Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Brute force authentication #8

Closed
limbenjamin opened this issue Dec 10, 2013 · 2 comments
Closed

Brute force authentication #8

limbenjamin opened this issue Dec 10, 2013 · 2 comments
Labels
question

Comments

@limbenjamin
Copy link

I want to check if it is feasible to brute force the key in a reasonable timeframe. Is the bottleneck the card or the CPU? I believe that mfcuk currently uses this method to obtain keys but is available only on x86 platform.

If it is feasible, I could contribute to the development of the feature, it is quite simple to implement, cycling all possible combinations through the existing authenticate() function in MCReader and recording those that return true.

Thanks.
@ikarus23
Copy link
Owner

As the README or the help & info section states:

  • There will be no "brute-force" attack capability in this application. It is way too slow due to the protocol.

So the bottleneck is the protocol. mfcuk does not use a brute force attack. It uses a optimized "darkside attack"
and "nested attack". Unfortunately it is not possible to implement those attacks on native Android (due to the lack of control over the NFC-controller).

@limbenjamin
Copy link
Author

Ok.Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ikarus23 @limbenjamin