Flipper MFKey
What
This Flipper application ("FAP") cracks Mifare Classic 1K/4K keys on your Flipper Zero. No companion app/desktop needed.
How
Official guide: https://docs.flipperzero.one/nfc/mfkey32
These are the general steps:
- Use the Detect Reader function to save nonces on your Flipper from the reader
- Use the MFKey app to crack the keys
- Scan the Mifare Classic card
All cracked nonces are automatically added to your user dictionary, allowing you to clone Mifare Classic 1K/4K cards upon re-scanning them.
Builds
OFW: Available in the App Hub (Download) and distributed by Flipper Devices (https://github.com/flipperdevices/flipperzero-good-faps/tree/dev/mfkey).
Published (options):
- Unleashed repository
- Momentum firmware: Built-in to every release
- Unleashed firmware: Built-in to every release
- RogueMaster firmware: Built-in to every release
Manual: Copy the fap/ directory to applications_user/mfkey/ and build it with fbt
Why
This was the only function of the Flipper Zero that was thought to be impossible on the hardware. You can still use other methods if you prefer them.
Misc Stats
- RAM used: 127 KB, RAM free: 13 KB (original was ~53,000 KB, 99.75% RAM usage eliminated)
- Disk used: (None)
- Time per unsolved key:
| Category | Time |
|---|---|
| Best (real world) | 31 seconds |
| Average | 3.4 min |
| Worst possible (expected) | 6.8 min |
NB: Keys that are already in the system/user dictionary or nonces with already found keys are cracked instantly. This means on average cracking an arbitrary number of nonces from the same reader will take 3.4 minutes (1 unknown key).
Writeup: Coming soon
Developers
noproto, AG