Diff Nt and Auth always equal

[alexislg2]

Hello, I am running mfcuk on a single key from a single sector. It is running for long time but what is surprising to me is that I always get Diff Nt and Auth equals:

Let me entertain you!
uid:
type: 08
key: 000000000000
block: 03
diff Nt: 5936
auths: 5936

I tried with many different timeouts (including 250/250). Result is the same. Any idea?

[boanerxe]

Hi,
I'm having the same problem here. After a long time running it starts to give errors when diff Nt reachs 65535. I'm using a chinese pn532 board, and I've tried all interfaces (uart, i2c and spi). I've tried in my computer and also in a raspberry pi.
I have also tried several combinations mfcuk and libnfc, always happening the same.

Does any one else have the same problem?

[vwcity]

Hi,
I have the same problem. I think some manufacturer fix the flaw on their chips.
I don't known how they fix the flaw, any idea ?

[vwcity]

I think your card is MIFARE Plus, this type of card is compatible with MIFARE Classic and the security flaw are fixed.

[boanerxe]

Exactly! I reached that conclusion yesterday. It is still possible to discover A and B keys trying a hardnesting attack.
That can be done using the tool libnfc_crypto1_crack, or more easily (and automated) using miLazyCracker, which can be found in this github repository.

[M-Gregoire]

Hello,
I have the exact same problem you describe :

-----------------------------------------------------
Let me entertain you!
    uid: 
   type: 08
    key: 000000000000
  block: 03
diff Nt: 15
  auths: 15
-----------------------------------------------------

-----------------------------------------------------
Let me entertain you!
    uid: 
   type: 08
    key: 000000000000
  block: 03
diff Nt: 16
  auths: 16
-----------------------------------------------------

-----------------------------------------------------
Let me entertain you!
    uid: 
   type: 08
    key: 000000000000
  block: 03
diff Nt: 17
  auths: 17
-----------------------------------------------------

-----------------------------------------------------
Let me entertain you!
    uid: 
   type: 08
    key: 000000000000
  block: 03
diff Nt: 18
  auths: 18
-----------------------------------------------------

-----------------------------------------------------
Let me entertain you!
    uid: 
   type: 08
    key: 000000000000
  block: 03
diff Nt: 19
  auths: 19
-----------------------------------------------------

I let mfcuk run for a few hours without any results. I tried multiple systems (Archlinux, Debian and Ubuntu) with multiples commits with always the same problem.

Did you find any fix or way to get a key from the card ?

Thanks

[snallapa]

@boanerxe I was wondering if you ended up trying that solution or got past this? I am having the same issue right now

[tavgar]

@snallapa @boanerxe I'm having the same issue anyone solved it?

[snallapa]

@tavgar its been a while since I touched some of this. off the top of my head I believe it meant that card vulnerability was fixed by the manufacturer. I believe after that I was able to still get data off my card as others already found keys for it. I was never able to get closer using mfcuk (some of this may be wrong as it’s from my memory. i’ll try to check later and see what I did)

[tavgar]

@snallapa Got some keys using mfoc-hardnested but it gets stuck in an infinite loop at sector 33

[snallapa]

@tavgar hmm yeah I never ran into that