mirror of
https://github.com/Proxmark/proxmark3.git
synced 2025-07-11 07:46:09 -07:00
More work on iclass full simulation, and some work on iclass tag dump parsing
This commit is contained in:
parent
b67f7ec359
commit
1defcf606f
6 changed files with 44 additions and 18 deletions
|
@ -39,8 +39,10 @@
|
|||
#include <stdint.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include "fileutils.h"
|
||||
#include "cipherutils.h"
|
||||
#ifndef ON_DEVICE
|
||||
#include "fileutils.h"
|
||||
#endif
|
||||
/**
|
||||
*
|
||||
* @brief Return and remove the first bit (x0) in the stream : <x0 x1 x2 x3 ... xn >
|
||||
|
|
|
@ -94,6 +94,7 @@ CMDSRCS = nonce2key/crapto1.c\
|
|||
cmdscript.c\
|
||||
pm3_bitlib.c\
|
||||
aes.c\
|
||||
protocols.c\
|
||||
|
||||
|
||||
COREOBJS = $(CORESRCS:%.c=$(OBJDIR)/%.o)
|
||||
|
|
|
@ -29,6 +29,7 @@
|
|||
#include "loclass/ikeys.h"
|
||||
#include "loclass/elite_crack.h"
|
||||
#include "loclass/fileutils.h"
|
||||
#include "protocols.h"
|
||||
|
||||
static int CmdHelp(const char *Cmd);
|
||||
|
||||
|
@ -75,10 +76,9 @@ int CmdHFiClassSim(const char *Cmd)
|
|||
uint8_t CSN[8] = {0, 0, 0, 0, 0, 0, 0, 0};
|
||||
|
||||
if (strlen(Cmd)<1) {
|
||||
usage_hf_iclass_sim();
|
||||
return usage_hf_iclass_sim();
|
||||
}
|
||||
|
||||
simType = param_get8(Cmd, 0);
|
||||
simType = param_get8ex(Cmd, 0, 0, 10);
|
||||
|
||||
if(simType == 0)
|
||||
{
|
||||
|
@ -322,7 +322,7 @@ int CmdHFiClassReader_Dump(const char *Cmd)
|
|||
PrintAndLog("Hash0, a.k.a diversified key, that is computed using Ksel and stored in the card (Block 3):");
|
||||
printvar("Div key", div_key, 8);
|
||||
printvar("CC_NR:",CCNR,12);
|
||||
doMAC(CCNR,12,div_key, MAC);
|
||||
doMAC(CCNR,div_key, MAC);
|
||||
printvar("MAC", MAC, 4);
|
||||
|
||||
uint8_t iclass_data[32000] = {0};
|
||||
|
@ -421,9 +421,12 @@ int CmdHFiClassELoad(const char *Cmd)
|
|||
fseek(f, 0, SEEK_SET);
|
||||
|
||||
uint8_t *dump = malloc(fsize);
|
||||
|
||||
|
||||
size_t bytes_read = fread(dump, 1, fsize, f);
|
||||
fclose(f);
|
||||
|
||||
printIclassDumpInfo(dump);
|
||||
//Validate
|
||||
|
||||
if (bytes_read < fsize)
|
||||
|
@ -456,7 +459,7 @@ int usage_hf_iclass_decrypt()
|
|||
PrintAndLog("OBS! In order to use this function, the file 'iclass_decryptionkey.bin' must reside");
|
||||
PrintAndLog("in the working directory. The file should be 16 bytes binary data");
|
||||
PrintAndLog("");
|
||||
PrintAndLog("example: hf iclass decrypt tagdump_12312342343.bin");
|
||||
PrintAndLog("example: hf iclass decrypt f tagdump_12312342343.bin");
|
||||
PrintAndLog("");
|
||||
PrintAndLog("OBS! This is pretty stupid implementation, it tries to decrypt every block after block 6. ");
|
||||
PrintAndLog("Correct behaviour would be to decrypt only the application areas where the key is valid,");
|
||||
|
@ -604,7 +607,7 @@ int CmdHFiClass_iso14443A_write(const char *Cmd)
|
|||
diversifyKey(CSN,KEY, div_key);
|
||||
|
||||
PrintAndLog("Div Key: %s",sprint_hex(div_key,8));
|
||||
doMAC(CCNR, 12,div_key, MAC);
|
||||
doMAC(CCNR, div_key, MAC);
|
||||
|
||||
UsbCommand c2 = {CMD_ICLASS_ISO14443A_WRITE, {readerType,blockNo}};
|
||||
memcpy(c2.d.asBytes, bldata, 8);
|
||||
|
|
|
@ -394,7 +394,7 @@ int bruteforceItem(dumpdata item, uint16_t keytable[])
|
|||
//Diversify
|
||||
diversifyKey(item.csn, key_sel_p, div_key);
|
||||
//Calc mac
|
||||
doMAC(item.cc_nr,12, div_key,calculated_MAC);
|
||||
doMAC(item.cc_nr, div_key,calculated_MAC);
|
||||
|
||||
if(memcmp(calculated_MAC, item.mac, 4) == 0)
|
||||
{
|
||||
|
|
|
@ -1,7 +1,14 @@
|
|||
#include <stdio.h>
|
||||
#include <strings.h>
|
||||
#include <string.h>
|
||||
#include <stdint.h>
|
||||
#include <stdarg.h>
|
||||
#include "protocols.h"
|
||||
#ifndef ON_DEVICE
|
||||
#include "ui.h"
|
||||
#define prnt PrintAndLog
|
||||
#endif
|
||||
|
||||
|
||||
|
||||
typedef struct {
|
||||
|
@ -25,17 +32,9 @@ typedef struct {
|
|||
|
||||
}picopass_hdr;
|
||||
|
||||
#define FUSE_FPERS 0x80
|
||||
#define FUSE_CODING1 0x40
|
||||
#define FUSE_CODING0 0x20
|
||||
#define FUSE_CRYPT1 0x10
|
||||
#define FUSE_CRYPT0 0x08
|
||||
#define FUSE_FPROD1 0x04
|
||||
#define FUSE_FPROD0 0x02
|
||||
#define FUSE_RA 0x01
|
||||
|
||||
//#define prnt printf
|
||||
void prnt(char *fmt,...)
|
||||
/*void prnt(char *fmt,...)
|
||||
{
|
||||
va_list argptr;
|
||||
va_start(argptr, fmt);
|
||||
|
@ -44,7 +43,7 @@ void prnt(char *fmt,...)
|
|||
va_end(argptr);
|
||||
printf("\n");
|
||||
}
|
||||
|
||||
*/
|
||||
uint8_t isset(uint8_t val, uint8_t mask)
|
||||
{
|
||||
return (val & mask);
|
||||
|
@ -95,6 +94,14 @@ void print_picopass_info(const picopass_hdr *hdr)
|
|||
mem_config(hdr);
|
||||
applimit_config(hdr);
|
||||
}
|
||||
void printIclassDumpInfo(uint8_t* iclass_dump)
|
||||
{
|
||||
// picopass_hdr hdr;
|
||||
// memcpy(&hdr, iclass_dump, sizeof(picopass_hdr));
|
||||
print_picopass_info((picopass_hdr *) iclass_dump);
|
||||
}
|
||||
|
||||
/*
|
||||
void test()
|
||||
{
|
||||
picopass_hdr hdr = {0x27,0xaf,0x48,0x01,0xf9,0xff,0x12,0xe0,0x12,0xff,0xff,0xff,0x7f,0x1f,0xff,0x3c};
|
||||
|
@ -106,3 +113,4 @@ int main(int argc, char *argv[])
|
|||
test();
|
||||
return 0;
|
||||
}
|
||||
*/
|
||||
|
|
|
@ -170,5 +170,17 @@ NXP/Philips CUSTOM COMMANDS
|
|||
#define ICLASS 1
|
||||
#define ISO_14443B 2
|
||||
|
||||
//-- Picopass fuses
|
||||
#define FUSE_FPERS 0x80
|
||||
#define FUSE_CODING1 0x40
|
||||
#define FUSE_CODING0 0x20
|
||||
#define FUSE_CRYPT1 0x10
|
||||
#define FUSE_CRYPT0 0x08
|
||||
#define FUSE_FPROD1 0x04
|
||||
#define FUSE_FPROD0 0x02
|
||||
#define FUSE_RA 0x01
|
||||
|
||||
|
||||
void printIclassDumpInfo(uint8_t* iclass_dump);
|
||||
|
||||
#endif // PROTOCOLS_H
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue