I've got a nice flat, but there are several doors to pass before getting inside it. One of them can be opened with a badge from noralsy:
I got bored, and though that it would be a nice pretext to play a bit with
mifare.
I bought an ACR122 for a couple of euros, along with
a few blank cards, plugged it into an USB port, ran nfc-list, and got this:
$ nfc-list
nfc-list uses libnfc 1.7.1
error libnfc.driver.acr122_usb Unable to claim USB interface (Device or resource busy)
nfc-list: ERROR: Unable to open NFC device: acr122_usb:002:011
$
The solution is simply to unload the pn533_usb module (and not only the
pn533 one):
$ nfc-list
nfc-list uses libnfc 1.7.1
NFC device: ACS / ACR122U PICC Interface opened
$
Way better.
The keys can be bruteforced with mfcuk
with ./mfcuk -C -R 0:A -s 250 -S 250, but it's smarter to try a few obvious
keys with mfoc
(along with this patch to speed
things up) before, like variations of noralsy:
$ python bf.py output.mfd
[+] Found key A: 414c41524f4e
[+] Found key B: 424c41524f4e
[+] Everything was dumped.
Aka ALARON and BLARON: well done noralys.
The weird part is that the card is completely empty,
expect the vendor-reserved block 00. The only remaining thing to do now is to
check if I can open other noralys doors with my badge.
It's also trivial to clone it: nfc-mfclassic w output.mfd output.mfd.
I thought that the whole process would be more complex, so I'm a bit disapointed, but at least I've got fancy badges for my friends now.