author pwpiwi Wed, 30 Sep 2015 18:59:50 +0000 (20:59 +0200) committer pwpiwi Wed, 30 Sep 2015 18:59:50 +0000 (20:59 +0200)
- gracefully exit on unsuccessful syncs instead of hard watchdog reset

 armsrc/iso14443a.c patch | blob | blame | history client/cmdhfmf.c patch | blob | blame | history client/scripts/mifare_autopwn.lua patch | blob | blame | history

index f81a1a99a6a44dff93c6ed1e52f39a3d72bbde34..0431876eca41eb756342de78d8a3e58a75711f78 100644 (file)
@@ -2016,6 +2016,7 @@ void ReaderMifare(bool first_try)
byte_t par_list[8] = {0x00};
byte_t ks_list[8] = {0x00};

+       #define PRNG_SEQUENCE_LENGTH  (1 << 16);
static uint32_t sync_time;
static uint32_t sync_cycles;
int catch_up_cycles = 0;
@@ -2026,7 +2027,7 @@ void ReaderMifare(bool first_try)
if (first_try) {
mf_nr_ar3 = 0;
sync_time = GetCountSspClk() & 0xfffffff8;
-               sync_cycles = 65536;                                                                    // theory: Mifare Classic's random generator repeats every 2^16 cycles (and so do the nonces).
+               sync_cycles = PRNG_SEQUENCE_LENGTH;                                                     // theory: Mifare Classic's random generator repeats every 2^16 cycles (and so do the tag nonces).
nt_attacked = 0;
nt = 0;
par[0] = 0;
@@ -2043,8 +2044,12 @@ void ReaderMifare(bool first_try)
LED_C_OFF();

-       #define DARKSIDE_MAX_TRIES      32              // number of tries to sync on PRNG cycle. Then give up.
-       uint16_t unsuccessfull_tries = 0;
+       #define MAX_UNEXPECTED_RANDOM   4               // maximum number of unexpected (i.e. real) random numbers when trying to sync. Then give up.
+       #define MAX_SYNC_TRIES                  16
+       uint16_t unexpected_random = 0;
+       uint16_t sync_tries = 0;
+       int16_t debug_info_nr = -1;
+       uint32_t debug_info[MAX_SYNC_TRIES];

for(uint16_t i = 0; TRUE; i++) {

@@ -2062,16 +2067,20 @@ void ReaderMifare(bool first_try)
continue;
}

-               sync_time = (sync_time & 0xfffffff8) + sync_cycles + catch_up_cycles;
-               catch_up_cycles = 0;
+               if (debug_info_nr == -1) {
+                       sync_time = (sync_time & 0xfffffff8) + sync_cycles + catch_up_cycles;
+                       catch_up_cycles = 0;

-               // if we missed the sync time already, advance to the next nonce repeat
-               while(GetCountSspClk() > sync_time) {
-                       sync_time = (sync_time & 0xfffffff8) + sync_cycles;
-               }
+                       // if we missed the sync time already, advance to the next nonce repeat
+                       while(GetCountSspClk() > sync_time) {
+                               sync_time = (sync_time & 0xfffffff8) + sync_cycles;
+                       }

-               // Transmit MIFARE_CLASSIC_AUTH at synctime. Should result in returning the same tag nonce (== nt_attacked)
+                       // Transmit MIFARE_CLASSIC_AUTH at synctime. Should result in returning the same tag nonce (== nt_attacked)
+               } else {
+               }

// Receive the (4 Byte) "random" nonce
@@ -2089,19 +2098,32 @@ void ReaderMifare(bool first_try)
int nt_distance = dist_nt(previous_nt, nt);
if (nt_distance == 0) {
nt_attacked = nt;
-                       }
-                       else {
+                       } else {
if (nt_distance == -99999) { // invalid nonce received
-                                       unsuccessfull_tries++;
-                                       if (!nt_attacked && unsuccessfull_tries > DARKSIDE_MAX_TRIES) {
+                                       unexpected_random++;
+                                       if (!nt_attacked && unexpected_random > MAX_UNEXPECTED_RANDOM) {
isOK = -3;              // Card has an unpredictable PRNG. Give up
break;
} else {
continue;               // continue trying...
}
}
+                               if (++sync_tries > MAX_SYNC_TRIES) {
+                                       if (sync_tries > 2 * MAX_SYNC_TRIES) {
+                                               isOK = -4;                      // Card's PRNG runs at an unexpected frequency or resets unexpectedly
+                                               break;
+                                       } else {                                // continue for a while, just to collect some debug info
+                                               debug_info[++debug_info_nr] = nt_distance;
+                                               continue;
+                                       }
+                               }
sync_cycles = (sync_cycles - nt_distance);
-                               if (MF_DBGLEVEL >= 3) Dbprintf("calibrating in cycle %d. nt_distance=%d, Sync_cycles: %d\n", i, nt_distance, sync_cycles);
+                               if (sync_cycles <= 0) {
+                                       sync_cycles += PRNG_SEQUENCE_LENGTH;
+                               }
+                               if (MF_DBGLEVEL >= 3) {
+                                       Dbprintf("calibrating in cycle %d. nt_distance=%d, Sync_cycles: %d\n", i, nt_distance, sync_cycles);
+                               }
continue;
}
}
@@ -2172,6 +2194,14 @@ void ReaderMifare(bool first_try)

mf_nr_ar[3] &= 0x1F;
+
+       if (isOK == -4) {
+               if (MF_DBGLEVEL >= 3) {
+                       for(uint16_t i = 0; i < MAX_SYNC_TRIES; i++) {
+                               Dbprintf("collected debug info[%d] = %d\n", i, debug_info[i]);
+                       }
+               }
+       }

byte_t buf[28];
memcpy(buf + 0,  uid, 4);
index 16612cba3b86e7f07d0360085f0fa773c8dfb33f..8a8a38fcaf19961b9ea059318acaa261dd2e7c5c 100644 (file)
@@ -58,6 +58,7 @@ start:
case -1 : PrintAndLog("Button pressed. Aborted.\n"); break;\r
case -2 : PrintAndLog("Card is not vulnerable to Darkside attack (doesn't send NACK on authentication requests).\n"); break;\r
case -3 : PrintAndLog("Card is not vulnerable to Darkside attack (its random number generator is not predictable).\n"); break;\r
+                               case -4 : PrintAndLog("The card's random number generator is vulnerable but behaves somewhat weird (Mifare clone?). This needs to be fixed.\n"); break;\r
default: ;\r
}\r
break;\r
index 9cc865f0172f41ab099bf8ebd7836c72cb72a7cc..77f36ae453550e5d4542df8f405bcf58eefe58a6 100644 (file)
@@ -112,6 +112,8 @@ function mfcrack_inner()
return nil, "Card is not vulnerable to Darkside attack (doesn't send NACK on authentication requests). You can try 'script run mfkeys' or 'hf mf chk' to test various known keys."
elseif isOK == 0xFFFFFFFD then
return nil, "Card is not vulnerable to Darkside attack (its random number generator is not predictable). You can try 'script run mfkeys' or 'hf mf chk' to test various known keys."
+                       elseif isOK == 0xFFFFFFFC then
+                               return nil, "The card's random number generator is vulnerable but behaves somewhat weird (Mifare clone?). You can try 'script run mfkeys' or 'hf mf chk' to test various known keys."
elseif isOK ~= 1 then
return nil, "Error occurred"
end