mirror of
https://github.com/RfidResearchGroup/proxmark3.git
synced 2025-08-19 21:03:48 -07:00
Fix NTAG I2C UID and signature verification
This commit is contained in:
Philippe Teuwen
parent
8c4076281e
commit
e556b8de55
1 changed files with 26 additions and 22 deletions
|
|
@ -493,7 +493,7 @@ static int ul_fudan_check(void) {
|
||||||
return (!resp.data.asBytes[0]) ? FUDAN_UL : UL; //if response == 0x00 then Fudan, else Genuine NXP
|
return (!resp.data.asBytes[0]) ? FUDAN_UL : UL; //if response == 0x00 then Fudan, else Genuine NXP
|
||||||
}
|
}
|
||||||
|
|
||||||
static int ul_print_default(uint8_t *data) {
|
static int ul_print_default(uint8_t *data, uint8_t *real_uid) {
|
||||||
|
|
||||||
uint8_t uid[7];
|
uint8_t uid[7];
|
||||||
uid[0] = data[0];
|
uid[0] = data[0];
|
||||||
|
|
@ -503,10 +503,14 @@ static int ul_print_default(uint8_t *data) {
|
||||||
uid[4] = data[5];
|
uid[4] = data[5];
|
||||||
uid[5] = data[6];
|
uid[5] = data[6];
|
||||||
uid[6] = data[7];
|
uid[6] = data[7];
|
||||||
|
bool mful_uid_layout = true;
|
||||||
|
|
||||||
PrintAndLogEx(SUCCESS, " UID: " _GREEN_("%s"), sprint_hex(uid, 7));
|
if (memcmp(uid, real_uid, 7) != 0) {
|
||||||
PrintAndLogEx(SUCCESS, " UID[0]: %02X, %s", uid[0], getTagInfo(uid[0]));
|
mful_uid_layout = false;
|
||||||
if (uid[0] == 0x05 && ((uid[1] & 0xf0) >> 4) == 2) { // is infineon and 66RxxP
|
}
|
||||||
|
PrintAndLogEx(SUCCESS, " UID: " _GREEN_("%s"), sprint_hex(real_uid, 7));
|
||||||
|
PrintAndLogEx(SUCCESS, " UID[0]: %02X, %s", real_uid[0], getTagInfo(real_uid[0]));
|
||||||
|
if (real_uid[0] == 0x05 && ((real_uid[1] & 0xf0) >> 4) == 2) { // is infineon and 66RxxP
|
||||||
uint8_t chip = (data[8] & 0xC7); // 11000111 mask, bit 3,4,5 RFU
|
uint8_t chip = (data[8] & 0xC7); // 11000111 mask, bit 3,4,5 RFU
|
||||||
switch (chip) {
|
switch (chip) {
|
||||||
case 0xC2:
|
case 0xC2:
|
||||||
|
|
@ -520,20 +524,23 @@ static int ul_print_default(uint8_t *data) {
|
||||||
break; //512 pages /2 sectors
|
break; //512 pages /2 sectors
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// CT (cascade tag byte) 0x88 xor SN0 xor SN1 xor SN2
|
if (mful_uid_layout) {
|
||||||
int crc0 = 0x88 ^ uid[0] ^ uid[1] ^ uid[2];
|
// CT (cascade tag byte) 0x88 xor SN0 xor SN1 xor SN2
|
||||||
if (data[3] == crc0)
|
int crc0 = 0x88 ^ uid[0] ^ uid[1] ^ uid[2];
|
||||||
PrintAndLogEx(SUCCESS, " BCC0: %02X (" _GREEN_("ok") ")", data[3]);
|
if (data[3] == crc0)
|
||||||
else
|
PrintAndLogEx(SUCCESS, " BCC0: %02X (" _GREEN_("ok") ")", data[3]);
|
||||||
PrintAndLogEx(NORMAL, " BCC0: %02X, crc should be %02X", data[3], crc0);
|
else
|
||||||
|
PrintAndLogEx(NORMAL, " BCC0: %02X, crc should be %02X", data[3], crc0);
|
||||||
|
|
||||||
int crc1 = uid[3] ^ uid[4] ^ uid[5] ^ uid[6];
|
int crc1 = uid[3] ^ uid[4] ^ uid[5] ^ uid[6];
|
||||||
if (data[8] == crc1)
|
if (data[8] == crc1)
|
||||||
PrintAndLogEx(SUCCESS, " BCC1: %02X (" _GREEN_("ok") ")", data[8]);
|
PrintAndLogEx(SUCCESS, " BCC1: %02X (" _GREEN_("ok") ")", data[8]);
|
||||||
else
|
else
|
||||||
PrintAndLogEx(NORMAL, " BCC1: %02X, crc should be %02X", data[8], crc1);
|
PrintAndLogEx(NORMAL, " BCC1: %02X, crc should be %02X", data[8], crc1);
|
||||||
|
PrintAndLogEx(SUCCESS, " Internal: %02X (%s)", data[9], (data[9] == 0x48) ? _GREEN_("default") : _RED_("not default"));
|
||||||
PrintAndLogEx(SUCCESS, " Internal: %02X (%s)", data[9], (data[9] == 0x48) ? _GREEN_("default") : _RED_("not default"));
|
} else {
|
||||||
|
PrintAndLogEx(SUCCESS, "Blocks 0-2: %s", sprint_hex(data + 0, 12));
|
||||||
|
}
|
||||||
|
|
||||||
PrintAndLogEx(SUCCESS, " Lock: %s - %s",
|
PrintAndLogEx(SUCCESS, " Lock: %s - %s",
|
||||||
sprint_hex(data + 10, 2),
|
sprint_hex(data + 10, 2),
|
||||||
|
|
@ -1214,7 +1221,6 @@ static int CmdHF14AMfUInfo(const char *Cmd) {
|
||||||
uint8_t *key = pwd;
|
uint8_t *key = pwd;
|
||||||
uint8_t pack[4] = {0, 0, 0, 0};
|
uint8_t pack[4] = {0, 0, 0, 0};
|
||||||
int len;
|
int len;
|
||||||
uint8_t uid[7];
|
|
||||||
|
|
||||||
char tempStr[50];
|
char tempStr[50];
|
||||||
|
|
||||||
|
|
@ -1267,9 +1273,7 @@ static int CmdHF14AMfUInfo(const char *Cmd) {
|
||||||
PrintAndLogEx(ERR, "Error: tag didn't answer to READ");
|
PrintAndLogEx(ERR, "Error: tag didn't answer to READ");
|
||||||
return PM3_ESOFT;
|
return PM3_ESOFT;
|
||||||
} else if (status == 16) {
|
} else if (status == 16) {
|
||||||
memcpy(uid, data, 3);
|
ul_print_default(data, card.uid);
|
||||||
memcpy(uid + 3, data + 4, 4);
|
|
||||||
ul_print_default(data);
|
|
||||||
ndef_print_CC(data + 12);
|
ndef_print_CC(data + 12);
|
||||||
} else {
|
} else {
|
||||||
locked = true;
|
locked = true;
|
||||||
|
|
@ -1351,7 +1355,7 @@ static int CmdHF14AMfUInfo(const char *Cmd) {
|
||||||
return PM3_ESOFT;
|
return PM3_ESOFT;
|
||||||
}
|
}
|
||||||
if (status == 32) {
|
if (status == 32) {
|
||||||
ulev1_print_signature(tagtype, uid, ulev1_signature, sizeof(ulev1_signature));
|
ulev1_print_signature(tagtype, card.uid, ulev1_signature, sizeof(ulev1_signature));
|
||||||
} else {
|
} else {
|
||||||
// re-select
|
// re-select
|
||||||
if (ul_auth_select(&card, tagtype, hasAuthKey, authkeyptr, pack, sizeof(pack)) == PM3_ESOFT) return PM3_ESOFT;
|
if (ul_auth_select(&card, tagtype, hasAuthKey, authkeyptr, pack, sizeof(pack)) == PM3_ESOFT) return PM3_ESOFT;
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue