mirror of
https://github.com/Proxmark/proxmark3.git
synced 2025-08-21 05:43:23 -07:00
Deduplicate mfkey32 and mfkey64
- rename client/nonce2key.[ch] to mfkey.[ch] - leave only main() wrapper in tools/mfkey - add mfkey32 and mfkey64 to .gitignore
This commit is contained in:
pwpiwi
parent
bd2797de15
commit
4cb4b588c2
11 changed files with 193 additions and 170 deletions
|
|
@ -1,10 +1,10 @@
|
|||
VPATH = ../../common/crapto1
|
||||
VPATH = ../../common/crapto1 ../../client
|
||||
CC = gcc
|
||||
LD = gcc
|
||||
CFLAGS = -I../../common -Wall -O4
|
||||
CFLAGS = -I../../common -I../../client -Wall -O4
|
||||
LDFLAGS =
|
||||
|
||||
OBJS = crypto1.o crapto1.o
|
||||
OBJS = crypto1.o crapto1.o util.o mfkey.o
|
||||
EXES = mfkey32 mfkey64
|
||||
WINEXES = $(patsubst %, %.exe, $(EXES))
|
||||
|
||||
|
|
@ -13,7 +13,7 @@ all: $(OBJS) $(EXES)
|
|||
%.o : %.c
|
||||
$(CC) $(CFLAGS) -c -o $@ $<
|
||||
|
||||
% : %.c
|
||||
% : %.c $(OBJS)
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(OBJS) $<
|
||||
|
||||
clean:
|
||||
|
|
|
|||
|
|
@ -1,67 +1,77 @@
|
|||
#include <inttypes.h>
|
||||
#include "crapto1/crapto1.h"
|
||||
#include <stdbool.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include "crapto1/crapto1.h"
|
||||
#include "mfkey.h"
|
||||
#include "util.h"
|
||||
|
||||
// 32 bit recover key from 2 nonces
|
||||
#include <stdio.h>
|
||||
int main (int argc, char *argv[]) {
|
||||
struct Crypto1State *s,*t;
|
||||
uint64_t key; // recovered key
|
||||
uint32_t uid; // serial number
|
||||
uint32_t nt; // tag challenge
|
||||
uint32_t nr0_enc; // first encrypted reader challenge
|
||||
uint32_t ar0_enc; // first encrypted reader response
|
||||
uint32_t nr1_enc; // second encrypted reader challenge
|
||||
uint32_t ar1_enc; // second encrypted reader response
|
||||
uint32_t ks2; // keystream used to encrypt reader response
|
||||
|
||||
printf("MIFARE Classic key recovery - based 32 bits of keystream\n");
|
||||
nonces_t data;
|
||||
uint32_t ks2; // keystream used to encrypt reader response
|
||||
uint64_t key; // recovered key
|
||||
|
||||
printf("MIFARE Classic key recovery - based on 32 bits of keystream\n");
|
||||
printf("Recover key from two 32-bit reader authentication answers only!\n\n");
|
||||
|
||||
if (argc < 7) {
|
||||
printf(" syntax: %s <uid> <nt> <{nr_0}> <{ar_0}> <{nr_1}> <{ar_1}>\n\n",argv[0]);
|
||||
if (argc != 7 && argc != 8) {
|
||||
printf(" syntax: %s <uid> <nt0> <{nr_0}> <{ar_0}> [<nt1>] <{nr_1}> <{ar_1}>\n", argv[0]);
|
||||
printf(" (you may omit nt1 if it is equal to nt0)\n\n");
|
||||
return 1;
|
||||
}
|
||||
|
||||
sscanf(argv[1],"%x",&uid);
|
||||
sscanf(argv[2],"%x",&nt);
|
||||
sscanf(argv[3],"%x",&nr0_enc);
|
||||
sscanf(argv[4],"%x",&ar0_enc);
|
||||
sscanf(argv[5],"%x",&nr1_enc);
|
||||
sscanf(argv[6],"%x",&ar1_enc);
|
||||
bool moebius_attack = (argc == 8);
|
||||
|
||||
sscanf(argv[1],"%x",&data.cuid);
|
||||
sscanf(argv[2],"%x",&data.nonce);
|
||||
data.nonce2 = data.nonce;
|
||||
sscanf(argv[3],"%x",&data.nr);
|
||||
sscanf(argv[4],"%x",&data.ar);
|
||||
if (moebius_attack) {
|
||||
sscanf(argv[5],"%x",&data.nonce2);
|
||||
sscanf(argv[6],"%x",&data.nr2);
|
||||
sscanf(argv[7],"%x",&data.ar2);
|
||||
} else {
|
||||
sscanf(argv[5],"%x",&data.nr2);
|
||||
sscanf(argv[6],"%x",&data.ar2);
|
||||
}
|
||||
|
||||
printf("Recovering key for:\n");
|
||||
printf(" uid: %08x\n",uid);
|
||||
printf(" nt: %08x\n",nt);
|
||||
printf(" {nr_0}: %08x\n",nr0_enc);
|
||||
printf(" {ar_0}: %08x\n",ar0_enc);
|
||||
printf(" {nr_1}: %08x\n",nr1_enc);
|
||||
printf(" {ar_1}: %08x\n",ar1_enc);
|
||||
printf(" uid: %08x\n",data.cuid);
|
||||
printf(" nt0: %08x\n",data.nonce);
|
||||
printf(" {nr_0}: %08x\n",data.nr);
|
||||
printf(" {ar_0}: %08x\n",data.ar);
|
||||
printf(" nt1: %08x\n",data.nonce2);
|
||||
printf(" {nr_1}: %08x\n",data.nr2);
|
||||
printf(" {ar_1}: %08x\n",data.ar2);
|
||||
|
||||
uint64_t start_time = msclock();
|
||||
|
||||
// Generate lfsr succesors of the tag challenge
|
||||
printf("\nLFSR succesors of the tag challenge:\n");
|
||||
printf(" nt': %08x\n",prng_successor(nt, 64));
|
||||
printf(" nt'': %08x\n",prng_successor(nt, 96));
|
||||
printf(" nt': %08x\n",prng_successor(data.nonce, 64));
|
||||
printf(" nt'': %08x\n",prng_successor(data.nonce, 96));
|
||||
|
||||
// Extract the keystream from the messages
|
||||
printf("\nKeystream used to generate {ar} and {at}:\n");
|
||||
ks2 = ar0_enc ^ prng_successor(nt, 64);
|
||||
ks2 = data.ar ^ prng_successor(data.nonce, 64);
|
||||
printf(" ks2: %08x\n",ks2);
|
||||
|
||||
s = lfsr_recovery32(ar0_enc ^ prng_successor(nt, 64), 0);
|
||||
|
||||
for(t = s; t->odd | t->even; ++t) {
|
||||
lfsr_rollback_word(t, 0, 0);
|
||||
lfsr_rollback_word(t, nr0_enc, 1);
|
||||
lfsr_rollback_word(t, uid ^ nt, 0);
|
||||
crypto1_get_lfsr(t, &key);
|
||||
crypto1_word(t, uid ^ nt, 0);
|
||||
crypto1_word(t, nr1_enc, 1);
|
||||
if (ar1_enc == (crypto1_word(t, 0, 0) ^ prng_successor(nt, 64))) {
|
||||
printf("\nFound Key: [%012" PRIx64 "]\n\n",key);
|
||||
break;
|
||||
}
|
||||
bool success;
|
||||
if (moebius_attack) {
|
||||
success = mfkey32_moebius(data, &key);
|
||||
} else {
|
||||
success = mfkey32(data, &key);
|
||||
}
|
||||
|
||||
if (success) {
|
||||
printf("Recovered key: %012" PRIx64 "\n", key);
|
||||
} else {
|
||||
printf("Couldn't recover key.\n");
|
||||
}
|
||||
free(s);
|
||||
|
||||
return 0;
|
||||
printf("Time spent: %1.2f seconds\n", (float)(msclock() - start_time)/1000.0);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,105 +1,101 @@
|
|||
#include <stdio.h>
|
||||
#include <strings.h>
|
||||
#include <inttypes.h>
|
||||
#include "crapto1/crapto1.h"
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include "util.h"
|
||||
|
||||
int main (int argc, char *argv[]) {
|
||||
struct Crypto1State *revstate;
|
||||
uint64_t key; // recovered key
|
||||
uint32_t uid; // serial number
|
||||
uint32_t nt; // tag challenge
|
||||
uint32_t nr_enc; // encrypted reader challenge
|
||||
uint32_t ar_enc; // encrypted reader response
|
||||
uint32_t at_enc; // encrypted tag response
|
||||
uint32_t ks2; // keystream used to encrypt reader response
|
||||
uint32_t ks3; // keystream used to encrypt tag response
|
||||
int main (int argc, char *argv[])
|
||||
{
|
||||
uint32_t uid; // serial numDber
|
||||
uint32_t nt; // tag challenge
|
||||
uint32_t nr_enc; // encrypted reader challenge
|
||||
uint32_t ar_enc; // encrypted reader response
|
||||
uint32_t at_enc; // encrypted tag response
|
||||
uint64_t key = 0; // recovered key
|
||||
struct Crypto1State *revstate;
|
||||
uint32_t ks2; // keystream used to encrypt reader response
|
||||
uint32_t ks3; // keystream used to encrypt tag response
|
||||
|
||||
printf("MIFARE Classic key recovery - based 64 bits of keystream\n");
|
||||
printf("Recover key from only one complete authentication!\n\n");
|
||||
printf("MIFARE Classic key recovery - based on 64 bits of keystream\n");
|
||||
printf("Recover key from only one complete authentication!\n\n");
|
||||
|
||||
if (argc < 6 ) {
|
||||
printf(" syntax: %s <uid> <nt> <{nr}> <{ar}> <{at}> [enc] [enc...]\n\n", argv[0]);
|
||||
return 1;
|
||||
}
|
||||
if (argc < 6 ) {
|
||||
printf(" syntax: %s <uid> <nt> <{nr}> <{ar}> <{at}> [enc] [enc...]\n\n", argv[0]);
|
||||
return 1;
|
||||
}
|
||||
|
||||
int encc = argc - 6;
|
||||
int enclen[encc];
|
||||
uint8_t enc[encc][120];
|
||||
int encc = argc - 6;
|
||||
int enclen[encc];
|
||||
uint8_t enc[encc][120];
|
||||
|
||||
sscanf(argv[1], "%x", &uid);
|
||||
sscanf(argv[2], "%x", &nt);
|
||||
sscanf(argv[3], "%x", &nr_enc);
|
||||
sscanf(argv[4], "%x", &ar_enc);
|
||||
sscanf(argv[5], "%x", &at_enc);
|
||||
for (int i = 0; i < encc; i++) {
|
||||
enclen[i] = strlen(argv[i + 6]) / 2;
|
||||
for (int i2 = 0; i2 < enclen[i]; i2++) {
|
||||
sscanf(argv[i+6] + i2*2,"%2x", (unsigned int *)&enc[i][i2]);
|
||||
}
|
||||
}
|
||||
printf("Recovering key for:\n");
|
||||
sscanf(argv[1], "%x", &uid);
|
||||
sscanf(argv[2], "%x", &nt);
|
||||
sscanf(argv[3], "%x", &nr_enc);
|
||||
sscanf(argv[4], "%x", &ar_enc);
|
||||
sscanf(argv[5], "%x", &at_enc);
|
||||
for (int i = 0; i < encc; i++) {
|
||||
enclen[i] = strlen(argv[i + 6]) / 2;
|
||||
for (int i2 = 0; i2 < enclen[i]; i2++) {
|
||||
sscanf(argv[i+6] + i2*2,"%2x", (unsigned int*)&enc[i][i2]);
|
||||
}
|
||||
}
|
||||
|
||||
printf(" uid: %08x\n", uid);
|
||||
printf(" nt: %08x\n", nt);
|
||||
printf(" {nr}: %08x\n", nr_enc);
|
||||
printf(" {ar}: %08x\n", ar_enc);
|
||||
printf(" {at}: %08x\n", at_enc);
|
||||
for (int i = 0; i < encc; i++) {
|
||||
printf("{enc%d}: ", i);
|
||||
for (int i2 = 0; i2 < enclen[i]; i2++) {
|
||||
printf("%02x", enc[i][i2]);
|
||||
}
|
||||
printf("\n");
|
||||
}
|
||||
printf("Recovering key for:\n");
|
||||
printf(" uid: %08x\n", uid);
|
||||
printf(" nt: %08x\n", nt);
|
||||
printf(" {nr}: %08x\n", nr_enc);
|
||||
printf(" {ar}: %08x\n", ar_enc);
|
||||
printf(" {at}: %08x\n", at_enc);
|
||||
for (int i = 0; i < encc; i++) {
|
||||
printf("{enc%d}: ", i);
|
||||
for (int i2 = 0; i2 < enclen[i]; i2++) {
|
||||
printf("%02x", enc[i][i2]);
|
||||
}
|
||||
printf("\n");
|
||||
}
|
||||
|
||||
printf("\nLFSR successors of the tag challenge:\n");
|
||||
printf(" nt' : %08x\n",prng_successor(nt, 64));
|
||||
printf(" nt'': %08x\n",prng_successor(nt, 96));
|
||||
|
||||
/*
|
||||
uint32_t uid = 0x9c599b32;
|
||||
uint32_t tag_challenge = 0x82a4166c;
|
||||
uint32_t nr_enc = 0xa1e458ce;
|
||||
uint32_t reader_response = 0x6eea41e0;
|
||||
uint32_t tag_response = 0x5cadf439;
|
||||
*/
|
||||
// Generate lfsr succesors of the tag challenge
|
||||
printf("\nLFSR succesors of the tag challenge:\n");
|
||||
printf(" nt': %08x\n",prng_successor(nt, 64));
|
||||
printf(" nt'': %08x\n",prng_successor(nt, 96));
|
||||
// Extract the keystream from the messages
|
||||
ks2 = ar_enc ^ prng_successor(nt, 64);
|
||||
ks3 = at_enc ^ prng_successor(nt, 96);
|
||||
|
||||
uint64_t start_time = msclock();
|
||||
revstate = lfsr_recovery64(ks2, ks3);
|
||||
uint64_t time_spent = msclock() - start_time;
|
||||
printf("Time spent in lfsr_recovery64(): %1.2f seconds\n", (float)time_spent/1000.0);
|
||||
printf("\nKeystream used to generate {ar} and {at}:\n");
|
||||
printf(" ks2: %08x\n",ks2);
|
||||
printf(" ks3: %08x\n",ks3);
|
||||
|
||||
// Extract the keystream from the messages
|
||||
printf("\nKeystream used to generate {ar} and {at}:\n");
|
||||
ks2 = ar_enc ^ prng_successor(nt, 64);
|
||||
ks3 = at_enc ^ prng_successor(nt, 96);
|
||||
printf(" ks2: %08x\n",ks2);
|
||||
printf(" ks3: %08x\n",ks3);
|
||||
// Decrypting communication using keystream if presented
|
||||
if (argc > 6 ) {
|
||||
printf("\nDecrypted communication:\n");
|
||||
uint8_t ks4;
|
||||
int rollb = 0;
|
||||
for (int i = 0; i < encc; i++) {
|
||||
printf("{dec%d}: ", i);
|
||||
for (int i2 = 0; i2 < enclen[i]; i2++) {
|
||||
ks4 = crypto1_byte(revstate, 0, 0);
|
||||
printf("%02x", ks4 ^ enc[i][i2]);
|
||||
rollb += 1;
|
||||
}
|
||||
printf("\n");
|
||||
}
|
||||
for (int i = 0; i < rollb; i++) {
|
||||
lfsr_rollback_byte(revstate, 0, 0);
|
||||
}
|
||||
}
|
||||
|
||||
revstate = lfsr_recovery64(ks2, ks3);
|
||||
lfsr_rollback_word(revstate, 0, 0);
|
||||
lfsr_rollback_word(revstate, 0, 0);
|
||||
lfsr_rollback_word(revstate, nr_enc, 1);
|
||||
lfsr_rollback_word(revstate, uid ^ nt, 0);
|
||||
crypto1_get_lfsr(revstate, &key);
|
||||
crypto1_destroy(revstate);
|
||||
|
||||
// Decrypting communication using keystream if presented
|
||||
if (argc > 6 ) {
|
||||
printf("\nDecrypted communication:\n");
|
||||
uint8_t ks4;
|
||||
int rollb = 0;
|
||||
for (int i = 0; i < encc; i++) {
|
||||
printf("{dec%d}: ", i);
|
||||
for (int i2 = 0; i2 < enclen[i]; i2++) {
|
||||
ks4 = crypto1_byte(revstate, 0, 0);
|
||||
printf("%02x", ks4 ^ enc[i][i2]);
|
||||
rollb += 1;
|
||||
}
|
||||
printf("\n");
|
||||
}
|
||||
for (int i = 0; i < rollb; i++) {
|
||||
lfsr_rollback_byte(revstate, 0, 0);
|
||||
}
|
||||
}
|
||||
|
||||
lfsr_rollback_word(revstate, 0, 0);
|
||||
lfsr_rollback_word(revstate, 0, 0);
|
||||
lfsr_rollback_word(revstate, nr_enc, 1);
|
||||
lfsr_rollback_word(revstate, uid ^ nt, 0);
|
||||
crypto1_get_lfsr(revstate, &key);
|
||||
printf("\nFound Key: [%012" PRIx64"]\n\n",key);
|
||||
crypto1_destroy(revstate);
|
||||
|
||||
return 0;
|
||||
printf("\nFound Key: [%012" PRIx64"]\n\n",key);
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue