//-----------------------------------------------------------------------------\r
\r
#include "cmdhfmf.h"\r
+#include "nonce2key/nonce2key.h"\r
\r
static int CmdHelp(const char *Cmd);\r
\r
uint8_t uid[7] = {0, 0, 0, 0, 0, 0, 0};\r
uint8_t exitAfterNReads = 0;\r
uint8_t flags = 0;\r
-\r
+ \r
uint8_t cmdp = param_getchar(Cmd, 0);\r
+\r
+ clearCommandBuffer();\r
\r
if (cmdp == 'h' || cmdp == 'H') {\r
PrintAndLog("Usage: hf mf sim u <uid (8 hex symbols)> n <numreads> i x");\r
SendCommand(&c);\r
\r
if(flags & FLAG_INTERACTIVE)\r
- {\r
- UsbCommand resp;\r
+ { \r
PrintAndLog("Press pm3-button to abort simulation");\r
- while(! WaitForResponseTimeout(CMD_ACK,&resp,1500)) {\r
- //We're waiting only 1.5 s at a time, otherwise we get the\r
- // annoying message about "Waiting for a response... "\r
+ \r
+ uint8_t data[40];\r
+ uint8_t key[6];\r
+\r
+ UsbCommand resp; \r
+ while(!ukbhit() ){\r
+ if ( WaitForResponseTimeout(CMD_ACK,&resp,1500) ) {\r
+ if ( (resp.arg[0] & 0xffff) == CMD_SIMULATE_MIFARE_CARD ){\r
+ memset(data, 0x00, sizeof(data));\r
+ memset(key, 0x00, sizeof(key));\r
+ int len = (resp.arg[1] > sizeof(data)) ? sizeof(data) : resp.arg[1];\r
+ \r
+ memcpy(data, resp.d.asBytes, len);\r
+ \r
+ uint64_t corr_uid = 0;\r
+ if ( memcmp(data, "\x00\x00\x00\x00", 4) == 0 ) {\r
+ corr_uid = (data[3] << 24) | (data[2] << 16) | (data[1] << 8) | data[0];\r
+ }\r
+ else {\r
+ corr_uid |= (uint64_t)data[2] << 48; \r
+ corr_uid |= (uint64_t)data[1] << 40; \r
+ corr_uid |= (uint64_t)data[0] << 32;\r
+ corr_uid |= data[7] << 24;\r
+ corr_uid |= data[6] << 16;\r
+ corr_uid |= data[5] << 8;\r
+ corr_uid |= data[4];\r
+ }\r
+ tryMfk32(corr_uid, data, key);\r
+ //tryMfk64(corr_uid, data, key);\r
+ PrintAndLog("--");\r
+ }\r
+ }\r
}\r
}\r
- \r
return 0;\r
}\r
\r
\r
len = param_getstr(Cmd,nameParamNo,filename);\r
\r
- if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;\r
+ if (len > FILE_PATH_SIZE - 4) len = FILE_PATH_SIZE - 4;\r
\r
fnameptr += len;\r
\r
\r
len = param_getstr(Cmd,nameParamNo,filename);\r
\r
- if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;\r
+ if (len > FILE_PATH_SIZE - 4) len = FILE_PATH_SIZE - 4;\r
\r
// user supplied filename?\r
if (len < 1) {\r
// get filename (UID from memory)\r
if (mfEmlGetMem(buf, 0, 1)) {\r
PrintAndLog("Can\'t get UID from block: %d", 0);\r
- sprintf(filename, "dump.eml"); \r
+ len = sprintf(fnameptr, "dump");\r
+ fnameptr += len;\r
+ }\r
+ else {\r
+ for (j = 0; j < 7; j++, fnameptr += 2)\r
+ sprintf(fnameptr, "%02X", buf[j]);\r
}\r
- for (j = 0; j < 7; j++, fnameptr += 2)\r
- sprintf(fnameptr, "%02X", buf[j]); \r
} else {\r
- fnameptr += len-4;\r
+ fnameptr += len;\r
}\r
\r
// add file extension\r
return 0;\r
} else {\r
len = strlen(Cmd);\r
- if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;\r
+ if (len > FILE_PATH_SIZE - 4) len = FILE_PATH_SIZE - 4;\r
\r
memcpy(filename, Cmd, len);\r
- fnameptr += len-4;\r
+ fnameptr += len;\r
\r
sprintf(fnameptr, ".eml"); \r
\r
memset(buf, 0, sizeof(buf));\r
\r
if (fgets(buf, sizeof(buf), f) == NULL) {\r
+ fclose(f);\r
PrintAndLog("File reading error.");\r
return 2;\r
}\r
if(strlen(buf) && feof(f))\r
break;\r
PrintAndLog("File content error. Block data must include 32 HEX symbols");\r
+ fclose(f);\r
return 2;\r
}\r
for (i = 0; i < 32; i += 2)\r
return 0;\r
} else {\r
len = strlen(Cmd);\r
- if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;\r
+ if (len > FILE_PATH_SIZE - 4) len = FILE_PATH_SIZE - 4;\r
\r
if (len < 1) {\r
// get filename\r
if (mfCGetBlock(0, buf, CSETBLOCK_SINGLE_OPER)) {\r
PrintAndLog("Cant get block: %d", 0);\r
- return 1;\r
+ len = sprintf(fnameptr, "dump");\r
+ fnameptr += len;\r
+ } else {\r
+ for (j = 0; j < 7; j++, fnameptr += 2)\r
+ sprintf(fnameptr, "%02x", buf[j]); \r
}\r
- for (j = 0; j < 7; j++, fnameptr += 2)\r
- sprintf(fnameptr, "%02x", buf[j]); \r
} else {\r
memcpy(filename, Cmd, len);\r
fnameptr += len;\r