projects
/
proxmark3-svn
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
chg: added some more outputs to the reveng-crc script e.lua ... now shows -b ...
[proxmark3-svn]
/
client
/
mifarehost.c
diff --git
a/client/mifarehost.c
b/client/mifarehost.c
index 35499b83677e18129e2278221ed865edbc52f32a..d754b06b4a1a01dd589c6523bc354fdd0c99566d 100644
(file)
--- a/
client/mifarehost.c
+++ b/
client/mifarehost.c
@@
-15,6
+15,8
@@
#include "mifarehost.h"
\r
#include "proxmark3.h"
\r
\r
#include "mifarehost.h"
\r
#include "proxmark3.h"
\r
\r
+#define llx PRIx64
\r
+
\r
// MIFARE
\r
int compar_int(const void * a, const void * b) {
\r
// didn't work: (the result is truncated to 32 bits)
\r
// MIFARE
\r
int compar_int(const void * a, const void * b) {
\r
// didn't work: (the result is truncated to 32 bits)
\r
@@
-72,7
+74,6
@@
int mfnested(uint8_t blockNo, uint8_t keyType, uint8_t * key, uint8_t trgBlockNo
uint16_t i, len;
\r
uint32_t uid;
\r
UsbCommand resp;
\r
uint16_t i, len;
\r
uint32_t uid;
\r
UsbCommand resp;
\r
-
\r
StateList_t statelists[2];
\r
struct Crypto1State *p1, *p2, *p3, *p4;
\r
\r
StateList_t statelists[2];
\r
struct Crypto1State *p1, *p2, *p3, *p4;
\r
\r
@@
-216,7
+217,7
@@
int mfEmlGetMem(uint8_t *data, int blockNum, int blocksCount) {
UsbCommand c = {CMD_MIFARE_EML_MEMGET, {blockNum, blocksCount, 0}};
\r
SendCommand(&c);
\r
\r
UsbCommand c = {CMD_MIFARE_EML_MEMGET, {blockNum, blocksCount, 0}};
\r
SendCommand(&c);
\r
\r
- UsbCommand resp;
\r
+
UsbCommand resp;
\r
if (!WaitForResponseTimeout(CMD_ACK,&resp,1500)) return 1;
\r
memcpy(data, resp.d.asBytes, blocksCount * 16);
\r
return 0;
\r
if (!WaitForResponseTimeout(CMD_ACK,&resp,1500)) return 1;
\r
memcpy(data, resp.d.asBytes, blocksCount * 16);
\r
return 0;
\r
@@
-266,7
+267,7
@@
int mfCSetBlock(uint8_t blockNo, uint8_t *data, uint8_t *uid, bool wantWipe, uin
memcpy(c.d.asBytes, data, 16);
\r
SendCommand(&c);
\r
\r
memcpy(c.d.asBytes, data, 16);
\r
SendCommand(&c);
\r
\r
- UsbCommand resp;
\r
+
UsbCommand resp;
\r
if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
\r
isOK = resp.arg[0] & 0xff;
\r
if (uid != NULL)
\r
if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
\r
isOK = resp.arg[0] & 0xff;
\r
if (uid != NULL)
\r
@@
-313,16
+314,17
@@
static uint8_t traceCurKey = 0;
\r
struct Crypto1State *traceCrypto1 = NULL;
\r
\r
\r
struct Crypto1State *traceCrypto1 = NULL;
\r
\r
-struct Crypto1State *revstate;
\r
-uint64_t lfsr;
\r
-uint32_t ks2;
\r
-uint32_t ks3;
\r
+struct Crypto1State *revstate = NULL;
\r
\r
\r
-uint32_t uid; // serial number
\r
-uint32_t nt; // tag challenge
\r
-uint32_t nr_enc; // encrypted reader challenge
\r
-uint32_t ar_enc; // encrypted reader response
\r
-uint32_t at_enc; // encrypted tag response
\r
+uint64_t key = 0;
\r
+uint32_t ks2 = 0;
\r
+uint32_t ks3 = 0;
\r
+
\r
+uint32_t uid = 0; // serial number
\r
+uint32_t nt =0; // tag challenge
\r
+uint32_t nr_enc =0; // encrypted reader challenge
\r
+uint32_t ar_enc =0; // encrypted reader response
\r
+uint32_t at_enc =0; // encrypted tag response
\r
\r
int isTraceCardEmpty(void) {
\r
return ((traceCard[0] == 0) && (traceCard[1] == 0) && (traceCard[2] == 0) && (traceCard[3] == 0));
\r
\r
int isTraceCardEmpty(void) {
\r
return ((traceCard[0] == 0) && (traceCard[1] == 0) && (traceCard[2] == 0) && (traceCard[3] == 0));
\r
@@
-354,10
+356,7
@@
int loadTraceCard(uint8_t *tuid) {
FillFileNameByUID(traceFileName, tuid, ".eml", 7);
\r
\r
f = fopen(traceFileName, "r");
\r
FillFileNameByUID(traceFileName, tuid, ".eml", 7);
\r
\r
f = fopen(traceFileName, "r");
\r
- if (!f) {
\r
- fclose(f);
\r
- return 1;
\r
- }
\r
+ if (!f) return 1;
\r
\r
blockNum = 0;
\r
\r
\r
blockNum = 0;
\r
\r
@@
-368,7
+367,7
@@
int loadTraceCard(uint8_t *tuid) {
PrintAndLog("File reading error.");
\r
fclose(f);
\r
return 2;
\r
PrintAndLog("File reading error.");
\r
fclose(f);
\r
return 2;
\r
- }
\r
+
}
\r
\r
if (strlen(buf) < 32){
\r
if (feof(f)) break;
\r
\r
if (strlen(buf) < 32){
\r
if (feof(f)) break;
\r
@@
-394,10
+393,7
@@
int saveTraceCard(void) {
if ((!strlen(traceFileName)) || (isTraceCardEmpty())) return 0;
\r
\r
f = fopen(traceFileName, "w+");
\r
if ((!strlen(traceFileName)) || (isTraceCardEmpty())) return 0;
\r
\r
f = fopen(traceFileName, "w+");
\r
- if ( !f ) {
\r
- fclose(f);
\r
- return 1;
\r
- }
\r
+ if ( !f ) return 1;
\r
\r
for (int i = 0; i < 64; i++) { // blocks
\r
for (int j = 0; j < 16; j++) // bytes
\r
\r
for (int i = 0; i < 64; i++) { // blocks
\r
for (int j = 0; j < 16; j++) // bytes
\r
@@
-474,7
+470,7
@@
int mfTraceDecode(uint8_t *data_src, int len, bool wantSaveToEmlFile) {
}
\r
\r
// AUTHENTICATION
\r
}
\r
\r
// AUTHENTICATION
\r
- if ((len ==4) && ((data[0] == 0x60) || (data[0] == 0x61))) {
\r
+ if ((len ==
4) && ((data[0] == 0x60) || (data[0] == 0x61))) {
\r
traceState = TRACE_AUTH1;
\r
traceCurBlock = data[1];
\r
traceCurKey = data[0] == 60 ? 1:0;
\r
traceState = TRACE_AUTH1;
\r
traceCurBlock = data[1];
\r
traceCurKey = data[0] == 60 ? 1:0;
\r
@@
-584,17
+580,17
@@
int mfTraceDecode(uint8_t *data_src, int len, bool wantSaveToEmlFile) {
lfsr_rollback_word(revstate, nr_enc, 1);
\r
lfsr_rollback_word(revstate, uid ^ nt, 0);
\r
\r
lfsr_rollback_word(revstate, nr_enc, 1);
\r
lfsr_rollback_word(revstate, uid ^ nt, 0);
\r
\r
- crypto1_get_lfsr(revstate, &
lfsr
);
\r
- printf("
key> %x%x\n", (unsigned int)((lfsr & 0xFFFFFFFF00000000) >> 32), (unsigned int)(lfsr & 0xFFFFFFFF)
);
\r
- AddLogUint64(logHexFileName, "key
> ", lfsr
);
\r
+ crypto1_get_lfsr(revstate, &
key
);
\r
+ printf("
Key: %012"llx"\n",key
);
\r
+ AddLogUint64(logHexFileName, "key
: ", key
);
\r
\r
int blockShift = ((traceCurBlock & 0xFC) + 3) * 16;
\r
if (isBlockEmpty((traceCurBlock & 0xFC) + 3)) memcpy(traceCard + blockShift + 6, trailerAccessBytes, 4);
\r
\r
if (traceCurKey) {
\r
\r
int blockShift = ((traceCurBlock & 0xFC) + 3) * 16;
\r
if (isBlockEmpty((traceCurBlock & 0xFC) + 3)) memcpy(traceCard + blockShift + 6, trailerAccessBytes, 4);
\r
\r
if (traceCurKey) {
\r
- num_to_bytes(
lfsr
, 6, traceCard + blockShift + 10);
\r
+ num_to_bytes(
key
, 6, traceCard + blockShift + 10);
\r
} else {
\r
} else {
\r
- num_to_bytes(
lfsr
, 6, traceCard + blockShift);
\r
+ num_to_bytes(
key
, 6, traceCard + blockShift);
\r
}
\r
if (wantSaveToEmlFile) saveTraceCard();
\r
\r
}
\r
if (wantSaveToEmlFile) saveTraceCard();
\r
\r
@@
-607,7
+603,7
@@
int mfTraceDecode(uint8_t *data_src, int len, bool wantSaveToEmlFile) {
\r
// nt = crypto1_word(traceCrypto1, nt ^ uid, 1) ^ nt;
\r
\r
\r
// nt = crypto1_word(traceCrypto1, nt ^ uid, 1) ^ nt;
\r
\r
- /* traceCrypto1 = crypto1_create(
lfsr
); // key in lfsr
\r
+ /* traceCrypto1 = crypto1_create(
key
); // key in lfsr
\r
crypto1_word(traceCrypto1, nt ^ uid, 0);
\r
crypto1_word(traceCrypto1, ar, 1);
\r
crypto1_word(traceCrypto1, 0, 0);
\r
crypto1_word(traceCrypto1, nt ^ uid, 0);
\r
crypto1_word(traceCrypto1, ar, 1);
\r
crypto1_word(traceCrypto1, 0, 0);
\r
Impressum
,
Datenschutz