硬件准备
系统使用的是kali linux首先我们将硬件连接好,请仔细看图,图中标记很明显,但是容易接错(PS:表紧张,接错了不会爆炸)。
USB转串口模块链接电脑,lsusb查看usb设备。
root@phantom:~# lsusb Bus 008 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 006 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 005 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 007 Device 006: ID 10c4:ea60 Cygnal Integrated Products, Inc. CP210x UART Bridge / myAVR mySmartUSB light Bus 007 Device 004: ID 1a40:0101 Terminus Technology Inc. 4-Port HUB Bus 007 Device 002: ID 1a40:0101 Terminus Technology Inc. 4-Port HUB Bus 007 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 003 Device 002: ID 15d9:0a4c Trust International B.V. USB+PS/2 Optical Mouse Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub看到CP210x那个就是usb转串口模块
然后切换到dev下面看编号
root@phantom:/dev# ls autofs loop6 snapshot tty29 tty55 vcs4 block loop7 snd tty3 tty56 vcs5 bsg loop-control sndstat tty30 tty57 vcs6 btrfs-control MAKEDEV stderr tty31 tty58 vcs7 bus mapper stdin tty32 tty59 vcsa char mcelog stdout tty33 tty6 vcsa1 console mem tty tty34 tty60 vcsa2 core mycard.mfd tty0 tty35 tty61 vcsa3 cpu net tty1 tty36 tty62 vcsa4 cpu_dma_latency network_latency tty10 tty37 tty63 vcsa5 cuse network_throughput tty11 tty38 tty7 vcsa6 disk null tty12 tty39 tty8 vcsa7 dri port tty13 tty4 tty9 vfio fb0 ppp tty14 tty40 ttyS0 vga_arbiter fd psaux tty15 tty41 ttyS1 vhci full ptmx tty16 tty42 ttyS2 vhost-net fuse pts tty17 tty43 ttyS3 vmci hidraw0 random tty18 tty44 ttyUSB0 vmmon hpet root tty19 tty45 uhid vmnet0 input rtc tty2 tty46 uinput vmnet1 kmsg rtc0 tty20 tty47 urandom vmnet8 kvm sda tty21 tty48 vboxdrv vsock log sda1 tty22 tty49 vboxdrvu watchdog loop0 sda2 tty23 tty5 vboxnetctl watchdog0 loop1 sda5 tty24 tty50 vboxusb xconsole loop2 sdb tty25 tty51 vcs zero loop3 serial tty26 tty52 vcs1 loop4 sg0 tty27 tty53 vcs2 loop5 shm tty28 tty54 vcs3ttyUSB0就是我们的usb转串口模块的编号
安装libnfc之前需要安装必要的库使用一下命令
apt-get install libusb-dev libpcsclite-dev libusb-0.1-4 libpcsclite1 libccid pcscd
然后下载libnfc这个软件,我这提供一个下载的地址(由于国内的某些原因导致谷歌code上不去的童鞋可以使用此链接下载)libnfc-1.7.1.tar.bz2,下载完之后解压,使用以下命令进行编译安装
root@phantom:~/files/libnfc-1.7.1# ./configure --with-drivers=all root@phantom:~/files/libnfc-1.7.1# make root@phantom:~/files/libnfc-1.7.1# make install
安装结束之后cd到examlpe下面执行nfc-list查看NFC设备。但是,这个时候通常是NFC device not found.
这个问题解决也比较简单
需要在/etc/下面建立nfc文件夹,然后在其目录下新建文件libnfc.conf
写入以下内容
# Allow device auto-detection (default: true) # Note: if this auto-detection is disabled, user has to set manually a device # configuration using file or environment variable allow_autoscan = true # Allow intrusive auto-detection (default: false) # Warning: intrusive auto-detection can seriously disturb other devices # This option is not recommended, user should prefer to add manually his device. allow_intrusive_autoscan = true # Set log level (default: error) # Valid log levels are (in order of verbosity): 0 (none), 1 (error), 2 (info), 3 (debug) # Note: if you compiled with --enable-debug option, the default log level is "debug" log_level = debug # Manually set default device (no default) # To set a default device, you must set both name and connstring for your device # Note: if autoscan is enabled, default device will be the first device available in device list. device.name = "microBuilder.eu" #device.connstring = "pn532_uart:/dev/ttyAMA0" device.connstring = "pn532_uart:/dev/ttyUSB0"然后继续回到libnfc的example目录执行nfc-list,这个时候可以看到nfc设备已经打开
root@phantom:~/files/libnfc-1.7.1/examples# nfc-list nfc-list uses libnfc 1.7.1 NFC device: pn532_uart:/dev/ttyUSB0 opened 1 ISO14443A passive target(s) found: ISO/IEC 14443A (106 kbps) target: ATQA (SENS_RES): 00 04 UID (NFCID1): fa d6 9c 08 SAK (SEL_RES): 08UID那些信息是公交卡的信息。
然后我们打开kali linux下面自带的mfoc这个软件。执行一下命令mfoc -O mycard.mfd读取信息。
root@phantom:~/files/libnfc-1.7.1# mfoc -O mycard.mfd ISO/IEC 14443A (106 kbps) target: ATQA (SENS_RES): 00 04 * UID size: single * bit frame anticollision supported UID (NFCID1): fa d6 9c 08 SAK (SEL_RES): 08 * Not compliant with ISO/IEC 14443-4 * Not compliant with ISO/IEC 18092 Fingerprinting based on MIFARE type Identification Procedure: * MIFARE Classic 1K * MIFARE Plus (4 Byte UID or 4 Byte RID) 2K, Security level 1 * SmartMX with MIFARE 1K emulation Other possible matches based on ATQA & SAK values: Try to authenticate to all sectors with default keys... Symbols: '.' no key found, '/' A key found, '\' B key found, 'x' both keys found [Key: ffffffffffff] -> [.............xx.] [Key: a0a1a2a3a4a5] -> [/............xx.] [Key: d3f7d3f7d3f7] -> [/............xx.] [Key: 000000000000] -> [/............xx.] [Key: b0b1b2b3b4b5] -> [/............xx.]读取的公交卡信息。OK,读取过程结束,至于这些信息能用来干嘛,呵呵,不多说,自行研究。还有如果想要冲钱什么的。。。呵呵呵。。自行研究。谢谢观看。再见。
本文链接:https://www.92ez.com/?action=show&id=2
!!! 转载请先联系non3gov@gmail.com授权并在显著位置注明作者和原文链接 !!! 小黑屋
提示:技术文章有一定的时效性,请先确认是否适用你当前的系统环境。
!!! 转载请先联系non3gov@gmail.com授权并在显著位置注明作者和原文链接 !!! 小黑屋
提示:技术文章有一定的时效性,请先确认是否适用你当前的系统环境。