Advanced MIFARE Classic heuristics, auto-cracking, and payload generation.
Developed by Nour833
If you use an ACR122U reader on Linux with libnfc, you know the pain.
When writing to MIFARE Classic cards, the card sends a tiny 4-bit acknowledgement signal. The Linux USB driver often misses this signal due to latency, causing the connection to time out before data is written.
Writing Sector 1 on Linux is a nightmare. Writing Sector 1 on Android is instant.
FCOIN acts as the "Brain," and your phone acts as the "Muscle."
- The Brain (Linux): Uses the superior processing power of your PC to crack keys (
mfoc), map the memory, detect value blocks, and calculate checksums. - The Bridge: It generates precise, copy-pasteable payloads.
- The Muscle (Android): You input these payloads into Mifare Classic Tool (MCT) on your phone to bypass the USB driver bug and execute the write perfectly.
- ๐ต๏ธโโ๏ธ Quantum Heuristics Engine: Automatically detects block types:
- WALLETS: Checks Little Endian integers + Inverted Checksums + Address pointers.
- TIMESTAMPS: Detects Unix Timestamps (Years 2010โ2035) for Parking systems.
- VENDORS: Decodes ASCII and identifies vendor IDs (e.g., E-CORP).
- ๐ Auto-Cracking: Wraps
mfoc(Hardnested Attack) to recover keys from locked cards. - ๐พ Key Persistence: Caches cracked keys to
fcoin.keysfor instant access on subsequent runs. - ๐งฎ Smart Payload Gen: Automatically calculates the required hex string for Value Blocks, including the inverted backup integrity check.
- ๐ก๏ธ Dependency Self-Healing: Detects missing tools and installs them automatically (via sudo).
- A Linux environment (Ubuntu/Debian/Kali).
- An NFC Reader (ACR122U, PN532, etc.).
- An Android Phone with NFC and Mifare Classic Tool (MCT).
# 1. Clone the repository
git clone [https://github.com/Nour833/fcoin.git](https://github.com/Nour833/fcoin.git)
cd fcoin
# 2. Make the script executable
chmod +x fcoin.py
# 3. Run (Dependencies will auto-install on first run)
./fcoin.pyConnect your reader and place the target card. Run the script:
./fcoin.pyThe script will:
- Crack the card keys.
- Display a Memory Forensics Table.
- Ask you to select a Target ID (e.g.,
[0] WALLET). - Ask for the New Balance you want (e.g.,
50.00).
The script will generate a Mission Briefing on the screen.
>>> ANDROID MISSION BRIEFING <<<
APP REQUIRED: Mifare Classic Tool (MCT)
ACCESS KEY: A0A1A2A3A4A5 (Key B)
PHASE 3: DATA PAYLOADS
(Tap 'Open Dump Editor' or manually edit the blocks in the file)
> Block 4: 8813000077ECFFFF8813000004FB04FB
> Block 5: 8813000077ECFFFF8813000005FA05FA
- Open MCT on your phone.
- Use the provided Key to read the card.
- Use the Write Block or Write Dump tool to paste the payloads into the specific blocks listed by FCOIN.
_____ ____ ___ ___ _ _
| ___/ ___/ _ \_ _| \ | |
| |_ | | | | | | || \| |
| _|| |__| |_| | || |\ |
|_| \____\___/___|_| \_| v13.1
[ QUANTUM CREDSTICK MANAGER ]
Dev: Nour833
"Control is an illusion."
[*] READER ONLINE. Waiting for target...
Place card and press ENTER...
[+] ACCESS GRANTED.
Type: Mifare Classic 1k tag
UID: DEADBEEF
--- [ MEMORY FORENSICS ] ---
----------------------------------------------------------------------------------------------------
ID | SEC | TYPE | CONTENT PREVIEW | STATUS | KEY A
----------------------------------------------------------------------------------------------------
| 0 | MFG | UID: DEADBEEF | FACTORY | FFFFFFFFFFFF
[0] | 1 | WALLET | Bal: 12.50 EUR | ACTIVE | A0A1A2A3A4A5
| 2 | VENDOR | Txt: E-CORP LNDRY | LOCKED | B0B1B2B3B4B5
| 3 | EMPTY | | FACTORY | FFFFFFFFFFFF
FOR EDUCATIONAL AND DIAGNOSTIC PURPOSES ONLY.
This tool is intended for security research and managing your own hardware. The authors are not responsible for:
- Any damage caused to hardware (Bricked cards).
- Any legal consequences arising from the misuse of this tool.
- Lost data.
Always have permission before analyzing cards you do not own.
"I wanted to save the world."