Video in TIB AV-Portal: miLazyCracker

Formal Metadata

Title of Series
Part Number
Number of Parts
CC Attribution 4.0 International:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Release Date
Production Place

Content Metadata

Subject Area
The presentation will show how easy it can be to crack not just Mifare Classic but the new Mifare Plus which have an improved PRNG which nullifies MFCUK/MFOC which currently crack Mifare Classic. I have taken portions of code from the Proxmark3 and LibNFC to combine into one tool that works with a 30 usb reader which looks just like a usb thumbdrive, and requires no arguments whatsoever. Simply place a card on the reader, run: ./miLazyCracker And the script will talk to the card, determine if the PRNG is vulnerable or not, and select the proper attack. From there it will iterate through any missing keys and finally dump the card so it can be cloned. The talk also shows how to create cards with open source tools (this part is not new but it’s easily explained). I am a Masters student in Computer Science and have worked with embedded devices for about 10 years and most recently worked in cyber security research. I love everything smart card related, wireless (zigbee, zwave, 6LoPAN), hardware hacking, reversing .NET and patching programs to do crazy stuff. I think this is cool because anyone can clone a card (or see if its clonable) with no prior knowledge of smart cards, no learning about sector layouts and what arguments to give to the script whatsoever, and it only a 30 part which looks like a usb thumb drive. This makes it very possible to sit on a bus or subway next to the lady who has her badge in her purse and potentially clone her card, follow her to work and gain access to a building. Its not necessarily the most novel reverse engineering feat but it bring smart card cloning (and attacks as recent as 6 months old) to the masses. this isn’t so more people can break in, but so companies can be aware of how easy this is and to move away from anything with the name Mifare.
Computer animation Mapping
Web 2.0 Degree (graph theory) Computer animation Open source Memory card Honeywell-Holding Plastikkarte Right angle Bit Freeware
Game controller Transportation theory (mathematics) Information Block (periodic table) Multiplication sign Memory card Computer animation Data storage device Semiconductor memory Core dump Order (biology) Summierbarkeit Local ring Writing Physical system
Installation art Focus (optics) Key (cryptography) Transportation theory (mathematics) Block (periodic table) Closed set Multiplication sign Memory card Plastikkarte Basis <Mathematik> Bit Student's t-test Distance Cryptography Pseudozufallszahlen Type theory Computer animation Computer configuration Physical system Library (computing)
Authentication Computer animation Transportation theory (mathematics) Software Multiplication sign Factory (trading post) Memory card Computer hardware Core dump Plastikkarte Bit Physical system
Authentication NP-hard Scripting language Constraint (mathematics) Key (cryptography) Demo (music) Wrapper (data mining) Multiplication sign Memory card Sound effect Bit Parameter (computer programming) Pseudozufallszahlen Revision control Type theory Computer animation Term (mathematics) Figurate number Extension (kinesiology)
NP-hard Scripting language Trail Key (cryptography) Open source Demo (music) Block (periodic table) Memory card Source code 1 (number) Plastikkarte Parameter (computer programming) Information privacy Binary file Flow separation Wave packet Medical imaging Mathematics Computer animation Personal digital assistant Radio-frequency identification Cloning Information security
Scripting language Frequency Focus (optics) Run time (program lifecycle phase) Key (cryptography) Demo (music) Real number Multiplication sign Memory card Function (mathematics) Parameter (computer programming) Table (information)
Laptop Scripting language Key (cryptography) Demo (music) File format Multiplication sign Forcing (mathematics) View (database) Memory card Mathematical analysis Physicalism Bit Wave packet Revision control Process (computing) Personal digital assistant Phase transition Order (biology) Cloning Computer-assisted translation
I'll add Alhambra map and moved from it and the I ou non worrying thousand
it To make scatological I this is a talk on my for classic cracking and it's not not it in just a what bomb maybe many Yordanova here and awful C and that's the UK too few people right and that's been around for quite a while so the my for classic cards have been available you can clone a cracked and and with free open-source tools it's been around for quite a while um to but a little bit about me on nasopharyngeal during Honeywell and the disclaimer this is all my
my work for my master's degree nothing to do with my employer the also note I'm not disclosing anything that's brand new that's not out freely available on the web so xp hopefully can come run after me when I leave and the my for classic card
is just it in in sense it's really just a simple storage device and there's read write access per block and this is used for things like the wallet access control transportation systems and getting in and out of your hotel the if you notice maybe the hotel if you want a late checkout they might say you've to bring your hotel card on the front desk will rescan it in you can check out an hour later but you can really tell by that is the sum there's some things they're they're not network they're not doing server-side checks there's there's local checks being done based on the data on a card under my her classic actually use a custom Crypto Library culprit 1 and that the core of that has been broken for quite some time the I'm a
little background on my fear the memory layout this is a 1 K card and so they're 16 sectors with 4 blocks each and there's a key anarchy be depending on if you wanna read or write data for each block so for a typical card there's going to be some fault information that the manufacturer wants you to be able to read in order to get into the door or just know what the card is there may be some encrypted data like the check-in check-out time at a hotel or things like that and these really our own
Carter only attacks so what that means is I don't need to be there is the separate different tax on if you can actually stand next to a reader with the card and watch some actually trying to authenticate this is only if you have a card but by itself off your next maybe someone some way of here extremely clock but close proximity and so really using here the basis is and if the tools for my for classical C and and S UK and the foci relies on the fact that you know 1 key on the entire card and based on that you can and you can do some attacks that to get all the keys on the rest the card In practice there's almost always wonderful of all so just so you can read the car type and size and things like that there is also another tool called and S UK if you don't know any keys on the card and it takes a lot longer it's not quite as practical and very rare need that
and so xp responded to these tools after a while with them I fear + card and which in which which has an 80 options and what that means is is that they really want to be able to allow people to update their readers of building a transportation system while still using the old cards and updating some readers and leaving some at the same time because it's too expensive for the infrastructure cost it actually update everything all at once what this means those that you may be using a yes for some readers but you're still using the old system With the crypto 1 custom library for all readers and the other thing they did was they fix the pseudorandom number generator so it's not vulnerable to an awful syromorph's UK so out of any using that in you have a new card trying to use and it's not working it'll student you can sit in trial nite it's not gonna work and the so what they've done is they've fix this and so it's a little bit more secure so there's been some research done by Carlo role and they found new card only attacks for the and for the miter plus in SL 1 mole of S O 1 means that you have and the whole trip the 1 library being used for the old readers all along with the potentially another block on the card using a s this is important because most installations did not completely rebounding reinstall there all the readers and so my goals really were to
reproduce the attack and see if I can make a faster see if I can make a time could I really bump into someone like you see in the movies could you bump into someone on a subway actually copy card follow them into work things like that the so some of the
hardware and tools I use and was CSCL 37 11 is just like a 30 dollar USB reader and prox mark which is gets a little bit more expensive but has a very active community so that was really a useful tool told to learn the core of what what I need to do it and my 4 plus cards in the reader on with think software to actually take factory fresh cards configure them like a hotel might euro or a transportation system and I bought this crappy operated books of the day and if you wanna get checked by TSA put 1 of those in they um be on 1 other thing to note is that the mistake I made in buying this is actually not all my for classic readers except my fear + as was intended the my for postcard takes a little bit longer for the authentication so this this lock actually doesn't even work with my 4 plus cards and so the new attack is it's
dubbed the hardness that attack because it's it's an extension of the existing nested effect on my postcards which have a hard and the term it still requires 1 known key and what you do is you take the you do many times at a nested authentication you collect from being cryptid by a unique encrypted nonces between on the known sector you have the key for an unknown sector you're trying to get the key for come with enough of those tries there's some the bits you you can we're basically trying to do is reduce the keyspace from like 248 which is uh my for classic he size not about 2 to the 20 maybe a little bit bigger but then from there you can do a brute-force and and so what I actually
do I I tried to improve the fact that really there's people who don't sleep and a lot smarter than me who work on this all the time and they basically reduce that down to almost the physical constraint of just the time it takes to authenticate card to the reader an so my goal is really just a make this easy to use it took me among the 2 of you know my spare time in in a fair amount of money to it is up and running so I figured if I can do for 20 bucks and no 1 has to type in a single command and then maybe you would use a little bit more so point this is I think everybody's lazy I'm lazy and if you don't know if you have a my for classic or my fear plus you don't know what kind of pseudorandom number generator has you don't wanna spend 200 always remonstrant figure this out and only have to do is is download this the install script and you can run it with no arguments that to find keys on your garden so really what I did here is I modified the live NFC version of an C to identify that has a new pseudorandom number generator which is not vulnerable or the old 1 so my modified the within the C version of the heart of the hardness attacked to just yeah hold on to some more information so that I can automate this and you don't have to figure out what keys are unknown in in type and more parameters and also created a wrapper script to just figure this all out to you can is run it no problem the use of have a static demo what would
happen if you're running you do know if you had a my Fair classic or my Fair plus 1 you just run my lazy cracker the a script and the 1st thing you would see is it would it would kind of identify given my fair or here my fear plus card and from marital pick which attack to use and in this case it's to my 4 plus and it will highlight what keys are unknown in what sectors images recursively go through and find those keys for you so in this case it makes as pure and he's not will roll to the Knesset attacks on selecting hardness attack but in the red there it's it's selecting of the parameters for you so you don't have to understand what really that is what that's actually doing is saying I know that sector but block 60 and key b is all zeros you can use that to try to authenticate to another unknown sector 48 TV and trying track that so as
it goes through its finding each key for you and the red you can see that there's it's finding separate keys for QA and QB and there's still 1 the sometimes the that does fail on it tries to reduce the keyspace down to a certain size and do some math I don't understand it it it gives up once in a while if you just try again it seems to work and so in this case and it's found 3 keys and once you've found all keys for all sectors which is the answer to to a binary file and from there you can in this critical card with a with a lot of with and the classic open-source tools and included in the script I made it just ask you do you want cloning yes-or-no so you can just put up a blank card and on there as well if you 1 if you want a copy and you have a clone of the cards and the key for the day you would need is that the UID my fly classic card is the read-only and there's some Chinese magic cards which allow you to write to that sector perceive you need to buy a got Ali Baba or something by some magic so my card magic my Fair cards the so the source code is released and it's here it's it's on get have that's been tested by the people and if he has ever go to traverse in in germany in heidelberg there's a great training uncle RFID Security and Privacy nightmares of the the guys again this training were the ones accounting I'm interested in this I highly recommend that if you get the heading to traverse this year the ends I have a short demo here
if you wanna see alive so here I have a miter +
card this would not you could not practice within the foci the so I have to do is run the this if you could actually see it table so what is doing here i have started over but you can see it I just ran on descriptive no parameters you can see here that there's 2 so there's 2 keys that are unknown B sector 13 so here it's actually always trying to do is authenticated the car over and over and over again collecting different unique encrypted nonsense and after a short period of time it kind of varies depending on the card and anarchy how long it will take no no way it well that's running I have another demo with real lock you guys have interest you can start by seeing afterward and so this this actually works with my for classic it doesn't work with the with the plus because it's but a bad luck I bought off ebay c can see here this is a card that actually now allows me to enter the enter the room and it turns blue this is the key that is not it's another key that does not the I'll show you that I can call men enter the door pretty pretty quickly the the the this is a runtime of approximately between I would say 5 minutes to to an hour and I I didn't take a key that takes an our only the the the in the in the output of the script you can see here it's actually it said on the period G is not vulnerable to the Knesset attack so it's it automatically selects the sectors to use and here it's so it reduce the keyspace down to like to to 36 so gonna brute force from
here is my goal little bit faster with of a better laptop but it should do the trick here the so another another node i guess fur for things like hotels and things like that most of them are using their cat a kind of their own version of the of encryption or or a data format on the card so it's not like if you can crack the card for 1 hotel you can change your check in time for every hotel things like better typically proprietary so in this case it's it's it's Valmiki's ominous card says you want a clone card you could say yes or no put a card
on an and you've able to yeah the and so here's a case where discarded now let me and not in In the lot before and it's going to run the script the and the In this case it was a it's not a my for postcards of stable a crack at very very very fast the and I can say at whom the card the clone that's the demo at that's why I have a static them all but here's the card the gun in the and yes I want pull the card onto my and onto my Chinese clone just as last day I say yes the the of then I can get into mn few the questions the so this phase where you collector analysis you need to have that physically the whole time or k to dump on you you need to have the corridor and In our view it down you have to have the keys that so in order to read certain sectors you need to have the keys to me to have and you need to have the card on the reader during the collection process but you don't need it for the brute force phase OK how long does the getting take following the poem need physical access to the courts and it it typically depends on the Carter the key on or which he it is like from my but I've seen is between 5 minutes in an hour so it's not it's certainly not a case where you can do it you know just bump in and steal you know in any case maybe if you had on a long train ride the but thank you