proxmark3/client/scripts/hard.lua

local cmds = require('commands')
local getopt = require('getopt')
local utils = require('utils')
local lib14a = require('read14a')

example = "script iterates over all possible sectors for a tag and runs hardnested attack against them to collect the keys."
author = "Iceman"
desc =
[[
This script iterates over all possible sectors for a tag and runs hardnested attack against them to collect the keys.

Arguments:
	-k 				Known key, 6 bytes (12 hex digits)
Examples : 
	script hard -b 112233445566
]]

local numBlocks = 64
local numSectors = 16
local DEBUG = TRUE
--- 
-- A debug printout-function
function dbg(args)
	if not DEBUG then return end
	
    if type(args) == "table" then
		local i = 1
		while result[i] do
			dbg(result[i])
			i = i+1
		end
	else
		print("###", args)
	end	
end	
--- 
-- This is only meant to be used when errors occur
function oops(err)
	print("ERROR: ",err)
	return nil,err
end
--- 
-- Usage help
function help()
	print(desc)
	print("Example usage")
	print(example)
end
--
-- Exit message
function ExitMsg(msg)
	print( string.rep('--',20) )
	print( string.rep('--',20) )
	print(msg)
	print()
end
---
-- a simple selftest function,
local function selftest()
	return nil
end

--- 
-- The main entry point
function main(args)

	local blockno = '00'
	local keytype = 0 --A  01==B
	local key = 'fc00018778f7'
	local trgkey = ''
	
	local data
	-- Read the parameters
	for o, a in getopt.getopt(args, 'hk:t') do
		if o == "h" then return help() end
		if o == "k" then key = a end
		if o == "t" then return selftest() end
	end

	-- Turn off Debug
	local cmdSetDbgOff = "hf mf dbg 0"
	core.console( cmdSetDbgOff) 
	-- identify tag
	result, err = lib14a.read1443a(false)
	if not result then
		return oops(err)
	end
	core.clearCommandBuffer()
	
	-- Show tag info
	print((' Found tag %s'):format(result.name))
	
	local keys = {}
	-- loop
	for i=4, 12	, 4 do
		for trgkeytype=0,1 do
			local trgblockno = ("%02d"):format(i)
			local err, found_key = core.hardnested(blockno, keytype, key, trgblockno, trgkeytype, trgkey, 0,0,0,0)			
			
			table.insert( keys ,  { ["success"] = err, ["sector"] = i, ["type"] = trgkeytype, ["key"] =  utils.ConvertAsciiToHex(found_key) } )
		end
	end
	--print
	for k,v in pairs(keys) do 
		for a,b in pairs(v) do print(a,b) end
	end
end

main(args)
ADD: added the 'hf mf hardnested' to be called within LUA scripts. ADD: 'script run hard' - a first try for a lua script to run the hardnested attack on a complete tag. 2016-11-21 23:08:12 +08:00			`local cmds = require('commands')`
			`local getopt = require('getopt')`
			`local utils = require('utils')`
			`local lib14a = require('read14a')`

			`example = "script iterates over all possible sectors for a tag and runs hardnested attack against them to collect the keys."`
			`author = "Iceman"`
			`desc =`
			`[[`
			`This script iterates over all possible sectors for a tag and runs hardnested attack against them to collect the keys.`

			`Arguments:`
			`-k Known key, 6 bytes (12 hex digits)`
			`Examples :`
			`script hard -b 112233445566`
			`]]`

			`local numBlocks = 64`
			`local numSectors = 16`
			`local DEBUG = TRUE`
			`---`
			`-- A debug printout-function`
			`function dbg(args)`
			`if not DEBUG then return end`

			`if type(args) == "table" then`
			`local i = 1`
			`while result[i] do`
			`dbg(result[i])`
			`i = i+1`
			`end`
			`else`
			`print("###", args)`
			`end`
			`end`
			`---`
			`-- This is only meant to be used when errors occur`
			`function oops(err)`
			`print("ERROR: ",err)`
			`return nil,err`
			`end`
			`---`
			`-- Usage help`
			`function help()`
			`print(desc)`
			`print("Example usage")`
			`print(example)`
			`end`
			`--`
			`-- Exit message`
			`function ExitMsg(msg)`
			`print( string.rep('--',20) )`
			`print( string.rep('--',20) )`
			`print(msg)`
			`print()`
			`end`
			`---`
			`-- a simple selftest function,`
			`local function selftest()`
			`return nil`
			`end`

			`---`
			`-- The main entry point`
			`function main(args)`

			`local blockno = '00'`
			`local keytype = 0 --A 01==B`
			`local key = 'fc00018778f7'`
			`local trgkey = ''`

			`local data`
			`-- Read the parameters`
			`for o, a in getopt.getopt(args, 'hk:t') do`
			`if o == "h" then return help() end`
			`if o == "k" then key = a end`
			`if o == "t" then return selftest() end`
			`end`

			`-- Turn off Debug`
			`local cmdSetDbgOff = "hf mf dbg 0"`
			`core.console( cmdSetDbgOff)`
			`-- identify tag`
			`result, err = lib14a.read1443a(false)`
			`if not result then`
			`return oops(err)`
			`end`
			`core.clearCommandBuffer()`

			`-- Show tag info`
			`print((' Found tag %s'):format(result.name))`

			`local keys = {}`
			`-- loop`
			`for i=4, 12 , 4 do`
			`for trgkeytype=0,1 do`
			`local trgblockno = ("%02d"):format(i)`
			`local err, found_key = core.hardnested(blockno, keytype, key, trgblockno, trgkeytype, trgkey, 0,0,0,0)`

			`table.insert( keys , { ["success"] = err, ["sector"] = i, ["type"] = trgkeytype, ["key"] = utils.ConvertAsciiToHex(found_key) } )`
			`end`
			`end`
			`--print`
			`for k,v in pairs(keys) do`
			`for a,b in pairs(v) do print(a,b) end`
			`end`
			`end`

			`main(args)`