]> git.zerfleddert.de Git - proxmark3-svn/commitdiff
added some cone in nested. not tested.
authorOleg Moiseenko <olegmsn@gmail.com>
Sat, 10 Feb 2018 22:28:23 +0000 (00:28 +0200)
committerOleg Moiseenko <olegmsn@gmail.com>
Sat, 10 Feb 2018 22:28:23 +0000 (00:28 +0200)
client/cmdhflist.c
client/cmdhflist.h

index b1bd8a7ae9d289871b89d2e8773396c9feee5650..06bd8d18deb47288ba0b3da585d0039413f53c9c 100644 (file)
@@ -297,18 +297,44 @@ bool DecodeMifareData(uint8_t *cmd, uint8_t cmdsize, bool isResponse, uint8_t *m
                        }
                        
                        // check default keys
-                       for (int defaultKeyCounter = 0; defaultKeyCounter < MifareDefaultKeysSize; defaultKeyCounter++){
-                               if (NestedCheckKey(MifareDefaultKeys[defaultKeyCounter], &AuthData, cmd, cmdsize)) {
-                                       
-                                       break;
-                               };
+                       if (!traceCrypto1) {
+                               for (int defaultKeyCounter = 0; defaultKeyCounter < MifareDefaultKeysSize; defaultKeyCounter++){
+                                       if (NestedCheckKey(MifareDefaultKeys[defaultKeyCounter], &AuthData, cmd, cmdsize)) {
+                                               
+                                               break;
+                                       };
+                               }
                        }
                        
                        // nested
-                       if (validate_prng_nonce(AuthData.nt)) {
+                       if (!traceCrypto1 && validate_prng_nonce(AuthData.nt)) {
+                               uint32_t ntx = prng_successor(AuthData.nt, 90);
+                               for (int i = 0; i < 16383; i++) {
+                                       ntx = prng_successor(ntx, 1);
+                                       if (NTParityChk(&AuthData, ntx)){
+
+                                               uint32_t ks2 = AuthData.ar_enc ^ prng_successor(ntx, 64);
+                                               uint32_t ks3 = AuthData.at_enc ^ prng_successor(ntx, 96);
+                                               struct Crypto1State *pcs = lfsr_recovery64(ks2, ks3);
+                                               memcpy(mfData, cmd, cmdsize);
+                                               mf_crypto1_decrypt(pcs, mfData, cmdsize, 0);
+                               
+                                               crypto1_destroy(pcs);
+                                               if (CheckCrc14443(CRC_14443_A, mfData, cmdsize)) {
+                                                       traceCrypto1 = lfsr_recovery64(ks2, ks3);
+                                                       break;
+                                               }
+                                       }                                               
+                               }
+                               if (traceCrypto1)
+                                       printf("key> nt=%08x nonce distance=%d \n", ntx, nonce_distance(AuthData.nt, ntx));
+                               else
+                                       printf("key> don't have any valid nt( \n");                                     
                        }
                        
                        //hardnested
+                       if (!traceCrypto1) {
+                       }
                }
                
                
index d0298de50ff2b80a5290aa23f8b0f6e0049447cf..aa037658f42c4dbc9dfd3bc591efb8c6971d5cf1 100644 (file)
@@ -33,6 +33,7 @@ extern uint8_t mifare_CRC_check(bool isResponse, uint8_t* data, uint8_t len);
 extern void annotateIso14443a(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize);
 extern void annotateMifare(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize, uint8_t* parity, uint8_t paritysize, bool isResponse);
 extern bool DecodeMifareData(uint8_t *cmd, uint8_t cmdsize, bool isResponse, uint8_t *mfData, size_t *mfDataLen);
+extern bool NTParityChk(TAuthData *ad, uint32_t ntx);
 extern bool NestedCheckKey(uint64_t key, TAuthData *ad, uint8_t *cmd, uint8_t cmdsize);
 
 #endif // CMDHFLIST
Impressum, Datenschutz