X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/bbcd41a6e54b67b459f1d51c130b7ca651686f92..d209443322a410eadd9746ac74c6a8b4899788a9:/client/cmdhfmfhard.c diff --git a/client/cmdhfmfhard.c b/client/cmdhfmfhard.c index 0687e2bb..fcf3a949 100644 --- a/client/cmdhfmfhard.c +++ b/client/cmdhfmfhard.c @@ -13,28 +13,7 @@ // Mifare Classic Cards" in Proceedings of the 22nd ACM SIGSAC Conference on // Computer and Communications Security, 2015 //----------------------------------------------------------------------------- - -#include -#include -#include -#include -#include -#include -#include "proxmark3.h" -#include "cmdmain.h" -#include "ui.h" -#include "util.h" -#include "nonce2key/crapto1.h" -#include "nonce2key/crypto1_bs.h" -#include "parity.h" -#ifdef __WIN32 - #include -#endif -// don't include for APPLE/mac which has malloc stuff elsewhere. -#ifndef __APPLE__ - #include -#endif -#include +#include "cmdhfmfhard.h" #define CONFIDENCE_THRESHOLD 0.95 // Collect nonces until we are certain enough that the following brute force is successfull #define GOOD_BYTES_REQUIRED 13 // default 28, could be smaller == faster @@ -282,7 +261,10 @@ static double p_hypergeometric(uint16_t N, uint16_t K, uint16_t n, uint16_t k) for (int16_t i = N; i >= N-n+1; i--) { log_result -= log(i); } - return exp(log_result); + if ( log_result > 0 ) + return exp(log_result); + else + return 0.0; } else { if (n-k == N-K) { // special case. The published recursion below would fail with a divide by zero exception double log_result = 0.0; @@ -639,6 +621,7 @@ static int read_nonce_file(void) if ( bytes_read == 0) { PrintAndLog("File reading error."); fclose(fnonces); + fnonces = NULL; return 1; } cuid = bytes_to_num(read_buf, 4); @@ -656,6 +639,7 @@ static int read_nonce_file(void) total_num_nonces += 2; } fclose(fnonces); + fnonces = NULL; PrintAndLog("Read %d nonces from file. cuid=%08x, Block=%d, Keytype=%c", total_num_nonces, cuid, trgBlockNo, trgKeyType==0?'A':'B'); return 0; } @@ -1332,15 +1316,15 @@ static bool generate_candidates(uint16_t sum_a0, uint16_t sum_a8) if (maximum_states == 0) return false; // prevent keyspace reduction error (2^-inf) - printf("Number of possible keys with Sum(a0) = %d: %"PRIu64" (2^%1.1f)\n", sum_a0, maximum_states, log(maximum_states)/log(2.0)); + printf("Number of possible keys with Sum(a0) = %d: %"PRIu64" (2^%1.1f)\n", sum_a0, maximum_states, log(maximum_states)/log(2)); init_statelist_cache(); for (uint16_t p = 0; p <= 16; p += 2) { for (uint16_t q = 0; q <= 16; q += 2) { if (p*(16-q) + (16-p)*q == sum_a0) { - printf("Reducing Partial Statelists (p,q) = (%d,%d) with lengths %d, %d\n", - p, q, partial_statelist[p].len[ODD_STATE], partial_statelist[q].len[EVEN_STATE]); + // printf("Reducing Partial Statelists (p,q) = (%d,%d) with lengths %d, %d\n", + // p, q, partial_statelist[p].len[ODD_STATE], partial_statelist[q].len[EVEN_STATE]); for (uint16_t r = 0; r <= 16; r += 2) { for (uint16_t s = 0; s <= 16; s += 2) { if (r*(16-s) + (16-r)*s == sum_a8) { @@ -1349,9 +1333,9 @@ static bool generate_candidates(uint16_t sum_a0, uint16_t sum_a8) // and eliminate the need to calculate the other part if (MIN(partial_statelist[p].len[ODD_STATE], partial_statelist[r].len[ODD_STATE]) < MIN(partial_statelist[q].len[EVEN_STATE], partial_statelist[s].len[EVEN_STATE])) { - add_matching_states(current_candidates, p, r, ODD_STATE); + add_matching_states(current_candidates, p, r, ODD_STATE); if(current_candidates->len[ODD_STATE]) { - add_matching_states(current_candidates, q, s, EVEN_STATE); + add_matching_states(current_candidates, q, s, EVEN_STATE); } else { current_candidates->len[EVEN_STATE] = 0; uint32_t *p = current_candidates->states[EVEN_STATE] = malloc(sizeof(uint32_t)); @@ -1383,7 +1367,7 @@ static bool generate_candidates(uint16_t sum_a0, uint16_t sum_a8) if (maximum_states == 0) return false; // prevent keyspace reduction error (2^-inf) - float kcalc = log(maximum_states)/log(2.0); + float kcalc = log(maximum_states)/log(2); printf("Number of remaining possible keys: %"PRIu64" (2^%1.1f)\n", maximum_states, kcalc); if (write_stats) { if (maximum_states != 0) { @@ -1725,7 +1709,7 @@ static bool brute_force(void) crypto1_bs_init(); PrintAndLog("Using %u-bit bitslices", MAX_BITSLICES); - PrintAndLog("Bitslicing best_first_byte^uid[3] (rollback byte): %02x...", best_first_bytes[0]^(cuid>>24)); + PrintAndLog("Bitslicing best_first_byte^uid[3] (rollback byte): %02X ...", best_first_bytes[0]^(cuid>>24)); // convert to 32 bit little-endian crypto1_bs_bitslice_value32((best_first_bytes[0]<<24)^cuid, bitsliced_rollback_byte, 8); @@ -1766,14 +1750,14 @@ static bool brute_force(void) } time(&end); - double elapsed_time = difftime(end, start); + unsigned long elapsed_time = difftime(end, start); if (keys_found && TestIfKeyExists(foundkey)) { - PrintAndLog("Success! Tested %"PRIu32" states, found %u keys after %.f seconds", total_states_tested, keys_found, elapsed_time); + PrintAndLog("Success! Tested %"PRIu32" states, found %u keys after %u seconds", total_states_tested, keys_found, elapsed_time); PrintAndLog("\nFound key: %012"PRIx64"\n", foundkey); ret = true; } else { - PrintAndLog("Fail! Tested %"PRIu32" states, in %.f seconds", total_states_tested, elapsed_time); + PrintAndLog("Fail! Tested %"PRIu32" states, in %u seconds", total_states_tested, elapsed_time); } // reset this counter for the next call