uint32_t nt = 0, nr = 0;\r
uint64_t par_list = 0, ks_list = 0, r_key = 0;\r
int16_t isOK = 0;\r
- uint8_t keyBlock[8] = {0};\r
\r
UsbCommand c = {CMD_READER_MIFARE, {true, 0, 0}};\r
\r
case -1 : PrintAndLog("Button pressed. Aborted.\n"); break;\r
case -2 : PrintAndLog("Card is not vulnerable to Darkside attack (doesn't send NACK on authentication requests).\n"); break;\r
case -3 : PrintAndLog("Card is not vulnerable to Darkside attack (its random number generator is not predictable).\n"); break;\r
+ case -4 : PrintAndLog("Card is not vulnerable to Darkside attack (its random number generator seems to be based on the wellknown");\r
+ PrintAndLog("generating polynomial with 16 effective bits only, but shows unexpected behaviour.\n"); break;\r
default: ;\r
}\r
break;\r
if (nonce2key(uid, nt, nr, par_list, ks_list, &r_key)) {\r
isOK = 2;\r
PrintAndLog("Key not found (lfsr_common_prefix list is null). Nt=%08x", nt); \r
- } else {\r
- printf("------------------------------------------------------------------\n");\r
- PrintAndLog("Key found:%012"llx" \n", r_key);\r
-\r
- num_to_bytes(r_key, 6, keyBlock);\r
- isOK = mfCheckKeys(0, 0, 1, keyBlock, &r_key);\r
- }\r
- \r
- if (!isOK) \r
- PrintAndLog("Found valid key:%012"llx, r_key);\r
- else\r
- {\r
- if (isOK != 2) PrintAndLog("Found invalid key. "); \r
PrintAndLog("Failing is expected to happen in 25%% of all cases. Trying again with a different reader nonce...");\r
c.arg[0] = false;\r
goto start;\r
+ } else {\r
+ isOK = 0;\r
+ printf("------------------------------------------------------------------\n");\r
+ PrintAndLog("Found valid key:%012"llx" \n", r_key);\r
}\r
\r
PrintAndLog("");\r
for (j = 0; j < 2; j++) {\r
if (e_sector[i].foundKey[j]) continue;\r
\r
- res = mfCheckKeys(FirstBlockOfSector(i), j, 6, keyBlock, &key64);\r
+ res = mfCheckKeys(FirstBlockOfSector(i), j, true, 6, keyBlock, &key64);\r
\r
if (!res) {\r
e_sector[i].Key[j] = key64;\r
uint32_t max_keys = keycnt>USB_CMD_DATA_SIZE/6?USB_CMD_DATA_SIZE/6:keycnt;\r
for (uint32_t c = 0; c < keycnt; c+=max_keys) {\r
uint32_t size = keycnt-c>max_keys?max_keys:keycnt-c;\r
- res = mfCheckKeys(b, t, size, &keyBlock[6*c], &key64);\r
+ res = mfCheckKeys(b, t, true, size, &keyBlock[6*c], &key64);\r
if (res != 1) {\r
if (!res) {\r
PrintAndLog("Found valid key:[%012"llx"]",key64);\r
return 0;\r
}\r
\r
+//needs nt, ar, at, Data to decrypt\r
+int CmdDecryptTraceCmds(const char *Cmd){\r
+ uint8_t data[50];\r
+ int len = 0;\r
+ param_gethex_ex(Cmd,3,data,&len);\r
+ return tryDecryptWord(param_get32ex(Cmd,0,0,16),param_get32ex(Cmd,1,0,16),param_get32ex(Cmd,2,0,16),data,len/2);\r
+}\r
\r
static command_t CommandTable[] =\r
{\r
{"cgetsc", CmdHF14AMfCGetSc, 0, "Read sector - Magic Chinese card"},\r
{"cload", CmdHF14AMfCLoad, 0, "Load dump into magic Chinese card"},\r
{"csave", CmdHF14AMfCSave, 0, "Save dump from magic Chinese card into file or emulator"},\r
+ {"decrypt", CmdDecryptTraceCmds,1, "[nt] [ar_enc] [at_enc] [data] - to decrypt snoop or trace"},\r
{NULL, NULL, 0, NULL}\r
};\r
\r
projects / proxmark3-svn / blobdiff