X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/56d0fb8e4d4f4a963928de36a12c519a09673bd1..0b53530a100fb2fdcee2e292423e2dc7f501e026:/client/cmdhfmfhard.c?ds=sidebyside diff --git a/client/cmdhfmfhard.c b/client/cmdhfmfhard.c index acdea715..dcf454c5 100644 --- a/client/cmdhfmfhard.c +++ b/client/cmdhfmfhard.c @@ -1,6 +1,7 @@ //----------------------------------------------------------------------------- // Copyright (C) 2015 piwi // fiddled with 2016 Azcid (hardnested bitsliced Bruteforce imp) +// fiddled with 2016 Matrix ( sub testing of nonces while collecting ) // This code is licensed to you under the terms of the GNU GPL, version 2 or, // at your option, any later version. See the LICENSE.txt file for the text of // the license. @@ -13,31 +14,12 @@ // Mifare Classic Cards" in Proceedings of the 22nd ACM SIGSAC Conference on // Computer and Communications Security, 2015 //----------------------------------------------------------------------------- - -#include -#include -#include -#include -#include -#include -#include "proxmark3.h" -#include "cmdmain.h" -#include "ui.h" -#include "util.h" -#include "nonce2key/crapto1.h" -#include "nonce2key/crypto1_bs.h" -#include "parity.h" -#ifdef __WIN32 - #include -#endif -// don't include for APPLE/mac which has malloc stuff elsewhere. -#ifndef __APPLE__ - #include -#endif -#include +#include "cmdhfmfhard.h" #define CONFIDENCE_THRESHOLD 0.95 // Collect nonces until we are certain enough that the following brute force is successfull -#define GOOD_BYTES_REQUIRED 13 // default 28, could be smaller == faster +#define GOOD_BYTES_REQUIRED 13 // default 28, could be smaller == faster +#define NONCES_THRESHOLD 5000 // every N nonces check if we can crack the key +#define CRACKING_THRESHOLD 38.00f // as 2^38 #define END_OF_LIST_MARKER 0xFFFFFFFF @@ -132,6 +114,11 @@ static partial_indexed_statelist_t partial_statelist[17]; static partial_indexed_statelist_t statelist_bitflip; static statelist_t *candidates = NULL; +bool field_off = false; + +static bool generate_candidates(uint16_t, uint16_t); +static bool brute_force(void); + static int add_nonce(uint32_t nonce_enc, uint8_t par_enc) { uint8_t first_byte = nonce_enc >> 24; @@ -297,13 +284,14 @@ static float sum_probability(uint16_t K, uint16_t n, uint16_t k) double p_T_is_k = 0; for (uint16_t i = 0; i <= 256; i++) { if (p_K[i] != 0.0) { - p_T_is_k += p_K[i] * p_hypergeometric(N, i, n, k); + double tmp = p_hypergeometric(N, i, n, k); + if (tmp != 0.0) + p_T_is_k += p_K[i] * tmp; } } return(p_T_is_k_when_S_is_K * p_S_is_K / p_T_is_k); } - static inline uint_fast8_t common_bits(uint_fast8_t bytes_diff) { static const uint_fast8_t common_bits_LUT[256] = { @@ -505,7 +493,7 @@ static void sort_best_first_bytes(void) } } best_first_bytes[j] = i; - } + } // determine how many are above the CONFIDENCE_THRESHOLD uint16_t num_good_nonces = 0; @@ -568,9 +556,11 @@ static void sort_best_first_bytes(void) } // swap best possible first byte to the pole position + if (best_first_byte != 0) { uint16_t temp = best_first_bytes[0]; best_first_bytes[0] = best_first_bytes[best_first_byte]; best_first_bytes[best_first_byte] = temp; + } } @@ -732,7 +722,7 @@ static void simulate_acquire_nonces() if (total_num_nonces > next_fivehundred) { next_fivehundred = (total_num_nonces/500+1) * 500; printf("Acquired %5d nonces (%5d with distinct bytes 0 and 1). Number of bytes with probability for correctly guessed Sum(a8) > %1.1f%%: %d\n", - total_num_nonces, + total_num_nonces, total_added_nonces, CONFIDENCE_THRESHOLD * 100.0, num_good_first_bytes); @@ -756,7 +746,6 @@ static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_ { clock_t time1 = clock(); bool initialize = true; - bool field_off = false; bool finished = false; bool filter_flip_checked = false; uint32_t flags = 0; @@ -764,31 +753,37 @@ static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_ uint32_t total_num_nonces = 0; uint32_t next_fivehundred = 500; uint32_t total_added_nonces = 0; + uint32_t idx = 1; FILE *fnonces = NULL; UsbCommand resp; - - printf("Acquiring nonces...\n"); + field_off = false; + UsbCommand c = {CMD_MIFARE_ACQUIRE_ENCRYPTED_NONCES, {blockNo + keyType * 0x100, trgBlockNo + trgKeyType * 0x100, 0}}; + memcpy(c.d.asBytes, key, 6); - clearCommandBuffer(); - + printf("Acquiring nonces...\n"); do { flags = 0; flags |= initialize ? 0x0001 : 0; flags |= slow ? 0x0002 : 0; flags |= field_off ? 0x0004 : 0; - UsbCommand c = {CMD_MIFARE_ACQUIRE_ENCRYPTED_NONCES, {blockNo + keyType * 0x100, trgBlockNo + trgKeyType * 0x100, flags}}; - memcpy(c.d.asBytes, key, 6); - + c.arg[2] = flags; + clearCommandBuffer(); SendCommand(&c); - if (field_off) finished = true; - - if (initialize) { - if (!WaitForResponseTimeout(CMD_ACK, &resp, 3000)) return 1; - if (resp.arg[0]) return resp.arg[0]; // error during nested_hard + if (field_off) break; + if (!WaitForResponseTimeout(CMD_ACK, &resp, 3000)) { + if (fnonces) fclose(fnonces); + return 1; + } + if (resp.arg[0]) { + if (fnonces) fclose(fnonces); + return resp.arg[0]; // error during nested_hard + } + + if (initialize) { + // global var CUID cuid = resp.arg[1]; - // PrintAndLog("Acquiring nonces for CUID 0x%08x", cuid); if (nonce_file_write && fnonces == NULL) { if ((fnonces = fopen("nonces.bin","wb")) == NULL) { PrintAndLog("Could not create file nonces.bin"); @@ -799,73 +794,65 @@ static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_ fwrite(write_buf, 1, 4, fnonces); fwrite(&trgBlockNo, 1, 1, fnonces); fwrite(&trgKeyType, 1, 1, fnonces); + fflush(fnonces); } + initialize = false; } - - if (!initialize) { - uint32_t nt_enc1, nt_enc2; - uint8_t par_enc; - uint16_t num_acquired_nonces = resp.arg[2]; - uint8_t *bufp = resp.d.asBytes; - for (uint16_t i = 0; i < num_acquired_nonces; i+=2) { - nt_enc1 = bytes_to_num(bufp, 4); - nt_enc2 = bytes_to_num(bufp+4, 4); - par_enc = bytes_to_num(bufp+8, 1); - - //printf("Encrypted nonce: %08x, encrypted_parity: %02x\n", nt_enc1, par_enc >> 4); - total_added_nonces += add_nonce(nt_enc1, par_enc >> 4); - //printf("Encrypted nonce: %08x, encrypted_parity: %02x\n", nt_enc2, par_enc & 0x0f); - total_added_nonces += add_nonce(nt_enc2, par_enc & 0x0f); - - if (nonce_file_write) { - fwrite(bufp, 1, 9, fnonces); - } - - bufp += 9; + + uint32_t nt_enc1, nt_enc2; + uint8_t par_enc; + uint16_t num_acquired_nonces = resp.arg[2]; + uint8_t *bufp = resp.d.asBytes; + for (uint16_t i = 0; i < num_acquired_nonces; i+=2) { + nt_enc1 = bytes_to_num(bufp, 4); + nt_enc2 = bytes_to_num(bufp+4, 4); + par_enc = bytes_to_num(bufp+8, 1); + + //printf("Encrypted nonce: %08x, encrypted_parity: %02x\n", nt_enc1, par_enc >> 4); + total_added_nonces += add_nonce(nt_enc1, par_enc >> 4); + //printf("Encrypted nonce: %08x, encrypted_parity: %02x\n", nt_enc2, par_enc & 0x0f); + total_added_nonces += add_nonce(nt_enc2, par_enc & 0x0f); + + if (nonce_file_write && fnonces) { + fwrite(bufp, 1, 9, fnonces); + fflush(fnonces); } - - total_num_nonces += num_acquired_nonces; + bufp += 9; } - - if (first_byte_num == 256 ) { - // printf("first_byte_num = %d, first_byte_Sum = %d\n", first_byte_num, first_byte_Sum); + total_num_nonces += num_acquired_nonces; + + if (first_byte_num == 256) { + if (!filter_flip_checked) { Check_for_FilterFlipProperties(); filter_flip_checked = true; } + num_good_first_bytes = estimate_second_byte_sum(); + if (total_num_nonces > next_fivehundred) { next_fivehundred = (total_num_nonces/500+1) * 500; - printf("Acquired %5d nonces (%5d with distinct bytes 0 and 1). Number of bytes with probability for correctly guessed Sum(a8) > %1.1f%%: %d\n", - total_num_nonces, + printf("Acquired %5d nonces (%5d/%5d with distinct bytes 0,1). #bytes with probability for correctly guessed Sum(a8) > %1.1f%%: %d\n", + total_num_nonces, total_added_nonces, + NONCES_THRESHOLD * idx, CONFIDENCE_THRESHOLD * 100.0, num_good_first_bytes); } - if (num_good_first_bytes >= GOOD_BYTES_REQUIRED) { - field_off = true; // switch off field with next SendCommand and then finish - } - } - if (!initialize) { - if (!WaitForResponseTimeout(CMD_ACK, &resp, 3000)) { - fclose(fnonces); - return 1; - } - if (resp.arg[0]) { - fclose(fnonces); - return resp.arg[0]; // error during nested_hard + if (total_added_nonces >= (NONCES_THRESHOLD * idx) && num_good_first_bytes > 0 ) { + bool cracking = generate_candidates(first_byte_Sum, nonces[best_first_bytes[0]].Sum8_guess); + if (cracking || known_target_key != -1) { + field_off = brute_force(); // switch off field with next SendCommand and then finish + } + idx++; } } - initialize = false; - } while (!finished); - - if (nonce_file_write) { + if (nonce_file_write && fnonces) fclose(fnonces); - } time1 = clock() - time1; if ( time1 > 0 ) { @@ -881,7 +868,8 @@ static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_ static int init_partial_statelists(void) { const uint32_t sizes_odd[17] = { 126757, 0, 18387, 0, 74241, 0, 181737, 0, 248801, 0, 182033, 0, 73421, 0, 17607, 0, 125601 }; - const uint32_t sizes_even[17] = { 125723, 0, 17867, 0, 74305, 0, 178707, 0, 248801, 0, 185063, 0, 73356, 0, 18127, 0, 126634 }; +// const uint32_t sizes_even[17] = { 125723, 0, 17867, 0, 74305, 0, 178707, 0, 248801, 0, 185063, 0, 73356, 0, 18127, 0, 126634 }; + const uint32_t sizes_even[17] = { 125723, 0, 17867, 0, 74305, 0, 178707, 0, 248801, 0, 185063, 0, 73357, 0, 18127, 0, 126635 }; printf("Allocating memory for partial statelists...\n"); for (odd_even_t odd_even = EVEN_STATE; odd_even <= ODD_STATE; odd_even++) { @@ -1215,7 +1203,7 @@ static statelist_t *add_more_candidates(statelist_t *current_candidates) return new_candidates; } -static void TestIfKeyExists(uint64_t key) +static bool TestIfKeyExists(uint64_t key) { struct Crypto1State *pcs; pcs = crypto1_create(key); @@ -1224,7 +1212,7 @@ static void TestIfKeyExists(uint64_t key) uint32_t state_odd = pcs->odd & 0x00ffffff; uint32_t state_even = pcs->even & 0x00ffffff; //printf("Tests: searching for key %llx after first byte 0x%02x (state_odd = 0x%06x, state_even = 0x%06x) ...\n", key, best_first_bytes[0], state_odd, state_even); - + printf("Validating keysearch space\n"); uint64_t count = 0; for (statelist_t *p = candidates; p != NULL; p = p->next) { bool found_odd = false; @@ -1246,7 +1234,7 @@ static void TestIfKeyExists(uint64_t key) } count += (p_odd - p->states[ODD_STATE]) * (p_even - p->states[EVEN_STATE]); if (found_odd && found_even) { - PrintAndLog("Key Found after testing %lld (2^%1.1f) out of %lld (2^%1.1f) keys. ", + PrintAndLog("Key Found after testing %llu (2^%1.1f) out of %lld (2^%1.1f) keys.", count, log(count)/log(2), maximum_states, @@ -1256,7 +1244,7 @@ static void TestIfKeyExists(uint64_t key) fprintf(fstats, "1\n"); } crypto1_destroy(pcs); - return; + return true; } } @@ -1265,9 +1253,11 @@ static void TestIfKeyExists(uint64_t key) fprintf(fstats, "0\n"); } crypto1_destroy(pcs); + + return false; } -static void generate_candidates(uint16_t sum_a0, uint16_t sum_a8) +static bool generate_candidates(uint16_t sum_a0, uint16_t sum_a8) { printf("Generating crypto1 state candidates... \n"); @@ -1281,26 +1271,30 @@ static void generate_candidates(uint16_t sum_a0, uint16_t sum_a8) } } } - printf("Number of possible keys with Sum(a0) = %d: %"PRIu64" (2^%1.1f)\n", sum_a0, maximum_states, log(maximum_states)/log(2.0)); + + if (maximum_states == 0) return false; // prevent keyspace reduction error (2^-inf) + + printf("Number of possible keys with Sum(a0) = %d: %"PRIu64" (2^%1.1f)\n", sum_a0, maximum_states, log(maximum_states)/log(2)); init_statelist_cache(); for (uint16_t p = 0; p <= 16; p += 2) { for (uint16_t q = 0; q <= 16; q += 2) { if (p*(16-q) + (16-p)*q == sum_a0) { - printf("Reducing Partial Statelists (p,q) = (%d,%d) with lengths %d, %d\n", - p, q, partial_statelist[p].len[ODD_STATE], partial_statelist[q].len[EVEN_STATE]); + // printf("Reducing Partial Statelists (p,q) = (%d,%d) with lengths %d, %d\n", + // p, q, partial_statelist[p].len[ODD_STATE], partial_statelist[q].len[EVEN_STATE]); for (uint16_t r = 0; r <= 16; r += 2) { for (uint16_t s = 0; s <= 16; s += 2) { if (r*(16-s) + (16-r)*s == sum_a8) { current_candidates = add_more_candidates(current_candidates); + if (current_candidates) { // check for the smallest partial statelist. Try this first - it might give 0 candidates // and eliminate the need to calculate the other part if (MIN(partial_statelist[p].len[ODD_STATE], partial_statelist[r].len[ODD_STATE]) < MIN(partial_statelist[q].len[EVEN_STATE], partial_statelist[s].len[EVEN_STATE])) { - add_matching_states(current_candidates, p, r, ODD_STATE); + add_matching_states(current_candidates, p, r, ODD_STATE); if(current_candidates->len[ODD_STATE]) { - add_matching_states(current_candidates, q, s, EVEN_STATE); + add_matching_states(current_candidates, q, s, EVEN_STATE); } else { current_candidates->len[EVEN_STATE] = 0; uint32_t *p = current_candidates->states[EVEN_STATE] = malloc(sizeof(uint32_t)); @@ -1324,20 +1318,28 @@ static void generate_candidates(uint16_t sum_a0, uint16_t sum_a8) } } } + } - maximum_states = 0; - for (statelist_t *sl = candidates; sl != NULL; sl = sl->next) { + unsigned int n = 0; + for (statelist_t *sl = candidates; sl != NULL && n < 128; sl = sl->next, n++) { maximum_states += (uint64_t)sl->len[ODD_STATE] * sl->len[EVEN_STATE]; } - printf("Number of remaining possible keys: %"PRIu64" (2^%1.1f)\n", maximum_states, log(maximum_states)/log(2.0)); + + if (maximum_states == 0) return false; // prevent keyspace reduction error (2^-inf) + + float kcalc = log(maximum_states)/log(2); + printf("Number of remaining possible keys: %"PRIu64" (2^%1.1f)\n", maximum_states, kcalc); if (write_stats) { if (maximum_states != 0) { - fprintf(fstats, "%1.1f;", log(maximum_states)/log(2.0)); + fprintf(fstats, "%1.1f;", kcalc); } else { fprintf(fstats, "%1.1f;", 0.0); } } + if (kcalc < CRACKING_THRESHOLD) return true; + + return false; } static void free_candidates_memory(statelist_t *sl) @@ -1361,10 +1363,11 @@ static void free_statelist_cache(void) } } +#define MAX_BUCKETS 128 uint64_t foundkey = 0; size_t keys_found = 0; size_t bucket_count = 0; -statelist_t* buckets[128]; +statelist_t* buckets[MAX_BUCKETS]; size_t total_states_tested = 0; size_t thread_count = 4; @@ -1474,7 +1477,7 @@ static const uint64_t crack_states_bitsliced(statelist_t *p){ const bitslice_value_t odd_feedback = odd_feedback_bit ? bs_ones.value : bs_zeroes.value; for(size_t block_idx = 0; block_idx < bitsliced_blocks; ++block_idx){ - const bitslice_t const * restrict bitsliced_even_state = bitsliced_even_states[block_idx]; + const bitslice_t * const restrict bitsliced_even_state = bitsliced_even_states[block_idx]; size_t state_idx; // set even bits for(state_idx = 0; state_idx < STATE_SIZE-ROLLBACK_SIZE; state_idx+=2){ @@ -1630,73 +1633,75 @@ static void* crack_states_thread(void* x){ return NULL; } -static void brute_force(void) -{ +static bool brute_force(void) { + if (maximum_states == 0) return false; // prevent keyspace reduction error (2^-inf) + + bool ret = false; if (known_target_key != -1) { PrintAndLog("Looking for known target key in remaining key space..."); - TestIfKeyExists(known_target_key); + ret = TestIfKeyExists(known_target_key); } else { - PrintAndLog("Brute force phase starting."); - time_t start, end; - time(&start); - keys_found = 0; + PrintAndLog("Brute force phase starting."); + + clock_t time1 = clock(); + keys_found = 0; foundkey = 0; - - crypto1_bs_init(); - PrintAndLog("Using %u-bit bitslices", MAX_BITSLICES); - PrintAndLog("Bitslicing best_first_byte^uid[3] (rollback byte): %02x...", best_first_bytes[0]^(cuid>>24)); - // convert to 32 bit little-endian + crypto1_bs_init(); + + PrintAndLog("Using %u-bit bitslices", MAX_BITSLICES); + PrintAndLog("Bitslicing best_first_byte^uid[3] (rollback byte): %02X ...", best_first_bytes[0]^(cuid>>24)); + // convert to 32 bit little-endian crypto1_bs_bitslice_value32((best_first_bytes[0]<<24)^cuid, bitsliced_rollback_byte, 8); - - PrintAndLog("Bitslicing nonces..."); - for(size_t tests = 0; tests < NONCE_TESTS; tests++){ - uint32_t test_nonce = brute_force_nonces[tests]->nonce_enc; - uint8_t test_parity = brute_force_nonces[tests]->par_enc; - // pre-xor the uid into the decrypted nonces, and also pre-xor the cuid parity into the encrypted parity bits - otherwise an exta xor is required in the decryption routine - crypto1_bs_bitslice_value32(cuid^test_nonce, bitsliced_encrypted_nonces[tests], 32); - // convert to 32 bit little-endian - crypto1_bs_bitslice_value32(rev32( ~(test_parity ^ ~(parity(cuid>>24 & 0xff)<<3 | parity(cuid>>16 & 0xff)<<2 | parity(cuid>>8 & 0xff)<<1 | parity(cuid&0xff)))), bitsliced_encrypted_parity_bits[tests], 4); + + PrintAndLog("Bitslicing nonces..."); + for(size_t tests = 0; tests < NONCE_TESTS; tests++){ + uint32_t test_nonce = brute_force_nonces[tests]->nonce_enc; + uint8_t test_parity = brute_force_nonces[tests]->par_enc; + // pre-xor the uid into the decrypted nonces, and also pre-xor the cuid parity into the encrypted parity bits - otherwise an exta xor is required in the decryption routine + crypto1_bs_bitslice_value32(cuid^test_nonce, bitsliced_encrypted_nonces[tests], 32); + // convert to 32 bit little-endian + crypto1_bs_bitslice_value32(rev32( ~(test_parity ^ ~(parity(cuid>>24 & 0xff)<<3 | parity(cuid>>16 & 0xff)<<2 | parity(cuid>>8 & 0xff)<<1 | parity(cuid&0xff)))), bitsliced_encrypted_parity_bits[tests], 4); } - total_states_tested = 0; + total_states_tested = 0; - // count number of states to go - bucket_count = 0; - for (statelist_t *p = candidates; p != NULL; p = p->next) { - buckets[bucket_count] = p; - bucket_count++; - } + // count number of states to go + bucket_count = 0; + for (statelist_t *p = candidates; p != NULL && bucket_count < MAX_BUCKETS; p = p->next) { + buckets[bucket_count] = p; + bucket_count++; + } + buckets[bucket_count] = NULL; #ifndef __WIN32 - thread_count = sysconf(_SC_NPROCESSORS_CONF); + thread_count = sysconf(_SC_NPROCESSORS_CONF); if ( thread_count < 1) thread_count = 1; #endif /* _WIN32 */ - pthread_t threads[thread_count]; - - // enumerate states using all hardware threads, each thread handles one bucket - PrintAndLog("Starting %u cracking threads to search %u buckets containing a total of %"PRIu64" states...", thread_count, bucket_count, maximum_states); - - for(size_t i = 0; i < thread_count; i++){ - pthread_create(&threads[i], NULL, crack_states_thread, (void*) i); - } - for(size_t i = 0; i < thread_count; i++){ - pthread_join(threads[i], 0); - } + pthread_t threads[thread_count]; - time(&end); - double elapsed_time = difftime(end, start); + // enumerate states using all hardware threads, each thread handles one bucket + PrintAndLog("Starting %u cracking threads to search %u buckets containing a total of %"PRIu64" states...", thread_count, bucket_count, maximum_states); - if(keys_found){ - PrintAndLog("Success! Tested %"PRIu32" states, found %u keys after %.f seconds", total_states_tested, keys_found, elapsed_time); - PrintAndLog("\nFound key: %012"PRIx64"\n", foundkey); - } else { - PrintAndLog("Fail! Tested %"PRIu32" states, in %.f seconds", total_states_tested, elapsed_time); + for(size_t i = 0; i < thread_count; i++){ + pthread_create(&threads[i], NULL, crack_states_thread, (void*) i); } - // reset this counter for the next call - nonces_to_bruteforce = 0; + for(size_t i = 0; i < thread_count; i++){ + pthread_join(threads[i], 0); + } + + time1 = clock() - time1; + PrintAndLog("\nTime for bruteforce %0.1f seconds.",((float)time1)/CLOCKS_PER_SEC); + + if (keys_found && TestIfKeyExists(foundkey)) { + PrintAndLog("\nFound key: %012"PRIx64"\n", foundkey); + ret = true; + } + // reset this counter for the next call + nonces_to_bruteforce = 0; } + return ret; } int mfnestedhard(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBlockNo, uint8_t trgKeyType, uint8_t *trgkey, bool nonce_file_read, bool nonce_file_write, bool slow, int tests) @@ -1737,15 +1742,28 @@ int mfnestedhard(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBloc candidates = NULL; } fclose(fstats); + fstats = NULL; } else { init_nonce_memory(); - if (nonce_file_read) { // use pre-acquired data from file nonces.bin + if (nonce_file_read) { // use pre-acquired data from file nonces.bin if (read_nonce_file() != 0) { return 3; } Check_for_FilterFlipProperties(); num_good_first_bytes = MIN(estimate_second_byte_sum(), GOOD_BYTES_REQUIRED); - } else { // acquire nonces. + PrintAndLog("Number of first bytes with confidence > %2.1f%%: %d", CONFIDENCE_THRESHOLD*100.0, num_good_first_bytes); + + clock_t time1 = clock(); + bool cracking = generate_candidates(first_byte_Sum, nonces[best_first_bytes[0]].Sum8_guess); + time1 = clock() - time1; + if (time1 > 0) + PrintAndLog("Time for generating key candidates list: %1.0f seconds", ((float)time1)/CLOCKS_PER_SEC); + + if (cracking || known_target_key != -1) { + brute_force(); + } + + } else { // acquire nonces. uint16_t is_OK = acquire_nonces(blockNo, keyType, key, trgBlockNo, trgKeyType, nonce_file_write, slow); if (is_OK != 0) { return is_OK; @@ -1753,36 +1771,10 @@ int mfnestedhard(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBloc } //Tests(); - - //PrintAndLog(""); - //PrintAndLog("Sum(a0) = %d", first_byte_Sum); - // PrintAndLog("Best 10 first bytes: %02x, %02x, %02x, %02x, %02x, %02x, %02x, %02x, %02x, %02x", - // best_first_bytes[0], - // best_first_bytes[1], - // best_first_bytes[2], - // best_first_bytes[3], - // best_first_bytes[4], - // best_first_bytes[5], - // best_first_bytes[6], - // best_first_bytes[7], - // best_first_bytes[8], - // best_first_bytes[9] ); - PrintAndLog("Number of first bytes with confidence > %2.1f%%: %d", CONFIDENCE_THRESHOLD*100.0, num_good_first_bytes); - - clock_t time1 = clock(); - generate_candidates(first_byte_Sum, nonces[best_first_bytes[0]].Sum8_guess); - time1 = clock() - time1; - if ( time1 > 0 ) - PrintAndLog("Time for generating key candidates list: %1.0f seconds", ((float)time1)/CLOCKS_PER_SEC); - - brute_force(); - free_nonces_memory(); free_statelist_cache(); free_candidates_memory(candidates); candidates = NULL; - } + } return 0; } - -