From 033bc12933177738743a95424dd8777d6e8bc626 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Mon, 11 Dec 2017 22:33:50 +0100 Subject: [PATCH] chg: 'hf mf fchk' - adapttions to depth first exits --- armsrc/mifarecmd.c | 31 +++++++++++++++++++++++-------- client/cmdhfmf.c | 8 ++++---- 2 files changed, 27 insertions(+), 12 deletions(-) diff --git a/armsrc/mifarecmd.c b/armsrc/mifarecmd.c index 5e18e8838..62c8bdb42 100644 --- a/armsrc/mifarecmd.c +++ b/armsrc/mifarecmd.c @@ -1254,11 +1254,13 @@ void MifareChkKeys_fast(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *da chk_data.cuid = cuid; chk_data.cl = cascade_levels; chk_data.pcs = pcs; - chk_data.block = 0; - + chk_data.block = 0; // keychunk loop - depth first one sector. if ( strategy == 1 ) { + + uint8_t newfound = foundkeys; + // Sector main loop // keep track of how many sectors on card. for (uint8_t s = 0; s < sectorcnt; ++s) { @@ -1270,11 +1272,16 @@ void MifareChkKeys_fast(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *da chk_data.block = FirstBlockOfSector( s ); for (uint8_t i = 0; i < keyCount; ++i) { + // Allow button press / usb cmd to interrupt device if (BUTTON_PRESS() && !usb_poll_validate_length()) { goto OUT; } + // found all keys? + if ( foundkeys == allkeys ) + goto OUT; + WDT_HIT(); // new key @@ -1313,6 +1320,11 @@ void MifareChkKeys_fast(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *da } } } // end loop - depth first + + // assume1. if we already some keys, time to quit this keyblock? + if ( newfound-foundkeys > 0 ) + goto OUT; + } // end loop - sector } // end strategy 1 @@ -1332,6 +1344,10 @@ void MifareChkKeys_fast(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *da // keep track of how many sectors on card. for (uint8_t s = 0; s < sectorcnt; ++s) { + // found all keys? + if ( foundkeys == allkeys ) + goto OUT; + // assume: block0,1,2 has more read rights in accessbits than the sectortrailer. authenticating against block0 in each sector chk_data.block = FirstBlockOfSector( s ); @@ -1365,18 +1381,18 @@ void MifareChkKeys_fast(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *da chkKey_scanB(&chk_data, k_sector, found, §orcnt, &foundkeys); } } + + } // end loop sectors - - // is all keys found? - if ( foundkeys == allkeys ) - break; } // end loop keys } // end loop strategy 2 OUT: LEDsoff(); + crypto1_destroy(pcs); + // All keys found, send to client, or last keychunk from client - if (foundkeys==allkeys || lastchunk ) { + if (foundkeys == allkeys || lastchunk ) { uint64_t foo = 0; uint16_t bar = 0; @@ -1394,7 +1410,6 @@ OUT: set_tracing(false); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); - crypto1_destroy(pcs); } else { // partial/none keys found cmd_send(CMD_ACK, foundkeys, 0, 0, 0, 0); diff --git a/client/cmdhfmf.c b/client/cmdhfmf.c index 2ebfb388c..f59a9a11c 100644 --- a/client/cmdhfmf.c +++ b/client/cmdhfmf.c @@ -1350,10 +1350,10 @@ int CmdHF14AMfChk_fast(const char *Cmd) { timeout++; printf("."); fflush(stdout); - // max timeout for one chunk of 85keys, 60*2sec = 120seconds + // max timeout for one chunk of 85keys, 60*3sec = 180seconds // s70 with 40*2 keys to check, 80*85 = 6800 auth. // takes about 97s, still some margin before abort - if (timeout > 60) { + if (timeout > 180) { PrintAndLog("\nNo response from Proxmark. Aborting..."); return 1; } @@ -1374,8 +1374,8 @@ int CmdHF14AMfChk_fast(const char *Cmd) { memcpy(e_sector, resp.d.asBytes, SectorsCnt * sizeof(icesector_t) ); goto out; } - } - } + } // end chunks of keys + } // end strategy out: t1 = msclock() - t1; PrintAndLog("[+] Time in checkkeys (fast): %.1fs\n", (float)(t1/1000.0));