--- /dev/null
+
+
+local _keys = {
+
+ --[[
+
+ These keys are from the pm3 c-codebase.
+
+ --]]
+ 'fffffffffff0', -- Default key (first key used by program if no user defined key)
+ '000000000000', -- Blank key
+ 'a0a1a2a3a4a5', -- NFCForum MAD key
+ 'b0b1b2b3b4b5',
+ 'aabbccddeeff',
+ '4d3a99c351dd',
+ '1a982c7e459a',
+ 'd3f7d3f7d3f7',
+ '714c5c886e97',
+ '587ee5f9350f',
+ 'a0478cc39091',
+ '533cb6c723f6',
+ '8fd0a4f256e9',
+
+
+ --[[
+ The data below is taken form the Slurp project,
+ https://github.com/4ZM/slurp/blob/master/res/xml/mifare_default_keys.xml
+ released as GPLV3.
+
+ --]]
+
+ '000000000000', -- Default key
+ 'fffffffffff0', -- Default key
+ 'b0b1b2b3b4b5', -- Key from mfoc
+ '4d3a99c351dd', -- Key from mfoc
+ '1a982c7e459a', -- Key from mfoc
+ 'aabbccddeeff', -- Key from mfoc
+ '714c5c886e97', -- Key from mfoc
+ '587ee5f9350f', -- Key from mfoc
+ 'a0478cc39091', -- Key from mfoc
+ '533cb6c723f6', -- Key from mfoc
+ '8fd0a4f256e9', -- Key from mfoc
+ -- Data from: http://pastebin.com/wcTHXLZZ
+ 'a64598a77478', -- RKF SL Key A
+ '26940b21ff5d', -- RKF SL Key A
+ 'fc00018778f7', -- RKF SL Key A
+ '00000ffe2488', -- RKF SL Key B
+ '5c598c9c58b5', -- RKF SL Key B
+ 'e4d2770a89be', -- RKF SL Key B
+ -- Data from: http://pastebin.com/svGjN30Q
+ '434f4d4d4f41', -- RKF JOJO GROUP Key A
+ '434f4d4d4f42', -- RKF JOJO GROUP Key B
+ '47524f555041', -- RKF JOJO GROUP Key A
+ '47524f555042', -- RKF JOJO GROUP Key B
+ '505249564141', -- RKF JOJO PRIVA Key A
+ '505249564142', -- RKF JOJO PRIVA Key B
+ -- Data from: http://pastebin.com/d7sSetef
+ 'fc00018778f7', -- RKF Rejskort Danmark Key A
+ '00000ffe2488', -- RKF Rejskort Danmark Key B
+ '0297927c0f77', -- RKF Rejskort Danmark Key A
+ 'ee0042f88840', -- RKF Rejskort Danmark Key B
+ '722bfcc5375f', -- RKF Rejskort Danmark Key A
+ 'f1d83f964314', -- RKF Rejskort Danmark Key B
+ -- Data from: http://pastebin.com/pvJX0xVS
+ '54726176656C', -- Transport Key A
+ '776974687573', -- Transport Key B
+ '4AF9D7ADEBE4', -- Directory and event log Key A
+ '2BA9621E0A36', -- Directory and event log Key B
+ -- Data from: http://pastebin.com/Dnnc5dFC
+ -- New cards are not encrypted (MF Ultralight)
+ 'fc00018778f7', -- Västtrafiken Key A
+ '00000ffe2488', -- Västtrafiken Key B
+ '0297927c0f77', -- Västtrafiken Key A
+ 'ee0042f88840', -- Västtrafiken Key B
+ '54726176656c', -- Västtrafiken Key A
+ '776974687573', -- Västtrafiken Key B
+ -- Data from: http://pastebin.com/y3PDBWR1
+ '000000000001',
+ 'a0a1a2a3a4a5',
+ '123456789abc',
+ 'b127c6f41436',
+ '12f2ee3478c1',
+ '34d1df9934c5',
+ '55f5a5dd38c9',
+ 'f1a97341a9fc',
+ '33f974b42769',
+ '14d446e33363',
+ 'c934fe34d934',
+ '1999a3554a55',
+ '27dd91f1fcf1',
+ 'a94133013401',
+ '99c636334433',
+ '43ab19ef5c31',
+ 'a053a292a4af',
+ '434f4d4d4f41',
+ '434f4d4d4f42',
+ '505249565441',
+ '505249565442',
+ -- Data from,:, http://pastebin.com/TUXj17K3
+ 'fc0001877bf7', -- RKF ÖstgötaTrafiken Key A
+ '00000ffe2488', -- RKF ÖstgötaTrafiken Key B
+ '0297927c0f77', -- RKF ÖstgötaTrafiken Key A
+ 'ee0042f88840', -- RKF ÖstgötaTrafiken Key B
+ '54726176656c', -- RKF ÖstgötaTrafiken Key A
+ '776974687573', -- RKF ÖstgötaTrafiken Key B
+
+ --[[
+ The keys below are taken from from https://code.google.com/p/mifare-key-cracker/downloads/list
+ --]]
+
+ 'bd493a3962b6',
+ '010203040506',
+ '111111111111',
+ '222222222222',
+ '333333333333',
+ '444444444444',
+ '555555555555',
+ '666666666666',
+ '777777777777',
+ '888888888888',
+ '999999999999',
+ 'aaaaaaaaaaaa',
+ 'bbbbbbbbbbbb',
+ 'cccccccccccc',
+ 'dddddddddddd',
+ 'eeeeeeeeeeee',
+ '0123456789ab',
+ '123456789abc',
+ 'ffffffffffff', -- Default key
+}
+
+--[[
+ The keys above have just been pasted in, for completeness sake. They contain duplicates.
+ We need to weed the duplicates out before we expose the list to someone who actually wants to use them
+
+--]]
+
+local function uniq(list)
+
+ local foobar = {}
+ --print("list length ", #list)
+ for _, value in pairs(list) do
+ value = value:lower()
+ if not foobar[value] then
+ foobar[value] = true
+ table.insert(foobar, value);
+ end
+ end
+ --print("final list length length ", #foobar)
+ return foobar
+end
+
+return uniq(_keys)
\ No newline at end of file
--- /dev/null
+--[[
+ This is an example of Lua-scripting within proxmark3. This is a lua-side
+ implementation of hf mf chk
+
+ This code is licensed to you under the terms of the GNU GPL, version 2 or,
+ at your option, any later version. See the LICENSE.txt file for the text of
+ the license.
+
+ Copyright (C) 2013 m h swende <martin at swende.se>
+]]
+-- Loads the commands-library
+local cmds = require('commands')
+-- Load the default keys
+local keys = require('mf_default_keys')
+local desc =
+("This script implements check keys. It utilises a large list of default keys (currently %d keys).\
+If you want to add more, just put them inside mf_default_keys.lua. "):format(#keys)
+
+local TIMEOUT = 10000 -- 10 seconds
+
+local function checkCommand(command)
+
+ --print("Sending this command : " .. tostring(command))
+ local usbcommand = command:getBytes()
+ core.SendCommand(usbcommand)
+ local result = core.WaitForResponseTimeout(cmds.CMD_ACK,TIMEOUT)
+ if result then
+ local count,cmd,arg0 = bin.unpack('LL',result)
+ if(arg0==1) then
+ local count,arg1,arg2,data = bin.unpack('LLH511',result,count)
+ key = data:sub(1,12)
+ return key
+ else
+ --print("Key not found...")
+ return nil
+ end
+ else
+ print("Timeout while waiting for response. Increase TIMEOUT in keycheck.lua to wait longer")
+ return nil, "Timeout while waiting for device to respond"
+ end
+end
+
+
+function checkBlock(blockNo, keys, keyType)
+ -- The command data is only 512 bytes, each key is 6 bytes, meaning that we can send max 85 keys in one go.
+ -- If there's more, we need to split it up
+ local start, remaining= 1, #keys
+ local packets = {}
+ while remaining > 0 do
+ local n,data = remaining, nil
+ if remaining > 85 then n = 85 end
+ local data = table.concat(keys,"",start,n)
+ --print("data",data)
+ --print("data len", #data)
+ print(("Testing block %d, keytype %d, with %d keys"):format(blockNo, keyType, n))
+ local command = Command:new{cmd = cmds.CMD_MIFARE_CHKKEYS,
+ arg1 = blockNo,
+ arg2 = keyType,
+ arg3 = n,
+ data = data}
+ local status = checkCommand(command)
+ if status then return status, blockNo end
+ start = start+n+1
+ remaining = remaining - n
+ end
+ return nil
+end
+
+-- A function to display the results
+local function displayresults(results)
+ local sector, blockNo, keyA, keyB,_
+
+ print("________________________________________")
+ print("|Sector|Block| A | B |")
+ print("|--------------------------------------|")
+
+ for sector,_ in pairs(results) do
+ blockNo, keyA, keyB = unpack(_)
+
+ print(("| %3d | %3d |%s|%s|"):format(sector, blockNo, keyA, keyB ))
+ end
+ print("|--------------------------------------|")
+
+end
+-- A little helper to place an item first in the list
+local function placeFirst(akey, list)
+ akey = akey:lower()
+ if list[1] == akey then
+ -- Already at pole position
+ return list
+ end
+ local result = {akey}
+ --print(("Putting '%s' first"):format(akey))
+ for i,v in ipairs(list) do
+ if v ~= akey then
+ result[#result+1] = v
+ end
+ end
+ return result
+end
+
+local function main()
+
+ print(desc);
+
+ core.clearCommandBuffer()
+ local blockNo
+ local keyType = 0 -- A=0, B=1
+ local result = {}
+ for sector=1,40,1 do
+
+ --[[
+ The mifare Classic 1k card has 16 sectors of 4 data blocks each. The
+ first 32 sectors of a mifare Classic 4k card consists of 4 data blocks and the remaining
+ 8 sectors consist of 16 data blocks.
+ --]]
+ local blockNo = sector * 4 -1
+
+ if sector > 32 then
+ blockNo = 32*4+ (sector-32)*16 -1
+ end
+
+ local keyA = checkBlock(blockNo, keys, 0)
+ if keyA then keys = placeFirst(keyA, keys) end
+ keyA = keyA or ""
+
+ local keyB = checkBlock(blockNo, keys, 1)
+ if keyB then keys = placeFirst(keyB, keys) end
+ keyB = keyB or ""
+
+ result[sector] = {blockNo, keyA, keyB }
+
+ -- Check if user aborted
+ if core.ukbhit() then
+ print("Aborted by user")
+ break
+ end
+ end
+ displayresults(result)
+end
+
+main()
+
projects / proxmark3-svn / commitdiff