github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-21 05:43:48 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

check all keys...

Browse source
This commit is contained in:
iceman1001 2020-08-31 03:04:32 +02:00
commit 441bf920fc
3 changed files with 17 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

2
armsrc/appmain.c
View file

@ -1248,7 +1248,7 @@ static void PacketReceived(PacketCommandNG *packet) {
break; break;
} }
case CMD_HF_MIFARE_CHKKEYS: { case CMD_HF_MIFARE_CHKKEYS: {
MifareChkKeys(packet->data.asBytes); MifareChkKeys(packet->data.asBytes, false);
break; break;
} }
case CMD_HF_MIFARE_CHKKEYS_FAST: { case CMD_HF_MIFARE_CHKKEYS_FAST: {

27
armsrc/mifarecmd.c
View file

@ -34,6 +34,7 @@
#include "ticks.h" #include "ticks.h"
#include "usb_cdc.h" // usb_poll_validate_length #include "usb_cdc.h" // usb_poll_validate_length
#include "spiffs.h" // spiffs #include "spiffs.h" // spiffs
#include "appmain.h" // print_stack_usage
#ifndef HARDNESTED_AUTHENTICATION_TIMEOUT #ifndef HARDNESTED_AUTHENTICATION_TIMEOUT
# define HARDNESTED_AUTHENTICATION_TIMEOUT 848 // card times out 1ms after wrong authentication (according to NXP documentation) # define HARDNESTED_AUTHENTICATION_TIMEOUT 848 // card times out 1ms after wrong authentication (according to NXP documentation)
@ -1108,13 +1109,10 @@ void MifareStaticNested(uint8_t blockNo, uint8_t keyType, uint8_t targetBlockNo,
uint64_t ui64Key = 0; uint64_t ui64Key = 0;
ui64Key = bytes_to_num(key, 6); ui64Key = bytes_to_num(key, 6);
// variables
uint16_t len; uint16_t len;
uint8_t uid[10] = {0x00}; uint8_t uid[10] = {0x00};
uint32_t cuid = 0, nt1, nt2; uint32_t cuid = 0, nt1, nt2;
uint32_t target_nt = {0x00}, target_ks = {0x00}; uint32_t target_nt = 0, target_ks = 0;
uint8_t par[1] = {0x00}; uint8_t par[1] = {0x00};
uint8_t receivedAnswer[10] = {0x00}; uint8_t receivedAnswer[10] = {0x00};
@ -1132,7 +1130,6 @@ void MifareStaticNested(uint8_t blockNo, uint8_t keyType, uint8_t targetBlockNo,
set_tracing(true); set_tracing(true);
int16_t isOK = 0; int16_t isOK = 0;
LED_C_ON(); LED_C_ON();
for (uint8_t retry = 0; retry < 3 && (isOK == 0); retry++) { for (uint8_t retry = 0; retry < 3 && (isOK == 0); retry++) {
@ -1152,7 +1149,7 @@ void MifareStaticNested(uint8_t blockNo, uint8_t keyType, uint8_t targetBlockNo,
continue; continue;
}; };
// First authenticatoin. Normal auth. // First authentication. Normal auth.
if (mifare_classic_authex(pcs, cuid, blockNo, keyType, ui64Key, AUTH_FIRST, &nt1, NULL)) { if (mifare_classic_authex(pcs, cuid, blockNo, keyType, ui64Key, AUTH_FIRST, &nt1, NULL)) {
if (DBGLEVEL >= DBG_INFO) Dbprintf("Nested: Auth1 error"); if (DBGLEVEL >= DBG_INFO) Dbprintf("Nested: Auth1 error");
retry--; retry--;
@ -1167,9 +1164,8 @@ void MifareStaticNested(uint8_t blockNo, uint8_t keyType, uint8_t targetBlockNo,
}; };
nt2 = bytes_to_num(receivedAnswer, 4); nt2 = bytes_to_num(receivedAnswer, 4);
uint32_t nt_tmp = prng_successor(nt1, 160); target_nt = prng_successor(nt1, 160);
target_ks = nt2 ^ nt_tmp; target_ks = nt2 ^ target_nt;
target_nt = nt_tmp;
isOK = 1; isOK = 1;
if (DBGLEVEL >= DBG_DEBUG) Dbprintf("Testing nt1=%08x nt2enc=%08x nt2par=%02x ks=%08x", nt1, nt2, par[0], target_ks); if (DBGLEVEL >= DBG_DEBUG) Dbprintf("Testing nt1=%08x nt2enc=%08x nt2par=%02x ks=%08x", nt1, nt2, par[0], target_ks);
@ -1689,7 +1685,7 @@ OUT:
DBGLEVEL = oldbg; DBGLEVEL = oldbg;
} }
void MifareChkKeys(uint8_t *datain) { void MifareChkKeys(uint8_t *datain, uint8_t reserved_mem) {
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
@ -1715,7 +1711,12 @@ void MifareChkKeys(uint8_t *datain) {
bool clearTrace = datain[2]; bool clearTrace = datain[2];
uint16_t key_count = (datain[3] << 8) | datain[4]; uint16_t key_count = (datain[3] << 8) | datain[4];
uint16_t key_mem_available = MIN((PM3_CMD_DATA_SIZE - 5), key_count * 6); uint16_t key_mem_available;
if (reserved_mem)
key_mem_available = key_count * 6;
else
key_mem_available = MIN((PM3_CMD_DATA_SIZE - 5), key_count * 6);
key_count = key_mem_available / 6; key_count = key_mem_available / 6;
datain += 5; datain += 5;
@ -1793,6 +1794,8 @@ void MifareChkKeys(uint8_t *datain) {
void MifareChkKeys_file(uint8_t *fn) { void MifareChkKeys_file(uint8_t *fn) {
#ifdef WITH_FLASH #ifdef WITH_FLASH
BigBuf_free();
SpinOff(0); SpinOff(0);
int changed = rdv40_spiffs_lazy_mount(); int changed = rdv40_spiffs_lazy_mount();
@ -1807,7 +1810,7 @@ void MifareChkKeys_file(uint8_t *fn) {
SpinOff(0); SpinOff(0);
MifareChkKeys(mem); MifareChkKeys(mem, true);
BigBuf_free(); BigBuf_free();
#endif #endif

2
armsrc/mifarecmd.h
View file

@ -29,7 +29,7 @@ void MifareStaticNested(uint8_t blockNo, uint8_t keyType, uint8_t targetBlockNo,
void MifareAcquireEncryptedNonces(uint32_t arg0, uint32_t arg1, uint32_t flags, uint8_t *datain); void MifareAcquireEncryptedNonces(uint32_t arg0, uint32_t arg1, uint32_t flags, uint8_t *datain);
void MifareAcquireNonces(uint32_t arg0, uint32_t flags); void MifareAcquireNonces(uint32_t arg0, uint32_t flags);
void MifareChkKeys(uint8_t *datain); void MifareChkKeys(uint8_t *datain, uint8_t reserved_mem);
void MifareChkKeys_fast(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain); void MifareChkKeys_fast(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain);
void MifareChkKeys_file(uint8_t *fn); void MifareChkKeys_file(uint8_t *fn);