X-Git-Url: http://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/20f9a2a1d54952ed15066c93490f0e8fb0d43b67..f89c705002842291e39d000f27dbaea1ddd78917:/client/cmdhf14a.c

diff --git a/client/cmdhf14a.c b/client/cmdhf14a.c
index 922d1b7f..e0b1c3a9 100644
--- a/client/cmdhf14a.c
+++ b/client/cmdhf14a.c
@@ -1,4 +1,5 @@
 //-----------------------------------------------------------------------------
+// 2011, Merlok
 // Copyright (C) 2010 iZsh <izsh at fail0verflow.com>, Hagen Fritsch
 //
 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
@@ -11,6 +12,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <conio.h>
 #include "util.h"
 #include "iso14443crc.h"
 #include "data.h"
@@ -20,6 +22,8 @@
 #include "cmdhf14a.h"
 #include "common.h"
 #include "cmdmain.h"
+#include "nonce2key/nonce2key.h"
+#include "nonce2key/crapto1.h"
 
 static int CmdHelp(const char *Cmd);
 
@@ -147,7 +151,7 @@ int CmdHF14AList(const char *Cmd)
     prev = timestamp;
     i += (len + 9);
   }
-  return 0;
+	return 0;
 }
 
 void iso14a_set_timeout(uint32_t timeout) {
@@ -157,9 +161,60 @@ void iso14a_set_timeout(uint32_t timeout) {
 
 int CmdHF14AMifare(const char *Cmd)
 {
-  UsbCommand c = {CMD_READER_MIFARE, {strtol(Cmd, NULL, 0), 0, 0}};
-  SendCommand(&c);
-  return 0;
+	uint32_t uid = 0;
+	uint32_t nt = 0;
+	uint64_t par_list = 0, ks_list = 0, r_key = 0;
+	uint8_t isOK = 0;
+	
+	UsbCommand c = {CMD_READER_MIFARE, {strtol(Cmd, NULL, 0), 0, 0}};
+	SendCommand(&c);
+	
+	//flush queue
+	while (kbhit())	getchar();
+	while (WaitForResponseTimeout(CMD_ACK, 500) != NULL) ;
+
+	// message
+	printf("-------------------------------------------------------------------------\n");
+	printf("Executing command. It may take up to 30 min.\n");
+	printf("Press the key on proxmark3 device to abort proxmark3.\n");
+	printf("Press the key on the proxmark3 device to abort both proxmark3 and client.\n");
+	printf("-------------------------------------------------------------------------\n");
+	
+	// wait cycle
+	while (true) {
+		printf(".");
+		if (kbhit()) {
+			getchar();
+			printf("\naborted via keyboard!\n");
+			break;
+		}
+		
+		UsbCommand * resp = WaitForResponseTimeout(CMD_ACK, 2000);
+		if (resp != NULL) {
+			isOK  = resp->arg[0] & 0xff;
+	
+			uid = (uint32_t)bytes_to_num(resp->d.asBytes +  0, 4);
+			nt =  (uint32_t)bytes_to_num(resp->d.asBytes +  4, 4);
+			par_list = bytes_to_num(resp->d.asBytes +  8, 8);
+			ks_list = bytes_to_num(resp->d.asBytes +  16, 8);
+	
+			printf("\n\n");
+			PrintAndLog("isOk:%02x", isOK);
+			if (!isOK) PrintAndLog("Proxmark can't get statistic info. Execution aborted.\n");
+			break;
+		}
+	}	
+	printf("\n");
+	
+	// error
+	if (isOK != 1) return 1;
+	
+	// execute original function from util nonce2key
+	if (nonce2key(uid, nt, par_list, ks_list, &r_key)) return 2;
+	printf("-------------------------------------------------------------------------\n");
+	PrintAndLog("Key found:%012llx \n", r_key);
+	
+	return 0;
 }
 
 int CmdHF14AMfWrBl(const char *Cmd)
@@ -180,7 +235,7 @@ int CmdHF14AMfWrBl(const char *Cmd)
 	}	
 	PrintAndLog("l: %s", Cmd);
 	
-  // skip spaces
+	// skip spaces
 	while (*cmdp==' ' || *cmdp=='\t') cmdp++;
 	blockNo = strtol(cmdp, NULL, 0) & 0xff;
 	
@@ -387,6 +442,109 @@ int CmdHF14AMfRdSc(const char *Cmd)
   return 0;
 }
 
+int CmdHF14AMfNested(const char *Cmd)
+{
+	int i, temp;
+	uint8_t sectorNo = 0;
+	uint8_t keyType = 0;
+	uint8_t key[6] = {0, 0, 0, 0, 0, 0};
+	
+	const char *cmdp	= Cmd;
+
+
+	if (strlen(Cmd)<3) {
+		PrintAndLog("Usage:  hf 14a nested    <sector number> <key A/B> <key (12 hex symbols)>");
+		PrintAndLog("           sample: hf 14a nested 0 A FFFFFFFFFFFF ");
+		return 0;
+	}	
+	
+  // skip spaces
+	while (*cmdp==' ' || *cmdp=='\t') cmdp++;
+	sectorNo = strtol(cmdp, NULL, 0) & 0xff;
+	
+	// next value
+	while (*cmdp!=' ' && *cmdp!='\t') cmdp++;
+	while (*cmdp==' ' || *cmdp=='\t') cmdp++;
+	if (*cmdp != 'A' && *cmdp != 'a')  {
+		keyType = 1;
+	}
+
+	// next value
+	while (*cmdp!=' ' && *cmdp!='\t') cmdp++;
+	while (*cmdp==' ' || *cmdp=='\t') cmdp++;
+
+	if (strlen(cmdp) != 12) {
+		PrintAndLog("Length of key must be 12 hex symbols");
+		return 0;
+	}
+	
+	for(i = 0; i < 6; i++) {
+		sscanf((char[]){cmdp[0],cmdp[1],0},"%X",&temp);
+		key[i] = temp & 0xff;
+		cmdp++;
+		cmdp++;
+	}	
+	PrintAndLog(" sector no:%02x key type:%02x key:%s ", sectorNo, keyType, sprint_hex(key, 6));
+	
+  UsbCommand c = {CMD_MIFARE_NESTED, {sectorNo, keyType, 0}};
+	memcpy(c.d.asBytes, key, 6);
+  SendCommand(&c);
+	UsbCommand * resp = WaitForResponseTimeout(CMD_ACK, 1500);
+	PrintAndLog(" ");
+
+	if (resp != NULL) {
+		uint8_t                isOK  = resp->arg[0] & 0xff;
+		uint8_t              * data  = resp->d.asBytes;
+
+		PrintAndLog("isOk:%02x", isOK);
+		for (i = 0; i < 2; i++) {
+			PrintAndLog("data:%s", sprint_hex(data + i * 16, 16));
+		}
+	} else {
+		PrintAndLog("Command execute timeout");
+	}
+
+  return 0;
+}
+
+int CmdHF14AMf1kSim(const char *Cmd)
+{
+	int i, temp;
+	uint8_t uid[4] = {0, 0, 0, 0};
+	
+	const char *cmdp	= Cmd;
+
+
+	if (strlen(Cmd)<3) {
+		PrintAndLog("Usage:  hf 14a mfsim  <uid (8 hex symbols)>");
+		PrintAndLog("           sample: hf 14a mfsim 0a0a0a0a ");
+		return 0;
+	}	
+	
+  // skip spaces
+	while (*cmdp==' ' || *cmdp=='\t') cmdp++;
+
+	if (strlen(cmdp) != 8) {
+		PrintAndLog("Length of UID must be 8 hex symbols");
+		return 0;
+	}
+	
+	for(i = 0; i < 4; i++) {
+		sscanf((char[]){cmdp[0],cmdp[1],0},"%X",&temp);
+		uid[i] = temp & 0xff;
+		cmdp++;
+		cmdp++;
+	}	
+	PrintAndLog(" uid:%s ", sprint_hex(uid, 4));
+	
+  UsbCommand c = {CMD_SIMULATE_MIFARE_CARD, {0, 0, 0}};
+	memcpy(c.d.asBytes, uid, 6);
+  SendCommand(&c);
+
+  return 0;
+}
+
+
 int CmdHF14AReader(const char *Cmd)
 {
 	UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT, 0, 0}};
@@ -439,15 +597,17 @@ int CmdHF14ASnoop(const char *Cmd)
 
 static command_t CommandTable[] = 
 {
-  {"help",    CmdHelp,        1, "This help"},
-  {"list",    CmdHF14AList,   0, "List ISO 14443a history"},
-  {"mifare",  CmdHF14AMifare, 0, "Read out sector 0 parity error messages"},
-  {"mfrdbl",  CmdHF14AMfRdBl, 0, "Read MIFARE classic block"},
-  {"mfrdsc",  CmdHF14AMfRdSc, 0, "Read MIFARE classic sector"},
-  {"mfwrbl",  CmdHF14AMfWrBl, 0, "Write MIFARE classic block"},
-  {"reader",  CmdHF14AReader, 0, "Act like an ISO14443 Type A reader"},
-  {"sim",     CmdHF14ASim,    0, "<UID> -- Fake ISO 14443a tag"},
-  {"snoop",   CmdHF14ASnoop,  0, "Eavesdrop ISO 14443 Type A"},
+  {"help",   CmdHelp,          1, "This help"},
+  {"list",   CmdHF14AList,     0, "List ISO 14443a history"},
+  {"mifare", CmdHF14AMifare,   0, "Read out sector 0 parity error messages. param - <used card nonce>"},
+  {"mfrdbl", CmdHF14AMfRdBl,   0, "Read MIFARE classic block"},
+  {"mfrdsc", CmdHF14AMfRdSc,   0, "Read MIFARE classic sector"},
+  {"mfwrbl", CmdHF14AMfWrBl,   0, "Write MIFARE classic block"},
+  {"nested", CmdHF14AMfNested, 0, "Test nested authentication"},
+  {"mfsim",  CmdHF14AMf1kSim,  0, "Simulate MIFARE 1k card - NOT WORKING!!!"},
+  {"reader", CmdHF14AReader,   0, "Act like an ISO14443 Type A reader"},
+  {"sim",    CmdHF14ASim,      0, "<UID> -- Fake ISO 14443a tag"},
+  {"snoop",  CmdHF14ASnoop,    0, "Eavesdrop ISO 14443 Type A"},
   {NULL, NULL, 0, NULL}
 };