FIX: at least now the special zero parity attack, repeats and doesn't crash. However it doesn't find the key either :(

2025-08-14 10:37:23 -07:00 · 2016-08-10 10:55:29 +02:00 · 2016-08-10 10:55:29 +02:00 · 6067df30c5
commit 6067df30c5
parent 86db8973b0
4 changed files with 19 additions and 10 deletions
--- a/armsrc/iso14443a.c
+++ b/armsrc/iso14443a.c
@ -867,10 +867,10 @@ void SimulateIso14443aTag(int tagType, int flags, byte_t* data) {
 	uint8_t cardAUTHKEY = 0xff;  // no authentication
 	// allow collecting up to 8 sets of nonces to allow recovery of up to 8 keys
 	#define ATTACK_KEY_COUNT 8 // keep same as define in cmdhfmf.c -> readerAttack()
-	nonces_t ar_nr_resp[ATTACK_KEY_COUNT*2]; //*2 for 2 separate attack types (nml, moebius)
+	nonces_t ar_nr_resp[ATTACK_KEY_COUNT*2]; // for 2 separate attack types (nml, moebius)
 	memset(ar_nr_resp, 0x00, sizeof(ar_nr_resp));

-	uint8_t ar_nr_collected[ATTACK_KEY_COUNT*2]; //*2 for 2nd attack type (moebius)
+	uint8_t ar_nr_collected[ATTACK_KEY_COUNT*2]; // for 2nd attack type (moebius)
 	memset(ar_nr_collected, 0x00, sizeof(ar_nr_collected));
 	uint8_t	nonce1_count = 0;
 	uint8_t	nonce2_count = 0;
@ -2218,10 +2218,11 @@ void ReaderMifare(bool first_try, uint8_t block, uint8_t keytype ) {
 	set_tracing(TRUE);	
 	iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD);

-	
-	if (first_try) { 
-		sync_time = GetCountSspClk() & 0xfffffff8;
-		sync_cycles = PRNG_SEQUENCE_LENGTH + 1130; //65536;	//0x10000	// Mifare Classic's random generator repeats every 2^16 cycles (and so do the nonces).
+	sync_time = GetCountSspClk() & 0xfffffff8;
+	// iceman,  i add 1130 because during my observations this makse the syncronization much fast to sync.
+	sync_cycles = PRNG_SEQUENCE_LENGTH + 1130; //65536;	// Mifare Classic's random generator repeats every 2^16 cycles (and so do the nonces).		
+
+	if (first_try) {
 		mf_nr_ar3 = 0;			
 		nt_attacked = 0;
 		par_low = 0;
@ -2294,7 +2295,9 @@ void ReaderMifare(bool first_try, uint8_t block, uint8_t keytype ) {
 	
 		WDT_HIT();
 		LED_B_ON();
-		if (first_try && previous_nt && !nt_attacked) { // we didn't calibrate our clock yet
+		// we didn't calibrate our clock yet,
+		// iceman: has to be calibrated every time.
+		if (previous_nt && !nt_attacked) { 

 			nt_distance = dist_nt(previous_nt, nt);
 			
--- a/client/cmdhfmf.c
+++ b/client/cmdhfmf.c
@ -217,7 +217,12 @@ start:
 	if (isOK == -4 && par_list == 0) {
 		// this special attack when parities is zero, uses checkkeys. Which now with block/keytype option also needs. 
 		// but it uses 0|1 instead of 0x60|0x61...
-		if (!nonce2key_ex(blockNo, keytype - 0x60 , uid, nt, nr, ks_list, &r_key) ){
+		if (nonce2key_ex(blockNo, keytype - 0x60 , uid, nt, nr, ks_list, &r_key) ){
+			PrintAndLog("Key not found (lfsr_common_prefix list is null).");	
+			PrintAndLog("Failing is expected to happen in 25%% of all cases. Trying again with a different reader nonce...");
+			c.arg[0] = false;
+			goto start;
+		} else {
 			PrintAndLog("Found valid key: %012"llx" \n", r_key);
 			goto END;
 		}
--- a/client/nonce2key/crapto1.c
+++ b/client/nonce2key/crapto1.c
@ -549,7 +549,8 @@ struct Crypto1State* lfsr_common_prefix_ex(uint32_t pfx, uint8_t ks[8])
 				s = check_pfx_parity_ex(pfx, *o, *e, s);
 			}

-	s->odd = s->even = 0;
+	// in this version, -1 signifies end of states 
+	s->odd = s->even = -1;

 out:
 	free(odd);
--- a/client/nonce2key/nonce2key.c
+++ b/client/nonce2key/nonce2key.c
@ -94,7 +94,6 @@ int nonce2key_ex(uint8_t blockno, uint8_t keytype, uint32_t uid, uint32_t nt, ui
 	
 	state = lfsr_common_prefix_ex(nr, ks3x);
 	state_s = (int64_t*)state;
-	PrintAndLog("Prefix");
 	
 	for (i = 0; (state) && ((state + i)->odd != -1); i++) {
 		lfsr_rollback_word(state + i, uid ^ nt, 0);
@ -152,6 +151,7 @@ int nonce2key_ex(uint8_t blockno, uint8_t keytype, uint32_t uid, uint32_t nt, ui
 		}
 	}	
 	
+	
 	free(last_keylist);
 	last_keylist = state_s;
 	return 1;