Mfcuk - MFCUK - MiFare Classic Universal toolKit

  •        0

IMPORTANT: Due to constant lack of time, I (Andrei Costin) cannot support/maintain this project. If there is any volunteer to maintain/develop, please contact me or leave a message on libnfc's forum. MFCUK - MiFare Classic Universal toolKit Toolkit containing samples and various tools based on and around libnfc and crapto1, with emphasis on Mifare Classic NXP/Philips RFID cards. Special emphasis of the toolkit is on the following: mifare classic weakness demonstration/exploitation demonstrate use of libnfc (and ACR122 readers) demonstrate use of Crapto1 implementation to confirm internal workings and to verify theoretical/practical weaknesses/attacks Wishlist for next version: integrate with mifarecrack (proxmark3 sniffed-logs parser-decrypter) (short-term) write proper proxmark3 parser (c for internal calls and py for external calls) integrate with MFOC (medium-term) integrate with crapto1 3.2 create initial fingerprint design&implementation. card fingerprinting based on: known plain-text in specific blocks, range of UIDs, etc. (short-term) more templates to add (short-term) summarize decoding info and implement custom decoders (short-medium-term) implement "wiser" template data-structure and appropriate binary data similarity algotihms (medium-term) have command-line (silent+interactive) and GUI (QT-based?) (long-term) More of research type long-term activity (any volunteers :)?): go deeper into how UID/block/keys/Nt/Nr relate so that we choose Nt and Nr with shortest crack time (long-term) research on how to shorten time in case prefix of the keys or any part of the keys are known many cards from same issuer might have known plaintext in specific blocks - can this be exploited to speed-up first key recovery and then use optimized darkside/nested to get whole card (medium-term) PACKAGE HISTORY: zv_mf_dark_side-v0.3.zip Nov 28 829 KB 604 Downloads zv_mf_dark_side-v0.2.zip Nov 15 43.2 KB 82 Downloads zv_mf_dark_side-v0.1.zip Nov 13 40.1 KB 48 Downloads IMPORTANT NOTICE - would greatly appreciate if someone can donate (even used, smashed, but still programmable) things below: either Nokia 6131 either Nokia 6212 iCarte for iPhone These things are aimed to research, implement the 100% software emulation of Mifare Classic Cards (including UID) and release it open-source under GPL. Please contact zveriu through my zveriu's blog regarding donations. DISCLAIMER - The information and reference implementation source/binary contained herein is provided: for informational use only as part of academic or research study, especially in the field of informational security, cryptography and secure systems as-is without any warranty, support or liability - any damages or consequences obtained as a result of consulting this information if purely on the side of the reader NOT to be used in illegal circumstances (for example to abuse, hack or trick a system which the reader does not have specific authorizations to such as ticketing systems, building access systems or whatsoever systems using Mifare Classic as core technology) ContactsAndreiAndrei Costin - mailto:zveriu@gmail.com http://andreicostin.com http://code.google.com/p/mfcuk/ Nethemba Teammailto:mifare@nethemba.com Pavol Luptak - mailto:pavol.luptak@nethemba.com Norbert Szetei - mailto:norbert.szetei@nethemba.com http://nethemba.com Papershttp://eprint.iacr.org/2009/137.pdf http://www.cs.ru.nl/~petervr/web/papers/grvw_2009_pickpocket.pdf Linkshttp://www.mikeycard.org http://www.libnfc.org forum http://www.proxmark.org forum

http://code.google.com/p/mfcuk

Tags
Implementation
License
Platform

   




Related Projects

raspBerry+


raspBerry+ is a web-based administration platform for Blackberry Enterprise Server for MS Exchange (BES). You can group-based activate/kill/delete/add and get status of users, their handhelds and services. With a little download-area and a comment-system

RASP


RASP's A Sneakernet Proxy; download using a thumbdrive.

RasmusDSP


RasmusDSP is an embeddable Audio/MIDI processor. It contains various filters and generators (including SoundFont 2.0 compatible synthesizer). Has a script interpreter which is used to describe instruments, route Audio/MIDI signal between processor units.

Rasea


An acronym for cRoss-plAtform accesS control for Enterprise Applications. Rasea aims to become a reference in access control as a service based on the RBAC model.

Rascal


Rascal, the Advanced Scientific CALculator, is a platform independent modular calculator. Based on modules for integer, doubles, strings, vectors and matrices it can be easily extended with existing C or C++ code.

Rars


RARS is the Robot Auto Racing Simulation, in which the drivers are robot programs. It is intended as a competition among programmers. It consists of a simulation of the physics of cars, a graphic display of the race, and a robot driver for each car.

RARPlayer


This small program allows you to play a video directly from a RAR file and do so in real-time. Both VLC and MPlayer are supported video players.

RAReXtract


RAReXtract is a Front-End for the UnRAR command line utility for Mac OS X 10.5 (Leopard). Its purpose is the rapid and convenient extraction of RAR archives with a double click.

RAR Expander


Rar Expander is a MacOSX program which extracts the files contained in single or multi-volume RAR archives. It uses the official unRAR library internally so it is fully compatible with archives produced by WinRAR.

rarcrack


This program uses a brute force algorithm to guess your encrypted compressed file\'s password. If you forget your encrypted file password, this program is the solution. This program can crack zip,7z and rar file passwords.

RArcInfo


RArcInfo is a package for R (http://www.r-project.org) to import data from binary Arc/Info V7.X coverages and E00 files . This will allow R users to used it as a primary GIS tool.

rar brute force shell script - rarbrute


This is rarbrute, a shell script to brute force encrypted rar files under unix and linux. A long wordlist and a paper about security in internet cafes is included.

Raquel Database System


The system will : 1. use RAQUEL (= Relational Algebra Query, Update and Executive Language) for programming, implementing Third Manifesto principles. 2. have a 'Lego-like' architecture of building blocks and plug-ins, for wider applicability.

RAPv4


RAPv4 is an engine for building web application with only a business description (in XML format). NEW 04/2006 : Stable 2006 release. Add new functions like mail, sms, web services, graph, map engine (GIS), Excel output, QBE... and also a beta release of

Rafkill


2d Scroller. Clone of Raptor: Call of the Shadows and Tyrian. Fun game written in c++ using allegro.

rapple


Lightweight XML based transformation tool written in C that builds upon expat, tidylib and XSLT to tranform authored web content (incl. Word processor generated HTML) into styled web content suitable for publication.

RapidSMS


RapidSMS is an open-source internet and communications platform

RapidSmith


RapidSmith is a research-based FPGA CAD tool framework written in Java for modern Xilinx FPGAs. Based on XDL, its objective is to serve as a rapid prototyping platform for research ideas and algorithms relating to low level FPGA CAD tools.

Rapidshare Mass Downloader


What this program does is bringing out human interaction while downloading files from rapidshare(without premium account). It downloads all the rapidshare links sequentially to the specified location.

rapido visual profiler


rapido is a visual profiler for linux-x86. It traces function call using the ptrace interface and displays the information collected in a nice visual flow chart. rapido does not require the re-compilation of the application.