github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-21 22:03:42 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

better filehandling and memory handling in "lf em 410x brute"

Browse source
This commit is contained in:
iceman1001 2024-10-04 10:41:15 +02:00
commit 5f580e34ca
4 changed files with 36 additions and 65 deletions
Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file.
This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...
## [unreleased][unreleased] ## [unreleased][unreleased]
- Fixed `lf em 410x brute` - better filehandling and memory handling (@iceman1001)
- Changed split PacketResponseNG status into status and reason(@douniwan5788) - Changed split PacketResponseNG status into status and reason(@douniwan5788)
- add a helper script to decode JEDEC data `script run spi_flash_decode` (@ANTodorov) - add a helper script to decode JEDEC data `script run spi_flash_decode` (@ANTodorov)
- show SPI flash JEDEC Manufacturer ID and Device ID in `hw status` output (@ANTodorov) - show SPI flash JEDEC Manufacturer ID and Device ID in `hw status` output (@ANTodorov)

81
client/src/cmdlfem410x.c
View file

@ -519,74 +519,34 @@ static int CmdEM410xBrute(const char *Cmd) {
return PM3_EINVARG; return PM3_EINVARG;
} }
uint32_t uidcnt = 0; // get suffix.
uint8_t stUidBlock = 20; char suffix[10] = {0};
uint8_t *p = NULL; char *ext = strrchr(filename, '.');
uint8_t uid[5] = {0x00}; if (ext != NULL) {
strncpy(suffix, ext, sizeof(suffix) - 1);
// open file
FILE *f = NULL;
if ((f = fopen(filename, "r")) == NULL) {
PrintAndLogEx(ERR, "Error: Could not open EM Tag IDs file ["_YELLOW_("%s")"]", filename);
return PM3_EFILE;
} }
// allocate mem for file contents // load keys
uint8_t *uidblock = calloc(stUidBlock, 5); uint8_t *uidblock = NULL;
if (uidblock == NULL) { uint32_t uidcount = 0;
fclose(f); int res = loadFileDICTIONARY_safe_ex(filename, suffix, (void**)&uidblock, 5, &uidcount, false);
PrintAndLogEx(ERR, "Error: can't allocate memory"); if (res != PM3_SUCCESS) {
return PM3_EMALLOC;
}
// read file into memory
char buf[11];
while (fgets(buf, sizeof(buf), f)) {
if (strlen(buf) < 10 || buf[9] == '\n') continue;
while (fgetc(f) != '\n' && !feof(f)); //goto next line
//The line start with # is comment, skip
if (buf[0] == '#') continue;
int uidlen = 0;
if (param_gethex_ex(buf, 0, uid, &uidlen) && (uidlen != 10)) {
PrintAndLogEx(FAILED, "EM Tag IDs must include 5 hex bytes (10 hex symbols), got ( " _RED_("%d") " )", uidlen);
free(uidblock); free(uidblock);
fclose(f); return res;
return PM3_ESOFT;
} }
buf[10] = 0; if (uidcount == 0) {
if (stUidBlock - uidcnt < 2) {
p = realloc(uidblock, 5 * (stUidBlock += 10));
if (!p) {
PrintAndLogEx(WARNING, "Cannot allocate memory for EM Tag IDs");
free(uidblock);
fclose(f);
return PM3_ESOFT;
}
uidblock = p;
}
memset(uidblock + 5 * uidcnt, 0, 5);
num_to_bytes(strtoll(buf, NULL, 16), 5, uidblock + 5 * uidcnt);
uidcnt++;
memset(buf, 0, sizeof(buf));
}
fclose(f);
if (uidcnt == 0) {
PrintAndLogEx(FAILED, "No EM Tag IDs found in file"); PrintAndLogEx(FAILED, "No EM Tag IDs found in file");
free(uidblock); free(uidblock);
return PM3_ESOFT; return PM3_EINVARG;
} }
PrintAndLogEx(SUCCESS, "Loaded "_YELLOW_("%d")" EM Tag IDs from "_YELLOW_("%s")", pause delay:"_YELLOW_("%d")" ms", uidcnt, filename, delay); PrintAndLogEx(SUCCESS, "Loaded "_GREEN_("%d")" EM Tag IDs from `"_YELLOW_("%s")"` pause delay:"_YELLOW_("%d")" ms", uidcount, filename, delay);
// loop // loop
uint8_t testuid[5]; uint8_t testuid[5];
for (uint32_t c = 0; c < uidcnt; ++c) { for (uint32_t i = 0; i < uidcount; ++i) {
if (kbd_enter_pressed()) { if (kbd_enter_pressed()) {
SendCommandNG(CMD_BREAK_LOOP, NULL, 0); SendCommandNG(CMD_BREAK_LOOP, NULL, 0);
PrintAndLogEx(WARNING, "aborted via keyboard!\n"); PrintAndLogEx(WARNING, "aborted via keyboard!\n");
@ -594,10 +554,12 @@ static int CmdEM410xBrute(const char *Cmd) {
return PM3_EOPABORTED; return PM3_EOPABORTED;
} }
memcpy(testuid, uidblock + 5 * c, 5); memset(testuid, 0, sizeof(testuid));
memcpy(testuid, uidblock + (5 * i), sizeof(testuid));
PrintAndLogEx(INFO, "Bruteforce %d / %u: simulating EM Tag ID " _YELLOW_("%s") PrintAndLogEx(INFO, "Bruteforce %d / %u: simulating EM Tag ID " _YELLOW_("%s")
, c + 1 , i + 1
, uidcnt , uidcount
, sprint_hex_inrow(testuid, sizeof(testuid)) , sprint_hex_inrow(testuid, sizeof(testuid))
); );
@ -614,7 +576,6 @@ static int CmdEM410xBrute(const char *Cmd) {
clearCommandBuffer(); clearCommandBuffer();
SendCommandNG(CMD_LF_SIMULATE, (uint8_t *)&payload, sizeof(payload)); SendCommandNG(CMD_LF_SIMULATE, (uint8_t *)&payload, sizeof(payload));
PacketResponseNG resp; PacketResponseNG resp;
if (WaitForResponseTimeout(CMD_LF_SIMULATE, &resp, delay)) { if (WaitForResponseTimeout(CMD_LF_SIMULATE, &resp, delay)) {
if (resp.status == PM3_EOPABORTED) { if (resp.status == PM3_EOPABORTED) {

13
client/src/fileutils.c
View file

@ -2267,12 +2267,17 @@ out:
return retval; return retval;
} }
int loadFileDICTIONARY_safe(const char *preferredName, void **pdata, uint8_t keylen, uint32_t *keycnt) { int loadFileDICTIONARY_safe(const char *preferredName, void **pdata, uint8_t keylen, uint32_t *keycnt) {
return loadFileDICTIONARY_safe_ex(preferredName, ".dic", pdata, keylen, keycnt, true);
}
int loadFileDICTIONARY_safe_ex(const char *preferredName, const char* suffix, void **pdata, uint8_t keylen, uint32_t *keycnt, bool verbose) {
int retval = PM3_SUCCESS; int retval = PM3_SUCCESS;
char *path; char *path;
if (searchFile(&path, DICTIONARIES_SUBDIR, preferredName, ".dic", false) != PM3_SUCCESS) { if (searchFile(&path, DICTIONARIES_SUBDIR, preferredName, suffix, false) != PM3_SUCCESS) {
return PM3_EFILE; return PM3_EFILE;
} }
@ -2282,7 +2287,7 @@ int loadFileDICTIONARY_safe(const char *preferredName, void **pdata, uint8_t key
// mf desfire == 3des3k 24 bytes // mf desfire == 3des3k 24 bytes
// iclass == 8 bytes // iclass == 8 bytes
// default to 6 bytes. // default to 6 bytes.
if (keylen != 4 && keylen != 6 && keylen != 8 && keylen != 16 && keylen != 24) { if (keylen != 4 && keylen != 5 && keylen != 6 && keylen != 8 && keylen != 16 && keylen != 24) {
keylen = 6; keylen = 6;
} }
@ -2340,7 +2345,7 @@ int loadFileDICTIONARY_safe(const char *preferredName, void **pdata, uint8_t key
continue; continue;
} }
if (!CheckStringIsHEXValue(line)) { if (CheckStringIsHEXValue(line) == false) {
continue; continue;
} }
@ -2357,7 +2362,9 @@ int loadFileDICTIONARY_safe(const char *preferredName, void **pdata, uint8_t key
} }
fclose(f); fclose(f);
if (verbose) {
PrintAndLogEx(SUCCESS, "Loaded " _GREEN_("%2d") " keys from dictionary file `" _YELLOW_("%s") "`", *keycnt, path); PrintAndLogEx(SUCCESS, "Loaded " _GREEN_("%2d") " keys from dictionary file `" _YELLOW_("%s") "`", *keycnt, path);
}
out: out:
free(path); free(path);

2
client/src/fileutils.h
View file

@ -277,6 +277,8 @@ int loadFileDICTIONARYEx(const char *preferredName, void *data, size_t maxdatale
*/ */
int loadFileDICTIONARY_safe(const char *preferredName, void **pdata, uint8_t keylen, uint32_t *keycnt); int loadFileDICTIONARY_safe(const char *preferredName, void **pdata, uint8_t keylen, uint32_t *keycnt);
int loadFileDICTIONARY_safe_ex(const char *preferredName, const char* suffix, void **pdata, uint8_t keylen, uint32_t *keycnt, bool verbose);
int loadFileBinaryKey(const char *preferredName, const char *suffix, void **keya, void **keyb, size_t *alen, size_t *blen); int loadFileBinaryKey(const char *preferredName, const char *suffix, void **keya, void **keyb, size_t *alen, size_t *blen);
/** /**