}\r
if (isOK) {\r
fwrite ( data, 1, 16, fout );\r
+ PrintAndLog("Dumped card data into 'dumpkeys.bin'");\r
+\r
}\r
else {\r
PrintAndLog("Could not get access rights for block %d", i);\r
\r
fclose(fin);\r
fclose(fout);\r
- \r
return 0;\r
}\r
\r
uint8_t blDiff = 0;\r
int SectorsCnt = 0;\r
uint8_t key[6] = {0, 0, 0, 0, 0, 0};\r
- uint8_t keyBlock[16 * 6];\r
+ uint8_t keyBlock[6*6];\r
uint64_t key64 = 0;\r
int transferToEml = 0;\r
\r
PrintAndLog("--target block no:%02x target key type:%02x ", trgBlockNo, trgKeyType);\r
\r
if (cmdp == 'o') {\r
- if (mfnested(blockNo, keyType, key, trgBlockNo, trgKeyType, keyBlock)) {\r
+ if (mfnested(blockNo, keyType, key, trgBlockNo, trgKeyType, keyBlock, true)) {\r
PrintAndLog("Nested error.");\r
return 2;\r
}\r
-\r
- for (i = 0; i < 16; i++) {\r
- PrintAndLog("count=%d key= %s", i, sprint_hex(keyBlock + i * 6, 6));\r
- }\r
- \r
- // test keys\r
- res = mfCheckKeys(trgBlockNo, trgKeyType, 8, keyBlock, &key64);\r
- if (res)\r
- res = mfCheckKeys(trgBlockNo, trgKeyType, 8, &keyBlock[6 * 8], &key64);\r
- if (!res) {\r
+ key64 = bytes_to_num(keyBlock, 6);\r
+ if (key64) {\r
PrintAndLog("Found valid key:%012"llx, key64);\r
\r
// transfer key to the emulator\r
}\r
}\r
else { // ------------------------------------ multiple sectors working\r
+ clock_t time1;\r
+ time1 = clock();\r
+\r
blDiff = blockNo % 4;\r
PrintAndLog("Block shift=%d", blDiff);\r
e_sector = calloc(SectorsCnt, sizeof(sector));\r
\r
//test current key 4 sectors\r
memcpy(keyBlock, key, 6);\r
- num_to_bytes(0xa0a1a2a3a4a5, 6, (uint8_t*)(keyBlock + 1 * 6));\r
- num_to_bytes(0xb0b1b2b3b4b5, 6, (uint8_t*)(keyBlock + 2 * 6));\r
- num_to_bytes(0xffffffffffff, 6, (uint8_t*)(keyBlock + 3 * 6));\r
- num_to_bytes(0x000000000000, 6, (uint8_t*)(keyBlock + 4 * 6));\r
+ num_to_bytes(0xffffffffffff, 6, (uint8_t*)(keyBlock + 1 * 6));\r
+ num_to_bytes(0x000000000000, 6, (uint8_t*)(keyBlock + 2 * 6));\r
+ num_to_bytes(0xa0a1a2a3a4a5, 6, (uint8_t*)(keyBlock + 3 * 6));\r
+ num_to_bytes(0xb0b1b2b3b4b5, 6, (uint8_t*)(keyBlock + 4 * 6));\r
num_to_bytes(0xaabbccddeeff, 6, (uint8_t*)(keyBlock + 5 * 6));\r
\r
PrintAndLog("Testing known keys. Sector count=%d", SectorsCnt);\r
e_sector[i].foundKey[j] = 1;\r
}\r
}\r
- } \r
+ }\r
+ \r
\r
// nested sectors\r
iterations = 0;\r
PrintAndLog("nested...");\r
+ bool calibrate = true;\r
for (i = 0; i < NESTED_SECTOR_RETRY; i++) {\r
- for (trgBlockNo = blDiff; trgBlockNo < SectorsCnt * 4; trgBlockNo = trgBlockNo + 4) \r
+ for (trgBlockNo = blDiff; trgBlockNo < SectorsCnt * 4; trgBlockNo = trgBlockNo + 4) {\r
for (trgKeyType = 0; trgKeyType < 2; trgKeyType++) { \r
if (e_sector[trgBlockNo / 4].foundKey[trgKeyType]) continue;\r
- if (mfnested(blockNo, keyType, key, trgBlockNo, trgKeyType, keyBlock)) continue;\r
+ PrintAndLog("-----------------------------------------------");\r
+ if(mfnested(blockNo, keyType, key, trgBlockNo, trgKeyType, keyBlock, calibrate)) {\r
+ PrintAndLog("Nested error.\n");\r
+ return 2;\r
+ }\r
+ else {\r
+ calibrate = false;\r
+ }\r
\r
iterations++;\r
- \r
- //try keys from nested\r
- res = mfCheckKeys(trgBlockNo, trgKeyType, 8, keyBlock, &key64);\r
- if (res)\r
- res = mfCheckKeys(trgBlockNo, trgKeyType, 8, &keyBlock[6 * 8], &key64);\r
- if (!res) {\r
+\r
+ key64 = bytes_to_num(keyBlock, 6);\r
+ if (key64) {\r
PrintAndLog("Found valid key:%012"llx, key64);\r
e_sector[trgBlockNo / 4].foundKey[trgKeyType] = 1;\r
e_sector[trgBlockNo / 4].Key[trgKeyType] = key64;\r
}\r
}\r
+ }\r
}\r
\r
- PrintAndLog("Iterations count: %d", iterations);\r
+ printf("Time in nested: %1.3f (%1.3f sec per key)\n\n", ((float)clock() - time1)/1000.0, ((float)clock() - time1)/iterations/1000.0);\r
+ \r
+ PrintAndLog("-----------------------------------------------\nIterations count: %d\n\n", iterations);\r
//print them\r
PrintAndLog("|---|----------------|---|----------------|---|");\r
PrintAndLog("|sec|key A |res|key B |res|");\r
while( !feof(f) ){\r
memset(buf, 0, sizeof(buf));\r
if (fgets(buf, sizeof(buf), f) == NULL) {\r
- PrintAndLog("File reading error.");\r
- return 2;\r
- }\r
+ PrintAndLog("File reading error.");\r
+ return 2;\r
+ }\r
\r
if (strlen(buf) < 12 || buf[11] == '\n')\r
continue;\r
\r
while (fgetc(f) != '\n' && !feof(f)) ; //goto next line\r
\r
- if( buf[0]=='#' ) continue; //The line start with # is remcommnet,skip\r
+ if( buf[0]=='#' ) continue; //The line start with # is comment, skip\r
\r
if (!isxdigit(buf[0])){\r
PrintAndLog("File content error. '%s' must include 12 HEX symbols",buf);\r
int b=blockNo;\r
for (int i=0; i<SectorsCnt; ++i) {\r
PrintAndLog("--SectorsCnt:%d block no:0x%02x key type:%C key count:%d ", i, b, t?'B':'A', keycnt);\r
- int size = keycnt>8?8:keycnt;\r
- for (int c = 0; c < keycnt; c+=size) {\r
- size=keycnt-c>8?8:keycnt-c; \r
- res = mfCheckKeys(b, t, size, keyBlock +6*c, &key64);\r
+ uint32_t max_keys = keycnt>USB_CMD_DATA_SIZE/6?USB_CMD_DATA_SIZE/6:keycnt;\r
+ for (uint32_t c = 0; c < keycnt; c+=max_keys) {\r
+ uint32_t size = keycnt-c>max_keys?max_keys:keycnt-c;\r
+ res = mfCheckKeys(b, t, size, &keyBlock[6*c], &key64);\r
if (res !=1) {\r
if (!res) {\r
PrintAndLog("Found valid key:[%012"llx"]",key64);\r
num_to_bytes(key64, 6, block + t*10);\r
mfEmlSetMem(block, get_trailer_block(b), 1);\r
}\r
- break;\r
- }\r
- else {\r
- printf("Not found yet, keycnt:%d\r", c+size);\r
- fflush(stdout);\r
}\r
} else {\r
PrintAndLog("Command execute timeout");\r