MFKey32

Mifare Dump
TagType
UID
ATQA
SAK
ATS
Click to open manual

ChameleonUltra is a powerful tool for recovering the keys which the reader use to authenticate the tag. Before starting the recovery process, you need to prepare the anti-collision and dump data.

# Button's functionality
  • Edit keys: Edit the known keys which will be used to read the tag in hex format, one key per line. If no keys, the well-known keys will be used.
  • Read Tag: Read the anti-collision data and blocks of tag via ChameleonUltra. Blocks which can not be read will be filled with pre-defined block data.
  • New dump: Create a new dump corresponding to current anti-collision data.
  • Edit dump: Edit the dump data in hex format, one block per line.
  • Import file: Import dump from file then grab the keys of the dump. Anti-collision will also be overwritten if exists in file. Supported file ext.: bin, json, eml, mct.
  • Export file: Export dump to file. Supported file ext.: bin, json, eml, mct.
# What's Anti-Collision data

The anti-collision data consists of UID, ATQA, SAK and ATS. Some reader will use different keys corresponding to different anit-collision data. You may not recover the correct keys if you don't have the correct anti-collision data.

# Create new blank dump

If you don't have a tag, you can edit the anti-collision data and click "New dump" to create a new blank dump. Because the dump data is unknown, only partial keys used by the reader can be recoverd.

# Read data from tag

If you have a tag, the preferred method is using the keys to read the tag via ChameleonUltra. If you already have some keys of the tag, you can click "Edit keys" to edit. Otherwise, you can start from the well-known keys. Then you can click "Read Tag".

# Export dump before closing

You can click "Export file" to export the data to file. Then you can click "Import file" to import later. Please remember to export the dump before closing the page!

# Learn more about MFKey32

If you want to learn more about MFKey32, please refer to the Flipper's Recovering MIFARE Classic keys Document.

Emulate / Recover key
Slot
Click to open manual

To Recover the keys, you need to emulate the dump via ChameleonUltra, let the reader to read the ChameleonUltra more than 2 times to collect the logs, and finally read the logs to recover the keys.

# Button's functionality
  • Emulate: Write the dump data to the selected slot of ChameleonUltra and emulate. The original data of the slot will be REPLACED.
  • Recover: Read the logs from ChameleonUltra and recover the keys. It may take a long time. Recovered keys will be add to the known keys automatically.
# Repeat to recover more keys

The more keys you known, the more keys can be recovered. If there are some blocks which can not be read, you can repeat the whole process (read tag, emulate, recover) and try to recover more keys.

{{ exportimport.title ?? 'Edit text' }}
Click "Copy" to copy text, or click "Apply" to apply change.
Export Dump
{{ dumpExport.json.download }}
Click to download as JSON format. This format can be used in Proxmark3 and Chameleon Mini GUI.
{{ dumpExport.bin.download }}
Click to download as BIN format. This format can be used in Proxmark3, libnfc, mfoc...
{{ dumpExport.eml.download }}
Click to download as EML format. This format can be used in Proxmark3 emulator.
{{ dumpExport.mct.download }}
Click to download as MCT format. This format can be used in Mifare Classic Tool.