SniffMifare(c->arg[0]);
break;
+ case CMD_MIFARE_SETMOD:
+ MifareSetMod(c->arg[0], c->d.asBytes);
+ break;
+
//mifare desfire
case CMD_MIFARE_DESFIRE_READBL: break;
case CMD_MIFARE_DESFIRE_WRITEBL: break;
void MifareCSetBlock(uint32_t arg0, uint32_t arg1, uint8_t *datain); // Work with "magic Chinese" card
void MifareCGetBlock(uint32_t arg0, uint32_t arg1, uint8_t *datain);
void MifareCIdent(); // is "magic chinese" card?
+void MifareSetMod(uint8_t mod, uint8_t *key);
void MifareUSetPwd(uint8_t arg0, uint8_t *datain);
void OnSuccessMagic();
void OnErrorMagic(uint8_t reason);
cmd_send(CMD_ACK,0,reason,0,0,0);\r
OnSuccessMagic();\r
}\r
+\r
+void MifareSetMod(uint8_t mod, uint8_t *key) {\r
+ uint64_t ui64Key = bytes_to_num(key, 6);\r
+\r
+ // variables\r
+ uint8_t isOK = 0;\r
+ uint8_t uid[10] = {0};\r
+ uint32_t cuid = 0;\r
+ struct Crypto1State mpcs = {0, 0};\r
+ struct Crypto1State *pcs = &mpcs;\r
+ int respLen = 0;\r
+ uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE] = {0};\r
+ uint8_t receivedAnswerPar[MAX_MIFARE_PARITY_SIZE] = {0};\r
+\r
+ iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
+\r
+ clear_trace();\r
+ set_tracing(true);\r
+\r
+ LED_A_ON();\r
+ LED_B_OFF();\r
+ LED_C_OFF();\r
+\r
+ while (true) {\r
+ if(!iso14443a_select_card(uid, NULL, &cuid, true, 0)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");\r
+ break;\r
+ }\r
+\r
+ if(mifare_classic_auth(pcs, cuid, 0, 0, ui64Key, AUTH_FIRST)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Auth error");\r
+ break;\r
+ }\r
+\r
+ if (((respLen = mifare_sendcmd_short(pcs, 1, 0x43, mod, receivedAnswer, receivedAnswerPar, NULL)) != 1) || (receivedAnswer[0] != 0x0a)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("SetMod error; response[0]: %hhX, len: %d", receivedAnswer[0], respLen);\r
+ break;\r
+ }\r
+\r
+ if(mifare_classic_halt(pcs, cuid)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Halt error");\r
+ break;\r
+ }\r
+\r
+ isOK = 1;\r
+ break;\r
+ }\r
+\r
+ crypto1_destroy(pcs);\r
+\r
+ LED_B_ON();\r
+ cmd_send(CMD_ACK, isOK, 0, 0, 0, 0);\r
+ LED_B_OFF();\r
+\r
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
+ LEDsoff();\r
+}\r
+\r
//\r
// DESFIRE\r
//\r
return tryDecryptWord( nt, ar_enc, at_enc, data, len);\r
}\r
\r
+int CmdHf14AMfSetMod(const char *Cmd) {\r
+ uint8_t key[6] = {0, 0, 0, 0, 0, 0};\r
+ uint8_t mod = 2;\r
+\r
+ char ctmp = param_getchar(Cmd, 0);\r
+ if (ctmp == '0') {\r
+ mod = 0;\r
+ } else if (ctmp == '1') {\r
+ mod = 1;\r
+ }\r
+ int gethexfail = param_gethex(Cmd, 1, key, 12);\r
+ if (mod == 2 || gethexfail) {\r
+ PrintAndLog("Sets the load modulation strength of a MIFARE Classic EV1 card.");\r
+ PrintAndLog("Usage: hf mf setmod <0/1> <block 0 key A>");\r
+ PrintAndLog(" 0 = normal modulation");\r
+ PrintAndLog(" 1 = strong modulation (default)");\r
+ return 1;\r
+ }\r
+\r
+ UsbCommand c = {CMD_MIFARE_SETMOD, {mod, 0, 0}};\r
+ memcpy(c.d.asBytes, key, 6);\r
+ clearCommandBuffer();\r
+ SendCommand(&c);\r
+\r
+ UsbCommand resp;\r
+ if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {\r
+ uint8_t ok = resp.arg[0] & 0xff;\r
+ PrintAndLog("isOk:%02x", ok);\r
+ if (!ok) {\r
+ PrintAndLog("Failed.");\r
+ }\r
+ } else {\r
+ PrintAndLog("Command execute timeout");\r
+ }\r
+ return 0;\r
+}\r
+\r
static command_t CommandTable[] = {\r
{"help", CmdHelp, 1, "This help"},\r
{"dbg", CmdHF14AMfDbg, 0, "Set default debug mode"},\r
{"cload", CmdHF14AMfCLoad, 0, "Load dump into magic Chinese card"},\r
{"csave", CmdHF14AMfCSave, 0, "Save dump from magic Chinese card into file or emulator"},\r
{"decrypt", CmdHf14MfDecryptBytes, 1, "[nt] [ar_enc] [at_enc] [data] - to decrypt snoop or trace"},\r
+ {"setmod", CmdHf14AMfSetMod, 0, "Set MIFARE Classic EV1 load modulation strength"},\r
{NULL, NULL, 0, NULL}\r
};\r
\r
int CmdHF14AMfCLoad(const char* cmd);\r
int CmdHF14AMfCSave(const char* cmd);\r
int CmdHf14MfDecryptBytes(const char *Cmd);\r
+int CmdHf14AMfSetMod(const char *Cmd);\r
\r
void showSectorTable(void);\r
void readerAttack(nonces_t data, bool setEmulatorMem, bool verbose);\r
#define CMD_MIFAREU_WRITEBL_COMPAT 0x0723
#define CMD_MIFARE_CHKKEYS 0x0623
+#define CMD_MIFARE_SETMOD 0x0624
#define CMD_MIFARE_SNIFFER 0x0630
//ultralightC
CMD_MIFAREU_WRITEBL_COMPAT = 0x0723,
CMD_MIFARE_CHKKEYS = 0x0623,
+ CMD_MIFARE_SETMOD = 0x0624,
CMD_MIFARE_SNIFFER = 0x0630,
#define CMD_MIFAREU_WRITEBL_COMPAT 0x0723
#define CMD_MIFARE_CHKKEYS 0x0623
+#define CMD_MIFARE_SETMOD 0x0624
#define CMD_MIFARE_SNIFFER 0x0630
//ultralightC
projects / proxmark3-svn / commitdiff