[proxmark3-svn] / tools / mfkey / mfkey32.c

#include <inttypes.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include "crapto1/crapto1.h"
#include "mfkey.h"
#include "util_posix.h"


// 32 bit recover key from 2 nonces
int main (int argc, char *argv[]) {

  nonces_t data;
  uint32_t ks2;     // keystream used to encrypt reader response
  uint64_t key;     // recovered key

  printf("MIFARE Classic key recovery - based on 32 bits of keystream\n");
  printf("Recover key from two 32-bit reader authentication answers only!\n\n");

  if (argc != 7 && argc != 8) {
    printf(" syntax: %s <uid> <nt0> <{nr_0}> <{ar_0}> [<nt1>] <{nr_1}> <{ar_1}>\n", argv[0]);
	printf("         (you may omit nt1 if it is equal to nt0)\n\n");
    return 1;
  }

  bool moebius_attack = (argc == 8);
  
  sscanf(argv[1],"%x",&data.cuid);
  sscanf(argv[2],"%x",&data.nonce);
  data.nonce2 = data.nonce;
  sscanf(argv[3],"%x",&data.nr);
  sscanf(argv[4],"%x",&data.ar);
  if (moebius_attack) {
	  sscanf(argv[5],"%x",&data.nonce2);
	  sscanf(argv[6],"%x",&data.nr2);
	  sscanf(argv[7],"%x",&data.ar2);
  } else {
	  sscanf(argv[5],"%x",&data.nr2);
	  sscanf(argv[6],"%x",&data.ar2);
  }	  

  printf("Recovering key for:\n");
  printf("    uid: %08x\n",data.cuid);
  printf("    nt0: %08x\n",data.nonce);
  printf(" {nr_0}: %08x\n",data.nr);
  printf(" {ar_0}: %08x\n",data.ar);
  printf("    nt1: %08x\n",data.nonce2);
  printf(" {nr_1}: %08x\n",data.nr2);
  printf(" {ar_1}: %08x\n",data.ar2);

  uint64_t start_time = msclock();
  
	// Generate lfsr succesors of the tag challenge
  printf("\nLFSR succesors of the tag challenge:\n");
  printf("  nt': %08x\n",prng_successor(data.nonce, 64));
  printf(" nt'': %08x\n",prng_successor(data.nonce, 96));

  // Extract the keystream from the messages
  printf("\nKeystream used to generate {ar} and {at}:\n");
  ks2 = data.ar ^ prng_successor(data.nonce, 64);
  printf("  ks2: %08x\n",ks2);

	bool success;
	if (moebius_attack) {
		success = mfkey32_moebius(data, &key);
	} else {
		success = mfkey32(data, &key);
	}
	
	if (success) {
		printf("Recovered key: %012" PRIx64 "\n", key);
	} else {
		printf("Couldn't recover key.\n");
	}

	printf("Time spent: %1.2f seconds\n", (float)(msclock() - start_time)/1000.0);
}
Commit	Line	Data
cda056bb	1	#include <inttypes.h>
4cb4b588	2	#include <stdbool.h>
cda056bb	3	#include <stdio.h>
cda056bb	4	#include <stdlib.h>
4cb4b588	5	#include "crapto1/crapto1.h"
4cb4b588	6	#include "mfkey.h"
ec9c7112	7	#include "util_posix.h"
ec9c7112	8
cda056bb	9
4cb4b588	10	// 32 bit recover key from 2 nonces
cda056bb	11	int main (int argc, char *argv[]) {
4cb4b588	12
4cb4b588	13	nonces_t data;
cda056bb	14	uint32_t ks2; // keystream used to encrypt reader response
4cb4b588	15	uint64_t key; // recovered key
cda056bb	16
4cb4b588	17	printf("MIFARE Classic key recovery - based on 32 bits of keystream\n");
cda056bb	18	printf("Recover key from two 32-bit reader authentication answers only!\n\n");
cda056bb	19
4cb4b588	20	if (argc != 7 && argc != 8) {
	21	printf(" syntax: %s <uid> <nt0> <{nr_0}> <{ar_0}> [<nt1>] <{nr_1}> <{ar_1}>\n", argv[0]);
	22	printf(" (you may omit nt1 if it is equal to nt0)\n\n");
cda056bb	23	return 1;
	24	}
	25
4cb4b588	26	bool moebius_attack = (argc == 8);
	27
	28	sscanf(argv[1],"%x",&data.cuid);
	29	sscanf(argv[2],"%x",&data.nonce);
	30	data.nonce2 = data.nonce;
	31	sscanf(argv[3],"%x",&data.nr);
	32	sscanf(argv[4],"%x",&data.ar);
	33	if (moebius_attack) {
	34	sscanf(argv[5],"%x",&data.nonce2);
	35	sscanf(argv[6],"%x",&data.nr2);
	36	sscanf(argv[7],"%x",&data.ar2);
	37	} else {
	38	sscanf(argv[5],"%x",&data.nr2);
	39	sscanf(argv[6],"%x",&data.ar2);
	40	}
cda056bb	41
cda056bb	42	printf("Recovering key for:\n");
4cb4b588	43	printf(" uid: %08x\n",data.cuid);
	44	printf(" nt0: %08x\n",data.nonce);
	45	printf(" {nr_0}: %08x\n",data.nr);
	46	printf(" {ar_0}: %08x\n",data.ar);
	47	printf(" nt1: %08x\n",data.nonce2);
	48	printf(" {nr_1}: %08x\n",data.nr2);
	49	printf(" {ar_1}: %08x\n",data.ar2);
cda056bb	50
4cb4b588	51	uint64_t start_time = msclock();
4cb4b588	52
cda056bb	53	// Generate lfsr succesors of the tag challenge
cda056bb	54	printf("\nLFSR succesors of the tag challenge:\n");
4cb4b588	55	printf(" nt': %08x\n",prng_successor(data.nonce, 64));
4cb4b588	56	printf(" nt'': %08x\n",prng_successor(data.nonce, 96));
cda056bb	57
	58	// Extract the keystream from the messages
	59	printf("\nKeystream used to generate {ar} and {at}:\n");
4cb4b588	60	ks2 = data.ar ^ prng_successor(data.nonce, 64);
cda056bb	61	printf(" ks2: %08x\n",ks2);
cda056bb	62
4cb4b588	63	bool success;
	64	if (moebius_attack) {
	65	success = mfkey32_moebius(data, &key);
	66	} else {
	67	success = mfkey32(data, &key);
	68	}
	69
	70	if (success) {
	71	printf("Recovered key: %012" PRIx64 "\n", key);
	72	} else {
	73	printf("Couldn't recover key.\n");
cda056bb	74	}
cda056bb	75
4cb4b588	76	printf("Time spent: %1.2f seconds\n", (float)(msclock() - start_time)/1000.0);
cda056bb	77	}