//-----------------------------------------------------------------------------
+// 2011, Merlok
// Copyright (C) 2010 iZsh <izsh at fail0verflow.com>, Hagen Fritsch
//
// This code is licensed to you under the terms of the GNU GPL, version 2 or,
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <conio.h>
#include "util.h"
#include "iso14443crc.h"
#include "data.h"
#include "cmdhf14a.h"
#include "common.h"
#include "cmdmain.h"
+#include "nonce2key/nonce2key.h"
+#include "nonce2key/crapto1.h"
static int CmdHelp(const char *Cmd);
prev = timestamp;
i += (len + 9);
}
- return 0;
+ return 0;
}
void iso14a_set_timeout(uint32_t timeout) {
int CmdHF14AMifare(const char *Cmd)
{
- UsbCommand c = {CMD_READER_MIFARE, {strtol(Cmd, NULL, 0), 0, 0}};
- SendCommand(&c);
- return 0;
+ uint32_t uid = 0;
+ uint32_t nt = 0;
+ uint64_t par_list = 0, ks_list = 0, r_key = 0;
+ uint8_t isOK = 0;
+
+ UsbCommand c = {CMD_READER_MIFARE, {strtol(Cmd, NULL, 0), 0, 0}};
+ SendCommand(&c);
+
+ //flush queue
+ while (kbhit()) getchar();
+ while (WaitForResponseTimeout(CMD_ACK, 500) != NULL) ;
+
+ // message
+ printf("-------------------------------------------------------------------------\n");
+ printf("Executing command. It may take up to 30 min.\n");
+ printf("Press the key on proxmark3 device to abort proxmark3.\n");
+ printf("Press the key on the proxmark3 device to abort both proxmark3 and client.\n");
+ printf("-------------------------------------------------------------------------\n");
+
+ // wait cycle
+ while (true) {
+ printf(".");
+ if (kbhit()) {
+ getchar();
+ printf("\naborted via keyboard!\n");
+ break;
+ }
+
+ UsbCommand * resp = WaitForResponseTimeout(CMD_ACK, 2000);
+ if (resp != NULL) {
+ isOK = resp->arg[0] & 0xff;
+
+ uid = (uint32_t)bytes_to_num(resp->d.asBytes + 0, 4);
+ nt = (uint32_t)bytes_to_num(resp->d.asBytes + 4, 4);
+ par_list = bytes_to_num(resp->d.asBytes + 8, 8);
+ ks_list = bytes_to_num(resp->d.asBytes + 16, 8);
+
+ printf("\n\n");
+ PrintAndLog("isOk:%02x", isOK);
+ if (!isOK) PrintAndLog("Proxmark can't get statistic info. Execution aborted.\n");
+ break;
+ }
+ }
+ printf("\n");
+
+ // error
+ if (isOK != 1) return 1;
+
+ // execute original function from util nonce2key
+ if (nonce2key(uid, nt, par_list, ks_list, &r_key)) return 2;
+ printf("-------------------------------------------------------------------------\n");
+ PrintAndLog("Key found:%012llx \n", r_key);
+
+ return 0;
}
int CmdHF14AMfWrBl(const char *Cmd)
}
PrintAndLog("l: %s", Cmd);
- // skip spaces
+ // skip spaces
while (*cmdp==' ' || *cmdp=='\t') cmdp++;
blockNo = strtol(cmdp, NULL, 0) & 0xff;
int CmdHF14AMfNested(const char *Cmd)
{
- int i, temp;
+ int i, temp, len;
uint8_t sectorNo = 0;
uint8_t keyType = 0;
uint8_t key[6] = {0, 0, 0, 0, 0, 0};
+ uint8_t isEOF;
+ uint8_t * data;
+ uint32_t uid;
+ fnVector * vector = NULL;
+ int lenVector = 0;
+ UsbCommand * resp = NULL;
const char *cmdp = Cmd;
-
if (strlen(Cmd)<3) {
PrintAndLog("Usage: hf 14a nested <sector number> <key A/B> <key (12 hex symbols)>");
PrintAndLog(" sample: hf 14a nested 0 A FFFFFFFFFFFF ");
cmdp++;
}
PrintAndLog(" sector no:%02x key type:%02x key:%s ", sectorNo, keyType, sprint_hex(key, 6));
+
+ // flush queue
+ while (WaitForResponseTimeout(CMD_ACK, 500) != NULL) ;
UsbCommand c = {CMD_MIFARE_NESTED, {sectorNo, keyType, 0}};
memcpy(c.d.asBytes, key, 6);
SendCommand(&c);
- UsbCommand * resp = WaitForResponseTimeout(CMD_ACK, 1500);
- PrintAndLog(" ");
- if (resp != NULL) {
- uint8_t isOK = resp->arg[0] & 0xff;
- uint8_t * data = resp->d.asBytes;
+ PrintAndLog("\n");
+ printf("-------------------------------------------------------------------------\n");
- PrintAndLog("isOk:%02x", isOK);
- for (i = 0; i < 2; i++) {
- PrintAndLog("data:%s", sprint_hex(data + i * 16, 16));
+ // wait cycle
+ while (true) {
+ printf(".");
+ if (kbhit()) {
+ getchar();
+ printf("\naborted via keyboard!\n");
+ break;
+ }
+
+ resp = WaitForResponseTimeout(CMD_ACK, 1500);
+
+ if (resp != NULL) {
+ isEOF = resp->arg[0] & 0xff;
+ data = resp->d.asBytes;
+
+ PrintAndLog("isEOF:%02x", isEOF);
+ for (i = 0; i < 2; i++) {
+ PrintAndLog("data:%s", sprint_hex(data + i * 16, 16));
+ }
+ if (isEOF) break;
+
+ len = resp->arg[1] & 0xff;
+ if (len == 0) continue;
+
+ memcpy(&uid, resp->d.asBytes, 4);
+ PrintAndLog("uid:%08x len=%d trgbl=%d trgkey=%d", uid, len, resp->arg[2] & 0xff, (resp->arg[2] >> 8) & 0xff);
+
+ vector = (fnVector *) realloc((void *)vector, (lenVector + len) * sizeof(fnVector) + 200);
+ if (vector == NULL) {
+ PrintAndLog("Memory allocation error for fnVector. len: %d bytes: %d", lenVector + len, (lenVector + len) * sizeof(fnVector));
+ break;
+ }
+
+ for (i = 0; i < len; i++) {
+ vector[lenVector + i].blockNo = resp->arg[2] & 0xff;
+ vector[lenVector + i].keyType = (resp->arg[2] >> 8) & 0xff;
+ vector[lenVector + i].uid = uid;
+
+ memcpy(&vector[lenVector + i].nt, (void *)(resp->d.asBytes + 8 + i * 8 + 0), 4);
+ memcpy(&vector[lenVector + i].ks1, (void *)(resp->d.asBytes + 8 + i * 8 + 4), 4);
+
+ PrintAndLog("i=%d nt:%08x ks1:%08x", i, vector[lenVector + i].nt, vector[lenVector + i].ks1);
+ }
+
+ lenVector += len;
}
- } else {
- PrintAndLog("Command execute timeout");
}
+
+
+
+ // finalize
+ free(vector);
return 0;
}
{
{"help", CmdHelp, 1, "This help"},
{"list", CmdHF14AList, 0, "List ISO 14443a history"},
- {"mifare", CmdHF14AMifare, 0, "Read out sector 0 parity error messages"},
+ {"mifare", CmdHF14AMifare, 0, "Read out sector 0 parity error messages. param - <used card nonce>"},
{"mfrdbl", CmdHF14AMfRdBl, 0, "Read MIFARE classic block"},
{"mfrdsc", CmdHF14AMfRdSc, 0, "Read MIFARE classic sector"},
{"mfwrbl", CmdHF14AMfWrBl, 0, "Write MIFARE classic block"},