From 6067df30c59dc58dd4bb0bb922fd28087d3f58f9 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Wed, 10 Aug 2016 10:55:29 +0200 Subject: [PATCH] FIX: at least now the special zero parity attack, repeats and doesn't crash. However it doesn't find the key either :( --- armsrc/iso14443a.c | 17 ++++++++++------- client/cmdhfmf.c | 7 ++++++- client/nonce2key/crapto1.c | 3 ++- client/nonce2key/nonce2key.c | 2 +- 4 files changed, 19 insertions(+), 10 deletions(-) diff --git a/armsrc/iso14443a.c b/armsrc/iso14443a.c index a2014079..642e8899 100644 --- a/armsrc/iso14443a.c +++ b/armsrc/iso14443a.c @@ -867,10 +867,10 @@ void SimulateIso14443aTag(int tagType, int flags, byte_t* data) { uint8_t cardAUTHKEY = 0xff; // no authentication // allow collecting up to 8 sets of nonces to allow recovery of up to 8 keys #define ATTACK_KEY_COUNT 8 // keep same as define in cmdhfmf.c -> readerAttack() - nonces_t ar_nr_resp[ATTACK_KEY_COUNT*2]; //*2 for 2 separate attack types (nml, moebius) + nonces_t ar_nr_resp[ATTACK_KEY_COUNT*2]; // for 2 separate attack types (nml, moebius) memset(ar_nr_resp, 0x00, sizeof(ar_nr_resp)); - uint8_t ar_nr_collected[ATTACK_KEY_COUNT*2]; //*2 for 2nd attack type (moebius) + uint8_t ar_nr_collected[ATTACK_KEY_COUNT*2]; // for 2nd attack type (moebius) memset(ar_nr_collected, 0x00, sizeof(ar_nr_collected)); uint8_t nonce1_count = 0; uint8_t nonce2_count = 0; @@ -2218,10 +2218,11 @@ void ReaderMifare(bool first_try, uint8_t block, uint8_t keytype ) { set_tracing(TRUE); iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD); - - if (first_try) { - sync_time = GetCountSspClk() & 0xfffffff8; - sync_cycles = PRNG_SEQUENCE_LENGTH + 1130; //65536; //0x10000 // Mifare Classic's random generator repeats every 2^16 cycles (and so do the nonces). + sync_time = GetCountSspClk() & 0xfffffff8; + // iceman, i add 1130 because during my observations this makse the syncronization much fast to sync. + sync_cycles = PRNG_SEQUENCE_LENGTH + 1130; //65536; // Mifare Classic's random generator repeats every 2^16 cycles (and so do the nonces). + + if (first_try) { mf_nr_ar3 = 0; nt_attacked = 0; par_low = 0; @@ -2294,7 +2295,9 @@ void ReaderMifare(bool first_try, uint8_t block, uint8_t keytype ) { WDT_HIT(); LED_B_ON(); - if (first_try && previous_nt && !nt_attacked) { // we didn't calibrate our clock yet + // we didn't calibrate our clock yet, + // iceman: has to be calibrated every time. + if (previous_nt && !nt_attacked) { nt_distance = dist_nt(previous_nt, nt); diff --git a/client/cmdhfmf.c b/client/cmdhfmf.c index 5465c4d4..65c9dcb7 100644 --- a/client/cmdhfmf.c +++ b/client/cmdhfmf.c @@ -217,7 +217,12 @@ start: if (isOK == -4 && par_list == 0) { // this special attack when parities is zero, uses checkkeys. Which now with block/keytype option also needs. // but it uses 0|1 instead of 0x60|0x61... - if (!nonce2key_ex(blockNo, keytype - 0x60 , uid, nt, nr, ks_list, &r_key) ){ + if (nonce2key_ex(blockNo, keytype - 0x60 , uid, nt, nr, ks_list, &r_key) ){ + PrintAndLog("Key not found (lfsr_common_prefix list is null)."); + PrintAndLog("Failing is expected to happen in 25%% of all cases. Trying again with a different reader nonce..."); + c.arg[0] = false; + goto start; + } else { PrintAndLog("Found valid key: %012"llx" \n", r_key); goto END; } diff --git a/client/nonce2key/crapto1.c b/client/nonce2key/crapto1.c index a0cd52fe..b5532396 100644 --- a/client/nonce2key/crapto1.c +++ b/client/nonce2key/crapto1.c @@ -549,7 +549,8 @@ struct Crypto1State* lfsr_common_prefix_ex(uint32_t pfx, uint8_t ks[8]) s = check_pfx_parity_ex(pfx, *o, *e, s); } - s->odd = s->even = 0; + // in this version, -1 signifies end of states + s->odd = s->even = -1; out: free(odd); diff --git a/client/nonce2key/nonce2key.c b/client/nonce2key/nonce2key.c index 3a902ac5..ac2db645 100644 --- a/client/nonce2key/nonce2key.c +++ b/client/nonce2key/nonce2key.c @@ -94,7 +94,6 @@ int nonce2key_ex(uint8_t blockno, uint8_t keytype, uint32_t uid, uint32_t nt, ui state = lfsr_common_prefix_ex(nr, ks3x); state_s = (int64_t*)state; - PrintAndLog("Prefix"); for (i = 0; (state) && ((state + i)->odd != -1); i++) { lfsr_rollback_word(state + i, uid ^ nt, 0); @@ -152,6 +151,7 @@ int nonce2key_ex(uint8_t blockno, uint8_t keytype, uint32_t uid, uint32_t nt, ui } } + free(last_keylist); last_keylist = state_s; return 1; -- 2.39.2