github.com/nfc-tools.mfcuk
1
0
Fork 0
mirror of https://github.com/nfc-tools/mfcuk.git synced 2026-01-23 11:00:00 +00:00
Code Issues Releases Wiki Activity
nfc-tools.mfcuk/MifareClassicKnownCardsDataFormat.md
Google Code Exporter 328019125e Migrating wiki contents from Google Code
2015-04-19 03:50:14 -04:00

42 lines
8.6 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Introduction #
Summarizes known/publicly implemented Mifare Classic cards - default keys, data storage format, known-plaintexts on card, etc.
# How to contribute #
If you legally own a publicly available Mifare Classic card, which **is not** listed here or which you think **is more accurate/updated** than presented one, we would like to hear from you.
Please DO NOT contribute:
* private card dumps (examples: office building, fitness centers, etc.)
* card dumps which do not legally belong to you (examples: a test dump made by a friend on your computer, dump you made from your friend's card, etc.)
# Legal disclaimer #
This information is presented in good faith and for informational purposes only. It is not intended to disclose private/sensitive information nor to affect in any other ways holders or issuers of such publicly available cards. The information is gathered from personally and legally owned cards. The information presented here is intended to raise awareness to the possible security threats and privacy implications when using Mifare Classic cards.
# Details #
| **Country** | **City** | **Card Name** | **Estimated number (date)** | **URL/Photo** | **Card type** | **Default keys** | **Reused keys patterns** | **Data format** | **Known plain-text** | **Risk level** |
|:------------|:---------|:--------------|:----------------------------|:--------------|:--------------|:-----------------|:-------------------------|:----------------|:---------------------|:---------------|
| Romania | <a href='http://maps.google.com/?q=Bucharest'>Bucharest</a> | RATB SAT Card Activ | ? | http://card.ratb.ro/<br> <img src='http://mfcuk.googlecode.com/files/Romania_Bucharest_RATB_Activ_front0.jpg'><br> <img src='http://mfcuk.googlecode.com/files/Romania_Bucharest_RATB_Multiplu_front.jpg'> <table><thead><th> 1K </th><th> None </th><th> Sector_0_A=Sector_1_A <br> Sector_0_B=Sector_1_B </th><th> <b>Unknown</b><br> encoded/mangled/in-house crypto?<br> encrypted?<br> block/stream cipher? </th><th> 0xFF sequences in blocks: 1, 2, 32, 33, 34, 36, 37, 38 </th><th> low </th></thead><tbody>
<tr><td> Romania </td><td> <a href='http://maps.google.com/?q=Timisoara'>Timisoara</a> </td><td> RATT Acces Card </td><td> ? </td><td> <a href='http://www.ratt.ro/taxare/'>http://www.ratt.ro/taxare/</a><br> <img src='http://mfcuk.googlecode.com/files/Romania_Timisoara_RATT_Acces_front0.jpg'> </td><td> ?K </td><td> ? </td><td> ? </td><td> ? </td><td> ? </td><td> ? </td></tr>
<tr><td> Bulgaria </td><td> <a href='http://maps.google.com/?q=Sofia'>Sofia</a> </td><td> SKGT </td><td> ? </td><td> <a href='http://www.skgt-bg.com/index_en.htm'>http://www.skgt-bg.com/index_en.htm</a><br> <img src='http://mfcuk.googlecode.com/files/Bulgaria_Sofia_ECard_front0.JPG'> </td><td> 4K </td><td> FFzzzzzzzzzz<br> A0zzzzzzzzzz </td><td> Default keys heavily reused<br> Sector_5_A=Sector_6_A </td><td> <b>Sector 1</b> (administration code 0x00 0x04) contain card holder information (Run-Length-Encoded)<br> <b>Sector 2</b> contain card publisher information (code 0x00, 0x15)<br> <b>Sector 3</b> electronic purse, city traffic<br> These sectors do not change during card usage<br> <b>Sector 4 Block 0,1</b> = unknown data<br> <b>Sector 4 Block 2</b> = last travel<br> Example: <i>00 04 00 01 01 00 e1 05 58 12 c2 00 00 70 00 93</i><br> <i>00 04</i> = line number 4<br> <i>05 e1</i> (hex) = 1505 (dec) = car number<br> <i>00 c2 12 58</i> (hex) = 1100 0010 00 01 0010 0101 1000 (bin), lower 14 bits = number of days since 01.01.1997, higher bits = number of minutes since the start of the day<br> <b>Sector 5 Block 0,1</b> = Value blocks </td><td> Hex password for last sector key B represents string "SofiaM" </td><td> <b>HIGH</b> </td></tr>
<tr><td> U.K. </td><td> <a href='http://maps.google.com/?q=London'>London</a> </td><td> Oyster card </td><td> ? </td><td> <a href='https://oyster.tfl.gov.uk/oyster/entry.do'>https://oyster.tfl.gov.uk/oyster/entry.do</a><br> <img src='http://mfcuk.googlecode.com/files/UK_London_Oyster_frontX.jpg'><br> <img src='http://mfcuk.googlecode.com/files/UK_London_Oyster_backX.jpg'> </td><td> 1K </td><td> None </td><td> None </td><td> <b>Unknown</b><br> encoded/mangled/in-house crypto?<br> encrypted?<br> block/stream cipher? </td><td> 0xFF sequences in blocks: 2, 17, 56, 57, 58, 60, 61, 62<br> "ABCDEFGHIJKLM" string at block 1 </td><td> . </td></tr>
<tr><td> Netherlands </td><td> <a href='http://maps.google.com/?q=Amsterdam'>Amsterdam</a> </td><td> OV Chipkaart </td><td> ? </td><td> <a href='http://www.ov-chipkaart.nl/'>http://www.ov-chipkaart.nl/</a><br> <img src='http://mfcuk.googlecode.com/files/Netherlands_Amsterdam_OV_Chipkaart_front0.jpg'> </td><td> ? </td><td> ? </td><td> ? </td><td> ? </td><td> ? </td><td> . </td></tr>
<tr><td> Taiwan </td><td> <a href='http://maps.google.com/?q=Taipei'>Taipei</a> </td><td> EasyCard </td><td> <a href='http://www.nfctimes.com/news/easycard-corp-assures-secure-e-wallets'>18.2 millions (Apr 2010)</a> </td><td> <a href='http://www.trtc.com.tw/'>http://www.trtc.com.tw/</a><br> <img src='http://mfcuk.googlecode.com/files/Taiwan_Taipei_EasyCard_frontX.jpg'> </td><td> 1K </td><td> ? </td><td> ? </td><td> <b>Unknown</b><br> encoded/mangled/in-house crypto?<br> encrypted?<br> block/stream cipher? </td><td> ? </td><td> . </td></tr>
<tr><td> Czech </td><td> Czech Technical University in Prague, Institute of Chemical Technology Prague </td><td> Student CVUT/VSCHT Card </td><td> ? </td><td> <a href='http://www.techlib.cz/en/customer-account/registration/id-cards-of-cvut-and-vscht/'>http://www.techlib.cz/en/customer-account/registration/id-cards-of-cvut-and-vscht/</a> </td><td> 1K </td><td> FFzzzzzzzzzz </td><td> Sectors 0 to 3 have equal key A<br> Sectors 0 to 3 have equal key B </td><td> <b>Cleartext</b><br> Block1 = National ID (?)<br>Block2 = Passport No (?)<br> Block4 = Name (space padded)<br> Block5 = Surname (space padded)<br> Block8 = Valability (?) in format DD.MM.YYYY<br> Block12/13 = Telephone numbers (?) </td><td> None </td><td> <b>HIGH</b> </td></tr>
<tr><td> Czech </td><td> Czech </td><td> Czech ISIC Card </td><td> ? </td><td> <a href='http://www.isic.cz/'>http://www.isic.cz/</a> </td><td> 1K </td><td> FFzzzzzzzzzz </td><td> None </td><td> Cleartext (?)<br> Block4 = some kind of serial number </td><td> None </td><td> <b>HIGH</b> </td></tr>
<tr><td> Czech </td><td> Liberec </td><td> Liberec City Card </td><td> ? </td><td> <a href='http://www.mikroelektronika.cz/custom-made-electronics/novinky'>http://www.mikroelektronika.cz/custom-made-electronics/novinky</a><br> <a href='http://www.mucl.cz/mestska-autobusova-doprava/opuscard/karta-opuscard.html'>http://www.mucl.cz/mestska-autobusova-doprava/opuscard/karta-opuscard.html</a> </td><td> 4K </td><td> A0zzzzzzzzzz </td><td> Block 0x5F to 0xFF have equal key A<br> Block 0x5F to 0xFF have equal key B </td><td> Partially cleartext<br> Block4 = Surname Name (seem null terminated C strings)<br> Rest encoded/encrypted (?) </td><td> Block 1 and 2 = lots of every second byte is 0x18 </td><td> MEDIUM </td></tr>
<tr><td> Luxembourg </td><td> Luxembourg </td><td> Luxembourg (Public Transport) Card </td><td> ? </td><td> ? </td><td> 1K </td><td> FFzzzzzzzzzz </td><td> Block 0x00 to 0x33 have equal key A<br> Block 0x00 to 0x33 have equal key B </td><td> Encoded, seems no encryption or dynamic keys </td><td> Block 0x34, 0x35, 0x36, 0x38, 0x39, 03a, 0x3c, 0x3d, 0x3e = filled with 0xFF </td><td> MEDIUM </td></tr>
<tr><td> Russia </td><td> Moscow </td><td> Бесконтактные транспортные карты </td><td> <a href='http://www.rfida.com/2007/02/russia-rfid-transportation-application.htm'>5-30 millions (1998-2007)</a> </td><td> <a href='http://www.metro.ru/fare/contactless/'>http://www.metro.ru/fare/contactless/</a> </td><td> ?K </td><td> ? </td><td> ? </td><td> ? </td><td> ? </td><td> ? </td></tr>
<tr><td> Russia </td><td> Russia </td><td> Rossiyskie Zheleznye Dorogi/Russian Railways (RZhD) </td><td> ? </td><td> <a href='http://www.rzd.ru/isvp/public/rzd?STRUCTURE_ID=5064&layer_id=4064&refererLayerId=4063&id=312006&forum_id=12#2'>Forum notes</a><br> <a href='http://www.old.recon.ru/daily/page1_3918.php'>News notes</a> </td><td> ? </td><td> ? </td><td> ? </td><td> ? </td><td> ? </td><td> ? </td></tr></tbody></table>
<h1>Links</h1>
<a href='http://www.dib.com.br/dib%20cd/C2007/Palestras/Palestra%20Francimar%20Santos%20Cards%202007.pdf'>http://www.dib.com.br/dib%20cd/C2007/Palestras/Palestra%20Francimar%20Santos%20Cards%202007.pdf</a><br>
<a href='http://www.skyscrapercity.com/showthread.php?p=39116178'>http://www.skyscrapercity.com/showthread.php?p=39116178</a><br>
<a href='http://www.ratt.ro/forum/index.php?showtopic=157&st=0'>http://www.ratt.ro/forum/index.php?showtopic=157&amp;st=0</a><br>
Reference in New Issue View Git Blame Copy Permalink