+ PrintAndLog("|---|----------------|---|----------------|---|");\r
+\r
+ // transfer keys to the emulator memory\r
+ if (transferToEml) {\r
+ for (i = 0; i < SectorsCnt; i++) {\r
+ mfEmlGetMem(keyBlock, FirstBlockOfSector(i) + NumBlocksPerSector(i) - 1, 1);\r
+ if (e_sector[i].foundKey[0])\r
+ num_to_bytes(e_sector[i].Key[0], 6, keyBlock);\r
+ if (e_sector[i].foundKey[1])\r
+ num_to_bytes(e_sector[i].Key[1], 6, &keyBlock[10]);\r
+ mfEmlSetMem(keyBlock, FirstBlockOfSector(i) + NumBlocksPerSector(i) - 1, 1);\r
+ }\r
+ PrintAndLog("Keys transferred to emulator memory.");\r
+ }\r
+\r
+ // Create dump file\r
+ if (createDumpFile) {\r
+ if ((fkeys = fopen("dumpkeys.bin","wb")) == NULL) {\r
+ PrintAndLog("Could not create file dumpkeys.bin");\r
+ free(e_sector);\r
+ return 1;\r
+ }\r
+ PrintAndLog("Printing keys to binary file dumpkeys.bin...");\r
+ for(i=0; i<SectorsCnt; i++) {\r
+ if (e_sector[i].foundKey[0]){\r
+ num_to_bytes(e_sector[i].Key[0], 6, tempkey);\r
+ fwrite ( tempkey, 1, 6, fkeys );\r
+ }\r
+ else{\r
+ fwrite ( &standart, 1, 6, fkeys );\r
+ }\r
+ }\r
+ for(i=0; i<SectorsCnt; i++) {\r
+ if (e_sector[i].foundKey[1]){\r
+ num_to_bytes(e_sector[i].Key[1], 6, tempkey);\r
+ fwrite ( tempkey, 1, 6, fkeys );\r
+ }\r
+ else{\r
+ fwrite ( &standart, 1, 6, fkeys );\r
+ }\r
+ }\r
+ fclose(fkeys);\r
+ }\r
+\r
+ free(e_sector);\r
+ }\r
+ return 0;\r
+}\r
+\r
+\r
+int CmdHF14AMfNestedHard(const char *Cmd)\r
+{\r
+ uint8_t blockNo = 0;\r
+ uint8_t keyType = 0;\r
+ uint8_t trgBlockNo = 0;\r
+ uint8_t trgKeyType = 0;\r
+ uint8_t key[6] = {0, 0, 0, 0, 0, 0};\r
+ uint8_t trgkey[6] = {0, 0, 0, 0, 0, 0};\r
+\r
+ char ctmp;\r
+ ctmp = param_getchar(Cmd, 0);\r
+\r
+ if (ctmp != 'R' && ctmp != 'r' && ctmp != 'T' && ctmp != 't' && strlen(Cmd) < 20) {\r
+ PrintAndLog("Usage:");\r
+ PrintAndLog(" hf mf hardnested <block number> <key A|B> <key (12 hex symbols)>");\r
+ PrintAndLog(" <target block number> <target key A|B> [known target key (12 hex symbols)] [w] [s]");\r
+ PrintAndLog(" or hf mf hardnested r [known target key]");\r
+ PrintAndLog(" ");\r
+ PrintAndLog("Options: ");\r
+ PrintAndLog(" w: Acquire nonces and write them to binary file nonces.bin");\r
+ PrintAndLog(" s: Slower acquisition (required by some non standard cards)");\r
+ PrintAndLog(" r: Read nonces.bin and start attack");\r
+ PrintAndLog(" ");\r
+ PrintAndLog(" sample1: hf mf hardnested 0 A FFFFFFFFFFFF 4 A");\r
+ PrintAndLog(" sample2: hf mf hardnested 0 A FFFFFFFFFFFF 4 A w");\r
+ PrintAndLog(" sample3: hf mf hardnested 0 A FFFFFFFFFFFF 4 A w s");\r
+ PrintAndLog(" sample4: hf mf hardnested r");\r
+ PrintAndLog(" ");\r
+ PrintAndLog("Add the known target key to check if it is present in the remaining key space:");\r
+ PrintAndLog(" sample5: hf mf hardnested 0 A A0A1A2A3A4A5 4 A FFFFFFFFFFFF");\r
+ return 0;\r
+ }\r
+\r
+ bool know_target_key = false;\r
+ bool nonce_file_read = false;\r
+ bool nonce_file_write = false;\r
+ bool slow = false;\r
+ int tests = 0;\r
+\r
+\r
+ if (ctmp == 'R' || ctmp == 'r') {\r
+ nonce_file_read = true;\r
+ if (!param_gethex(Cmd, 1, trgkey, 12)) {\r
+ know_target_key = true;\r
+ }\r
+ } else if (ctmp == 'T' || ctmp == 't') {\r
+ tests = param_get32ex(Cmd, 1, 100, 10);\r
+ if (!param_gethex(Cmd, 2, trgkey, 12)) {\r
+ know_target_key = true;\r
+ }\r
+ } else {\r
+ blockNo = param_get8(Cmd, 0);\r
+ ctmp = param_getchar(Cmd, 1);\r
+ if (ctmp != 'a' && ctmp != 'A' && ctmp != 'b' && ctmp != 'B') {\r
+ PrintAndLog("Key type must be A or B");\r
+ return 1;\r
+ }\r
+ if (ctmp != 'A' && ctmp != 'a') {\r
+ keyType = 1;\r
+ }\r
+\r
+ if (param_gethex(Cmd, 2, key, 12)) {\r
+ PrintAndLog("Key must include 12 HEX symbols");\r
+ return 1;\r
+ }\r
+\r
+ trgBlockNo = param_get8(Cmd, 3);\r
+ ctmp = param_getchar(Cmd, 4);\r
+ if (ctmp != 'a' && ctmp != 'A' && ctmp != 'b' && ctmp != 'B') {\r
+ PrintAndLog("Target key type must be A or B");\r
+ return 1;\r
+ }\r
+ if (ctmp != 'A' && ctmp != 'a') {\r
+ trgKeyType = 1;\r
+ }\r
+\r
+ uint16_t i = 5;\r
+\r
+ if (!param_gethex(Cmd, 5, trgkey, 12)) {\r
+ know_target_key = true;\r
+ i++;\r
projects / proxmark3-svn / blobdiff