// MIFARE Darkside hack
//-----------------------------------------------------------------------------
-#define __STDC_FORMAT_MACROS
#include <inttypes.h>
-#define llx PRIx64
+#include <time.h>
#include "nonce2key.h"
#include "mifarehost.h"
#include "ui.h"
+#include "util.h"
int compar_state(const void * a, const void * b) {
// didn't work: (the result is truncated to 32 bits)
// Reset the last three significant bits of the reader nonce
nr &= 0xffffff1f;
- PrintAndLog("\nuid(%08x) nt(%08x) par(%016"llx") ks(%016"llx") nr(%08"llx")\n\n",uid,nt,par_info,ks_info,nr);
+ PrintAndLog("\nuid(%08x) nt(%08x) par(%016" PRIx64") ks(%016" PRIx64") nr(%08" PRIx32")\n\n",uid,nt,par_info,ks_info,nr);
for (pos=0; pos<8; pos++)
{
lfsr_rollback_word(state+i, uid^nt, 0);
crypto1_get_lfsr(state + i, &key_recovered);
*(state_s + i) = key_recovered;
- //fprintf(fp, "%012llx\n",key_recovered);
+ //fprintf(fp, "%012" PRIx64 "\n",key_recovered);
}
//fclose(fp);
p2 = state_s;
while ( *p1 != -1 && *p2 != -1 ) {
if (compar_state(p1, p2) == 0) {
- printf("p1:%"llx" p2:%"llx" p3:%"llx" key:%012"llx"\n",(uint64_t)(p1-last_keylist),(uint64_t)(p2-state_s),(uint64_t)(p3-last_keylist),*p1);
+ printf("p1:%" PRIx64" p2:%" PRIx64 " p3:%" PRIx64" key:%012" PRIx64 "\n",(uint64_t)(p1-last_keylist),(uint64_t)(p2-state_s),(uint64_t)(p3-last_keylist),*p1);
*p3++ = *p1++;
p2++;
}
uint32_t nr1_enc = data.nr2; // second encrypted reader challenge
uint32_t ar1_enc = data.ar2; // second encrypted reader response
clock_t t1 = clock();
- bool isSuccess = FALSE;
+ bool isSuccess = false;
uint8_t counter=0;
- //PrintAndLog("Enter mfkey32");
- //PrintAndLog("Trying sector %d, cuid %08x, nt %08x, nr %08x, ar %08x, nr2 %08x, ar2 %08x",data.sector, uid, nt,nr0_enc,ar0_enc,nr1_enc,ar1_enc);
- // Generate lfsr succesors of the tag challenge
- //prng_successor(nt, 64);
- //prng_successor(nt, 96);
-
- // Extract the keystream from the messages
- //ks2 = ar0_enc ^ prng_successor(nt, 64);
s = lfsr_recovery32(ar0_enc ^ prng_successor(nt, 64), 0);
crypto1_word(t, uid ^ nt, 0);
crypto1_word(t, nr1_enc, 1);
if (ar1_enc == (crypto1_word(t, 0, 0) ^ prng_successor(nt, 64))) {
- //PrintAndLog("Found Key: [%012"llx"]",key);
+ //PrintAndLog("Found Key: [%012" PRIx64 "]",key);
outkey = key;
counter++;
if (counter==20) break;
}
}
- //free(s);
isSuccess = (counter == 1);
t1 = clock() - t1;
//if ( t1 > 0 ) PrintAndLog("Time in mfkey32: %.0f ticks \nFound %d possible keys", (float)t1, counter);
*outputkey = ( isSuccess ) ? outkey : 0;
crypto1_destroy(s);
+ /* //un-comment to save all keys to a stats.txt file
FILE *fout;
if ((fout = fopen("stats.txt","ab")) == NULL) {
PrintAndLog("Could not create file name stats.txt");
return 1;
}
- fprintf(fout, "mfkey32,%d,%d,%s,%04x%08x,%.0Lf\r\n",counter,data.sector,(data.keytype) ? "B" : "A", (uint32_t)(outkey>>32) & 0xFFFF,(uint32_t)(outkey&0xFFFFFFFF),(long double)t1);
+ fprintf(fout, "mfkey32,%d,%08x,%d,%s,%04x%08x,%.0Lf\r\n", counter, data.cuid, data.sector, (data.keytype) ? "B" : "A", (uint32_t)(outkey>>32) & 0xFFFF,(uint32_t)(outkey&0xFFFFFFFF),(long double)t1);
fclose(fout);
+ */
return isSuccess;
}
uint32_t nt0 = data.nonce; // first tag challenge (nonce)
uint32_t nr0_enc = data.nr; // first encrypted reader challenge
uint32_t ar0_enc = data.ar; // first encrypted reader response
- //uint32_t uid1 = le32toh(data+16);
uint32_t nt1 = data.nonce2; // second tag challenge (nonce)
uint32_t nr1_enc = data.nr2; // second encrypted reader challenge
uint32_t ar1_enc = data.ar2; // second encrypted reader response
- bool isSuccess = FALSE;
+ bool isSuccess = false;
int counter = 0;
//PrintAndLog("Enter mfkey32_moebius");
crypto1_word(t, uid ^ nt1, 0);
crypto1_word(t, nr1_enc, 1);
if (ar1_enc == (crypto1_word(t, 0, 0) ^ prng_successor(nt1, 64))) {
- //PrintAndLog("Found Key: [%012"llx"]",key);
+ //PrintAndLog("Found Key: [%012" PRIx64 "]",key);
outkey=key;
++counter;
if (counter==20)
//if ( t1 > 0 ) PrintAndLog("Time in mfkey32_moebius: %.0f ticks \nFound %d possible keys", (float)t1,counter);
*outputkey = ( isSuccess ) ? outkey : 0;
crypto1_destroy(s);
+ /* // un-comment to output all keys to stats.txt
FILE *fout;
if ((fout = fopen("stats.txt","ab")) == NULL) {
PrintAndLog("Could not create file name stats.txt");
return 1;
}
- fprintf(fout, "moebius,%d,%d,%s,%04x%08x,%0.Lf\r\n",counter,data.sector, (data.keytype) ? "B" : "A", (uint32_t) (outkey>>32),(uint32_t)(outkey&0xFFFFFFFF),(long double)t1);
+ fprintf(fout, "moebius,%d,%08x,%d,%s,%04x%08x,%0.Lf\r\n", counter, data.cuid, data.sector, (data.keytype) ? "B" : "A", (uint32_t) (outkey>>32),(uint32_t)(outkey&0xFFFFFFFF),(long double)t1);
fclose(fout);
+ */
return isSuccess;
}
lfsr_rollback_word(revstate, nr_enc, 1);
lfsr_rollback_word(revstate, uid ^ nt, 0);
crypto1_get_lfsr(revstate, &key);
- PrintAndLog("Found Key: [%012"llx"]", key);
+ PrintAndLog("Found Key: [%012" PRIx64 "]", key);
crypto1_destroy(revstate);
*outputkey = key;
projects / proxmark3-svn / blobdiff