#include "common.h"
#include "cmdmain.h"
#include "mifare.h"
+#include "cmdhfmf.h"
#include "cmdhfmfu.h"
#include "nonce2key/nonce2key.h"
#include "cmdhf.h"
// PrintAndLog(" u : 4, 7 or 10 byte UID");
PrintAndLog(" u : 4, 7 byte UID");
PrintAndLog(" x : (Optional) performs the 'reader attack', nr/ar attack against a legitimate reader");
- PrintAndLog("\n sample : hf 14a sim t 1 u 1122344 x");
- PrintAndLog(" : hf 14a sim t 1 u 1122344");
- PrintAndLog(" : hf 14a sim t 1 u 1122344556677");
+ PrintAndLog("\n sample : hf 14a sim t 1 u 11223344 x");
+ PrintAndLog(" : hf 14a sim t 1 u 11223344");
+ PrintAndLog(" : hf 14a sim t 1 u 11223344556677");
// PrintAndLog(" : hf 14a sim t 1 u 11223445566778899AA\n");
return 0;
}
// ## simulate iso14443a tag
// ## greg - added ability to specify tag UID
int CmdHF14ASim(const char *Cmd) {
+ #define ATTACK_KEY_COUNT 8
bool errors = FALSE;
uint8_t flags = 0;
uint8_t tagtype = 1;
uint8_t cmdp = 0;
uint8_t uid[10] = {0,0,0,0,0,0,0,0,0,0};
int uidlen = 0;
- uint8_t data[40];
- uint8_t key[6] = {0,0,0,0,0,0};
- UsbCommand resp;
bool useUIDfromEML = TRUE;
while(param_getchar(Cmd, cmdp) != 0x00) {
PrintAndLog("Press pm3-button to abort simulation");
UsbCommand c = {CMD_SIMULATE_TAG_ISO_14443a,{ tagtype, flags, 0 }};
- memcpy(c.d.asBytes, uid, uidlen);
+ memcpy(c.d.asBytes, uid, uidlen>>1);
clearCommandBuffer();
SendCommand(&c);
- while(!ukbhit()){
- if ( WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
- if ( (resp.arg[0] & 0xffff) == CMD_SIMULATE_MIFARE_CARD ){
- memset(data, 0x00, sizeof(data));
- memset(key, 0x00, sizeof(key));
- int len = (resp.arg[1] > sizeof(data)) ? sizeof(data) : resp.arg[1];
- memcpy(data, resp.d.asBytes, len);
- uint32_t cuid = bytes_to_num(data, 4);
- tryMfk32(cuid, data, key); // 201604, iceman, errors!
- //tryMfk32_moebius(cuid, data, key);
- //tryMfk64(cuid, data, key);
- }
- }
+ nonces_t data[ATTACK_KEY_COUNT*2];
+ UsbCommand resp;
+
+ while( !ukbhit() ){
+ if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500) ) continue;
+
+ if ( !(flags & FLAG_NR_AR_ATTACK) ) break;
+ if ( (resp.arg[0] & 0xffff) != CMD_SIMULATE_MIFARE_CARD ) break;
+
+ memcpy( data, resp.d.asBytes, sizeof(data) );
+ readerAttack(data, TRUE);
}
return 0;
}
int CmdHF14ASniff(const char *Cmd) {
- int param = 0;
-
+ int param = 0;
uint8_t ctmp = param_getchar(Cmd, 0) ;
if (ctmp == 'h' || ctmp == 'H') return usage_hf_14a_sniff();
}
}
-static command_t CommandTable[] =
-{
+static command_t CommandTable[] = {
{"help", CmdHelp, 1, "This help"},
{"list", CmdHF14AList, 0, "[Deprecated] List ISO 14443a history"},
{"reader", CmdHF14AReader, 0, "Act like an ISO14443 Type A reader"},
};
int CmdHF14A(const char *Cmd) {
- // flush
clearCommandBuffer();
- //WaitForResponseTimeout(CMD_ACK,NULL,100);
-
- // parse
CmdsParse(CommandTable, Cmd);
return 0;
}