Noob question: Easiest way to find NFC key? Keys found 18/32

I have several NFC tags, all using the Mifare Classic 1k standard. They are all just partially read in the read process finding between 2-18 of 32 keys even after the full wait time and read process completes.
I suspect that the keys use a key that isn’t in the library, but how can I find this key manually?

on android you have this application


then you add in manual the key on flipper.

Thank you. I will try this ASAP.

I have added both the FFFFFF… key and the E7316… key in my user library. are there any differences between it being KeyA, or KeyB? do I need o add the AC’s in red letters somewhere?
my Flipper is still only finding 18/32 keys when I scan it.

1 Like

It seems that some A keys are not in the MCT’s dictionary. You’ll need a proxmark3 for a more advanced attack like hardnested to recover those keys.

OK. thank you. That is a bit outside of my budget. Are these databases expanded in time so that these tags can be successfully read at a later time?

We are actually working on making those attacks possible on the Flipper itself, but it’ll take some time.

Most cards nowadays have per-card keys, so dictionary attacks are ineffective against them, as every card has its own set of keys


Thanks. I will await this functionality then. Almost all of my NFC tags are limited with this problem, so until then 90% of my planned Flipper usage is limited to Infrared devices.

1 Like

you can use mfkey to recover the rest


That actually worked like a charm. once I got around to actually install windows subsystems for linux instead of trying to figure out the other windows environment stuff.

Hi @hAgGbArT did you get the rest of the keys during the authentication with the reader, correct? @equip without having physical access to the reader cannot be perform this process ?

just get a proxmark3 easy on aliexpreys for ~50€