X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/59e933fc3f9c4283436b3b317b38c77db0e5d0a7..2dcf60f3df145625781982040ae9c80d30e40482:/client/cmdhfmf.c?ds=sidebyside diff --git a/client/cmdhfmf.c b/client/cmdhfmf.c index 5465c4d4..dc8f7898 100644 --- a/client/cmdhfmf.c +++ b/client/cmdhfmf.c @@ -217,7 +217,12 @@ start: if (isOK == -4 && par_list == 0) { // this special attack when parities is zero, uses checkkeys. Which now with block/keytype option also needs. // but it uses 0|1 instead of 0x60|0x61... - if (!nonce2key_ex(blockNo, keytype - 0x60 , uid, nt, nr, ks_list, &r_key) ){ + if (nonce2key_ex(blockNo, keytype - 0x60 , uid, nt, nr, ks_list, &r_key) ){ + PrintAndLog("Key not found (lfsr_common_prefix list is null)."); + PrintAndLog("Failing is expected to happen in 25%% of all cases. Trying again with a different reader nonce..."); + c.arg[0] = false; + goto start; + } else { PrintAndLog("Found valid key: %012"llx" \n", r_key); goto END; } @@ -234,6 +239,16 @@ start: c.arg[0] = false; goto start; } else { + + // nonce2key found a candidate key. Lets verify it. + uint8_t keyblock[] = {0,0,0,0,0,0}; + num_to_bytes(r_key, 6, keyblock); + uint64_t key64 = 0; + int res = mfCheckKeys(blockNo, keytype - 0x60 , false, 1, keyblock, &key64); + if ( res > 0 ) { + PrintAndLog("Candidate Key found (%012"llx") - Test authentication failed. Starting over darkside attack", r_key); + goto start; + } PrintAndLog("Found valid key: %012"llx" \n", r_key); } END: @@ -460,6 +475,7 @@ int CmdHF14AMfDump(const char *Cmd) { if ( bytes_read == 0) { PrintAndLog("File reading error."); fclose(fin); + fin = NULL; return 2; } } @@ -470,12 +486,14 @@ int CmdHF14AMfDump(const char *Cmd) { if ( bytes_read == 0) { PrintAndLog("File reading error."); fclose(fin); + fin = NULL; return 2; } } fclose(fin); - + fin = NULL; + PrintAndLog("|-----------------------------------------|"); PrintAndLog("|------ Reading sector access bits...-----|"); PrintAndLog("|-----------------------------------------|"); @@ -581,6 +599,7 @@ int CmdHF14AMfDump(const char *Cmd) { uint16_t numblocks = FirstBlockOfSector(numSectors - 1) + NumBlocksPerSector(numSectors - 1); fwrite(carddata, 1, 16*numblocks, fout); fclose(fout); + fout = NULL; PrintAndLog("Dumped %d blocks (%d bytes) to file dumpdata.bin", numblocks, 16*numblocks); } @@ -629,6 +648,7 @@ int CmdHF14AMfRestore(const char *Cmd) { if ( bytes_read == 0) { PrintAndLog("File reading error (dumpkeys.bin)."); fclose(fkeys); + fkeys = NULL; return 2; } } @@ -638,6 +658,7 @@ int CmdHF14AMfRestore(const char *Cmd) { if ( bytes_read == 0) { PrintAndLog("File reading error (dumpkeys.bin)."); fclose(fkeys); + fkeys = NULL; return 2; } } @@ -658,6 +679,7 @@ int CmdHF14AMfRestore(const char *Cmd) { if ( bytes_read == 0) { PrintAndLog("File reading error (dumpdata.bin)."); fclose(fdump); + fdump = NULL; return 2; } @@ -693,6 +715,7 @@ int CmdHF14AMfRestore(const char *Cmd) { } fclose(fdump); + fdump = NULL; return 0; } @@ -1035,7 +1058,7 @@ int CmdHF14AMfNestedHard(const char *Cmd) { slow ? "Yes" : "No", tests); - int16_t isOK = mfnestedhard(blockNo, keyType, key, trgBlockNo, trgKeyType, know_target_key?trgkey:NULL, nonce_file_read, nonce_file_write, slow, tests); + int16_t isOK = mfnestedhard(blockNo, keyType, key, trgBlockNo, trgKeyType, know_target_key ? trgkey : NULL, nonce_file_read, nonce_file_write, slow, tests); if (isOK) { switch (isOK) { @@ -2433,9 +2456,9 @@ static command_t CommandTable[] = { {"dump", CmdHF14AMfDump, 0, "Dump MIFARE classic tag to binary file"}, {"restore", CmdHF14AMfRestore, 0, "Restore MIFARE classic binary file to BLANK tag"}, {"wrbl", CmdHF14AMfWrBl, 0, "Write MIFARE classic block"}, - {"chk", CmdHF14AMfChk, 0, "Test block keys"}, - {"mifare", CmdHF14AMifare, 0, "Read parity error messages."}, - {"nested", CmdHF14AMfNested, 0, "Test nested authentication"}, + {"chk", CmdHF14AMfChk, 0, "Check keys"}, + {"mifare", CmdHF14AMifare, 0, "Darkside attack. read parity error messages."}, + {"nested", CmdHF14AMfNested, 0, "Nested attack. Test nested authentication"}, {"hardnested", CmdHF14AMfNestedHard, 0, "Nested attack for hardened Mifare cards"}, {"keybrute", CmdHF14AMfKeyBrute, 0, "J_Run's 2nd phase of multiple sector nested authentication key recovery"}, {"sniff", CmdHF14AMfSniff, 0, "Sniff card-reader communication"},