000007e178869000000000000c4f2
102 {dec8}: 61148834
104 Found Key: [091e639cb715]
105 ```
106 ### Recovering partial nested authentication
107 A new functionality from @doegox
109 In some situations, we may replay a {nT} in a nested authentication, of which we know the plain nT but not the key.
111 Example:
112 ```
113 Tag |ab! b3! 0b! D1 | | AUTH: nt (enc)
114 Rdr |46 03 39 66 AD c1! 81 62! | | AUTH: nr ar (enc)
115 ```
117 ```
118 ./mfkey32v2nested 5C467F63 4bbf8a12 abb30bd1 46033966 adc18162
119 MIFARE Classic key recovery - known nT scenario
120 Recover key from one reader authentication answer only
121 Recovering key for:
122 uid: 5c467f63
123 nt: 4bbf8a12
124 {nt}: abb30bd1
125 {nr}: 46033966
126 {ar}: adc18162
128 LFSR successor of the tag challenge:
129 ar: 77cc87f8
131 Keystream used to generate {nt}:
132 ks0: e00c81c3
134 Keystream used to generate {ar}:
135 ks2: da0d069a
137 Found Key: [059e2905bfcc]
138 ```