projects
/
proxmark3-svn
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
FIX: hf mfu dump, now reads correct memory from device-side.
[proxmark3-svn]
/
client
/
mifarehost.c
diff --git
a/client/mifarehost.c
b/client/mifarehost.c
index 6716f7eb6077f0488a5a4274fed4954c52e804b6..d754b06b4a1a01dd589c6523bc354fdd0c99566d 100644
(file)
--- a/
client/mifarehost.c
+++ b/
client/mifarehost.c
@@
-15,6
+15,8
@@
#include "mifarehost.h"
\r
#include "proxmark3.h"
\r
\r
#include "mifarehost.h"
\r
#include "proxmark3.h"
\r
\r
+#define llx PRIx64
\r
+
\r
// MIFARE
\r
int compar_int(const void * a, const void * b) {
\r
// didn't work: (the result is truncated to 32 bits)
\r
// MIFARE
\r
int compar_int(const void * a, const void * b) {
\r
// didn't work: (the result is truncated to 32 bits)
\r
@@
-312,16
+314,17
@@
static uint8_t traceCurKey = 0;
\r
struct Crypto1State *traceCrypto1 = NULL;
\r
\r
\r
struct Crypto1State *traceCrypto1 = NULL;
\r
\r
-struct Crypto1State *revstate;
\r
-uint64_t lfsr;
\r
-uint32_t ks2;
\r
-uint32_t ks3;
\r
+struct Crypto1State *revstate = NULL;
\r
+
\r
+uint64_t key = 0;
\r
+uint32_t ks2 = 0;
\r
+uint32_t ks3 = 0;
\r
\r
\r
-uint32_t uid; // serial number
\r
-uint32_t nt; // tag challenge
\r
-uint32_t nr_enc; // encrypted reader challenge
\r
-uint32_t ar_enc; // encrypted reader response
\r
-uint32_t at_enc; // encrypted tag response
\r
+uint32_t uid
= 0
; // serial number
\r
+uint32_t nt
=0
; // tag challenge
\r
+uint32_t nr_enc
=0
; // encrypted reader challenge
\r
+uint32_t ar_enc
=0
; // encrypted reader response
\r
+uint32_t at_enc
=0
; // encrypted tag response
\r
\r
int isTraceCardEmpty(void) {
\r
return ((traceCard[0] == 0) && (traceCard[1] == 0) && (traceCard[2] == 0) && (traceCard[3] == 0));
\r
\r
int isTraceCardEmpty(void) {
\r
return ((traceCard[0] == 0) && (traceCard[1] == 0) && (traceCard[2] == 0) && (traceCard[3] == 0));
\r
@@
-353,10
+356,7
@@
int loadTraceCard(uint8_t *tuid) {
FillFileNameByUID(traceFileName, tuid, ".eml", 7);
\r
\r
f = fopen(traceFileName, "r");
\r
FillFileNameByUID(traceFileName, tuid, ".eml", 7);
\r
\r
f = fopen(traceFileName, "r");
\r
- if (!f) {
\r
- fclose(f);
\r
- return 1;
\r
- }
\r
+ if (!f) return 1;
\r
\r
blockNum = 0;
\r
\r
\r
blockNum = 0;
\r
\r
@@
-364,10
+364,10
@@
int loadTraceCard(uint8_t *tuid) {
\r
memset(buf, 0, sizeof(buf));
\r
if (fgets(buf, sizeof(buf), f) == NULL) {
\r
\r
memset(buf, 0, sizeof(buf));
\r
if (fgets(buf, sizeof(buf), f) == NULL) {
\r
- PrintAndLog("File reading error.");
\r
+
PrintAndLog("File reading error.");
\r
fclose(f);
\r
return 2;
\r
fclose(f);
\r
return 2;
\r
- }
\r
+
}
\r
\r
if (strlen(buf) < 32){
\r
if (feof(f)) break;
\r
\r
if (strlen(buf) < 32){
\r
if (feof(f)) break;
\r
@@
-393,10
+393,7
@@
int saveTraceCard(void) {
if ((!strlen(traceFileName)) || (isTraceCardEmpty())) return 0;
\r
\r
f = fopen(traceFileName, "w+");
\r
if ((!strlen(traceFileName)) || (isTraceCardEmpty())) return 0;
\r
\r
f = fopen(traceFileName, "w+");
\r
- if ( !f ) {
\r
- fclose(f);
\r
- return 1;
\r
- }
\r
+ if ( !f ) return 1;
\r
\r
for (int i = 0; i < 64; i++) { // blocks
\r
for (int j = 0; j < 16; j++) // bytes
\r
\r
for (int i = 0; i < 64; i++) { // blocks
\r
for (int j = 0; j < 16; j++) // bytes
\r
@@
-583,17
+580,17
@@
int mfTraceDecode(uint8_t *data_src, int len, bool wantSaveToEmlFile) {
lfsr_rollback_word(revstate, nr_enc, 1);
\r
lfsr_rollback_word(revstate, uid ^ nt, 0);
\r
\r
lfsr_rollback_word(revstate, nr_enc, 1);
\r
lfsr_rollback_word(revstate, uid ^ nt, 0);
\r
\r
- crypto1_get_lfsr(revstate, &
lfsr
);
\r
- printf("
key> %x%x\n", (unsigned int)((lfsr & 0xFFFFFFFF00000000) >> 32), (unsigned int)(lfsr & 0xFFFFFFFF)
);
\r
- AddLogUint64(logHexFileName, "key
> ", lfsr
);
\r
+ crypto1_get_lfsr(revstate, &
key
);
\r
+ printf("
Key: %012"llx"\n",key
);
\r
+ AddLogUint64(logHexFileName, "key
: ", key
);
\r
\r
int blockShift = ((traceCurBlock & 0xFC) + 3) * 16;
\r
if (isBlockEmpty((traceCurBlock & 0xFC) + 3)) memcpy(traceCard + blockShift + 6, trailerAccessBytes, 4);
\r
\r
if (traceCurKey) {
\r
\r
int blockShift = ((traceCurBlock & 0xFC) + 3) * 16;
\r
if (isBlockEmpty((traceCurBlock & 0xFC) + 3)) memcpy(traceCard + blockShift + 6, trailerAccessBytes, 4);
\r
\r
if (traceCurKey) {
\r
- num_to_bytes(
lfsr
, 6, traceCard + blockShift + 10);
\r
+ num_to_bytes(
key
, 6, traceCard + blockShift + 10);
\r
} else {
\r
} else {
\r
- num_to_bytes(
lfsr
, 6, traceCard + blockShift);
\r
+ num_to_bytes(
key
, 6, traceCard + blockShift);
\r
}
\r
if (wantSaveToEmlFile) saveTraceCard();
\r
\r
}
\r
if (wantSaveToEmlFile) saveTraceCard();
\r
\r
@@
-606,7
+603,7
@@
int mfTraceDecode(uint8_t *data_src, int len, bool wantSaveToEmlFile) {
\r
// nt = crypto1_word(traceCrypto1, nt ^ uid, 1) ^ nt;
\r
\r
\r
// nt = crypto1_word(traceCrypto1, nt ^ uid, 1) ^ nt;
\r
\r
- /* traceCrypto1 = crypto1_create(
lfsr
); // key in lfsr
\r
+ /* traceCrypto1 = crypto1_create(
key
); // key in lfsr
\r
crypto1_word(traceCrypto1, nt ^ uid, 0);
\r
crypto1_word(traceCrypto1, ar, 1);
\r
crypto1_word(traceCrypto1, 0, 0);
\r
crypto1_word(traceCrypto1, nt ^ uid, 0);
\r
crypto1_word(traceCrypto1, ar, 1);
\r
crypto1_word(traceCrypto1, 0, 0);
\r
Impressum
,
Datenschutz