#include "ui.h"\r
#include "mifarehost.h"\r
#include "mifare.h"\r
-#include "nonce2key/nonce2key.h"\r
+#include "mfkey.h"\r
\r
#define NESTED_SECTOR_RETRY 10 // how often we try mfested() until we give up\r
\r
\r
static int CmdHelp(const char *Cmd);\r
\r
+\r
int CmdHF14AMifare(const char *Cmd)\r
{\r
- uint32_t uid = 0;\r
- uint32_t nt = 0, nr = 0;\r
- uint64_t par_list = 0, ks_list = 0, r_key = 0;\r
- int16_t isOK = 0;\r
-\r
- UsbCommand c = {CMD_READER_MIFARE, {true, 0, 0}};\r
-\r
- // message\r
- printf("-------------------------------------------------------------------------\n");\r
- printf("Executing command. Expected execution time: 25sec on average :-)\n");\r
- printf("Press button on the proxmark3 device to abort both proxmark3 and client.\n");\r
- printf("-------------------------------------------------------------------------\n");\r
-\r
- \r
- start:\r
- clearCommandBuffer();\r
- SendCommand(&c);\r
- \r
- //flush queue\r
- while (ukbhit()) {\r
- int c = getchar(); (void) c;\r
- }\r
- \r
- // wait cycle\r
- while (true) {\r
- printf(".");\r
- fflush(stdout);\r
- if (ukbhit()) {\r
- getchar();\r
- printf("\naborted via keyboard!\n");\r
- break;\r
- }\r
- \r
- UsbCommand resp;\r
- if (WaitForResponseTimeout(CMD_ACK, &resp, 1000)) {\r
- isOK = resp.arg[0];\r
- uid = (uint32_t)bytes_to_num(resp.d.asBytes + 0, 4);\r
- nt = (uint32_t)bytes_to_num(resp.d.asBytes + 4, 4);\r
- par_list = bytes_to_num(resp.d.asBytes + 8, 8);\r
- ks_list = bytes_to_num(resp.d.asBytes + 16, 8);\r
- nr = bytes_to_num(resp.d.asBytes + 24, 4);\r
- printf("\n\n");\r
- switch (isOK) {\r
- case -1 : PrintAndLog("Button pressed. Aborted.\n"); break;\r
- case -2 : PrintAndLog("Card is not vulnerable to Darkside attack (doesn't send NACK on authentication requests).\n"); break;\r
- case -3 : PrintAndLog("Card is not vulnerable to Darkside attack (its random number generator is not predictable).\n"); break;\r
- case -4 : PrintAndLog("Card is not vulnerable to Darkside attack (its random number generator seems to be based on the wellknown");\r
- PrintAndLog("generating polynomial with 16 effective bits only, but shows unexpected behaviour.\n"); break;\r
- default: ;\r
- }\r
- break;\r
- }\r
- } \r
+ int isOK = 0;\r
+ uint64_t key = 0;\r
\r
- printf("\n");\r
- \r
- // error\r
- if (isOK != 1) return 1;\r
- \r
- // execute original function from util nonce2key\r
- if (nonce2key(uid, nt, nr, par_list, ks_list, &r_key)) {\r
- isOK = 2;\r
- PrintAndLog("Key not found (lfsr_common_prefix list is null). Nt=%08x", nt); \r
- PrintAndLog("Failing is expected to happen in 25%% of all cases. Trying again with a different reader nonce...");\r
- c.arg[0] = false;\r
- goto start;\r
- } else {\r
- isOK = 0;\r
- printf("------------------------------------------------------------------\n");\r
- PrintAndLog("Found valid key:%012" PRIx64 " \n", r_key);\r
+ isOK = mfDarkside(&key);\r
+ switch (isOK) {\r
+ case -1 : PrintAndLog("Button pressed. Aborted."); return 1;\r
+ case -2 : PrintAndLog("Card is not vulnerable to Darkside attack (doesn't send NACK on authentication requests)."); return 1;\r
+ case -3 : PrintAndLog("Card is not vulnerable to Darkside attack (its random number generator is not predictable)."); return 1;\r
+ case -4 : PrintAndLog("Card is not vulnerable to Darkside attack (its random number generator seems to be based on the wellknown");\r
+ PrintAndLog("generating polynomial with 16 effective bits only, but shows unexpected behaviour."); return 1;\r
+ case -5 : PrintAndLog("Aborted via keyboard."); return 1;\r
+ default : PrintAndLog("Found valid key:%012" PRIx64 "\n", key);\r
}\r
\r
PrintAndLog("");\r
return 0;\r
}\r
\r
+\r
int CmdHF14AMfWrBl(const char *Cmd)\r
{\r
uint8_t blockNo = 0;\r
}\r
}\r
}\r
- } else if (tryMfk32_moebius(ar_resp[i+ATTACK_KEY_COUNT], &key)) {\r
+ } else if (mfkey32_moebius(ar_resp[i+ATTACK_KEY_COUNT], &key)) {\r
uint8_t sectorNum = ar_resp[i+ATTACK_KEY_COUNT].sector;\r
uint8_t keyType = ar_resp[i+ATTACK_KEY_COUNT].keytype;\r
\r