X-Git-Url: http://cvs.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/30daf914cee4594c1482da861bfdcf7d7d16cfc5..d56ee2b1db8ebf88a3ce1afa0e57a18ee10a0ea4:/armsrc/iso14443a.c

diff --git a/armsrc/iso14443a.c b/armsrc/iso14443a.c
index 4bd55fb3..425352b9 100644
--- a/armsrc/iso14443a.c
+++ b/armsrc/iso14443a.c
@@ -849,6 +849,10 @@ bool prepare_allocated_tag_modulation(tag_response_info_t* response_info) {
 //-----------------------------------------------------------------------------
 void SimulateIso14443aTag(int tagType, int flags, byte_t* data) {
 
+	#define ATTACK_KEY_COUNT 8 // keep same as define in cmdhfmf.c -> readerAttack()
+	// init pseudorand
+	fast_prand();
+	
 	uint8_t sak = 0;
 	uint32_t cuid = 0;			
 	uint32_t nonce = 0;
@@ -866,18 +870,10 @@ void SimulateIso14443aTag(int tagType, int flags, byte_t* data) {
 	uint8_t cardAUTHSC = 0;
 	uint8_t cardAUTHKEY = 0xff;  // no authentication
 	// allow collecting up to 8 sets of nonces to allow recovery of up to 8 keys
-	#define ATTACK_KEY_COUNT 8 // keep same as define in cmdhfmf.c -> readerAttack()
-	nonces_t ar_nr_resp[ATTACK_KEY_COUNT*2]; // for 2 separate attack types (nml, moebius)
-	memset(ar_nr_resp, 0x00, sizeof(ar_nr_resp));
-
-	uint8_t ar_nr_collected[ATTACK_KEY_COUNT*2]; // for 2nd attack type (moebius)
-	memset(ar_nr_collected, 0x00, sizeof(ar_nr_collected));
-	uint8_t	nonce1_count = 0;
-	uint8_t	nonce2_count = 0;
-	uint8_t	moebius_n_count = 0;
-	bool gettingMoebius = false;
-	uint8_t	mM = 0; // moebius_modifier for collection storage
 
+	nonces_t ar_nr_nonces[ATTACK_KEY_COUNT]; // for attack types moebius
+	memset(ar_nr_nonces, 0x00, sizeof(ar_nr_nonces));
+	uint8_t	moebius_count = 0;
 	
 	switch (tagType) {
 		case 1: { // MIFARE Classic 1k 
@@ -922,7 +918,11 @@ void SimulateIso14443aTag(int tagType, int flags, byte_t* data) {
 				memcpy(data+3, emdata+4, 4); // uid bytes 3-7
 				flags |= FLAG_7B_UID_IN_DATA;
 			}
-		} break;		
+		} break;	
+		case 8: { // MIFARE Classic 4k
+			response1[0] = 0x02;
+			sak = 0x18;
+		} break;
 		default: {
 			Dbprintf("Error: unkown tagtype (%d)",tagType);
 			return;
@@ -972,16 +972,15 @@ void SimulateIso14443aTag(int tagType, int flags, byte_t* data) {
 	response3a[0] = sak & 0xFB;
 	ComputeCrc14443(CRC_14443_A, response3a, 1, &response3a[1], &response3a[2]);
 
-	uint8_t response5[] = { 0x01, 0x01, 0x01, 0x01 }; 				// Very random tag nonce
+	// Tag NONCE.
+	uint8_t response5[4]; 
+	
 	uint8_t response6[] = { 0x04, 0x58, 0x80, 0x02, 0x00, 0x00 }; 	// dummy ATS (pseudo-ATR), answer to RATS: 
 	// Format byte = 0x58: FSCI=0x08 (FSC=256), TA(1) and TC(1) present, 
 	// TA(1) = 0x80: different divisors not supported, DR = 1, DS = 1
 	// TB(1) = not present. Defaults: FWI = 4 (FWT = 256 * 16 * 2^4 * 1/fc = 4833us), SFGI = 0 (SFG = 256 * 16 * 2^0 * 1/fc = 302us)
 	// TC(1) = 0x02: CID supported, NAD not supported
 	ComputeCrc14443(CRC_14443_A, response6, 4, &response6[4], &response6[5]);
-
-	// the randon nonce
-	nonce = bytes_to_num(response5, 4);	
 	
 	// Prepare GET_VERSION (different for UL EV-1 / NTAG)
 	// uint8_t response7_EV1[] = {0x00, 0x04, 0x03, 0x01, 0x01, 0x00, 0x0b, 0x03, 0xfd, 0xf7};  //EV1 48bytes VERSION.
@@ -1053,14 +1052,9 @@ void SimulateIso14443aTag(int tagType, int flags, byte_t* data) {
 		
 		// Clean receive command buffer
 		if(!GetIso14443aCommandFromReader(receivedCmd, receivedCmdPar, &len)) {
-			DbpString("Button press");
+			Dbprintf("Emulator stopped. Tracing: %d  trace length: %d ", tracing, BigBuf_get_traceLen());
 			break;
-		}
-		
-		// incease nonce at every command recieved
-		nonce++;
-		num_to_bytes(nonce, 4, response5);
-		
+		}	
 		p_response = NULL;
 		
 		// Okay, look at the command now.
@@ -1118,12 +1112,12 @@ void SimulateIso14443aTag(int tagType, int flags, byte_t* data) {
 			p_response = NULL;					
 		} else if (receivedCmd[0] == MIFARE_ULEV1_READ_CNT && tagType == 7) {	// Received a READ COUNTER -- 
 			uint8_t index = receivedCmd[1];
-			uint8_t data[] =  {0x00,0x00,0x00,0x14,0xa5};
+			uint8_t cmd[] =  {0x00,0x00,0x00,0x14,0xa5};
 			if ( counters[index] > 0) {
-				num_to_bytes(counters[index], 3, data);
-				AppendCrc14443a(data, sizeof(data)-2);
+				num_to_bytes(counters[index], 3, cmd);
+				AppendCrc14443a(cmd, sizeof(cmd)-2);
 			}
-			EmSendCmdEx(data,sizeof(data),false);				
+			EmSendCmdEx(cmd,sizeof(cmd),false);				
 			p_response = NULL;
 		} else if (receivedCmd[0] == MIFARE_ULEV1_INCR_CNT && tagType == 7) {	// Received a INC COUNTER -- 
 			// number of counter
@@ -1155,9 +1149,21 @@ void SimulateIso14443aTag(int tagType, int flags, byte_t* data) {
 				EmSendCmdEx(emdata, sizeof(emdata), false);
 				p_response = NULL;
 			} else {
-				cardAUTHSC = receivedCmd[1] / 4; // received block num
+								
 				cardAUTHKEY = receivedCmd[0] - 0x60;
-				p_response = &responses[5]; order = 7;
+				cardAUTHSC = receivedCmd[1] / 4; // received block num
+				
+				// incease nonce at AUTH requests. this is time consuming.
+				nonce = prand();
+				//num_to_bytes(nonce, 4, response5);
+				num_to_bytes(nonce, 4, dynamic_response_info.response);				
+				dynamic_response_info.response_n = 4;
+
+				//prepare_tag_modulation(&responses[5], DYNAMIC_MODULATION_BUFFER_SIZE);
+				prepare_tag_modulation(&dynamic_response_info, DYNAMIC_MODULATION_BUFFER_SIZE);
+				p_response = &dynamic_response_info;
+				//p_response = &responses[5]; 
+				order = 7;
 			}
 		} else if(receivedCmd[0] == ISO14443A_CMD_RATS) {	// Received a RATS request
 			if (tagType == 1 || tagType == 2) {	// RATS not supported
@@ -1170,69 +1176,64 @@ void SimulateIso14443aTag(int tagType, int flags, byte_t* data) {
 			LogTrace(receivedCmd, Uart.len, Uart.startTime*16 - DELAY_AIR2ARM_AS_TAG, Uart.endTime*16 - DELAY_AIR2ARM_AS_TAG, Uart.parity, TRUE);
 			uint32_t nr = bytes_to_num(receivedCmd,4);
 			uint32_t ar = bytes_to_num(receivedCmd+4,4);
-
+		 
 			// Collect AR/NR per keytype & sector
 			if ( (flags & FLAG_NR_AR_ATTACK) == FLAG_NR_AR_ATTACK ) {
-					for (uint8_t i = 0; i < ATTACK_KEY_COUNT; i++) {
-						if ( ar_nr_collected[i+mM]==0 || ((cardAUTHSC == ar_nr_resp[i+mM].sector) && (cardAUTHKEY == ar_nr_resp[i+mM].keytype) && (ar_nr_collected[i+mM] > 0)) ) {
-							// if first auth for sector, or matches sector and keytype of previous auth
-							if (ar_nr_collected[i+mM] < 2) {
-								// if we haven't already collected 2 nonces for this sector
-								if (ar_nr_resp[ar_nr_collected[i+mM]].ar != ar) {
-									// Avoid duplicates... probably not necessary, ar should vary. 
-									if (ar_nr_collected[i+mM]==0) {
-										// first nonce collect
-										ar_nr_resp[i+mM].cuid = cuid;
-										ar_nr_resp[i+mM].sector = cardAUTHSC;
-										ar_nr_resp[i+mM].keytype = cardAUTHKEY;
-										ar_nr_resp[i+mM].nonce = nonce;
-										ar_nr_resp[i+mM].nr = nr;
-										ar_nr_resp[i+mM].ar = ar;
-										nonce1_count++;
-										// add this nonce to first moebius nonce
-										ar_nr_resp[i+ATTACK_KEY_COUNT].cuid = cuid;
-										ar_nr_resp[i+ATTACK_KEY_COUNT].sector = cardAUTHSC;
-										ar_nr_resp[i+ATTACK_KEY_COUNT].keytype = cardAUTHKEY;
-										ar_nr_resp[i+ATTACK_KEY_COUNT].nonce = nonce;
-										ar_nr_resp[i+ATTACK_KEY_COUNT].nr = nr;
-										ar_nr_resp[i+ATTACK_KEY_COUNT].ar = ar;
-										ar_nr_collected[i+ATTACK_KEY_COUNT]++;
-									} else { // second nonce collect (std and moebius)
-										ar_nr_resp[i+mM].nonce2 = nonce;
-										ar_nr_resp[i+mM].nr2 = nr;
-										ar_nr_resp[i+mM].ar2 = ar;
-										if (!gettingMoebius) {
-											nonce2_count++;
-											// check if this was the last second nonce we need for std attack
-											if ( nonce2_count == nonce1_count ) {
-												// done collecting std test switch to moebius
-												// first finish incrementing last sample
-												ar_nr_collected[i+mM]++; 
-												// switch to moebius collection
-												gettingMoebius = true;
-												mM = ATTACK_KEY_COUNT;
-												break;
-											}
-										} else {
-											moebius_n_count++;
-											// if we've collected all the nonces we need - finish.
-											if (nonce1_count == moebius_n_count) {
-												cmd_send(CMD_ACK,CMD_SIMULATE_MIFARE_CARD,0,0,&ar_nr_resp,sizeof(ar_nr_resp));
-												nonce1_count = 0;
-												nonce2_count = 0;
-												moebius_n_count = 0;
-												gettingMoebius = false;
-											}
-										}
-									}
-									ar_nr_collected[i+mM]++;
-								}
-							}
-							// we found right spot for this nonce stop looking
-							break;
-						}
+				
+				int8_t index = -1;
+				int8_t empty = -1;
+				for (uint8_t i = 0; i < ATTACK_KEY_COUNT; i++) {
+					// find which index to use
+					if ( (cardAUTHSC == ar_nr_nonces[i].sector) &&  (cardAUTHKEY == ar_nr_nonces[i].keytype)) 
+						index = i;
+
+					// keep track of empty slots.
+					if ( ar_nr_nonces[i].state == EMPTY)
+						empty = i;
+				}
+				// if no empty slots.  Choose first and overwrite.
+				if ( index == -1 ) {
+					if ( empty == -1 ) {
+						index = 0;
+						ar_nr_nonces[index].state = EMPTY;
+					} else {
+						index = empty;
+					}
+				}
+
+				switch(ar_nr_nonces[index].state) {
+					case EMPTY: {
+						// first nonce collect
+						ar_nr_nonces[index].cuid = cuid;
+						ar_nr_nonces[index].sector = cardAUTHSC;
+						ar_nr_nonces[index].keytype = cardAUTHKEY;
+						ar_nr_nonces[index].nonce = nonce;
+						ar_nr_nonces[index].nr = nr;
+						ar_nr_nonces[index].ar = ar;
+						ar_nr_nonces[index].state = FIRST;
+						break;
+					} 
+					case FIRST : { 
+						// second nonce collect
+						ar_nr_nonces[index].nonce2 = nonce;
+						ar_nr_nonces[index].nr2 = nr;
+						ar_nr_nonces[index].ar2 = ar;
+						ar_nr_nonces[index].state = SECOND;
+
+						// send to client
+						cmd_send(CMD_ACK, CMD_SIMULATE_MIFARE_CARD, 0, 0, &ar_nr_nonces[index], sizeof(nonces_t));
+						
+						ar_nr_nonces[index].state = EMPTY;
+						ar_nr_nonces[index].sector = 0;
+						ar_nr_nonces[index].keytype = 0;
+						
+						moebius_count++;
+						break;
 					}
+					default: break;
 				}
+			}
+			p_response = NULL;
 			
 		} else if (receivedCmd[0] == MIFARE_ULC_AUTH_1 ) { // ULC authentication, or Desfire Authentication
 		} else if (receivedCmd[0] == MIFARE_ULEV1_AUTH) { // NTAG / EV-1 authentication
@@ -1272,8 +1273,8 @@ void SimulateIso14443aTag(int tagType, int flags, byte_t* data) {
 				  dynamic_response_info.response_n = 2;
 				} break;
 
-				case 0xaa:
-				case 0xbb: {
+				case 0xAA:
+				case 0xBB: {
 				  dynamic_response_info.response[0] = receivedCmd[0] ^ 0x11;
 				  dynamic_response_info.response_n = 2;
 				} break;
@@ -1306,11 +1307,11 @@ void SimulateIso14443aTag(int tagType, int flags, byte_t* data) {
 				dynamic_response_info.response[1] = receivedCmd[1];
 
 				// Add CRC bytes, always used in ISO 14443A-4 compliant cards
-				AppendCrc14443a(dynamic_response_info.response,dynamic_response_info.response_n);
+				AppendCrc14443a(dynamic_response_info.response, dynamic_response_info.response_n);
 				dynamic_response_info.response_n += 2;
         
 				if (prepare_tag_modulation(&dynamic_response_info,DYNAMIC_MODULATION_BUFFER_SIZE) == false) {
-					Dbprintf("Error preparing tag response");
+					DbpString("Error preparing tag response");
 					LogTrace(receivedCmd, Uart.len, Uart.startTime*16 - DELAY_AIR2ARM_AS_TAG, Uart.endTime*16 - DELAY_AIR2ARM_AS_TAG, Uart.parity, TRUE);
 					break;
 				}
@@ -1326,7 +1327,7 @@ void SimulateIso14443aTag(int tagType, int flags, byte_t* data) {
 
 		// comment this limit if you want to simulation longer		
 		if (!tracing) {
-			Dbprintf("Trace Full. Simulation stopped.");
+			DbpString("Trace Full. Simulation stopped.");
 			break;
 		}
 		// comment this limit if you want to simulation longer
@@ -1359,8 +1360,10 @@ void SimulateIso14443aTag(int tagType, int flags, byte_t* data) {
 	set_tracing(FALSE);
 	BigBuf_free_keep_EM();
 	LED_A_OFF();
-	
-		if(flags & FLAG_NR_AR_ATTACK && MF_DBGLEVEL >= 1) {
+
+	/*	
+	if(flags & FLAG_NR_AR_ATTACK && MF_DBGLEVEL >= 1) {
+
 		for ( uint8_t	i = 0; i < ATTACK_KEY_COUNT; i++) {
 			if (ar_nr_collected[i] == 2) {
 				Dbprintf("Collected two pairs of AR/NR which can be used to extract %s from reader for sector %d:", (i<ATTACK_KEY_COUNT/2) ? "keyA" : "keyB", ar_nr_resp[i].sector);
@@ -1374,6 +1377,7 @@ void SimulateIso14443aTag(int tagType, int flags, byte_t* data) {
 						);
 			}
 		}	
+
 		for ( uint8_t	i = ATTACK_KEY_COUNT; i < ATTACK_KEY_COUNT*2; i++) {
 			if (ar_nr_collected[i] == 2) {
 				Dbprintf("Collected two pairs of AR/NR which can be used to extract %s from reader for sector %d:", (i<ATTACK_KEY_COUNT/2) ? "keyA" : "keyB", ar_nr_resp[i].sector);
@@ -1389,12 +1393,16 @@ void SimulateIso14443aTag(int tagType, int flags, byte_t* data) {
 			}
 		}
 	}
-	
+	*/
+		
 	if (MF_DBGLEVEL >= 4){
-		Dbprintf("-[ Wake ups after halt [%d]", happened);
-		Dbprintf("-[ Messages after halt [%d]", happened2);
-		Dbprintf("-[ Num of received cmd [%d]", cmdsRecvd);
+		Dbprintf("-[ Wake ups after halt  [%d]", happened);
+		Dbprintf("-[ Messages after halt  [%d]", happened2);
+		Dbprintf("-[ Num of received cmd  [%d]", cmdsRecvd);
+		Dbprintf("-[ Num of moebius tries [%d]", moebius_count);
 	}
+	
+	cmd_send(CMD_ACK,1,0,0,0,0);
 }
 
 // prepare a delayed transfer. This simply shifts ToSend[] by a number
@@ -1866,6 +1874,9 @@ int iso14443a_select_card(byte_t *uid_ptr, iso14a_card_select_t *p_hi14a_card, u
 			memset(uid_ptr,0,10);
 	}
 
+	// reset the PCB block number
+	iso14_pcb_blocknum = 0;
+	
 	// check for proprietary anticollision:
 	if ((resp[0] & 0x1F) == 0) return 3;
 	
@@ -1977,12 +1988,8 @@ int iso14443a_select_card(byte_t *uid_ptr, iso14a_card_select_t *p_hi14a_card, u
 		p_hi14a_card->ats_len = len;
 	}
 
-	// reset the PCB block number
-	iso14_pcb_blocknum = 0;
-
 	// set default timeout based on ATS
 	iso14a_set_ATS_timeout(resp);
-
 	return 1;	
 }
 
@@ -2040,7 +2047,6 @@ int iso14_apdu(uint8_t *cmd, uint16_t cmd_len, void *data) {
 	{
 		iso14_pcb_blocknum ^= 1;
 	}
-
 	return len;
 }
 
@@ -2086,17 +2092,17 @@ void ReaderIso14443a(UsbCommand *c) {
 	}
 
 	if (param & ISO14A_RAW) {
-		if(param & ISO14A_APPEND_CRC) {
-			if(param & ISO14A_TOPAZMODE) {
+		if (param & ISO14A_APPEND_CRC) {
+			if (param & ISO14A_TOPAZMODE)
 				AppendCrc14443b(cmd,len);
-			} else {
+			else
 				AppendCrc14443a(cmd,len);
-			}
+			
 			len += 2;
 			if (lenbits) lenbits += 16;
 		}
-		if(lenbits>0) {				// want to send a specific number of bits (e.g. short commands)
-			if(param & ISO14A_TOPAZMODE) {
+		if (lenbits>0) {				// want to send a specific number of bits (e.g. short commands)
+			if (param & ISO14A_TOPAZMODE) {
 				int bits_to_send = lenbits;
 				uint16_t i = 0;
 				ReaderTransmitBitsPar(&cmd[i++], MIN(bits_to_send, 7), NULL, NULL);		// first byte is always short (7bits) and no parity
@@ -2110,7 +2116,7 @@ void ReaderIso14443a(UsbCommand *c) {
 				ReaderTransmitBitsPar(cmd, lenbits, par, NULL);							// bytes are 8 bit with odd parity
 			}
 		} else {					// want to send complete bytes only
-			if(param & ISO14A_TOPAZMODE) {
+			if (param & ISO14A_TOPAZMODE) {
 				uint16_t i = 0;
 				ReaderTransmitBitsPar(&cmd[i++], 7, NULL, NULL);						// first byte: 7 bits, no paritiy
 				while (i < len) {
@@ -2216,14 +2222,14 @@ void ReaderMifare(bool first_try, uint8_t block, uint8_t keytype ) {
 	
 	BigBuf_free(); BigBuf_Clear_ext(false);	
 	clear_trace();
-	set_tracing(TRUE);	
+	set_tracing(FALSE);	
 	iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD);
 
 	sync_time = GetCountSspClk() & 0xfffffff8;
 	sync_cycles = PRNG_SEQUENCE_LENGTH; // Mifare Classic's random generator repeats every 2^16 cycles (and so do the nonces).		
 	nt_attacked = 0;
 	
-   if (MF_DBGLEVEL >= 4)	Dbprintf("Mifare::Sync %08x", sync_time);
+   if (MF_DBGLEVEL >= 4)	Dbprintf("Mifare::Sync %u", sync_time);
 				
 	if (first_try) {
 		mf_nr_ar3 = 0;
@@ -2440,6 +2446,10 @@ void ReaderMifare(bool first_try, uint8_t block, uint8_t keytype ) {
   *@param exitAfterNReads, exit simulation after n blocks have been read, 0 is inifite
   */
 void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *datain) {
+
+	// init pseudorand
+	fast_prand( GetTickCount() );
+	
 	int cardSTATE = MFEMUL_NOFIELD;
 	int _UID_LEN = 0;  // 4, 7, 10
 	int vHf = 0;	// in mV
@@ -2473,27 +2483,19 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
 	uint8_t rUIDBCC2[] = {0xde, 0xad, 0xbe, 0xaf, 0x62}; 
 	uint8_t rUIDBCC3[] = {0xde, 0xad, 0xbe, 0xaf, 0x62};
 
-	uint8_t rAUTH_NT[] = {0x01, 0x01, 0x01, 0x01};	// very random nonce
+	// TAG Nonce - Authenticate response
+	uint8_t rAUTH_NT[4];
+	uint32_t nonce = prand();
+	num_to_bytes(nonce, 4, rAUTH_NT);
+	
 	// uint8_t rAUTH_NT[] = {0x55, 0x41, 0x49, 0x92};// nonce from nested? why this?
 	uint8_t rAUTH_AT[] = {0x00, 0x00, 0x00, 0x00};
-		
+	
 	// Here, we collect CUID, NT, NR, AR, CUID2, NT2, NR2, AR2
 	// This can be used in a reader-only attack.
-	nonces_t ar_nr_resp[ATTACK_KEY_COUNT*2]; // for 2 separate attack types (nml, moebius)
-	memset(ar_nr_resp, 0x00, sizeof(ar_nr_resp));
-
-	uint8_t ar_nr_collected[ATTACK_KEY_COUNT*2]; // for 2nd attack type (moebius)
-	memset(ar_nr_collected, 0x00, sizeof(ar_nr_collected));
-	uint8_t	nonce1_count = 0;
-	uint8_t	nonce2_count = 0;
-	uint8_t	moebius_n_count = 0;
-	bool gettingMoebius = false;
-	uint8_t	mM = 0; // moebius_modifier for collection storage
-	bool doBufResetNext = false;
+	nonces_t ar_nr_nonces[ATTACK_KEY_COUNT];
+	memset(ar_nr_nonces, 0x00, sizeof(ar_nr_nonces));
 
-	// Authenticate response - nonce
-	uint32_t nonce = bytes_to_num(rAUTH_NT, 4);
-	
 	// -- Determine the UID
 	// Can be set from emulator memory or incoming data
 	// Length: 4,7,or 10 bytes
@@ -2629,7 +2631,7 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
 			crypto1_destroy(pcs);
 			cardAUTHKEY = 0xff;
 			LEDsoff();
-			nonce++; 
+			nonce = prand(); 
 			continue;
 		}
 		
@@ -2734,95 +2736,63 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
 				uint32_t nr = bytes_to_num(receivedCmd, 4);
 				uint32_t ar = bytes_to_num(&receivedCmd[4], 4);
 
-				if (doBufResetNext) {
-					// Reset, lets try again!
-					Dbprintf("Re-read after previous NR_AR_ATTACK, resetting buffer");
-					memset(ar_nr_resp, 0x00, sizeof(ar_nr_resp));
-					memset(ar_nr_collected, 0x00, sizeof(ar_nr_collected));
-					mM = 0;
-					doBufResetNext = false;
-				}
+				// Collect AR/NR per keytype & sector
+				if ( (flags & FLAG_NR_AR_ATTACK) == FLAG_NR_AR_ATTACK ) {
+					
+					int8_t index = -1;
+					int8_t empty = -1;
+					for (uint8_t i = 0; i < ATTACK_KEY_COUNT; i++) {
+						// find which index to use
+						if ( (cardAUTHSC == ar_nr_nonces[i].sector) &&  (cardAUTHKEY == ar_nr_nonces[i].keytype)) 
+							index = i;
 
-				for (uint8_t i = 0; i < ATTACK_KEY_COUNT; i++) {
-					if ( ar_nr_collected[i+mM]==0 || ((cardAUTHSC == ar_nr_resp[i+mM].sector) && (cardAUTHKEY == ar_nr_resp[i+mM].keytype) && (ar_nr_collected[i+mM] > 0)) ) {
-
-						// if first auth for sector, or matches sector and keytype of previous auth
-						if (ar_nr_collected[i+mM] < 2) {
-							// if we haven't already collected 2 nonces for this sector
-							if (ar_nr_resp[ar_nr_collected[i+mM]].ar != ar) {
-								// Avoid duplicates... probably not necessary, ar should vary.
-								if (ar_nr_collected[i+mM]==0) {
-									// first nonce collect
-									ar_nr_resp[i+mM].cuid = cuid;
-									ar_nr_resp[i+mM].sector = cardAUTHSC;
-									ar_nr_resp[i+mM].keytype = cardAUTHKEY;
-									ar_nr_resp[i+mM].nonce = nonce;
-									ar_nr_resp[i+mM].nr = nr;
-									ar_nr_resp[i+mM].ar = ar;
-									nonce1_count++;
-									// add this nonce to first moebius nonce
-									ar_nr_resp[i+ATTACK_KEY_COUNT].cuid = cuid;
-									ar_nr_resp[i+ATTACK_KEY_COUNT].sector = cardAUTHSC;
-									ar_nr_resp[i+ATTACK_KEY_COUNT].keytype = cardAUTHKEY;
-									ar_nr_resp[i+ATTACK_KEY_COUNT].nonce = nonce;
-									ar_nr_resp[i+ATTACK_KEY_COUNT].nr = nr;
-									ar_nr_resp[i+ATTACK_KEY_COUNT].ar = ar;
-									ar_nr_collected[i+ATTACK_KEY_COUNT]++;
-								} else { // second nonce collect (std and moebius)
-									ar_nr_resp[i+mM].nonce2 = nonce;
-									ar_nr_resp[i+mM].nr2 = nr;
-									ar_nr_resp[i+mM].ar2 = ar;
-									if (!gettingMoebius) {
-										nonce2_count++;
-										// check if this was the last second nonce we need for std attack
-										if ( nonce2_count == nonce1_count ) {
-											// done collecting std test switch to moebius
-											// first finish incrementing last sample
-											ar_nr_collected[i+mM]++; 
-											// switch to moebius collection
-											gettingMoebius = true;
-											mM = ATTACK_KEY_COUNT;
-											break;
-										}
-									} else {
-										moebius_n_count++;
-										// if we've collected all the nonces we need - finish.
-
-										if (nonce1_count == moebius_n_count) {
-											cmd_send(CMD_ACK,CMD_SIMULATE_MIFARE_CARD,0,0,&ar_nr_resp,sizeof(ar_nr_resp));
-											nonce1_count = 0;
-											nonce2_count = 0;
-											moebius_n_count = 0;
-											gettingMoebius = false;
-											doBufResetNext = true;
-											finished = ( ((flags & FLAG_INTERACTIVE) == FLAG_INTERACTIVE));
-										}
-									}
-								}
-								ar_nr_collected[i+mM]++;
-							}
+						// keep track of empty slots.
+						if ( ar_nr_nonces[i].state == EMPTY)
+							empty = i;
+					}
+					// if no empty slots.  Choose first and overwrite.
+					if ( index == -1 ) {
+						if ( empty == -1 ) {
+							index = 0;
+							ar_nr_nonces[index].state = EMPTY;
+						} else {
+							index = empty;
 						}
-						// we found right spot for this nonce stop looking
-						break;
 					}
-				}
 
+					switch(ar_nr_nonces[index].state) {
+						case EMPTY: {
+							// first nonce collect
+							ar_nr_nonces[index].cuid = cuid;
+							ar_nr_nonces[index].sector = cardAUTHSC;
+							ar_nr_nonces[index].keytype = cardAUTHKEY;
+							ar_nr_nonces[index].nonce = nonce;
+							ar_nr_nonces[index].nr = nr;
+							ar_nr_nonces[index].ar = ar;
+							ar_nr_nonces[index].state = FIRST;
+							break;
+						} 
+						case FIRST : { 
+							// second nonce collect
+							ar_nr_nonces[index].nonce2 = nonce;
+							ar_nr_nonces[index].nr2 = nr;
+							ar_nr_nonces[index].ar2 = ar;
+							ar_nr_nonces[index].state = SECOND;
+
+							// send to client
+							cmd_send(CMD_ACK, CMD_SIMULATE_MIFARE_CARD, 0, 0, &ar_nr_nonces[index], sizeof(nonces_t));
+							
+							ar_nr_nonces[index].state = EMPTY;
+							ar_nr_nonces[index].sector = 0;
+							ar_nr_nonces[index].keytype = 0;
+							break;
+						}
+						default: break;
+					}
+				}
 
 				/*
-				// Collect AR/NR
-				// if(ar_nr_collected < 2 && cardAUTHSC == 2){
-				if(ar_nr_collected < 2) {					
-					// if(ar_nr_responses[2] != nr) {
-						ar_nr_responses[ar_nr_collected*4]   = cuid;
-						ar_nr_responses[ar_nr_collected*4+1] = nonce;
-						ar_nr_responses[ar_nr_collected*4+2] = nr;
-						ar_nr_responses[ar_nr_collected*4+3] = ar;
-						ar_nr_collected++;
-					// }					
-		
-					// Interactive mode flag, means we need to send ACK
-					finished = ( ((flags & FLAG_INTERACTIVE) == FLAG_INTERACTIVE)&& ar_nr_collected == 2);
-				}
+				// Interactive mode flag, means we need to send ACK
 				
 				crypto1_word(pcs, ar , 1);
 				cardRr = nr ^ crypto1_word(pcs, 0, 0);
@@ -3057,49 +3027,10 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
 		}
 	}
 
-	// Interactive mode flag, means we need to send ACK
-	/*
-	if((flags & FLAG_INTERACTIVE) == FLAG_INTERACTIVE) {
-		// May just aswell send the collected ar_nr in the response aswell
-		uint8_t len = ar_nr_collected * 4 * 4;
-		cmd_send(CMD_ACK, CMD_SIMULATE_MIFARE_CARD, len, 0, &ar_nr_responses, len);
-	}
+	if (MF_DBGLEVEL >= 1) 
+		Dbprintf("Emulator stopped. Tracing: %d  trace length: %d ", tracing, BigBuf_get_traceLen());
 	
-   */
-	if( ((flags & FLAG_NR_AR_ATTACK) == FLAG_NR_AR_ATTACK ) && MF_DBGLEVEL >= 1 ) {
-		for ( uint8_t	i = 0; i < ATTACK_KEY_COUNT; i++) {
-			if (ar_nr_collected[i] == 2) {
-				Dbprintf("Collected two pairs of AR/NR which can be used to extract %s from reader for sector %d:", (i<ATTACK_KEY_COUNT/2) ? "keyA" : "keyB", ar_nr_resp[i].sector);
-				Dbprintf("../tools/mfkey/mfkey32 %08x %08x %08x %08x %08x %08x",
-						ar_nr_resp[i].cuid,  //UID
-						ar_nr_resp[i].nonce, //NT
-						ar_nr_resp[i].nr,    //NR1
-						ar_nr_resp[i].ar,    //AR1
-						ar_nr_resp[i].nr2,   //NR2
-						ar_nr_resp[i].ar2    //AR2
-						);
-			}
-		}	
-		for ( uint8_t i = ATTACK_KEY_COUNT; i < ATTACK_KEY_COUNT*2; i++) {
-			if (ar_nr_collected[i] == 2) {
-				Dbprintf("Collected two pairs of AR/NR which can be used to extract %s from reader for sector %d:", (i<ATTACK_KEY_COUNT/2) ? "keyA" : "keyB", ar_nr_resp[i].sector);
-				Dbprintf("../tools/mfkey/mfkey32v2 %08x %08x %08x %08x %08x %08x %08x",
-						ar_nr_resp[i].cuid,  //UID
-						ar_nr_resp[i].nonce, //NT
-						ar_nr_resp[i].nr,    //NR1
-						ar_nr_resp[i].ar,    //AR1
-						ar_nr_resp[i].nonce2,//NT2
-						ar_nr_resp[i].nr2,   //NR2
-						ar_nr_resp[i].ar2    //AR2
-						);
-			}
-		}
-	}
-	
-	
-	if (MF_DBGLEVEL >= 1) Dbprintf("Emulator stopped. Tracing: %d  trace length: %d ", tracing, BigBuf_get_traceLen());
-	
-	FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
+	cmd_send(CMD_ACK,1,0,0,0,0);	FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
 	LEDsoff();
 	set_tracing(FALSE);
 }