fix bug in moebius nonce collection - now finishes

also cleaned up some comments
note previous update added the creation of a stats.txt file to generate
statistics of the differences between std mfkey32 and the moebius
version.

diff --git a/armsrc/iso14443a.c b/armsrc/iso14443a.c
index 7b7314dd81d6246f35fa9246d3ae8fc338dca4ea..6216fc4acc51f28b36160b5a5f8858a9c684a6d5 100644 (file)
--- a/armsrc/iso14443a.c
+++ b/armsrc/iso14443a.c
@@ -2382,7 +2382,7 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
 
        uint8_t ar_nr_collected[ATTACK_KEY_COUNT*2];
        memset(ar_nr_collected, 0x00, sizeof(ar_nr_collected));
 
        uint8_t ar_nr_collected[ATTACK_KEY_COUNT*2];
        memset(ar_nr_collected, 0x00, sizeof(ar_nr_collected));

-       bool collectMoebius = false;
+       bool gettingMoebius = false;

        uint8_t nonce1_count = 0;
        uint8_t nonce2_count = 0;
        uint8_t moebius_n_count = 0;
        uint8_t nonce1_count = 0;
        uint8_t nonce2_count = 0;
        uint8_t moebius_n_count = 0;


@@ -2623,7 +2623,7 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
                                //Collect AR/NR per keytype & sector
                                if(flags & FLAG_NR_AR_ATTACK) {
                                        for (uint8_t i = 0; i < ATTACK_KEY_COUNT; i++) {
                                //Collect AR/NR per keytype & sector
                                if(flags & FLAG_NR_AR_ATTACK) {
                                        for (uint8_t i = 0; i < ATTACK_KEY_COUNT; i++) {

-                                               if ( ar_nr_collected[i+mM]==0 || (cardAUTHSC == ar_nr_resp[i+mM].sector && cardAUTHKEY == ar_nr_resp[i+mM].keytype && ar_nr_collected[i+mM] > 0) ) {
+                                               if ( ar_nr_collected[i+mM]==0 || ((cardAUTHSC == ar_nr_resp[i+mM].sector) && (cardAUTHKEY == ar_nr_resp[i+mM].keytype) && (ar_nr_collected[i+mM] > 0)) ) {

                                                        // if first auth for sector, or matches sector and keytype of previous auth
                                                        if (ar_nr_collected[i+mM] < 2) {
                                                                // if we haven't already collected 2 nonces for this sector
                                                        // if first auth for sector, or matches sector and keytype of previous auth
                                                        if (ar_nr_collected[i+mM] < 2) {
                                                                // if we haven't already collected 2 nonces for this sector


@@ -2650,14 +2650,18 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
                                                                                ar_nr_resp[i+mM].nonce2 = nonce;
                                                                                ar_nr_resp[i+mM].nr2 = nr;
                                                                                ar_nr_resp[i+mM].ar2 = ar;
                                                                                ar_nr_resp[i+mM].nonce2 = nonce;
                                                                                ar_nr_resp[i+mM].nr2 = nr;
                                                                                ar_nr_resp[i+mM].ar2 = ar;

-                                                                               if (!collectMoebius) {
+                                                                               if (!gettingMoebius) {

                                                                                        nonce2_count++;
                                                                                        //check if this was the last second nonce we need for std attack
                                                                                        if ( nonce2_count == nonce1_count ) {
                                                                                                //done collecting std test switch to moebius
                                                                                        nonce2_count++;
                                                                                        //check if this was the last second nonce we need for std attack
                                                                                        if ( nonce2_count == nonce1_count ) {
                                                                                                //done collecting std test switch to moebius

-                                                                                               collectMoebius = true;
+                                                                                                 //finish incrementing last sample
+                                                                                               ar_nr_collected[i+mM]++; 
+                                                                                               //switch to moebius collection
+                                                                                               gettingMoebius = true;

                                                                                                mM = ATTACK_KEY_COUNT;
                                                                                                nonce = nonce*7;
                                                                                                mM = ATTACK_KEY_COUNT;
                                                                                                nonce = nonce*7;

+                                                                                               break;

                                                                                        }
                                                                                } else {
                                                                                        moebius_n_count++;
                                                                                        }
                                                                                } else {
                                                                                        moebius_n_count++;


@@ -2666,15 +2670,16 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
                                                                                }
                                                                        }
                                                                        ar_nr_collected[i+mM]++;
                                                                                }
                                                                        }
                                                                        ar_nr_collected[i+mM]++;

-                                                                       break;

                                                                }
                                                                }

-                                                       } else { //already collected 2 nonces for sector - reader looping? - quit
+                                                       } else { //already collected 2 nonces for sector - dump out

                                                                //finished = true;
                                                        }
                                                                //finished = true;
                                                        }

+                                                       // we found right spot for this nonce stop looking
+                                                       break;

                                                }
                                        }
                                }
                                                }
                                        }
                                }

-       
+

                                // --- crypto
                                crypto1_word(pcs, nr , 1);
                                cardRr = ar ^ crypto1_word(pcs, 0, 0);
                                // --- crypto
                                crypto1_word(pcs, nr , 1);
                                cardRr = ar ^ crypto1_word(pcs, 0, 0);


@@ -2759,7 +2764,9 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
                                }
                                
                                if (len == 4 && (receivedCmd[0] == 0x60 || receivedCmd[0] == 0x61)) {
                                }
                                
                                if (len == 4 && (receivedCmd[0] == 0x60 || receivedCmd[0] == 0x61)) {

-                                       if (receivedCmd[1] >= 16 * 4) {
+
+                                       // if authenticating to a block that shouldn't exist - as long as we are not doing the reader attack
+                                       if (receivedCmd[1] >= 16 * 4 && !(flags & FLAG_NR_AR_ATTACK)) {

                                                //is this the correct response to an auth on a out of range block? marshmellow
                                                EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA));
                                                if (MF_DBGLEVEL >= 2) Dbprintf("Reader tried to operate (0x%02x) on out of range block: %d (0x%02x), nacking",receivedCmd[0],receivedCmd[1],receivedCmd[1]);
                                                //is this the correct response to an auth on a out of range block? marshmellow
                                                EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA));
                                                if (MF_DBGLEVEL >= 2) Dbprintf("Reader tried to operate (0x%02x) on out of range block: %d (0x%02x), nacking",receivedCmd[0],receivedCmd[1],receivedCmd[1]);

diff --git a/client/cmdhfmf.c b/client/cmdhfmf.c
index 4b82e698b3bae89e74fdd00812cdea9a33824faf..c565a7cf222bac705e1cb21a1b4d7227b6eba719 100644 (file)
--- a/client/cmdhfmf.c
+++ b/client/cmdhfmf.c
@@ -1072,6 +1072,7 @@ int CmdHF14AMf1kSim(const char *Cmd)
        cmdp = param_getchar(Cmd, pnr);\r
        if (cmdp == 'x' || cmdp == 'X') {\r
                flags |= FLAG_NR_AR_ATTACK;\r
        cmdp = param_getchar(Cmd, pnr);\r
        if (cmdp == 'x' || cmdp == 'X') {\r
                flags |= FLAG_NR_AR_ATTACK;\r

+               pnr++;\r

        }\r
 \r
        cmdp = param_getchar(Cmd, pnr);\r
        }\r
 \r
        cmdp = param_getchar(Cmd, pnr);\r


@@ -1119,7 +1120,7 @@ int CmdHF14AMf1kSim(const char *Cmd)
                                if (ar_resp[i].ar2 > 0) {\r
                                        //PrintAndLog("Trying sector %d, cuid %08x, nt %08x, ar %08x, nr %08x, ar2 %08x, nr2 %08x",ar_resp[i].sector, ar_resp[i].cuid,ar_resp[i].nonce,ar_resp[i].ar,ar_resp[i].nr,ar_resp[i].ar2,ar_resp[i].nr2);\r
                                        if (mfkey32(ar_resp[i], &key)) {\r
                                if (ar_resp[i].ar2 > 0) {\r
                                        //PrintAndLog("Trying sector %d, cuid %08x, nt %08x, ar %08x, nr %08x, ar2 %08x, nr2 %08x",ar_resp[i].sector, ar_resp[i].cuid,ar_resp[i].nonce,ar_resp[i].ar,ar_resp[i].nr,ar_resp[i].ar2,ar_resp[i].nr2);\r
                                        if (mfkey32(ar_resp[i], &key)) {\r

-                                               PrintAndLog("Found Key%s for sector %d: [%04x%08x]", (ar_resp[i].keytype) ? "B" : "A", ar_resp[i].sector, (uint32_t) (key>>32), (uint32_t) (key &0xFFFFFFFF));\r
+                                               PrintAndLog("Found Key%s for sector %02d: [%04x%08x]", (ar_resp[i].keytype) ? "B" : "A", ar_resp[i].sector, (uint32_t) (key>>32), (uint32_t) (key &0xFFFFFFFF));\r

 \r
                                                for (uint8_t ii = 0; ii<ATTACK_KEY_COUNT; ii++) {\r
                                                        if (key_cnt[ii]==0 || stSector[ii]==ar_resp[i].sector) {\r
 \r
                                                for (uint8_t ii = 0; ii<ATTACK_KEY_COUNT; ii++) {\r
                                                        if (key_cnt[ii]==0 || stSector[ii]==ar_resp[i].sector) {\r


@@ -1151,7 +1152,7 @@ int CmdHF14AMf1kSim(const char *Cmd)
                                                char cmd1[36];\r
                                                memset(cmd1,0x00,sizeof(cmd1));\r
                                                snprintf(cmd1,sizeof(cmd1),"%04x%08xFF078069%04x%08x",(uint32_t) (sector_trailer[i].keyA>>32), (uint32_t) (sector_trailer[i].keyA &0xFFFFFFFF),(uint32_t) (sector_trailer[i].keyB>>32), (uint32_t) (sector_trailer[i].keyB &0xFFFFFFFF));\r
                                                char cmd1[36];\r
                                                memset(cmd1,0x00,sizeof(cmd1));\r
                                                snprintf(cmd1,sizeof(cmd1),"%04x%08xFF078069%04x%08x",(uint32_t) (sector_trailer[i].keyA>>32), (uint32_t) (sector_trailer[i].keyA &0xFFFFFFFF),(uint32_t) (sector_trailer[i].keyB>>32), (uint32_t) (sector_trailer[i].keyB &0xFFFFFFFF));\r

-                                               //PrintAndLog("%s",cmd1);\r
+                                               PrintAndLog("Setting Emulator Memory Block %02d: [%s]",stSector[i]*4+3, cmd1);\r

                                                if (param_gethex(cmd1, 0, memBlock, 32)) {\r
                                                        PrintAndLog("block data must include 32 HEX symbols");\r
                                                        return 1;\r
                                                if (param_gethex(cmd1, 0, memBlock, 32)) {\r
                                                        PrintAndLog("block data must include 32 HEX symbols");\r
                                                        return 1;\r


@@ -1168,7 +1169,7 @@ int CmdHF14AMf1kSim(const char *Cmd)
                        for (uint8_t i = ATTACK_KEY_COUNT; i<ATTACK_KEY_COUNT*2; i++) {\r
                                if (ar_resp[i].ar2 > 0) {\r
                                        if (tryMfk32_moebius(ar_resp[i], &key)) {\r
                        for (uint8_t i = ATTACK_KEY_COUNT; i<ATTACK_KEY_COUNT*2; i++) {\r
                                if (ar_resp[i].ar2 > 0) {\r
                                        if (tryMfk32_moebius(ar_resp[i], &key)) {\r

-                                               PrintAndLog("M-Found Key%s for sector %d: [%04x%08x]", (ar_resp[i].keytype) ? "B" : "A", ar_resp[i].sector, (uint32_t) (key>>32), (uint32_t) (key &0xFFFFFFFF));\r
+                                               PrintAndLog("M-Found Key%s for sector %02d: [%04x%08x]", (ar_resp[i].keytype) ? "B" : "A", ar_resp[i].sector, (uint32_t) (key>>32), (uint32_t) (key &0xFFFFFFFF));\r

                                        }\r
                                }\r
                        }\r
                                        }\r
                                }\r
                        }\r

diff --git a/client/nonce2key/nonce2key.c b/client/nonce2key/nonce2key.c
index 3750366b44d8818c6ae6cad1bf45465d882bfae5..fcf34a737ce9cb37d35753f6466b32e718dba6fa 100644 (file)
--- a/client/nonce2key/nonce2key.c
+++ b/client/nonce2key/nonce2key.c
@@ -164,14 +164,6 @@ bool mfkey32(nonces_t data, uint64_t *outputkey) {
        clock_t t1 = clock();
        bool isSuccess = FALSE;
        uint8_t counter=0;
        clock_t t1 = clock();
        bool isSuccess = FALSE;
        uint8_t counter=0;

-       //PrintAndLog("Enter mfkey32");
-       //PrintAndLog("Trying sector %d, cuid %08x, nt %08x, nr %08x, ar %08x, nr2 %08x, ar2 %08x",data.sector, uid, nt,nr0_enc,ar0_enc,nr1_enc,ar1_enc);
-       // Generate lfsr succesors of the tag challenge
-       //prng_successor(nt, 64);
-       //prng_successor(nt, 96);
-
-       // Extract the keystream from the messages
-       //ks2 = ar0_enc ^ prng_successor(nt, 64);

 
        s = lfsr_recovery32(ar0_enc ^ prng_successor(nt, 64), 0);
 
 
        s = lfsr_recovery32(ar0_enc ^ prng_successor(nt, 64), 0);