MiLazyCracker Kevin Larson.

Slides:



Advertisements
Similar presentations
Driving Factors Security Risk Mgt Controls Compliance.
Advertisements

Ch-11 Project Execution and Termination. System Testing This involves two different phases with two different outputs First phase is system test planning.
Is There a Security Problem in Computing? Network Security / G. Steffen1.
© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Aladdin, Aladdin Knowledge Systems, the Aladdin Knowledge Systems logo, HASP, HASP SRM, HASP.
1. Prelude Diebold’s electronic voting system source code was discovered and subsequently leaked due to it being on a Diebold web server. Although it.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.
Buffer Overflow Attacks. Memory plays a key part in many computer system functions. It’s a critical component to many internal operations. From mother.
Password Management Programs By SIR Phil Goff, Branch 116 Area 2 Computers and Technology April 18,
Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.
Installing and maintaining clusters of FreeBSD servers using PXE and Rsync Cor Bosman XS4ALL
Chapter 3.1:Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access.
Chapter 7 Working with Files.
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Masaryk U., Monet White-box attack resistant cryptography – mobility tickets Petr Švenda Masaryk University,
December 2013 – Alexandre TRIFFAULT Alarm system Inspired by Babak Javadi presentation.
May 10, 2012 Lloyd Moore, President/Owner. Quick Start Video Building Mobility 1.2 SDK Emulator Quirks Installing On A Device Summary Overview.
© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 5 Windows XP Professional McGraw-Hill.
THE EASY WAY TO STAGE ZEBRA’S ANDROID MOBILE COMPUTERS
Hospital Automation using RFID Technology University of Colorado at Colorado Springs College of Engineering & Applied Science Gustavo Florentino.
SEC835 Runtime authentication Secure session management Secure use of cryptomaterials.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Network Security David Lazăr.
Web Applications Testing By Jamie Rougvie Supported by.
Securing Your Enterprise with Enterprise Manager 10g Amir Najmi Principal Member of Technical Staff System Management Products Oracle Corporation Session.
StageNow The easy way to stage Android mobile computers from Zebra Technologies.
DATA & COMPUTER SECURITY (CSNB414) MODULE 3 MODERN SYMMETRIC ENCRYPTION.
Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.
SCSC 455 Computer Security Chapter 3 User Security.
MD5 & Hash Encryption By Alex Buzak. Overview Purpose of MD5 and Hash Encryptions Examples MD5 Algorithm Explanation of Possible Security Risks Practical.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
Security Operations Chapter 11 Part 3 Pages 1279 to 1309.
Self-Securing Devices: Better Security via Smarter Devices Greg Ganger Director, Parallel Data Lab.
SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.
The Fallacy Behind “There’s Nothing to Hide” Why End-to-End Encryption Is a Must in Today’s World.
Siemens TIA Portal Openness Feature Functionality and Possible Use European Spallation Source – Integrated Control System Division Nick Levchenko CERN.
Authentication & Authorisation Is the user allowed to access the site?
Your Systems Don't Work With Ubuntu (and this is one way we can help you fix that) Jeffrey Lane Hardware Certification Engineer Platform Services Team,
Understanding Security Policies
Information Security Analytics
DATA SECURITY FOR MEDICAL RESEARCH
Outline Properties of keys Key management Key servers Certificates.
Common Methods Used to Commit Computer Crimes
AmmonRa From the Sprawl Cyborg/Hacker Proficient but not an expert
Secure Programming Dr. X
Password Management Limit login attempts Encrypt your passwords
Cryptographic Hash Function
Security and Encryption
CheckPoint Accelerated CCSE NGX R65
Lesson Objectives Aims You should be able to:
SPE Expectations Leverage existing delivery technologies
CP220x The Industry’s Smallest Ethernet Controller
Systems Analysis and Design
Enterprise Library Overview
STRATEGIC ENCRYPTION
Introduction to Computers
Braindumps
Ways to Secure CMS Websites. The most widely used Content Management Systems are Wordpress, Joomla and Drupal as per statistics. The highest CMS platforms.
Easy ways to solve QuickBooks Error Code 9994 QuickBooks is considered one of the best accounting software available in the world. This coming age software.
Advanced Penetration testing
Lesson 16-Windows NT Security Issues
Kiran Subramanyam Password Cracking 1.
Git CS Fall 2018.
Files Management – The interfacing
Topic 5: Communication and the Internet
“Encryption threatens to lead all of us to a very dark place.”
Hash Function Requirements
Keeping your passwords safe
Presentation transcript:

miLazyCracker Kevin Larson

Me Software Engineer at Honeywell This presentation in no way represents my employer or what I do there, this work was done completely on my time and my dime Masters Student at University Of Minnesota, USA

Research Note Mifare Plus Cracking This presentation does not disclose any new vulnerabilities, simply builds on existing tools to make them easy to use

Mifare Classic simple storage device read/write access permissions per block via keys e-wallet, access control, transportation, hotels Not all systems rely on networked/server side checks Custom crypto library – CRYPTO1 Source: https://en.wikipedia.org/wiki/MIFARE#Security_of_MIFARE_Classic.2C_MIFARE_DESFire_and_MIFARE_Ultralight

Mifare Memory Layout Source: NXP

Mifare Classic Attacks – Card Only Open source NFC tools for Mifare Classic MFOC (Nested Attack) Relies on the fact that one key is known MFCUK (Darkside Attack) No keys are known for the card at all MFCUK: https://github.com/nfc-tools/mfcuk MFOC: https://github.com/nfc-tools/mfoc

IMG URL: https://www.pinterest.com/pin/440297301040955293/ Response to Attacks Released Mifare Plus card - AES option Backwards compatible with Mifare Classic (uses CRYPTO1 as well) Fixed PRNG, no longer vulnerable to existing card-only attacks (MFOC/MFCUK) IMG URL: https://www.pinterest.com/pin/440297301040955293/

Researchers Response Carlo Meijer and Roel Verdult http://www.cs.ru.nl/~rverdult/Ciphertext-only_Cryptanalysis_on_Hardened_Mifare_Classic_Cards-CCS_2015.pdf Found new card-only attacks (Mifare Plus SL1) Important because many installations likely did not update infrastructure

My Goals Reproduce the attack Get the proper hardware and software Improve attack / easier to use Can I make it faster? Real-time even?

Hardware and Tools SCL3711 (~$30) Proxmark3 ($212) Mifare Plus Cards (~$75) Mifare Reader (~$50) Config Software (FREE!) Crappy eBay lock * Not all Classic readers accept MF+ (timing)

The Hardnested Attack Nested attacked on hardened cards = “hardnested” Requires at least one known key Many attempts at nested authentication Collect unique encrypted nonces Leaked bits can reduce keyspace to ~2^20 Brute-force

What did I actually do? Improving the attack was difficult People a lot smarter than me don’t sleep Speed of the attack is heavily dependent on the physical time constraints Make this REALLY easy to use

Are you lazy? Everyone is lazy Lets make this easy: Try miLazyCracker! Don’t know if you have a Mifare Classic or Plus? Don’t have time to wait for older attacks (MFOC) Don’t have over $200 to buy a Proxmark? Have $30 for a usb reader? Try miLazyCracker!

miLazyCracker modified LibNFC version of MFOC to ID the PRNG Modified LibNFC version of hardnested attack to save additional data for tool automation Created wrapper script to figure out all parameters necessary, no input parameters needed

Demo ./miLazyCracker … Fingerprinting based on MIFARE type Identification Procedure: * MIFARE Classic 1K * MIFARE Plus (4 Byte UID or 4 Byte RID) 2K, Security level 1 Try to authenticate to all sectors with default keys... Sector 00 - Found Key A: ffffffffffff Found Key B: 000000000000 Sector 01 - Unknown Key A Found Key B: 000000000000 Sector 11 - Found Key A: ffffffffffff Found Key B: 000000000000 Sector 12 - Unknown Key A Unknown Key B Sector 13 - Found Key A: ffffffffffff Found Key B: 000000000000 Sector 14 - Found Key A: ffffffffffff Found Key B: 000000000000 Sector 15 - Found Key A: ffffffffffff Found Key B: 000000000000

Demo (cont.) PRNG is not vulnerable to nested attack MFOC not possible, detected hardened Mifare Classic Trying HardNested Attack... libnfc_crypto1_crack 000000000000 60 B 48 B … Collected 1540 nonces... leftover complexity 199741811968 (~2^37.54) - initializing brute-force phase... Found key: 000000143575 The custom key 0x000000143575 has been added to the default keys  … recursively calling attacks in wrapper script... libnfc_crypto1_crack 000000000000 60 B 48 A Found key: 66778899aabb The custom key 0x66778899aabb has been added to the default keys Try to authenticate to all sectors with default keys... Symbols: '.' no key found, '/' A key found, '\' B key found, 'x' both keys found [Key: 000000143575] -> [............\...] [Key: 66778899aabb] -> [............x...] [Key: ffffffffffff] -> [x.xxxxxxxxxxxxxx] [Key: a0a1a2a3a4a5] -> [x.xxxxxxxxxxxxxx] [Key: d3f7d3f7d3f7] -> [x.xxxxxxxxxxxxxx]

Demo (cont.) Sector 00 - Found Key A: ffffffffffff Found Key B: 000000000000 Sector 01 - Unknown Key A Found Key B: 000000000000 Sector 02 - Found Key A: ffffffffffff Found Key B: 000000000000 … Sector 12 - Found Key A: 66778899aabb Found Key B: 000000143575 Sector 13 - Found Key A: ffffffffffff Found Key B: 000000000000 Sector 14 - Found Key A: ffffffffffff Found Key B: 000000000000 Sector 15 - Found Key A: ffffffffffff Found Key B: 000000000000 Using sector 00 as an exploit sector PRNG is not vulnerable to nested attack MFOC not possible, detected hardened Mifare Classic Trying HardNested Attack... libnfc_crypto1_crack 000000000000 60 B 4 A Found tag with uid a007a2a0, collecting nonces for key A of block 4 using known key B 000000000000 for block 60 Collected 4003 nonces... leftover complexity 35169220696 (~2^35.03) - initializing brute-force phase... Starting 8 threads to test 35169220696 states using 256-way bitslicing Cracking... 98.28% No solution found :( …. Keep Trying! We’ll get different nonces next time around….

Demo (cont.) MFOC not possible, detected hardened Mifare Classic Trying HardNested Attack... libnfc_crypto1_crack 000000000000 60 B 4 A Collected 23435 nonces... leftover complexity 10712945232 (~2^33.32) - initializing brute-force phase... Found key: 112233445566..  Auth with all sectors succeeded, dumping keys to a file!

https://github.com/iAmNotSuperman/miLazyCracker/ Source Code Released https://github.com/iAmNotSuperman/miLazyCracker/

Remediation CUSTOM CRYPTO DO NOT USE Mifare Classic should be avoided ** Mifare Plus SL2 and SL3 are secure **

Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.