MIFARE Classic Key Recovery Improvements #3822
+1,929
−106
Merged
Task list completed / task-list-completed
succeeded
Nov 2, 2024 in 0s
3 / 3 tasks completed
All tasks have been completed
Details
Required Tasks
| Task | Status |
|---|---|
| MIFARE Classic Accelerated dictionary attack: dictionary attacks reduced to several seconds - checks ~3500 keys per second | Incomplete |
| MIFARE Classic Nested attack support: collects nested nonces to be cracked by MFKey, no longer requiring users to downgrade to FW 0.93.0 | Incomplete |
| MIFARE Classic Static encrypted backdoor support: collects static encrypted nonces to be cracked by MFKey using NXP/Fudan backdoor, allowing key recovery of all non-hardened MIFARE Classic tags on-device | Incomplete |
| Note: This PR adds nonce collection methods which trade some of the time reclaimed by this improvement | Incomplete |
| Nested (weak PRNG): Using any weak PRNG tag and MFKey (v3.0 available for testing here) | Incomplete |
| Hardnested (hard PRNG): Verify nonces are stored at /ext/nfc/.nested.log (can be cracked using HardnestedRecovery) | Incomplete |
| Static encrypted (backdoor): Using static encrypted tag and MFKey | Incomplete |
| PR has description of feature/bug or link to Confluence/Jira task | Completed |
| Description contains actions to verify feature/bugfix | Completed |
| I've built this code, uploaded it to the device and verified feature/bugfix | Completed |
| Incomplete | |
| Incomplete | |
| Resolve all TODOs in code (15 remaining) | Incomplete |
| Incomplete | |
| Incomplete | |
| Resolve all reviews (3 remaining) | Incomplete |
| Improved dictionary attack/nested nonce collection. This PR #3822 which is functionally working. The API implementation is being discussed in this review thread. I will open a new PR for additional code-related improvements and performance optimizations. | Incomplete |
| MFKey included for key recovery. #3943 was opened separately but intended to be merged alongside #3822 so they support each other. | Incomplete |
| MFKey flow: I'd write this if I could. I don't know how to unload the currently running app and launch a new app from the active application (NFC app). I'm thinking this should be a menu item of "Recover keys" or "Crack keys" that is listed after partially reading a MIFARE Classic card, and launches the MFKey application included in #3943. | Incomplete |
| Noted power of 2 in both sector and keys found. Possible issue with datatype. Decided to not remove plugins for initial test. | Incomplete |
| Using NFC Magic, cloned Plantan_white.nfc to a Gen4 UMC magic card | Incomplete |
| Read card with NFC app. Crashes on sectors read 32/40, keys found 43/80, 33/40 on progress bar, "[CRASH][NfcWorker] furi_check failed" after "Found key candidate" | Incomplete |
| Dumped call stack: | Incomplete |
| Identified issue: reuse_key_sector assigned to 43, when tag only has 40 sectors (0-39). This is because of a bad assumption (sector number = block number / 4, is not true for MFC 4K) | Incomplete |
| Fixed in 4be9e79 | Incomplete |
| Re-ran dictionary attack, reproduced test 2 crash at end of nonce collection: "[CRASH][NfcWorker] Wrong sector num" | Incomplete |
| Dumped call stack: | Incomplete |
| Identified issue: off by one in nested_target_key, doesn't crash on MFC 1K since no effect besides reduced performance (same issue as "TODO: Fix rare nested_target_key 64 bug") | Incomplete |
| Fixed in 4be9e79 | Incomplete |
| Test: Read tag, recovered 29 keys with MFKey (78/80 keys), read tag, recovered 2 keys with MFKey, 80/80 keys 40/40 sectors read. Working. | Incomplete |
| Began re-testing original issues. Removed plugins folder, unable to reproduce. Removed user dictionary, unable to reproduce. | Incomplete |
| Verified Prox.nfc has sector 1 key A DEADBEAFFFFF | Incomplete |
| Using NFC Magic, cloned Prox.nfc to a Gen1a magic card | Incomplete |
| Read card with NFC app. 31/32 keys. 1 nonce collected in .nested.log | Incomplete |
| Cracked nonce in MFKey. | Incomplete |
| Returned to NFC app and read card. 32/32, 16/16 sectors read | Incomplete |
Flashed second Flipper device with nestednonces fork |
Incomplete |
| Same result | Incomplete |
| Ensured NFC plugins folder present on Flipper device | Incomplete |
| Using NFC Magic, cloned Small_troyka.nfc to a Gen4 UMC magic card | Incomplete |
| Read card with NFC app. 32/32 keys. | Incomplete |
Flashed second Flipper device with nestednonces fork |
Incomplete |
Reproduced auth errors. Narrowed issue to interaction between nestednonces and troika_parser.fal NFC plugin. |
Incomplete |
| Identified issue: inconsistent assignment of known key and known key type/sector. This is because of a bad assumption (key found in dictionary attack was assumed to be first key) | Incomplete |
| Fixed in 897817a and db26c85 | Incomplete |
| Re-ran dictionary attack on all card types, works. No longer able to reproduce original issue. | Incomplete |
| Ensured NFC plugins folder present on Flipper device | Incomplete |
| Using NFC Magic, cloned Disappeared_corridor.nfc to a Gen4 UMC magic card | Incomplete |
| Read card with NFC app. 70/80 keys. | Incomplete |
Flashed second Flipper device with nestednonces fork |
Incomplete |
| Same result. Troyka card recognized | Incomplete |
| Removed plugins folder. | Incomplete |
| Read card with NFC app. 70/80 keys. | Incomplete |
| Added a user dictionary file to the device with 1 irrelevant key | Incomplete |
| Read card with NFC app. 70/80 keys. Unable to reproduce original issue. | Incomplete |
Import mf_classic_dict_user.nfc to nfc->assets |
Incomplete |
Check that key DEADBEAFFFFF is already present in users' keys |
Incomplete |
| Try to read card from test 2 or test 3. | |
| After this step some steps may vary because I don't have the exact sequence. | Incomplete |
| If card read fine, press retry (sometimes 1 or 2 retries might be enough, sometimes even 20 will give no effect). | Incomplete |
| If card read fine, exit NFC app, then enter again and retry step 4. | Incomplete |
| If card read fine, reboot Flipper completely and repeat steps from 4. | |
| Steps 4-6 can be combined in different ways before issue appears. | Incomplete |
If card read fails to read 1 sector, Flipper collect nonces to .nested.logs, then you can delete this file via qFlipper and press retry, this can cause issue to repeat again, but not every time. |
Incomplete |
TODOs(add FL-3926 after TODO, so CI/CD will stop complaining): https://github.com/flipperdevices/flipperzero-firmware/actions/runs/11526331987/job/32197423477?pr=3822 |
Incomplete |
| PVS Checks | Incomplete |
| mf_classic_poller.c:1292: Redundant assignment removed in eb1aabb | Incomplete |
| mf_classic_poller.c:1293: Redundant assignment removed in eb1aabb | Incomplete |
| mf_classic_poller.c:1707: Format specifier corrected in c240077 | Incomplete |
| mf_classic_poller.c:1938: PVS optimization included in 907019c | Incomplete |
Loading