Mastodawn

Hey masto 👋

I try to duplicate #NFC tags with #MifareClassic.
I can read from the input tag just fine and can write to the second but not to #Bloc0.

Here is the tag I try to write to.
I thought it was the correct model.

Any help would do wonders.
And boost helps !

Apicultor 🐝Sep 7, 2024

The democratisation of Mifare attacks is almost here.

https://github.com/flipperdevices/flipperzero-firmware/pull/3822

#Mifare #MifareClassic #FlipperZero #security

MIFARE Classic Key Recovery Improvements by noproto · Pull Request #3822 · flipperdevices/flipperzero-firmware

What's new MIFARE Classic Accelerated dictionary attack: dictionary attacks reduced to several seconds MIFARE Classic Nested attack support: collects nested nonces to be cracked by MFKey, no l...

GitHub

Harry Sintonen Mar 21, 2024

Classic example of #securitybyobscurity ending badly: "To clone the cards, they had to crack #dormakaba's key derivation function. ... Forged keycards can be created using any #MIFAREClassic card."
https://www.bleepingcomputer.com/news/security/unsaflok-flaw-can-let-hackers-unlock-millions-of-hotel-doors/ #Unsaflok #vulnerability #infosec #cybersecurity #Saflok

Unsaflok flaw can let hackers unlock millions of hotel doors

Security vulnerabilities in over 3 million Saflok electronic RFID locks deployed in 13,000 hotels and homes worldwide allowed researchers to easily unlock any door in a hotel by forging a pair of keycards.

BleepingComputer

Potassium Jan 2, 2024

Am Weg zurück vom #37c3 mit der Bahn. Stellt sich raus die neuen Schlafwagen der ÖBB haben #mifaredesfire #nfc-Karten für die Abteile. Hätte ich ja jede Wette verloren, dass da gleich noch die gute #MifareClassic Technologie genutzt wird 😆

Potassium Nov 19, 2023

If you also struggled with conversion between #flipper #NFC dumps and Mifare Classic Tool (#mct) or Windows Mifare Classic Tool (#mwt) this might be very helpful for you too:

GitHub - whyn0/FlipperNFC2MCT: Simple Python script to convert NFC dumps from Flipper-Zero to MifareClassicTool format
https://github.com/whyn0/FlipperNFC2MCT

#MifareClassic1K #mifareclassictool #MifareClassic #pentesting #rfid

GitHub - whyn0/FlipperNFC2MCT: Simple Python script to convert NFC dumps from Flipper-Zero to MifareClassicTool format

Simple Python script to convert NFC dumps from Flipper-Zero to MifareClassicTool format - GitHub - whyn0/FlipperNFC2MCT: Simple Python script to convert NFC dumps from Flipper-Zero to MifareClassic...

GitHub

0g0un Jul 3, 2023

Have some (at least one) but not all keys for a mifare classic card? You can most probably use the nested attack. Here's the related repo for flipper zero:
https://github.com/AloneLiberty/FlipperNested
Works just fine, I've been able to decrypt two cards for which I didn't have the keys previously. Now I can emulate them for when I don't want to carry my originals #hacktheplanet #nfc #MifareClassic #nestedattack #FlipperZero

GitHub - AloneLiberty/FlipperNested: Recover Mifare Classic keys on Flipper Zero

Recover Mifare Classic keys on Flipper Zero. Contribute to AloneLiberty/FlipperNested development by creating an account on GitHub.

GitHub

Show thread

Solution Hackeuse soon at OrangeCon Apr 30, 2023

😭 this moment where I analyze yet another card and I have no keys of this other card.

Two hypothesis:
1. They have a pool of random keys
2. They have change keys randomly per card, to avoid having master keys in the wild ("No master key, no problem "). In this case, I'll try to guess keys (e.g. a bad random number generator)

I'll try to collect a bunch of card near me (friends and colleagues), attack the cards, and try to get evidence of the first hypothesis. Meanwhile, I'll try to see if their random key generator is really random... 🤷‍♀️

Any other idea?

#Mifare #MifareClassic #MiFail #ovchipkaart

Solution Hackeuse soon at OrangeCon Apr 29, 2023

I got the keys of the NL OV-chipkaart, the national transport card. I'm studying if this is a real vulnerability 👀
If it is, I'll try to responsibly disclose it. Do you know who is responsible for this? NCSC NL?

Evidence:
```
$ md5sum *
ba02cb86e460806c9b72dc0813956c39 anonymous_ov_keys.dic
3a8aff313a14feba3fde78f15d98eee8 personal_ov_keys.dic
7e88b55d40e612bafb44276ce3e73507 pro_ov_keys.dic
```

#NFC #transportcard #Mifare #MifareClassic