]> git.zerfleddert.de Git - proxmark3-svn/blobdiff - client/cmdhfmfu.c
projects / proxmark3-svn / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
ADD: `analyse nuid` - generates NUID 4byte from a UID 7byte. Mifare Classic Ev1...
[proxmark3-svn] / client / cmdhfmfu.c
diff --git a/client/cmdhfmfu.c b/client/cmdhfmfu.c
index cc2e05d6b45c303790e8bef4ca619aa746bd74a9..428b06273f04cc2770379c9063b6939127d9f919 100644 (file)
--- a/client/cmdhfmfu.c
+++ b/client/cmdhfmfu.c
@@ -119,6 +119,19 @@ uint32_t ul_ev1_pwdgenC(uint8_t* uid){
        return BSWAP_32(pwd);
 }
 
+// pack generation for algo 1-3
+uint16_t ul_ev1_packgenA(uint8_t* uid){
+       uint16_t pack = (uid[0] ^ uid[1] ^ uid[2]) << 8 | (uid[2] ^ 8);
+       return pack;
+}
+uint16_t ul_ev1_packgenB(uint8_t* uid){
+       return 0x8080;
+}
+uint16_t ul_ev1_packgenC(uint8_t* uid){
+       return 0xaa55;
+}
+
+
 void ul_ev1_pwdgen_selftest(){
        
        uint8_t uid1[] = {0x04,0x11,0x12,0x11,0x12,0x11,0x10};
@@ -472,10 +485,10 @@ int ul_print_type(uint32_t tagtype, uint8_t spaces){
 }
 
 static int ulc_print_3deskey( uint8_t *data){
-       PrintAndLog("         deskey1 [44/0x2C] : %s [%.4s]", sprint_hex(data   ,4),data);
-       PrintAndLog("         deskey1 [45/0x2D] : %s [%.4s]", sprint_hex(data+4 ,4),data+4);
-       PrintAndLog("         deskey2 [46/0x2E] : %s [%.4s]", sprint_hex(data+8 ,4),data+8);
-       PrintAndLog("         deskey2 [47/0x2F] : %s [%.4s]", sprint_hex(data+12,4),data+12);
+       PrintAndLog("         deskey1 [44/0x2C] : %s [s]", sprint_hex(data   ,4), sprint_ascii(data,4) );
+       PrintAndLog("         deskey1 [45/0x2D] : %s [s]", sprint_hex(data+4 ,4), sprint_ascii(data+4,4));
+       PrintAndLog("         deskey2 [46/0x2E] : %s [s]", sprint_hex(data+8 ,4), sprint_ascii(data+8,4));
+       PrintAndLog("         deskey2 [47/0x2F] : %s [s]", sprint_hex(data+12,4), sprint_ascii(data+12,4));
        PrintAndLog("\n 3des key : %s", sprint_hex(SwapEndian64(data, 16, 8), 16));
        return 0;
 }
@@ -633,7 +646,7 @@ uint32_t GetHF14AMfU_Type(void){
 
        // Ultralight - ATQA / SAK 
        if ( card.atqa[1] != 0x00 || card.atqa[0] != 0x44 || card.sak != 0x00 ) {
-               PrintAndLog("Tag is not Ultralight | NTAG | MY-D  [ATQA: %02X %02X SAK: %02X]\n", card.atqa[1], card.atqa[0], card.sak);
+               //PrintAndLog("Tag is not Ultralight | NTAG | MY-D  [ATQA: %02X %02X SAK: %02X]\n", card.atqa[1], card.atqa[0], card.sak);
                ul_switch_off_field();
                return UL_ERROR;
        }
@@ -1200,7 +1213,7 @@ int CmdHF14AMfURdBl(const char *Cmd){
                        uint8_t *data = resp.d.asBytes;
                        PrintAndLog("\nBlock#  | Data        | Ascii");
                        PrintAndLog("-----------------------------");
-                       PrintAndLog("%02d/0x%02X | %s| %.4s\n", blockNo, blockNo, sprint_hex(data, 4), data);
+                       PrintAndLog("%02d/0x%02X | %s| %s\n", blockNo, blockNo, sprint_hex(data, 4), sprint_ascii(data,4));
                }
                else {
                        PrintAndLog("Failed reading block: (%02x)", isOK);
@@ -1347,6 +1360,14 @@ int  usage_hf_mfu_gendiverse(void){
        return 0;
 }
 
+int  usage_hf_mfu_pwdgen(void){
+       PrintAndLog("Usage:  hf mfu pwdgen <uid (14 hex symbols)>");
+       PrintAndLog("");
+       PrintAndLog("sample: hf mfu pwdgen 11223344556677");
+       PrintAndLog("");
+       return 0;
+}
+
 #define DUMP_PREFIX_LENGTH 48 
 //
 //  Mifare Ultralight / Ultralight-C / Ultralight-EV1
@@ -1575,25 +1596,25 @@ int CmdHF14AMfUDump(const char *Cmd){
        PrintAndLog("\n*Special* block data:");
        PrintAndLog("\nDataType| Data        |   | Ascii");
        PrintAndLog("---------------------------------");
-       PrintAndLog("GetVer-1| %s|   | %.4s", sprint_hex(dump_file_data, 4), dump_file_data);
-       PrintAndLog("GetVer-2| %s|   | %.4s", sprint_hex(dump_file_data+4, 4), dump_file_data+4);
+       PrintAndLog("GetVer-1| %s|   | %s", sprint_hex(dump_file_data, 4), sprint_ascii(dump_file_data, 4));
+       PrintAndLog("GetVer-2| %s|   | %s", sprint_hex(dump_file_data+4, 4), sprint_ascii(dump_file_data+4,4));
        PrintAndLog("TBD     | 00 00       |   | ");
-       PrintAndLog("Tearing |    %s|   | %.3s", sprint_hex(dump_file_data+10, 3), dump_file_data+10);
-       PrintAndLog("Pack    |    %s   |   | %.2s", sprint_hex(dump_file_data+13, 2), dump_file_data+13);
+       PrintAndLog("Tearing |    %s|   | %s", sprint_hex(dump_file_data+10, 3), sprint_ascii(dump_file_data+10,3) );
+       PrintAndLog("Pack    |    %s   |   | %s", sprint_hex(dump_file_data+13, 2), sprint_ascii(dump_file_data+13,2) );
        PrintAndLog("TBD     |          00 |   | ");
-       PrintAndLog("Sig-1   | %s|   | %.4s", sprint_hex(dump_file_data+16, 4), dump_file_data+16);
-       PrintAndLog("Sig-2   | %s|   | %.4s", sprint_hex(dump_file_data+20, 4), dump_file_data+20);
-       PrintAndLog("Sig-3   | %s|   | %.4s", sprint_hex(dump_file_data+24, 4), dump_file_data+24);
-       PrintAndLog("Sig-4   | %s|   | %.4s", sprint_hex(dump_file_data+28, 4), dump_file_data+28);
-       PrintAndLog("Sig-5   | %s|   | %.4s", sprint_hex(dump_file_data+32, 4), dump_file_data+32);
-       PrintAndLog("Sig-6   | %s|   | %.4s", sprint_hex(dump_file_data+36, 4), dump_file_data+36);
-       PrintAndLog("Sig-7   | %s|   | %.4s", sprint_hex(dump_file_data+40, 4), dump_file_data+40);
-       PrintAndLog("Sig-8   | %s|   | %.4s", sprint_hex(dump_file_data+44, 4), dump_file_data+44);
+       PrintAndLog("Sig-1   | %s|   | %s", sprint_hex(dump_file_data+16, 4), sprint_ascii(dump_file_data+16,4));
+       PrintAndLog("Sig-2   | %s|   | %s", sprint_hex(dump_file_data+20, 4), sprint_ascii(dump_file_data+20,4));
+       PrintAndLog("Sig-3   | %s|   | %s", sprint_hex(dump_file_data+24, 4), sprint_ascii(dump_file_data+24,4));
+       PrintAndLog("Sig-4   | %s|   | %s", sprint_hex(dump_file_data+28, 4), sprint_ascii(dump_file_data+28,4));
+       PrintAndLog("Sig-5   | %s|   | %s", sprint_hex(dump_file_data+32, 4), sprint_ascii(dump_file_data+32,4));
+       PrintAndLog("Sig-6   | %s|   | %s", sprint_hex(dump_file_data+36, 4), sprint_ascii(dump_file_data+36,4));
+       PrintAndLog("Sig-7   | %s|   | %s", sprint_hex(dump_file_data+40, 4), sprint_ascii(dump_file_data+40,4));
+       PrintAndLog("Sig-8   | %s|   | %s", sprint_hex(dump_file_data+44, 4), sprint_ascii(dump_file_data+44,4));
        PrintAndLog("\nBlock#  | Data        |lck| Ascii");
        PrintAndLog("---------------------------------");
        for (i = 0; i < Pages; ++i) {
                if ( i < 3 ) {
-                       PrintAndLog("%02d/0x%02X | %s|   | ", i+startPage, i+startPage, sprint_hex(data + i * 4, 4));
+                       PrintAndLog("%02d/0x%02X | %s|   | %s", i+startPage, i+startPage, sprint_hex(data + i * 4, 4), sprint_ascii(data + i * 4,4) );
                        continue;
                }
                switch(i){
@@ -1640,7 +1661,7 @@ int CmdHF14AMfUDump(const char *Cmd){
                        case 43: tmplockbit = bit2[9]; break;  //auth1
                        default: break;
                }
-               PrintAndLog("%02d/0x%02X | %s| %d | %.4s", i+startPage, i+startPage, sprint_hex(data + i * 4, 4), tmplockbit, data+i*4);
+               PrintAndLog("%02d/0x%02X | %s| %d | %s", i+startPage, i+startPage, sprint_hex(data + i * 4, 4), tmplockbit, sprint_ascii(data + i * 4,4));
        }
        PrintAndLog("---------------------------------");
 
@@ -1658,8 +1679,10 @@ int CmdHF14AMfUDump(const char *Cmd){
                return 1;
        }
        fwrite( dump_file_data, 1, Pages*4 + DUMP_PREFIX_LENGTH, fout );
-       fclose(fout);
-       
+       if (fout) {
+               fclose(fout);
+               fout = NULL;
+       }
        PrintAndLog("Dumped %d pages, wrote %d bytes to %s", Pages+(DUMP_PREFIX_LENGTH/4), Pages*4 + DUMP_PREFIX_LENGTH, filename);
        return 0;
 }
@@ -2004,6 +2027,20 @@ int CmdHF14AMfUSim(const char *Cmd) {
        return CmdHF14ASim(Cmd);
 }
 
+int CmdHF14AMfuPwdGen(const char *Cmd){
+       uint8_t uid[7] = {0x00};        
+       char cmdp = param_getchar(Cmd, 0);
+       if (strlen(Cmd) == 0  || cmdp == 'h' || cmdp == 'H') return usage_hf_mfu_pwdgen();
+
+       if (param_gethex(Cmd, 0, uid, 14)) return usage_hf_mfu_pwdgen();
+       
+       PrintAndLog(" algo | pwd      | pack");
+       PrintAndLog("------+----------+-----");
+       PrintAndLog(" EV1  | %08X | %04X", ul_ev1_pwdgenA(uid), ul_ev1_packgenA(uid));
+       PrintAndLog(" Ami  | %08X | %04X", ul_ev1_pwdgenB(uid), ul_ev1_packgenB(uid));
+       PrintAndLog(" LD   | %08X | %04X", ul_ev1_pwdgenC(uid), ul_ev1_packgenC(uid));
+       return 0;
+}
 //------------------------------------
 // Menu Stuff
 //------------------------------------
@@ -2021,6 +2058,7 @@ static command_t CommandTable[] =
        {"setuid",      CmdHF14AMfucSetUid, 0, "Set UID - MAGIC tags only"},
        {"sim",         CmdHF14AMfUSim,     0, "Simulate Ultralight from emulator memory"},             
        {"gen",         CmdHF14AMfuGenDiverseKeys , 1, "Generate 3des mifare diversified keys"},
+       {"pwdgen",      CmdHF14AMfuPwdGen, 1, "Generate pwd from known algos"},
        {NULL, NULL, 0, NULL}
 };
 
Proxmark3 GIT tracking
Impressum, Datenschutz