]> git.zerfleddert.de Git - proxmark3-svn/blob - client/cmdhficlass.c
Merge branch 'master' into fix_iso15693_fpga
[proxmark3-svn] / client / cmdhficlass.c
1 //-----------------------------------------------------------------------------
2 // Copyright (C) 2010 iZsh <izsh at fail0verflow.com>, Hagen Fritsch
3 // Copyright (C) 2011 Gerhard de Koning Gans
4 // Copyright (C) 2014 Midnitesnake & Andy Davies & Martin Holst Swende
5 // Copyright (C) 2019 piwi
6 //
7 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
8 // at your option, any later version. See the LICENSE.txt file for the text of
9 // the license.
10 //-----------------------------------------------------------------------------
11 // High frequency iClass commands
12 //-----------------------------------------------------------------------------
13
14 #include <stdio.h>
15 #include <stdlib.h>
16 #include <string.h>
17 #include <sys/stat.h>
18 #include <ctype.h>
19 #include "iso14443crc.h" // Can also be used for iClass, using 0xE012 as CRC-type
20 #include "comms.h"
21 #include "ui.h"
22 #include "cliparser/cliparser.h"
23 #include "cmdparser.h"
24 #include "cmdhficlass.h"
25 #include "common.h"
26 #include "util.h"
27 #include "cmdmain.h"
28 #include "mbedtls/des.h"
29 #include "loclass/cipherutils.h"
30 #include "loclass/cipher.h"
31 #include "loclass/ikeys.h"
32 #include "loclass/elite_crack.h"
33 #include "loclass/fileutils.h"
34 #include "protocols.h"
35 #include "usb_cmd.h"
36 #include "cmdhfmfu.h"
37 #include "util_posix.h"
38 #include "cmdhf14a.h" // DropField()
39
40
41 #define ICLASS_KEYS_MAX 8
42 static uint8_t iClass_Key_Table[ICLASS_KEYS_MAX][8] = {
43 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
44 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
45 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
46 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
47 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
48 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
49 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
50 { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }
51 };
52
53
54 // iclass / picopass chip config structures and shared routines
55 typedef struct {
56 uint8_t app_limit; //[8]
57 uint8_t otp[2]; //[9-10]
58 uint8_t block_writelock;//[11]
59 uint8_t chip_config; //[12]
60 uint8_t mem_config; //[13]
61 uint8_t eas; //[14]
62 uint8_t fuses; //[15]
63 } picopass_conf_block;
64
65 typedef struct {
66 uint8_t csn[8];
67 picopass_conf_block conf;
68 uint8_t epurse[8];
69 uint8_t key_d[8];
70 uint8_t key_c[8];
71 uint8_t app_issuer_area[8];
72 } picopass_hdr;
73
74
75 static void fuse_config(const picopass_hdr *hdr) {
76 uint8_t fuses = hdr->conf.fuses;
77
78 if (fuses & FUSE_FPERS)
79 PrintAndLog(" Mode: Personalization [Programmable]");
80 else
81 PrintAndLog(" Mode: Application [Locked]");
82
83 if (fuses & FUSE_CODING1)
84 PrintAndLog("Coding: RFU");
85 else {
86 if (fuses & FUSE_CODING0)
87 PrintAndLog("Coding: ISO 14443-2 B/ISO 15693");
88 else
89 PrintAndLog("Coding: ISO 14443B only");
90 }
91 if ((fuses & FUSE_CRYPT1) && (fuses & FUSE_CRYPT0)) PrintAndLog(" Crypt: Secured page, keys not locked");
92 if ((fuses & FUSE_CRYPT1) && !(fuses & FUSE_CRYPT0)) PrintAndLog(" Crypt: Secured page, keys locked");
93 if (!(fuses & FUSE_CRYPT1) && (fuses & FUSE_CRYPT0)) PrintAndLog(" Crypt: Non secured page");
94 if (!(fuses & FUSE_CRYPT1) && !(fuses & FUSE_CRYPT0)) PrintAndLog(" Crypt: No auth possible. Read only if RA is enabled");
95
96 if (fuses & FUSE_RA)
97 PrintAndLog(" RA: Read access enabled");
98 else
99 PrintAndLog(" RA: Read access not enabled");
100 }
101
102
103 static void getMemConfig(uint8_t mem_cfg, uint8_t chip_cfg, uint8_t *max_blk, uint8_t *app_areas, uint8_t *kb) {
104 // mem-bit 5, mem-bit 7, chip-bit 4: defines chip type
105 if((chip_cfg & 0x10) && !(mem_cfg & 0x80) && !(mem_cfg & 0x20)) {
106 *kb = 2;
107 *app_areas = 2;
108 *max_blk = 31;
109 } else if((chip_cfg & 0x10) && (mem_cfg & 0x80) && !(mem_cfg & 0x20)) {
110 *kb = 16;
111 *app_areas = 2;
112 *max_blk = 255; //16kb
113 } else if(!(chip_cfg & 0x10) && !(mem_cfg & 0x80) && !(mem_cfg & 0x20)) {
114 *kb = 16;
115 *app_areas = 16;
116 *max_blk = 255; //16kb
117 } else if((chip_cfg & 0x10) && (mem_cfg & 0x80) && (mem_cfg & 0x20)) {
118 *kb = 32;
119 *app_areas = 3;
120 *max_blk = 255; //16kb
121 } else if(!(chip_cfg & 0x10) && !(mem_cfg & 0x80) && (mem_cfg & 0x20)) {
122 *kb = 32;
123 *app_areas = 17;
124 *max_blk = 255; //16kb
125 } else {
126 *kb = 32;
127 *app_areas = 2;
128 *max_blk = 255;
129 }
130 }
131
132
133 static void mem_app_config(const picopass_hdr *hdr) {
134 uint8_t mem = hdr->conf.mem_config;
135 uint8_t chip = hdr->conf.chip_config;
136 uint8_t applimit = hdr->conf.app_limit;
137 if (applimit < 6) applimit = 26;
138 uint8_t kb = 2;
139 uint8_t app_areas = 2;
140 uint8_t max_blk = 31;
141 getMemConfig(mem, chip, &max_blk, &app_areas, &kb);
142 PrintAndLog(" Mem: %u KBits/%u App Areas (%u * 8 bytes) [%02X]", kb, app_areas, max_blk+1, mem);
143 PrintAndLog(" AA1: blocks 06-%02X", applimit);
144 PrintAndLog(" AA2: blocks %02X-%02X", applimit+1, max_blk);
145 }
146
147
148 static void printIclassDumpInfo(uint8_t* iclass_dump) {
149 fuse_config((picopass_hdr*)iclass_dump);
150 mem_app_config((picopass_hdr*)iclass_dump);
151 }
152
153
154 static void usage_hf_iclass_chk(void) {
155 PrintAndLog("Checkkeys loads a dictionary text file with 8byte hex keys to test authenticating against a iClass tag");
156 PrintAndLog("Usage: hf iclass chk [h|e|r] <f (*.dic)>");
157 PrintAndLog("Options:");
158 PrintAndLog("h Show this help");
159 PrintAndLog("f <filename> Dictionary file with default iclass keys");
160 PrintAndLog(" e target Elite / High security key scheme");
161 PrintAndLog(" r interpret dictionary file as raw (diversified keys)");
162 PrintAndLog("Samples:");
163 PrintAndLog(" hf iclass chk f default_iclass_keys.dic");
164 PrintAndLog(" hf iclass chk f default_iclass_keys.dic e");
165 }
166
167
168 static int CmdHFiClassList(const char *Cmd) {
169 PrintAndLog("Deprecated command, use 'hf list iclass' instead");
170 return 0;
171 }
172
173
174 static int CmdHFiClassSnoop(const char *Cmd) {
175
176 CLIParserInit("hf iclass snoop", "\nSnoop a communication between an iClass Reader and an iClass Tag.", NULL);
177 void* argtable[] = {
178 arg_param_begin,
179 arg_lit0("j", "jam", "Jam (prevent) e-purse Updates"),
180 arg_param_end
181 };
182 if (CLIParserParseString(Cmd, argtable, arg_getsize(argtable), true)){
183 CLIParserFree();
184 return 0;
185 }
186
187 bool jam_epurse_update = arg_get_lit(1);
188
189 const uint8_t update_epurse_sequence[2] = {0x87, 0x02};
190
191 UsbCommand c = {CMD_SNOOP_ICLASS, {0}};
192 if (jam_epurse_update) {
193 c.arg[0] = sizeof(update_epurse_sequence);
194 memcpy(c.d.asBytes, update_epurse_sequence, sizeof(update_epurse_sequence));
195 }
196 SendCommand(&c);
197
198 return 0;
199 }
200
201
202 static void usage_hf_iclass_sim(void) {
203 PrintAndLog("Usage: hf iclass sim <option> [CSN]");
204 PrintAndLog(" options");
205 PrintAndLog(" 0 <CSN> simulate the given CSN");
206 PrintAndLog(" 1 simulate default CSN");
207 PrintAndLog(" 2 Reader-attack, gather reader responses to extract elite key");
208 PrintAndLog(" 3 Full simulation using emulator memory (see 'hf iclass eload')");
209 PrintAndLog(" example: hf iclass sim 0 031FEC8AF7FF12E0");
210 PrintAndLog(" example: hf iclass sim 2");
211 PrintAndLog(" example: hf iclass eload 'tagdump.bin'");
212 PrintAndLog(" hf iclass sim 3");
213 }
214
215
216 // the original malicious IDs from Flavio D. Garcia, Gerhard de Koning Gans, Roel Verdult,
217 // and Milosch Meriac. Dismantling iClass and iClass Elite.
218 #define NUM_CSNS 15
219 static uint8_t csns[8 * NUM_CSNS] = {
220 0x00, 0x0B, 0x0F, 0xFF, 0xF7, 0xFF, 0x12, 0xE0,
221 0x00, 0x04, 0x0E, 0x08, 0xF7, 0xFF, 0x12, 0xE0,
222 0x00, 0x09, 0x0D, 0x05, 0xF7, 0xFF, 0x12, 0xE0,
223 0x00, 0x0A, 0x0C, 0x06, 0xF7, 0xFF, 0x12, 0xE0,
224 0x00, 0x0F, 0x0B, 0x03, 0xF7, 0xFF, 0x12, 0xE0,
225 0x00, 0x08, 0x0A, 0x0C, 0xF7, 0xFF, 0x12, 0xE0,
226 0x00, 0x0D, 0x09, 0x09, 0xF7, 0xFF, 0x12, 0xE0,
227 0x00, 0x0E, 0x08, 0x0A, 0xF7, 0xFF, 0x12, 0xE0,
228 0x00, 0x03, 0x07, 0x17, 0xF7, 0xFF, 0x12, 0xE0,
229 0x00, 0x3C, 0x06, 0xE0, 0xF7, 0xFF, 0x12, 0xE0,
230 0x00, 0x01, 0x05, 0x1D, 0xF7, 0xFF, 0x12, 0xE0,
231 0x00, 0x02, 0x04, 0x1E, 0xF7, 0xFF, 0x12, 0xE0,
232 0x00, 0x07, 0x03, 0x1B, 0xF7, 0xFF, 0x12, 0xE0,
233 0x00, 0x00, 0x02, 0x24, 0xF7, 0xFF, 0x12, 0xE0,
234 0x00, 0x05, 0x01, 0x21, 0xF7, 0xFF, 0x12, 0xE0 };
235
236
237 // pre-defined 9 CSNs by iceman.
238 // only one csn depend on several others.
239 // six depends only on the first csn, (0,1, 0x45)
240
241 // #define NUM_CSNS 9
242 // static uint8_t csns[8 * NUM_CSNS] = {
243 // 0x01, 0x0A, 0x0F, 0xFF, 0xF7, 0xFF, 0x12, 0xE0,
244 // 0x0C, 0x06, 0x0C, 0xFE, 0xF7, 0xFF, 0x12, 0xE0,
245 // 0x10, 0x97, 0x83, 0x7B, 0xF7, 0xFF, 0x12, 0xE0,
246 // 0x13, 0x97, 0x82, 0x7A, 0xF7, 0xFF, 0x12, 0xE0,
247 // 0x07, 0x0E, 0x0D, 0xF9, 0xF7, 0xFF, 0x12, 0xE0,
248 // 0x14, 0x96, 0x84, 0x76, 0xF7, 0xFF, 0x12, 0xE0,
249 // 0x17, 0x96, 0x85, 0x71, 0xF7, 0xFF, 0x12, 0xE0,
250 // 0xCE, 0xC5, 0x0F, 0x77, 0xF7, 0xFF, 0x12, 0xE0,
251 // 0xD2, 0x5A, 0x82, 0xF8, 0xF7, 0xFF, 0x12, 0xE0
252 // //0x04, 0x08, 0x9F, 0x78, 0x6E, 0xFF, 0x12, 0xE0
253 // };
254
255
256 static int CmdHFiClassSim(const char *Cmd) {
257 uint8_t simType = 0;
258 uint8_t CSN[8] = {0, 0, 0, 0, 0, 0, 0, 0};
259
260 if (strlen(Cmd) < 1) {
261 usage_hf_iclass_sim();
262 return 0;
263 }
264 simType = param_get8ex(Cmd, 0, 0, 10);
265
266 if (simType == ICLASS_SIM_MODE_CSN) {
267 if (param_gethex(Cmd, 1, CSN, 16)) {
268 PrintAndLog("A CSN should consist of 16 HEX symbols");
269 usage_hf_iclass_sim();
270 return 0;
271 }
272 PrintAndLog("--simtype:%02x csn:%s", simType, sprint_hex(CSN, 8));
273 }
274
275 if (simType == ICLASS_SIM_MODE_READER_ATTACK) {
276 UsbCommand c = {CMD_SIMULATE_TAG_ICLASS, {simType, NUM_CSNS}};
277 UsbCommand resp = {0};
278
279 memcpy(c.d.asBytes, csns, 8 * NUM_CSNS);
280
281 SendCommand(&c);
282 if (!WaitForResponseTimeout(CMD_ACK, &resp, -1)) {
283 PrintAndLog("Command timed out");
284 return 0;
285 }
286
287 uint8_t num_mac_responses = resp.arg[1];
288 PrintAndLog("Mac responses: %d MACs obtained (should be %d)", num_mac_responses, NUM_CSNS);
289
290 size_t datalen = NUM_CSNS * 24;
291 /*
292 * Now, time to dump to file. We'll use this format:
293 * <8-byte CSN><8-byte CC><4 byte NR><4 byte MAC>....
294 * So, it should wind up as
295 * 8 * 24 bytes.
296 *
297 * The returndata from the pm3 is on the following format
298 * <8 byte CC><4 byte NR><4 byte MAC>
299 * CSN is the same as was sent in
300 **/
301 void* dump = malloc(datalen);
302 for(int i = 0; i < NUM_CSNS; i++) {
303 memcpy(dump + i*24, csns+i*8, 8); //CSN
304 //copy CC from response
305 memcpy(dump + i*24 + 8, resp.d.asBytes + i*16, 8);
306 //Then comes NR_MAC (eight bytes from the response)
307 memcpy(dump + i*24 + 16, resp.d.asBytes + i*16 + 8, 8);
308 }
309 /** Now, save to dumpfile **/
310 saveFile("iclass_mac_attack", "bin", dump,datalen);
311 free(dump);
312
313 } else if (simType == ICLASS_SIM_MODE_CSN || simType == ICLASS_SIM_MODE_CSN_DEFAULT || simType == ICLASS_SIM_MODE_FULL) {
314 UsbCommand c = {CMD_SIMULATE_TAG_ICLASS, {simType, 0}};
315 memcpy(c.d.asBytes, CSN, 8);
316 SendCommand(&c);
317
318 } else {
319 PrintAndLog("Undefined simtype %d", simType);
320 usage_hf_iclass_sim();
321 return 0;
322 }
323
324 return 0;
325 }
326
327
328 int HFiClassReader(bool loop, bool verbose) {
329
330 bool tagFound = false;
331 UsbCommand c = {CMD_READER_ICLASS, {FLAG_ICLASS_READER_INIT | FLAG_ICLASS_READER_CLEARTRACE | FLAG_ICLASS_READER_CSN | FLAG_ICLASS_READER_CONF | FLAG_ICLASS_READER_CC | FLAG_ICLASS_READER_AA} };
332 UsbCommand resp;
333
334 while (!ukbhit()) {
335 SendCommand(&c);
336 if (WaitForResponseTimeout(CMD_ACK, &resp, 1000)) {
337 uint8_t readStatus = resp.arg[0] & 0xff;
338 uint8_t *data = resp.d.asBytes;
339
340 // no tag found
341 if (readStatus == 0 && !loop) {
342 // abort
343 if (verbose) PrintAndLog("Quitting...");
344 DropField();
345 return 0;
346 }
347
348 if (readStatus & FLAG_ICLASS_READER_CSN) {
349 PrintAndLog(" CSN: %s",sprint_hex(data,8));
350 tagFound = true;
351 }
352 if (readStatus & FLAG_ICLASS_READER_CC) {
353 PrintAndLog(" CC: %s",sprint_hex(data+16,8));
354 }
355 if (readStatus & FLAG_ICLASS_READER_CONF) {
356 printIclassDumpInfo(data);
357 }
358 if (readStatus & FLAG_ICLASS_READER_AA) {
359 bool legacy = true;
360 PrintAndLog(" AppIA: %s",sprint_hex(data+8*5,8));
361 for (int i = 0; i<8; i++) {
362 if (data[8*5+i] != 0xFF) {
363 legacy = false;
364 }
365 }
366 PrintAndLog(" : Possible iClass %s",(legacy) ? "(legacy tag)" : "(NOT legacy tag)");
367 }
368
369 if (tagFound && !loop) return 1;
370 } else {
371 if (verbose) PrintAndLog("Error: No response from Proxmark.");
372 break;
373 }
374 if (!loop) break;
375 }
376
377 DropField();
378 return 0;
379 }
380
381
382 static void usage_hf_iclass_reader(void) {
383 PrintAndLogEx(NORMAL, "Act as a Iclass reader. Look for iClass tags until Enter or the pm3 button is pressed\n");
384 PrintAndLogEx(NORMAL, "Usage: hf iclass reader [h] [1]\n");
385 PrintAndLogEx(NORMAL, "Options:");
386 PrintAndLogEx(NORMAL, " h This help text");
387 PrintAndLogEx(NORMAL, " 1 read only 1 tag");
388 PrintAndLogEx(NORMAL, "Examples:");
389 PrintAndLogEx(NORMAL, " hf iclass reader 1");
390 }
391
392
393 static int CmdHFiClassReader(const char *Cmd) {
394 char cmdp = tolower(param_getchar(Cmd, 0));
395 if (cmdp == 'h') {
396 usage_hf_iclass_reader();
397 return 0;
398 }
399 bool findone = (cmdp == '1') ? false : true;
400 return HFiClassReader(findone, true);
401 }
402
403
404 static void usage_hf_iclass_eload(void) {
405 PrintAndLog("Loads iclass tag-dump into emulator memory on device");
406 PrintAndLog("Usage: hf iclass eload f <filename>");
407 PrintAndLog("");
408 PrintAndLog("Example: hf iclass eload f iclass_tagdump-aa162d30f8ff12f1.bin");
409 }
410
411
412 static int CmdHFiClassELoad(const char *Cmd) {
413
414 char opt = param_getchar(Cmd, 0);
415 if (strlen(Cmd)<1 || opt == 'h') {
416 usage_hf_iclass_eload();
417 return 0;
418 }
419
420 //File handling and reading
421 FILE *f;
422 char filename[FILE_PATH_SIZE];
423 if (opt == 'f' && param_getstr(Cmd, 1, filename, sizeof(filename)) > 0) {
424 f = fopen(filename, "rb");
425 } else {
426 usage_hf_iclass_eload();
427 return 0;
428 }
429
430 if (!f) {
431 PrintAndLog("Failed to read from file '%s'", filename);
432 return 1;
433 }
434
435 fseek(f, 0, SEEK_END);
436 long fsize = ftell(f);
437 fseek(f, 0, SEEK_SET);
438
439 if (fsize < 0) {
440 PrintAndLog("Error, when getting filesize");
441 fclose(f);
442 return 1;
443 }
444
445 uint8_t *dump = malloc(fsize);
446
447 size_t bytes_read = fread(dump, 1, fsize, f);
448 fclose(f);
449
450 printIclassDumpInfo(dump);
451 //Validate
452
453 if (bytes_read < fsize) {
454 prnlog("Error, could only read %d bytes (should be %d)",bytes_read, fsize );
455 free(dump);
456 return 1;
457 }
458 //Send to device
459 uint32_t bytes_sent = 0;
460 uint32_t bytes_remaining = bytes_read;
461
462 while (bytes_remaining > 0) {
463 uint32_t bytes_in_packet = MIN(USB_CMD_DATA_SIZE, bytes_remaining);
464 UsbCommand c = {CMD_ICLASS_EML_MEMSET, {bytes_sent,bytes_in_packet,0}};
465 memcpy(c.d.asBytes, dump+bytes_sent, bytes_in_packet);
466 SendCommand(&c);
467 bytes_remaining -= bytes_in_packet;
468 bytes_sent += bytes_in_packet;
469 }
470 free(dump);
471 PrintAndLog("Sent %d bytes of data to device emulator memory", bytes_sent);
472 return 0;
473 }
474
475
476 static int readKeyfile(const char *filename, size_t len, uint8_t* buffer) {
477 FILE *f = fopen(filename, "rb");
478 if(!f) {
479 PrintAndLog("Failed to read from file '%s'", filename);
480 return 1;
481 }
482 fseek(f, 0, SEEK_END);
483 long fsize = ftell(f);
484 fseek(f, 0, SEEK_SET);
485 size_t bytes_read = fread(buffer, 1, len, f);
486 fclose(f);
487 if(fsize != len)
488 {
489 PrintAndLog("Warning, file size is %d, expected %d", fsize, len);
490 return 1;
491 }
492 if(bytes_read != len)
493 {
494 PrintAndLog("Warning, could only read %d bytes, expected %d" ,bytes_read, len);
495 return 1;
496 }
497 return 0;
498 }
499
500
501 static void usage_hf_iclass_decrypt(void) {
502 PrintAndLog("Usage: hf iclass decrypt f <tagdump>");
503 PrintAndLog("");
504 PrintAndLog("OBS! In order to use this function, the file 'iclass_decryptionkey.bin' must reside");
505 PrintAndLog("in the working directory. The file should be 16 bytes binary data");
506 PrintAndLog("");
507 PrintAndLog("example: hf iclass decrypt f tagdump_12312342343.bin");
508 PrintAndLog("");
509 PrintAndLog("OBS! This is pretty stupid implementation, it tries to decrypt every block after block 6. ");
510 PrintAndLog("Correct behaviour would be to decrypt only the application areas where the key is valid,");
511 PrintAndLog("which is defined by the configuration block.");
512 }
513
514
515 static int CmdHFiClassDecrypt(const char *Cmd) {
516 uint8_t key[16] = { 0 };
517 if(readKeyfile("iclass_decryptionkey.bin", 16, key))
518 {
519 usage_hf_iclass_decrypt();
520 return 1;
521 }
522 PrintAndLog("Decryption file found... ");
523 char opt = param_getchar(Cmd, 0);
524 if (strlen(Cmd)<1 || opt == 'h') {
525 usage_hf_iclass_decrypt();
526 return 0;
527 }
528
529 //Open the tagdump-file
530 FILE *f;
531 char filename[FILE_PATH_SIZE];
532 if(opt == 'f' && param_getstr(Cmd, 1, filename, sizeof(filename)) > 0) {
533 f = fopen(filename, "rb");
534 if ( f == NULL ) {
535 PrintAndLog("Could not find file %s", filename);
536 return 1;
537 }
538 } else {
539 usage_hf_iclass_decrypt();
540 return 0;
541 }
542
543 fseek(f, 0, SEEK_END);
544 long fsize = ftell(f);
545 fseek(f, 0, SEEK_SET);
546 uint8_t enc_dump[8] = {0};
547 uint8_t *decrypted = malloc(fsize);
548 mbedtls_des3_context ctx = { {0} };
549 mbedtls_des3_set2key_dec( &ctx, key);
550 size_t bytes_read = fread(enc_dump, 1, 8, f);
551
552 //Use the first block (CSN) for filename
553 char outfilename[FILE_PATH_SIZE] = { 0 };
554 snprintf(outfilename,FILE_PATH_SIZE,"iclass_tagdump-%02x%02x%02x%02x%02x%02x%02x%02x-decrypted",
555 enc_dump[0],enc_dump[1],enc_dump[2],enc_dump[3],
556 enc_dump[4],enc_dump[5],enc_dump[6],enc_dump[7]);
557
558 size_t blocknum =0;
559 while(bytes_read == 8)
560 {
561 if(blocknum < 7)
562 {
563 memcpy(decrypted+(blocknum*8), enc_dump, 8);
564 }else{
565 mbedtls_des3_crypt_ecb(&ctx, enc_dump,decrypted +(blocknum*8) );
566 }
567 printvar("decrypted block", decrypted +(blocknum*8), 8);
568 bytes_read = fread(enc_dump, 1, 8, f);
569 blocknum++;
570 }
571 fclose(f);
572
573 saveFile(outfilename,"bin", decrypted, blocknum*8);
574 free(decrypted);
575 return 0;
576 }
577
578
579 static void usage_hf_iclass_encrypt(void) {
580 PrintAndLog("Usage: hf iclass encrypt <BlockData>");
581 PrintAndLog("");
582 PrintAndLog("OBS! In order to use this function, the file 'iclass_decryptionkey.bin' must reside");
583 PrintAndLog("in the working directory. The file should be 16 bytes binary data");
584 PrintAndLog("");
585 PrintAndLog("example: hf iclass encrypt 0102030405060708");
586 PrintAndLog("");
587 }
588
589
590 static int iClassEncryptBlkData(uint8_t *blkData) {
591 uint8_t key[16] = { 0 };
592 if(readKeyfile("iclass_decryptionkey.bin", 16, key))
593 {
594 usage_hf_iclass_encrypt();
595 return 1;
596 }
597 PrintAndLog("Decryption file found... ");
598
599 uint8_t encryptedData[16];
600 uint8_t *encrypted = encryptedData;
601 mbedtls_des3_context ctx = { {0} };
602 mbedtls_des3_set2key_enc( &ctx, key);
603
604 mbedtls_des3_crypt_ecb(&ctx, blkData,encrypted);
605 //printvar("decrypted block", decrypted, 8);
606 memcpy(blkData,encrypted,8);
607
608 return 1;
609 }
610
611
612 static int CmdHFiClassEncryptBlk(const char *Cmd) {
613 uint8_t blkData[8] = {0};
614 char opt = param_getchar(Cmd, 0);
615 if (strlen(Cmd)<1 || opt == 'h') {
616 usage_hf_iclass_encrypt();
617 return 0;
618 }
619 //get the bytes to encrypt
620 if (param_gethex(Cmd, 0, blkData, 16)) {
621 PrintAndLog("BlockData must include 16 HEX symbols");
622 return 0;
623 }
624 if (!iClassEncryptBlkData(blkData)) return 0;
625 printvar("encrypted block", blkData, 8);
626 return 1;
627 }
628
629
630 static void Calc_wb_mac(uint8_t blockno, uint8_t *data, uint8_t *div_key, uint8_t MAC[4]) {
631 uint8_t WB[9];
632 WB[0] = blockno;
633 memcpy(WB+1, data, 8);
634 doMAC_N(WB, sizeof(WB), div_key, MAC);
635 //printf("Cal wb mac block [%02x][%02x%02x%02x%02x%02x%02x%02x%02x] : MAC [%02x%02x%02x%02x]",WB[0],WB[1],WB[2],WB[3],WB[4],WB[5],WB[6],WB[7],WB[8],MAC[0],MAC[1],MAC[2],MAC[3]);
636 }
637
638
639 static bool iClass_select(uint8_t *CSN, bool verbose, bool cleartrace, bool init) {
640
641 UsbCommand c = {CMD_READER_ICLASS, {FLAG_ICLASS_READER_CSN}};
642 if (init) c.arg[0] |= FLAG_ICLASS_READER_INIT;
643 if (cleartrace) c.arg[0] |= FLAG_ICLASS_READER_CLEARTRACE;
644
645 UsbCommand resp;
646 clearCommandBuffer();
647 SendCommand(&c);
648 if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
649 PrintAndLog("Command execute timeout");
650 return false;
651 }
652
653 uint8_t isOK = resp.arg[0] & 0xff;
654 uint8_t *data = resp.d.asBytes;
655
656 if (isOK & FLAG_ICLASS_READER_CSN) {
657 memcpy(CSN, data, 8);
658 if (verbose) PrintAndLog("CSN: %s", sprint_hex(CSN, 8));
659 } else {
660 PrintAndLog("Failed to select card! Aborting");
661 return false;
662 }
663 return true;
664 }
665
666
667 static void HFiClassCalcDivKey(uint8_t *CSN, uint8_t *KEY, uint8_t *div_key, bool elite){
668 uint8_t keytable[128] = {0};
669 uint8_t key_index[8] = {0};
670 if (elite) {
671 uint8_t key_sel[8] = { 0 };
672 uint8_t key_sel_p[8] = { 0 };
673 hash2(KEY, keytable);
674 hash1(CSN, key_index);
675 for(uint8_t i = 0; i < 8 ; i++)
676 key_sel[i] = keytable[key_index[i]] & 0xFF;
677
678 //Permute from iclass format to standard format
679 permutekey_rev(key_sel, key_sel_p);
680 diversifyKey(CSN, key_sel_p, div_key);
681 } else {
682 diversifyKey(CSN, KEY, div_key);
683 }
684 }
685
686
687 static bool iClass_authenticate(uint8_t *CSN, uint8_t *KEY, uint8_t *MAC, uint8_t *div_key, bool use_credit_key, bool elite, bool rawkey, bool replay, bool verbose) {
688
689 //get div_key
690 if (rawkey || replay)
691 memcpy(div_key, KEY, 8);
692 else
693 HFiClassCalcDivKey(CSN, KEY, div_key, elite);
694
695 char keytypetext[23] = "legacy diversified key";
696 if (rawkey) {
697 strcpy(keytypetext, "raw key");
698 } else if (replay) {
699 strcpy(keytypetext, "replayed NR/MAC");
700 } else if (elite) {
701 strcpy(keytypetext, "Elite diversified key");
702 }
703
704 if (verbose) PrintAndLog("Authenticating with %s: %s", keytypetext, sprint_hex(div_key, 8));
705
706 UsbCommand resp;
707 UsbCommand d = {CMD_ICLASS_READCHECK, {2, use_credit_key, 0}};
708
709 clearCommandBuffer();
710 SendCommand(&d);
711
712 if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
713 if (verbose) PrintAndLog("Auth Command (READCHECK[2]) execute timeout");
714 return false;
715 }
716 bool isOK = resp.arg[0];
717 if (!isOK) {
718 if (verbose) PrintAndLog("Couldn't get Card Challenge");
719 return false;
720 }
721
722 if (replay) {
723 memcpy(MAC, KEY+4, 4);
724 } else {
725 uint8_t CCNR[12];
726 memcpy(CCNR, resp.d.asBytes, 8);
727 memset(CCNR+8, 0x00, 4); // default NR = {0, 0, 0, 0}
728 doMAC(CCNR, div_key, MAC);
729 }
730
731 d.cmd = CMD_ICLASS_CHECK;
732 if (replay) {
733 memcpy(d.d.asBytes, KEY, 8);
734 } else {
735 memset(d.d.asBytes, 0x00, 4); // default NR = {0, 0, 0, 0}
736 memcpy(d.d.asBytes+4, MAC, 4);
737 }
738 clearCommandBuffer();
739 SendCommand(&d);
740 if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
741 if (verbose) PrintAndLog("Auth Command (CHECK) execute timeout");
742 return false;
743 }
744 isOK = resp.arg[0];
745 if (!isOK) {
746 if (verbose) PrintAndLog("Authentication error");
747 return false;
748 }
749 return true;
750 }
751
752
753 static void usage_hf_iclass_dump(void) {
754 PrintAndLog("Usage: hf iclass dump f <fileName> k <Key> c <CreditKey> e|r|n\n");
755 PrintAndLog("Options:");
756 PrintAndLog(" f <filename> : specify a filename to save dump to");
757 PrintAndLog(" k <Key> : *Debit Key (AA1) as 16 hex symbols (8 bytes) or 1 hex to select key from memory");
758 PrintAndLog(" c <CreditKey>: Credit Key (AA2) as 16 hex symbols (8 bytes) or 1 hex to select key from memory");
759 PrintAndLog(" e : If 'e' is specified, the keys are interpreted as Elite");
760 PrintAndLog(" Custom Keys (KCus), which can be obtained via reader-attack");
761 PrintAndLog(" See 'hf iclass sim 2'. This key should be on iclass-format");
762 PrintAndLog(" r : If 'r' is specified, keys are interpreted as raw blocks 3/4");
763 PrintAndLog(" n : If 'n' is specified, keys are interpreted as NR/MAC pairs which can be obtained by 'hf iclass snoop'");
764 PrintAndLog(" NOTE: * = required");
765 PrintAndLog("Samples:");
766 PrintAndLog(" hf iclass dump k 001122334455667B");
767 PrintAndLog(" hf iclass dump k AAAAAAAAAAAAAAAA c 001122334455667B");
768 PrintAndLog(" hf iclass dump k AAAAAAAAAAAAAAAA e");
769 }
770
771
772 static void printIclassDumpContents(uint8_t *iclass_dump, uint8_t startblock, uint8_t endblock, size_t filesize) {
773 uint8_t mem_config;
774 memcpy(&mem_config, iclass_dump + 13,1);
775 uint8_t maxmemcount;
776 uint8_t filemaxblock = filesize / 8;
777 if (mem_config & 0x80)
778 maxmemcount = 255;
779 else
780 maxmemcount = 31;
781 //PrintAndLog ("endblock: %d, filesize: %d, maxmemcount: %d, filemaxblock: %d", endblock,filesize, maxmemcount, filemaxblock);
782
783 if (startblock == 0)
784 startblock = 6;
785 if ((endblock > maxmemcount) || (endblock == 0))
786 endblock = maxmemcount;
787
788 // remember endblock need to relate to zero-index arrays.
789 if (endblock > filemaxblock-1)
790 endblock = filemaxblock;
791
792 int i = startblock;
793 printf("------+--+-------------------------+\n");
794 while (i <= endblock) {
795 uint8_t *blk = iclass_dump + (i * 8);
796 printf("Block |%02X| %s|\n", i, sprint_hex(blk, 8) );
797 i++;
798 }
799 printf("------+--+-------------------------+\n");
800 }
801
802
803 static int CmdHFiClassReader_Dump(const char *Cmd) {
804
805 uint8_t MAC[4] = {0x00,0x00,0x00,0x00};
806 uint8_t div_key[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
807 uint8_t c_div_key[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
808 uint8_t blockno = 0;
809 uint8_t AA1_maxBlk = 0;
810 uint8_t maxBlk = 31;
811 uint8_t app_areas = 1;
812 uint8_t kb = 2;
813 uint8_t KEY[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
814 uint8_t CreditKEY[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
815 uint8_t keyNbr = 0;
816 uint8_t dataLen = 0;
817 uint8_t fileNameLen = 0;
818 char filename[FILE_PATH_SIZE]={0};
819 char tempStr[50] = {0};
820 bool have_debit_key = false;
821 bool have_credit_key = false;
822 bool use_credit_key = false;
823 bool elite = false;
824 bool rawkey = false;
825 bool NRMAC_replay = false;
826 bool errors = false;
827 bool verbose = false;
828 uint8_t cmdp = 0;
829
830 while (param_getchar(Cmd, cmdp) != 0x00 && !errors) {
831 switch(param_getchar(Cmd, cmdp)) {
832 case 'h':
833 case 'H':
834 usage_hf_iclass_dump();
835 return 0;
836 case 'c':
837 case 'C':
838 have_credit_key = true;
839 dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
840 if (dataLen == 16) {
841 errors = param_gethex(tempStr, 0, CreditKEY, dataLen);
842 } else if (dataLen == 1) {
843 keyNbr = param_get8(Cmd, cmdp+1);
844 if (keyNbr < ICLASS_KEYS_MAX) {
845 memcpy(CreditKEY, iClass_Key_Table[keyNbr], 8);
846 } else {
847 PrintAndLog("\nERROR: Credit KeyNbr is invalid\n");
848 errors = true;
849 }
850 } else {
851 PrintAndLog("\nERROR: Credit Key is incorrect length\n");
852 errors = true;
853 }
854 cmdp += 2;
855 break;
856 case 'e':
857 case 'E':
858 elite = true;
859 cmdp++;
860 break;
861 case 'f':
862 case 'F':
863 fileNameLen = param_getstr(Cmd, cmdp+1, filename, sizeof(filename));
864 if (fileNameLen < 1) {
865 PrintAndLog("No filename found after f");
866 errors = true;
867 }
868 cmdp += 2;
869 break;
870 case 'k':
871 case 'K':
872 have_debit_key = true;
873 dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
874 if (dataLen == 16) {
875 errors = param_gethex(tempStr, 0, KEY, dataLen);
876 } else if (dataLen == 1) {
877 keyNbr = param_get8(Cmd, cmdp+1);
878 if (keyNbr < ICLASS_KEYS_MAX) {
879 memcpy(KEY, iClass_Key_Table[keyNbr], 8);
880 } else {
881 PrintAndLog("\nERROR: Debit KeyNbr is invalid\n");
882 errors = true;
883 }
884 } else {
885 PrintAndLog("\nERROR: Debit Key is incorrect length\n");
886 errors = true;
887 }
888 cmdp += 2;
889 break;
890 case 'r':
891 case 'R':
892 rawkey = true;
893 cmdp++;
894 break;
895 case 'n':
896 case 'N':
897 NRMAC_replay = true;
898 cmdp++;
899 break;
900 case 'v':
901 case 'V':
902 verbose = true;
903 cmdp++;
904 break;
905 default:
906 PrintAndLog("Unknown parameter '%c'\n", param_getchar(Cmd, cmdp));
907 errors = true;
908 break;
909 }
910 }
911
912 if (elite + rawkey + NRMAC_replay > 1) {
913 PrintAndLog("You cannot combine the 'e', 'r', and 'n' options\n");
914 errors = true;
915 }
916
917 if (errors || cmdp < 2) {
918 usage_hf_iclass_dump();
919 return 0;
920 }
921
922 // if only credit key is given: try for AA1 as well (not for iclass but for some picopass this will work)
923 if (!have_debit_key && have_credit_key) {
924 memcpy(KEY, CreditKEY, 8);
925 }
926
927 // clear trace and get first 3 blocks
928 UsbCommand c = {CMD_READER_ICLASS, {FLAG_ICLASS_READER_INIT | FLAG_ICLASS_READER_CLEARTRACE | FLAG_ICLASS_READER_CSN | FLAG_ICLASS_READER_CONF | FLAG_ICLASS_READER_CC}};
929 UsbCommand resp;
930 uint8_t tag_data[256*8];
931
932 clearCommandBuffer();
933 SendCommand(&c);
934 if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
935 PrintAndLog("Command execute timeout");
936 DropField();
937 return 0;
938 }
939
940 uint8_t readStatus = resp.arg[0] & 0xff;
941 uint8_t *data = resp.d.asBytes;
942 uint8_t status_mask = FLAG_ICLASS_READER_CSN | FLAG_ICLASS_READER_CONF | FLAG_ICLASS_READER_CC;
943
944 if (readStatus != status_mask) {
945 PrintAndLog("No tag found ...");
946 return 0;
947 } else {
948 memcpy(tag_data, data, 8*3);
949 if (verbose) PrintAndLog("CSN: %s", sprint_hex(tag_data, 8));
950 AA1_maxBlk = data[8];
951 getMemConfig(data[13], data[12], &maxBlk, &app_areas, &kb);
952 // large memory - not able to dump pages currently
953 if (AA1_maxBlk > maxBlk) AA1_maxBlk = maxBlk;
954 }
955
956 // authenticate with debit key (or credit key if we have no debit key) and get div_key - later store in dump block 3
957 if (!iClass_authenticate(tag_data, KEY, MAC, div_key, false, elite, rawkey, NRMAC_replay, verbose)) {
958 DropField();
959 return 0;
960 }
961
962 // read AA1
963 UsbCommand w = {CMD_ICLASS_DUMP};
964 uint32_t blocksRead = 0;
965 for (blockno = 3; blockno <= AA1_maxBlk; blockno += blocksRead) {
966 w.arg[0] = blockno;
967 w.arg[1] = AA1_maxBlk - blockno + 1;
968 clearCommandBuffer();
969 SendCommand(&w);
970 if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
971 PrintAndLog("Command execute time-out 1");
972 DropField();
973 return 1;
974 }
975 blocksRead = resp.arg[1];
976 bool isOK = resp.arg[0];
977 if (!isOK) {
978 PrintAndLog("Reading AA1 block failed");
979 DropField();
980 return 0;
981 }
982 memcpy(tag_data + blockno*8, resp.d.asBytes, blocksRead*8);
983 }
984
985 // do we still need to read more blocks (AA2 enabled)?
986 if (have_credit_key && maxBlk > AA1_maxBlk) {
987 if (!use_credit_key) {
988 //turn off hf field before authenticating with different key
989 DropField();
990 // AA2 authenticate credit key and git c_div_key - later store in dump block 4
991 uint8_t CSN[8];
992 if (!iClass_select(CSN, verbose, false, true) || !iClass_authenticate(CSN, CreditKEY, MAC, c_div_key, true, false, false, NRMAC_replay, verbose)){
993 DropField();
994 return 0;
995 }
996 }
997 for ( ; blockno <= maxBlk; blockno += blocksRead) {
998 w.arg[0] = blockno;
999 w.arg[1] = maxBlk - blockno + 1;
1000 clearCommandBuffer();
1001 SendCommand(&w);
1002 if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
1003 PrintAndLog("Command execute time-out 1");
1004 DropField();
1005 return 1;
1006 }
1007 blocksRead = resp.arg[1];
1008 bool isOK = resp.arg[0];
1009 if (!isOK) {
1010 PrintAndLog("Reading AA2 block failed");
1011 DropField();
1012 return 0;
1013 }
1014 memcpy(tag_data + blockno*8, resp.d.asBytes, blocksRead*8);
1015 }
1016 }
1017
1018 DropField();
1019
1020 // add diversified keys to dump
1021 if (have_debit_key) {
1022 memcpy(tag_data + 3*8, div_key, 8);
1023 } else {
1024 memset(tag_data + 3*8, 0xff, 8);
1025 }
1026 if (have_credit_key) {
1027 memcpy(tag_data + 4*8, c_div_key, 8);
1028 } else {
1029 memset(tag_data + 4*8, 0xff, 8);
1030 }
1031
1032 // print the dump
1033 printf("------+--+-------------------------+\n");
1034 printf("CSN |00| %s|\n",sprint_hex(tag_data, 8));
1035 printIclassDumpContents(tag_data, 1, blockno-1, blockno*8);
1036
1037 if (filename[0] == 0) {
1038 snprintf(filename, FILE_PATH_SIZE,"iclass_tagdump-%02x%02x%02x%02x%02x%02x%02x%02x",
1039 tag_data[0],tag_data[1],tag_data[2],tag_data[3],
1040 tag_data[4],tag_data[5],tag_data[6],tag_data[7]);
1041 }
1042
1043 // save the dump to .bin file
1044 PrintAndLog("Saving dump file - %d blocks read", blockno);
1045 saveFile(filename, "bin", tag_data, blockno*8);
1046 return 1;
1047 }
1048
1049
1050 static int WriteBlock(uint8_t blockno, uint8_t *bldata, uint8_t *KEY, bool use_credit_key, bool elite, bool rawkey, bool NRMAC_replay, bool verbose) {
1051
1052 uint8_t MAC[4] = {0x00,0x00,0x00,0x00};
1053 uint8_t div_key[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1054 uint8_t CSN[8];
1055
1056 if (!iClass_select(CSN, verbose, true, true) || !iClass_authenticate(CSN, KEY, MAC, div_key, use_credit_key, elite, rawkey, NRMAC_replay, verbose)) {
1057 DropField();
1058 return 0;
1059 }
1060
1061 UsbCommand resp;
1062
1063 Calc_wb_mac(blockno, bldata, div_key, MAC);
1064
1065 UsbCommand w = {CMD_ICLASS_WRITEBLOCK, {blockno}};
1066 memcpy(w.d.asBytes, bldata, 8);
1067 memcpy(w.d.asBytes + 8, MAC, 4);
1068
1069 clearCommandBuffer();
1070 SendCommand(&w);
1071 if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
1072 PrintAndLog("Write Command execute timeout");
1073 DropField();
1074 return 0;
1075 }
1076 bool isOK = resp.arg[0];
1077 if (!isOK) {
1078 PrintAndLog("Write Block Failed");
1079 DropField();
1080 return 0;
1081 }
1082
1083 PrintAndLog("Write Block Successful");
1084 return 1;
1085 }
1086
1087
1088 static void usage_hf_iclass_writeblock(void) {
1089 PrintAndLog("Options:");
1090 PrintAndLog(" b <Block> : The block number as 2 hex symbols");
1091 PrintAndLog(" d <data> : Set the Data to write as 16 hex symbols");
1092 PrintAndLog(" k <Key> : Access Key as 16 hex symbols or 1 hex to select key from memory");
1093 PrintAndLog(" c : If 'c' is specified, the key set is assumed to be the credit key\n");
1094 PrintAndLog(" e : If 'e' is specified, elite computations applied to key");
1095 PrintAndLog(" r : If 'r' is specified, no computations applied to key");
1096 PrintAndLog(" o : override protection and allow modification of blocks 0...4");
1097 PrintAndLog("Samples:");
1098 PrintAndLog(" hf iclass writeblk b 0A d AAAAAAAAAAAAAAAA k 001122334455667B");
1099 PrintAndLog(" hf iclass writeblk b 1B d AAAAAAAAAAAAAAAA k 001122334455667B c");
1100 PrintAndLog(" hf iclass writeblk b 03 d AAAAAAAAAAAAAAAA k 001122334455667B c o");
1101 }
1102
1103
1104 static int CmdHFiClass_WriteBlock(const char *Cmd) {
1105 uint8_t blockno = 0;
1106 uint8_t bldata[8] = {0};
1107 uint8_t KEY[8] = {0};
1108 uint8_t keyNbr = 0;
1109 uint8_t dataLen = 0;
1110 char tempStr[50] = {0};
1111 bool use_credit_key = false;
1112 bool elite = false;
1113 bool rawkey = false;
1114 bool override_protection = false;
1115 bool errors = false;
1116 uint8_t cmdp = 0;
1117
1118 while (param_getchar(Cmd, cmdp) != 0x00 && !errors) {
1119 switch(param_getchar(Cmd, cmdp)) {
1120 case 'h':
1121 case 'H':
1122 usage_hf_iclass_writeblock();
1123 return 0;
1124 case 'b':
1125 case 'B':
1126 if (param_gethex(Cmd, cmdp+1, &blockno, 2)) {
1127 PrintAndLog("Block No must include 2 HEX symbols\n");
1128 errors = true;
1129 }
1130 cmdp += 2;
1131 break;
1132 case 'c':
1133 case 'C':
1134 use_credit_key = true;
1135 cmdp++;
1136 break;
1137 case 'd':
1138 case 'D':
1139 if (param_gethex(Cmd, cmdp+1, bldata, 16)) {
1140 PrintAndLog("Data must include 16 HEX symbols\n");
1141 errors = true;
1142 }
1143 cmdp += 2;
1144 break;
1145 case 'e':
1146 case 'E':
1147 elite = true;
1148 cmdp++;
1149 break;
1150 case 'k':
1151 case 'K':
1152 dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
1153 if (dataLen == 16) {
1154 errors = param_gethex(tempStr, 0, KEY, dataLen);
1155 } else if (dataLen == 1) {
1156 keyNbr = param_get8(Cmd, cmdp+1);
1157 if (keyNbr < ICLASS_KEYS_MAX) {
1158 memcpy(KEY, iClass_Key_Table[keyNbr], 8);
1159 } else {
1160 PrintAndLog("\nERROR: Credit KeyNbr is invalid\n");
1161 errors = true;
1162 }
1163 } else {
1164 PrintAndLog("\nERROR: Credit Key is incorrect length\n");
1165 errors = true;
1166 }
1167 cmdp += 2;
1168 break;
1169 case 'r':
1170 case 'R':
1171 rawkey = true;
1172 cmdp++;
1173 break;
1174 case 'o':
1175 case 'O':
1176 override_protection = true;
1177 cmdp++;
1178 break;
1179 default:
1180 PrintAndLog("Unknown parameter '%c'\n", param_getchar(Cmd, cmdp));
1181 errors = true;
1182 break;
1183 }
1184 if (errors) {
1185 usage_hf_iclass_writeblock();
1186 return 0;
1187 }
1188 }
1189
1190 if (elite && rawkey) {
1191 PrintAndLog("You cannot combine the 'e' and 'r' options\n");
1192 errors = true;
1193 }
1194
1195 if (cmdp < 6) {
1196 usage_hf_iclass_writeblock();
1197 return 0;
1198 }
1199
1200 if (blockno < 5) {
1201 if (override_protection) {
1202 PrintAndLog("Info: modifying keys, e-purse or configuration block.");
1203 } else {
1204 PrintAndLog("You are going to modify keys, e-purse or configuration block.");
1205 PrintAndLog("You must add the 'o' (override) option to confirm that you know what you are doing");
1206 return 0;
1207 }
1208 }
1209
1210 int ans = WriteBlock(blockno, bldata, KEY, use_credit_key, elite, rawkey, false, true);
1211
1212 DropField();
1213 return ans;
1214 }
1215
1216
1217 static void usage_hf_iclass_clone(void) {
1218 PrintAndLog("Usage: hf iclass clone f <tagfile.bin> b <first block> l <last block> k <KEY> c e|r o");
1219 PrintAndLog("Options:");
1220 PrintAndLog(" f <filename>: specify a filename to clone from");
1221 PrintAndLog(" b <Block> : The first block to clone as 2 hex symbols");
1222 PrintAndLog(" l <Last Blk>: The last block to clone as 2 hex symbols");
1223 PrintAndLog(" k <Key> : Access Key as 16 hex symbols or 1 hex to select key from memory");
1224 PrintAndLog(" c : If 'c' is specified, the key set is assumed to be the credit key\n");
1225 PrintAndLog(" e : If 'e' is specified, elite computations applied to key");
1226 PrintAndLog(" r : If 'r' is specified, no computations applied to key");
1227 PrintAndLog(" o : override protection and allow modification of target blocks 0...4");
1228 PrintAndLog("Samples:");
1229 PrintAndLog(" hf iclass clone f iclass_tagdump-121345.bin b 06 l 1A k 1122334455667788 e");
1230 PrintAndLog(" hf iclass clone f iclass_tagdump-121345.bin b 05 l 19 k 0");
1231 PrintAndLog(" hf iclass clone f iclass_tagdump-121345.bin b 06 l 19 k 0 e");
1232 PrintAndLog(" hf iclass clone f iclass_tagdump-121345.bin b 06 l 19 k 0 e");
1233 PrintAndLog(" hf iclass clone f iclass_tagdump-121345.bin b 03 l 19 k 0 e o");
1234 }
1235
1236
1237 static int CmdHFiClassCloneTag(const char *Cmd) {
1238 char filename[FILE_PATH_SIZE] = {0};
1239 char tempStr[50]={0};
1240 uint8_t KEY[8]={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1241 uint8_t keyNbr = 0;
1242 uint8_t fileNameLen = 0;
1243 uint8_t startblock = 0;
1244 uint8_t endblock = 0;
1245 uint8_t dataLen = 0;
1246 bool use_credit_key = false;
1247 bool elite = false;
1248 bool rawkey = false;
1249 bool override_protection = false;
1250 bool errors = false;
1251 uint8_t cmdp = 0;
1252
1253 while (param_getchar(Cmd, cmdp) != 0x00 && !errors) {
1254 switch (param_getchar(Cmd, cmdp)) {
1255 case 'h':
1256 case 'H':
1257 usage_hf_iclass_clone();
1258 return 0;
1259 case 'b':
1260 case 'B':
1261 if (param_gethex(Cmd, cmdp+1, &startblock, 2)) {
1262 PrintAndLog("Start Block No must include 2 HEX symbols\n");
1263 errors = true;
1264 }
1265 cmdp += 2;
1266 break;
1267 case 'c':
1268 case 'C':
1269 use_credit_key = true;
1270 cmdp++;
1271 break;
1272 case 'e':
1273 case 'E':
1274 elite = true;
1275 cmdp++;
1276 break;
1277 case 'f':
1278 case 'F':
1279 fileNameLen = param_getstr(Cmd, cmdp+1, filename, sizeof(filename));
1280 if (fileNameLen < 1) {
1281 PrintAndLog("No filename found after f");
1282 errors = true;
1283 }
1284 cmdp += 2;
1285 break;
1286 case 'k':
1287 case 'K':
1288 dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
1289 if (dataLen == 16) {
1290 errors = param_gethex(tempStr, 0, KEY, dataLen);
1291 } else if (dataLen == 1) {
1292 keyNbr = param_get8(Cmd, cmdp+1);
1293 if (keyNbr < ICLASS_KEYS_MAX) {
1294 memcpy(KEY, iClass_Key_Table[keyNbr], 8);
1295 } else {
1296 PrintAndLog("\nERROR: Credit KeyNbr is invalid\n");
1297 errors = true;
1298 }
1299 } else {
1300 PrintAndLog("\nERROR: Credit Key is incorrect length\n");
1301 errors = true;
1302 }
1303 cmdp += 2;
1304 break;
1305 case 'l':
1306 case 'L':
1307 if (param_gethex(Cmd, cmdp+1, &endblock, 2)) {
1308 PrintAndLog("Last Block No must include 2 HEX symbols\n");
1309 errors = true;
1310 }
1311 cmdp += 2;
1312 break;
1313 case 'r':
1314 case 'R':
1315 rawkey = true;
1316 cmdp++;
1317 break;
1318 case 'o':
1319 case 'O':
1320 override_protection = true;
1321 cmdp++;
1322 break;
1323 default:
1324 PrintAndLog("Unknown parameter '%c'\n", param_getchar(Cmd, cmdp));
1325 errors = true;
1326 break;
1327 }
1328 if (errors) {
1329 usage_hf_iclass_clone();
1330 return 0;
1331 }
1332 }
1333
1334 if (cmdp < 8) {
1335 usage_hf_iclass_clone();
1336 return 0;
1337 }
1338
1339 if (startblock < 5) {
1340 if (override_protection) {
1341 PrintAndLog("Info: modifying keys, e-purse or configuration block.");
1342 } else {
1343 PrintAndLog("You are going to modify keys, e-purse or configuration block.");
1344 PrintAndLog("You must add the 'o' (override) option to confirm that you know what you are doing");
1345 return 0;
1346 }
1347 }
1348
1349 if ((endblock - startblock + 1) * 12 > USB_CMD_DATA_SIZE) {
1350 PrintAndLog("Trying to write too many blocks at once. Max: %d", USB_CMD_DATA_SIZE/12);
1351 }
1352
1353 // file handling and reading
1354 FILE *f;
1355 f = fopen(filename,"rb");
1356 if (!f) {
1357 PrintAndLog("Failed to read from file '%s'", filename);
1358 return 1;
1359 }
1360
1361 uint8_t tag_data[USB_CMD_DATA_SIZE/12][8];
1362 fseek(f, startblock*8, SEEK_SET);
1363 for (int i = 0; i < endblock - startblock + 1; i++) {
1364 if (fread(&tag_data[i], 1, 8, f) == 0 ) {
1365 PrintAndLog("File reading error.");
1366 fclose(f);
1367 return 2;
1368 }
1369 }
1370
1371 uint8_t MAC[4] = {0x00, 0x00, 0x00, 0x00};
1372 uint8_t div_key[8] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
1373 uint8_t CSN[8];
1374
1375 if (!iClass_select(CSN, true, true, true) || !iClass_authenticate(CSN, KEY, MAC, div_key, use_credit_key, elite, rawkey, false, true)) {
1376 DropField();
1377 return 0;
1378 }
1379
1380 UsbCommand w = {CMD_ICLASS_CLONE, {startblock, endblock}};
1381 uint8_t *ptr;
1382 // calculate MAC for every block we will write
1383 for (int i = 0; i < endblock - startblock + 1; i++) {
1384 Calc_wb_mac(startblock + i, tag_data[i], div_key, MAC);
1385 ptr = w.d.asBytes + i * 12;
1386 memcpy(ptr, tag_data[i], 8);
1387 memcpy(ptr + 8, MAC, 4);
1388 }
1389
1390 uint8_t p[12];
1391 PrintAndLog("Cloning");
1392 for (int i = 0; i < endblock - startblock + 1; i++){
1393 memcpy(p, w.d.asBytes + (i * 12), 12);
1394 PrintAndLog("Block |%02x| %02x%02x%02x%02x%02x%02x%02x%02x | MAC |%02x%02x%02x%02x|",
1395 i + startblock, p[0], p[1], p[2], p[3], p[4], p[5], p[6], p[7], p[8], p[9], p[10], p[11]);
1396 }
1397
1398 UsbCommand resp;
1399 SendCommand(&w);
1400 if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
1401 PrintAndLog("Command execute timeout");
1402 DropField();
1403 return 0;
1404 }
1405
1406 DropField();
1407 return 1;
1408 }
1409
1410
1411 static int ReadBlock(uint8_t *KEY, uint8_t blockno, uint8_t keyType, bool elite, bool rawkey, bool NRMAC_replay, bool verbose, bool auth) {
1412
1413 uint8_t MAC[4]={0x00,0x00,0x00,0x00};
1414 uint8_t div_key[8]={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1415 uint8_t CSN[8];
1416
1417 if (!iClass_select(CSN, verbose, true, true)) {
1418 DropField();
1419 return 0;
1420 }
1421
1422 if (auth) {
1423 if (!iClass_authenticate(CSN, KEY, MAC, div_key, (keyType==0x18), elite, rawkey, NRMAC_replay, verbose)) {
1424 DropField();
1425 return 0;
1426 }
1427 }
1428
1429 UsbCommand resp;
1430 UsbCommand w = {CMD_ICLASS_READBLOCK, {blockno}};
1431 clearCommandBuffer();
1432 SendCommand(&w);
1433 if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
1434 PrintAndLog("Command execute timeout");
1435 DropField();
1436 return 0;
1437 }
1438 bool isOK = resp.arg[0];
1439 if (!isOK) {
1440 PrintAndLog("Read Block Failed");
1441 DropField();
1442 return 0;
1443 }
1444 //data read is stored in: resp.d.asBytes[0-15]
1445 if (verbose)
1446 PrintAndLog("Block %02X: %s\n",blockno, sprint_hex(resp.d.asBytes,8));
1447
1448 return 1;
1449 }
1450
1451
1452 static void usage_hf_iclass_readblock(void) {
1453 PrintAndLog("Usage: hf iclass readblk b <Block> k <Key> [c] [e|r|n]\n");
1454 PrintAndLog("Options:");
1455 PrintAndLog(" b <Block> : The block number as 2 hex symbols");
1456 PrintAndLog(" k <Key> : Access Key as 16 hex symbols or 1 hex to select key from memory");
1457 PrintAndLog(" c : If 'c' is specified, the key set is assumed to be the credit key\n");
1458 PrintAndLog(" e : If 'e' is specified, elite computations applied to key");
1459 PrintAndLog(" r : If 'r' is specified, no computations applied to key");
1460 PrintAndLog(" n : If 'n' is specified, <Key> specifies a NR/MAC pair which can be obtained by 'hf iclass snoop'");
1461 PrintAndLog("Samples:");
1462 PrintAndLog(" hf iclass readblk b 06 k 0011223344556677");
1463 PrintAndLog(" hf iclass readblk b 1B k 0011223344556677 c");
1464 PrintAndLog(" hf iclass readblk b 0A k 0");
1465 }
1466
1467
1468 static int CmdHFiClass_ReadBlock(const char *Cmd) {
1469 uint8_t blockno=0;
1470 uint8_t keyType = 0x88; //debit key
1471 uint8_t KEY[8]={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1472 uint8_t keyNbr = 0;
1473 uint8_t dataLen = 0;
1474 char tempStr[50] = {0};
1475 bool elite = false;
1476 bool rawkey = false;
1477 bool NRMAC_replay = false;
1478 bool errors = false;
1479 bool auth = false;
1480 uint8_t cmdp = 0;
1481
1482 while (param_getchar(Cmd, cmdp) != 0x00 && !errors) {
1483 switch (param_getchar(Cmd, cmdp)) {
1484 case 'h':
1485 case 'H':
1486 usage_hf_iclass_readblock();
1487 return 0;
1488 case 'b':
1489 case 'B':
1490 if (param_gethex(Cmd, cmdp+1, &blockno, 2)) {
1491 PrintAndLog("Block No must include 2 HEX symbols\n");
1492 errors = true;
1493 }
1494 cmdp += 2;
1495 break;
1496 case 'c':
1497 case 'C':
1498 keyType = 0x18;
1499 cmdp++;
1500 break;
1501 case 'e':
1502 case 'E':
1503 elite = true;
1504 cmdp++;
1505 break;
1506 case 'k':
1507 case 'K':
1508 auth = true;
1509 dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
1510 if (dataLen == 16) {
1511 errors = param_gethex(tempStr, 0, KEY, dataLen);
1512 } else if (dataLen == 1) {
1513 keyNbr = param_get8(Cmd, cmdp+1);
1514 if (keyNbr < ICLASS_KEYS_MAX) {
1515 memcpy(KEY, iClass_Key_Table[keyNbr], 8);
1516 } else {
1517 PrintAndLog("\nERROR: KeyNbr is invalid\n");
1518 errors = true;
1519 }
1520 } else {
1521 PrintAndLog("\nERROR: Key is incorrect length\n");
1522 errors = true;
1523 }
1524 cmdp += 2;
1525 break;
1526 case 'r':
1527 case 'R':
1528 rawkey = true;
1529 cmdp++;
1530 break;
1531 case 'n':
1532 case 'N':
1533 NRMAC_replay = true;
1534 cmdp++;
1535 break;
1536 default:
1537 PrintAndLog("Unknown parameter '%c'\n", param_getchar(Cmd, cmdp));
1538 errors = true;
1539 break;
1540 }
1541 }
1542
1543 if (elite + rawkey + NRMAC_replay > 1) {
1544 PrintAndLog("You cannot combine the 'e', 'r', and 'n' options\n");
1545 errors = true;
1546 }
1547
1548 if (errors) {
1549 usage_hf_iclass_readblock();
1550 return 0;
1551 }
1552
1553 if (cmdp < 2) {
1554 usage_hf_iclass_readblock();
1555 return 0;
1556 }
1557 if (!auth)
1558 PrintAndLog("warning: no authentication used with read, only a few specific blocks can be read accurately without authentication.");
1559
1560 return ReadBlock(KEY, blockno, keyType, elite, rawkey, NRMAC_replay, true, auth);
1561 }
1562
1563
1564 static int CmdHFiClass_loclass(const char *Cmd) {
1565 char opt = param_getchar(Cmd, 0);
1566
1567 if (strlen(Cmd)<1 || opt == 'h') {
1568 PrintAndLog("Usage: hf iclass loclass [options]");
1569 PrintAndLog("Options:");
1570 PrintAndLog("h Show this help");
1571 PrintAndLog("t Perform self-test");
1572 PrintAndLog("f <filename> Bruteforce iclass dumpfile");
1573 PrintAndLog(" An iclass dumpfile is assumed to consist of an arbitrary number of");
1574 PrintAndLog(" malicious CSNs, and their protocol responses");
1575 PrintAndLog(" The binary format of the file is expected to be as follows: ");
1576 PrintAndLog(" <8 byte CSN><8 byte CC><4 byte NR><4 byte MAC>");
1577 PrintAndLog(" <8 byte CSN><8 byte CC><4 byte NR><4 byte MAC>");
1578 PrintAndLog(" <8 byte CSN><8 byte CC><4 byte NR><4 byte MAC>");
1579 PrintAndLog(" ... totalling N*24 bytes");
1580 return 0;
1581 }
1582 char fileName[255] = {0};
1583 if(opt == 'f') {
1584 if(param_getstr(Cmd, 1, fileName, sizeof(fileName)) > 0) {
1585 return bruteforceFileNoKeys(fileName);
1586 } else {
1587 PrintAndLog("You must specify a filename");
1588 }
1589 } else if(opt == 't') {
1590 int errors = testCipherUtils();
1591 errors += testMAC();
1592 errors += doKeyTests(0);
1593 errors += testElite();
1594 if(errors) {
1595 prnlog("OBS! There were errors!!!");
1596 }
1597 return errors;
1598 }
1599
1600 return 0;
1601 }
1602
1603
1604 static void usage_hf_iclass_readtagfile() {
1605 PrintAndLog("Usage: hf iclass readtagfile <filename> [startblock] [endblock]");
1606 }
1607
1608
1609 static int CmdHFiClassReadTagFile(const char *Cmd) {
1610 int startblock = 0;
1611 int endblock = 0;
1612 char tempnum[5];
1613 FILE *f;
1614 char filename[FILE_PATH_SIZE];
1615 if (param_getstr(Cmd, 0, filename, sizeof(filename)) < 1) {
1616 usage_hf_iclass_readtagfile();
1617 return 0;
1618 }
1619 if (param_getstr(Cmd, 1, tempnum, sizeof(tempnum)) < 1)
1620 startblock = 0;
1621 else
1622 sscanf(tempnum,"%d",&startblock);
1623
1624 if (param_getstr(Cmd,2, tempnum, sizeof(tempnum)) < 1)
1625 endblock = 0;
1626 else
1627 sscanf(tempnum,"%d",&endblock);
1628 // file handling and reading
1629 f = fopen(filename,"rb");
1630 if(!f) {
1631 PrintAndLog("Failed to read from file '%s'", filename);
1632 return 1;
1633 }
1634 fseek(f, 0, SEEK_END);
1635 long fsize = ftell(f);
1636 fseek(f, 0, SEEK_SET);
1637
1638 if ( fsize < 0 ) {
1639 PrintAndLog("Error, when getting filesize");
1640 fclose(f);
1641 return 1;
1642 }
1643
1644 uint8_t *dump = malloc(fsize);
1645
1646 size_t bytes_read = fread(dump, 1, fsize, f);
1647 fclose(f);
1648 uint8_t *csn = dump;
1649 printf("------+--+-------------------------+\n");
1650 printf("CSN |00| %s|\n", sprint_hex(csn, 8) );
1651 // printIclassDumpInfo(dump);
1652 printIclassDumpContents(dump,startblock,endblock,bytes_read);
1653 free(dump);
1654 return 0;
1655 }
1656
1657 /*
1658 uint64_t xorcheck(uint64_t sdiv,uint64_t hdiv) {
1659 uint64_t new_div = 0x00;
1660 new_div ^= sdiv;
1661 new_div ^= hdiv;
1662 return new_div;
1663 }
1664
1665 uint64_t hexarray_to_uint64(uint8_t *key) {
1666 char temp[17];
1667 uint64_t uint_key;
1668 for (int i = 0;i < 8;i++)
1669 sprintf(&temp[(i *2)],"%02X",key[i]);
1670 temp[16] = '\0';
1671 if (sscanf(temp,"%016" SCNx64,&uint_key) < 1)
1672 return 0;
1673 return uint_key;
1674 }
1675 */
1676
1677
1678 //when told CSN, oldkey, newkey, if new key is elite (elite), and if old key was elite (oldElite)
1679 //calculate and return xor_div_key (ready for a key write command)
1680 //print all div_keys if verbose
1681 static void HFiClassCalcNewKey(uint8_t *CSN, uint8_t *OLDKEY, uint8_t *NEWKEY, uint8_t *xor_div_key, bool elite, bool oldElite, bool verbose){
1682 uint8_t old_div_key[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1683 uint8_t new_div_key[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1684 //get old div key
1685 HFiClassCalcDivKey(CSN, OLDKEY, old_div_key, oldElite);
1686 //get new div key
1687 HFiClassCalcDivKey(CSN, NEWKEY, new_div_key, elite);
1688
1689 for (uint8_t i = 0; i < sizeof(old_div_key); i++){
1690 xor_div_key[i] = old_div_key[i] ^ new_div_key[i];
1691 }
1692 if (verbose) {
1693 printf("Old Div Key : %s\n",sprint_hex(old_div_key,8));
1694 printf("New Div Key : %s\n",sprint_hex(new_div_key,8));
1695 printf("Xor Div Key : %s\n",sprint_hex(xor_div_key,8));
1696 }
1697 }
1698
1699
1700 static void usage_hf_iclass_calc_newkey(void) {
1701 PrintAndLog("HELP : Manage iClass Keys in client memory:\n");
1702 PrintAndLog("Usage: hf iclass calc_newkey o <Old key> n <New key> s [csn] e");
1703 PrintAndLog(" Options:");
1704 PrintAndLog(" o <oldkey> : *specify a key as 16 hex symbols or a key number as 1 symbol");
1705 PrintAndLog(" n <newkey> : *specify a key as 16 hex symbols or a key number as 1 symbol");
1706 PrintAndLog(" s <csn> : specify a card Serial number to diversify the key (if omitted will attempt to read a csn)");
1707 PrintAndLog(" e : specify new key as elite calc");
1708 PrintAndLog(" ee : specify old and new key as elite calc");
1709 PrintAndLog("Samples:");
1710 PrintAndLog(" e key to e key given csn : hf iclass calcnewkey o 1122334455667788 n 2233445566778899 s deadbeafdeadbeaf ee");
1711 PrintAndLog(" std key to e key read csn: hf iclass calcnewkey o 1122334455667788 n 2233445566778899 e");
1712 PrintAndLog(" std to std read csn : hf iclass calcnewkey o 1122334455667788 n 2233445566778899");
1713 PrintAndLog("NOTE: * = required\n");
1714 }
1715
1716
1717 static int CmdHFiClassCalcNewKey(const char *Cmd) {
1718 uint8_t OLDKEY[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1719 uint8_t NEWKEY[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1720 uint8_t xor_div_key[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1721 uint8_t CSN[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
1722 uint8_t keyNbr = 0;
1723 uint8_t dataLen = 0;
1724 char tempStr[50] = {0};
1725 bool givenCSN = false;
1726 bool oldElite = false;
1727 bool elite = false;
1728 bool errors = false;
1729 uint8_t cmdp = 0;
1730
1731 while (param_getchar(Cmd, cmdp) != 0x00 && !errors) {
1732 switch(param_getchar(Cmd, cmdp)) {
1733 case 'h':
1734 case 'H':
1735 usage_hf_iclass_calc_newkey();
1736 return 0;
1737 case 'e':
1738 case 'E':
1739 dataLen = param_getstr(Cmd, cmdp, tempStr, sizeof(tempStr));
1740 if (dataLen==2)
1741 oldElite = true;
1742 elite = true;
1743 cmdp++;
1744 break;
1745 case 'n':
1746 case 'N':
1747 dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
1748 if (dataLen == 16) {
1749 errors = param_gethex(tempStr, 0, NEWKEY, dataLen);
1750 } else if (dataLen == 1) {
1751 keyNbr = param_get8(Cmd, cmdp+1);
1752 if (keyNbr < ICLASS_KEYS_MAX) {
1753 memcpy(NEWKEY, iClass_Key_Table[keyNbr], 8);
1754 } else {
1755 PrintAndLog("\nERROR: NewKey Nbr is invalid\n");
1756 errors = true;
1757 }
1758 } else {
1759 PrintAndLog("\nERROR: NewKey is incorrect length\n");
1760 errors = true;
1761 }
1762 cmdp += 2;
1763 break;
1764 case 'o':
1765 case 'O':
1766 dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
1767 if (dataLen == 16) {
1768 errors = param_gethex(tempStr, 0, OLDKEY, dataLen);
1769 } else if (dataLen == 1) {
1770 keyNbr = param_get8(Cmd, cmdp+1);
1771 if (keyNbr < ICLASS_KEYS_MAX) {
1772 memcpy(OLDKEY, iClass_Key_Table[keyNbr], 8);
1773 } else {
1774 PrintAndLog("\nERROR: Credit KeyNbr is invalid\n");
1775 errors = true;
1776 }
1777 } else {
1778 PrintAndLog("\nERROR: Credit Key is incorrect length\n");
1779 errors = true;
1780 }
1781 cmdp += 2;
1782 break;
1783 case 's':
1784 case 'S':
1785 givenCSN = true;
1786 if (param_gethex(Cmd, cmdp+1, CSN, 16)) {
1787 usage_hf_iclass_calc_newkey();
1788 return 0;
1789 }
1790 cmdp += 2;
1791 break;
1792 default:
1793 PrintAndLog("Unknown parameter '%c'\n", param_getchar(Cmd, cmdp));
1794 errors = true;
1795 break;
1796 }
1797 if (errors) {
1798 usage_hf_iclass_calc_newkey();
1799 return 0;
1800 }
1801 }
1802
1803 if (cmdp < 4) {
1804 usage_hf_iclass_calc_newkey();
1805 return 0;
1806 }
1807
1808 if (!givenCSN)
1809 if (!iClass_select(CSN, true, true, true)) {
1810 DropField();
1811 return 0;
1812 }
1813 DropField();
1814
1815 HFiClassCalcNewKey(CSN, OLDKEY, NEWKEY, xor_div_key, elite, oldElite, true);
1816 return 0;
1817 }
1818
1819
1820 static int loadKeys(char *filename) {
1821 FILE *f;
1822 f = fopen(filename,"rb");
1823 if(!f) {
1824 PrintAndLog("Failed to read from file '%s'", filename);
1825 return 0;
1826 }
1827 fseek(f, 0, SEEK_END);
1828 long fsize = ftell(f);
1829 fseek(f, 0, SEEK_SET);
1830
1831 if ( fsize < 0 ) {
1832 PrintAndLog("Error, when getting filesize");
1833 fclose(f);
1834 return 1;
1835 }
1836
1837 uint8_t *dump = malloc(fsize);
1838
1839 size_t bytes_read = fread(dump, 1, fsize, f);
1840 fclose(f);
1841 if (bytes_read > ICLASS_KEYS_MAX * 8){
1842 PrintAndLog("File is too long to load - bytes: %u", bytes_read);
1843 free(dump);
1844 return 0;
1845 }
1846 uint8_t i = 0;
1847 for (; i < bytes_read/8; i++){
1848 memcpy(iClass_Key_Table[i],dump+(i*8),8);
1849 }
1850 free(dump);
1851 PrintAndLog("%u keys loaded", i);
1852 return 1;
1853 }
1854
1855
1856 static int saveKeys(char *filename) {
1857 FILE *f;
1858 f = fopen(filename,"wb");
1859 if (f == NULL) {
1860 printf("error opening file %s\n",filename);
1861 return 0;
1862 }
1863 for (uint8_t i = 0; i < ICLASS_KEYS_MAX; i++){
1864 if (fwrite(iClass_Key_Table[i],8,1,f) != 1){
1865 PrintAndLog("save key failed to write to file: %s", filename);
1866 break;
1867 }
1868 }
1869 fclose(f);
1870 return 0;
1871 }
1872
1873
1874 static int printKeys(void) {
1875 PrintAndLog("");
1876 for (uint8_t i = 0; i < ICLASS_KEYS_MAX; i++){
1877 PrintAndLog("%u: %s",i,sprint_hex(iClass_Key_Table[i],8));
1878 }
1879 PrintAndLog("");
1880 return 0;
1881 }
1882
1883
1884 static void usage_hf_iclass_managekeys(void) {
1885 PrintAndLog("HELP : Manage iClass Keys in client memory:\n");
1886 PrintAndLog("Usage: hf iclass managekeys n [keynbr] k [key] f [filename] s l p\n");
1887 PrintAndLog(" Options:");
1888 PrintAndLog(" n <keynbr> : specify the keyNbr to set in memory");
1889 PrintAndLog(" k <key> : set a key in memory");
1890 PrintAndLog(" f <filename>: specify a filename to use with load or save operations");
1891 PrintAndLog(" s : save keys in memory to file specified by filename");
1892 PrintAndLog(" l : load keys to memory from file specified by filename");
1893 PrintAndLog(" p : print keys loaded into memory\n");
1894 PrintAndLog("Samples:");
1895 PrintAndLog(" set key : hf iclass managekeys n 0 k 1122334455667788");
1896 PrintAndLog(" save key file: hf iclass managekeys f mykeys.bin s");
1897 PrintAndLog(" load key file: hf iclass managekeys f mykeys.bin l");
1898 PrintAndLog(" print keys : hf iclass managekeys p\n");
1899 }
1900
1901
1902 static int CmdHFiClassManageKeys(const char *Cmd) {
1903 uint8_t keyNbr = 0;
1904 uint8_t dataLen = 0;
1905 uint8_t KEY[8] = {0};
1906 char filename[FILE_PATH_SIZE];
1907 uint8_t fileNameLen = 0;
1908 bool errors = false;
1909 uint8_t operation = 0;
1910 char tempStr[20];
1911 uint8_t cmdp = 0;
1912
1913 while(param_getchar(Cmd, cmdp) != 0x00) {
1914 switch(param_getchar(Cmd, cmdp)) {
1915 case 'h':
1916 case 'H':
1917 usage_hf_iclass_managekeys();
1918 return 0;
1919 case 'f':
1920 case 'F':
1921 fileNameLen = param_getstr(Cmd, cmdp+1, filename, sizeof(filename));
1922 if (fileNameLen < 1) {
1923 PrintAndLog("No filename found after f");
1924 errors = true;
1925 }
1926 cmdp += 2;
1927 break;
1928 case 'n':
1929 case 'N':
1930 keyNbr = param_get8(Cmd, cmdp+1);
1931 if (keyNbr >= ICLASS_KEYS_MAX) {
1932 PrintAndLog("Invalid block number");
1933 errors = true;
1934 }
1935 cmdp += 2;
1936 break;
1937 case 'k':
1938 case 'K':
1939 operation += 3; //set key
1940 dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
1941 if (dataLen == 16) { //ul-c or ev1/ntag key length
1942 errors = param_gethex(tempStr, 0, KEY, dataLen);
1943 } else {
1944 PrintAndLog("\nERROR: Key is incorrect length\n");
1945 errors = true;
1946 }
1947 cmdp += 2;
1948 break;
1949 case 'p':
1950 case 'P':
1951 operation += 4; //print keys in memory
1952 cmdp++;
1953 break;
1954 case 'l':
1955 case 'L':
1956 operation += 5; //load keys from file
1957 cmdp++;
1958 break;
1959 case 's':
1960 case 'S':
1961 operation += 6; //save keys to file
1962 cmdp++;
1963 break;
1964 default:
1965 PrintAndLog("Unknown parameter '%c'\n", param_getchar(Cmd, cmdp));
1966 errors = true;
1967 break;
1968 }
1969 if (errors) {
1970 usage_hf_iclass_managekeys();
1971 return 0;
1972 }
1973 }
1974
1975 if (operation == 0){
1976 PrintAndLog("no operation specified (load, save, or print)\n");
1977 usage_hf_iclass_managekeys();
1978 return 0;
1979 }
1980
1981 if (operation > 6){
1982 PrintAndLog("Too many operations specified\n");
1983 usage_hf_iclass_managekeys();
1984 return 0;
1985 }
1986 if (operation > 4 && fileNameLen == 0){
1987 PrintAndLog("You must enter a filename when loading or saving\n");
1988 usage_hf_iclass_managekeys();
1989 return 0;
1990 }
1991
1992 switch (operation){
1993 case 3: memcpy(iClass_Key_Table[keyNbr], KEY, 8); return 1;
1994 case 4: return printKeys();
1995 case 5: return loadKeys(filename);
1996 case 6: return saveKeys(filename);
1997 break;
1998 }
1999 return 0;
2000 }
2001
2002
2003 static int CmdHFiClassCheckKeys(const char *Cmd) {
2004
2005 uint8_t mac[4] = {0x00,0x00,0x00,0x00};
2006 uint8_t key[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
2007 uint8_t div_key[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
2008
2009 // elite key, raw key, standard key
2010 bool use_elite = false;
2011 bool use_raw = false;
2012 bool found_debit = false;
2013 bool found_credit = false;
2014 bool errors = false;
2015 uint8_t cmdp = 0x00;
2016 FILE *f;
2017 char filename[FILE_PATH_SIZE] = {0};
2018 uint8_t fileNameLen = 0;
2019 char buf[17];
2020 uint8_t *keyBlock = NULL, *p;
2021 int keycnt = 0;
2022
2023 while (param_getchar(Cmd, cmdp) != 0x00 && !errors) {
2024 switch (param_getchar(Cmd, cmdp)) {
2025 case 'h':
2026 case 'H':
2027 usage_hf_iclass_chk();
2028 return 0;
2029 case 'f':
2030 case 'F':
2031 fileNameLen = param_getstr(Cmd, cmdp+1, filename, sizeof(filename));
2032 if (fileNameLen < 1) {
2033 PrintAndLog("No filename found after f");
2034 errors = true;
2035 }
2036 cmdp += 2;
2037 break;
2038 case 'e':
2039 case 'E':
2040 use_elite = true;
2041 cmdp++;
2042 break;
2043 case 'r':
2044 case 'R':
2045 use_raw = true;
2046 cmdp++;
2047 break;
2048 default:
2049 PrintAndLog("Unknown parameter '%c'\n", param_getchar(Cmd, cmdp));
2050 errors = true;
2051 break;
2052 }
2053 }
2054
2055 if (errors) {
2056 usage_hf_iclass_chk();
2057 return 0;
2058 }
2059
2060 if (!(f = fopen(filename , "r"))) {
2061 PrintAndLog("File %s not found or locked.", filename);
2062 return 1;
2063 }
2064
2065 while (fgets(buf, sizeof(buf), f)) {
2066 if (strlen(buf) < 16 || buf[15] == '\n')
2067 continue;
2068
2069 while (fgetc(f) != '\n' && !feof(f)) ; //goto next line
2070
2071 if (buf[0] == '#') continue; //The line start with # is comment, skip
2072
2073 if (!isxdigit(buf[0])){
2074 PrintAndLog("File content error. '%s' must include 16 HEX symbols", buf);
2075 continue;
2076 }
2077
2078 buf[16] = 0;
2079
2080 p = realloc(keyBlock, 8 * (keycnt + 1));
2081 if (!p) {
2082 PrintAndLog("Cannot allocate memory for default keys");
2083 free(keyBlock);
2084 fclose(f);
2085 return 2;
2086 }
2087 keyBlock = p;
2088
2089 memset(keyBlock + 8 * keycnt, 0, 8);
2090 num_to_bytes(strtoull(buf, NULL, 16), 8, keyBlock + 8 * keycnt);
2091
2092 keycnt++;
2093 memset(buf, 0, sizeof(buf));
2094 }
2095 fclose(f);
2096 PrintAndLog("Loaded %2d keys from %s", keycnt, filename);
2097
2098 uint8_t CSN[8];
2099 if (!iClass_select(CSN, false, true, true)) {
2100 DropField();
2101 return 0;
2102 }
2103
2104 for (uint32_t c = 0; c < keycnt; c++) {
2105
2106 memcpy(key, keyBlock + 8 * c, 8);
2107
2108 // debit key
2109 if (iClass_authenticate(CSN, key, mac, div_key, false, use_elite, use_raw, false, false)) {
2110 PrintAndLog("\n Found AA1 debit key\t\t[%s]", sprint_hex(key, 8));
2111 found_debit = true;
2112 }
2113
2114 // credit key
2115 if (iClass_authenticate(CSN, key, mac, div_key, true, use_elite, use_raw, false, false)) {
2116 PrintAndLog("\n Found AA2 credit key\t\t[%s]", sprint_hex(key, 8));
2117 found_credit = true;
2118 }
2119
2120 // both keys found.
2121 if (found_debit && found_credit)
2122 break;
2123 }
2124
2125 DropField();
2126 free(keyBlock);
2127 PrintAndLog("");
2128 return 0;
2129 }
2130
2131
2132 static void usage_hf_iclass_permutekey(void) {
2133 PrintAndLogEx(NORMAL, "Convert keys from standard NIST to iClass format (and vice versa)");
2134 PrintAndLogEx(NORMAL, "");
2135 PrintAndLogEx(NORMAL, "Usage: hf iclass permute [h] [r] <key>");
2136 PrintAndLogEx(NORMAL, "Options:");
2137 PrintAndLogEx(NORMAL, " h This help");
2138 PrintAndLogEx(NORMAL, " r reverse convert key from iClass to NIST format");
2139 PrintAndLogEx(NORMAL, "");
2140 PrintAndLogEx(NORMAL, "Examples:");
2141 PrintAndLogEx(NORMAL, " hf iclass permute r 0123456789abcdef");
2142 }
2143
2144
2145 static int CmdHFiClassPermuteKey(const char *Cmd) {
2146
2147 uint8_t key[8] = {0};
2148 uint8_t data[16] = {0};
2149 bool isReverse = false;
2150 int len = sizeof(data);
2151 char cmdp = tolower(param_getchar(Cmd, 0));
2152 if (strlen(Cmd) == 0 || cmdp == 'h') {
2153 usage_hf_iclass_permutekey();
2154 return 0;
2155 }
2156
2157 if (cmdp == 'r') {
2158 isReverse = true;
2159 param_gethex_ex(Cmd, 1, data, &len);
2160 } else if (cmdp == 'f') {
2161 param_gethex_ex(Cmd, 1, data, &len);
2162 } else {
2163 param_gethex_ex(Cmd, 0, data, &len);
2164 }
2165
2166
2167 if (len % 2) {
2168 usage_hf_iclass_permutekey();
2169 return 0;
2170 }
2171
2172 len >>= 1;
2173
2174 memcpy(key, data, 8);
2175
2176 if (isReverse) {
2177 // generate_rev(data, len);
2178 uint8_t key_std_format[8] = {0};
2179 permutekey_rev(key, key_std_format);
2180 PrintAndLogEx(SUCCESS, "key in standard NIST format: %s \n", sprint_hex(key_std_format, 8));
2181 // if (mbedtls_des_key_check_key_parity(key_std_format
2182 } else {
2183 // generate(data, len);
2184 uint8_t key_iclass_format[8] = {0};
2185 permutekey(key, key_iclass_format);
2186 PrintAndLogEx(SUCCESS, "key in iClass (permuted) format: %s \n", sprint_hex(key_iclass_format, 8));
2187 }
2188 return 0;
2189 }
2190
2191
2192 static int CmdHelp(const char *Cmd);
2193
2194 static command_t CommandTable[] = {
2195 {"help", CmdHelp, 1, "This help"},
2196 {"calcnewkey", CmdHFiClassCalcNewKey, 1, "[options..] Calc Diversified keys (blocks 3 & 4) to write new keys"},
2197 {"chk", CmdHFiClassCheckKeys, 0, " Check keys"},
2198 {"clone", CmdHFiClassCloneTag, 0, "[options..] Authenticate and Clone from iClass bin file"},
2199 {"decrypt", CmdHFiClassDecrypt, 1, "[f <fname>] Decrypt tagdump" },
2200 {"dump", CmdHFiClassReader_Dump, 0, "[options..] Authenticate and Dump iClass tag's AA1 and/or AA2"},
2201 {"eload", CmdHFiClassELoad, 0, "[f <fname>] (experimental) Load data into iClass emulator memory"},
2202 {"encryptblk", CmdHFiClassEncryptBlk, 1, "<BlockData> Encrypt given block data"},
2203 {"list", CmdHFiClassList, 0, " (Deprecated) List iClass history"},
2204 {"loclass", CmdHFiClass_loclass, 1, "[options..] Use loclass to perform bruteforce of reader attack dump"},
2205 {"managekeys", CmdHFiClassManageKeys, 1, "[options..] Manage the keys to use with iClass"},
2206 {"permutekey", CmdHFiClassPermuteKey, 1, " iClass key permutation"},
2207 {"readblk", CmdHFiClass_ReadBlock, 0, "[options..] Authenticate and Read iClass block"},
2208 {"reader", CmdHFiClassReader, 0, " Look for iClass tags until a key or the pm3 button is pressed"},
2209 {"readtagfile", CmdHFiClassReadTagFile, 1, "[options..] Display Content from tagfile"},
2210 {"sim", CmdHFiClassSim, 0, "[options..] Simulate iClass tag"},
2211 {"snoop", CmdHFiClassSnoop, 0, " Eavesdrop iClass communication"},
2212 {"writeblk", CmdHFiClass_WriteBlock, 0, "[options..] Authenticate and Write iClass block"},
2213 {NULL, NULL, 0, NULL}
2214 };
2215
2216
2217 int CmdHFiClass(const char *Cmd) {
2218 clearCommandBuffer();
2219 CmdsParse(CommandTable, Cmd);
2220 return 0;
2221 }
2222
2223
2224 int CmdHelp(const char *Cmd) {
2225 CmdsHelp(CommandTable);
2226 return 0;
2227 }
Impressum, Datenschutz