Attack never gets past stage 1

[GoogleCodeExporter]

Hi,

I'm running r94. I've been trying with two different readers now (ACL122U and 
SCL3711) and three different series of cards. The basic symptom is that the 
random generator in the card is still weak, but the attack doesn't progress 
nevertheless; it seems MFCUK never gets to the point where it gets the 1/256 
guess right and gets the NACK back. Example:

-----------------------------------------------------
Let me entertain you!
    uid: <removed>
   type: 08
    key: 000000000000
  block: 03
diff Nt: 144
  auths: 92264
-----------------------------------------------------

With 92k auths and only 144 different Nts, every Nt should have _at least_ 638 
attempts on it (in reality probably much more, as some Nt values are much more 
common than others), which is above 256, and the attack should have succeeded 
long ago as I understand it.

MFOC succeeds for the card where I have a known key, so the basics of my NFC 
setup appears to be okay.

Has anyone seen this before?

Original issue reported on code.google.com by sgunder...@bigfoot.com on 5 Jun 2014 at 8:31

[GoogleCodeExporter]

Yes. I'm having the same problem. I thought it was a problem of the delay, so I 
started again a recovery of the sector 0 a new setting (mfcuk -C -R 0 -s 250 -S 
250 -O dump.bin -v 3) . The results after almost 4 days were the following:

Let me entertain you!
    uid: <removed>
   type: 08
    key: 000000000000
  block: 03
diff Nt: 360
  auths: 545253

Exactly the same issue.

Original comment by aereal@gmail.com on 16 Jun 2014 at 9:25

[GoogleCodeExporter]

Hi guys!
Does anyone found the solution for this case?

:/

Original comment by Borb...@gmail.com on 7 Oct 2014 at 3:49

[GoogleCodeExporter]

Same here and I do not understand why. I think that my card KEY should be 
recovered with mfoc because situation with MIFARE 4K card KYE's are like this:

[Key: ffffffffffff] -> [................xxxxxxxxxxxxxxxxxxxxxxxx]
[Key: a0a1a2a3a4a5] -> [/...............xxxxxxxxxxxxxxxxxxxxxxxx]
[Key: d3f7d3f7d3f7] -> [/...............xxxxxxxxxxxxxxxxxxxxxxxx]
[Key: 000000000000] -> [/...............xxxxxxxxxxxxxxxxxxxxxxxx]
[Key: b0b1b2b3b4b5] -> [/...............xxxxxxxxxxxxxxxxxxxxxxxx]
[Key: 4d3a99c351dd] -> [/...............xxxxxxxxxxxxxxxxxxxxxxxx]
[Key: 1a982c7e459a] -> [/...............xxxxxxxxxxxxxxxxxxxxxxxx]
[Key: aabbccddeeff] -> [/...............xxxxxxxxxxxxxxxxxxxxxxxx]
[Key: 714c5c886e97] -> [/...............xxxxxxxxxxxxxxxxxxxxxxxx]
[Key: 587ee5f9350f] -> [/...............xxxxxxxxxxxxxxxxxxxxxxxx]
[Key: a0478cc39091] -> [/...............xxxxxxxxxxxxxxxxxxxxxxxx]
[Key: 533cb6c723f6] -> [/...............xxxxxxxxxxxxxxxxxxxxxxxx]
[Key: 8fd0a4f256e9] -> [/...............xxxxxxxxxxxxxxxxxxxxxxxx]

As you can see in card are default keys, But how ever can't recover key because 
mfcuk and mfoc running forever.

Original comment by jons...@gmail.com on 7 Jan 2015 at 9:37

[GoogleCodeExporter]

Encounter same issue, mfcuk keeps running without get any key. Hope someone 
could help us fix it.

Original comment by tony.3.4...@gmail.com on 17 Jan 2015 at 8:58

[GoogleCodeExporter]

what does your message log say?

Original comment by rafa...@gmail.com on 19 Jan 2015 at 2:02

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

Same here, there is no error, it keeps working but it doesnt recover the key.

I've tried only with last versions of mfcuk (0.3.8 and 0.3.7) because
older versions need old libnfc library version, and i cannot make my 
reader work with libnfc 1.5.1 or 1.6 it doesn't detect the reader.

I'm using pn532->uart.

I'm using two different cards with default ffffffffffffffff key.

Original comment by b01n4v...@gmail.com on 18 Feb 2015 at 9:43