github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-21 05:43:48 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Merge pull request #2493 from Antiklesys/master

Browse source 
Reverted changes to hf iclass dump due to buggy behavior
This commit is contained in:
Iceman 2024-09-09 21:01:14 +02:00 committed by GitHub
commit a47ed1c7a7
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 43 additions and 46 deletions
Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -3,7 +3,6 @@ All notable changes to this project will be documented in this file.
This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...
## [unreleased][unreleased]
- Fixed `hf iclass dump` to dump AA2 when only providing Kc (@antiklesys)
- Fixed `hf felica raw -s` - dont check crc for select tag response, thanks @RebornedBrian! (@iceman1001)
- Added a multi-threaded of ht2crack2search (@iceman1001)
- Fixed ISO14443a bounds-checking because @doegex found cards not following ISO14443a when fuzzed (@iceman1001)

30
client/src/cmdhficlass.c
View file

@ -2029,21 +2029,6 @@ static int CmdHFiClassDump(const char *Cmd) {
payload.start_block = 5;
}
struct p_resp {
bool isOK;
uint16_t block_cnt;
uint32_t bb_offset;
} PACKED;
struct p_resp *packet = (struct p_resp *)resp.data.asBytes;
uint32_t startindex = packet->bb_offset;
uint32_t blocks_read = packet->block_cnt;
uint8_t tempbuf[0x100 * 8];
uint16_t bytes_got = (app_limit1 + 1) * 8;
if(key_len > 0 && deb_key_nr >= 0){
clearCommandBuffer();
SendCommandNG(CMD_HF_ICLASS_DUMP, (uint8_t *)&payload, sizeof(payload));
@ -2066,11 +2051,23 @@ static int CmdHFiClassDump(const char *Cmd) {
return resp.status;
}
struct p_resp {
bool isOK;
uint16_t block_cnt;
uint32_t bb_offset;
} PACKED;
struct p_resp *packet = (struct p_resp *)resp.data.asBytes;
if (packet->isOK == false) {
PrintAndLogEx(WARNING, "read AA1 blocks failed");
return PM3_ESOFT;
}
uint32_t startindex = packet->bb_offset;
uint32_t blocks_read = packet->block_cnt;
uint8_t tempbuf[0x100 * 8];
// response ok - now get bigbuf content of the dump
if (!GetFromDevice(BIG_BUF, tempbuf, sizeof(tempbuf), startindex, NULL, 0, NULL, 2500, false)) {
PrintAndLogEx(WARNING, "command execution time out");
@ -2086,7 +2083,8 @@ static int CmdHFiClassDump(const char *Cmd) {
memcpy(tag_data + (PICOPASS_BLOCK_SIZE * payload.start_block),
tempbuf + (PICOPASS_BLOCK_SIZE * payload.start_block),
blocks_read * PICOPASS_BLOCK_SIZE);
}
uint16_t bytes_got = (app_limit1 + 1) * 8;
// try AA2 Kc, Credit
bool aa2_success = false;