github/proxmark3
1
0
Fork 0
mirror of https://github.com/Proxmark/proxmark3.git synced 2025-08-22 06:13:27 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added checks and try to use key B if key A fails when trying to dump mifare 1k card contents

Browse source
This commit is contained in:
chuayupeng 2018-12-18 04:08:04 -05:00
commit 4bc8d886cd
1 changed files with 40 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

54
client/cmdhfmf.c
View file

@ -331,11 +331,17 @@ int CmdHF14AMfDump(const char *Cmd)
PrintAndLog("|-----------------------------------------|"); PrintAndLog("|-----------------------------------------|");
uint8_t tries = 0; uint8_t tries = 0;
for (sectorNo = 0; sectorNo < numSectors; sectorNo++) { for (sectorNo = 0; sectorNo < numSectors; sectorNo++) {
for (tries = 0; tries < 3; tries++) { bool doesKeyAWork = true;
UsbCommand c = {CMD_MIFARE_READBL, {FirstBlockOfSector(sectorNo) + NumBlocksPerSector(sectorNo) - 1, 0, 0}}; for (tries = 0; tries < 6; tries++) {
memcpy(c.d.asBytes, keyA[sectorNo], 6); if(doesKeyAWork){
SendCommand(&c); UsbCommand c = {CMD_MIFARE_READBL, {FirstBlockOfSector(sectorNo) + NumBlocksPerSector(sectorNo) - 1, 0, 0}};
memcpy(c.d.asBytes, keyA[sectorNo], 6);
SendCommand(&c);
} else {
UsbCommand c = {CMD_MIFARE_READBL, {FirstBlockOfSector(sectorNo) + NumBlocksPerSector(sectorNo) - 1, 1, 0}};
memcpy(c.d.asBytes, keyB[sectorNo], 6);
SendCommand(&c);
}
if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) { if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
uint8_t isOK = resp.arg[0] & 0xff; uint8_t isOK = resp.arg[0] & 0xff;
uint8_t *data = resp.d.asBytes; uint8_t *data = resp.d.asBytes;
@ -349,6 +355,8 @@ int CmdHF14AMfDump(const char *Cmd)
PrintAndLog("Could not get access rights for sector %2d. Trying with defaults...", sectorNo); PrintAndLog("Could not get access rights for sector %2d. Trying with defaults...", sectorNo);
rights[sectorNo][0] = rights[sectorNo][1] = rights[sectorNo][2] = 0x00; rights[sectorNo][0] = rights[sectorNo][1] = rights[sectorNo][2] = 0x00;
rights[sectorNo][3] = 0x01; rights[sectorNo][3] = 0x01;
} else {
doesKeyAWork = !doesKeyAWork;
} }
} else { } else {
PrintAndLog("Command execute timeout when trying to read access rights for sector %2d. Trying with defaults...", sectorNo); PrintAndLog("Command execute timeout when trying to read access rights for sector %2d. Trying with defaults...", sectorNo);
@ -365,13 +373,21 @@ int CmdHF14AMfDump(const char *Cmd)
bool isOK = true; bool isOK = true;
for (sectorNo = 0; isOK && sectorNo < numSectors; sectorNo++) { for (sectorNo = 0; isOK && sectorNo < numSectors; sectorNo++) {
for (blockNo = 0; isOK && blockNo < NumBlocksPerSector(sectorNo); blockNo++) { for (blockNo = 0; isOK && blockNo < NumBlocksPerSector(sectorNo); blockNo++) {
bool doesKeyAWork = true;
bool received = false; bool received = false;
for (tries = 0; tries < 3; tries++) { for (tries = 0; tries < 6; tries++) {
if (blockNo == NumBlocksPerSector(sectorNo) - 1) { // sector trailer. At least the Access Conditions can always be read with key A. if (blockNo == NumBlocksPerSector(sectorNo) - 1) { // sector trailer. At least the Access Conditions can always be read with key A.
UsbCommand c = {CMD_MIFARE_READBL, {FirstBlockOfSector(sectorNo) + blockNo, 0, 0}}; if(doesKeyAWork){
memcpy(c.d.asBytes, keyA[sectorNo], 6); UsbCommand c = {CMD_MIFARE_READBL, {FirstBlockOfSector(sectorNo) + blockNo, 0, 0}};
SendCommand(&c); memcpy(c.d.asBytes, keyA[sectorNo], 6);
received = WaitForResponseTimeout(CMD_ACK,&resp,1500); SendCommand(&c);
received = WaitForResponseTimeout(CMD_ACK,&resp,1500);
} else {
UsbCommand c = {CMD_MIFARE_READBL, {FirstBlockOfSector(sectorNo) + blockNo, 1, 0}};
memcpy(c.d.asBytes, keyB[sectorNo], 6);
SendCommand(&c);
received = WaitForResponseTimeout(CMD_ACK,&resp,1500);
}
} else { // data block. Check if it can be read with key A or key B } else { // data block. Check if it can be read with key A or key B
uint8_t data_area = sectorNo<32?blockNo:blockNo/5; uint8_t data_area = sectorNo<32?blockNo:blockNo/5;
if ((rights[sectorNo][data_area] == 0x03) || (rights[sectorNo][data_area] == 0x05)) { // only key B would work if ((rights[sectorNo][data_area] == 0x03) || (rights[sectorNo][data_area] == 0x05)) { // only key B would work
@ -383,14 +399,22 @@ int CmdHF14AMfDump(const char *Cmd)
isOK = false; isOK = false;
PrintAndLog("Access rights do not allow reading of sector %2d block %3d", sectorNo, blockNo); PrintAndLog("Access rights do not allow reading of sector %2d block %3d", sectorNo, blockNo);
tries = 2; tries = 2;
} else { // key A would work } else { // key A might work
UsbCommand c = {CMD_MIFARE_READBL, {FirstBlockOfSector(sectorNo) + blockNo, 0, 0}}; if(doesKeyAWork){
memcpy(c.d.asBytes, keyA[sectorNo], 6); UsbCommand c = {CMD_MIFARE_READBL, {FirstBlockOfSector(sectorNo) + blockNo, 0, 0}};
SendCommand(&c); memcpy(c.d.asBytes, keyA[sectorNo], 6);
received = WaitForResponseTimeout(CMD_ACK,&resp,1500); SendCommand(&c);
received = WaitForResponseTimeout(CMD_ACK,&resp,1500);
} else {
UsbCommand c = {CMD_MIFARE_READBL, {FirstBlockOfSector(sectorNo) + blockNo, 1, 0}};
memcpy(c.d.asBytes, keyB[sectorNo], 6);
SendCommand(&c);
received = WaitForResponseTimeout(CMD_ACK,&resp,1500);
}
} }
} }
if (received) { if (received) {
doesKeyAWork = !doesKeyAWork;
isOK = resp.arg[0] & 0xff; isOK = resp.arg[0] & 0xff;
if (isOK) break; if (isOK) break;
} }