Open devedse opened 5 years ago
devedse
commented
5 years ago A workaround for this issue is to start bruteforcing when there's still a lot more complexity left. (somewhere around ~2^42.xxx). It then took a whole night of bruteforcing but it did manage to crack the key.
I think this is not the right solution though.
aczid
commented
5 years ago It's true that the craptev1 library doesn't always find a solution, and a workaround is to start the cracker with fewer nonces (a less well-determined system) just like you did. I believe the improved (GPL) implementation that is part of proxmark3 has tweaked the approach to avoid this situation. I'm hoping somebody will take the time to lift it into a libnfc tool.
With the included .py scripts, it's possible to convert the .txt created by my tool to the .bin format used by the proxmark3 project and to use its host code to crack it. No actual proxmark3 device is required. I'm afraid that's the best suggestion I can give you.
devedse
commented
5 years ago You've got an URL to where the proxmark code exists?
aczid
commented
5 years ago Here you go https://github.com/Proxmark/proxmark3
vk496
commented
5 years ago Hi,
Here some attempts to port the tool from proxmark3: https://github.com/vk496/cropto1_bs
Tried on Intel(R) Core(TM) i7-5600U CPU @ 2.60GHz
Hello, world!
Using AVX2 SIMD core.
Couldn't read benchmark data. Assuming brute force rate of 120000000 states per second
time | #nonces | Activity | expected to brute force
| | | #states | time
------------------------------------------------------------------------------------------------------
0 | 0 | Start using 4 threads and AVX2 SIMD core | |
0 | 0 | Brute force benchmark: 120 million (2^26,8) keys/s | 140737488355328 | 14d
0 | 0 | Using 0 precalculated bitflip state tables | 140737488355328 | 14d
2 | 0 | Simulating key ddf16ef5882e, cuid 5032b647 ... | 140737488355328 | 14d
2 | 512 | Apply bit flip properties | 140737488355328 | 14d
2 | 1016 | Apply bit flip properties | 140737488355328 | 14d
3 | 2025 | Apply Sum property. Sum(a0) = 160 | 545934278656 | 76min
3 | 2522 | Apply bit flip properties | 425602908160 | 59min
3 | 3008 | Apply bit flip properties | 411571159040 | 57min
3 | 3504 | Apply bit flip properties | 400525623296 | 56min
3 | 3991 | Apply bit flip properties | 395753291776 | 55min
3 | 4475 | Apply bit flip properties | 394422452224 | 55min
3 | 4947 | Apply bit flip properties | 392266022912 | 54min
3 | 5426 | Apply bit flip properties | 389971083264 | 54min
3 | 5902 | Apply bit flip properties | 225476575232 | 31min
4 | 6375 | Apply bit flip properties | 331080335360 | 46min
4 | 6828 | Apply bit flip properties | 297783984128 | 41min
4 | 7288 | Apply bit flip properties | 267721441280 | 37min
4 | 7748 | Apply bit flip properties | 196560551936 | 27min
4 | 8193 | Apply bit flip properties | 140487049216 | 20min
4 | 8634 | Apply bit flip properties | 128584802304 | 18min
4 | 9076 | Apply bit flip properties | 139814567936 | 19min
5 | 9510 | Apply bit flip properties | 151039918080 | 21min
5 | 9955 | Apply bit flip properties | 145253875712 | 20min
5 | 10387 | Apply bit flip properties | 145253875712 | 20min
5 | 10823 | Apply bit flip properties | 135245537280 | 19min
5 | 11243 | Apply bit flip properties | 123080974336 | 17min
5 | 11660 | Apply bit flip properties | 123080974336 | 17min
6 | 12064 | Apply bit flip properties | 121158918144 | 17min
6 | 12476 | Apply bit flip properties | 119553794048 | 17min
6 | 12895 | Apply bit flip properties | 120810610688 | 17min
6 | 13298 | Apply bit flip properties | 122345545728 | 17min
6 | 13712 | Apply bit flip properties | 118929686528 | 17min
6 | 13712 | (1. guess: Sum(a8) = 224) | 118929686528 | 17min
34 | 13712 | Apply Sum(a8) and all bytes bitflip properties | 118929686528 | 17min
34 | 13712 | (Test: Key found) | 0 | 0s
56 | 13712 | Brute force phase completed. Key found: ddf16ef5882e | 0 | 0sWould like to integrate libnfc, and after, into this repo :)
Salu2
devedse
commented
5 years ago Hey, isn't this using way more nonces though then the current implementation? (Usually it starts bruteforcing at around 3000-4000 nonces)
vk496
commented
5 years ago Nop, is only a simulation
vk496
commented
5 years ago Hi,
I made some progress with https://github.com/vk496/cropto1_bs. Right now is possible to use it with libnfc readers.
$ ./cropto1_bs 001122334455 0 A 20 B
Hello, world!
Using AVX2 SIMD core.
Couldn't read benchmark data. Assuming brute force rate of 120000000 states per second
time | #nonces | Activity | expected to brute force
| | | #states | time
------------------------------------------------------------------------------------------------------
0 | 0 | Start using 4 threads and AVX2 SIMD core | |
0 | 0 | Brute force benchmark: 120 million (2^26.8) keys/s | 140737488355328 | 14d
1 | 0 | Using 235 precalculated bitflip state tables | 140737488355328 | 14d
3 | 1 | Apply bit flip properties | 140737488355328 | 14d
3 | 2 | Apply bit flip properties | 140737488355328 | 14d
3 | 3 | Apply bit flip properties | 140737488355328 | 14d
3 | 4 | Apply bit flip properties | 127543080386560 | 12d
4 | 5 | Apply bit flip properties | 125959638351872 | 12d
4 | 6 | Apply bit flip properties | 112771144351744 | 11d
4 | 7 | Apply bit flip properties | 102814034427904 | 10d
4 | 8 | Apply bit flip properties | 102814034427904 | 10d
4 | 9 | Apply bit flip properties | 102814034427904 | 10d
4 | 10 | Apply bit flip properties | 53722788921344 | 5d
4 | 11 | Apply bit flip properties | 53722788921344 | 5d
4 | 12 | Apply bit flip properties | 50847748718592 | 5d
4 | 13 | Apply bit flip properties | 50847748718592 | 5d
4 | 14 | Apply bit flip properties | 44694402760704 | 4d
5 | 15 | Apply bit flip properties | 44694402760704 | 4d
5 | 16 | Apply bit flip properties | 44694402760704 | 4d
5 | 17 | Apply bit flip properties | 44419201892352 | 4d
5 | 18 | Apply bit flip properties | 35674354876416 | 3d
5 | 19 | Apply bit flip properties | 29673314582528 | 3d
5 | 20 | Apply bit flip properties | 21800077492224 | 2d
5 | 21 | Apply bit flip properties | 5771871911936 | 13h
5 | 22 | Apply bit flip properties | 5771871911936 | 13h
5 | 23 | Apply bit flip properties | 3934981193728 | 9h
5 | 24 | Apply bit flip properties | 3934981193728 | 9h
5 | 25 | Apply bit flip properties | 3934981193728 | 9h
6 | 26 | Apply bit flip properties | 3934981193728 | 9h
..............................
171 | 1640 | Apply bit flip properties | 37733543936 | 5min
171 | 1640 | Apply bit flip properties | 37733543936 | 5min
171 | 1641 | Apply bit flip properties | 37733543936 | 5min
172 | 1642 | Apply bit flip properties | 37733543936 | 5min
172 | 1643 | Apply bit flip properties | 37733543936 | 5min
173 | 1644 | Apply Sum property. Sum(a0) = 128 | 5758310400 | 48s
173 | 1645 | Apply bit flip properties | 5758310400 | 48s
174 | 1646 | Apply bit flip properties | 5758310400 | 48s
174 | 1647 | Apply bit flip properties | 5758310400 | 48s
174 | 1647 | (1. guess: Sum(a8) = 256) | 5758310400 | 48s
175 | 1647 | Apply Sum(a8) and all bytes bitflip properties | 5758282240 | 48s
176 | 1647 | Brute force phase completed. Key found: xxxxxxxxxxxx | 0 | 0s
testAfter cleaning the code, I think it would be better idea to integrate the functionality directly into https://github.com/nfc-tools/mfoc
devedse
commented
5 years ago That's very cool!!! Would love to see this integrated within Mfoc :)
vk496
commented
5 years ago Hello again!
I have successfully integrated hardnested attack into mfoc.
https://github.com/vk496/mfoc/tree/hardnested
Is not ready yet to be merged into the official project, but is already working :)
Salu2
devedse
commented
5 years ago How would you call it?
vk496
commented
5 years ago How would you call it?
I'm more interested in integrate the mod into official project instead of forking a new one. Missing only some makefile code to support arm builds and the mod should be merged https://github.com/nfc-tools/mfoc/pull/60
ghost
commented
5 years ago Hello How to recovered the 2 missing files crapto1 and craptev1 because bra does not answer is what someone can send them to me? IcoderX@protonmail.ch
aczid
commented
5 years ago @vk496 has created an updated version of mfoc which applies the hardnested attack, please start using this tool. https://github.com/vk496/mfoc/tree/hardnested I've tested the tool and it works fine (but could still be faster). Thank you @vk496!
devedse
commented
5 years ago Has it already been merged to MFOC master?
aczid
commented
5 years ago No, but the PR has been submitted there since last year. https://github.com/nfc-tools/mfoc/pull/60
MichaelNec
commented
3 years ago @aczid I encountered the same problem as him, I would like to ask you how to use your py to convert txt to bin, and do not connect devices in PM3
MichaelNec
commented
3 years ago @vk496 I compiled it https://github.com/vk496/cropto1_ BS, but prompted no NFC device connection, want to ask how to use offline
vk496
commented
3 years ago MichaelNec
commented
3 years ago @vk496 For example, I want to run a file password named 1234.bin, how should I operate, thank you again
Hi all,
I've been playing around with NFC cards for a bit and managed to get the keys for a specific card of mine using miLazyCracker: https://github.com/nfc-tools/miLazyCracker/
However, after trying exactly the same attack again on exactly the same NFC card the crypto1_bs tool keeps showing me the message
No solution found :(My log:
And this is basically the loop where it gets stuck in. What could be the problem here?