<< serverfault

Yes, we love BackTrack! This is just a snap of cookbook we created for BackTrack Wiki. >> Some of you may have read that the proprietary symmetric key cryptographic algorithm of the MIFARE Classic card has been broken. The MIFARE Classic card is used in physical access control systems (PACS) and contact less payment systems (including tollway and public transportation systems). By some estimates, there are 500 million MIFARE cards deployed worldwide, and the majority of them are MIFARE Classic cards. Mifare Classic is a inexpensive, entry-level chip, based on ISO/IEC 14443 Type A, 1kB or 4kB. Uses 13.56 Mhz contactless smartcard standard, proprietary CRYPTO1 with 48 bits keys. There is no protection against cloning or modifications. Anyone with 50 € reader can use this weakness against your infrastructure. At least one sector is always encrypted with default key. After cracking all keys, hackers are able to change name, students university number, expiration date… This cookbook is proof of concept how easy that can be done.<<

Chosen ingredients:

Backtrack | Touchatag starter packageTested on: BackTrack 4 R2, BackTrack 5 Final, (32bit)

Ouu yes, we had fun!

Read the whole story @ BackTrack Linux Wiki or download – Cooking-with-mifare-classic PDF (Hacking Mifare Classic for fun and (no)profit) nor blink at PacketStorm!

Update: BackTrack is no longer “supported” and for that reason their Wiki will be decommissioned soon. You can find backup including last words about Mifare Classic here.

Related articles: Touchatag starter package – minirecenzia, Proxmark III – minirecenzia, OMNIKEY 5321CL – minirecenzia, Touchatag & BackTrack 5, Bootable RFID Live Hacking System, MFCUK – MiFare Classic Universal toolKit