#include "iso14443crc.h"
-#define RECEIVE_SAMPLES_TIMEOUT 0x0003FFFF
+#define RECEIVE_SAMPLES_TIMEOUT 0x0004FFFF
#define ISO14443B_DMA_BUFFER_SIZE 256
uint8_t PowerOn = TRUE;
samples += 2;
- if(Handle14443bSamplesDemod(ci, cq)) {
+ if(Handle14443bSamplesDemod(ci | 0x01 , cq | 0x01)) {
gotFrame = TRUE;
break;
}
}
if(!ReaderIsActive) { // no need to try decoding tag data if the reader is sending - and we cannot afford the time
+ // is this | 0x01 the error? & 0xfe in https://github.com/Proxmark/proxmark3/issues/103
if(Handle14443bSamplesDemod(ci | 0x01, cq | 0x01)) {
//Use samples as a time measurement
--- /dev/null
+//-----------------------------------------------------------------------------
+// Merlok - June 2011
+// Gerhard de Koning Gans - May 2008
+// Hagen Fritsch - June 2010
+//
+// This code is licensed to you under the terms of the GNU GPL, version 2 or,
+// at your option, any later version. See the LICENSE.txt file for the text of
+// the license.
+//-----------------------------------------------------------------------------
+// Routines to support ISO 14443 type A.
+//-----------------------------------------------------------------------------
+
+#ifndef __ISO14443B_H
+#define __ISO14443B_H
+#include "common.h"
+
+int iso14443b_apdu(uint8_t const *message, size_t message_length, uint8_t *response);
+void iso14443b_setup();
+int iso14443b_select_card();
+
+#endif /* __ISO14443B_H */
// REQB
if (HF14BCmdRaw(true, &crc2, true, cmd2, &cmdLen, false)==0) return rawClose();
- PrintAndLog("REQB : %s", sprint_hex(cmd2, 9));
+ PrintAndLog("REQB : %s", sprint_hex(cmd2, cmdLen));
if ( SRx && (cmdLen != 3 || !crc2) ) return rawClose();
else if (cmd2[0] != 0x50 || cmdLen != 14 || !crc2) return rawClose();
// attrib
if (HF14BCmdRaw(true, &crc2, true, cmd2, &cmdLen, false)==0) return rawClose();
- PrintAndLog("ATTRIB : %s", sprint_hex(cmd2, 3));
+ PrintAndLog("ATTRIB : %s", sprint_hex(cmd2, cmdLen));
if (cmdLen != 3 || !crc2) return rawClose();
if (SRx && cmd2[0] != chipID) return rawClose();
return isSuccess;
}
+int tryMfk32_moebius(uint64_t myuid, uint8_t *data, uint8_t *outputkey ){
+
+ struct Crypto1State *s,*t;
+ uint64_t key; // recovered key
+ uint32_t uid; // serial number
+ uint32_t nt0; // tag challenge first
+ uint32_t nt1; // tag challenge second
+ uint32_t nr0_enc; // first encrypted reader challenge
+ uint32_t ar0_enc; // first encrypted reader response
+ uint32_t nr1_enc; // second encrypted reader challenge
+ uint32_t ar1_enc; // second encrypted reader response
+ bool isSuccess = FALSE;
+ int counter = 0;
+
+ uid = myuid;//(uint32_t)bytes_to_num(data + 0, 4);
+ nt0 = *(uint32_t*)(data+8);
+ nr0_enc = *(uint32_t*)(data+12);
+ ar0_enc = *(uint32_t*)(data+16);
+ nt1 = *(uint32_t*)(data+8);
+ nr1_enc = *(uint32_t*)(data+32);
+ ar1_enc = *(uint32_t*)(data+36);
+
+ s = lfsr_recovery32(ar0_enc ^ prng_successor(nt0, 64), 0);
+
+ for(t = s; t->odd | t->even; ++t) {
+ lfsr_rollback_word(t, 0, 0);
+ lfsr_rollback_word(t, nr0_enc, 1);
+ lfsr_rollback_word(t, uid ^ nt0, 0);
+ crypto1_get_lfsr(t, &key);
+
+ crypto1_word(t, uid ^ nt1, 0);
+ crypto1_word(t, nr1_enc, 1);
+ if (ar1_enc == (crypto1_word(t, 0, 0) ^ prng_successor(nt1, 64))) {
+ PrintAndLog("Found Key: [%012"llx"]",key);
+ isSuccess = TRUE;
+ ++counter;
+ if (counter==20)
+ break;
+ }
+ }
+ free(s);
+ return isSuccess;
+}
+
+
int tryMfk64(uint64_t myuid, uint8_t *data, uint8_t *outputkey ){
struct Crypto1State *revstate;
int nonce2key(uint32_t uid, uint32_t nt, uint32_t nr, uint64_t par_info, uint64_t ks_info, uint64_t * key);
int tryMfk32(uint64_t myuid, uint8_t *data, uint8_t *outputkey );
+int tryMfk32_moebius(uint64_t myuid, uint8_t *data, uint8_t *outputkey );
int tryMfk64(uint64_t myuid, uint8_t *data, uint8_t *outputkey );
#endif
OBJS = crapto1.o crypto1.o
HEADERS =
-EXES = mfkey64 mfkey32
+EXES = mfkey64 mfkey32 mfkey32v2
LIBS =
all: $(OBJS) $(EXES) $(LIBS)
projects / proxmark3-svn / commitdiff