Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Any chance to update it to support NFC refactor? #21

Open
fastbone opened this issue Oct 30, 2023 · 20 comments
Open

Any chance to update it to support NFC refactor? #21

fastbone opened this issue Oct 30, 2023 · 20 comments

Comments

@fastbone
Copy link

Unfortunately the app is unsupported on 0.74.

It says API too old...
@AloneLiberty
Copy link
Owner

If you mean 0.94... NFC refactor made some parts way harder, I was planning to grab some code from NFC magic app, but it also was moved to events and I can't get any useful code for it. And I don't have such many time to migrate whole app (still doesn't know how to correctly select/drop card). Maybe will give it one more try in November

@AloneLiberty AloneLiberty changed the title Any chance to update it to support 0.74 RC? Any chance to update it to support NFC refactor? Oct 30, 2023
@fastbone
Copy link
Author

sorry of course i meant 0.94 ...
thx for your effort!!!

@Stepzor11
Copy link

If you mean 0.94... NFC refactor made some parts way harder, I was planning to grab some code from NFC magic app, but it also was moved to events and I can't get any useful code for it. And I don't have such many time to migrate whole app (still doesn't know how to correctly select/drop card). Maybe will give it one more try in November

I really hope you can make it, otherwise I'm not so sure that nfc refactor is worth losing nested attack 😕

@Qibli-wof
Copy link

Well, there's two points id like to mention

  1. support for both the old and new NFC api is gonna be worked into the later versions of the firmware
  2. it seems CryoPhynix has made a fork of this repository to make it work for the new api, doesnt seem to be working yet though

@Stepzor11
Copy link

Interesting 😁

Well, honestly whoever could make this available again, would do something great for the F0 community 🙏🏻

Plus I'm dreaming also of a darkside attack and maybe a phone connection to do the maths 😏

@noproto
Copy link

noproto commented Dec 12, 2023

We are merging this with the official NFC application now @Stepzor11 . You'll still need FlipperNestedRecovery.

@Stepzor11
Copy link

Stepzor11 commented Dec 13, 2023
edited
Loading

Amazing!
Thanks for your work! ❤️

@Stepzor11
Copy link

Stepzor11 commented Dec 13, 2023
edited
Loading

Any idea of when it might be ready?

@AloneLiberty AloneLiberty mentioned this issue Jan 11, 2024
Closed
@RealIndica
Copy link

Any updates about this?

@noproto
Copy link

noproto commented Jan 29, 2024

Yes, we have a month of development time dedicated to merging Nested in the firmware starting tomorrow. We'll begin merging changes soon, we've completed most of our Static Nested changes already. @RealIndica @Stepzor11

@RealIndica
Copy link

Yes, we have a month of development time dedicated to merging Nested in the firmware starting tomorrow. We'll begin merging changes soon, we've completed most of our Static Nested changes already. @RealIndica @Stepzor11

Awesome! Can't wait to study the new merge and test it out.

@zigad zigad mentioned this issue Feb 6, 2024
Open
@gauthi3r
Copy link

The project Xtrem have an action to integrate nested attack in next firmware

https://github.com/orgs/Flipper-XFW/projects/2/views/1?filterQuery=nested

@noproto are you talking about official fw or unlshd / xtrem fw ? thx

@zigad
Copy link

zigad commented Mar 4, 2024

Yes, we have a month of development time dedicated to merging Nested in the firmware starting tomorrow. We'll begin merging changes soon, we've completed most of our Static Nested changes already. @RealIndica @Stepzor11

Any updates regarding this feature being introduced in original firmware?

@anarsoul
Copy link

Is anyone working on adapting the app to the new API? If not, I can look into that. @noproto @AloneLiberty

From a quick glance, flipperdevices/flipperzero-firmware#3238 introduced mf_classic_poller_get_nt_nested() and mf_classic_poller_auth_nested() that can be used in nested.c

But I don't want to waste my time if someone else is already working on it

@casimirextreme
Copy link

@anarsoul It seems that nobody really had worked on it.
If you have some time, please submit your work.
Thanks a lot.

@zigad
Copy link

zigad commented Jun 6, 2024

Just a quick update, latest version of Unleashed 074 has been released and it has this app updated to support the API refactor.

This was made possible because of @xMasterX

@anarsoul
Copy link

anarsoul commented Jun 6, 2024

Just a quick update, latest version of Unleashed 074 has been released and it has this app updated to support the API refactor.

For those who's interested, the code lives at https://github.com/xMasterX/all-the-plugins/tree/dev/base_pack/mifare_nested and the app can be compiled just fine for regular flipperzero firmware

@noproto
Copy link

noproto commented Aug 4, 2024
edited
Loading

Sharing a progress update here, for anyone wondering what has been happening behind the scenes..

You have to understand the four attacks which fall under the scope of Nested attacks. There is:

  • Static Nested: The easiest tags. I have supported cracking Static Nested nonces in the MFKey app for a while now. We reduced the memory usage of the attack by 99.9% to allow you to crack Static Nested keys on the Flipper Zero in several minutes, and FlipperNested collected the nonces.
  • "Full" Nested: Anywhere from a little bit harder to much harder, depending on the distance. This could mean gigabytes of memory consumed on the desktop. Would take months or years on a Flipper Zero.
  • Static Encrypted Nonce Nested: Thought to be impossible, no known card-only attacks. FlipperNested doesn't collect any nonces and visually indicates the futility of your situation with a crying dolphin.
  • Hardnested: Gigabytes of memory required, impossible to run the attack on the Flipper Zero but FlipperNested will collect nonces so you can run the attack on your desktop.

So. What have we been doing about this? Quite a lot, and our work is coming to an end soon.

  • Static Nested: Will be integrated with the firmware upon our PR being completed. You will only have to read your tag and you'll have all of the nonces ready to be cracked by MFKey, no FlipperNested involved. What is better is that we can reuse our research here in order to do accelerated dictionary attacks. Reading your card will now take seconds, when originally it could take as long as 10-15 minutes.
  • "Full" Nested: An unsolved problem in FlipperNested, we solved it. Through our research the complexity of the problem has been reduced so much, you'll be able to crack the keys on your Flipper Zero at the same speed as Static Nested (several minutes)
  • Static Encrypted Nonce Nested: Previously unsolved for 2 years, we shared the first proof of concept attacks against this card on July 17th, 2024. Over the next week, we reduced the complexity enough to solve the cards in several hours or days. New research has emerged (not by us) which cannot be disclosed at this time. What we can say is that these formerly impossible cards will soon be able to be cracked on your Flipper Zero - also at the same speed as Static Nested.
  • Hardnested: We're not magicians. The hardened tags will still need to be offloaded, and I'll write it into the Flipper mobile app if needed.

Feel free to follow along with the PR. I expect it to be ready to be merged within the next several weeks: flipperdevices/flipperzero-firmware#3822

casimirextreme commented Apr 10, 2024
@anarsoul It seems that nobody really had worked on it. If you have some time, please submit your work. Thanks a lot.

Just because you didn't see the research happening didn't mean nobody was working on it. I've been working on it this entire time. I've also identified many minor issues in the FlipperNested application along the way which are being resolved in the update. I'm not being paid to work on this, it's a significant amount of research, and it takes time.

@casimirextreme
Copy link

@noproto Thanks for your hard work. About my quote, I was of course only talking about the refactoring, not on the research nor on the added features/improvements. Anyway thanks again for all you magnificent work.

@Stepzor11
Copy link

Sharing a progress update here, for anyone wondering what has been happening behind the scenes..

You have to understand the four attacks which fall under the scope of Nested attacks. There is:

  • Static Nested: The easiest tags. I have supported cracking Static Nested nonces in the MFKey app for a while now. We reduced the memory usage of the attack by 99.9% to allow you to crack Static Nested keys on the Flipper Zero in several minutes, and FlipperNested collected the nonces.
  • "Full" Nested: Anywhere from a little bit harder to much harder, depending on the distance. This could mean gigabytes of memory consumed on the desktop. Would take months or years on a Flipper Zero.
  • Static Encrypted Nonce Nested: Thought to be impossible, no known card-only attacks. FlipperNested doesn't collect any nonces and visually indicates the futility of your situation with a crying dolphin.
  • Hardnested: Gigabytes of memory required, impossible to run the attack on the Flipper Zero but FlipperNested will collect nonces so you can run the attack on your desktop.

So. What have we been doing about this? Quite a lot, and our work is coming to an end soon.

  • Static Nested: Will be integrated with the firmware upon our PR being completed. You will only have to read your tag and you'll have all of the nonces ready to be cracked by MFKey, no FlipperNested involved. What is better is that we can reuse our research here in order to do accelerated dictionary attacks. Reading your card will now take seconds, when originally it could take as long as 10-15 minutes.
  • "Full" Nested: An unsolved problem in FlipperNested, we solved it. Through our research the complexity of the problem has been reduced so much, you'll be able to crack the keys on your Flipper Zero at the same speed as Static Nested (several minutes)
  • Static Encrypted Nonce Nested: Previously unsolved for 2 years, we shared the first proof of concept attacks against this card on July 17th, 2024. Over the next week, we reduced the complexity enough to solve the cards in several hours or days. New research has emerged (not by us) which cannot be disclosed at this time. What we can say is that these formerly impossible cards will soon be able to be cracked on your Flipper Zero - also at the same speed as Static Nested.
  • Hardnested: We're not magicians. The hardened tags will still need to be offloaded, and I'll write it into the Flipper mobile app if needed.

Feel free to follow along with the PR. I expect it to be ready to be merged within the next several weeks: flipperdevices/flipperzero-firmware#3822

casimirextreme commented Apr 10, 2024
@anarsoul It seems that nobody really had worked on it. If you have some time, please submit your work. Thanks a lot.

Just because you didn't see the research happening didn't mean nobody was working on it. I've been working on it this entire time. I've also identified many minor issues in the FlipperNested application along the way which are being resolved in the update. I'm not being paid to work on this, it's a significant amount of research, and it takes time.

Amazing!
Thank you for your incredible job!♥️

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
10 participants
@anarsoul @noproto @casimirextreme @fastbone @RealIndica @zigad @gauthi3r @Qibli-wof @AloneLiberty @Stepzor11