Chameleon Mini: Mifare Cracking via the Reader Attack
Posted by Lab401 Lee on
LAB401 ACADEMY: Mifare Cracking: Reader Attack with Chameleon Mini RevE Rebooted
Lab401's Chameleon Tiny is a compact, highly capable tool typically used for 13.56MHz emulation (Mifare, Ultralight, etc).
When a reader begins communication with a Mifare Tag, it will send a series of keys to attempt card decryption. The first of these keys can be sniffed by the Chameleon Mini and easily decoded.
Armed with this key, we are able to use LibNFC's mfoc tool with the DL-533N, or the Proxmark 3 to perform a nested / hardnested attack to successfully crack all keys and dump the card.
This attack is especially useful when we have:
- A new generation MIFARE tag that resists classic attacks
- Access to the card's reader
Check out the step by step video below.
Interested in getting started with these tools? We've made the Pentester Pack that contains all the tools from this tutorial - and some extra Magic Mifare cards.
Buying in a pack gives a massive saving of 66 Euros - check out the pack here.