MifareUC_Auth(c->arg[0],c->d.asBytes);
break;
case CMD_MIFAREU_READCARD:
- case CMD_MIFAREUC_READCARD:
MifareUReadCard(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);
break;
case CMD_MIFAREUC_SETPWD:
return;\r
};\r
\r
- if(mifare_ultra_auth(keybytes) == 1){\r
+ if(!mifare_ultra_auth(keybytes)){\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Authentication failed");\r
OnError(1);\r
return;\r
}\r
- cmd_send(CMD_ACK,1,0,0,0,0);\r
\r
if (turnOffField) {\r
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
LEDsoff();\r
}\r
+ cmd_send(CMD_ACK,1,0,0,0,0);\r
}\r
\r
// Arg0 = BlockNo,\r
uint8_t key[16] = {0x00};\r
memcpy(key, datain, sizeof(key) );\r
\r
- if ( mifare_ultra_auth(key) == 1 ) {\r
+ if ( !mifare_ultra_auth(key) ) {\r
OnError(1);\r
return;\r
}\r
uint8_t pwd[4] = {0x00};\r
memcpy(pwd, datain, 4);\r
uint8_t pack[4] = {0,0,0,0};\r
- if (mifare_ul_ev1_auth(pwd, pack) == 1) {\r
+ if (!mifare_ul_ev1_auth(pwd, pack)) {\r
OnError(1);\r
return;\r
}\r
uint16_t blocks = arg1;\r
bool useKey = (arg2 == 1); //UL_C\r
bool usePwd = (arg2 == 2); //UL_EV1/NTAG\r
- int countblocks = 0;\r
- uint8_t dataout[176] = {0x00};\r
+ uint32_t countblocks = 0;\r
+ uint8_t *dataout = BigBuf_get_addr();\r
\r
LEDsoff();\r
LED_A_ON();\r
uint8_t key[16] = {0x00};\r
memcpy(key, datain, sizeof(key) );\r
\r
- if ( mifare_ultra_auth(key) == 1 ) {\r
+ if ( !mifare_ultra_auth(key) ) {\r
OnError(1);\r
return;\r
}\r
memcpy(pwd, datain, sizeof(pwd));\r
uint8_t pack[4] = {0,0,0,0};\r
\r
- if (mifare_ul_ev1_auth(pwd, pack) == 1){\r
+ if (!mifare_ul_ev1_auth(pwd, pack)){\r
OnError(1);\r
return; \r
}\r
}\r
\r
for (int i = 0; i < blocks; i++){\r
- len = mifare_ultra_readblock(blockNo * 4 + i, dataout + 4 * i);\r
+ if ((i*4) + 4 > BigBuf_get_traceLen()) {\r
+ Dbprintf("Data exceeds buffer!!");\r
+ break;\r
+ }\r
+ \r
+ len = mifare_ultra_readblock(blockNo + i, dataout + 4 * i);\r
\r
if (len) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Read block %d error",i);\r
- OnError(2);\r
- return;\r
+ // if no blocks read - error out\r
+ if (i==0){\r
+ OnError(2);\r
+ return;\r
+ } else {\r
+ //stop at last successful read block and return what we got\r
+ break;\r
+ }\r
} else {\r
countblocks++;\r
}\r
\r
if (MF_DBGLEVEL >= MF_DBG_EXTENDED) Dbprintf("Blocks read %d", countblocks);\r
\r
- len = blocks * 4;\r
-\r
- cmd_send(CMD_ACK, 1, len, 0, dataout, len); \r
+ countblocks *= 4;\r
+ cmd_send(CMD_ACK, 1, countblocks, countblocks, 0, 0);\r
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
LEDsoff();\r
}\r
len = mifare_sendcmd_short_mfuev1auth(NULL, 0, 0x1B, key, resp, respPar, NULL);\r
if (len != 4) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Cmd Error: %02x %u", resp[0], len);\r
- OnError(1);\r
- return 1;\r
+ return 0;\r
}\r
\r
if (MF_DBGLEVEL >= MF_DBG_EXTENDED)\r
Dbprintf("Auth Resp: %02x%02x%02x%02x", resp[0],resp[1],resp[2],resp[3]);\r
\r
memcpy(pack, resp, 4);\r
- return 0;\r
+ return 1;\r
}\r
\r
int mifare_ultra_auth(uint8_t *keybytes){\r
len = mifare_sendcmd_short(NULL, 1, 0x1A, 0x00, resp, respPar ,NULL);\r
if (len != 11) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Cmd Error: %02x", resp[0]);\r
- OnError(1);\r
- return 1;\r
+ return 0;\r
}\r
\r
// tag nonce.\r
len = mifare_sendcmd_short_mfucauth(NULL, 1, 0xAF, rnd_ab, resp, respPar, NULL);\r
if (len != 11) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Cmd Error: %02x", resp[0]);\r
- OnError(1);\r
- return 1;\r
+ return 0;\r
}\r
\r
uint8_t enc_resp[8] = { 0,0,0,0,0,0,0,0 };\r
tdes_2key_dec(resp_random_a, enc_resp, 8, key, enc_random_b);\r
if ( memcmp(resp_random_a, random_a, 8) != 0 ) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("failed authentication");\r
- return 1;\r
+ return 0;\r
}\r
\r
if (MF_DBGLEVEL >= MF_DBG_EXTENDED) {\r
resp_random_a[0],resp_random_a[1],resp_random_a[2],resp_random_a[3],\r
resp_random_a[4],resp_random_a[5],resp_random_a[6],resp_random_a[7]);\r
}\r
- return 0;\r
+ return 1;\r
}\r
\r
int mifare_ultra_readblock(uint8_t blockNo, uint8_t *blockData)\r
#include "mifare.h"
#include "util.h"
#include "protocols.h"
+#include "data.h"
#define MAX_UL_BLOCKS 0x0f
-#define MAX_ULC_BLOCKS 0x2f
+#define MAX_ULC_BLOCKS 0x2b
#define MAX_ULEV1a_BLOCKS 0x12
#define MAX_ULEV1b_BLOCKS 0x20
#define MAX_NTAG_213 0x2c
memcpy(c.d.asBytes, key, 16);
SendCommand(&c);
UsbCommand resp;
- if ( !WaitForResponseTimeout(CMD_ACK, &resp, 1500) ) return -1;
- if ( resp.arg[0] == 1 ) return 0;
+ if ( !WaitForResponseTimeout(CMD_ACK, &resp, 1500) ) return 0;
+ if ( resp.arg[0] == 1 ) return 1;
- return -2;
+ return 0;
}
static int ulev1_requestAuthentication( uint8_t *pwd, uint8_t *pack, uint16_t packLength ){
PrintAndLog("-------------------------------------------------------------");
ul_print_type(tagtype, 6);
- status = ul_select(&card);
- if ( status < 1 ){
- PrintAndLog("iso14443a card select failed");
- ul_switch_off_field();
- return status;
- }
-
- if ( hasAuthKey ) {
- if ((tagtype & UL_C)) {
- //will select card automatically
- if (ulc_authentication(authenticationkey, false) != 0) {
- ul_switch_off_field();
- PrintAndLog("Error: Authentication Failed UL-C");
- return 0;
- }
- } else {
+ if ( hasAuthKey && (tagtype & UL_C)) {
+ //will select card automatically and close connection on error
+ if (!ulc_authentication(authenticationkey, false)) {
+ PrintAndLog("Error: Authentication Failed UL-C");
+ return 0;
+ }
+ } else {
+ status = ul_select(&card);
+ if ( status < 1 ){
+ PrintAndLog("iso14443a card select failed");
+ ul_switch_off_field();
+ return status;
+ }
+ if (hasAuthKey) {
len = ulev1_requestAuthentication(authenticationkey, pack, sizeof(pack));
if (len < 1) {
ul_switch_off_field();
status = ul_read(0x28, ulc_conf, sizeof(ulc_conf));
if ( status == -1 ){
PrintAndLog("Error: tag didn't answer to READ UL-C");
+ ul_switch_off_field();
return status;
}
ulc_print_configuration(ulc_conf);
ulc_print_3deskey(ulc_deskey);
} else {
+ ul_switch_off_field();
// if we called info with key, just return
if ( hasAuthKey ) return 1;
PrintAndLog("Trying some default 3des keys");
for (uint8_t i = 0; i < KEYS_3DES_COUNT; ++i ){
key = default_3des_keys[i];
- if (ulc_authentication(key, true) == 0){
+ if (ulc_authentication(key, true)){
PrintAndLog("Found default 3des key: "); //%s", sprint_hex(key,16));
uint8_t keySwap[16];
memcpy(keySwap, SwapEndian64(key,16,8), 16);
ulc_print_3deskey(keySwap);
- ul_switch_off_field();
return 1;
}
}
- ul_switch_off_field();
return 1; //return even if key not found (UL_C is done)
}
}
// 1-7 = ... should we even try then?
if ( authlim == 0 ){
PrintAndLog("\n--- Known EV1/NTAG passwords.");
-
- for (uint8_t i = 0; i < 3; ++i ){
+ len = 0;
+ for (uint8_t i = 0; i < KEYS_PWD_COUNT; ++i ){
key = default_pwd_pack[i];
- if ( len > -1 ){
- len = ulev1_requestAuthentication(key, pack, sizeof(pack));
- if (len == 1) {
- PrintAndLog("Found a default password: %s || Pack: %02X %02X",sprint_hex(key, 4), pack[0], pack[1]);
- break;
+ len = ulev1_requestAuthentication(key, pack, sizeof(pack));
+ if (len >= 1) {
+ PrintAndLog("Found a default password: %s || Pack: %02X %02X",sprint_hex(key, 4), pack[0], pack[1]);
+ break;
+ } else {
+ status = ul_select(&card);
+ if ( status < 1 ){
+ PrintAndLog("iso14443a card select failed - ev1 auth");
+ ul_switch_off_field();
+ return status;
}
}
}
status = ul_read(3, cc, sizeof(cc));
if ( status == -1 ){
PrintAndLog("Error: tag didn't answer to READ ntag");
+ ul_switch_off_field();
return status;
}
ntag_print_CC(cc);
errors = param_gethex(tempStr, 0, key, dataLen);
else if (dataLen == 8) //ev1/ntag
errors = param_gethex(tempStr, 0, key, dataLen);
- else
+ else{
+ PrintAndLog("\nERROR: Key is incorrect length\n");
errors = true;
+ }
cmdp += 2;
hasPwd = true;
ul_print_type(tagtype, 0);
PrintAndLog("Reading tag memory...");
-
- UsbCommand c = {CMD_MIFAREUC_READCARD, {startPage,Pages}};
+ UsbCommand c = {CMD_MIFAREU_READCARD, {startPage,Pages}};
if ( hasPwd ) {
if (tagtype & UL_C)
c.arg[2] = 1; //UL_C auth
PrintAndLog("Command execute time-out");
return 1;
}
- PrintAndLog ("%u,%u",resp.arg[0],resp.arg[1]);
- uint8_t isOK = resp.arg[0] & 0xff;
- if (isOK) {
- memcpy(data, resp.d.asBytes, resp.arg[1]);
- } else {
+ if (resp.arg[0] != 1) {
PrintAndLog("Failed reading block: (%02x)", i);
return 1;
}
+ uint32_t bufferSize = resp.arg[1];
+ if (bufferSize > sizeof(data)) {
+ PrintAndLog("Data exceeded Buffer size!");
+ bufferSize = sizeof(data);
+ }
+ GetFromBigBuf(data, bufferSize, 0);
+ WaitForResponse(CMD_ACK,NULL);
+
+ Pages = bufferSize/4;
// Load lock bytes.
int j = 0;
}
}
- // add keys
- if (hasPwd){ //UL_C
+ // add keys to block dump
+ if (hasPwd && (tagtype & UL_C)){ //UL_C
memcpy(data + Pages*4, key, dataLen/2);
Pages += 4;
- }
+ } else if (hasPwd) { //not sure output is in correct location.
+ memcpy(data + Pages*4, key, dataLen/2);
+ Pages += 1;
+ }
for (i = 0; i < Pages; ++i) {
if ( i < 3 ) {
//
int CmdHF14AMfucAuth(const char *Cmd){
- uint8_t keyNo = 0;
+ uint8_t keyNo = 3;
bool errors = false;
char cmdp = param_getchar(Cmd, 0);
}
uint8_t *key = default_3des_keys[keyNo];
- if (ulc_authentication(key, true) == 0)
+ if (ulc_authentication(key, true))
PrintAndLog("Authentication successful. 3des key: %s",sprint_hex(key, 16));
else
PrintAndLog("Authentication failed");
-
+
return 0;
}
CMD_MIFARE_SNIFFER = 0x0630,
--//ultralightC
- CMD_MIFAREUC_AUTH1 = 0x0724,
- CMD_MIFAREUC_AUTH2 = 0x0725,
- CMD_MIFAREUC_READCARD = 0x0726,
- CMD_MIFAREUC_SETPWD = 0x0727,
- CMD_MIFAREU_SETUID = 0x0728,
+ CMD_MIFAREUC_AUTH = 0x0724,
+ CMD_MIFAREUC_SETPWD = 0x0727,
+ CMD_MIFAREU_SETUID = 0x0728,
--// mifare desfire
CMD_MIFARE_DESFIRE_READBL = 0x0728,
#define CMD_MIFARE_SNIFFER 0x0630
//ultralightC
-#define CMD_MIFAREUC_AUTH1 0x0724
-#define CMD_MIFAREUC_AUTH2 0x0725
-#define CMD_MIFAREUC_READCARD 0x0726
+#define CMD_MIFAREUC_AUTH 0x0724
+//0x0725 and 0x0726 no longer used
#define CMD_MIFAREUC_SETPWD 0x0727
projects / proxmark3-svn / commitdiff