SendCommand(&c);\r
\r
UsbCommand resp;\r
- if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {\r
+ if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {\r
uint8_t isOK = resp.arg[0] & 0xff;\r
uint8_t *data = resp.d.asBytes;\r
\r
PrintAndLog("|-----------------------------------------|");\r
PrintAndLog("|------ Reading sector access bits...-----|");\r
PrintAndLog("|-----------------------------------------|");\r
- \r
+ uint8_t tries = 0;\r
for (sectorNo = 0; sectorNo < numSectors; sectorNo++) {\r
+ for (tries = 0; tries < 3; tries++) { \r
UsbCommand c = {CMD_MIFARE_READBL, {FirstBlockOfSector(sectorNo) + NumBlocksPerSector(sectorNo) - 1, 0, 0}};\r
memcpy(c.d.asBytes, keyA[sectorNo], 6);\r
clearCommandBuffer();\r
rights[sectorNo][1] = ((data[7] & 0x20)>>3) | ((data[8] & 0x2)<<0) | ((data[8] & 0x20)>>5); // C1C2C3 for data area 1\r
rights[sectorNo][2] = ((data[7] & 0x40)>>4) | ((data[8] & 0x4)>>1) | ((data[8] & 0x40)>>6); // C1C2C3 for data area 2\r
rights[sectorNo][3] = ((data[7] & 0x80)>>5) | ((data[8] & 0x8)>>2) | ((data[8] & 0x80)>>7); // C1C2C3 for sector trailer\r
- } else {\r
+ break;\r
+ } else if (tries == 2) { // on last try set defaults\r
PrintAndLog("Could not get access rights for sector %2d. Trying with defaults...", sectorNo);\r
rights[sectorNo][0] = rights[sectorNo][1] = rights[sectorNo][2] = 0x00;\r
rights[sectorNo][3] = 0x01;\r
rights[sectorNo][3] = 0x01;\r
}\r
}\r
+ }\r
\r
PrintAndLog("|-----------------------------------------|");\r
PrintAndLog("|----- Dumping all blocks to file... -----|");\r
for (sectorNo = 0; isOK && sectorNo < numSectors; sectorNo++) {\r
for (blockNo = 0; isOK && blockNo < NumBlocksPerSector(sectorNo); blockNo++) {\r
bool received = false;\r
- \r
+ for (tries = 0; tries < 3; tries++) { \r
if (blockNo == NumBlocksPerSector(sectorNo) - 1) { // sector trailer. At least the Access Conditions can always be read with key A. \r
UsbCommand c = {CMD_MIFARE_READBL, {FirstBlockOfSector(sectorNo) + blockNo, 0, 0}};\r
memcpy(c.d.asBytes, keyA[sectorNo], 6);\r
} else if (rights[sectorNo][data_area] == 0x07) { // no key would work\r
isOK = false;\r
PrintAndLog("Access rights do not allow reading of sector %2d block %3d", sectorNo, blockNo);\r
+ tries = 2;\r
} else { // key A would work\r
UsbCommand c = {CMD_MIFARE_READBL, {FirstBlockOfSector(sectorNo) + blockNo, 0, 0}};\r
memcpy(c.d.asBytes, keyA[sectorNo], 6);\r
clearCommandBuffer();\r
SendCommand(&c);\r
received = WaitForResponseTimeout(CMD_ACK,&resp,1500);\r
+ }\r
+ }\r
+ if (received) {\r
+ isOK = resp.arg[0] & 0xff;\r
+ if (isOK) break;\r
}\r
}\r
\r
uint16_t numblocks = FirstBlockOfSector(numSectors - 1) + NumBlocksPerSector(numSectors - 1);\r
fwrite(carddata, 1, 16*numblocks, fout);\r
fclose(fout);\r
- fout = NULL; \r
PrintAndLog("Dumped %d blocks (%d bytes) to file dumpdata.bin", numblocks, 16*numblocks);\r
}\r
\r
\r
int CmdHF14AMfNested(const char *Cmd) {\r
int i, j, res, iterations;\r
- sector *e_sector = NULL;\r
+ sector_t *e_sector = NULL;\r
uint8_t blockNo = 0;\r
uint8_t keyType = 0;\r
uint8_t trgBlockNo = 0;\r
time_t start, end;\r
time(&start);\r
\r
- e_sector = calloc(SectorsCnt, sizeof(sector));\r
+ e_sector = calloc(SectorsCnt, sizeof(sector_t));\r
if (e_sector == NULL) return 1;\r
\r
//test current key and additional standard keys first\r
uint8_t *keyBlock = NULL, *p;\r
uint8_t stKeyBlock = 20;\r
\r
- sector *e_sector = NULL;\r
+ sector_t *e_sector = NULL;\r
\r
int i, res;\r
int keycnt = 0;\r
}\r
\r
// initialize storage for found keys\r
- e_sector = calloc(SectorsCnt, sizeof(sector));\r
+ e_sector = calloc(SectorsCnt, sizeof(sector_t));\r
if (e_sector == NULL) {\r
free(keyBlock);\r
return 1;\r
return 0;\r
}\r
\r
-sector *k_sector = NULL;\r
+sector_t *k_sector = NULL;\r
uint8_t k_sectorsCount = 16;\r
static void emptySectorTable(){\r
\r
// initialize storage for found keys\r
if (k_sector == NULL)\r
- k_sector = calloc(k_sectorsCount, sizeof(sector));\r
+ k_sector = calloc(k_sectorsCount, sizeof(sector_t));\r
if (k_sector == NULL) \r
return;\r
\r
return 0; \r
}\r
\r
-void printKeyTable( uint8_t sectorscnt, sector *e_sector ){\r
+void printKeyTable( uint8_t sectorscnt, sector_t *e_sector ){\r
PrintAndLog("|---|----------------|---|----------------|---|");\r
PrintAndLog("|sec|key A |res|key B |res|");\r
PrintAndLog("|---|----------------|---|----------------|---|");\r
return tryDecryptWord( nt, ar_enc, at_enc, data, len);\r
}\r
\r
+int CmdHf14AMfSetMod(const char *Cmd) {\r
+ uint8_t key[6] = {0, 0, 0, 0, 0, 0};\r
+ uint8_t mod = 2;\r
+\r
+ char ctmp = param_getchar(Cmd, 0);\r
+ if (ctmp == '0') {\r
+ mod = 0;\r
+ } else if (ctmp == '1') {\r
+ mod = 1;\r
+ }\r
+ int gethexfail = param_gethex(Cmd, 1, key, 12);\r
+ if (mod == 2 || gethexfail) {\r
+ PrintAndLog("Sets the load modulation strength of a MIFARE Classic EV1 card.");\r
+ PrintAndLog("Usage: hf mf setmod <0/1> <block 0 key A>");\r
+ PrintAndLog(" 0 = normal modulation");\r
+ PrintAndLog(" 1 = strong modulation (default)");\r
+ return 1;\r
+ }\r
+\r
+ UsbCommand c = {CMD_MIFARE_SETMOD, {mod, 0, 0}};\r
+ memcpy(c.d.asBytes, key, 6);\r
+ clearCommandBuffer();\r
+ SendCommand(&c);\r
+\r
+ UsbCommand resp;\r
+ if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {\r
+ uint8_t ok = resp.arg[0] & 0xff;\r
+ PrintAndLog("isOk:%02x", ok);\r
+ if (!ok) {\r
+ PrintAndLog("Failed.");\r
+ }\r
+ } else {\r
+ PrintAndLog("Command execute timeout");\r
+ }\r
+ return 0;\r
+}\r
+\r
static command_t CommandTable[] = {\r
{"help", CmdHelp, 1, "This help"},\r
{"dbg", CmdHF14AMfDbg, 0, "Set default debug mode"},\r
{"cload", CmdHF14AMfCLoad, 0, "Load dump into magic Chinese card"},\r
{"csave", CmdHF14AMfCSave, 0, "Save dump from magic Chinese card into file or emulator"},\r
{"decrypt", CmdHf14MfDecryptBytes, 1, "[nt] [ar_enc] [at_enc] [data] - to decrypt snoop or trace"},\r
+ {"setmod", CmdHf14AMfSetMod, 0, "Set MIFARE Classic EV1 load modulation strength"},\r
{NULL, NULL, 0, NULL}\r
};\r
\r