Merge branch 'master' into mf_info

Signed-off-by: Oleg Moiseenko <807634+merlokk@users.noreply.github.com>
This commit is contained in:
Oleg Moiseenko 2023-12-11 23:17:18 +02:00 committed by GitHub
commit 37d6430894
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 57 additions and 17 deletions

View file

@ -4,6 +4,7 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
## [unreleased][unreleased] ## [unreleased][unreleased]
- Added `hf mf info` command and static encrypted nonce detection (@merlokk) - Added `hf mf info` command and static encrypted nonce detection (@merlokk)
- Added Saflok KDF - generate MFC keys (@h1kari)
- Changed `lf fdx demod` - now raw bytes shows all data (@iceman1001) - Changed `lf fdx demod` - now raw bytes shows all data (@iceman1001)
- Changed `data num` - now can print reversed and inverse (@iceman1001) - Changed `data num` - now can print reversed and inverse (@iceman1001)
- Fixed `hf mf sim -ix` never returning console (@datatags) - Fixed `hf mf sim -ix` never returning console (@datatags)

View file

@ -58,7 +58,7 @@ The Proxmark3 is the swiss-army tool of RFID, allowing for interactions with the
|[Developing standalone mode](/armsrc/Standalone/readme.md)|[Wiki about standalone mode](https://github.com/RfidResearchGroup/proxmark3/wiki/Standalone-mode)|[Notes on Magic UID cards](/doc/magic_cards_notes.md)| |[Developing standalone mode](/armsrc/Standalone/readme.md)|[Wiki about standalone mode](https://github.com/RfidResearchGroup/proxmark3/wiki/Standalone-mode)|[Notes on Magic UID cards](/doc/magic_cards_notes.md)|
|[Notes on Color usage](/doc/colors_notes.md)|[Makefile vs CMake](/doc/md/Development/Makefile-vs-CMake.md)|[Notes on Cloner guns](/doc/cloner_notes.md)| |[Notes on Color usage](/doc/colors_notes.md)|[Makefile vs CMake](/doc/md/Development/Makefile-vs-CMake.md)|[Notes on Cloner guns](/doc/cloner_notes.md)|
|[Notes on cliparser usage](/doc/cliparser.md)|[Notes on clocks](/doc/clocks.md)|[Notes on MIFARE DESFire](/doc/desfire.md)| |[Notes on cliparser usage](/doc/cliparser.md)|[Notes on clocks](/doc/clocks.md)|[Notes on MIFARE DESFire](/doc/desfire.md)|
|[Notes on CIPURSE](/doc/cipurse.md)|[Notes on NDEF type4a](/doc/ndef_type4a.md)|| |[Notes on CIPURSE](/doc/cipurse.md)|[Notes on NDEF type4a](/doc/ndef_type4a.md)|[Notes on HID downgrades / RM](https://gist.github.com/kitsunehunter/c75294bdbd0533eca298d122c39fb1bd)|
# How to build? # How to build?

View file

@ -326,10 +326,41 @@ int mfc_algo_yale_all(uint8_t *uid, uint8_t *keys) {
int mfc_algo_saflok_one(uint8_t *uid, uint8_t sector, uint8_t keytype, uint64_t *key) { int mfc_algo_saflok_one(uint8_t *uid, uint8_t sector, uint8_t keytype, uint64_t *key) {
if (sector > 15) return PM3_EINVARG; if (sector > 15) return PM3_EINVARG;
if (key == NULL) return PM3_EINVARG; if (key == NULL) return PM3_EINVARG;
if (keytype > 2) return PM3_EINVARG;
*key = 0; if (keytype == 0 && sector == 2) {
*key = 0xFFFFFFFFFFFF;
return PM3_SUCCESS; return PM3_SUCCESS;
} }
if (keytype == 0 && sector == 1) {
*key = 0x2a2c13cc242a;
return PM3_SUCCESS;
}
if (keytype == 0) {
uint64_t lut[16] = {
0xf057b39ee3d8ULL, 0x969d954ac157ULL, 0x8f43580d2c9dULL, 0xffcce0050c43ULL,
0x341b15a690ccULL, 0x89585612e71bULL, 0xbb74b0953658ULL, 0xfb97f84b5b74ULL,
0xc9d188359f92ULL, 0x8f92e97f5897ULL, 0x166ca2b09fd1ULL, 0x27dd93101c6cULL,
0xda3e3fd649ddULL, 0x58dded078e3eULL, 0x5cd005cfd907ULL, 0x118dd00187d0ULL
};
uint8_t h = ((uid[3] >> 4) & 0xF);
h += ((uid[2] >> 4) & 0xF);
h += uid[0] & 0xF;
uint64_t m = lut[h & 0xF];
uint64_t id = (bytes_to_num(uid, 4) << 8);
*key = (h + (id + m + ((uint64_t)h << 40ULL))) & 0xFFFFFFFFFFFFULL;
} else {
*key = 0xFFFFFFFFFFFF;
}
return PM3_SUCCESS;
}
int mfc_algo_saflok_all(uint8_t *uid, uint8_t *keys) { int mfc_algo_saflok_all(uint8_t *uid, uint8_t *keys) {
if (keys == NULL) return PM3_EINVARG; if (keys == NULL) return PM3_EINVARG;
@ -583,7 +614,7 @@ int mfc_algo_touch_one(uint8_t *uid, uint8_t sector, uint8_t keytype, uint64_t *
int generator_selftest(void) { int generator_selftest(void) {
#ifndef ON_DEVICE #ifndef ON_DEVICE
#define NUM_OF_TEST 9 #define NUM_OF_TEST 10
PrintAndLogEx(INFO, "PWD / KEY generator selftest"); PrintAndLogEx(INFO, "PWD / KEY generator selftest");
PrintAndLogEx(INFO, "----------------------------"); PrintAndLogEx(INFO, "----------------------------");
@ -596,42 +627,42 @@ int generator_selftest(void) {
if (success) if (success)
testresult++; testresult++;
PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %08X - %s", sprint_hex(uid1, 7), pwd1, success ? "OK" : "->8432EB17<-"); PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %08X - %s", sprint_hex(uid1, 7), pwd1, success ? _GREEN_("ok") : "->8432EB17<-");
uint8_t uid2[] = {0x04, 0x1f, 0x98, 0xea, 0x1e, 0x3e, 0x81}; uint8_t uid2[] = {0x04, 0x1f, 0x98, 0xea, 0x1e, 0x3e, 0x81};
uint32_t pwd2 = ul_ev1_pwdgenB(uid2); uint32_t pwd2 = ul_ev1_pwdgenB(uid2);
success = (pwd2 == 0x5fd37eca); success = (pwd2 == 0x5fd37eca);
if (success) if (success)
testresult++; testresult++;
PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %08X - %s", sprint_hex(uid2, 7), pwd2, success ? "OK" : "->5fd37eca<--"); PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %08X - %s", sprint_hex(uid2, 7), pwd2, success ? _GREEN_("ok") : "->5fd37eca<--");
uint8_t uid3[] = {0x04, 0x62, 0xB6, 0x8A, 0xB4, 0x42, 0x80}; uint8_t uid3[] = {0x04, 0x62, 0xB6, 0x8A, 0xB4, 0x42, 0x80};
uint32_t pwd3 = ul_ev1_pwdgenC(uid3); uint32_t pwd3 = ul_ev1_pwdgenC(uid3);
success = (pwd3 == 0x5a349515); success = (pwd3 == 0x5a349515);
if (success) if (success)
testresult++; testresult++;
PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %08X - %s", sprint_hex(uid3, 7), pwd3, success ? "OK" : "->5a349515<--"); PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %08X - %s", sprint_hex(uid3, 7), pwd3, success ? _GREEN_("ok") : "->5a349515<--");
uint8_t uid4[] = {0x04, 0xC5, 0xDF, 0x4A, 0x6D, 0x51, 0x80}; uint8_t uid4[] = {0x04, 0xC5, 0xDF, 0x4A, 0x6D, 0x51, 0x80};
uint32_t pwd4 = ul_ev1_pwdgenD(uid4); uint32_t pwd4 = ul_ev1_pwdgenD(uid4);
success = (pwd4 == 0x72B1EC61); success = (pwd4 == 0x72B1EC61);
if (success) if (success)
testresult++; testresult++;
PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %08X - %s", sprint_hex(uid4, 7), pwd4, success ? "OK" : "->72B1EC61<--"); PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %08X - %s", sprint_hex(uid4, 7), pwd4, success ? _GREEN_("ok") : "->72B1EC61<--");
uint8_t uid5[] = {0x04, 0xA0, 0x3C, 0xAA, 0x1E, 0x70, 0x80}; uint8_t uid5[] = {0x04, 0xA0, 0x3C, 0xAA, 0x1E, 0x70, 0x80};
uint32_t pwd5 = ul_ev1_pwdgenE(uid5); uint32_t pwd5 = ul_ev1_pwdgenE(uid5);
success = (pwd5 == 0xCD91AFCC); success = (pwd5 == 0xCD91AFCC);
if (success) if (success)
testresult++; testresult++;
PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %08X - %s", sprint_hex(uid5, 7), pwd5, success ? "OK" : "->CD91AFCC<--"); PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %08X - %s", sprint_hex(uid5, 7), pwd5, success ? _GREEN_("ok") : "->CD91AFCC<--");
uint8_t uid6[] = {0x04, 0x77, 0x42, 0xAB, 0xEF, 0x42, 0x70}; uint8_t uid6[] = {0x04, 0x77, 0x42, 0xAB, 0xEF, 0x42, 0x70};
uint32_t pwd6 = ul_ev1_pwdgenF(uid6); uint32_t pwd6 = ul_ev1_pwdgenF(uid6);
success = (pwd6 == 0xA9C4C3C0); success = (pwd6 == 0xA9C4C3C0);
if (success) if (success)
testresult++; testresult++;
PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %08X - %s", sprint_hex(uid6, 7), pwd6, success ? "OK" : "->A9C4C3C0<--"); PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %08X - %s", sprint_hex(uid6, 7), pwd6, success ? _GREEN_("ok") : "->A9C4C3C0<--");
uint8_t uid7[] = {0x04, 0x0D, 0x4B, 0x5A, 0xC5, 0x71, 0x81}; uint8_t uid7[] = {0x04, 0x0D, 0x4B, 0x5A, 0xC5, 0x71, 0x81};
uint8_t mfg[] = {0x32, 0x31, 0x30, 0x36, 0x32, 0x38, 0x20, 0x35, 0x32, 0x4D}; uint8_t mfg[] = {0x32, 0x31, 0x30, 0x36, 0x32, 0x38, 0x20, 0x35, 0x32, 0x4D};
@ -639,13 +670,13 @@ int generator_selftest(void) {
success = (pwd7 == 0xFBCFACC1); success = (pwd7 == 0xFBCFACC1);
if (success) if (success)
testresult++; testresult++;
PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %08X - %s", sprint_hex(uid7, 7), pwd7, success ? "OK" : "->FBCFACC1<--"); PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %08X - %s", sprint_hex(uid7, 7), pwd7, success ? _GREEN_("ok") : "->FBCFACC1<--");
// uint8_t uid5[] = {0x11, 0x22, 0x33, 0x44}; // uint8_t uid5[] = {0x11, 0x22, 0x33, 0x44};
// uint64_t key1 = mfc_algo_a(uid5); // uint64_t key1 = mfc_algo_a(uid5);
// success = (key1 == 0xD1E2AA68E39A); // success = (key1 == 0xD1E2AA68E39A);
// PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %"PRIx64" - %s", sprint_hex(uid5, 4), key1, success ? "OK" : "->D1E2AA68E39A<--"); // PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %"PRIx64" - %s", sprint_hex(uid5, 4), key1, success ? _GREEN_("ok") : "->D1E2AA68E39A<--");
uint8_t uid8[] = {0x74, 0x57, 0xCA, 0xA9}; uint8_t uid8[] = {0x74, 0x57, 0xCA, 0xA9};
uint64_t key8 = 0; uint64_t key8 = 0;
@ -653,16 +684,24 @@ int generator_selftest(void) {
success = (key8 == 0x82c7e64bc565); success = (key8 == 0x82c7e64bc565);
if (success) if (success)
testresult++; testresult++;
PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %"PRIx64" - %s", sprint_hex(uid8, 4), key8, success ? "OK" : "->82C7E64BC565<--"); PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %"PRIx64" - %s", sprint_hex(uid8, 4), key8, success ? _GREEN_("ok") : "->82C7E64BC565<--");
// MFC SAFLOK
uint8_t uid9[] = {0x11, 0x22, 0x33, 0x44};
uint64_t key9 = 0;
mfc_algo_saflok_one(uid9, 0, 0, &key9);
success = (key9 == 0xD1E2AA68E39A);
if (success)
testresult++;
PrintAndLogEx(success ? SUCCESS : WARNING, "UID | %s | %"PRIX64" - %s", sprint_hex(uid9, 4), key9, success ? _GREEN_("ok") : _RED_(">> D1E2AA68E39A <<"));
uint32_t lf_id = lf_t55xx_white_pwdgen(0x00000080); uint32_t lf_id = lf_t55xx_white_pwdgen(0x00000080);
success = (lf_id == 0x00018383); success = (lf_id == 0x00018383);
if (success) if (success)
testresult++; testresult++;
PrintAndLogEx(success ? SUCCESS : WARNING, "ID | 0x00000080 | %08"PRIx32 " - %s", lf_id, success ? "OK" : "->00018383<--"); PrintAndLogEx(success ? SUCCESS : WARNING, "ID | 0x00000080 | %08"PRIx32 " - %s", lf_id, success ? _GREEN_("ok") : "->00018383<--");
PrintAndLogEx(SUCCESS, "------------------- Selftest %s", (testresult == NUM_OF_TEST) ? "OK" : "fail"); PrintAndLogEx(SUCCESS, "------------------- Selftest %s", (testresult == NUM_OF_TEST) ? _GREEN_("ok") : _RED_("fail"));
#endif #endif
return PM3_SUCCESS; return PM3_SUCCESS;

View file

@ -6,7 +6,7 @@ The Proxmark3 client uses a wide range of files. Here is a brief recap to get yo
|---|---| |---|---|
| .exe | windows executable | | .exe | windows executable |
| .bin | binary file, can be firmware or memory dump of a tag or keys dump of a tag| | .bin | binary file, can be firmware or memory dump of a tag or keys dump of a tag|
| .eml | text file, with memory dump of a tag | | .eml | text file, with memory dump of a tag (deprecated) |
| .mfd | binary file, MIFARE file dump, name comes from NFC-Tools. Usually created with Mifare Classic Tool app (MCT) or NFC-Tools, contains memory dump of tag. Very similar to .bin file | | .mfd | binary file, MIFARE file dump, name comes from NFC-Tools. Usually created with Mifare Classic Tool app (MCT) or NFC-Tools, contains memory dump of tag. Very similar to .bin file |
| .json | JSON file, usually settings file or it can also be a memory dump of a tag | | .json | JSON file, usually settings file or it can also be a memory dump of a tag |
| .dic | dictionary file. textual, with keys/passwords one line / key | | .dic | dictionary file. textual, with keys/passwords one line / key |

View file

@ -402,7 +402,7 @@ while true; do
if ! CheckExecute "reveng readline test" "$CLIENTBIN -c 'reveng -h;reveng -D'" "CRC-64/GO-ISO"; then break; fi if ! CheckExecute "reveng readline test" "$CLIENTBIN -c 'reveng -h;reveng -D'" "CRC-64/GO-ISO"; then break; fi
if ! CheckExecute "reveng -g test" "$CLIENTBIN -c 'reveng -g abda202c'" "CRC-16/ISO-IEC-14443-3-A"; then break; fi if ! CheckExecute "reveng -g test" "$CLIENTBIN -c 'reveng -g abda202c'" "CRC-16/ISO-IEC-14443-3-A"; then break; fi
if ! CheckExecute "reveng -w test" "$CLIENTBIN -c 'reveng -w 8 -s 01020304e3 010204039d'" "CRC-8/SMBUS"; then break; fi if ! CheckExecute "reveng -w test" "$CLIENTBIN -c 'reveng -w 8 -s 01020304e3 010204039d'" "CRC-8/SMBUS"; then break; fi
if ! CheckExecute "mfu pwdgen test" "$CLIENTBIN -c 'hf mfu pwdgen -t'" "Selftest OK"; then break; fi if ! CheckExecute "mfu pwdgen test" "$CLIENTBIN -c 'hf mfu pwdgen -t'" "Selftest ok"; then break; fi
if ! CheckExecute "mfu keygen test" "$CLIENTBIN -c 'hf mfu keygen --uid 11223344556677'" "80 B1 C2 71 D8 A0"; then break; fi if ! CheckExecute "mfu keygen test" "$CLIENTBIN -c 'hf mfu keygen --uid 11223344556677'" "80 B1 C2 71 D8 A0"; then break; fi
if ! CheckExecute "jooki encode test" "$CLIENTBIN -c 'hf jooki encode -t'" "04 28 F4 DA F0 4A 81 \( ok \)"; then break; fi if ! CheckExecute "jooki encode test" "$CLIENTBIN -c 'hf jooki encode -t'" "04 28 F4 DA F0 4A 81 \( ok \)"; then break; fi
if ! CheckExecute "trace load/list 14a" "$CLIENTBIN -c 'trace load -f traces/hf_14a_mfu.trace; trace list -1 -t 14a;'" "READBLOCK\(8\)"; then break; fi if ! CheckExecute "trace load/list 14a" "$CLIENTBIN -c 'trace load -f traces/hf_14a_mfu.trace; trace list -1 -t 14a;'" "READBLOCK\(8\)"; then break; fi