]> git.zerfleddert.de Git - proxmark3-svn/blob - client/cmdhficlass.c
projects / proxmark3-svn / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
fix 'hf iclass writebl' and 'hf iclass clone' (#896)
[proxmark3-svn] / client / cmdhficlass.c
1 //-----------------------------------------------------------------------------
2 // Copyright (C) 2010 iZsh <izsh at fail0verflow.com>, Hagen Fritsch
3 // Copyright (C) 2011 Gerhard de Koning Gans
4 // Copyright (C) 2014 Midnitesnake & Andy Davies & Martin Holst Swende
5 // Copyright (C) 2019 piwi
6 //
7 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
8 // at your option, any later version. See the LICENSE.txt file for the text of
9 // the license.
10 //-----------------------------------------------------------------------------
11 // High frequency iClass commands
12 //-----------------------------------------------------------------------------
13
14 #include <stdio.h>
15 #include <stdlib.h>
16 #include <string.h>
17 #include <sys/stat.h>
18 #include <ctype.h>
19 #include "iso14443crc.h" // Can also be used for iClass, using 0xE012 as CRC-type
20 #include "comms.h"
21 #include "ui.h"
22 #include "cliparser/cliparser.h"
23 #include "cmdparser.h"
24 #include "cmdhficlass.h"
25 #include "common.h"
26 #include "util.h"
27 #include "cmdmain.h"
28 #include "mbedtls/des.h"
29 #include "loclass/cipherutils.h"
30 #include "loclass/cipher.h"
31 #include "loclass/ikeys.h"
32 #include "loclass/elite_crack.h"
33 #include "loclass/fileutils.h"
34 #include "protocols.h"
35 #include "usb_cmd.h"
36 #include "cmdhfmfu.h"
37 #include "util_posix.h"
38 #include "cmdhf14a.h" // DropField()
39
40
41 #define ICLASS_KEYS_MAX 8
42 static uint8_t iClass_Key_Table[ICLASS_KEYS_MAX][8] = {
43 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
44 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
45 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
46 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
47 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
48 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
49 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
50 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }
51 };
52
53
54 // iclass / picopass chip config structures and shared routines
55 typedef struct {
56 uint8_t app_limit; //[8]
57 uint8_t otp[2]; //[9-10]
58 uint8_t block_writelock;//[11]
59 uint8_t chip_config; //[12]
60 uint8_t mem_config; //[13]
61 uint8_t eas; //[14]
62 uint8_t fuses; //[15]
63 } picopass_conf_block;
64
65 typedef struct {
66 uint8_t csn[8];
67 picopass_conf_block conf;
68 uint8_t epurse[8];
69 uint8_t key_d[8];
70 uint8_t key_c[8];
71 uint8_t app_issuer_area[8];
72 } picopass_hdr;
73
74
75 static void fuse_config(const picopass_hdr *hdr) {
76 uint8_t fuses = hdr->conf.fuses;
77
78 if (fuses & FUSE_FPERS)
79 PrintAndLog(" Mode: Personalization [Programmable]");
80 else
81 PrintAndLog(" Mode: Application [Locked]");
82
83 if (fuses & FUSE_CODING1)
84 PrintAndLog("Coding: RFU");
85 else {
86 if (fuses & FUSE_CODING0)
87 PrintAndLog("Coding: ISO 14443-2 B/ISO 15693");
88 else
89 PrintAndLog("Coding: ISO 14443B only");
90 }
91 if ((fuses & FUSE_CRYPT1) && (fuses & FUSE_CRYPT0)) PrintAndLog(" Crypt: Secured page, keys not locked");
92 if ((fuses & FUSE_CRYPT1) && !(fuses & FUSE_CRYPT0)) PrintAndLog(" Crypt: Secured page, keys locked");
93 if (!(fuses & FUSE_CRYPT1) && (fuses & FUSE_CRYPT0)) PrintAndLog(" Crypt: Non secured page");
94 if (!(fuses & FUSE_CRYPT1) && !(fuses & FUSE_CRYPT0)) PrintAndLog(" Crypt: No auth possible. Read only if RA is enabled");
95
96 if (fuses & FUSE_RA)
97 PrintAndLog(" RA: Read access enabled");
98 else
99 PrintAndLog(" RA: Read access not enabled");
100 }
101
102
103 static void getMemConfig(uint8_t mem_cfg, uint8_t chip_cfg, uint8_t *max_blk, uint8_t *app_areas, uint8_t *kb) {
104 // mem-bit 5, mem-bit 7, chip-bit 4: defines chip type
105 if((chip_cfg & 0x10) && !(mem_cfg & 0x80) && !(mem_cfg & 0x20)) {
106 *kb = 2;
107 *app_areas = 2;
108 *max_blk = 31;
109 } else if((chip_cfg & 0x10) && (mem_cfg & 0x80) && !(mem_cfg & 0x20)) {
110 *kb = 16;
111 *app_areas = 2;
112 *max_blk = 255; //16kb
113 } else if(!(chip_cfg & 0x10) && !(mem_cfg & 0x80) && !(mem_cfg & 0x20)) {
114 *kb = 16;
115 *app_areas = 16;
116 *max_blk = 255; //16kb
117 } else if((chip_cfg & 0x10) && (mem_cfg & 0x80) && (mem_cfg & 0x20)) {
118 *kb = 32;
119 *app_areas = 3;
120 *max_blk = 255; //16kb
121 } else if(!(chip_cfg & 0x10) && !(mem_cfg & 0x80) && (mem_cfg & 0x20)) {
122 *kb = 32;
123 *app_areas = 17;
124 *max_blk = 255; //16kb
125 } else {
126 *kb = 32;
127 *app_areas = 2;
128 *max_blk = 255;
129 }
130 }
131
132
133 static void mem_app_config(const picopass_hdr *hdr) {
134 uint8_t mem = hdr->conf.mem_config;
135 uint8_t chip = hdr->conf.chip_config;
136 uint8_t applimit = hdr->conf.app_limit;
137 if (applimit < 6) applimit = 26;
138 uint8_t kb = 2;
139 uint8_t app_areas = 2;
140 uint8_t max_blk = 31;
141 getMemConfig(mem, chip, &max_blk, &app_areas, &kb);
142 PrintAndLog(" Mem: %u KBits/%u App Areas (%u * 8 bytes) [%02X]", kb, app_areas, max_blk+1, mem);
143 PrintAndLog(" AA1: blocks 06-%02X", applimit);
144 PrintAndLog(" AA2: blocks %02X-%02X", applimit+1, max_blk);
145 }
146
147
148 static void printIclassDumpInfo(uint8_t* iclass_dump) {
149 fuse_config((picopass_hdr*)iclass_dump);
150 mem_app_config((picopass_hdr*)iclass_dump);
151 }
152
153
154 static void usage_hf_iclass_chk(void) {
155 PrintAndLog("Checkkeys loads a dictionary text file with 8byte hex keys to test authenticating against a iClass tag");
156 PrintAndLog("Usage: hf iclass chk [h|e|r] <f (*.dic)>");
157 PrintAndLog("Options:");
158 PrintAndLog("h Show this help");
159 PrintAndLog("f <filename> Dictionary file with default iclass keys");
160 PrintAndLog(" e target Elite / High security key scheme");
161 PrintAndLog(" r interpret dictionary file as raw (diversified keys)");
162 PrintAndLog("Samples:");
163 PrintAndLog(" hf iclass chk f default_iclass_keys.dic");
164 PrintAndLog(" hf iclass chk f default_iclass_keys.dic e");
165 }
166
167
168 static int CmdHFiClassList(const char *Cmd) {
169 PrintAndLog("Deprecated command, use 'hf list iclass' instead");
170 return 0;
171 }
172
173
174 static int CmdHFiClassSnoop(const char *Cmd) {
175
176 CLIParserInit("hf iclass snoop", "\nSnoop a communication between an iClass Reader and an iClass Tag.", NULL);
177 void* argtable[] = {
178 arg_param_begin,
179 arg_lit0("j", "jam", "Jam (prevent) e-purse Updates"),
180 arg_param_end
181 };
182 if (CLIParserParseString(Cmd, argtable, arg_getsize(argtable), true)){
183 CLIParserFree();
184 return 0;
185 }
186
187 bool jam_epurse_update = arg_get_lit(1);
188
189 const uint8_t update_epurse_sequence[2] = {0x87, 0x02};
190
191 UsbCommand c = {CMD_SNOOP_ICLASS, {0}};
192 if (jam_epurse_update) {
193 c.arg[0] = sizeof(update_epurse_sequence);
194 memcpy(c.d.asBytes, update_epurse_sequence, sizeof(update_epurse_sequence));
195 }
196 SendCommand(&c);
197
198 return 0;
199 }
200
201
202 static void usage_hf_iclass_sim(void) {
203 PrintAndLog("Usage: hf iclass sim <option> [CSN]");
204 PrintAndLog(" options");
205 PrintAndLog(" 0 <CSN> simulate the given CSN");
206 PrintAndLog(" 1 simulate default CSN");
207 PrintAndLog(" 2 Reader-attack, gather reader responses to extract elite key");
208 PrintAndLog(" 3 Full simulation using emulator memory (see 'hf iclass eload')");
209 PrintAndLog(" example: hf iclass sim 0 031FEC8AF7FF12E0");
210 PrintAndLog(" example: hf iclass sim 2");
211 PrintAndLog(" example: hf iclass eload 'tagdump.bin'");
212 PrintAndLog(" hf iclass sim 3");
213 }
214
215
216 // the original malicious IDs from Flavio D. Garcia, Gerhard de Koning Gans, Roel Verdult,
217 // and Milosch Meriac. Dismantling iClass and iClass Elite.
218 #define NUM_CSNS 15
219 static uint8_t csns[8 * NUM_CSNS] = {
220 0x00, 0x0B, 0x0F, 0xFF, 0xF7, 0xFF, 0x12, 0xE0,
221 0x00, 0x04, 0x0E, 0x08, 0xF7, 0xFF, 0x12, 0xE0,
222 0x00, 0x09, 0x0D, 0x05, 0xF7, 0xFF, 0x12, 0xE0,
223 0x00, 0x0A, 0x0C, 0x06, 0xF7, 0xFF, 0x12, 0xE0,
224 0x00, 0x0F, 0x0B, 0x03, 0xF7, 0xFF, 0x12, 0xE0,
225 0x00, 0x08, 0x0A, 0x0C, 0xF7, 0xFF, 0x12, 0xE0,
226 0x00, 0x0D, 0x09, 0x09, 0xF7, 0xFF, 0x12, 0xE0,
227 0x00, 0x0E, 0x08, 0x0A, 0xF7, 0xFF, 0x12, 0xE0,
228 0x00, 0x03, 0x07, 0x17, 0xF7, 0xFF, 0x12, 0xE0,
229 0x00, 0x3C, 0x06, 0xE0, 0xF7, 0xFF, 0x12, 0xE0,
230 0x00, 0x01, 0x05, 0x1D, 0xF7, 0xFF, 0x12, 0xE0,
231 0x00, 0x02, 0x04, 0x1E, 0xF7, 0xFF, 0x12, 0xE0,
232 0x00, 0x07, 0x03, 0x1B, 0xF7, 0xFF, 0x12, 0xE0,
233 0x00, 0x00, 0x02, 0x24, 0xF7, 0xFF, 0x12, 0xE0,
234 0x00, 0x05, 0x01, 0x21, 0xF7, 0xFF, 0x12, 0xE0 };
235
236
237 // pre-defined 9 CSNs by iceman.
238 // only one csn depend on several others.
239 // six depends only on the first csn, (0,1, 0x45)
240
241 // #define NUM_CSNS 9
242 // static uint8_t csns[8 * NUM_CSNS] = {
243 // 0x01, 0x0A, 0x0F, 0xFF, 0xF7, 0xFF, 0x12, 0xE0,
244 // 0x0C, 0x06, 0x0C, 0xFE, 0xF7, 0xFF, 0x12, 0xE0,
245 // 0x10, 0x97, 0x83, 0x7B, 0xF7, 0xFF, 0x12, 0xE0,
246 // 0x13, 0x97, 0x82, 0x7A, 0xF7, 0xFF, 0x12, 0xE0,
247 // 0x07, 0x0E, 0x0D, 0xF9, 0xF7, 0xFF, 0x12, 0xE0,
248 // 0x14, 0x96, 0x84, 0x76, 0xF7, 0xFF, 0x12, 0xE0,
249 // 0x17, 0x96, 0x85, 0x71, 0xF7, 0xFF, 0x12, 0xE0,
250 // 0xCE, 0xC5, 0x0F, 0x77, 0xF7, 0xFF, 0x12, 0xE0,
251 // 0xD2, 0x5A, 0x82, 0xF8, 0xF7, 0xFF, 0x12, 0xE0
252 // //0x04, 0x08, 0x9F, 0x78, 0x6E, 0xFF, 0x12, 0xE0
253 // };
254
255
256 static int CmdHFiClassSim(const char *Cmd) {
257 uint8_t simType = 0;
258 uint8_t CSN[8] = {0, 0, 0, 0, 0, 0, 0, 0};
259
260 if (strlen(Cmd) < 1) {
261 usage_hf_iclass_sim();
262 return 0;
263 }
264 simType = param_get8ex(Cmd, 0, 0, 10);
265
266 if (simType == ICLASS_SIM_MODE_CSN) {
267 if (param_gethex(Cmd, 1, CSN, 16)) {
268 PrintAndLog("A CSN should consist of 16 HEX symbols");
269 usage_hf_iclass_sim();
270 return 0;
271 }
272 PrintAndLog("--simtype:%02x csn:%s", simType, sprint_hex(CSN, 8));
273 }
274
275 if (simType == ICLASS_SIM_MODE_READER_ATTACK) {
276 UsbCommand c = {CMD_SIMULATE_TAG_ICLASS, {simType, NUM_CSNS}};
277 UsbCommand resp = {0};
278
279 memcpy(c.d.asBytes, csns, 8 * NUM_CSNS);
280
281 SendCommand(&c);
282 if (!WaitForResponseTimeout(CMD_ACK, &resp, -1)) {
283 PrintAndLog("Command timed out");
284 return 0;
285 }
286
287 uint8_t num_mac_responses = resp.arg[1];
288 PrintAndLog("Mac responses: %d MACs obtained (should be %d)", num_mac_responses, NUM_CSNS);
289
290 size_t datalen = NUM_CSNS * 24;
291 /*
292 * Now, time to dump to file. We'll use this format:
293 * <8-byte CSN><8-byte CC><4 byte NR><4 byte MAC>....
294 * So, it should wind up as
295 * 8 * 24 bytes.
296 *
297 * The returndata from the pm3 is on the following format
298 * <8 byte CC><4 byte NR><4 byte MAC>
299 * CSN is the same as was sent in
300 **/
301 void* dump = malloc(datalen);
302 for(int i = 0; i < NUM_CSNS; i++) {
303 memcpy(dump + i*24, csns+i*8, 8); //CSN
304 //copy CC from response
305 memcpy(dump + i*24 + 8, resp.d.asBytes + i*16, 8);
306 //Then comes NR_MAC (eight bytes from the response)
307 memcpy(dump + i*24 + 16, resp.d.asBytes + i*16 + 8, 8);
308 }
309 /** Now, save to dumpfile **/
310 saveFile("iclass_mac_attack", "bin", dump,datalen);
311 free(dump);
312
313 } else if (simType == ICLASS_SIM_MODE_CSN || simType == ICLASS_SIM_MODE_CSN_DEFAULT || simType == ICLASS_SIM_MODE_FULL) {
314 UsbCommand c = {CMD_SIMULATE_TAG_ICLASS, {simType, 0}};
315 memcpy(c.d.asBytes, CSN, 8);
316 SendCommand(&c);
317
318 } else {
319 PrintAndLog("Undefined simtype %d", simType);
320 usage_hf_iclass_sim();
321 return 0;
322 }
323
324 return 0;
325 }
326
327
328 int HFiClassReader(bool loop, bool verbose) {
329
330 bool tagFound = false;
331 UsbCommand c = {CMD_READER_ICLASS, {FLAG_ICLASS_READER_INIT | FLAG_ICLASS_READER_CLEARTRACE | FLAG_ICLASS_READER_CSN | FLAG_ICLASS_READER_CONF | FLAG_ICLASS_READER_CC | FLAG_ICLASS_READER_AA} };
332 UsbCommand resp;
333
334 while (!ukbhit()) {
335 SendCommand(&c);
336 if (WaitForResponseTimeout(CMD_ACK,&resp, 4500)) {
337 uint8_t readStatus = resp.arg[0] & 0xff;
338 uint8_t *data = resp.d.asBytes;
339
340 // no tag found
341 if (readStatus == 0 && !loop) {
342 // abort
343 if (verbose) PrintAndLog("Quitting...");
344 DropField();
345 return 0;
346 }
347
348 if (readStatus & FLAG_ICLASS_READER_CSN) {
349 PrintAndLog(" CSN: %s",sprint_hex(data,8));
350 tagFound = true;
351 }
352 if (readStatus & FLAG_ICLASS_READER_CC) {
353 PrintAndLog(" CC: %s",sprint_hex(data+16,8));
354 }
355 if (readStatus & FLAG_ICLASS_READER_CONF) {
356 printIclassDumpInfo(data);
357 }
358 if (readStatus & FLAG_ICLASS_READER_AA) {
359 bool legacy = true;
360 PrintAndLog(" AppIA: %s",sprint_hex(data+8*5,8));
361 for (int i = 0; i<8; i++) {
362 if (data[8*5+i] != 0xFF) {
363 legacy = false;
364 }
365 }
366 PrintAndLog(" : Possible iClass %s",(legacy) ? "(legacy tag)" : "(NOT legacy tag)");
367 }
368
369 if (tagFound && !loop) return 1;
370 } else {
371 if (verbose) PrintAndLog("Command execute timeout");
372 }
373 if (!loop) break;
374 }
375
376 DropField();
377 return 0;
378 }
379
380
381 static void usage_hf_iclass_reader(void) {
382 PrintAndLogEx(NORMAL, "Act as a Iclass reader. Look for iClass tags until Enter or the pm3 button is pressed\n");
383 PrintAndLogEx(NORMAL, "Usage: hf iclass reader [h] [1]\n");
384 PrintAndLogEx(NORMAL, "Options:");
385 PrintAndLogEx(NORMAL, " h This help text");
386 PrintAndLogEx(NORMAL, " 1 read only 1 tag");
387 PrintAndLogEx(NORMAL, "Examples:");
388 PrintAndLogEx(NORMAL, " hf iclass reader 1");
389 }
390
391
392 static int CmdHFiClassReader(const char *Cmd) {
393 char cmdp = tolower(param_getchar(Cmd, 0));
394 if (cmdp == 'h') {
395 usage_hf_iclass_reader();
396 return 0;
397 }
398 bool findone = (cmdp == '1') ? false : true;
399 return HFiClassReader(findone, true);
400 }
401
402
403 static void usage_hf_iclass_eload(void) {
404 PrintAndLog("Loads iclass tag-dump into emulator memory on device");
405 PrintAndLog("Usage: hf iclass eload f <filename>");
406 PrintAndLog("");
407 PrintAndLog("Example: hf iclass eload f iclass_tagdump-aa162d30f8ff12f1.bin");
408 }
409
410
411 static int CmdHFiClassELoad(const char *Cmd) {
412
413 char opt = param_getchar(Cmd, 0);
414 if (strlen(Cmd)<1 || opt == 'h') {
415 usage_hf_iclass_eload();
416 return 0;
417 }
418
419 //File handling and reading
420 FILE *f;
421 char filename[FILE_PATH_SIZE];
422 if (opt == 'f' && param_getstr(Cmd, 1, filename, sizeof(filename)) > 0) {
423 f = fopen(filename, "rb");
424 } else {
425 usage_hf_iclass_eload();
426 return 0;
427 }
428
429 if (!f) {
430 PrintAndLog("Failed to read from file '%s'", filename);
431 return 1;
432 }
433
434 fseek(f, 0, SEEK_END);
435 long fsize = ftell(f);
436 fseek(f, 0, SEEK_SET);
437
438 if (fsize < 0) {
439 PrintAndLog("Error, when getting filesize");
440 fclose(f);
441 return 1;
442 }
443
444 uint8_t *dump = malloc(fsize);
445
446 size_t bytes_read = fread(dump, 1, fsize, f);
447 fclose(f);
448
449 printIclassDumpInfo(dump);
450 //Validate
451
452 if (bytes_read < fsize) {
453 prnlog("Error, could only read %d bytes (should be %d)",bytes_read, fsize );
454 free(dump);
455 return 1;
456 }
457 //Send to device
458 uint32_t bytes_sent = 0;
459 uint32_t bytes_remaining = bytes_read;
460
461 while (bytes_remaining > 0) {
462 uint32_t bytes_in_packet = MIN(USB_CMD_DATA_SIZE, bytes_remaining);
463 UsbCommand c = {CMD_ICLASS_EML_MEMSET, {bytes_sent,bytes_in_packet,0}};
464 memcpy(c.d.asBytes, dump+bytes_sent, bytes_in_packet);
465 SendCommand(&c);
466 bytes_remaining -= bytes_in_packet;
467 bytes_sent += bytes_in_packet;
468 }
469 free(dump);
470 PrintAndLog("Sent %d bytes of data to device emulator memory", bytes_sent);
471 return 0;
472 }
473
474
475 static int readKeyfile(const char *filename, size_t len, uint8_t* buffer) {
476 FILE *f = fopen(filename, "rb");
477 if(!f) {
478 PrintAndLog("Failed to read from file '%s'", filename);
479 return 1;
480 }
481 fseek(f, 0, SEEK_END);
482 long fsize = ftell(f);
483 fseek(f, 0, SEEK_SET);
484 size_t bytes_read = fread(buffer, 1, len, f);
485 fclose(f);
486 if(fsize != len)
487 {
488 PrintAndLog("Warning, file size is %d, expected %d", fsize, len);
489 return 1;
490 }
491 if(bytes_read != len)
492 {
493 PrintAndLog("Warning, could only read %d bytes, expected %d" ,bytes_read, len);
494 return 1;
495 }
496 return 0;
497 }
498
499
500 static void usage_hf_iclass_decrypt(void) {
501 PrintAndLog("Usage: hf iclass decrypt f <tagdump>");
502 PrintAndLog("");
503 PrintAndLog("OBS! In order to use this function, the file 'iclass_decryptionkey.bin' must reside");
504 PrintAndLog("in the working directory. The file should be 16 bytes binary data");
505 PrintAndLog("");
506 PrintAndLog("example: hf iclass decrypt f tagdump_12312342343.bin");
507 PrintAndLog("");
508 PrintAndLog("OBS! This is pretty stupid implementation, it tries to decrypt every block after block 6. ");
509 PrintAndLog("Correct behaviour would be to decrypt only the application areas where the key is valid,");
510 PrintAndLog("which is defined by the configuration block.");
511 }
512
513
514 static int CmdHFiClassDecrypt(const char *Cmd) {
515 uint8_t key[16] = { 0 };
516 if(readKeyfile("iclass_decryptionkey.bin", 16, key))
517 {
518 usage_hf_iclass_decrypt();
519 return 1;
520 }
521 PrintAndLog("Decryption file found... ");
522 char opt = param_getchar(Cmd, 0);
523 if (strlen(Cmd)<1 || opt == 'h') {
524 usage_hf_iclass_decrypt();
525 return 0;
526 }
527
528 //Open the tagdump-file
529 FILE *f;
530 char filename[FILE_PATH_SIZE];
531 if(opt == 'f' && param_getstr(Cmd, 1, filename, sizeof(filename)) > 0) {
532 f = fopen(filename, "rb");
533 if ( f == NULL ) {
534 PrintAndLog("Could not find file %s", filename);
535 return 1;
536 }
537 } else {
538 usage_hf_iclass_decrypt();
539 return 0;
540 }
541
542 fseek(f, 0, SEEK_END);
543 long fsize = ftell(f);
544 fseek(f, 0, SEEK_SET);
545 uint8_t enc_dump[8] = {0};
546 uint8_t *decrypted = malloc(fsize);
547 mbedtls_des3_context ctx = { {0} };
548 mbedtls_des3_set2key_dec( &ctx, key);
549 size_t bytes_read = fread(enc_dump, 1, 8, f);
550
551 //Use the first block (CSN) for filename
552 char outfilename[FILE_PATH_SIZE] = { 0 };
553 snprintf(outfilename,FILE_PATH_SIZE,"iclass_tagdump-%02x%02x%02x%02x%02x%02x%02x%02x-decrypted",
554 enc_dump[0],enc_dump[1],enc_dump[2],enc_dump[3],
555 enc_dump[4],enc_dump[5],enc_dump[6],enc_dump[7]);
556
557 size_t blocknum =0;
558 while(bytes_read == 8)
559 {
560 if(blocknum < 7)
561 {
562 memcpy(decrypted+(blocknum*8), enc_dump, 8);
563 }else{
564 mbedtls_des3_crypt_ecb(&ctx, enc_dump,decrypted +(blocknum*8) );
565 }
566 printvar("decrypted block", decrypted +(blocknum*8), 8);
567 bytes_read = fread(enc_dump, 1, 8, f);
568 blocknum++;
569 }
570 fclose(f);
571
572 saveFile(outfilename,"bin", decrypted, blocknum*8);
573 free(decrypted);
574 return 0;
575 }
576
577
578 static void usage_hf_iclass_encrypt(void) {
579 PrintAndLog("Usage: hf iclass encrypt <BlockData>");
580 PrintAndLog("");
581 PrintAndLog("OBS! In order to use this function, the file 'iclass_decryptionkey.bin' must reside");
582 PrintAndLog("in the working directory. The file should be 16 bytes binary data");
583 PrintAndLog("");
584 PrintAndLog("example: hf iclass encrypt 0102030405060708");
585 PrintAndLog("");
586 }
587
588
589 static int iClassEncryptBlkData(uint8_t *blkData) {
590 uint8_t key[16] = { 0 };
591 if(readKeyfile("iclass_decryptionkey.bin", 16, key))
592 {
593 usage_hf_iclass_encrypt();
594 return 1;
595 }
596 PrintAndLog("Decryption file found... ");
597
598 uint8_t encryptedData[16];
599 uint8_t *encrypted = encryptedData;
600 mbedtls_des3_context ctx = { {0} };
601 mbedtls_des3_set2key_enc( &ctx, key);
602
603 mbedtls_des3_crypt_ecb(&ctx, blkData,encrypted);
604 //printvar("decrypted block", decrypted, 8);
605 memcpy(blkData,encrypted,8);
606
607 return 1;
608 }
609
610
611 static int CmdHFiClassEncryptBlk(const char *Cmd) {
612 uint8_t blkData[8] = {0};
613 char opt = param_getchar(Cmd, 0);
614 if (strlen(Cmd)<1 || opt == 'h') {
615 usage_hf_iclass_encrypt();
616 return 0;
617 }
618 //get the bytes to encrypt
619 if (param_gethex(Cmd, 0, blkData, 16)) {
620 PrintAndLog("BlockData must include 16 HEX symbols");
621 return 0;
622 }
623 if (!iClassEncryptBlkData(blkData)) return 0;
624 printvar("encrypted block", blkData, 8);
625 return 1;
626 }
627
628
629 static void Calc_wb_mac(uint8_t blockno, uint8_t *data, uint8_t *div_key, uint8_t MAC[4]) {
630 uint8_t WB[9];
631 WB[0] = blockno;
632 memcpy(WB+1, data, 8);
633 doMAC_N(WB, sizeof(WB), div_key, MAC);
634 //printf("Cal wb mac block [%02x][%02x%02x%02x%02x%02x%02x%02x%02x] : MAC [%02x%02x%02x%02x]",WB[0],WB[1],WB[2],WB[3],WB[4],WB[5],WB[6],WB[7],WB[8],MAC[0],MAC[1],MAC[2],MAC[3]);
635 }
636
637
638 static bool iClass_select(uint8_t *CSN, bool verbose, bool cleartrace, bool init) {
639
640 UsbCommand c = {CMD_READER_ICLASS, {FLAG_ICLASS_READER_CSN}};
641 if (init) c.arg[0] |= FLAG_ICLASS_READER_INIT;
642 if (cleartrace) c.arg[0] |= FLAG_ICLASS_READER_CLEARTRACE;
643
644 UsbCommand resp;
645 clearCommandBuffer();
646 SendCommand(&c);
647 if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
648 PrintAndLog("Command execute timeout");
649 return false;
650 }
651
652 uint8_t isOK = resp.arg[0] & 0xff;
653 uint8_t *data = resp.d.asBytes;
654
655 if (isOK & FLAG_ICLASS_READER_CSN) {
656 memcpy(CSN, data, 8);
657 if (verbose) PrintAndLog("CSN: %s", sprint_hex(CSN, 8));
658 } else {
659 PrintAndLog("Failed to select card! Aborting");
660 return false;
661 }
662 return true;
663 }
664
665
666 static void HFiClassCalcDivKey(uint8_t *CSN, uint8_t *KEY, uint8_t *div_key, bool elite){
667 uint8_t keytable[128] = {0};
668 uint8_t key_index[8] = {0};
669 if (elite) {
670 uint8_t key_sel[8] = { 0 };
671 uint8_t key_sel_p[8] = { 0 };
672 hash2(KEY, keytable);
673 hash1(CSN, key_index);
674 for(uint8_t i = 0; i < 8 ; i++)
675 key_sel[i] = keytable[key_index[i]] & 0xFF;
676
677 //Permute from iclass format to standard format
678 permutekey_rev(key_sel, key_sel_p);
679 diversifyKey(CSN, key_sel_p, div_key);
680 } else {
681 diversifyKey(CSN, KEY, div_key);
682 }
683 }
684
685
686 static bool iClass_authenticate(uint8_t *CSN, uint8_t *KEY, uint8_t *MAC, uint8_t *div_key, bool use_credit_key, bool elite, bool rawkey, bool replay, bool verbose) {
687
688 //get div_key
689 if (rawkey || replay)
690 memcpy(div_key, KEY, 8);
691 else
692 HFiClassCalcDivKey(CSN, KEY, div_key, elite);
693
694 char keytypetext[23] = "legacy diversified key";
695 if (rawkey) {
696 strcpy(keytypetext, "raw key");
697 } else if (replay) {
698 strcpy(keytypetext, "replayed NR/MAC");
699 } else if (elite) {
700 strcpy(keytypetext, "Elite diversified key");
701 }
702
703 if (verbose) PrintAndLog("Authenticating with %s: %s", keytypetext, sprint_hex(div_key, 8));
704
705 UsbCommand resp;
706 UsbCommand d = {CMD_ICLASS_READCHECK, {2, use_credit_key, 0}};
707
708 clearCommandBuffer();
709 SendCommand(&d);
710
711 if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
712 if (verbose) PrintAndLog("Auth Command (READCHECK[2]) execute timeout");
713 return false;
714 }
715 bool isOK = resp.arg[0];
716 if (!isOK) {
717 if (verbose) PrintAndLog("Couldn't get Card Challenge");
718 return false;
719 }
720
721 if (replay) {
722 memcpy(MAC, KEY+4, 4);
723 } else {
724 uint8_t CCNR[12];
725 memcpy(CCNR, resp.d.asBytes, 8);
726 memset(CCNR+8, 0x00, 4); // default NR = {0, 0, 0, 0}
727 doMAC(CCNR, div_key, MAC);
728 }
729
730 d.cmd = CMD_ICLASS_CHECK;
731 if (replay) {
732 memcpy(d.d.asBytes, KEY, 8);
733 } else {
734 memset(d.d.asBytes, 0x00, 4); // default NR = {0, 0, 0, 0}
735 memcpy(d.d.asBytes+4, MAC, 4);
736 }
737 clearCommandBuffer();
738 SendCommand(&d);
739 if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
740 if (verbose) PrintAndLog("Auth Command (CHECK) execute timeout");
741 return false;
742 }
743 isOK = resp.arg[0];
744 if (!isOK) {
745 if (verbose) PrintAndLog("Authentication error");
746 return false;
747 }
748 return true;
749 }
750
751
752 static void usage_hf_iclass_dump(void) {
753 PrintAndLog("Usage: hf iclass dump f <fileName> k <Key> c <CreditKey> e|r|n\n");
754 PrintAndLog("Options:");
755 PrintAndLog(" f <filename> : specify a filename to save dump to");
756 PrintAndLog(" k <Key> : *Debit Key (AA1) as 16 hex symbols (8 bytes) or 1 hex to select key from memory");
757 PrintAndLog(" c <CreditKey>: Credit Key (AA2) as 16 hex symbols (8 bytes) or 1 hex to select key from memory");
758 PrintAndLog(" e : If 'e' is specified, the keys are interpreted as Elite");
759 PrintAndLog(" Custom Keys (KCus), which can be obtained via reader-attack");
760 PrintAndLog(" See 'hf iclass sim 2'. This key should be on iclass-format");
761 PrintAndLog(" r : If 'r' is specified, keys are interpreted as raw blocks 3/4");
762 PrintAndLog(" n : If 'n' is specified, keys are interpreted as NR/MAC pairs which can be obtained by 'hf iclass snoop'");
763 PrintAndLog(" NOTE: * = required");
764 PrintAndLog("Samples:");
765 PrintAndLog(" hf iclass dump k 001122334455667B");
766 PrintAndLog(" hf iclass dump k AAAAAAAAAAAAAAAA c 001122334455667B");
767 PrintAndLog(" hf iclass dump k AAAAAAAAAAAAAAAA e");
768 }
769
770
771 static void printIclassDumpContents(uint8_t *iclass_dump, uint8_t startblock, uint8_t endblock, size_t filesize) {
772 uint8_t mem_config;
773 memcpy(&mem_config, iclass_dump + 13,1);
774 uint8_t maxmemcount;
775 uint8_t filemaxblock = filesize / 8;
776 if (mem_config & 0x80)
777 maxmemcount = 255;
778 else
779 maxmemcount = 31;
780 //PrintAndLog ("endblock: %d, filesize: %d, maxmemcount: %d, filemaxblock: %d", endblock,filesize, maxmemcount, filemaxblock);
781
782 if (startblock == 0)
783 startblock = 6;
784 if ((endblock > maxmemcount) || (endblock == 0))
785 endblock = maxmemcount;
786
787 // remember endblock need to relate to zero-index arrays.
788 if (endblock > filemaxblock-1)
789 endblock = filemaxblock;
790
791 int i = startblock;
792 printf("------+--+-------------------------+\n");
793 while (i <= endblock) {
794 uint8_t *blk = iclass_dump + (i * 8);
795 printf("Block |%02X| %s|\n", i, sprint_hex(blk, 8) );
796 i++;
797 }
798 printf("------+--+-------------------------+\n");
799 }
800
801
802 static int CmdHFiClassReader_Dump(const char *Cmd) {
803
804 uint8_t MAC[4] = {0x00,0x00,0x00,0x00};
805 uint8_t div_key[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
806 uint8_t c_div_key[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
807 uint8_t blockno = 0;
808 uint8_t AA1_maxBlk = 0;
809 uint8_t maxBlk = 31;
810 uint8_t app_areas = 1;
811 uint8_t kb = 2;
812 uint8_t KEY[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
813 uint8_t CreditKEY[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
814 uint8_t keyNbr = 0;
815 uint8_t dataLen = 0;
816 uint8_t fileNameLen = 0;
817 char filename[FILE_PATH_SIZE]={0};
818 char tempStr[50] = {0};
819 bool have_debit_key = false;
820 bool have_credit_key = false;
821 bool use_credit_key = false;
822 bool elite = false;
823 bool rawkey = false;
824 bool NRMAC_replay = false;
825 bool errors = false;
826 bool verbose = false;
827 uint8_t cmdp = 0;
828
829 while (param_getchar(Cmd, cmdp) != 0x00 && !errors) {
830 switch(param_getchar(Cmd, cmdp)) {
831 case 'h':
832 case 'H':
833 usage_hf_iclass_dump();
834 return 0;
835 case 'c':
836 case 'C':
837 have_credit_key = true;
838 dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
839 if (dataLen == 16) {
840 errors = param_gethex(tempStr, 0, CreditKEY, dataLen);
841 } else if (dataLen == 1) {
842 keyNbr = param_get8(Cmd, cmdp+1);
843 if (keyNbr < ICLASS_KEYS_MAX) {
844 memcpy(CreditKEY, iClass_Key_Table[keyNbr], 8);
845 } else {
846 PrintAndLog("\nERROR: Credit KeyNbr is invalid\n");
847 errors = true;
848 }
849 } else {
850 PrintAndLog("\nERROR: Credit Key is incorrect length\n");
851 errors = true;
852 }
853 cmdp += 2;
854 break;
855 case 'e':
856 case 'E':
857 elite = true;
858 cmdp++;
859 break;
860 case 'f':
861 case 'F':
862 fileNameLen = param_getstr(Cmd, cmdp+1, filename, sizeof(filename));
863 if (fileNameLen < 1) {
864 PrintAndLog("No filename found after f");
865 errors = true;
866 }
867 cmdp += 2;
868 break;
869 case 'k':
870 case 'K':
871 have_debit_key = true;
872 dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
873 if (dataLen == 16) {
874 errors = param_gethex(tempStr, 0, KEY, dataLen);
875 } else if (dataLen == 1) {
876 keyNbr = param_get8(Cmd, cmdp+1);
877 if (keyNbr < ICLASS_KEYS_MAX) {
878 memcpy(KEY, iClass_Key_Table[keyNbr], 8);
879 } else {
880 PrintAndLog("\nERROR: Debit KeyNbr is invalid\n");
881 errors = true;
882 }
883 } else {
884 PrintAndLog("\nERROR: Debit Key is incorrect length\n");
885 errors = true;
886 }
887 cmdp += 2;
888 break;
889 case 'r':
890 case 'R':
891 rawkey = true;
892 cmdp++;
893 break;
894 case 'n':
895 case 'N':
896 NRMAC_replay = true;
897 cmdp++;
898 break;
899 case 'v':
900 case 'V':
901 verbose = true;
902 cmdp++;
903 break;
904 default:
905 PrintAndLog("Unknown parameter '%c'\n", param_getchar(Cmd, cmdp));
906 errors = true;
907 break;
908 }
909 }
910
911 if (elite + rawkey + NRMAC_replay > 1) {
912 PrintAndLog("You cannot combine the 'e', 'r', and 'n' options\n");
913 errors = true;
914 }
915
916 if (errors || cmdp < 2) {
917 usage_hf_iclass_dump();
918 return 0;
919 }
920
921 // if only credit key is given: try for AA1 as well (not for iclass but for some picopass this will work)
922 if (!have_debit_key && have_credit_key) {
923 memcpy(KEY, CreditKEY, 8);
924 }
925
926 // clear trace and get first 3 blocks
927 UsbCommand c = {CMD_READER_ICLASS, {FLAG_ICLASS_READER_INIT | FLAG_ICLASS_READER_CLEARTRACE | FLAG_ICLASS_READER_CSN | FLAG_ICLASS_READER_CONF | FLAG_ICLASS_READER_CC}};
928 UsbCommand resp;
929 uint8_t tag_data[256*8];
930
931 clearCommandBuffer();
932 SendCommand(&c);
933 if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
934 PrintAndLog("Command execute timeout");
935 DropField();
936 return 0;
937 }
938
939 uint8_t readStatus = resp.arg[0] & 0xff;
940 uint8_t *data = resp.d.asBytes;
941 uint8_t status_mask = FLAG_ICLASS_READER_CSN | FLAG_ICLASS_READER_CONF | FLAG_ICLASS_READER_CC;
942
943 if (readStatus != status_mask) {
944 PrintAndLog("No tag found ...");
945 return 0;
946 } else {
947 memcpy(tag_data, data, 8*3);
948 if (verbose) PrintAndLog("CSN: %s", sprint_hex(tag_data, 8));
949 AA1_maxBlk = data[8];
950 getMemConfig(data[13], data[12], &maxBlk, &app_areas, &kb);
951 // large memory - not able to dump pages currently
952 if (AA1_maxBlk > maxBlk) AA1_maxBlk = maxBlk;
953 }
954
955 // authenticate with debit key (or credit key if we have no debit key) and get div_key - later store in dump block 3
956 if (!iClass_authenticate(tag_data, KEY, MAC, div_key, false, elite, rawkey, NRMAC_replay, verbose)) {
957 DropField();
958 return 0;
959 }
960
961 // read AA1
962 UsbCommand w = {CMD_ICLASS_DUMP};
963 uint32_t blocksRead = 0;
964 for (blockno = 3; blockno <= AA1_maxBlk; blockno += blocksRead) {
965 w.arg[0] = blockno;
966 w.arg[1] = AA1_maxBlk - blockno + 1;
967 clearCommandBuffer();
968 SendCommand(&w);
969 if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
970 PrintAndLog("Command execute time-out 1");
971 DropField();
972 return 1;
973 }
974 blocksRead = resp.arg[1];
975 bool isOK = resp.arg[0];
976 if (!isOK) {
977 PrintAndLog("Reading AA1 block failed");
978 DropField();
979 return 0;
980 }
981 memcpy(tag_data + blockno*8, resp.d.asBytes, blocksRead*8);
982 }
983
984 // do we still need to read more blocks (AA2 enabled)?
985 if (have_credit_key && maxBlk > AA1_maxBlk) {
986 if (!use_credit_key) {
987 //turn off hf field before authenticating with different key
988 DropField();
989 // AA2 authenticate credit key and git c_div_key - later store in dump block 4
990 uint8_t CSN[8];
991 if (!iClass_select(CSN, verbose, false, true) || !iClass_authenticate(CSN, CreditKEY, MAC, c_div_key, true, false, false, NRMAC_replay, verbose)){
992 DropField();
993 return 0;
994 }
995 }
996 for ( ; blockno <= maxBlk; blockno += blocksRead) {
997 w.arg[0] = blockno;
998 w.arg[1] = maxBlk - blockno + 1;
999 clearCommandBuffer();
1000 SendCommand(&w);
1001 if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
1002 PrintAndLog("Command execute time-out 1");
1003 DropField();
1004 return 1;
1005 }
1006 blocksRead = resp.arg[1];
1007 bool isOK = resp.arg[0];
1008 if (!isOK) {
1009 PrintAndLog("Reading AA2 block failed");
1010 DropField();
1011 return 0;
1012 }
1013 memcpy(tag_data + blockno*8, resp.d.asBytes, blocksRead*8);
1014 }
1015 }
1016
1017 DropField();
1018
1019 // add diversified keys to dump
1020 if (have_debit_key) {
1021 memcpy(tag_data + 3*8, div_key, 8);
1022 } else {
1023 memset(tag_data + 3*8, 0xff, 8);
1024 }
1025 if (have_credit_key) {
1026 memcpy(tag_data + 4*8, c_div_key, 8);
1027 } else {
1028 memset(tag_data + 4*8, 0xff, 8);
1029 }
1030
1031 // print the dump
1032 printf("------+--+-------------------------+\n");
1033 printf("CSN |00| %s|\n",sprint_hex(tag_data, 8));
1034 printIclassDumpContents(tag_data, 1, blockno-1, blockno*8);
1035
1036 if (filename[0] == 0) {
1037 snprintf(filename, FILE_PATH_SIZE,"iclass_tagdump-%02x%02x%02x%02x%02x%02x%02x%02x",
1038 tag_data[0],tag_data[1],tag_data[2],tag_data[3],
1039 tag_data[4],tag_data[5],tag_data[6],tag_data[7]);
1040 }
1041
1042 // save the dump to .bin file
1043 PrintAndLog("Saving dump file - %d blocks read", blockno);
1044 saveFile(filename, "bin", tag_data, blockno*8);
1045 return 1;
1046 }
1047
1048
1049 static int WriteBlock(uint8_t blockno, uint8_t *bldata, uint8_t *KEY, bool use_credit_key, bool elite, bool rawkey, bool NRMAC_replay, bool verbose) {
1050
1051 uint8_t MAC[4] = {0x00,0x00,0x00,0x00};
1052 uint8_t div_key[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1053 uint8_t CSN[8];
1054
1055 if (!iClass_select(CSN, verbose, true, true) || !iClass_authenticate(CSN, KEY, MAC, div_key, use_credit_key, elite, rawkey, NRMAC_replay, verbose)) {
1056 DropField();
1057 return 0;
1058 }
1059
1060 UsbCommand resp;
1061
1062 Calc_wb_mac(blockno, bldata, div_key, MAC);
1063
1064 UsbCommand w = {CMD_ICLASS_WRITEBLOCK, {blockno}};
1065 memcpy(w.d.asBytes, bldata, 8);
1066 memcpy(w.d.asBytes + 8, MAC, 4);
1067
1068 clearCommandBuffer();
1069 SendCommand(&w);
1070 if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
1071 PrintAndLog("Write Command execute timeout");
1072 DropField();
1073 return 0;
1074 }
1075 bool isOK = resp.arg[0];
1076 if (!isOK) {
1077 PrintAndLog("Write Block Failed");
1078 DropField();
1079 return 0;
1080 }
1081
1082 PrintAndLog("Write Block Successful");
1083 return 1;
1084 }
1085
1086
1087 static void usage_hf_iclass_writeblock(void) {
1088 PrintAndLog("Options:");
1089 PrintAndLog(" b <Block> : The block number as 2 hex symbols");
1090 PrintAndLog(" d <data> : Set the Data to write as 16 hex symbols");
1091 PrintAndLog(" k <Key> : Access Key as 16 hex symbols or 1 hex to select key from memory");
1092 PrintAndLog(" c : If 'c' is specified, the key set is assumed to be the credit key\n");
1093 PrintAndLog(" e : If 'e' is specified, elite computations applied to key");
1094 PrintAndLog(" r : If 'r' is specified, no computations applied to key");
1095 PrintAndLog(" o : override protection and allow modification of blocks 0...4");
1096 PrintAndLog("Samples:");
1097 PrintAndLog(" hf iclass writeblk b 0A d AAAAAAAAAAAAAAAA k 001122334455667B");
1098 PrintAndLog(" hf iclass writeblk b 1B d AAAAAAAAAAAAAAAA k 001122334455667B c");
1099 PrintAndLog(" hf iclass writeblk b 03 d AAAAAAAAAAAAAAAA k 001122334455667B c o");
1100 }
1101
1102
1103 static int CmdHFiClass_WriteBlock(const char *Cmd) {
1104 uint8_t blockno = 0;
1105 uint8_t bldata[8] = {0};
1106 uint8_t KEY[8] = {0};
1107 uint8_t keyNbr = 0;
1108 uint8_t dataLen = 0;
1109 char tempStr[50] = {0};
1110 bool use_credit_key = false;
1111 bool elite = false;
1112 bool rawkey = false;
1113 bool override_protection = false;
1114 bool errors = false;
1115 uint8_t cmdp = 0;
1116
1117 while (param_getchar(Cmd, cmdp) != 0x00 && !errors) {
1118 switch(param_getchar(Cmd, cmdp)) {
1119 case 'h':
1120 case 'H':
1121 usage_hf_iclass_writeblock();
1122 return 0;
1123 case 'b':
1124 case 'B':
1125 if (param_gethex(Cmd, cmdp+1, &blockno, 2)) {
1126 PrintAndLog("Block No must include 2 HEX symbols\n");
1127 errors = true;
1128 }
1129 cmdp += 2;
1130 break;
1131 case 'c':
1132 case 'C':
1133 use_credit_key = true;
1134 cmdp++;
1135 break;
1136 case 'd':
1137 case 'D':
1138 if (param_gethex(Cmd, cmdp+1, bldata, 16)) {
1139 PrintAndLog("Data must include 16 HEX symbols\n");
1140 errors = true;
1141 }
1142 cmdp += 2;
1143 break;
1144 case 'e':
1145 case 'E':
1146 elite = true;
1147 cmdp++;
1148 break;
1149 case 'k':
1150 case 'K':
1151 dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
1152 if (dataLen == 16) {
1153 errors = param_gethex(tempStr, 0, KEY, dataLen);
1154 } else if (dataLen == 1) {
1155 keyNbr = param_get8(Cmd, cmdp+1);
1156 if (keyNbr < ICLASS_KEYS_MAX) {
1157 memcpy(KEY, iClass_Key_Table[keyNbr], 8);
1158 } else {
1159 PrintAndLog("\nERROR: Credit KeyNbr is invalid\n");
1160 errors = true;
1161 }
1162 } else {
1163 PrintAndLog("\nERROR: Credit Key is incorrect length\n");
1164 errors = true;
1165 }
1166 cmdp += 2;
1167 break;
1168 case 'r':
1169 case 'R':
1170 rawkey = true;
1171 cmdp++;
1172 break;
1173 case 'o':
1174 case 'O':
1175 override_protection = true;
1176 cmdp++;
1177 break;
1178 default:
1179 PrintAndLog("Unknown parameter '%c'\n", param_getchar(Cmd, cmdp));
1180 errors = true;
1181 break;
1182 }
1183 if (errors) {
1184 usage_hf_iclass_writeblock();
1185 return 0;
1186 }
1187 }
1188
1189 if (elite && rawkey) {
1190 PrintAndLog("You cannot combine the 'e' and 'r' options\n");
1191 errors = true;
1192 }
1193
1194 if (cmdp < 6) {
1195 usage_hf_iclass_writeblock();
1196 return 0;
1197 }
1198
1199 if (blockno < 5) {
1200 if (override_protection) {
1201 PrintAndLog("Info: modifying keys, e-purse or configuration block.");
1202 } else {
1203 PrintAndLog("You are going to modify keys, e-purse or configuration block.");
1204 PrintAndLog("You must add the 'o' (override) option to confirm that you know what you are doing");
1205 return 0;
1206 }
1207 }
1208
1209 int ans = WriteBlock(blockno, bldata, KEY, use_credit_key, elite, rawkey, false, true);
1210
1211 DropField();
1212 return ans;
1213 }
1214
1215
1216 static void usage_hf_iclass_clone(void) {
1217 PrintAndLog("Usage: hf iclass clone f <tagfile.bin> b <first block> l <last block> k <KEY> c e|r o");
1218 PrintAndLog("Options:");
1219 PrintAndLog(" f <filename>: specify a filename to clone from");
1220 PrintAndLog(" b <Block> : The first block to clone as 2 hex symbols");
1221 PrintAndLog(" l <Last Blk>: The last block to clone as 2 hex symbols");
1222 PrintAndLog(" k <Key> : Access Key as 16 hex symbols or 1 hex to select key from memory");
1223 PrintAndLog(" c : If 'c' is specified, the key set is assumed to be the credit key\n");
1224 PrintAndLog(" e : If 'e' is specified, elite computations applied to key");
1225 PrintAndLog(" r : If 'r' is specified, no computations applied to key");
1226 PrintAndLog(" o : override protection and allow modification of target blocks 0...4");
1227 PrintAndLog("Samples:");
1228 PrintAndLog(" hf iclass clone f iclass_tagdump-121345.bin b 06 l 1A k 1122334455667788 e");
1229 PrintAndLog(" hf iclass clone f iclass_tagdump-121345.bin b 05 l 19 k 0");
1230 PrintAndLog(" hf iclass clone f iclass_tagdump-121345.bin b 06 l 19 k 0 e");
1231 PrintAndLog(" hf iclass clone f iclass_tagdump-121345.bin b 06 l 19 k 0 e");
1232 PrintAndLog(" hf iclass clone f iclass_tagdump-121345.bin b 03 l 19 k 0 e o");
1233 }
1234
1235
1236 static int CmdHFiClassCloneTag(const char *Cmd) {
1237 char filename[FILE_PATH_SIZE] = {0};
1238 char tempStr[50]={0};
1239 uint8_t KEY[8]={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1240 uint8_t keyNbr = 0;
1241 uint8_t fileNameLen = 0;
1242 uint8_t startblock = 0;
1243 uint8_t endblock = 0;
1244 uint8_t dataLen = 0;
1245 bool use_credit_key = false;
1246 bool elite = false;
1247 bool rawkey = false;
1248 bool override_protection = false;
1249 bool errors = false;
1250 uint8_t cmdp = 0;
1251
1252 while (param_getchar(Cmd, cmdp) != 0x00 && !errors) {
1253 switch (param_getchar(Cmd, cmdp)) {
1254 case 'h':
1255 case 'H':
1256 usage_hf_iclass_clone();
1257 return 0;
1258 case 'b':
1259 case 'B':
1260 if (param_gethex(Cmd, cmdp+1, &startblock, 2)) {
1261 PrintAndLog("Start Block No must include 2 HEX symbols\n");
1262 errors = true;
1263 }
1264 cmdp += 2;
1265 break;
1266 case 'c':
1267 case 'C':
1268 use_credit_key = true;
1269 cmdp++;
1270 break;
1271 case 'e':
1272 case 'E':
1273 elite = true;
1274 cmdp++;
1275 break;
1276 case 'f':
1277 case 'F':
1278 fileNameLen = param_getstr(Cmd, cmdp+1, filename, sizeof(filename));
1279 if (fileNameLen < 1) {
1280 PrintAndLog("No filename found after f");
1281 errors = true;
1282 }
1283 cmdp += 2;
1284 break;
1285 case 'k':
1286 case 'K':
1287 dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
1288 if (dataLen == 16) {
1289 errors = param_gethex(tempStr, 0, KEY, dataLen);
1290 } else if (dataLen == 1) {
1291 keyNbr = param_get8(Cmd, cmdp+1);
1292 if (keyNbr < ICLASS_KEYS_MAX) {
1293 memcpy(KEY, iClass_Key_Table[keyNbr], 8);
1294 } else {
1295 PrintAndLog("\nERROR: Credit KeyNbr is invalid\n");
1296 errors = true;
1297 }
1298 } else {
1299 PrintAndLog("\nERROR: Credit Key is incorrect length\n");
1300 errors = true;
1301 }
1302 cmdp += 2;
1303 break;
1304 case 'l':
1305 case 'L':
1306 if (param_gethex(Cmd, cmdp+1, &endblock, 2)) {
1307 PrintAndLog("Last Block No must include 2 HEX symbols\n");
1308 errors = true;
1309 }
1310 cmdp += 2;
1311 break;
1312 case 'r':
1313 case 'R':
1314 rawkey = true;
1315 cmdp++;
1316 break;
1317 case 'o':
1318 case 'O':
1319 override_protection = true;
1320 cmdp++;
1321 break;
1322 default:
1323 PrintAndLog("Unknown parameter '%c'\n", param_getchar(Cmd, cmdp));
1324 errors = true;
1325 break;
1326 }
1327 if (errors) {
1328 usage_hf_iclass_clone();
1329 return 0;
1330 }
1331 }
1332
1333 if (cmdp < 8) {
1334 usage_hf_iclass_clone();
1335 return 0;
1336 }
1337
1338 if (startblock < 5) {
1339 if (override_protection) {
1340 PrintAndLog("Info: modifying keys, e-purse or configuration block.");
1341 } else {
1342 PrintAndLog("You are going to modify keys, e-purse or configuration block.");
1343 PrintAndLog("You must add the 'o' (override) option to confirm that you know what you are doing");
1344 return 0;
1345 }
1346 }
1347
1348 if ((endblock - startblock + 1) * 12 > USB_CMD_DATA_SIZE) {
1349 PrintAndLog("Trying to write too many blocks at once. Max: %d", USB_CMD_DATA_SIZE/12);
1350 }
1351
1352 // file handling and reading
1353 FILE *f;
1354 f = fopen(filename,"rb");
1355 if (!f) {
1356 PrintAndLog("Failed to read from file '%s'", filename);
1357 return 1;
1358 }
1359
1360 uint8_t tag_data[USB_CMD_DATA_SIZE/12][8];
1361 fseek(f, startblock*8, SEEK_SET);
1362 for (int i = 0; i < endblock - startblock + 1; i++) {
1363 if (fread(&tag_data[i], 1, 8, f) == 0 ) {
1364 PrintAndLog("File reading error.");
1365 fclose(f);
1366 return 2;
1367 }
1368 }
1369
1370 uint8_t MAC[4] = {0x00, 0x00, 0x00, 0x00};
1371 uint8_t div_key[8] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
1372 uint8_t CSN[8];
1373
1374 if (!iClass_select(CSN, true, true, true) || !iClass_authenticate(CSN, KEY, MAC, div_key, use_credit_key, elite, rawkey, false, true)) {
1375 DropField();
1376 return 0;
1377 }
1378
1379 UsbCommand w = {CMD_ICLASS_CLONE, {startblock, endblock}};
1380 uint8_t *ptr;
1381 // calculate MAC for every block we will write
1382 for (int i = 0; i < endblock - startblock + 1; i++) {
1383 Calc_wb_mac(startblock + i, tag_data[i], div_key, MAC);
1384 ptr = w.d.asBytes + i * 12;
1385 memcpy(ptr, tag_data[i], 8);
1386 memcpy(ptr + 8, MAC, 4);
1387 }
1388
1389 uint8_t p[12];
1390 PrintAndLog("Cloning");
1391 for (int i = 0; i < endblock - startblock + 1; i++){
1392 memcpy(p, w.d.asBytes + (i * 12), 12);
1393 PrintAndLog("Block |%02x| %02x%02x%02x%02x%02x%02x%02x%02x | MAC |%02x%02x%02x%02x|",
1394 i + startblock, p[0], p[1], p[2], p[3], p[4], p[5], p[6], p[7], p[8], p[9], p[10], p[11]);
1395 }
1396
1397 UsbCommand resp;
1398 SendCommand(&w);
1399 if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
1400 PrintAndLog("Command execute timeout");
1401 DropField();
1402 return 0;
1403 }
1404
1405 DropField();
1406 return 1;
1407 }
1408
1409
1410 static int ReadBlock(uint8_t *KEY, uint8_t blockno, uint8_t keyType, bool elite, bool rawkey, bool NRMAC_replay, bool verbose, bool auth) {
1411
1412 uint8_t MAC[4]={0x00,0x00,0x00,0x00};
1413 uint8_t div_key[8]={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1414 uint8_t CSN[8];
1415
1416 if (!iClass_select(CSN, verbose, true, true)) {
1417 DropField();
1418 return 0;
1419 }
1420
1421 if (auth) {
1422 if (!iClass_authenticate(CSN, KEY, MAC, div_key, (keyType==0x18), elite, rawkey, NRMAC_replay, verbose)) {
1423 DropField();
1424 return 0;
1425 }
1426 }
1427
1428 UsbCommand resp;
1429 UsbCommand w = {CMD_ICLASS_READBLOCK, {blockno}};
1430 clearCommandBuffer();
1431 SendCommand(&w);
1432 if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
1433 PrintAndLog("Command execute timeout");
1434 DropField();
1435 return 0;
1436 }
1437 bool isOK = resp.arg[0];
1438 if (!isOK) {
1439 PrintAndLog("Read Block Failed");
1440 DropField();
1441 return 0;
1442 }
1443 //data read is stored in: resp.d.asBytes[0-15]
1444 if (verbose)
1445 PrintAndLog("Block %02X: %s\n",blockno, sprint_hex(resp.d.asBytes,8));
1446
1447 return 1;
1448 }
1449
1450
1451 static void usage_hf_iclass_readblock(void) {
1452 PrintAndLog("Usage: hf iclass readblk b <Block> k <Key> [c] [e|r|n]\n");
1453 PrintAndLog("Options:");
1454 PrintAndLog(" b <Block> : The block number as 2 hex symbols");
1455 PrintAndLog(" k <Key> : Access Key as 16 hex symbols or 1 hex to select key from memory");
1456 PrintAndLog(" c : If 'c' is specified, the key set is assumed to be the credit key\n");
1457 PrintAndLog(" e : If 'e' is specified, elite computations applied to key");
1458 PrintAndLog(" r : If 'r' is specified, no computations applied to key");
1459 PrintAndLog(" n : If 'n' is specified, <Key> specifies a NR/MAC pair which can be obtained by 'hf iclass snoop'");
1460 PrintAndLog("Samples:");
1461 PrintAndLog(" hf iclass readblk b 06 k 0011223344556677");
1462 PrintAndLog(" hf iclass readblk b 1B k 0011223344556677 c");
1463 PrintAndLog(" hf iclass readblk b 0A k 0");
1464 }
1465
1466
1467 static int CmdHFiClass_ReadBlock(const char *Cmd) {
1468 uint8_t blockno=0;
1469 uint8_t keyType = 0x88; //debit key
1470 uint8_t KEY[8]={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1471 uint8_t keyNbr = 0;
1472 uint8_t dataLen = 0;
1473 char tempStr[50] = {0};
1474 bool elite = false;
1475 bool rawkey = false;
1476 bool NRMAC_replay = false;
1477 bool errors = false;
1478 bool auth = false;
1479 uint8_t cmdp = 0;
1480
1481 while (param_getchar(Cmd, cmdp) != 0x00 && !errors) {
1482 switch (param_getchar(Cmd, cmdp)) {
1483 case 'h':
1484 case 'H':
1485 usage_hf_iclass_readblock();
1486 return 0;
1487 case 'b':
1488 case 'B':
1489 if (param_gethex(Cmd, cmdp+1, &blockno, 2)) {
1490 PrintAndLog("Block No must include 2 HEX symbols\n");
1491 errors = true;
1492 }
1493 cmdp += 2;
1494 break;
1495 case 'c':
1496 case 'C':
1497 keyType = 0x18;
1498 cmdp++;
1499 break;
1500 case 'e':
1501 case 'E':
1502 elite = true;
1503 cmdp++;
1504 break;
1505 case 'k':
1506 case 'K':
1507 auth = true;
1508 dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
1509 if (dataLen == 16) {
1510 errors = param_gethex(tempStr, 0, KEY, dataLen);
1511 } else if (dataLen == 1) {
1512 keyNbr = param_get8(Cmd, cmdp+1);
1513 if (keyNbr < ICLASS_KEYS_MAX) {
1514 memcpy(KEY, iClass_Key_Table[keyNbr], 8);
1515 } else {
1516 PrintAndLog("\nERROR: KeyNbr is invalid\n");
1517 errors = true;
1518 }
1519 } else {
1520 PrintAndLog("\nERROR: Key is incorrect length\n");
1521 errors = true;
1522 }
1523 cmdp += 2;
1524 break;
1525 case 'r':
1526 case 'R':
1527 rawkey = true;
1528 cmdp++;
1529 break;
1530 case 'n':
1531 case 'N':
1532 NRMAC_replay = true;
1533 cmdp++;
1534 break;
1535 default:
1536 PrintAndLog("Unknown parameter '%c'\n", param_getchar(Cmd, cmdp));
1537 errors = true;
1538 break;
1539 }
1540 }
1541
1542 if (elite + rawkey + NRMAC_replay > 1) {
1543 PrintAndLog("You cannot combine the 'e', 'r', and 'n' options\n");
1544 errors = true;
1545 }
1546
1547 if (errors) {
1548 usage_hf_iclass_readblock();
1549 return 0;
1550 }
1551
1552 if (cmdp < 2) {
1553 usage_hf_iclass_readblock();
1554 return 0;
1555 }
1556 if (!auth)
1557 PrintAndLog("warning: no authentication used with read, only a few specific blocks can be read accurately without authentication.");
1558
1559 return ReadBlock(KEY, blockno, keyType, elite, rawkey, NRMAC_replay, true, auth);
1560 }
1561
1562
1563 static int CmdHFiClass_loclass(const char *Cmd) {
1564 char opt = param_getchar(Cmd, 0);
1565
1566 if (strlen(Cmd)<1 || opt == 'h') {
1567 PrintAndLog("Usage: hf iclass loclass [options]");
1568 PrintAndLog("Options:");
1569 PrintAndLog("h Show this help");
1570 PrintAndLog("t Perform self-test");
1571 PrintAndLog("f <filename> Bruteforce iclass dumpfile");
1572 PrintAndLog(" An iclass dumpfile is assumed to consist of an arbitrary number of");
1573 PrintAndLog(" malicious CSNs, and their protocol responses");
1574 PrintAndLog(" The binary format of the file is expected to be as follows: ");
1575 PrintAndLog(" <8 byte CSN><8 byte CC><4 byte NR><4 byte MAC>");
1576 PrintAndLog(" <8 byte CSN><8 byte CC><4 byte NR><4 byte MAC>");
1577 PrintAndLog(" <8 byte CSN><8 byte CC><4 byte NR><4 byte MAC>");
1578 PrintAndLog(" ... totalling N*24 bytes");
1579 return 0;
1580 }
1581 char fileName[255] = {0};
1582 if(opt == 'f') {
1583 if(param_getstr(Cmd, 1, fileName, sizeof(fileName)) > 0) {
1584 return bruteforceFileNoKeys(fileName);
1585 } else {
1586 PrintAndLog("You must specify a filename");
1587 }
1588 } else if(opt == 't') {
1589 int errors = testCipherUtils();
1590 errors += testMAC();
1591 errors += doKeyTests(0);
1592 errors += testElite();
1593 if(errors) {
1594 prnlog("OBS! There were errors!!!");
1595 }
1596 return errors;
1597 }
1598
1599 return 0;
1600 }
1601
1602
1603 static void usage_hf_iclass_readtagfile() {
1604 PrintAndLog("Usage: hf iclass readtagfile <filename> [startblock] [endblock]");
1605 }
1606
1607
1608 static int CmdHFiClassReadTagFile(const char *Cmd) {
1609 int startblock = 0;
1610 int endblock = 0;
1611 char tempnum[5];
1612 FILE *f;
1613 char filename[FILE_PATH_SIZE];
1614 if (param_getstr(Cmd, 0, filename, sizeof(filename)) < 1) {
1615 usage_hf_iclass_readtagfile();
1616 return 0;
1617 }
1618 if (param_getstr(Cmd, 1, tempnum, sizeof(tempnum)) < 1)
1619 startblock = 0;
1620 else
1621 sscanf(tempnum,"%d",&startblock);
1622
1623 if (param_getstr(Cmd,2, tempnum, sizeof(tempnum)) < 1)
1624 endblock = 0;
1625 else
1626 sscanf(tempnum,"%d",&endblock);
1627 // file handling and reading
1628 f = fopen(filename,"rb");
1629 if(!f) {
1630 PrintAndLog("Failed to read from file '%s'", filename);
1631 return 1;
1632 }
1633 fseek(f, 0, SEEK_END);
1634 long fsize = ftell(f);
1635 fseek(f, 0, SEEK_SET);
1636
1637 if ( fsize < 0 ) {
1638 PrintAndLog("Error, when getting filesize");
1639 fclose(f);
1640 return 1;
1641 }
1642
1643 uint8_t *dump = malloc(fsize);
1644
1645 size_t bytes_read = fread(dump, 1, fsize, f);
1646 fclose(f);
1647 uint8_t *csn = dump;
1648 printf("------+--+-------------------------+\n");
1649 printf("CSN |00| %s|\n", sprint_hex(csn, 8) );
1650 // printIclassDumpInfo(dump);
1651 printIclassDumpContents(dump,startblock,endblock,bytes_read);
1652 free(dump);
1653 return 0;
1654 }
1655
1656 /*
1657 uint64_t xorcheck(uint64_t sdiv,uint64_t hdiv) {
1658 uint64_t new_div = 0x00;
1659 new_div ^= sdiv;
1660 new_div ^= hdiv;
1661 return new_div;
1662 }
1663
1664 uint64_t hexarray_to_uint64(uint8_t *key) {
1665 char temp[17];
1666 uint64_t uint_key;
1667 for (int i = 0;i < 8;i++)
1668 sprintf(&temp[(i *2)],"%02X",key[i]);
1669 temp[16] = '\0';
1670 if (sscanf(temp,"%016" SCNx64,&uint_key) < 1)
1671 return 0;
1672 return uint_key;
1673 }
1674 */
1675
1676
1677 //when told CSN, oldkey, newkey, if new key is elite (elite), and if old key was elite (oldElite)
1678 //calculate and return xor_div_key (ready for a key write command)
1679 //print all div_keys if verbose
1680 static void HFiClassCalcNewKey(uint8_t *CSN, uint8_t *OLDKEY, uint8_t *NEWKEY, uint8_t *xor_div_key, bool elite, bool oldElite, bool verbose){
1681 uint8_t old_div_key[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1682 uint8_t new_div_key[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1683 //get old div key
1684 HFiClassCalcDivKey(CSN, OLDKEY, old_div_key, oldElite);
1685 //get new div key
1686 HFiClassCalcDivKey(CSN, NEWKEY, new_div_key, elite);
1687
1688 for (uint8_t i = 0; i < sizeof(old_div_key); i++){
1689 xor_div_key[i] = old_div_key[i] ^ new_div_key[i];
1690 }
1691 if (verbose) {
1692 printf("Old Div Key : %s\n",sprint_hex(old_div_key,8));
1693 printf("New Div Key : %s\n",sprint_hex(new_div_key,8));
1694 printf("Xor Div Key : %s\n",sprint_hex(xor_div_key,8));
1695 }
1696 }
1697
1698
1699 static void usage_hf_iclass_calc_newkey(void) {
1700 PrintAndLog("HELP : Manage iClass Keys in client memory:\n");
1701 PrintAndLog("Usage: hf iclass calc_newkey o <Old key> n <New key> s [csn] e");
1702 PrintAndLog(" Options:");
1703 PrintAndLog(" o <oldkey> : *specify a key as 16 hex symbols or a key number as 1 symbol");
1704 PrintAndLog(" n <newkey> : *specify a key as 16 hex symbols or a key number as 1 symbol");
1705 PrintAndLog(" s <csn> : specify a card Serial number to diversify the key (if omitted will attempt to read a csn)");
1706 PrintAndLog(" e : specify new key as elite calc");
1707 PrintAndLog(" ee : specify old and new key as elite calc");
1708 PrintAndLog("Samples:");
1709 PrintAndLog(" e key to e key given csn : hf iclass calcnewkey o 1122334455667788 n 2233445566778899 s deadbeafdeadbeaf ee");
1710 PrintAndLog(" std key to e key read csn: hf iclass calcnewkey o 1122334455667788 n 2233445566778899 e");
1711 PrintAndLog(" std to std read csn : hf iclass calcnewkey o 1122334455667788 n 2233445566778899");
1712 PrintAndLog("NOTE: * = required\n");
1713 }
1714
1715
1716 static int CmdHFiClassCalcNewKey(const char *Cmd) {
1717 uint8_t OLDKEY[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1718 uint8_t NEWKEY[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1719 uint8_t xor_div_key[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1720 uint8_t CSN[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1721 uint8_t keyNbr = 0;
1722 uint8_t dataLen = 0;
1723 char tempStr[50] = {0};
1724 bool givenCSN = false;
1725 bool oldElite = false;
1726 bool elite = false;
1727 bool errors = false;
1728 uint8_t cmdp = 0;
1729
1730 while (param_getchar(Cmd, cmdp) != 0x00 && !errors) {
1731 switch(param_getchar(Cmd, cmdp)) {
1732 case 'h':
1733 case 'H':
1734 usage_hf_iclass_calc_newkey();
1735 return 0;
1736 case 'e':
1737 case 'E':
1738 dataLen = param_getstr(Cmd, cmdp, tempStr, sizeof(tempStr));
1739 if (dataLen==2)
1740 oldElite = true;
1741 elite = true;
1742 cmdp++;
1743 break;
1744 case 'n':
1745 case 'N':
1746 dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
1747 if (dataLen == 16) {
1748 errors = param_gethex(tempStr, 0, NEWKEY, dataLen);
1749 } else if (dataLen == 1) {
1750 keyNbr = param_get8(Cmd, cmdp+1);
1751 if (keyNbr < ICLASS_KEYS_MAX) {
1752 memcpy(NEWKEY, iClass_Key_Table[keyNbr], 8);
1753 } else {
1754 PrintAndLog("\nERROR: NewKey Nbr is invalid\n");
1755 errors = true;
1756 }
1757 } else {
1758 PrintAndLog("\nERROR: NewKey is incorrect length\n");
1759 errors = true;
1760 }
1761 cmdp += 2;
1762 break;
1763 case 'o':
1764 case 'O':
1765 dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
1766 if (dataLen == 16) {
1767 errors = param_gethex(tempStr, 0, OLDKEY, dataLen);
1768 } else if (dataLen == 1) {
1769 keyNbr = param_get8(Cmd, cmdp+1);
1770 if (keyNbr < ICLASS_KEYS_MAX) {
1771 memcpy(OLDKEY, iClass_Key_Table[keyNbr], 8);
1772 } else {
1773 PrintAndLog("\nERROR: Credit KeyNbr is invalid\n");
1774 errors = true;
1775 }
1776 } else {
1777 PrintAndLog("\nERROR: Credit Key is incorrect length\n");
1778 errors = true;
1779 }
1780 cmdp += 2;
1781 break;
1782 case 's':
1783 case 'S':
1784 givenCSN = true;
1785 if (param_gethex(Cmd, cmdp+1, CSN, 16)) {
1786 usage_hf_iclass_calc_newkey();
1787 return 0;
1788 }
1789 cmdp += 2;
1790 break;
1791 default:
1792 PrintAndLog("Unknown parameter '%c'\n", param_getchar(Cmd, cmdp));
1793 errors = true;
1794 break;
1795 }
1796 if (errors) {
1797 usage_hf_iclass_calc_newkey();
1798 return 0;
1799 }
1800 }
1801
1802 if (cmdp < 4) {
1803 usage_hf_iclass_calc_newkey();
1804 return 0;
1805 }
1806
1807 if (!givenCSN)
1808 if (!iClass_select(CSN, true, true, true)) {
1809 DropField();
1810 return 0;
1811 }
1812 DropField();
1813
1814 HFiClassCalcNewKey(CSN, OLDKEY, NEWKEY, xor_div_key, elite, oldElite, true);
1815 return 0;
1816 }
1817
1818
1819 static int loadKeys(char *filename) {
1820 FILE *f;
1821 f = fopen(filename,"rb");
1822 if(!f) {
1823 PrintAndLog("Failed to read from file '%s'", filename);
1824 return 0;
1825 }
1826 fseek(f, 0, SEEK_END);
1827 long fsize = ftell(f);
1828 fseek(f, 0, SEEK_SET);
1829
1830 if ( fsize < 0 ) {
1831 PrintAndLog("Error, when getting filesize");
1832 fclose(f);
1833 return 1;
1834 }
1835
1836 uint8_t *dump = malloc(fsize);
1837
1838 size_t bytes_read = fread(dump, 1, fsize, f);
1839 fclose(f);
1840 if (bytes_read > ICLASS_KEYS_MAX * 8){
1841 PrintAndLog("File is too long to load - bytes: %u", bytes_read);
1842 free(dump);
1843 return 0;
1844 }
1845 uint8_t i = 0;
1846 for (; i < bytes_read/8; i++){
1847 memcpy(iClass_Key_Table[i],dump+(i*8),8);
1848 }
1849 free(dump);
1850 PrintAndLog("%u keys loaded", i);
1851 return 1;
1852 }
1853
1854
1855 static int saveKeys(char *filename) {
1856 FILE *f;
1857 f = fopen(filename,"wb");
1858 if (f == NULL) {
1859 printf("error opening file %s\n",filename);
1860 return 0;
1861 }
1862 for (uint8_t i = 0; i < ICLASS_KEYS_MAX; i++){
1863 if (fwrite(iClass_Key_Table[i],8,1,f) != 1){
1864 PrintAndLog("save key failed to write to file: %s", filename);
1865 break;
1866 }
1867 }
1868 fclose(f);
1869 return 0;
1870 }
1871
1872
1873 static int printKeys(void) {
1874 PrintAndLog("");
1875 for (uint8_t i = 0; i < ICLASS_KEYS_MAX; i++){
1876 PrintAndLog("%u: %s",i,sprint_hex(iClass_Key_Table[i],8));
1877 }
1878 PrintAndLog("");
1879 return 0;
1880 }
1881
1882
1883 static void usage_hf_iclass_managekeys(void) {
1884 PrintAndLog("HELP : Manage iClass Keys in client memory:\n");
1885 PrintAndLog("Usage: hf iclass managekeys n [keynbr] k [key] f [filename] s l p\n");
1886 PrintAndLog(" Options:");
1887 PrintAndLog(" n <keynbr> : specify the keyNbr to set in memory");
1888 PrintAndLog(" k <key> : set a key in memory");
1889 PrintAndLog(" f <filename>: specify a filename to use with load or save operations");
1890 PrintAndLog(" s : save keys in memory to file specified by filename");
1891 PrintAndLog(" l : load keys to memory from file specified by filename");
1892 PrintAndLog(" p : print keys loaded into memory\n");
1893 PrintAndLog("Samples:");
1894 PrintAndLog(" set key : hf iclass managekeys n 0 k 1122334455667788");
1895 PrintAndLog(" save key file: hf iclass managekeys f mykeys.bin s");
1896 PrintAndLog(" load key file: hf iclass managekeys f mykeys.bin l");
1897 PrintAndLog(" print keys : hf iclass managekeys p\n");
1898 }
1899
1900
1901 static int CmdHFiClassManageKeys(const char *Cmd) {
1902 uint8_t keyNbr = 0;
1903 uint8_t dataLen = 0;
1904 uint8_t KEY[8] = {0};
1905 char filename[FILE_PATH_SIZE];
1906 uint8_t fileNameLen = 0;
1907 bool errors = false;
1908 uint8_t operation = 0;
1909 char tempStr[20];
1910 uint8_t cmdp = 0;
1911
1912 while(param_getchar(Cmd, cmdp) != 0x00) {
1913 switch(param_getchar(Cmd, cmdp)) {
1914 case 'h':
1915 case 'H':
1916 usage_hf_iclass_managekeys();
1917 return 0;
1918 case 'f':
1919 case 'F':
1920 fileNameLen = param_getstr(Cmd, cmdp+1, filename, sizeof(filename));
1921 if (fileNameLen < 1) {
1922 PrintAndLog("No filename found after f");
1923 errors = true;
1924 }
1925 cmdp += 2;
1926 break;
1927 case 'n':
1928 case 'N':
1929 keyNbr = param_get8(Cmd, cmdp+1);
1930 if (keyNbr >= ICLASS_KEYS_MAX) {
1931 PrintAndLog("Invalid block number");
1932 errors = true;
1933 }
1934 cmdp += 2;
1935 break;
1936 case 'k':
1937 case 'K':
1938 operation += 3; //set key
1939 dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
1940 if (dataLen == 16) { //ul-c or ev1/ntag key length
1941 errors = param_gethex(tempStr, 0, KEY, dataLen);
1942 } else {
1943 PrintAndLog("\nERROR: Key is incorrect length\n");
1944 errors = true;
1945 }
1946 cmdp += 2;
1947 break;
1948 case 'p':
1949 case 'P':
1950 operation += 4; //print keys in memory
1951 cmdp++;
1952 break;
1953 case 'l':
1954 case 'L':
1955 operation += 5; //load keys from file
1956 cmdp++;
1957 break;
1958 case 's':
1959 case 'S':
1960 operation += 6; //save keys to file
1961 cmdp++;
1962 break;
1963 default:
1964 PrintAndLog("Unknown parameter '%c'\n", param_getchar(Cmd, cmdp));
1965 errors = true;
1966 break;
1967 }
1968 if (errors) {
1969 usage_hf_iclass_managekeys();
1970 return 0;
1971 }
1972 }
1973
1974 if (operation == 0){
1975 PrintAndLog("no operation specified (load, save, or print)\n");
1976 usage_hf_iclass_managekeys();
1977 return 0;
1978 }
1979
1980 if (operation > 6){
1981 PrintAndLog("Too many operations specified\n");
1982 usage_hf_iclass_managekeys();
1983 return 0;
1984 }
1985 if (operation > 4 && fileNameLen == 0){
1986 PrintAndLog("You must enter a filename when loading or saving\n");
1987 usage_hf_iclass_managekeys();
1988 return 0;
1989 }
1990
1991 switch (operation){
1992 case 3: memcpy(iClass_Key_Table[keyNbr], KEY, 8); return 1;
1993 case 4: return printKeys();
1994 case 5: return loadKeys(filename);
1995 case 6: return saveKeys(filename);
1996 break;
1997 }
1998 return 0;
1999 }
2000
2001
2002 static int CmdHFiClassCheckKeys(const char *Cmd) {
2003
2004 uint8_t mac[4] = {0x00,0x00,0x00,0x00};
2005 uint8_t key[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
2006 uint8_t div_key[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
2007
2008 // elite key, raw key, standard key
2009 bool use_elite = false;
2010 bool use_raw = false;
2011 bool found_debit = false;
2012 bool found_credit = false;
2013 bool errors = false;
2014 uint8_t cmdp = 0x00;
2015 FILE *f;
2016 char filename[FILE_PATH_SIZE] = {0};
2017 uint8_t fileNameLen = 0;
2018 char buf[17];
2019 uint8_t *keyBlock = NULL, *p;
2020 int keycnt = 0;
2021
2022 while (param_getchar(Cmd, cmdp) != 0x00 && !errors) {
2023 switch (param_getchar(Cmd, cmdp)) {
2024 case 'h':
2025 case 'H':
2026 usage_hf_iclass_chk();
2027 return 0;
2028 case 'f':
2029 case 'F':
2030 fileNameLen = param_getstr(Cmd, cmdp+1, filename, sizeof(filename));
2031 if (fileNameLen < 1) {
2032 PrintAndLog("No filename found after f");
2033 errors = true;
2034 }
2035 cmdp += 2;
2036 break;
2037 case 'e':
2038 case 'E':
2039 use_elite = true;
2040 cmdp++;
2041 break;
2042 case 'r':
2043 case 'R':
2044 use_raw = true;
2045 cmdp++;
2046 break;
2047 default:
2048 PrintAndLog("Unknown parameter '%c'\n", param_getchar(Cmd, cmdp));
2049 errors = true;
2050 break;
2051 }
2052 }
2053
2054 if (errors) {
2055 usage_hf_iclass_chk();
2056 return 0;
2057 }
2058
2059 if (!(f = fopen(filename , "r"))) {
2060 PrintAndLog("File %s not found or locked.", filename);
2061 return 1;
2062 }
2063
2064 while (fgets(buf, sizeof(buf), f)) {
2065 if (strlen(buf) < 16 || buf[15] == '\n')
2066 continue;
2067
2068 while (fgetc(f) != '\n' && !feof(f)) ; //goto next line
2069
2070 if (buf[0] == '#') continue; //The line start with # is comment, skip
2071
2072 if (!isxdigit(buf[0])){
2073 PrintAndLog("File content error. '%s' must include 16 HEX symbols", buf);
2074 continue;
2075 }
2076
2077 buf[16] = 0;
2078
2079 p = realloc(keyBlock, 8 * (keycnt + 1));
2080 if (!p) {
2081 PrintAndLog("Cannot allocate memory for default keys");
2082 free(keyBlock);
2083 fclose(f);
2084 return 2;
2085 }
2086 keyBlock = p;
2087
2088 memset(keyBlock + 8 * keycnt, 0, 8);
2089 num_to_bytes(strtoull(buf, NULL, 16), 8, keyBlock + 8 * keycnt);
2090
2091 keycnt++;
2092 memset(buf, 0, sizeof(buf));
2093 }
2094 fclose(f);
2095 PrintAndLog("Loaded %2d keys from %s", keycnt, filename);
2096
2097 uint8_t CSN[8];
2098 if (!iClass_select(CSN, false, true, true)) {
2099 DropField();
2100 return 0;
2101 }
2102
2103 for (uint32_t c = 0; c < keycnt; c++) {
2104
2105 memcpy(key, keyBlock + 8 * c, 8);
2106
2107 // debit key
2108 if (iClass_authenticate(CSN, key, mac, div_key, false, use_elite, use_raw, false, false)) {
2109 PrintAndLog("\n Found AA1 debit key\t\t[%s]", sprint_hex(key, 8));
2110 found_debit = true;
2111 }
2112
2113 // credit key
2114 if (iClass_authenticate(CSN, key, mac, div_key, true, use_elite, use_raw, false, false)) {
2115 PrintAndLog("\n Found AA2 credit key\t\t[%s]", sprint_hex(key, 8));
2116 found_credit = true;
2117 }
2118
2119 // both keys found.
2120 if (found_debit && found_credit)
2121 break;
2122 }
2123
2124 DropField();
2125 free(keyBlock);
2126 PrintAndLog("");
2127 return 0;
2128 }
2129
2130
2131 static void usage_hf_iclass_permutekey(void) {
2132 PrintAndLogEx(NORMAL, "Convert keys from standard NIST to iClass format (and vice versa)");
2133 PrintAndLogEx(NORMAL, "");
2134 PrintAndLogEx(NORMAL, "Usage: hf iclass permute [h] [r] <key>");
2135 PrintAndLogEx(NORMAL, "Options:");
2136 PrintAndLogEx(NORMAL, " h This help");
2137 PrintAndLogEx(NORMAL, " r reverse convert key from iClass to NIST format");
2138 PrintAndLogEx(NORMAL, "");
2139 PrintAndLogEx(NORMAL, "Examples:");
2140 PrintAndLogEx(NORMAL, " hf iclass permute r 0123456789abcdef");
2141 }
2142
2143
2144 static int CmdHFiClassPermuteKey(const char *Cmd) {
2145
2146 uint8_t key[8] = {0};
2147 uint8_t data[16] = {0};
2148 bool isReverse = false;
2149 int len = sizeof(data);
2150 char cmdp = tolower(param_getchar(Cmd, 0));
2151 if (strlen(Cmd) == 0 || cmdp == 'h') {
2152 usage_hf_iclass_permutekey();
2153 return 0;
2154 }
2155
2156 if (cmdp == 'r') {
2157 isReverse = true;
2158 param_gethex_ex(Cmd, 1, data, &len);
2159 } else if (cmdp == 'f') {
2160 param_gethex_ex(Cmd, 1, data, &len);
2161 } else {
2162 param_gethex_ex(Cmd, 0, data, &len);
2163 }
2164
2165
2166 if (len % 2) {
2167 usage_hf_iclass_permutekey();
2168 return 0;
2169 }
2170
2171 len >>= 1;
2172
2173 memcpy(key, data, 8);
2174
2175 if (isReverse) {
2176 // generate_rev(data, len);
2177 uint8_t key_std_format[8] = {0};
2178 permutekey_rev(key, key_std_format);
2179 PrintAndLogEx(SUCCESS, "key in standard NIST format: %s \n", sprint_hex(key_std_format, 8));
2180 // if (mbedtls_des_key_check_key_parity(key_std_format
2181 } else {
2182 // generate(data, len);
2183 uint8_t key_iclass_format[8] = {0};
2184 permutekey(key, key_iclass_format);
2185 PrintAndLogEx(SUCCESS, "key in iClass (permuted) format: %s \n", sprint_hex(key_iclass_format, 8));
2186 }
2187 return 0;
2188 }
2189
2190
2191 static int CmdHelp(const char *Cmd);
2192
2193 static command_t CommandTable[] = {
2194 {"help", CmdHelp, 1, "This help"},
2195 {"calcnewkey", CmdHFiClassCalcNewKey, 1, "[options..] Calc Diversified keys (blocks 3 & 4) to write new keys"},
2196 {"chk", CmdHFiClassCheckKeys, 0, " Check keys"},
2197 {"clone", CmdHFiClassCloneTag, 0, "[options..] Authenticate and Clone from iClass bin file"},
2198 {"decrypt", CmdHFiClassDecrypt, 1, "[f <fname>] Decrypt tagdump" },
2199 {"dump", CmdHFiClassReader_Dump, 0, "[options..] Authenticate and Dump iClass tag's AA1 and/or AA2"},
2200 {"eload", CmdHFiClassELoad, 0, "[f <fname>] (experimental) Load data into iClass emulator memory"},
2201 {"encryptblk", CmdHFiClassEncryptBlk, 1, "<BlockData> Encrypt given block data"},
2202 {"list", CmdHFiClassList, 0, " (Deprecated) List iClass history"},
2203 {"loclass", CmdHFiClass_loclass, 1, "[options..] Use loclass to perform bruteforce of reader attack dump"},
2204 {"managekeys", CmdHFiClassManageKeys, 1, "[options..] Manage the keys to use with iClass"},
2205 {"permutekey", CmdHFiClassPermuteKey, 1, " iClass key permutation"},
2206 {"readblk", CmdHFiClass_ReadBlock, 0, "[options..] Authenticate and Read iClass block"},
2207 {"reader", CmdHFiClassReader, 0, " Look for iClass tags until a key or the pm3 button is pressed"},
2208 {"readtagfile", CmdHFiClassReadTagFile, 1, "[options..] Display Content from tagfile"},
2209 {"sim", CmdHFiClassSim, 0, "[options..] Simulate iClass tag"},
2210 {"snoop", CmdHFiClassSnoop, 0, " Eavesdrop iClass communication"},
2211 {"writeblk", CmdHFiClass_WriteBlock, 0, "[options..] Authenticate and Write iClass block"},
2212 {NULL, NULL, 0, NULL}
2213 };
2214
2215
2216 int CmdHFiClass(const char *Cmd) {
2217 clearCommandBuffer();
2218 CmdsParse(CommandTable, Cmd);
2219 return 0;
2220 }
2221
2222
2223 int CmdHelp(const char *Cmd) {
2224 CmdsHelp(CommandTable);
2225 return 0;
2226 }
Proxmark3 GIT tracking
Impressum, Datenschutz