From 67fb546887d71d667dcb2e727f4058c426697f76 Mon Sep 17 00:00:00 2001 From: Antiklesys Date: Sun, 18 May 2025 01:54:55 +0800 Subject: [PATCH 1/2] Update iclass trbl function Updated trbl function: 1- Better comparison of read values vs expected values 2- Stop on "partial values tearoff", show tearoff results when the block isn't zero, but is also different from the original block (even tho is not yet with the same values of the expected block) 3- Improvement to verbose mode --- client/src/cmdhficlass.c | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/client/src/cmdhficlass.c b/client/src/cmdhficlass.c index 70d17e746..3063a5f1d 100644 --- a/client/src/cmdhficlass.c +++ b/client/src/cmdhficlass.c @@ -3030,12 +3030,13 @@ static int CmdHFiClass_TearBlock(const char *Cmd) { int isok = 0; tearoff_params_t params; bool read_ok = false; - uint8_t keyType = 0x88; //debit key + if (use_credit_key) { PrintAndLogEx(SUCCESS, "Using " _YELLOW_("credit") " key"); keyType = 0x18; //credit key } + while (tearoff_start < tearoff_end && !read_ok) { //perform read here, repeat if failed or 00s @@ -3097,17 +3098,28 @@ static int CmdHFiClass_TearBlock(const char *Cmd) { tearoff_start--; } bool tear_success = true; - for (int i = 0; i < PICOPASS_BLOCK_SIZE; i++) { - if (data[i] != data_read[i]) { - tear_success = false; - } + bool expected_values = true; + if(memcmp(data_read, data, 8) != 0) { + tear_success = false; + }else if ((!tear_success) && (memcmp(data_read, zeros, 8) != 0) && (memcmp(data_read, data_read_orig, 8) != 0)) { //tearoff succeeded (partially) + tear_success = true; + expected_values = false; + PrintAndLogEx(SUCCESS, _GREEN_("Tear-off Success! -> Different values")); + PrintAndLogEx(INFO, "Original: %s", sprint_hex(data_read_orig, sizeof(data_read))); + PrintAndLogEx(INFO, "Expected: %s", sprint_hex(data, sizeof(data))); } if (tear_success) { //tearoff succeeded read_ok = true; - PrintAndLogEx(SUCCESS, _GREEN_("Tear-off Success!")); - PrintAndLogEx(INFO, "Read: %s", sprint_hex(data_read, sizeof(data_read))); + if(expected_values) { + PrintAndLogEx(SUCCESS, _GREEN_("Tear-off Success! -> Expected values")); + } + PrintAndLogEx(INFO, "Read: %s", sprint_hex(data_read, sizeof(data_read))); } else { //tearoff did not succeed PrintAndLogEx(FAILED, _RED_("Tear-off Failed!")); + if(verbose) { + PrintAndLogEx(INFO, "Read: %s", sprint_hex(data_read, sizeof(data_read))); + PrintAndLogEx(INFO, "Expected: %s", sprint_hex(data, sizeof(data))); + } tearoff_start++; } PrintAndLogEx(INFO, "---------------"); From c156e33ad91f65485720e91fffab17ed64dd79de Mon Sep 17 00:00:00 2001 From: Antiklesys Date: Sun, 18 May 2025 01:57:59 +0800 Subject: [PATCH 2/2] Update CHANGELOG.md --- CHANGELOG.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 35bf0769e..2ec90e804 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,8 @@ All notable changes to this project will be documented in this file. This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... ## [unreleased][unreleased] +- Fixed and updated `hf iclass trbl` to correctly use the credit key when passed and show partial tearoff results (@antiklesys) +- Fixed `hf iclass legbrute` was not correctly parsin the index value - Fixed `hf mf ekeyprn` - failed to download emulator memory due to wrong size calculation (@iceman1001) - Fixed `hf mf fchk --mem` to actually use flash dict (@doegox) - Fixed `make install` on OSX thanks DaveItsLong (@doegox) @@ -45,7 +47,7 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac - Changed `hf mf cload` - now accepts MFC Ev1 sized dumps (@iceman1001) - Changed `hf mfu info` - now properly identify ULEv1 AES 50pF (@iceman1001) - Changed `hf mf info` - now differentiates between full USCUID and cut down ZUID chips (@nvx) -- Changed `lf hitag chk` - added key counter, client side abort and minor delay (@iceman1001) +- Changed `lf hitag chk` - added key counter, client side abort and minor delay (@iceman1001) - Added `hf seos sam` - Added support for HID SAM SEOS communications (@jkramarz) - Changed (extended) area accessible by spiffs into last page of FLASH (@piotrva) - Changed flash-stored key dictionaries (Mifare, iClass, T55XX) and T55XX configurations to SPIFFS files (@piotrva)