mirror of
https://github.com/RfidResearchGroup/proxmark3.git
synced 2025-08-20 13:23:51 -07:00
update
This commit is contained in:
PhaseLoop
parent
71c12c1828
commit
4003ad72fe
4 changed files with 56 additions and 20 deletions
|
|
@ -643,8 +643,12 @@ static bool brute(em4x50_data_t *etd, uint32_t *pwd) {
|
||||||
|
|
||||||
bf_generator_init(&ctx, etd->bruteforce_mode, BF_KEY_SIZE_32);
|
bf_generator_init(&ctx, etd->bruteforce_mode, BF_KEY_SIZE_32);
|
||||||
|
|
||||||
if (etd->bruteforce_mode == BF_MODE_CHARSET)
|
if (etd->bruteforce_mode == BF_MODE_CHARSET){
|
||||||
bf_generator_set_charset(&ctx, etd->bruteforce_charset);
|
bf_generator_set_charset(&ctx, etd->bruteforce_charset);
|
||||||
|
} else if (etd->bruteforce_mode == BF_MODE_RANGE){
|
||||||
|
ctx.range_low = etd->password1;
|
||||||
|
ctx.range_high = etd->password2;
|
||||||
|
}
|
||||||
|
|
||||||
while ((generator_ret = bf_generate(&ctx)) == BF_GENERATOR_NEXT) {
|
while ((generator_ret = bf_generate(&ctx)) == BF_GENERATOR_NEXT) {
|
||||||
*pwd = bf_get_key32(&ctx);
|
*pwd = bf_get_key32(&ctx);
|
||||||
|
|
|
||||||
|
|
@ -354,11 +354,12 @@ int CmdEM4x50Brute(const char *Cmd) {
|
||||||
|
|
||||||
"lf em 4x50 brute --mode range --begin 12330000 --end 12340000 -> tries pwds from 0x12330000 to 0x12340000\n"
|
"lf em 4x50 brute --mode range --begin 12330000 --end 12340000 -> tries pwds from 0x12330000 to 0x12340000\n"
|
||||||
"lf em 4x50 brute --mode charset --digits --uppercase -> tries all combinations of ASCII codes for digits and uppercase letters\n"
|
"lf em 4x50 brute --mode charset --digits --uppercase -> tries all combinations of ASCII codes for digits and uppercase letters\n"
|
||||||
|
"lf em 4x50 brute --mode smart -> enable 'smart' pattern key cracking\n"
|
||||||
);
|
);
|
||||||
|
|
||||||
void *argtable[] = {
|
void *argtable[] = {
|
||||||
arg_param_begin,
|
arg_param_begin,
|
||||||
arg_str1(NULL, "mode", "<str>", "Bruteforce mode (range|charset)"),
|
arg_str1(NULL, "mode", "<str>", "Bruteforce mode (range|charset|smart)"),
|
||||||
arg_str0(NULL, "begin", "<hex>", "Range mode - start of the key range"),
|
arg_str0(NULL, "begin", "<hex>", "Range mode - start of the key range"),
|
||||||
arg_str0(NULL, "end", "<hex>", "Range mode - end of the key range"),
|
arg_str0(NULL, "end", "<hex>", "Range mode - end of the key range"),
|
||||||
arg_lit0(NULL, "digits", "Charset mode - include ASCII codes for digits"),
|
arg_lit0(NULL, "digits", "Charset mode - include ASCII codes for digits"),
|
||||||
|
|
@ -380,7 +381,10 @@ int CmdEM4x50Brute(const char *Cmd) {
|
||||||
etd.bruteforce_mode = BF_MODE_RANGE;
|
etd.bruteforce_mode = BF_MODE_RANGE;
|
||||||
} else if (strcmp(mode, "charset") == 0) {
|
} else if (strcmp(mode, "charset") == 0) {
|
||||||
etd.bruteforce_mode = BF_MODE_CHARSET;
|
etd.bruteforce_mode = BF_MODE_CHARSET;
|
||||||
} else {
|
} else if (strcmp(mode, "smart") == 0){
|
||||||
|
etd.bruteforce_mode = BF_MODE_SMART;
|
||||||
|
} else
|
||||||
|
{
|
||||||
PrintAndLogEx(FAILED, "Unknown bruteforce mode: %s", mode);
|
PrintAndLogEx(FAILED, "Unknown bruteforce mode: %s", mode);
|
||||||
return PM3_EINVARG;
|
return PM3_EINVARG;
|
||||||
}
|
}
|
||||||
|
|
@ -458,7 +462,10 @@ int CmdEM4x50Brute(const char *Cmd) {
|
||||||
|
|
||||||
dur_s -= dur_h * 3600 + dur_m * 60;
|
dur_s -= dur_h * 3600 + dur_m * 60;
|
||||||
|
|
||||||
PrintAndLogEx(INFO, "Estimated duration: %ih %im %is", dur_h, dur_m, dur_s);
|
if ( no_iter > 0 )
|
||||||
|
PrintAndLogEx(INFO, "Estimated duration: %ih %im %is", dur_h, dur_m, dur_s);
|
||||||
|
else
|
||||||
|
PrintAndLogEx(INFO, "Estimated duration: unknown");
|
||||||
|
|
||||||
// start
|
// start
|
||||||
clearCommandBuffer();
|
clearCommandBuffer();
|
||||||
|
|
|
||||||
|
|
@ -29,15 +29,15 @@ uint8_t charset_uppercase[] = {
|
||||||
};
|
};
|
||||||
|
|
||||||
smart_generator_t *smart_generators[] = {
|
smart_generator_t *smart_generators[] = {
|
||||||
smart_generator_test1,
|
smart_generator_byte_repeat,
|
||||||
smart_generator_test2,
|
|
||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
void bf_generator_init(generator_context_t *ctx, uint8_t mode, uint8_t key_size) {
|
void bf_generator_init(generator_context_t *ctx, uint8_t mode, uint8_t key_length) {
|
||||||
memset(ctx, 0, sizeof(generator_context_t));
|
memset(ctx, 0, sizeof(generator_context_t));
|
||||||
ctx->mode = mode;
|
ctx->mode = mode;
|
||||||
|
ctx->key_length = key_length;
|
||||||
}
|
}
|
||||||
|
|
||||||
int bf_generator_set_charset(generator_context_t *ctx, uint8_t charsets) {
|
int bf_generator_set_charset(generator_context_t *ctx, uint8_t charsets) {
|
||||||
|
|
@ -65,7 +65,10 @@ int bf_generate(generator_context_t *ctx) {
|
||||||
return _bf_generate_mode_range(ctx);
|
return _bf_generate_mode_range(ctx);
|
||||||
case BF_MODE_CHARSET:
|
case BF_MODE_CHARSET:
|
||||||
return _bf_generate_mode_charset(ctx);
|
return _bf_generate_mode_charset(ctx);
|
||||||
}
|
|
||||||
|
case BF_MODE_SMART:
|
||||||
|
return _bf_generate_mode_smart(ctx);
|
||||||
|
}
|
||||||
|
|
||||||
return BF_GENERATOR_ERROR;
|
return BF_GENERATOR_ERROR;
|
||||||
}
|
}
|
||||||
|
|
@ -112,6 +115,14 @@ uint64_t bf_get_key48(generator_context_t *ctx){
|
||||||
return ctx->current_key & 0xFFFFFFFFFFFF;
|
return ctx->current_key & 0xFFFFFFFFFFFF;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void bf_generator_clear(generator_context_t *ctx){
|
||||||
|
ctx->flag1 = 0;
|
||||||
|
ctx->flag2 = 0;
|
||||||
|
ctx->flag3 = 0;
|
||||||
|
ctx->counter1 = 0;
|
||||||
|
ctx->counter2 = 0;
|
||||||
|
}
|
||||||
|
|
||||||
int _bf_generate_mode_range(generator_context_t *ctx) {
|
int _bf_generate_mode_range(generator_context_t *ctx) {
|
||||||
|
|
||||||
if (ctx->key_length != BF_KEY_SIZE_32 && ctx->key_length != BF_KEY_SIZE_48)
|
if (ctx->key_length != BF_KEY_SIZE_32 && ctx->key_length != BF_KEY_SIZE_48)
|
||||||
|
|
@ -135,35 +146,35 @@ int _bf_generate_mode_range(generator_context_t *ctx) {
|
||||||
|
|
||||||
int _bf_generate_mode_charset(generator_context_t *ctx) {
|
int _bf_generate_mode_charset(generator_context_t *ctx) {
|
||||||
|
|
||||||
if (ctx->key_length != BF_KEY_SIZE_32 && ctx->key_length != BF_KEY_SIZE_48)
|
if (ctx->key_length != BF_KEY_SIZE_32 && ctx->key_length != BF_KEY_SIZE_48){
|
||||||
return BF_GENERATOR_ERROR;
|
return BF_GENERATOR_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
if (ctx->flag1)
|
if (ctx->flag1)
|
||||||
return BF_GENERATOR_END;
|
return BF_GENERATOR_END;
|
||||||
|
|
||||||
uint8_t key_byte = 0;
|
uint8_t key_byte = 0;
|
||||||
|
ctx->current_key = 0;
|
||||||
|
|
||||||
for (key_byte = 0; key_byte < ctx->key_length;key_byte++){
|
for (key_byte = 0; key_byte < ctx->key_length; key_byte++)
|
||||||
ctx->current_key |= ctx->charset[ctx->pos[key_byte]] << ((ctx->key_length - key_byte) - 1 * 8);
|
{
|
||||||
|
ctx->current_key |= (uint64_t) ctx->charset[ctx->pos[key_byte]] << ((ctx->key_length - key_byte - 1) * 8);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
if (bf_array_increment(ctx->pos, ctx->key_length, ctx->charset_length) == -1)
|
if (bf_array_increment(ctx->pos, ctx->key_length, ctx->charset_length) == -1)
|
||||||
// set flag1 to emit value last time and end generation
|
// set flag1 to emit value last time and end generation on next call
|
||||||
ctx->flag1 = true;
|
ctx->flag1 = true;
|
||||||
|
|
||||||
return BF_GENERATOR_NEXT;
|
return BF_GENERATOR_NEXT;
|
||||||
}
|
}
|
||||||
|
|
||||||
int bf_generate_mode_smart(generator_context_t *ctx){
|
int _bf_generate_mode_smart(generator_context_t *ctx){
|
||||||
|
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
while(1){
|
while(1){
|
||||||
|
|
||||||
if (smart_generators[ctx->smart_mode_stage] == NULL)
|
if (smart_generators[ctx->smart_mode_stage] == NULL)
|
||||||
return BF_GENERATOR_END;
|
return BF_GENERATOR_END;
|
||||||
|
|
||||||
ret = smart_generators[ctx->smart_mode_stage](ctx);
|
ret = smart_generators[ctx->smart_mode_stage](ctx);
|
||||||
|
|
||||||
|
|
@ -174,14 +185,28 @@ int bf_generate_mode_smart(generator_context_t *ctx){
|
||||||
return ret;
|
return ret;
|
||||||
case BF_GENERATOR_END:
|
case BF_GENERATOR_END:
|
||||||
ctx->smart_mode_stage++;
|
ctx->smart_mode_stage++;
|
||||||
|
bf_generator_clear(ctx);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int smart_generator_test1(generator_context_t *ctx){
|
int smart_generator_byte_repeat(generator_context_t *ctx){
|
||||||
return 0;
|
// key consists of repeated single byte
|
||||||
|
uint32_t current_byte = ctx->counter1;
|
||||||
|
|
||||||
|
if (current_byte > 0xFF)
|
||||||
|
return BF_GENERATOR_END;
|
||||||
|
|
||||||
|
ctx->current_key = 0;
|
||||||
|
|
||||||
|
for (uint8_t key_byte = 0; key_byte < ctx->key_length;key_byte++){
|
||||||
|
ctx->current_key |= (uint64_t)current_byte << ((ctx->key_length - key_byte - 1) * 8);
|
||||||
|
}
|
||||||
|
|
||||||
|
ctx->counter1++;
|
||||||
|
return BF_GENERATOR_NEXT;
|
||||||
}
|
}
|
||||||
int smart_generator_test2(generator_context_t *ctx){
|
int smart_generator_test2(generator_context_t *ctx){
|
||||||
return 0;
|
return 0;
|
||||||
|
|
|
||||||
|
|
@ -95,7 +95,7 @@ typedef int (smart_generator_t)(generator_context_t *ctx);
|
||||||
|
|
||||||
int bf_generate_mode_smart(generator_context_t *ctx);
|
int bf_generate_mode_smart(generator_context_t *ctx);
|
||||||
|
|
||||||
int smart_generator_test1(generator_context_t *ctx);
|
int smart_generator_byte_repeat(generator_context_t *ctx);
|
||||||
int smart_generator_test2(generator_context_t *ctx);
|
int smart_generator_test2(generator_context_t *ctx);
|
||||||
|
|
||||||
extern smart_generator_t *smart_generators[]; // array of smart cracking functions
|
extern smart_generator_t *smart_generators[]; // array of smart cracking functions
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue