X-Git-Url: http://cvs.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/b2fe0e77c5d46dd5bed439c55446c32b3cc13a17..946a84c35be79de8852d2c294de22f456f42a1ae:/armsrc/iso14443a.c?ds=sidebyside

diff --git a/armsrc/iso14443a.c b/armsrc/iso14443a.c
index 27574dad..76b82141 100644
--- a/armsrc/iso14443a.c
+++ b/armsrc/iso14443a.c
@@ -15,12 +15,13 @@
 #include "util.h"
 #include "string.h"
 #include "cmd.h"
-
 #include "iso14443crc.h"
 #include "iso14443a.h"
-#include "crapto1.h"
+#include "crapto1/crapto1.h"
 #include "mifareutil.h"
 #include "BigBuf.h"
+#include "protocols.h"
+
 static uint32_t iso14a_timeout;
 int rsamples = 0;
 uint8_t trigger = 0;
@@ -2307,20 +2308,35 @@ void ReaderMifare(bool first_try)
 	set_tracing(FALSE);
 }
 
+typedef struct {
+  uint32_t cuid;
+  uint8_t  sector;
+  uint8_t  keytype;
+  uint32_t nonce;
+  uint32_t ar;
+  uint32_t nr;
+  uint32_t nonce2;
+  uint32_t ar2;
+  uint32_t nr2;
+} nonces_t;
+
 /**
   *MIFARE 1K simulate.
   *
   *@param flags :
   *	FLAG_INTERACTIVE - In interactive mode, we are expected to finish the operation with an ACK
-  * 4B_FLAG_UID_IN_DATA - means that there is a 4-byte UID in the data-section, we're expected to use that
-  * 7B_FLAG_UID_IN_DATA - means that there is a 7-byte UID in the data-section, we're expected to use that
+  * FLAG_4B_UID_IN_DATA - means that there is a 4-byte UID in the data-section, we're expected to use that
+  * FLAG_7B_UID_IN_DATA - means that there is a 7-byte UID in the data-section, we're expected to use that
+  * FLAG_10B_UID_IN_DATA	- use 10-byte UID in the data-section not finished
   *	FLAG_NR_AR_ATTACK  - means we should collect NR_AR responses for bruteforcing later
-  *@param exitAfterNReads, exit simulation after n blocks have been read, 0 is inifite
+  * FLAG_RANDOM_NONCE - means we should generate some pseudo-random nonce data (only allows moebius attack)
+  *@param exitAfterNReads, exit simulation after n blocks have been read, 0 is infinite ...
+  * (unless reader attack mode enabled then it runs util it gets enough nonces to recover all keys attmpted)
   */
 void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *datain)
 {
 	int cardSTATE = MFEMUL_NOFIELD;
-	int _7BUID = 0;
+	int _UID_LEN = 0; // 4, 7, 10
 	int vHf = 0;	// in mV
 	int res;
 	uint32_t selTimer = 0;
@@ -2344,23 +2360,40 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
 	uint8_t response[MAX_MIFARE_FRAME_SIZE];
 	uint8_t response_par[MAX_MIFARE_PARITY_SIZE];
 	
-	uint8_t rATQA[] = {0x04, 0x00}; // Mifare classic 1k 4BUID
+	uint8_t rATQA[]    = {0x04, 0x00}; // Mifare classic 1k 4BUID
 	uint8_t rUIDBCC1[] = {0xde, 0xad, 0xbe, 0xaf, 0x62};
 	uint8_t rUIDBCC2[] = {0xde, 0xad, 0xbe, 0xaf, 0x62}; // !!!
-	uint8_t rSAK[] = {0x08, 0xb6, 0xdd};
-	uint8_t rSAK1[] = {0x04, 0xda, 0x17};
+	uint8_t rUIDBCC3[] = {0xde, 0xad, 0xbe, 0xaf, 0x62};
+
+	uint8_t rSAKfinal[]= {0x08, 0xb6, 0xdd};      // mifare 1k indicated
+	uint8_t rSAK1[]    = {0x04, 0xda, 0x17};      // indicate UID not finished
 
 	uint8_t rAUTH_NT[] = {0x01, 0x02, 0x03, 0x04};
 	uint8_t rAUTH_AT[] = {0x00, 0x00, 0x00, 0x00};
 		
-	//Here, we collect UID,NT,AR,NR,UID2,NT2,AR2,NR2
-	// This can be used in a reader-only attack.
-	// (it can also be retrieved via 'hf 14a list', but hey...
-	uint32_t ar_nr_responses[] = {0,0,0,0,0,0,0,0};
-	uint8_t ar_nr_collected = 0;
+	//Here, we collect UID,sector,keytype,NT,AR,NR,NT2,AR2,NR2
+	// This will be used in the reader-only attack.
+
+	//allow collecting up to 8 sets of nonces to allow recovery of up to 8 keys
+	#define ATTACK_KEY_COUNT 8 // keep same as define in cmdhfmf.c -> readerAttack()
+	nonces_t ar_nr_resp[ATTACK_KEY_COUNT*2]; //*2 for 2 separate attack types (nml, moebius)
+	memset(ar_nr_resp, 0x00, sizeof(ar_nr_resp));
+
+	uint8_t ar_nr_collected[ATTACK_KEY_COUNT*2]; //*2 for 2nd attack type (moebius)
+	memset(ar_nr_collected, 0x00, sizeof(ar_nr_collected));
+	uint8_t	nonce1_count = 0;
+	uint8_t	nonce2_count = 0;
+	uint8_t	moebius_n_count = 0;
+	bool gettingMoebius = false;
+	uint8_t	mM = 0; //moebius_modifier for collection storage
 
 	// Authenticate response - nonce
-	uint32_t nonce = bytes_to_num(rAUTH_NT, 4);
+	uint32_t nonce;
+	if (flags & FLAG_RANDOM_NONCE) {
+		nonce = prand();
+	} else {
+		nonce = bytes_to_num(rAUTH_NT, 4);
+	}
 	
 	//-- Determine the UID
 	// Can be set from emulator memory, incoming data
@@ -2370,45 +2403,96 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
 		// 4B uid comes from data-portion of packet
 		memcpy(rUIDBCC1,datain,4);
 		rUIDBCC1[4] = rUIDBCC1[0] ^ rUIDBCC1[1] ^ rUIDBCC1[2] ^ rUIDBCC1[3];
-
+		_UID_LEN = 4;
 	} else if (flags & FLAG_7B_UID_IN_DATA) {
 		// 7B uid comes from data-portion of packet
 		memcpy(&rUIDBCC1[1],datain,3);
 		memcpy(rUIDBCC2, datain+3, 4);
-		_7BUID = true;
+		_UID_LEN = 7;
+	} else if (flags & FLAG_10B_UID_IN_DATA) {
+		memcpy(&rUIDBCC1[1], datain,   3);
+		memcpy(&rUIDBCC2[1], datain+3, 3);
+		memcpy( rUIDBCC3,    datain+6, 4);
+		_UID_LEN = 10;
 	} else {
-		// get UID from emul memory
+		// get UID from emul memory - guess at length
 		emlGetMemBt(receivedCmd, 7, 1);
-		_7BUID = !(receivedCmd[0] == 0x00);
-		if (!_7BUID) {                     // ---------- 4BUID
+		if (receivedCmd[0] == 0x00) {      // ---------- 4BUID
 			emlGetMemBt(rUIDBCC1, 0, 4);
+			_UID_LEN = 4;
 		} else {                           // ---------- 7BUID
 			emlGetMemBt(&rUIDBCC1[1], 0, 3);
 			emlGetMemBt(rUIDBCC2, 3, 4);
+			_UID_LEN = 7;
 		}
 	}
 
-	/*
-	 * Regardless of what method was used to set the UID, set fifth byte and modify
-	 * the ATQA for 4 or 7-byte UID
-	 */
-	rUIDBCC1[4] = rUIDBCC1[0] ^ rUIDBCC1[1] ^ rUIDBCC1[2] ^ rUIDBCC1[3];
-	if (_7BUID) {
-		rATQA[0] = 0x44;
-		rUIDBCC1[0] = 0x88;
-		rUIDBCC1[4] = rUIDBCC1[0] ^ rUIDBCC1[1] ^ rUIDBCC1[2] ^ rUIDBCC1[3];
-		rUIDBCC2[4] = rUIDBCC2[0] ^ rUIDBCC2[1] ^ rUIDBCC2[2] ^ rUIDBCC2[3];
-	}
-
-	if (MF_DBGLEVEL >= 1)	{
-		if (!_7BUID) {
-			Dbprintf("4B UID: %02x%02x%02x%02x", 
-				rUIDBCC1[0], rUIDBCC1[1], rUIDBCC1[2], rUIDBCC1[3]);
-		} else {
-			Dbprintf("7B UID: (%02x)%02x%02x%02x%02x%02x%02x%02x",
-				rUIDBCC1[0], rUIDBCC1[1], rUIDBCC1[2], rUIDBCC1[3],
-				rUIDBCC2[0], rUIDBCC2[1] ,rUIDBCC2[2], rUIDBCC2[3]);
-		}
+	switch (_UID_LEN) {
+		case 4:
+			// save CUID
+			cuid = bytes_to_num(rUIDBCC1, 4);
+			// BCC
+			rUIDBCC1[4] = rUIDBCC1[0] ^ rUIDBCC1[1] ^ rUIDBCC1[2] ^ rUIDBCC1[3];
+			if (MF_DBGLEVEL >= 2)	{
+				Dbprintf("4B UID: %02x%02x%02x%02x", 
+					rUIDBCC1[0],
+					rUIDBCC1[1],
+					rUIDBCC1[2],
+					rUIDBCC1[3]
+				);
+			}
+			break;
+		case 7:
+			rATQA[0] |= 0x40;
+			// save CUID
+			cuid = bytes_to_num(rUIDBCC2, 4);
+			 // CascadeTag, CT
+			rUIDBCC1[0] = 0x88;
+			// BCC
+			rUIDBCC1[4] = rUIDBCC1[0] ^ rUIDBCC1[1] ^ rUIDBCC1[2] ^ rUIDBCC1[3]; 
+			rUIDBCC2[4] = rUIDBCC2[0] ^ rUIDBCC2[1] ^ rUIDBCC2[2] ^ rUIDBCC2[3]; 
+			if (MF_DBGLEVEL >= 2)	{
+				Dbprintf("7B UID: %02x %02x %02x %02x %02x %02x %02x",
+					rUIDBCC1[1],
+					rUIDBCC1[2],
+					rUIDBCC1[3],
+					rUIDBCC2[0],
+					rUIDBCC2[1],
+					rUIDBCC2[2],
+					rUIDBCC2[3]
+				);
+			}
+			break;
+		case 10:
+			rATQA[0] |= 0x80;
+			//sak_10[0] &= 0xFB;					
+			// save CUID
+			cuid = bytes_to_num(rUIDBCC3, 4);
+			 // CascadeTag, CT
+			rUIDBCC1[0] = 0x88;
+			rUIDBCC2[0] = 0x88;
+			// BCC
+			rUIDBCC1[4] = rUIDBCC1[0] ^ rUIDBCC1[1] ^ rUIDBCC1[2] ^ rUIDBCC1[3];
+			rUIDBCC2[4] = rUIDBCC2[0] ^ rUIDBCC2[1] ^ rUIDBCC2[2] ^ rUIDBCC2[3];
+			rUIDBCC3[4] = rUIDBCC3[0] ^ rUIDBCC3[1] ^ rUIDBCC3[2] ^ rUIDBCC3[3];
+
+			if (MF_DBGLEVEL >= 2)	{
+				Dbprintf("10B UID: %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x",
+					rUIDBCC1[1],
+					rUIDBCC1[2],
+					rUIDBCC1[3],
+					rUIDBCC2[1],
+					rUIDBCC2[2],
+					rUIDBCC2[3],
+					rUIDBCC3[0],
+					rUIDBCC3[1],
+					rUIDBCC3[2],
+					rUIDBCC3[3]
+				);
+			}
+			break;
+		default: 
+			break;
 	}
 
 	// We need to listen to the high-frequency, peak-detected path.
@@ -2421,9 +2505,9 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
 	clear_trace();
 	set_tracing(TRUE);
 
-
 	bool finished = FALSE;
-	while (!BUTTON_PRESS() && !finished) {
+	bool button_pushed = BUTTON_PRESS();
+	while (!button_pushed && !finished && !usb_poll_validate_length()) {
 		WDT_HIT();
 
 		// find reader field
@@ -2433,11 +2517,10 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
 				cardSTATE_TO_IDLE();
 				LED_A_ON();
 			}
-		} 
-		if(cardSTATE == MFEMUL_NOFIELD) continue;
+		}
+		if (cardSTATE == MFEMUL_NOFIELD) continue;
 
 		//Now, get data
-
 		res = EmGetCmd(receivedCmd, &len, receivedCmd_par);
 		if (res == 2) { //Field is off!
 			cardSTATE = MFEMUL_NOFIELD;
@@ -2446,11 +2529,11 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
 		} else if (res == 1) {
 			break; 	//return value 1 means button press
 		}
-			
+
 		// REQ or WUP request in ANY state and WUP in HALTED state
-		if (len == 1 && ((receivedCmd[0] == 0x26 && cardSTATE != MFEMUL_HALTED) || receivedCmd[0] == 0x52)) {
+		if (len == 1 && ((receivedCmd[0] == ISO14443A_CMD_REQA && cardSTATE != MFEMUL_HALTED) || receivedCmd[0] == ISO14443A_CMD_WUPA)) {
 			selTimer = GetTickCount();
-			EmSendCmdEx(rATQA, sizeof(rATQA), (receivedCmd[0] == 0x52));
+			EmSendCmdEx(rATQA, sizeof(rATQA), (receivedCmd[0] == ISO14443A_CMD_WUPA));
 			cardSTATE = MFEMUL_SELECT1;
 
 			// init crypto block
@@ -2458,6 +2541,9 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
 			LED_C_OFF();
 			crypto1_destroy(pcs);
 			cardAUTHKEY = 0xff;
+			if (flags & FLAG_RANDOM_NONCE) {
+				nonce = prand();
+			}
 			continue;
 		}
 		
@@ -2469,59 +2555,141 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
 				break;
 			}
 			case MFEMUL_SELECT1:{
-				// select all
-				if (len == 2 && (receivedCmd[0] == 0x93 && receivedCmd[1] == 0x20)) {
+				// select all - 0x93 0x20
+				if (len == 2 && (receivedCmd[0] == ISO14443A_CMD_ANTICOLL_OR_SELECT && receivedCmd[1] == 0x20)) {
 					if (MF_DBGLEVEL >= 4)	Dbprintf("SELECT ALL received");
 					EmSendCmd(rUIDBCC1, sizeof(rUIDBCC1));
 					break;
 				}
 
-				if (MF_DBGLEVEL >= 4 && len == 9 && receivedCmd[0] == 0x93 && receivedCmd[1] == 0x70 )
-				{
-					Dbprintf("SELECT %02x%02x%02x%02x received",receivedCmd[2],receivedCmd[3],receivedCmd[4],receivedCmd[5]);
+				// select card - 0x93 0x70 ...
+				if (len == 9 &&
+						(receivedCmd[0] == ISO14443A_CMD_ANTICOLL_OR_SELECT && receivedCmd[1] == 0x70 && memcmp(&receivedCmd[2], rUIDBCC1, 4) == 0)) {
+					if (MF_DBGLEVEL >= 4) 
+						Dbprintf("SELECT %02x%02x%02x%02x received",receivedCmd[2],receivedCmd[3],receivedCmd[4],receivedCmd[5]);
+					
+					switch(_UID_LEN) {
+						case 4:
+							cardSTATE = MFEMUL_WORK;
+							LED_B_ON();
+							if (MF_DBGLEVEL >= 4)	Dbprintf("--> WORK. anticol1 time: %d", GetTickCount() - selTimer);
+							EmSendCmd(rSAKfinal, sizeof(rSAKfinal));
+							break;
+						case 7:
+							cardSTATE	= MFEMUL_SELECT2;
+							EmSendCmd(rSAK1, sizeof(rSAK1));
+							break;
+						case 10:
+							cardSTATE	= MFEMUL_SELECT2;
+							EmSendCmd(rSAK1, sizeof(rSAK1));
+							break;
+						default:break;
+					}
+				} else {
+					cardSTATE_TO_IDLE();
 				}
-				// select card
+				break;
+			}
+			case MFEMUL_SELECT3:{
+				if (!len) { 
+					LogTrace(Uart.output, Uart.len, Uart.startTime*16 - DELAY_AIR2ARM_AS_TAG, Uart.endTime*16 - DELAY_AIR2ARM_AS_TAG, Uart.parity, TRUE);
+					break;
+				}
+				// select all cl3 - 0x97 0x20
+				if (len == 2 && (receivedCmd[0] == ISO14443A_CMD_ANTICOLL_OR_SELECT_3 && receivedCmd[1] == 0x20)) {
+					EmSendCmd(rUIDBCC3, sizeof(rUIDBCC3));
+					break;
+				}
+				// select card cl3 - 0x97 0x70
 				if (len == 9 && 
-						(receivedCmd[0] == 0x93 && receivedCmd[1] == 0x70 && memcmp(&receivedCmd[2], rUIDBCC1, 4) == 0)) {
-					EmSendCmd(_7BUID?rSAK1:rSAK, _7BUID?sizeof(rSAK1):sizeof(rSAK));
-					cuid = bytes_to_num(rUIDBCC1, 4);
-					if (!_7BUID) {
-						cardSTATE = MFEMUL_WORK;
-						LED_B_ON();
-						if (MF_DBGLEVEL >= 4)	Dbprintf("--> WORK. anticol1 time: %d", GetTickCount() - selTimer);
-						break;
-					} else {
-						cardSTATE = MFEMUL_SELECT2;
-					}
+						(receivedCmd[0] == ISO14443A_CMD_ANTICOLL_OR_SELECT_3 &&
+						 receivedCmd[1] == 0x70 && 
+						 memcmp(&receivedCmd[2], rUIDBCC3, 4) == 0) ) {
+
+					EmSendCmd(rSAKfinal, sizeof(rSAKfinal));
+					cardSTATE = MFEMUL_WORK;
+					LED_B_ON();
+					if (MF_DBGLEVEL >= 4)	Dbprintf("--> WORK. anticol3 time: %d", GetTickCount() - selTimer);
+					break;
 				}
+				cardSTATE_TO_IDLE();
 				break;
 			}
 			case MFEMUL_AUTH1:{
-				if( len != 8)
-				{
+				if( len != 8) {
 					cardSTATE_TO_IDLE();
 					LogTrace(Uart.output, Uart.len, Uart.startTime*16 - DELAY_AIR2ARM_AS_TAG, Uart.endTime*16 - DELAY_AIR2ARM_AS_TAG, Uart.parity, TRUE);
 					break;
 				}
 
-				uint32_t ar = bytes_to_num(receivedCmd, 4);
-				uint32_t nr = bytes_to_num(&receivedCmd[4], 4);
-
-				//Collect AR/NR
-				if(ar_nr_collected < 2){
-					if(ar_nr_responses[2] != ar)
-					{// Avoid duplicates... probably not necessary, ar should vary. 
-						ar_nr_responses[ar_nr_collected*4] = cuid;
-						ar_nr_responses[ar_nr_collected*4+1] = nonce;
-						ar_nr_responses[ar_nr_collected*4+2] = ar;
-						ar_nr_responses[ar_nr_collected*4+3] = nr;
-						ar_nr_collected++;
+				uint32_t nr = bytes_to_num(receivedCmd, 4);
+				uint32_t ar = bytes_to_num(&receivedCmd[4], 4);
+	
+				// Collect AR/NR per keytype & sector
+				if(flags & FLAG_NR_AR_ATTACK) {
+					for (uint8_t i = 0; i < ATTACK_KEY_COUNT; i++) {
+						if ( ar_nr_collected[i+mM]==0 || ((cardAUTHSC == ar_nr_resp[i+mM].sector) && (cardAUTHKEY == ar_nr_resp[i+mM].keytype) && (ar_nr_collected[i+mM] > 0)) ) {
+							// if first auth for sector, or matches sector and keytype of previous auth
+							if (ar_nr_collected[i+mM] < 2) {
+								// if we haven't already collected 2 nonces for this sector
+								if (ar_nr_resp[ar_nr_collected[i+mM]].ar != ar) {
+									// Avoid duplicates... probably not necessary, ar should vary. 
+									if (ar_nr_collected[i+mM]==0) {
+										// first nonce collect
+										ar_nr_resp[i+mM].cuid = cuid;
+										ar_nr_resp[i+mM].sector = cardAUTHSC;
+										ar_nr_resp[i+mM].keytype = cardAUTHKEY;
+										ar_nr_resp[i+mM].nonce = nonce;
+										ar_nr_resp[i+mM].nr = nr;
+										ar_nr_resp[i+mM].ar = ar;
+										nonce1_count++;
+										// add this nonce to first moebius nonce
+										ar_nr_resp[i+ATTACK_KEY_COUNT].cuid = cuid;
+										ar_nr_resp[i+ATTACK_KEY_COUNT].sector = cardAUTHSC;
+										ar_nr_resp[i+ATTACK_KEY_COUNT].keytype = cardAUTHKEY;
+										ar_nr_resp[i+ATTACK_KEY_COUNT].nonce = nonce;
+										ar_nr_resp[i+ATTACK_KEY_COUNT].nr = nr;
+										ar_nr_resp[i+ATTACK_KEY_COUNT].ar = ar;
+										ar_nr_collected[i+ATTACK_KEY_COUNT]++;
+									} else { // second nonce collect (std and moebius)
+										ar_nr_resp[i+mM].nonce2 = nonce;
+										ar_nr_resp[i+mM].nr2 = nr;
+										ar_nr_resp[i+mM].ar2 = ar;
+										if (!gettingMoebius) {
+											nonce2_count++;
+											// check if this was the last second nonce we need for std attack
+											if ( nonce2_count == nonce1_count ) {
+												// done collecting std test switch to moebius
+												// first finish incrementing last sample
+												ar_nr_collected[i+mM]++; 
+												// switch to moebius collection
+												gettingMoebius = true;
+												mM = ATTACK_KEY_COUNT;
+												if (flags & FLAG_RANDOM_NONCE) {
+													nonce = prand();
+												} else {
+													nonce = nonce*7;
+												}
+												break;
+											}
+										} else {
+											moebius_n_count++;
+											// if we've collected all the nonces we need - finish.
+											if (nonce1_count == moebius_n_count) finished = true;
+										}
+									}
+									ar_nr_collected[i+mM]++;
+								}
+							}
+							// we found right spot for this nonce stop looking
+							break;
+						}
 					}
 				}
 
 				// --- crypto
-				crypto1_word(pcs, ar , 1);
-				cardRr = nr ^ crypto1_word(pcs, 0, 0);
+				crypto1_word(pcs, nr , 1);
+				cardRr = ar ^ crypto1_word(pcs, 0, 0);
 
 				// test if auth OK
 				if (cardRr != prng_successor(nonce, 64)){
@@ -2537,6 +2705,7 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
 					break;
 				}
 
+				//auth successful
 				ans = prng_successor(nonce, 96) ^ crypto1_word(pcs, 0, 0);
 
 				num_to_bytes(ans, 4, rAUTH_AT);
@@ -2553,20 +2722,29 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
 				if (!len) { 
 					LogTrace(Uart.output, Uart.len, Uart.startTime*16 - DELAY_AIR2ARM_AS_TAG, Uart.endTime*16 - DELAY_AIR2ARM_AS_TAG, Uart.parity, TRUE);
 					break;
-				}
-				if (len == 2 && (receivedCmd[0] == 0x95 && receivedCmd[1] == 0x20)) {
+				}	
+				// select all cl2 - 0x95 0x20
+				if (len == 2 && (receivedCmd[0] == ISO14443A_CMD_ANTICOLL_OR_SELECT_2 && receivedCmd[1] == 0x20)) {
 					EmSendCmd(rUIDBCC2, sizeof(rUIDBCC2));
 					break;
 				}
 
-				// select 2 card
+				// select cl2 card - 0x95 0x70 xxxxxxxxxxxx
 				if (len == 9 && 
-						(receivedCmd[0] == 0x95 && receivedCmd[1] == 0x70 && memcmp(&receivedCmd[2], rUIDBCC2, 4) == 0)) {
-					EmSendCmd(rSAK, sizeof(rSAK));
-					cuid = bytes_to_num(rUIDBCC2, 4);
-					cardSTATE = MFEMUL_WORK;
-					LED_B_ON();
-					if (MF_DBGLEVEL >= 4)	Dbprintf("--> WORK. anticol2 time: %d", GetTickCount() - selTimer);
+						(receivedCmd[0] == ISO14443A_CMD_ANTICOLL_OR_SELECT_2 && receivedCmd[1] == 0x70 && memcmp(&receivedCmd[2], rUIDBCC2, 4) == 0)) {
+					switch(_UID_LEN) {
+						case 7:
+							EmSendCmd(rSAKfinal, sizeof(rSAKfinal));
+							cardSTATE = MFEMUL_WORK;
+							LED_B_ON();
+							if (MF_DBGLEVEL >= 4)	Dbprintf("--> WORK. anticol2 time: %d", GetTickCount() - selTimer);
+							break;
+						case 10:
+							EmSendCmd(rSAK1, sizeof(rSAK1));
+							cardSTATE = MFEMUL_SELECT3;
+							break;
+						default:break;
+					}
 					break;
 				}
 				
@@ -2594,11 +2772,22 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
 				}
 				
 				if (len == 4 && (receivedCmd[0] == 0x60 || receivedCmd[0] == 0x61)) {
+
+					// if authenticating to a block that shouldn't exist - as long as we are not doing the reader attack
+					if (receivedCmd[1] >= 16 * 4 && !(flags & FLAG_NR_AR_ATTACK)) {
+						//is this the correct response to an auth on a out of range block? marshmellow
+						EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA));
+						if (MF_DBGLEVEL >= 2) Dbprintf("Reader tried to operate (0x%02x) on out of range block: %d (0x%02x), nacking",receivedCmd[0],receivedCmd[1],receivedCmd[1]);
+						break;
+					}
+
 					authTimer = GetTickCount();
 					cardAUTHSC = receivedCmd[1] / 4;  // received block num
 					cardAUTHKEY = receivedCmd[0] - 0x60;
 					crypto1_destroy(pcs);//Added by martin
 					crypto1_create(pcs, emlGetKey(cardAUTHSC, cardAUTHKEY));
+					//uint64_t key=emlGetKey(cardAUTHSC, cardAUTHKEY);
+					//Dbprintf("key: %04x%08x",(uint32_t)(key>>32)&0xFFFF,(uint32_t)(key&0xFFFFFFFF));
 
 					if (!encrypted_data) { // first authentication
 						if (MF_DBGLEVEL >= 4) Dbprintf("Reader authenticating for block %d (0x%02x) with key %d",receivedCmd[1] ,receivedCmd[1],cardAUTHKEY  );
@@ -2775,45 +2964,48 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
 				break;
 			}
 		}
+		button_pushed = BUTTON_PRESS();
 	}
 
 	FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
 	LEDsoff();
 
-	if(flags & FLAG_INTERACTIVE)// Interactive mode flag, means we need to send ACK
-	{
-		//May just aswell send the collected ar_nr in the response aswell
-		cmd_send(CMD_ACK,CMD_SIMULATE_MIFARE_CARD,0,0,&ar_nr_responses,ar_nr_collected*4*4);
-	}
-
-	if(flags & FLAG_NR_AR_ATTACK)
-	{
-		if(ar_nr_collected > 1) {
-			Dbprintf("Collected two pairs of AR/NR which can be used to extract keys from reader:");
-			Dbprintf("../tools/mfkey/mfkey32 %08x %08x %08x %08x %08x %08x",
-					ar_nr_responses[0], // UID
-					ar_nr_responses[1], //NT
-					ar_nr_responses[2], //AR1
-					ar_nr_responses[3], //NR1
-					ar_nr_responses[6], //AR2
-					ar_nr_responses[7] //NR2
-					);
-		} else {
-			Dbprintf("Failed to obtain two AR/NR pairs!");
-			if(ar_nr_collected >0) {
-				Dbprintf("Only got these: UID=%08x, nonce=%08x, AR1=%08x, NR1=%08x",
-						ar_nr_responses[0], // UID
-						ar_nr_responses[1], //NT
-						ar_nr_responses[2], //AR1
-						ar_nr_responses[3] //NR1
+	if(flags & FLAG_NR_AR_ATTACK && MF_DBGLEVEL >= 1) {
+		for ( uint8_t	i = 0; i < ATTACK_KEY_COUNT; i++) {
+			if (ar_nr_collected[i] == 2) {
+				Dbprintf("Collected two pairs of AR/NR which can be used to extract %s from reader for sector %d:", (i<ATTACK_KEY_COUNT/2) ? "keyA" : "keyB", ar_nr_resp[i].sector);
+				Dbprintf("../tools/mfkey/mfkey32 %08x %08x %08x %08x %08x %08x",
+						ar_nr_resp[i].cuid,  //UID
+						ar_nr_resp[i].nonce, //NT
+						ar_nr_resp[i].nr,    //NR1
+						ar_nr_resp[i].ar,    //AR1
+						ar_nr_resp[i].nr2,   //NR2
+						ar_nr_resp[i].ar2    //AR2
+						);
+			}
+		}	
+		for ( uint8_t	i = ATTACK_KEY_COUNT; i < ATTACK_KEY_COUNT*2; i++) {
+			if (ar_nr_collected[i] == 2) {
+				Dbprintf("Collected two pairs of AR/NR which can be used to extract %s from reader for sector %d:", (i<ATTACK_KEY_COUNT/2) ? "keyA" : "keyB", ar_nr_resp[i].sector);
+				Dbprintf("../tools/mfkey/mfkey32v2 %08x %08x %08x %08x %08x %08x %08x",
+						ar_nr_resp[i].cuid,  //UID
+						ar_nr_resp[i].nonce, //NT
+						ar_nr_resp[i].nr,    //NR1
+						ar_nr_resp[i].ar,    //AR1
+						ar_nr_resp[i].nonce2,//NT2
+						ar_nr_resp[i].nr2,   //NR2
+						ar_nr_resp[i].ar2    //AR2
 						);
 			}
 		}
 	}
 	if (MF_DBGLEVEL >= 1)	Dbprintf("Emulator stopped. Tracing: %d  trace length: %d ",	tracing, BigBuf_get_traceLen());
-	
-}
 
+	if(flags & FLAG_INTERACTIVE) { // Interactive mode flag, means we need to send ACK
+		//Send the collected ar_nr in the response
+		cmd_send(CMD_ACK,CMD_SIMULATE_MIFARE_CARD,button_pushed,0,&ar_nr_resp,sizeof(ar_nr_resp));
+	}
+}
 
 
 //-----------------------------------------------------------------------------