使用NFC Module For Arduino V1.0在linux下读取公交卡信息

硬件准备

系统使用的是kali linux

首先我们将硬件连接好，请仔细看图，图中标记很明显，但是容易接错（PS：表紧张，接错了不会爆炸）。

USB转串口模块链接电脑，lsusb查看usb设备。

root@phantom:~# lsusb
Bus 008 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 006 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 005 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 007 Device 006: ID 10c4:ea60 Cygnal Integrated Products, Inc. CP210x UART Bridge / myAVR mySmartUSB light
Bus 007 Device 004: ID 1a40:0101 Terminus Technology Inc. 4-Port HUB
Bus 007 Device 002: ID 1a40:0101 Terminus Technology Inc. 4-Port HUB
Bus 007 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 003 Device 002: ID 15d9:0a4c Trust International B.V. USB+PS/2 Optical Mouse
Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub

看到CP210x那个就是usb转串口模块

然后切换到dev下面看编号

root@phantom:/dev# ls
autofs           loop6               snapshot  tty29  tty55       vcs4
block            loop7               snd       tty3   tty56       vcs5
bsg              loop-control        sndstat   tty30  tty57       vcs6
btrfs-control    MAKEDEV             stderr    tty31  tty58       vcs7
bus              mapper              stdin     tty32  tty59       vcsa
char             mcelog              stdout    tty33  tty6        vcsa1
console          mem                 tty       tty34  tty60       vcsa2
core             mycard.mfd          tty0      tty35  tty61       vcsa3
cpu              net                 tty1      tty36  tty62       vcsa4
cpu_dma_latency  network_latency     tty10     tty37  tty63       vcsa5
cuse             network_throughput  tty11     tty38  tty7        vcsa6
disk             null                tty12     tty39  tty8        vcsa7
dri              port                tty13     tty4   tty9        vfio
fb0              ppp                 tty14     tty40  ttyS0       vga_arbiter
fd               psaux               tty15     tty41  ttyS1       vhci
full             ptmx                tty16     tty42  ttyS2       vhost-net
fuse             pts                 tty17     tty43  ttyS3       vmci
hidraw0          random              tty18     tty44  ttyUSB0     vmmon
hpet             root                tty19     tty45  uhid        vmnet0
input            rtc                 tty2      tty46  uinput      vmnet1
kmsg             rtc0                tty20     tty47  urandom     vmnet8
kvm              sda                 tty21     tty48  vboxdrv     vsock
log              sda1                tty22     tty49  vboxdrvu    watchdog
loop0            sda2                tty23     tty5   vboxnetctl  watchdog0
loop1            sda5                tty24     tty50  vboxusb     xconsole
loop2            sdb                 tty25     tty51  vcs         zero
loop3            serial              tty26     tty52  vcs1
loop4            sg0                 tty27     tty53  vcs2
loop5            shm                 tty28     tty54  vcs3

ttyUSB0就是我们的usb转串口模块的编号

安装libnfc之前需要安装必要的库使用一下命令

apt-get install libusb-dev libpcsclite-dev libusb-0.1-4 libpcsclite1 libccid pcscd

然后下载libnfc这个软件，我这提供一个下载的地址（由于国内的某些原因导致谷歌code上不去的童鞋可以使用此链接下载）libnfc-1.7.1.tar.bz2，下载完之后解压，使用以下命令进行编译安装

root@phantom:~/files/libnfc-1.7.1# ./configure --with-drivers=all
root@phantom:~/files/libnfc-1.7.1# make
root@phantom:~/files/libnfc-1.7.1# make install

安装结束之后cd到examlpe下面执行nfc-list查看NFC设备。但是，这个时候通常是NFC device not found.

这个问题解决也比较简单

需要在/etc/下面建立nfc文件夹，然后在其目录下新建文件libnfc.conf

写入以下内容

# Allow device auto-detection (default: true)
# Note: if this auto-detection is disabled, user has to set manually a device
# configuration using file or environment variable
allow_autoscan = true
# Allow intrusive auto-detection (default: false)
# Warning: intrusive auto-detection can seriously disturb other devices
# This option is not recommended, user should prefer to add manually his device.
allow_intrusive_autoscan = true
# Set log level (default: error)
# Valid log levels are (in order of verbosity): 0 (none), 1 (error), 2 (info), 3 (debug)
# Note: if you compiled with --enable-debug option, the default log level is "debug"
log_level = debug
# Manually set default device (no default)
# To set a default device, you must set both name and connstring for your device
# Note: if autoscan is enabled, default device will be the first device available in device list.
device.name = "microBuilder.eu"
#device.connstring = "pn532_uart:/dev/ttyAMA0"
device.connstring = "pn532_uart:/dev/ttyUSB0"

然后继续回到libnfc的example目录执行nfc-list，这个时候可以看到nfc设备已经打开

root@phantom:~/files/libnfc-1.7.1/examples# nfc-list 
nfc-list uses libnfc 1.7.1
NFC device: pn532_uart:/dev/ttyUSB0 opened
1 ISO14443A passive target(s) found:
ISO/IEC 14443A (106 kbps) target:
    ATQA (SENS_RES): 00  04  
       UID (NFCID1): fa  d6  9c  08  
      SAK (SEL_RES): 08 

UID那些信息是公交卡的信息。

然后我们打开kali linux下面自带的mfoc这个软件。执行一下命令mfoc -O mycard.mfd读取信息。

root@phantom:~/files/libnfc-1.7.1# mfoc -O mycard.mfd
ISO/IEC 14443A (106 kbps) target:
    ATQA (SENS_RES): 00  04  
* UID size: single
* bit frame anticollision supported
       UID (NFCID1): fa  d6  9c  08  
      SAK (SEL_RES): 08  
* Not compliant with ISO/IEC 14443-4
* Not compliant with ISO/IEC 18092

Fingerprinting based on MIFARE type Identification Procedure:
* MIFARE Classic 1K
* MIFARE Plus (4 Byte UID or 4 Byte RID) 2K, Security level 1
* SmartMX with MIFARE 1K emulation
Other possible matches based on ATQA & SAK values:

Try to authenticate to all sectors with default keys...
Symbols: '.' no key found, '/' A key found, '\' B key found, 'x' both keys found
[Key: ffffffffffff] -> [.............xx.]
[Key: a0a1a2a3a4a5] -> [/............xx.]
[Key: d3f7d3f7d3f7] -> [/............xx.]
[Key: 000000000000] -> [/............xx.]
[Key: b0b1b2b3b4b5] -> [/............xx.]

读取的公交卡信息。OK，读取过程结束，至于这些信息能用来干嘛，呵呵，不多说，自行研究。还有如果想要冲钱什么的。。。呵呵呵。。自行研究。谢谢观看。再见。