github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-24 07:05:40 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

extra ev2 challenges

Browse source
This commit is contained in:
iceman1001 2022-02-06 20:56:33 +01:00
commit 1e35567e15
1 changed files with 104 additions and 69 deletions
Download patch file Download diff file Expand all files Collapse all files

173
client/src/cmdtrace.c
View file

@ -97,6 +97,27 @@ static uint8_t extract_epurse[8] = {0};
#define SKIP_TO_NEXT(a) (TRACELOG_HDR_LEN + (a)->data_len + TRACELOG_PARITY_LEN((a))) #define SKIP_TO_NEXT(a) (TRACELOG_HDR_LEN + (a)->data_len + TRACELOG_PARITY_LEN((a)))
static uint16_t extractChall_ev2(uint16_t tracepos, uint8_t *trace, uint8_t cmdpos, uint8_t long_jmp) {
tracelog_hdr_t *next_hdr = (tracelog_hdr_t *)(trace + tracepos);
if (next_hdr->data_len != 21) {
return 0;
}
tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr);
PrintAndLogEx(INFO, "1499999999 %s " NOLF, sprint_hex_inrow(next_hdr->frame + 1, 16));
next_hdr = (tracelog_hdr_t *)(trace + tracepos);
tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr);
if (next_hdr->frame[cmdpos] == MFDES_ADDITIONAL_FRAME) {
PrintAndLogEx(NORMAL, "%s", sprint_hex_inrow(next_hdr->frame + cmdpos + long_jmp, 32));
} else {
PrintAndLogEx(NORMAL, "");
}
return tracepos;
}
static uint16_t extractChallenges(uint16_t tracepos, uint16_t traceLen, uint8_t *trace) { static uint16_t extractChallenges(uint16_t tracepos, uint16_t traceLen, uint8_t *trace) {
// sanity check // sanity check
@ -270,6 +291,10 @@ static uint16_t extractChallenges(uint16_t tracepos, uint16_t traceLen, uint8_t
return tracepos; return tracepos;
} }
if (hdr->isResponse) {
return tracepos;
}
// PCB [CID] [NAD] [INF] CRC CRC // PCB [CID] [NAD] [INF] CRC CRC
uint8_t pos = calc_pos(frame); uint8_t pos = calc_pos(frame);
uint8_t long_jmp = (data_len > 6) ? 4 : 1; uint8_t long_jmp = (data_len > 6) ? 4 : 1;
@ -279,93 +304,103 @@ static uint16_t extractChallenges(uint16_t tracepos, uint16_t traceLen, uint8_t
switch (frame[pos]) { switch (frame[pos]) {
case MFDES_AUTHENTICATE: { case MFDES_AUTHENTICATE: {
// Assume wrapped or unwrapped // Assume wrapped or unwrapped
PrintAndLogEx(INFO, "AUTH NATIVE (keyNo %d)", frame[pos + long_jmp]); PrintAndLogEx(INFO, "AUTH NATIVE (keyNo %d)", frame[pos + long_jmp]);
if (next_record_is_response(tracepos, trace) == false) {
if (hdr->isResponse == false && next_record_is_response(tracepos, trace)) { break;
tracelog_hdr_t *next_hdr = (tracelog_hdr_t *)(trace + tracepos);
tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr);
if (next_hdr->data_len < 7) {
break;
}
PrintAndLogEx(INFO, "DES 1499999999 %s " NOLF, sprint_hex_inrow(next_hdr->frame + 1, 8));
next_hdr = (tracelog_hdr_t *)(trace + tracepos);
tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr);
if (next_hdr->frame[pos] == MFDES_ADDITIONAL_FRAME) {
PrintAndLogEx(NORMAL, "%s", sprint_hex_inrow(next_hdr->frame + pos + long_jmp, 16));
}
return tracepos;
} }
break; // AUTHENTICATE_NATIVE
tracelog_hdr_t *next_hdr = (tracelog_hdr_t *)(trace + tracepos);
if (next_hdr->data_len < 7) {
break;
}
tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr);
PrintAndLogEx(INFO, "DES 1499999999 %s " NOLF, sprint_hex_inrow(next_hdr->frame + 1, 8));
next_hdr = (tracelog_hdr_t *)(trace + tracepos);
tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr);
if (next_hdr->frame[pos] == MFDES_ADDITIONAL_FRAME) {
PrintAndLogEx(NORMAL, "%s", sprint_hex_inrow(next_hdr->frame + pos + long_jmp, 16));
} else {
PrintAndLogEx(NORMAL, "");
}
return tracepos; // AUTHENTICATE_NATIVE
} }
case MFDES_AUTHENTICATE_ISO: { case MFDES_AUTHENTICATE_ISO: {
// Assume wrapped or unwrapped // Assume wrapped or unwrapped
PrintAndLogEx(INFO, "AUTH ISO (keyNo %d)", frame[pos + long_jmp]); PrintAndLogEx(INFO, "AUTH ISO (keyNo %d)", frame[pos + long_jmp]);
if (hdr->isResponse == false && next_record_is_response(tracepos, trace)) { if (next_record_is_response(tracepos, trace) == false) {
break;
tracelog_hdr_t *next_hdr = (tracelog_hdr_t *)(trace + tracepos);
tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr);
if (next_hdr->data_len < 7) {
break;
}
uint8_t tdea = 8;
if (next_hdr->data_len > 20) {
tdea = 16;
PrintAndLogEx(INFO, "3TDEA 1499999999 %s " NOLF, sprint_hex_inrow(next_hdr->frame + 1, tdea));
} else {
PrintAndLogEx(INFO, "2TDEA 1499999999 %s " NOLF, sprint_hex_inrow(next_hdr->frame + 1, tdea));
}
next_hdr = (tracelog_hdr_t *)(trace + tracepos);
tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr);
if (next_hdr->frame[pos] == MFDES_ADDITIONAL_FRAME) {
PrintAndLogEx(NORMAL, "%s", sprint_hex_inrow(next_hdr->frame + pos + long_jmp, (tdea << 1)));
}
return tracepos;
} }
break; // AUTHENTICATE_STANDARD tracelog_hdr_t *next_hdr = (tracelog_hdr_t *)(trace + tracepos);
tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr);
if (next_hdr->data_len < 7) {
break;
}
uint8_t tdea = 8;
if (next_hdr->data_len > 20) {
tdea = 16;
PrintAndLogEx(INFO, "3TDEA 1499999999 %s " NOLF, sprint_hex_inrow(next_hdr->frame + 1, tdea));
} else {
PrintAndLogEx(INFO, "2TDEA 1499999999 %s " NOLF, sprint_hex_inrow(next_hdr->frame + 1, tdea));
}
next_hdr = (tracelog_hdr_t *)(trace + tracepos);
tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr);
if (next_hdr->frame[pos] == MFDES_ADDITIONAL_FRAME) {
PrintAndLogEx(NORMAL, "%s", sprint_hex_inrow(next_hdr->frame + pos + long_jmp, (tdea << 1)));
} else {
PrintAndLogEx(NORMAL, "");
}
return tracepos; // AUTHENTICATE_STANDARD
} }
case MFDES_AUTHENTICATE_AES: { case MFDES_AUTHENTICATE_AES: {
// Assume wrapped or unwrapped // Assume wrapped or unwrapped
PrintAndLogEx(INFO, "AUTH AES (keyNo %d)", frame[pos + long_jmp]); PrintAndLogEx(INFO, "AUTH AES (keyNo %d)", frame[pos + long_jmp]);
if (hdr->isResponse == false && next_record_is_response(tracepos, trace)) { if (next_record_is_response(tracepos, trace)) {
break;
tracelog_hdr_t *next_hdr = (tracelog_hdr_t *)(trace + tracepos);
tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr);
if (next_hdr->data_len < 7) {
break;
}
PrintAndLogEx(INFO, "AES 1499999999 %s " NOLF, sprint_hex_inrow(next_hdr->frame + 1, 8));
next_hdr = (tracelog_hdr_t *)(trace + tracepos);
tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr);
if (next_hdr->frame[pos] == MFDES_ADDITIONAL_FRAME) {
PrintAndLogEx(NORMAL, "%s", sprint_hex_inrow(next_hdr->frame + pos + long_jmp, 16));
}
return tracepos;
} }
break;
tracelog_hdr_t *next_hdr = (tracelog_hdr_t *)(trace + tracepos);
tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr);
if (next_hdr->data_len < 7) {
break;
}
PrintAndLogEx(INFO, "AES 1499999999 %s " NOLF, sprint_hex_inrow(next_hdr->frame + 1, 8));
next_hdr = (tracelog_hdr_t *)(trace + tracepos);
tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr);
if (next_hdr->frame[pos] == MFDES_ADDITIONAL_FRAME) {
PrintAndLogEx(NORMAL, "%s", sprint_hex_inrow(next_hdr->frame + pos + long_jmp, 16));
} else {
PrintAndLogEx(NORMAL, "");
}
return tracepos;
} }
case MFDES_AUTHENTICATE_EV2F: { case MFDES_AUTHENTICATE_EV2F: {
if (hdr->isResponse == false) { PrintAndLogEx(INFO, "AUTH EV2 First");
PrintAndLogEx(INFO, "AUTH EV2 First"); uint16_t tmp = extractChall_ev2(tracepos, trace, pos, long_jmp);
} if (tmp == 0)
break; break;
else
return tmp;
} }
case MFDES_AUTHENTICATE_EV2NF: { case MFDES_AUTHENTICATE_EV2NF: {
if (hdr->isResponse == false) { PrintAndLogEx(INFO, "AUTH EV2 Non First");
PrintAndLogEx(INFO, "AUTH EV2 Non First"); uint16_t tmp = extractChall_ev2(tracepos, trace, pos, long_jmp);
} if (tmp == 0)
break; break;
else
return tmp;
} }
} }
} }