chg: 'hf iclass loclass' output newline.

client/loclass/elite_crack.c

@@ -281,10 +281,9 @@ int _readFromDump(uint8_t dump[], dumpdata* item, uint8_t i)
 {
 	size_t itemsize = sizeof(dumpdata);
 	//dumpdata item =  {0};
-	memcpy(item,dump+i*itemsize, itemsize);
+	memcpy(item, dump+i*itemsize, itemsize);
 
-	if(true)
-	{
+	if(true) {
 		printvar("csn", item->csn,8);
 		printvar("cc_nr", item->cc_nr,12);
 		printvar("mac", item->mac,4);
@@ -292,7 +291,7 @@ int _readFromDump(uint8_t dump[], dumpdata* item, uint8_t i)
 	return 0;
 }
 
-static uint32_t startvalue = 0;
+//static uint32_t startvalue = 0;
 /**
  * @brief Performs brute force attack against a dump-data item, containing csn, cc_nr and mac.
  *This method calculates the hash1 for the CSN, and determines what bytes need to be bruteforced
@@ -354,22 +353,22 @@ int bruteforceItem(dumpdata item, uint16_t keytable[])
 	/*
 	 *A uint32 has room for 4 bytes, we'll only need 24 of those bits to bruteforce up to three bytes,
 	 */
-	uint32_t brute = startvalue;
+	//uint32_t brute = startvalue;
+	uint32_t brute = 0;
 	/*
 	   Determine where to stop the bruteforce. A 1-byte attack stops after 256 tries,
 	   (when brute reaches 0x100). And so on...
-	   bytes_to_recover = 1 --> endmask = 0x0000100
-	   bytes_to_recover = 2 --> endmask = 0x0010000
-	   bytes_to_recover = 3 --> endmask = 0x1000000
+	   bytes_to_recover = 1 --> endmask = 0x000000100
+	   bytes_to_recover = 2 --> endmask = 0x000010000
+	   bytes_to_recover = 3 --> endmask = 0x001000000
 	*/
 
 	uint32_t endmask =  1 << 8*numbytes_to_recover;
 
-	for(i =0 ; i < numbytes_to_recover && numbytes_to_recover > 1; i++)
+	for (i =0 ; i < numbytes_to_recover && numbytes_to_recover > 1; i++)
 		prnlog("Bruteforcing byte %d", bytes_to_recover[i]);
 
-	while(!found && !(brute & endmask))
-	{
+	while (!found && !(brute & endmask)) {
 		//Update the keytable with the brute-values
 		for (i=0; i < numbytes_to_recover; i++) {
 			keytable[bytes_to_recover[i]] &= 0xFF00;
@@ -393,22 +392,24 @@ int bruteforceItem(dumpdata item, uint16_t keytable[])
 		//Calc mac
 		doMAC(item.cc_nr, div_key, calculated_MAC);
 
-		if(memcmp(calculated_MAC, item.mac, 4) == 0) {
-			for(i =0 ; i < numbytes_to_recover; i++)
+		if (memcmp(calculated_MAC, item.mac, 4) == 0) {
+			printf("\r\n");
+			for(i =0 ; i < numbytes_to_recover; i++) {
 				prnlog("=> %d: 0x%02x", bytes_to_recover[i],0xFF & keytable[bytes_to_recover[i]]);	
+			}
 			found = true;
 			break;
 		}
 		
 		brute++;
 		if ((brute & 0xFFFF) == 0) {
-			printf("%d",(brute >> 16) & 0xFF);
+			printf("%d,",(brute >> 16) & 0xFF);
 			fflush(stdout);
 		}
 	}
 	if (!found) {
-		prnlog("Failed to recover %d bytes using the following CSN",numbytes_to_recover);
-		printvar("CSN",item.csn,8);
+		prnlog("Failed to recover %d bytes using the following CSN", numbytes_to_recover);
+		printvar("CSN", item.csn, 8);
 		errors++;
 
 		//Before we exit, reset the 'BEING_CRACKED' to zero
@@ -509,13 +510,13 @@ int bruteforceDump(uint8_t dump[], size_t dumpsize, uint16_t keytable[])
 
 	for(i = 0 ; i * itemsize < dumpsize ; i++ )
 	{
-		memcpy(attack,dump+i*itemsize, itemsize);
+		memcpy(attack, dump + i * itemsize, itemsize);
 		errors += bruteforceItem(*attack, keytable);
 	}
 	free(attack);
 	t1 = msclock() - t1;
 	float diff = ((float)t1 / CLOCKS_PER_SEC );
-	prnlog("\nPerformed full crack in %f seconds",diff);
+	prnlog("\nPerformed full crack in %.1f seconds",diff);
 
 	// Pick out the first 16 bytes of the keytable.
 	// The keytable is now in 16-bit ints, where the upper 8 bits
@@ -526,10 +527,9 @@ int bruteforceDump(uint8_t dump[], size_t dumpsize, uint16_t keytable[])
 	for(i = 0 ; i < 16 ; i++)
 	{
 		first16bytes[i] = keytable[i] & 0xFF;
+		
 		if(!(keytable[i] & CRACKED))
-		{
 			prnlog("Error, we are missing byte %d, custom key calculation will fail...", i);
-		}
 	}
 	errors += calculateMasterKey(first16bytes, NULL);
 	return errors;