PrintAndLog(" n (Optional) Automatically exit simulation after <numreads> blocks have been read by reader. 0 = infinite");\r
PrintAndLog(" i (Optional) Interactive, means that console will not be returned until simulation finishes or is aborted");\r
PrintAndLog(" x (Optional) Crack, performs the 'reader attack', nr/ar attack against a legitimate reader, fishes out the key(s)");\r
+ PrintAndLog(" e (Optional) Fill simulator keys from what we crack");\r
+ PrintAndLog(" v (Optional) Show maths used for cracking reader. Useful for debugging.");\r
PrintAndLog("samples:");\r
PrintAndLog(" hf mf sim u 0a0a0a0a");\r
PrintAndLog(" hf mf sim u 11223344556677");\r
PrintAndLog(" hf mf chk *1 ? d -- target all blocks, all keys, 1K, write to file");\r
return 0;\r
}\r
+int usage_hf14_keybrute(void){\r
+ PrintAndLog("J_Run's 2nd phase of multiple sector nested authentication key recovery");\r
+ PrintAndLog("You have a known 4 last bytes of a key recovered with mf_nonce_brute tool.");\r
+ PrintAndLog("First 2 bytes of key will be bruteforced");\r
+ PrintAndLog("");\r
+ PrintAndLog("Usage: hf mf keybrute [h] <block number> <A|B> <key>");\r
+ PrintAndLog("options:");\r
+ PrintAndLog(" h this help");\r
+ PrintAndLog(" <block number> target block number");\r
+ PrintAndLog(" <A|B> target key type");\r
+ PrintAndLog(" <key> candidate key from mf_nonce_brute tool");\r
+ PrintAndLog("samples:");\r
+ PrintAndLog(" hf mf keybrute 1 A 000011223344");\r
+ return 0;\r
+}\r
\r
int CmdHF14AMifare(const char *Cmd) {\r
uint32_t uid = 0;\r
}\r
} \r
printf("\n");\r
+ // error\r
+ if (isOK != 1) return 1;\r
\r
- // par == 0\r
- if (isOK == -1 && par_list == 0) {\r
- if (!nonce2key_ex(uid, nt, nr, ks_list, &r_key) ){\r
+ if (par_list == 0 && ks_list != 0) {\r
+ // this special attack when parities is zero, uses checkkeys. Which now with block/keytype option also needs. \r
+ // but it uses 0|1 instead of 0x60|0x61...\r
+ if (nonce2key_ex(blockNo, keytype - 0x60 , uid, nt, nr, ks_list, &r_key) ){\r
+ PrintAndLog("Trying again with a different reader nonce...");\r
+ c.arg[0] = false;\r
+ goto start;\r
+ } else {\r
PrintAndLog("Found valid key: %012"llx" \n", r_key);\r
goto END;\r
}\r
}\r
- \r
- // error\r
- if (isOK != 1) return 1;\r
- \r
+\r
// execute original function from util nonce2key\r
if (nonce2key(uid, nt, nr, par_list, ks_list, &r_key)) {\r
isOK = 2;\r
c.arg[0] = false;\r
goto start;\r
} else {\r
+ \r
+ // nonce2key found a candidate key. Lets verify it.\r
+ uint8_t keyblock[] = {0,0,0,0,0,0};\r
+ num_to_bytes(r_key, 6, keyblock);\r
+ uint64_t key64 = 0;\r
+ int res = mfCheckKeys(blockNo, keytype - 0x60 , false, 1, keyblock, &key64);\r
+ if ( res > 0 ) {\r
+ PrintAndLog("Candidate Key found (%012"llx") - Test authentication failed. Starting over darkside attack", r_key); \r
+ goto start;\r
+ }\r
PrintAndLog("Found valid key: %012"llx" \n", r_key);\r
}\r
END:\r
if ( bytes_read == 0) {\r
PrintAndLog("File reading error.");\r
fclose(fin);\r
+ fin = NULL;\r
return 2;\r
}\r
}\r
if ( bytes_read == 0) {\r
PrintAndLog("File reading error.");\r
fclose(fin);\r
+ fin = NULL;\r
return 2;\r
}\r
}\r
\r
fclose(fin);\r
-\r
+ fin = NULL;\r
+ \r
PrintAndLog("|-----------------------------------------|");\r
PrintAndLog("|------ Reading sector access bits...-----|");\r
PrintAndLog("|-----------------------------------------|");\r
uint16_t numblocks = FirstBlockOfSector(numSectors - 1) + NumBlocksPerSector(numSectors - 1);\r
fwrite(carddata, 1, 16*numblocks, fout);\r
fclose(fout);\r
+ fout = NULL; \r
PrintAndLog("Dumped %d blocks (%d bytes) to file dumpdata.bin", numblocks, 16*numblocks);\r
}\r
\r
if ( bytes_read == 0) {\r
PrintAndLog("File reading error (dumpkeys.bin).");\r
fclose(fkeys);\r
+ fkeys = NULL;\r
return 2;\r
}\r
}\r
if ( bytes_read == 0) {\r
PrintAndLog("File reading error (dumpkeys.bin).");\r
fclose(fkeys);\r
+ fkeys = NULL;\r
return 2;\r
}\r
}\r
if ( bytes_read == 0) {\r
PrintAndLog("File reading error (dumpdata.bin).");\r
fclose(fdump);\r
+ fdump = NULL; \r
return 2;\r
}\r
\r
}\r
\r
fclose(fdump);\r
+ fdump = NULL; \r
return 0;\r
}\r
\r
slow ? "Yes" : "No",\r
tests);\r
\r
- int16_t isOK = mfnestedhard(blockNo, keyType, key, trgBlockNo, trgKeyType, know_target_key?trgkey:NULL, nonce_file_read, nonce_file_write, slow, tests);\r
+ int16_t isOK = mfnestedhard(blockNo, keyType, key, trgBlockNo, trgKeyType, know_target_key ? trgkey : NULL, nonce_file_read, nonce_file_write, slow, tests);\r
\r
if (isOK) {\r
switch (isOK) {\r
#define ATTACK_KEY_COUNT 8\r
sector *k_sector = NULL;\r
uint8_t k_sectorsCount = 16;\r
-void readerAttack(nonces_t data[], bool setEmulatorMem) {\r
+void readerAttack(nonces_t data[], bool setEmulatorMem, bool verbose) {\r
\r
// initialize storage for found keys\r
if (k_sector == NULL)\r
printf("enter reader attack\n");\r
for (uint8_t i = 0; i < ATTACK_KEY_COUNT; ++i) {\r
if (data[i].ar2 > 0) {\r
- \r
- if (tryMfk32(data[i], &key)) {\r
+\r
+ // We can probably skip this, mfkey32v2 is more reliable.\r
+#ifdef HFMF_TRYMFK32\r
+ if (tryMfk32(data[i], &key, verbose)) {\r
PrintAndLog("Found Key%s for sector %02d: [%012"llx"]"\r
, (data[i].keytype) ? "B" : "A"\r
, data[i].sector\r
uint8_t memBlock[16] = {0,0,0,0,0,0, 0xff, 0x0F, 0x80, 0x69, 0,0,0,0,0,0};\r
num_to_bytes( k_sector[i].Key[0], 6, memBlock);\r
num_to_bytes( k_sector[i].Key[1], 6, memBlock+10);\r
- mfEmlSetMem( memBlock, i*4 + 3, 1);\r
PrintAndLog("Setting Emulator Memory Block %02d: [%s]"\r
- , i*4 + 3\r
+ , ((data[i].sector)*4) + 3\r
, sprint_hex( memBlock, sizeof(memBlock))\r
);\r
+ mfEmlSetMem( memBlock, ((data[i].sector)*4) + 3, 1);\r
}\r
- break;\r
+ continue;\r
}\r
+#endif\r
//moebius attack \r
- // if (tryMfk32_moebius(data[i+ATTACK_KEY_COUNT], &key)) {\r
- // PrintAndLog("M-Found Key%s for sector %02d: [%012"llx"]"\r
- // ,(data[i+ATTACK_KEY_COUNT].keytype) ? "B" : "A"\r
- // , data[i+ATTACK_KEY_COUNT].sector\r
- // , key\r
- // );\r
- // }\r
+ if (tryMfk32_moebius(data[i+ATTACK_KEY_COUNT], &key, verbose)) {\r
+ uint8_t sectorNum = data[i+ATTACK_KEY_COUNT].sector;\r
+ uint8_t keyType = data[i+ATTACK_KEY_COUNT].keytype;\r
+\r
+ PrintAndLog("M-Found Key%s for sector %02d: [%012"llx"]"\r
+ , keyType ? "B" : "A"\r
+ , sectorNum\r
+ , key\r
+ );\r
+\r
+ k_sector[sectorNum].Key[keyType] = key;\r
+ k_sector[sectorNum].foundKey[keyType] = TRUE;\r
+\r
+ //set emulator memory for keys\r
+ if (setEmulatorMem) {\r
+ uint8_t memBlock[16] = {0,0,0,0,0,0, 0xff, 0x0F, 0x80, 0x69, 0,0,0,0,0,0};\r
+ num_to_bytes( k_sector[sectorNum].Key[0], 6, memBlock);\r
+ num_to_bytes( k_sector[sectorNum].Key[1], 6, memBlock+10);\r
+ PrintAndLog("Setting Emulator Memory Block %02d: [%s]"\r
+ , (sectorNum*4) + 3\r
+ , sprint_hex( memBlock, sizeof(memBlock))\r
+ );\r
+ mfEmlSetMem( memBlock, (sectorNum*4) + 3, 1);\r
+ }\r
+ continue;\r
+ }\r
+\r
}\r
}\r
}\r
uint8_t uid[10] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0};\r
uint8_t exitAfterNReads = 0;\r
uint8_t flags = (FLAG_UID_IN_EMUL | FLAG_4B_UID_IN_DATA);\r
- int uidlen = 0; \r
+ int uidlen = 0;\r
bool setEmulatorMem = false;\r
uint8_t cmdp = 0;\r
bool errors = false;\r
\r
+ // If set to true, we should show our workings when doing NR_AR_ATTACK.\r
+ bool verbose = false;\r
+\r
while(param_getchar(Cmd, cmdp) != 0x00) {\r
switch(param_getchar(Cmd, cmdp)) {\r
case 'e':\r
}\r
cmdp +=2;\r
break;\r
+ case 'v':\r
+ case 'V':\r
+ verbose = true;\r
+ cmdp++;\r
+ break;\r
case 'x':\r
case 'X':\r
flags |= FLAG_NR_AR_ATTACK;\r
if ( (resp.arg[0] & 0xffff) != CMD_SIMULATE_MIFARE_CARD ) break;\r
\r
memcpy( data, resp.d.asBytes, sizeof(data) ); \r
- readerAttack(data, setEmulatorMem);\r
+ readerAttack(data, setEmulatorMem, verbose);\r
}\r
\r
if (k_sector != NULL) {\r
printKeyTable(k_sectorsCount, k_sector );\r
free(k_sector);\r
+ k_sector = NULL;\r
}\r
}\r
return 0;\r
return 0;\r
}\r
\r
+int CmdHF14AMfKeyBrute(const char *Cmd) {\r
+\r
+ uint8_t blockNo = 0, keytype = 0;\r
+ uint8_t key[6] = {0, 0, 0, 0, 0, 0};\r
+ uint64_t foundkey = 0;\r
+ \r
+ char cmdp = param_getchar(Cmd, 0); \r
+ if ( cmdp == 'H' || cmdp == 'h') return usage_hf14_keybrute();\r
+ \r
+ // block number\r
+ blockNo = param_get8(Cmd, 0); \r
+ \r
+ // keytype\r
+ cmdp = param_getchar(Cmd, 1);\r
+ if (cmdp == 'B' || cmdp == 'b') keytype = 1;\r
+ \r
+ // key\r
+ if (param_gethex(Cmd, 2, key, 12)) return usage_hf14_keybrute();\r
+ \r
+ clock_t t1 = clock();\r
+ time_t start, end;\r
+ time(&start);\r
+ \r
+ if (mfKeyBrute( blockNo, keytype, key, &foundkey))\r
+ PrintAndLog("Found valid key: %012"llx" \n", foundkey);\r
+ else\r
+ PrintAndLog("Key not found");\r
+ \r
+ t1 = clock() - t1;\r
+ time(&end);\r
+ unsigned long elapsed_time = difftime(end, start); \r
+ if ( t1 > 0 )\r
+ PrintAndLog("\nTime in keybrute: %.0f ticks %u seconds\n", (float)t1, elapsed_time);\r
+ \r
+ return 0; \r
+}\r
+\r
void printKeyTable( uint8_t sectorscnt, sector *e_sector ){\r
PrintAndLog("|---|----------------|---|----------------|---|");\r
PrintAndLog("|sec|key A |res|key B |res|");\r
{"dump", CmdHF14AMfDump, 0, "Dump MIFARE classic tag to binary file"},\r
{"restore", CmdHF14AMfRestore, 0, "Restore MIFARE classic binary file to BLANK tag"},\r
{"wrbl", CmdHF14AMfWrBl, 0, "Write MIFARE classic block"},\r
- {"chk", CmdHF14AMfChk, 0, "Test block keys"},\r
- {"mifare", CmdHF14AMifare, 0, "Read parity error messages."},\r
- {"nested", CmdHF14AMfNested, 0, "Test nested authentication"},\r
+ {"chk", CmdHF14AMfChk, 0, "Check keys"},\r
+ {"mifare", CmdHF14AMifare, 0, "Darkside attack. read parity error messages."},\r
+ {"nested", CmdHF14AMfNested, 0, "Nested attack. Test nested authentication"},\r
{"hardnested", CmdHF14AMfNestedHard, 0, "Nested attack for hardened Mifare cards"},\r
+ {"keybrute", CmdHF14AMfKeyBrute, 0, "J_Run's 2nd phase of multiple sector nested authentication key recovery"},\r
{"sniff", CmdHF14AMfSniff, 0, "Sniff card-reader communication"},\r
{"sim", CmdHF14AMf1kSim, 0, "Simulate MIFARE card"},\r
{"eclr", CmdHF14AMfEClear, 0, "Clear simulator memory block"},\r