github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-21 05:43:48 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

better OTP update sanity check by @jmichelp. Checks every bytewise if any bit is 0

Browse source
This commit is contained in:
iceman1001 2025-03-19 15:34:20 +01:00
commit 1bd811f7a1
1 changed files with 10 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

15
armsrc/iso14443a.c
View file

@ -1742,12 +1742,17 @@ void SimulateIso14443aTag(uint8_t tagType, uint16_t flags, uint8_t *useruid, uin
} }
// OTP sanity check // OTP sanity check
// Quite a bad one, one should look at all individual bits and see if anyone tries be set as zero
// we cheat and do fat 00000000 check instead
if (block == 0x03) { if (block == 0x03) {
if (memcmp(receivedCmd + 2, "\x00\x00\x00\x00", 4) == 0) {
// OTP can't be set back to zero uint8_t orig[4] = {0};
// send NACK 0x0 == invalid argument, emlGet(orig, 12 + MFU_DUMP_PREFIX_LENGTH, 4);
bool risky = false;
for (int i = 0; i < len; i++) {
risky |= orig[i] & ~receivedCmd[2 + i];
}
if (risky) {
EmSend4bit(CARD_NACK_IV); EmSend4bit(CARD_NACK_IV);
goto jump; goto jump;
} }