MIFARE Classic Tool (MCT)
An Android NFC app for reading, writing, analyzing, etc. MIFARE Classic RFID tags.
Read this information in other languages:
Helpful links:
Features
- Read MIFARE Classic tags
- Save, edit and share the tag data you read
- Write to MIFARE Classic tags (block-wise)
- Clone MIFARE Classic tags
(Write dump of a tag to another tag; write ‘dump-wise’)
- Key management based on dictionary-attack
(Write the keys you know in a file (dictionary)).
MCT will try to authenticate with these keys against all sectors and read as much as possible.
See chapter Getting Started.
- Format a tag back to the factory/delivery state
- Write the manufacturer block (block 0) of special MIFARE Classic tags
- Use external NFC readers like ACR 122U
(See the Help & Info section
for more information.)
- Create, edit, save and share key files (dictionaries)
- Decode & Encode MIFARE Classic Value Blocks
- Decode & Encode MIFARE Classic Access Conditions
- Compare dumps (Diff Tool)
- Display generic tag information
- Display the tag data as highlighted hex
- Display the tag data as 7-Bit US-ASCII
- Display the MIFARE Classic Access Conditions as a table
- Display MIFARE Classic Value Blocks as integer
- Calculate the BCC (Block Check Character)
- Quick UID clone feature
- Import/export/convert files
- In-App (offline) help and information
- It’s free software (open source) 😉
General Information
This tool provides several features to interact with (and only with)
MIFARE Classic RFID-Tags. It is designed for users who have at least
basic familiarity with the MIFARE Classic technology.
You also need an understanding of the hexadecimal number system,
because all data input and output is in hexadecimal.
Some important things are:
- The features this tool provides are very basic. There are no such
fancy things as saving a URL to an RFID-Tag with a nice looking
graphical user interface. If you want to save things on a tag,
you have to input the raw hexadecimal data.
- This App can not crack/hack
any MIFARE Classic keys. If you want to read/write an RFID-Tag, you
first need keys for this specific tag. For additional information
please read/see chapter Getting Started.
- There will be no "brute-force" attack
capability in this application. It is way too slow due
to the protocol.
- Be aware! Uninstalling this app will delete all files
(dumps/keys) saved by it permanently.
- The first block of the first sector of an original
MIFARE Classic tag is read-only i.e. not writable. But there
are special MIFARE Classic tags that support writing to the
manufacturer block with a simple write command (often called “magic tag
gen2” or “CUID”). This App is able to write to such tags and can therefore
create fully correct clones. “FUID” and “UFUID” tags should work too,
but they have not been tested so far. However, the app will not work with
all special tags. Some of them require a special command sequence (which
cannot be sent due to limitations in the Android NFC API) to
put them into the state where writing to the manufacturer block is possible.
These tags are often called “gen1”, “gen1a” or “UID”.
Remember this when you are shopping for special tags!
More information about magic cards can be found
here.
Also, make sure the BCC value (check out the “BCC Calculator Tool”),
the SAK and the ATQA values are correct. If you just want to clone a UID,
please use the “Clone UID Tool”.
- This app will not work on some devices because their hardware
(NFC-controller) does not support MIFARE Classic
(read more).
You can find a list of incompatible devices
here.
For further information about MIFARE Classic check
Wikipedia,
do some Google searches
or read the
MIFARE Classic (1k) ‘Datasheet’
(PDF) from NXP.
Getting Started
First of all, you need the keys for the tag you want to read.
Due to some weaknesses in MIFARE Classic, you can retrieve
all the keys (A and B) of a tag with tools like the
Proxmark3 or
normal RFID-Readers and some special software
(mfcuk,
mfoc).
The application comes with standard key files called
std.keys and extended-std.keys, which contain the
well known keys and some standard keys from a short Google search.
You can try to read a tag with these key files using
"Read Tag" from the main menu. Changes to these key files
will be lost. Create your own key file for your keys.
Once you know some keys, you can put them into a simple text
file (one key per line). You can do this on your PC and import
the file using MCT’s import/export tool, or you can create a new
key file via “Edit or Add Key File” from the main menu.
If you are finished setting up your key file, you can read a tag
using “Read Tag” from the main menu.
Advantages of the Key Files Concept:
- You don’t have to worry about which key is for which sector.
The application tries to authenticate with all keys from the key
file (dictionary).
- You don’t have to know all the keys.
If neither key A nor key B for a specific sector is found in the
key file (dictionary), the application will skip reading said
sector.
This dictionary-attack based mapping process
(keys <-> sectors) makes it easy for you to read as much as
possible with the keys you know!
License
This application was originally developed by
Gerhard Klostermeier in cooperation with SySS GmbH
(www.syss.de) and Aalen
University (www.htw-aalen.de) in 2012/2013.
It is free software and licensed under the
GNU General Public License v3.0 (GPLv3)
Icons used in this application:
MIFARE® is a registered trademark of NXP Semiconductors.