Hacking RFID, rompiendo la seguridad de Mifare

[Izai]

Puedes capturar una imagen de lo que tienes en la carpeta bin?.

Saludos.

[3ljhon]

Saludos y Gracias Iz4i! y al foro en gral.

El àrbol del directorio src/bin es el siguiente:

root@gandalf-laptop:~/fuck/9/libnfc/mfcuk-read-only/src/bin# ls -la
total 96384
drwxr-xr-x 4 root root 4096 2010-09-02 13:16 .
drwxr-xr-x 5 root root 4096 2010-09-01 14:56 ..
drwxr-xr-x 5 root root 4096 2010-08-31 18:20 data
-rw-r--r-- 1 root root 98436150 2010-09-02 13:28 errors.log
-rw-r--r-- 1 root root 22016 2010-08-31 18:20 libnfc.dll
-rw-r--r-- 1 root root 10218 2010-08-31 18:20 libnfc.lib
-rw-r--r-- 1 root root 48733 2010-08-31 18:20 mfcuk_keyrecovery_darkside_cygwin.exe
-rw-r--r-- 1 root root 40960 2010-08-31 18:20 mfcuk_keyrecovery_darkside_win32.exe
-rw-r--r-- 1 root root 4096 2010-08-31 22:16 mifare_jhon.dmp
-rw-r--r-- 1 root root 2744 2010-09-02 13:16 results.log
-rw-r--r-- 1 root root 4096 2010-09-02 13:16 snapshot.mfd
drwxr-xr-x 6 root root 4096 2010-08-31 18:20 .svn

ademàs...

root@gandalf-laptop:~/fuck/9/libnfc/mfcuk-read-only/src/bin# ls -la data/
total 20
drwxr-xr-x 5 root root 4096 2010-08-31 18:20 .
drwxr-xr-x 4 root root 4096 2010-09-02 13:16 ..
drwxr-xr-x 3 root root 4096 2010-08-31 18:20 logs_proxmark3
drwxr-xr-x 6 root root 4096 2010-08-31 18:20 .svn
drwxr-xr-x 3 root root 4096 2010-08-31 18:20 tmpls_fingerprints

================================================== =============
Os comento...
Cuando ejecuto

root@gandalf-laptop:~/fuck/9/libnfc/mfcuk-read-only/src/bin# mfcuk_keyrecovery_darkside -v 1 -C 1 -R 1 2>errors.log | tee results.log


MFCUK - MiFare Classic Universal toolKit - 0.1
Mifare Classic DarkSide Key Recovery Tool - 0.3
by Andrei Costin, [email protected], http://andreicostin.com


INFO: Connected to NFC reader: ACR122U207 - PN532 v1.6 (0x07)



INITIAL ACTIONS MATRIX - UID 5d fe 40 02 - TYPE 0x08 (MC1K)
---------------------------------------------------------------------
Sector | Key A |ACTS | RESL | Key B |ACTS | RESL
---------------------------------------------------------------------
0 | 000000000000 | . . | . . | 000000000000 | . . | . .
1 | 000000000000 | . R | . . | 000000000000 | . R | . .
2 | 000000000000 | . . | . . | 000000000000 | . . | . .
3 | 000000000000 | . . | . . | 000000000000 | . . | . .
4 | 000000000000 | . . | . . | 000000000000 | . . | . .
5 | 000000000000 | . . | . . | 000000000000 | . . | . .
6 | 000000000000 | . . | . . | 000000000000 | . . | . .
7 | 000000000000 | . . | . . | 000000000000 | . . | . .
8 | 000000000000 | . . | . . | 000000000000 | . . | . .
9 | 000000000000 | . . | . . | 000000000000 | . . | . .
10 | 000000000000 | . . | . . | 000000000000 | . . | . .
11 | 000000000000 | . . | . . | 000000000000 | . . | . .
12 | 000000000000 | . . | . . | 000000000000 | . . | . .
13 | 000000000000 | . . | . . | 000000000000 | . . | . .
14 | 000000000000 | . . | . . | 000000000000 | . . | . .
15 | 000000000000 | . . | . . | 000000000000 | . . | . .


VERIFY:
Key A sectors: 0 1 2 3 4 5 6 7 8 9 a b c d e f
Key B sectors: 0 1 2 3 4 5 6 7 8 9 a b c d e f


ACTION RESULTS MATRIX AFTER VERIFY - UID 5d fe 40 02 - TYPE 0x08 (MC1K)
---------------------------------------------------------------------
Sector | Key A |ACTS | RESL | Key B |ACTS | RESL
---------------------------------------------------------------------
0 | 000000000000 | . . | . . | 000000000000 | . . | . .
1 | 000000000000 | . R | . . | 000000000000 | . R | . .
2 | 000000000000 | . . | . . | 000000000000 | . . | . .
3 | 000000000000 | . . | . . | 000000000000 | . . | . .
4 | 000000000000 | . . | . . | 000000000000 | . . | . .
5 | 000000000000 | . . | . . | 000000000000 | . . | . .
6 | 000000000000 | . . | . . | 000000000000 | . . | . .
7 | 000000000000 | . . | . . | 000000000000 | . . | . .
8 | 000000000000 | . . | . . | 000000000000 | . . | . .
9 | 000000000000 | . . | . . | 000000000000 | . . | . .
10 | 000000000000 | . . | . . | 000000000000 | . . | . .
11 | 000000000000 | . . | . . | 000000000000 | . . | . .
12 | 000000000000 | . . | . . | 000000000000 | . . | . .
13 | 000000000000 | . . | . . | 000000000000 | . . | . .
14 | 000000000000 | . . | . . | 000000000000 | . . | . .
15 | 000000000000 | . . | . . | 000000000000 | . . | . .


RECOVER: 0 1

Despuès de un momento el LED del lector se queda en rojo
y el archivo errors.log esta lleno de lìneas como la siguiente:

root@gandalf-laptop:~/fuck/9/libnfc/mfcuk-read-only/src/bin# more errors.log
ERROR: configuring NDO_ACTIVATE_FIELD
ERROR: mfcuk_key_recovery_block() (error code=0x08)
ERROR: configuring NDO_ACTIVATE_FIELD
ERROR: mfcuk_key_recovery_block() (error code=0x08)
ERROR: configuring NDO_ACTIVATE_FIELD
ERROR: mfcuk_key_recovery_block() (error code=0x08)
ERROR: configuring NDO_ACTIVATE_FIELD
ERROR: mfcuk_key_recovery_block() (error code=0x08)
ERROR: configuring NDO_ACTIVATE_FIELD

================================================== ============

MFOC

Os comento que el siguiente comando, de mfoc regresa lo siguiente

root@gandalf-laptop:~/fuck/9/libnfc/mfcuk-read-only/src/bin# mfoc -P 5000 -O rotschool.dmp
Found MIFARE Classic 1K card with uid: 5dfe4002
[Key: a0a1a2a3a4a5] -> [x...............]
[Key: b0b1b2b3b4b5] -> [x...............]
[Key: 000000000000] -> [x...............]
[Key: 4d3a99c351dd] -> [x...............]
[Key: 1a982c7e459a] -> [x...............]
[Key: d3f7d3f7d3f7] -> [x...............]
[Key: aabbccddeeff] -> [x...............]
[Key: 714c5c886e97] -> [x...............]
[Key: 587ee5f9350f] -> [x...............]
[Key: a0478cc39091] -> [x...............]
[Key: 533cb6c723f6] -> [x...............]
[Key: 8fd0a4f256e9] -> [x...............]

Sector 00 - FOUND_KEY [A] Sector 00 - UNKNOWN_KEY [B]
Sector 01 - UNKNOWN_KEY [A] Sector 01 - UNKNOWN_KEY [B]
Sector 02 - UNKNOWN_KEY [A] Sector 02 - UNKNOWN_KEY [B]
Sector 03 - UNKNOWN_KEY [A] Sector 03 - UNKNOWN_KEY [B]
Sector 04 - UNKNOWN_KEY [A] Sector 04 - UNKNOWN_KEY [B]
Sector 05 - UNKNOWN_KEY [A] Sector 05 - UNKNOWN_KEY [B]
Sector 06 - UNKNOWN_KEY [A] Sector 06 - UNKNOWN_KEY [B]
Sector 07 - UNKNOWN_KEY [A] Sector 07 - UNKNOWN_KEY [B]
Sector 08 - UNKNOWN_KEY [A] Sector 08 - UNKNOWN_KEY [B]
Sector 09 - UNKNOWN_KEY [A] Sector 09 - UNKNOWN_KEY [B]
Sector 10 - UNKNOWN_KEY [A] Sector 10 - UNKNOWN_KEY [B]
Sector 11 - UNKNOWN_KEY [A] Sector 11 - UNKNOWN_KEY [B]
Sector 12 - UNKNOWN_KEY [A] Sector 12 - UNKNOWN_KEY [B]
Sector 13 - UNKNOWN_KEY [A] Sector 13 - UNKNOWN_KEY [B]
Sector 14 - UNKNOWN_KEY [A] Sector 14 - UNKNOWN_KEY [B]
Sector 15 - UNKNOWN_KEY [A] Sector 15 - UNKNOWN_KEY [B]


Using sector 00 as an exploit sector
Reader-answer transfer error, exiting..

Y se queda el LED en rojo... supogo que no hae gran cosa...


Me podrian ayudar diciendome como es que se usa/invoca, os comento que tengo un ACR122U & Mifare 1K el uid esta en mis post previos y otra info relacionada a mi sistema-lector.

Gracias de antemano!