github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-21 13:53:55 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

run "make style"

Browse source
This commit is contained in:
PhaseLoop 2023-05-08 17:08:24 +00:00
commit 19d7851c73
7 changed files with 124 additions and 98 deletions
Download patch file Download diff file Expand all files Collapse all files

4
armsrc/em4x50.c
View file

@ -643,10 +643,10 @@ static bool brute(em4x50_data_t *etd, uint32_t *pwd) {
bf_generator_init(&ctx, etd->bruteforce_mode);
if(etd->bruteforce_mode == BRUTEFORCE_MODE_CHARSET)
if (etd->bruteforce_mode == BRUTEFORCE_MODE_CHARSET)
bf_generator_set_charset(&ctx, etd->bruteforce_charset);
while ( (generator_ret=bf_generate32(&ctx)) == GENERATOR_NEXT) {
while ((generator_ret = bf_generate32(&ctx)) == GENERATOR_NEXT) {
*pwd = ctx.current_key32;
WDT_HIT();

48
client/src/cmdlfem4x50.c
View file

@ -373,19 +373,19 @@ int CmdEM4x50Brute(const char *Cmd) {
int mode_len = 64;
char mode[64];
CLIGetStrWithReturn(ctx, 1, (uint8_t*) mode, &mode_len);
CLIGetStrWithReturn(ctx, 1, (uint8_t *) mode, &mode_len);
PrintAndLogEx(INFO, "Chosen mode: %s", mode);
if(strcmp(mode, "range") == 0){
if (strcmp(mode, "range") == 0) {
etd.bruteforce_mode = BRUTEFORCE_MODE_RANGE;
} else if(strcmp(mode, "charset") == 0){
} else if (strcmp(mode, "charset") == 0) {
etd.bruteforce_mode = BRUTEFORCE_MODE_CHARSET;
} else {
PrintAndLogEx(FAILED, "Unknown bruteforce mode: %s", mode);
return PM3_EINVARG;
}
if(etd.bruteforce_mode == BRUTEFORCE_MODE_RANGE){
if (etd.bruteforce_mode == BRUTEFORCE_MODE_RANGE) {
int begin_len = 0;
uint8_t begin[4] = {0x0};
CLIGetHexWithReturn(ctx, 2, begin, &begin_len);
@ -394,58 +394,58 @@ int CmdEM4x50Brute(const char *Cmd) {
uint8_t end[4] = {0x0};
CLIGetHexWithReturn(ctx, 3, end, &end_len);
if(begin_len!=4){
if (begin_len != 4) {
PrintAndLogEx(FAILED, "'begin' parameter must be 4 bytes");
return PM3_EINVARG;
}
if(end_len!=4){
if (end_len != 4) {
PrintAndLogEx(FAILED, "'end' parameter must be 4 bytes");
return PM3_EINVARG;
}
etd.password1 = BYTES2UINT32_BE(begin);
etd.password2 = BYTES2UINT32_BE(end);
} else if(etd.bruteforce_mode == BRUTEFORCE_MODE_CHARSET){
} else if (etd.bruteforce_mode == BRUTEFORCE_MODE_CHARSET) {
bool enable_digits = arg_get_lit(ctx, 4);
bool enable_uppercase = arg_get_lit(ctx, 5);
if(enable_digits)
if (enable_digits)
etd.bruteforce_charset |= CHARSET_DIGITS;
if(enable_uppercase)
if (enable_uppercase)
etd.bruteforce_charset |= CHARSET_UPPERCASE;
if(etd.bruteforce_charset == 0){
if (etd.bruteforce_charset == 0) {
PrintAndLogEx(FAILED, "Please enable at least one charset when using charset bruteforce mode.");
return PM3_EINVARG;
}
PrintAndLogEx(INFO, "Enabled charsets: %s%s",
enable_digits ? "digits " : "",
enable_uppercase ? "uppercase " : "");
PrintAndLogEx(INFO, "Enabled charsets: %s%s",
enable_digits ? "digits " : "",
enable_uppercase ? "uppercase " : "");
}
CLIParserFree(ctx);
// 27 passwords/second (empirical value)
const int speed = 27;
int no_iter = 0;
if(etd.bruteforce_mode == BRUTEFORCE_MODE_RANGE){
if (etd.bruteforce_mode == BRUTEFORCE_MODE_RANGE) {
no_iter = etd.password2 - etd.password1 + 1;
PrintAndLogEx(INFO, "Trying " _YELLOW_("%i") " passwords in range [0x%08x, 0x%08x]"
, no_iter
, etd.password1
, etd.password2
);
} else if(etd.bruteforce_mode == BRUTEFORCE_MODE_CHARSET){
, no_iter
, etd.password1
, etd.password2
);
} else if (etd.bruteforce_mode == BRUTEFORCE_MODE_CHARSET) {
unsigned int digits = 0;
if(etd.bruteforce_charset & CHARSET_DIGITS)
if (etd.bruteforce_charset & CHARSET_DIGITS)
digits += CHARSET_DIGITS_SIZE;
if(etd.bruteforce_charset & CHARSET_UPPERCASE)
if (etd.bruteforce_charset & CHARSET_UPPERCASE)
digits += CHARSET_UPPERCASE_SIZE;
no_iter = pow(digits, 4);
@ -457,7 +457,7 @@ int CmdEM4x50Brute(const char *Cmd) {
int dur_m = (dur_s - dur_h * 3600) / 60;
dur_s -= dur_h * 3600 + dur_m * 60;
PrintAndLogEx(INFO, "Estimated duration: %ih %im %is", dur_h, dur_m, dur_s);
// start

1
client/src/pm3line_vocabulory.h
View file

@ -349,6 +349,7 @@ const static vocabulory_t vocabulory[] = {
{ 0, "hf mf gen3freeze" },
{ 0, "hf mf ggetblk" },
{ 0, "hf mf gload" },
{ 0, "hf mf gsave" },
{ 0, "hf mf gsetblk" },
{ 0, "hf mf gview" },
{ 0, "hf mf ndefformat" },

54
common/bruteforce.c
View file

@ -28,50 +28,50 @@ uint8_t charset_uppercase[] = {
'X', 'Y', 'Z'
};
void bf_generator_init(generator_context_t* ctx, uint8_t mode){
void bf_generator_init(generator_context_t *ctx, uint8_t mode) {
memset(ctx, 0, sizeof(generator_context_t));
ctx->mode = mode;
}
int bf_generator_set_charset(generator_context_t* ctx, uint8_t charsets){
if (ctx->mode != BRUTEFORCE_MODE_CHARSET){
int bf_generator_set_charset(generator_context_t *ctx, uint8_t charsets) {
if (ctx->mode != BRUTEFORCE_MODE_CHARSET) {
return -1;
}
if(charsets & CHARSET_DIGITS){
if (charsets & CHARSET_DIGITS) {
memcpy(ctx->charset, charset_digits, sizeof(charset_digits));
ctx->charset_length += sizeof(charset_digits);
}
if(charsets & CHARSET_UPPERCASE){
memcpy(ctx->charset+ctx->charset_length, charset_uppercase, sizeof(charset_uppercase));
if (charsets & CHARSET_UPPERCASE) {
memcpy(ctx->charset + ctx->charset_length, charset_uppercase, sizeof(charset_uppercase));
ctx->charset_length += sizeof(charset_uppercase);
}
return 0;
}
int bf_generate32(generator_context_t *ctx){
int bf_generate32(generator_context_t *ctx) {
switch(ctx->mode){
switch (ctx->mode) {
case BRUTEFORCE_MODE_RANGE:
return _bf_generate_mode_range32(ctx);
case BRUTEFORCE_MODE_CHARSET:
return _bf_generate_mode_charset32(ctx);
}
}
return GENERATOR_ERROR;
return GENERATOR_ERROR;
}
int _bf_generate_mode_range32(generator_context_t *ctx){
if(ctx->current_key32 >= ctx->range_high){
int _bf_generate_mode_range32(generator_context_t *ctx) {
if (ctx->current_key32 >= ctx->range_high) {
return GENERATOR_END;
}
// we use flag1 as indicator if value of range_low was already emitted
// so the range generated is <range_low, range_high>
if(ctx->current_key32 <= ctx->range_low && ctx->flag1==false){
if (ctx->current_key32 <= ctx->range_low && ctx->flag1 == false) {
ctx->current_key32 = ctx->range_low;
ctx->pos[0] = true;
return GENERATOR_NEXT;
@ -81,44 +81,44 @@ int _bf_generate_mode_range32(generator_context_t *ctx){
return GENERATOR_NEXT;
}
int _bf_generate_mode_charset32(generator_context_t *ctx){
int _bf_generate_mode_charset32(generator_context_t *ctx) {
if(ctx->flag1)
if (ctx->flag1)
return GENERATOR_END;
ctx->current_key32 = ctx->charset[ctx->pos[0]] << 24 | ctx->charset[ctx->pos[1]] << 16 |
ctx->charset[ctx->pos[2]] << 8 | ctx->charset[ctx->pos[3]];
if(bf_array_increment(ctx->pos, 4, ctx->charset_length) == -1)
if (bf_array_increment(ctx->pos, 4, ctx->charset_length) == -1)
// set flag1 to emit value last time and end generation
ctx->flag1 = true;
return GENERATOR_NEXT;
}
// increments values in array with carryover using modulo limit for each byte
// this is used to iterate each byte in key over charset table
// returns -1 if incrementing reaches its end
int bf_array_increment(uint8_t *data, uint8_t data_len, uint8_t modulo){
int bf_array_increment(uint8_t *data, uint8_t data_len, uint8_t modulo) {
uint8_t prev_value;
// check if we reached max value already
uint8_t i;
for (i = 0; i < data_len; i++)
if(data[i] < modulo - 1)
if (data[i] < modulo - 1)
break;
if(i == data_len)
return -1;
if (i == data_len)
return -1;
for (uint8_t pos = data_len - 1;; pos--){
for (uint8_t pos = data_len - 1;; pos--) {
prev_value = ++data[pos];
data[pos] = data[pos] % modulo;
if (prev_value == data[pos])
return 0;
else if (pos == 0){
else if (pos == 0) {
// we cannot carryover to next byte
// with the max value check in place before, we should not reach this place
return -1;
@ -144,4 +144,4 @@ int main(){
// printf("Uppercase len: %d\n", sizeof(charset_uppercase));
return 1;
}
*/
*/

10
common/bruteforce.h
View file

@ -25,11 +25,11 @@ typedef uint8_t bruteforce_mode_t;
// bruteforcing all keys sequentially between X and Y
#define BRUTEFORCE_MODE_RANGE 1
// try keys based on limited charset/passphrases
// try keys based on limited charset/passphrases
// some payment systems use user-provided passphrase as system key
#define BRUTEFORCE_MODE_CHARSET 2
// "smart" mode - try some predictable patterns
// "smart" mode - try some predictable patterns
#define BRUTEFORCE_MODE_SMART 3
@ -57,8 +57,8 @@ typedef struct {
uint32_t current_key32;
uint8_t mode;
uint8_t charset[
CHARSET_DIGITS_SIZE
+ CHARSET_UPPERCASE_SIZE
CHARSET_DIGITS_SIZE
+ CHARSET_UPPERCASE_SIZE
];
uint8_t charset_length;
@ -76,4 +76,4 @@ int _bf_generate_mode_range32(generator_context_t *ctx);
int _bf_generate_mode_charset32(generator_context_t *ctx);
int _bf_generate_mode_smart32(generator_context_t *ctx);
int bf_array_increment(uint8_t *data, uint8_t data_len, uint8_t modulo);
#endif // BRUTEFORCE_H__
#endif // BRUTEFORCE_H__

100
doc/commands.json
View file

@ -3391,6 +3391,20 @@
],
"usage": "hf jooki sim [-h] [-b <base64>]"
},
"hf ksx6924 balance": {
"command": "hf ksx6924 balance",
"description": "Gets the current purse balance",
"notes": [
"hf ksx6924 balance"
],
"offline": false,
"options": [
"-h, --help This help",
"-k, --keep keep field ON for next command",
"-a, --apdu Show APDU requests and responses"
],
"usage": "hf ksx6924 balance [-hka]"
},
"hf ksx6924 help": {
"command": "hf ksx6924 help",
"description": "help This help",
@ -3399,19 +3413,6 @@
"options": [],
"usage": ""
},
"hf ksx6924 select": {
"command": "hf ksx6924 select",
"description": "Selects KS X 6924 application, and leaves field up",
"notes": [
"hf ksx6924 select"
],
"offline": false,
"options": [
"-h, --help This help",
"-a, --apdu Show APDU requests and responses"
],
"usage": "hf ksx6924 select [-ha]"
},
"hf ksx6924 info": {
"command": "hf ksx6924 info",
"description": "Get info about a KS X 6924 transit card. This application is used by T-Money (South Korea) and Snapper+ (Wellington, New Zealand).",
@ -3426,23 +3427,9 @@
],
"usage": "hf ksx6924 info [-hka]"
},
"hf ksx6924 balance": {
"command": "hf ksx6924 balance",
"description": "Gets the current purse balance",
"notes": [
"hf ksx6924 balance"
],
"offline": false,
"options": [
"-h, --help This help",
"-k, --keep keep field ON for next command",
"-a, --apdu Show APDU requests and responses"
],
"usage": "hf ksx6924 balance [-hka]"
},
"hf ksx6924 init": {
"command": "hf ksx6924 init",
"description": "Perform transaction initialization (mpda)",
"description": "Perform transaction initialization with Mpda (Money of Purchase Transaction)",
"notes": [
"hf ksx6924 init 000003e8 -> Mpda"
],
@ -3468,7 +3455,19 @@
],
"usage": "hf ksx6924 prec [-hka] <record 1byte HEX>"
},
"hf ksx6924 select": {
"command": "hf ksx6924 select",
"description": "Selects KS X 6924 application, and leaves field up",
"notes": [
"hf ksx6924 select"
],
"offline": false,
"options": [
"-h, --help This help",
"-a, --apdu Show APDU requests and responses"
],
"usage": "hf ksx6924 select [-ha]"
},
"hf legic crc": {
"command": "hf legic crc",
"description": "Calculates the legic crc8/crc16 on the given data",
@ -3971,7 +3970,7 @@
"--1k MIFARE Classic 1k / S50 (def)",
"--2k MIFARE Classic/Plus 2k",
"--4k MIFARE Classic 4k / S70",
"--emu from emulator memory"
"--emu to emulator memory"
],
"usage": "hf mf csave [-h] [-f <fn>] [--mini] [--1k] [--2k] [--4k] [--emu]"
},
@ -4348,6 +4347,27 @@
],
"usage": "hf mf gload [-hv] [--mini] [--1k] [--2k] [--4k] [-p <hex>] [-f <fn>] [--emu] [--start <dec>] [--end <dec>]"
},
"hf mf gsave": {
"command": "hf mf gsave",
"description": "Save `magic gen4 gtu` card memory into three files (BIN/EML/JSON)or into emulator memory",
"notes": [
"hf mf gsave",
"hf mf gsave --4k",
"hf mf gsave -p DEADBEEF -f hf-mf-01020304.json"
],
"offline": false,
"options": [
"-h, --help This help",
"--mini MIFARE Classic Mini / S20",
"--1k MIFARE Classic 1k / S50 (def)",
"--2k MIFARE Classic/Plus 2k",
"--4k MIFARE Classic 4k / S70",
"-p, --pwd <hex> password 4bytes",
"-f, --file <fn> filename of dump",
"--emu to emulator memory"
],
"usage": "hf mf gsave [-h] [--mini] [--1k] [--2k] [--4k] [-p <hex>] [-f <fn>] [--emu]"
},
"hf mf gsetblk": {
"command": "hf mf gsetblk",
"description": "Set block data on a magic gen4 GTU card",
@ -6176,7 +6196,7 @@
},
"hf mfu esave": {
"command": "hf mfu esave",
"description": "Saves emulator memory to a MIFARE Ultralight/NTAG dump file (bin/eml/json) By default number of pages saved depends on defined tag type. You can overrife this with option --end.",
"description": "Saves emulator memory to a MIFARE Ultralight/NTAG dump file (bin/eml/json) By default number of pages saved depends on defined tag type. You can override this with option --end.",
"notes": [
"hf mfu esave",
"hf mfu esave --end 255 -> saves whole memory",
@ -6192,7 +6212,7 @@
},
"hf mfu eview": {
"command": "hf mfu eview",
"description": "Displays emulator memory By default number of pages shown depends on defined tag type. You can overrife this with option --end.",
"description": "Displays emulator memory By default number of pages shown depends on defined tag type. You can override this with option --end.",
"notes": [
"hf mfu eview",
"hf mfu eview --end 255 -> dumps whole memory"
@ -7799,15 +7819,19 @@
"command": "lf em 4x50 brute",
"description": "Tries to bruteforce the password of a EM4x50 card. Function can be stopped by pressing pm3 button.",
"notes": [
"lf em 4x50 brute --first 12330000 --last 12340000 -> tries pwds from 0x12330000 to 0x1234000000"
"lf em 4x50 brute --mode range --begin 12330000 --end 12340000 -> tries pwds from 0x12330000 to 0x12340000",
"lf em 4x50 brute --mode charset --digits --uppercase -> tries all combinations of ASCII codes for digits and uppercase letters"
],
"offline": false,
"options": [
"-h, --help This help",
"--first <hex> first password (start), 4 bytes, lsb",
"--last <hex> last password (stop), 4 bytes, lsb"
"--mode <str> Bruteforce mode (range|charset)",
"--begin <hex> Range mode - start of the key range",
"--end <hex> Range mode - end of the key range",
"--digits Charset mode - include ASCII codes for digits",
"--uppercase Charset mode - include ASCII codes for uppercase letters"
],
"usage": "lf em 4x50 brute [-h] --first <hex> --last <hex>"
"usage": "lf em 4x50 brute [-h] --mode <str> [--begin <hex>] [--end <hex>] [--digits] [--uppercase]"
},
"lf em 4x50 chk": {
"command": "lf em 4x50 chk",
@ -11616,8 +11640,8 @@
}
},
"metadata": {
"commands_extracted": 732,
"commands_extracted": 733,
"extracted_by": "PM3Help2JSON v1.00",
"extracted_on": "2022-11-20T20:19:15"
"extracted_on": "2023-05-08T17:05:11"
}
}

5
doc/commands.md
View file

@ -370,7 +370,7 @@ Check column "offline" for their availability.
|`hf ksx6924 select `|N |`Select application, and leave field up`
|`hf ksx6924 info `|N |`Get info about a KS X 6924 (T-Money, Snapper+) transit card`
|`hf ksx6924 balance `|N |`Get current purse balance`
|`hf ksx6924 init `|N |`Perform transaction initialization with Mpda (Money of Purchase Transaction)`
|`hf ksx6924 init `|N |`Perform transaction initialization with Mpda`
|`hf ksx6924 prec `|N |`Send proprietary get record command (CLA=90, INS=4C)`
@ -512,6 +512,7 @@ Check column "offline" for their availability.
|`hf mf gen3freeze `|N |`Perma lock UID changes. irreversible`
|`hf mf ggetblk `|N |`Read block from card`
|`hf mf gload `|N |`Load dump to card`
|`hf mf gsave `|N |`Save dump from card into file or emulator`
|`hf mf gsetblk `|N |`Write block to card`
|`hf mf gview `|N |`View card`
|`hf mf ndefformat `|N |`Format MIFARE Classic Tag as NFC Tag`
@ -851,7 +852,7 @@ Check column "offline" for their availability.
|command |offline |description
|------- |------- |-----------
|`lf em 4x50 help `|Y |`This help`
|`lf em 4x50 brute `|N |`Simple bruteforce attack to find password`
|`lf em 4x50 brute `|N |`Bruteforce attack to find password`
|`lf em 4x50 chk `|N |`Check passwords from dictionary`
|`lf em 4x50 dump `|N |`Dump EM4x50 tag`
|`lf em 4x50 info `|N |`Tag information`