- Don't increment the nonce when random mode is disabled (this breaks the
standard attack).
- Don't attempt the standard attack when random mode is enabled (there's no
point as it won't work, per comments from @pwpiwi).
- Attempt the moebius attack if the standard attack fails.
* FLAG_7B_UID_IN_DATA - means that there is a 7-byte UID in the data-section, we're expected to use that
* FLAG_10B_UID_IN_DATA - use 10-byte UID in the data-section not finished
* FLAG_NR_AR_ATTACK - means we should collect NR_AR responses for bruteforcing later
* FLAG_7B_UID_IN_DATA - means that there is a 7-byte UID in the data-section, we're expected to use that
* FLAG_10B_UID_IN_DATA - use 10-byte UID in the data-section not finished
* FLAG_NR_AR_ATTACK - means we should collect NR_AR responses for bruteforcing later
- * FLAG_RANDOM_NONCE - means we should generate some pseudo-random nonce data
+ * FLAG_RANDOM_NONCE - means we should generate some pseudo-random nonce data (only allows moebius attack)
*@param exitAfterNReads, exit simulation after n blocks have been read, 0 is infinite ...
* (unless reader attack mode enabled then it runs util it gets enough nonces to recover all keys attmpted)
*/
*@param exitAfterNReads, exit simulation after n blocks have been read, 0 is infinite ...
* (unless reader attack mode enabled then it runs util it gets enough nonces to recover all keys attmpted)
*/
cardAUTHKEY = 0xff;
if (flags & FLAG_RANDOM_NONCE) {
nonce = prand();
cardAUTHKEY = 0xff;
if (flags & FLAG_RANDOM_NONCE) {
nonce = prand();
-void readerAttack(nonces_t ar_resp[], bool setEmulatorMem) {\r
+void readerAttack(nonces_t ar_resp[], bool setEmulatorMem, bool doStandardAttack) {\r
#define ATTACK_KEY_COUNT 8 // keep same as define in iso14443a.c -> Mifare1ksim()\r
uint64_t key = 0;\r
typedef struct {\r
#define ATTACK_KEY_COUNT 8 // keep same as define in iso14443a.c -> Mifare1ksim()\r
uint64_t key = 0;\r
typedef struct {\r
for (uint8_t i = 0; i<ATTACK_KEY_COUNT; i++) {\r
if (ar_resp[i].ar2 > 0) {\r
//PrintAndLog("DEBUG: Trying sector %d, cuid %08x, nt %08x, ar %08x, nr %08x, ar2 %08x, nr2 %08x",ar_resp[i].sector, ar_resp[i].cuid,ar_resp[i].nonce,ar_resp[i].ar,ar_resp[i].nr,ar_resp[i].ar2,ar_resp[i].nr2);\r
for (uint8_t i = 0; i<ATTACK_KEY_COUNT; i++) {\r
if (ar_resp[i].ar2 > 0) {\r
//PrintAndLog("DEBUG: Trying sector %d, cuid %08x, nt %08x, ar %08x, nr %08x, ar2 %08x, nr2 %08x",ar_resp[i].sector, ar_resp[i].cuid,ar_resp[i].nonce,ar_resp[i].ar,ar_resp[i].nr,ar_resp[i].ar2,ar_resp[i].nr2);\r
- if (mfkey32(ar_resp[i], &key)) {\r
+ if (doStandardAttack && mfkey32(ar_resp[i], &key)) {\r
PrintAndLog(" Found Key%s for sector %02d: [%04x%08x]", (ar_resp[i].keytype) ? "B" : "A", ar_resp[i].sector, (uint32_t) (key>>32), (uint32_t) (key &0xFFFFFFFF));\r
\r
for (uint8_t ii = 0; ii<ATTACK_KEY_COUNT; ii++) {\r
PrintAndLog(" Found Key%s for sector %02d: [%04x%08x]", (ar_resp[i].keytype) ? "B" : "A", ar_resp[i].sector, (uint32_t) (key>>32), (uint32_t) (key &0xFFFFFFFF));\r
\r
for (uint8_t ii = 0; ii<ATTACK_KEY_COUNT; ii++) {\r
+ } else if (tryMfk32_moebius(ar_resp[i+ATTACK_KEY_COUNT], &key)) {\r
+ uint8_t sectorNum = ar_resp[i+ATTACK_KEY_COUNT].sector;\r
+ uint8_t keyType = ar_resp[i+ATTACK_KEY_COUNT].keytype;\r
+\r
+ PrintAndLog("M-Found Key%s for sector %02d: [%012"llx"]"\r
+ , keyType ? "B" : "A"\r
+ , sectorNum\r
+ , key\r
+ );\r
+\r
+ for (uint8_t ii = 0; ii<ATTACK_KEY_COUNT; ii++) {\r
+ if (key_cnt[ii]==0 || stSector[ii]==sectorNum) {\r
+ if (keyType==0) {\r
+ //keyA\r
+ sector_trailer[ii].keyA = key;\r
+ stSector[ii] = sectorNum;\r
+ key_cnt[ii]++;\r
+ break;\r
+ } else {\r
+ //keyB\r
+ sector_trailer[ii].keyB = key;\r
+ stSector[ii] = sectorNum;\r
+ key_cnt[ii]++;\r
+ break;\r
+ }\r
+ }\r
+ }\r
+ continue;\r
PrintAndLog(" x (Optional) Crack, performs the 'reader attack', nr/ar attack against a legitimate reader, fishes out the key(s)");\r
PrintAndLog(" e (Optional) set keys found from 'reader attack' to emulator memory (implies x and i)");\r
PrintAndLog(" f (Optional) get UIDs to use for 'reader attack' from file 'f <filename.txt>' (implies x and i)");\r
PrintAndLog(" x (Optional) Crack, performs the 'reader attack', nr/ar attack against a legitimate reader, fishes out the key(s)");\r
PrintAndLog(" e (Optional) set keys found from 'reader attack' to emulator memory (implies x and i)");\r
PrintAndLog(" f (Optional) get UIDs to use for 'reader attack' from file 'f <filename.txt>' (implies x and i)");\r
- PrintAndLog(" r (Optional) Generate random nonces instead of sequential nonces.");\r
+ PrintAndLog(" r (Optional) Generate random nonces instead of sequential nonces. Standard reader attack won't work with this option, only moebius attack works.");\r
PrintAndLog("samples:");\r
PrintAndLog(" hf mf sim u 0a0a0a0a");\r
PrintAndLog(" hf mf sim u 11223344556677");\r
PrintAndLog("samples:");\r
PrintAndLog(" hf mf sim u 0a0a0a0a");\r
PrintAndLog(" hf mf sim u 11223344556677");\r
//got a response\r
nonces_t ar_resp[ATTACK_KEY_COUNT*2];\r
memcpy(ar_resp, resp.d.asBytes, sizeof(ar_resp));\r
//got a response\r
nonces_t ar_resp[ATTACK_KEY_COUNT*2];\r
memcpy(ar_resp, resp.d.asBytes, sizeof(ar_resp));\r
- readerAttack(ar_resp, setEmulatorMem);\r
+ // We can skip the standard attack if we have RANDOM_NONCE set.\r
+ readerAttack(ar_resp, setEmulatorMem, !(flags & FLAG_RANDOM_NONCE));\r
if ((bool)resp.arg[1]) {\r
PrintAndLog("Device button pressed - quitting");\r
fclose(f);\r
if ((bool)resp.arg[1]) {\r
PrintAndLog("Device button pressed - quitting");\r
fclose(f);\r
if (flags & FLAG_NR_AR_ATTACK) {\r
nonces_t ar_resp[ATTACK_KEY_COUNT*2];\r
memcpy(ar_resp, resp.d.asBytes, sizeof(ar_resp));\r
if (flags & FLAG_NR_AR_ATTACK) {\r
nonces_t ar_resp[ATTACK_KEY_COUNT*2];\r
memcpy(ar_resp, resp.d.asBytes, sizeof(ar_resp));\r
- readerAttack(ar_resp, setEmulatorMem);\r
+ // We can skip the standard attack if we have RANDOM_NONCE set.\r
+ readerAttack(ar_resp, setEmulatorMem, !(flags & FLAG_RANDOM_NONCE));\r