github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-21 05:43:48 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

add mfValidateAccessConditions to warn when dealing with invalid MFC ACL

Browse source
This commit is contained in:
Philippe Teuwen 2021-12-17 21:29:09 +01:00
commit 628766391e
3 changed files with 19 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

8
client/src/cmdhfmf.c
View file

@ -166,6 +166,10 @@ static void decode_print_st(uint16_t blockno, uint8_t *data) {
PrintAndLogEx(INFO, " # | Access rights"); PrintAndLogEx(INFO, " # | Access rights");
PrintAndLogEx(INFO, "----+-----------------------------------------------------------------"); PrintAndLogEx(INFO, "----+-----------------------------------------------------------------");
if (! mfValidateAccessConditions(&data[6])) {
PrintAndLogEx(WARNING, _RED_("Invalid Access Conditions"));
}
int bln = mfFirstBlockOfSector(mfSectorNum(blockno)); int bln = mfFirstBlockOfSector(mfSectorNum(blockno));
int blinc = (mfNumBlocksPerSector(mfSectorNum(blockno)) > 4) ? 5 : 1; int blinc = (mfNumBlocksPerSector(mfSectorNum(blockno)) > 4) ? 5 : 1;
for (int i = 0; i < 4; i++) { for (int i = 0; i < 4; i++) {
@ -289,7 +293,9 @@ static int CmdHF14AMfAcl(const char *Cmd) {
if (memcmp(acl, "\xFF\x07\x80", 3) == 0) { if (memcmp(acl, "\xFF\x07\x80", 3) == 0) {
PrintAndLogEx(INFO, "ACL... " _GREEN_("%s") " (transport configuration)", sprint_hex(acl, sizeof(acl))); PrintAndLogEx(INFO, "ACL... " _GREEN_("%s") " (transport configuration)", sprint_hex(acl, sizeof(acl)));
} }
if (! mfValidateAccessConditions(acl)) {
PrintAndLogEx(ERR, _RED_("Invalid Access Conditions, NEVER write these on a card!"));
}
PrintAndLogEx(NORMAL, ""); PrintAndLogEx(NORMAL, "");
PrintAndLogEx(INFO, " # | Access rights"); PrintAndLogEx(INFO, " # | Access rights");
PrintAndLogEx(INFO, "----+-----------------------------------------------------------------"); PrintAndLogEx(INFO, "----+-----------------------------------------------------------------");

11
client/src/mifare/mifare4.c
View file

@ -66,6 +66,17 @@ AccessConditions_t MFAccessConditionsTrailer[] = {
{0x07, "read ACCESS by AB", ""} {0x07, "read ACCESS by AB", ""}
}; };
bool mfValidateAccessConditions(uint8_t *data) {
uint8_t ndata1 = (data[0]) & 0x0f;
uint8_t ndata2 = (data[0] >> 4) & 0x0f;
uint8_t ndata3 = (data[1]) & 0x0f;
uint8_t data1 = (data[1] >> 4) & 0x0f;
uint8_t data2 = (data[2]) & 0x0f;
uint8_t data3 = (data[2] >> 4) & 0x0f;
return ((ndata1 == (data1 ^ 0xF)) && (ndata2 == (data2 ^ 0xF)) && (ndata3 == (data3 ^ 0xF)));
}
const char *mfGetAccessConditionsDesc(uint8_t blockn, uint8_t *data) { const char *mfGetAccessConditionsDesc(uint8_t blockn, uint8_t *data) {
uint8_t data1 = ((data[1] >> 4) & 0x0f) >> blockn; uint8_t data1 = ((data[1] >> 4) & 0x0f) >> blockn;
uint8_t data2 = ((data[2]) & 0x0f) >> blockn; uint8_t data2 = ((data[2]) & 0x0f) >> blockn;

1
client/src/mifare/mifare4.h
View file

@ -63,6 +63,7 @@ int mfpReadSector(uint8_t sectorNo, uint8_t keyType, uint8_t *key, uint8_t *data
int MFPGetSignature(bool activateField, bool leaveSignalON, uint8_t *dataout, int maxdataoutlen, int *dataoutlen); int MFPGetSignature(bool activateField, bool leaveSignalON, uint8_t *dataout, int maxdataoutlen, int *dataoutlen);
int MFPGetVersion(bool activateField, bool leaveSignalON, uint8_t *dataout, int maxdataoutlen, int *dataoutlen); int MFPGetVersion(bool activateField, bool leaveSignalON, uint8_t *dataout, int maxdataoutlen, int *dataoutlen);
bool mfValidateAccessConditions(uint8_t *data);
const char *mfGetAccessConditionsDesc(uint8_t blockn, uint8_t *data); const char *mfGetAccessConditionsDesc(uint8_t blockn, uint8_t *data);
uint8_t mfNumBlocksPerSector(uint8_t sectorNo); uint8_t mfNumBlocksPerSector(uint8_t sectorNo);