X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/fa5974bbf346e9aad444fae8a775c24a760302b3..905c55de2bbe642412b47ed4e92344096c817fac:/client/cmdhfmfhard.c diff --git a/client/cmdhfmfhard.c b/client/cmdhfmfhard.c index 5138a997..2e504675 100644 --- a/client/cmdhfmfhard.c +++ b/client/cmdhfmfhard.c @@ -723,8 +723,8 @@ static void simulate_acquire_nonces() cuid = (rand() & 0xff) << 24 | (rand() & 0xff) << 16 | (rand() & 0xff) << 8 | (rand() & 0xff); known_target_key = ((uint64_t)rand() & 0xfff) << 36 | ((uint64_t)rand() & 0xfff) << 24 | ((uint64_t)rand() & 0xfff) << 12 | ((uint64_t)rand() & 0xfff); - printf("Simulating nonce acquisition for target key %012"llx", cuid %08x ...\n", known_target_key, cuid); - fprintf(fstats, "%012"llx";%08x;", known_target_key, cuid); + printf("Simulating nonce acquisition for target key %012" PRIx64 ", cuid %08x ...\n", known_target_key, cuid); + fprintf(fstats, "%012" PRIx64 ";%08x;", known_target_key, cuid); do { uint32_t nt_enc = 0; @@ -767,8 +767,6 @@ static void simulate_acquire_nonces() static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBlockNo, uint8_t trgKeyType, bool nonce_file_write, bool slow) { - uint8_t three_in_row = 0; - uint8_t prev_best = 0; clock_t time1 = clock(); bool initialize = true; bool finished = false; @@ -779,6 +777,7 @@ static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_ uint32_t next_fivehundred = 500; uint32_t total_added_nonces = 0; uint32_t idx = 1; + uint32_t timeout = 0; FILE *fnonces = NULL; field_off = false; UsbCommand resp; @@ -791,8 +790,7 @@ static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_ do { flags = 0; - //flags |= initialize ? 0x0001 : 0; - flags |= 0x0001; + flags |= initialize ? 0x0001 : 0; flags |= slow ? 0x0002 : 0; flags |= field_off ? 0x0004 : 0; c.arg[2] = flags; @@ -802,10 +800,15 @@ static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_ if (field_off) break; - if (!WaitForResponseTimeout(CMD_ACK, &resp, 6000)) { - if (fnonces) fclose(fnonces); - return 1; - } + while(!WaitForResponseTimeout(CMD_ACK, &resp, 2000)) { + timeout++; + printf("."); + if (timeout > 3) { + PrintAndLog("\nNo response from Proxmark. Aborting..."); + if (fnonces) fclose(fnonces); + return 1; + } + } if (resp.arg[0]) { if (fnonces) fclose(fnonces); @@ -871,31 +874,14 @@ static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_ ); } - if ( num_good_first_bytes > 0 ) { - - if ( prev_best == best_first_bytes[0] ){ - ++three_in_row; - } else { - three_in_row = 0; - } - prev_best = best_first_bytes[0]; - - //printf("GOOD BYTES: %s \n", sprint_hex(best_first_bytes, num_good_first_bytes) ); - if ( total_added_nonces >= (NONCES_THRESHOLD * idx) || three_in_row >= 3) { - - bool cracking = generate_candidates(first_byte_Sum, nonces[best_first_bytes[0]].Sum8_guess); - if (cracking || known_target_key != -1) { - - UsbCommand cOff = {CMD_FPGA_MAJOR_MODE_OFF, {0,0,0} }; - SendCommand(&cOff); - field_off = brute_force(); + if (total_added_nonces >= (NONCES_THRESHOLD * idx)) { + if (num_good_first_bytes > 0) { + if (generate_candidates(first_byte_Sum, nonces[best_first_bytes[0]].Sum8_guess) || known_target_key != -1) { + field_off = brute_force(); // switch off field with next SendCommand and then finish } - three_in_row = 0; } + idx++; } - - if ( total_added_nonces >= (NONCES_THRESHOLD * idx)) - ++idx; } } while (!finished); @@ -1261,7 +1247,7 @@ static bool TestIfKeyExists(uint64_t key) uint32_t state_odd = pcs->odd & 0x00ffffff; uint32_t state_even = pcs->even & 0x00ffffff; - //printf("Tests: searching for key %llx after first byte 0x%02x (state_odd = 0x%06x, state_even = 0x%06x) ...\n", key, best_first_bytes[0], state_odd, state_even); + //printf("Tests: searching for key %" PRIx64 " after first byte 0x%02x (state_odd = 0x%06x, state_even = 0x%06x) ...\n", key, best_first_bytes[0], state_odd, state_even); printf("Validating key search space\n"); uint64_t count = 0; for (statelist_t *p = candidates; p != NULL; p = p->next) { @@ -1285,7 +1271,7 @@ static bool TestIfKeyExists(uint64_t key) count += (p_odd - p->states[ODD_STATE]) * (p_even - p->states[EVEN_STATE]); if (found_odd && found_even) { if (known_target_key != -1) { - PrintAndLog("Key Found after testing %llu (2^%1.1f) out of %lld (2^%1.1f) keys.", + PrintAndLog("Key Found after testing %" PRIu64 " (2^%1.1f) out of %lld (2^%1.1f) keys.", count, log(count)/log(2), maximum_states, @@ -1743,12 +1729,14 @@ static bool brute_force(void) { return ret; } -int mfnestedhard(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBlockNo, uint8_t trgKeyType, uint8_t *trgkey, bool nonce_file_read, bool nonce_file_write, bool slow, int tests) +int mfnestedhard(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBlockNo, uint8_t trgKeyType, uint8_t *trgkey, bool nonce_file_read, bool nonce_file_write, bool slow, int tests, uint64_t *found_key) { // initialize Random number generator time_t t; srand((unsigned) time(&t)); + *found_key = 0; + if (trgkey != NULL) { known_target_key = bytes_to_num(trgkey, 6); } else { @@ -1800,6 +1788,10 @@ int mfnestedhard(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBloc } else { // acquire nonces. uint16_t is_OK = acquire_nonces(blockNo, keyType, key, trgBlockNo, trgKeyType, nonce_file_write, slow); if (is_OK != 0) { + free_nonces_memory(); + //free_statelist_cache(); + free_candidates_memory(candidates); + candidates = NULL; return is_OK; } } @@ -1810,5 +1802,6 @@ int mfnestedhard(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBloc free_candidates_memory(candidates); candidates = NULL; } + *found_key = foundkey; return 0; -} +} \ No newline at end of file