FIX: some adjustments to prng detection

This commit is contained in:
iceman1001 2017-07-04 20:11:25 +02:00
parent cb7ececdce
commit 3ca3d401c0
4 changed files with 12 additions and 17 deletions

View file

@ -134,7 +134,6 @@ int mifare_classic_authex(struct Crypto1State *pcs, uint32_t uid, uint8_t blockN
// Transmit MIFARE_CLASSIC_AUTH
len = mifare_sendcmd_short(pcs, isNested, 0x60 + (keyType & 0x01), blockNo, receivedAnswer, receivedAnswerPar, timing);
if (MF_DBGLEVEL >= 4) Dbprintf("rand tag nonce len: %x", len);
if (len != 4) return 1;
// Save the tag nonce (nt)

View file

@ -247,14 +247,14 @@ int CmdHF14AReader(const char *Cmd) {
}
break;
case 0x01: PrintAndLog("TYPE : NXP TNP3xxx Activision Game Appliance"); break;
case 0x04: PrintAndLog("TYPE : NXP MIFARE (various !DESFire !DESFire EV1)"); break;
case 0x04: PrintAndLog("TYPE : NXP MIFARE (various !DESFire !DESFire EV1)"); isMifareClassic = false; break;
case 0x08: PrintAndLog("TYPE : NXP MIFARE CLASSIC 1k | Plus 2k SL1"); break;
case 0x09: PrintAndLog("TYPE : NXP MIFARE Mini 0.3k"); break;
case 0x10: PrintAndLog("TYPE : NXP MIFARE Plus 2k SL2"); break;
case 0x11: PrintAndLog("TYPE : NXP MIFARE Plus 4k SL2"); break;
case 0x18: PrintAndLog("TYPE : NXP MIFARE Classic 4k | Plus 4k SL1"); break;
case 0x20: PrintAndLog("TYPE : NXP MIFARE DESFire 4k | DESFire EV1 2k/4k/8k | Plus 2k/4k SL3 | JCOP 31/41"); break;
case 0x24: PrintAndLog("TYPE : NXP MIFARE DESFire | DESFire EV1"); break;
case 0x20: PrintAndLog("TYPE : NXP MIFARE DESFire 4k | DESFire EV1 2k/4k/8k | Plus 2k/4k SL3 | JCOP 31/41"); isMifareClassic = false; break;
case 0x24: PrintAndLog("TYPE : NXP MIFARE DESFire | DESFire EV1"); isMifareClassic = false; break;
case 0x28: PrintAndLog("TYPE : JCOP31 or JCOP41 v2.3.1"); break;
case 0x38: PrintAndLog("TYPE : Nokia 6212 or 6131 MIFARE CLASSIC 4K"); break;
case 0x88: PrintAndLog("TYPE : Infineon MIFARE CLASSIC 1K"); break;
@ -414,7 +414,7 @@ int CmdHF14AReader(const char *Cmd) {
if (isMifareClassic) {
if ( detect_classic_prng() )
PrintAndLog("Prng detection: WEAK (darkside)");
PrintAndLog("Prng detection: WEAK");
else
PrintAndLog("Prng detection: HARDEND (hardnested)");
}

View file

@ -182,6 +182,8 @@ start:
(void)tmpchar;
}
UsbCommand resp;
// wait cycle
while (true) {
printf(".");
@ -193,7 +195,6 @@ start:
break;
}
UsbCommand resp;
if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
isOK = resp.arg[0];
printf("\n");
@ -239,7 +240,6 @@ start:
c.arg[0] = false;
goto start;
} else {
// nonce2key found a candidate key. Lets verify it.
uint8_t keyblock[] = {0,0,0,0,0,0};
num_to_bytes(r_key, 6, keyblock);

View file

@ -212,7 +212,7 @@ int mfKeyBrute(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint64_t *resultk
#define KEYS_IN_BLOCK 85
#define KEYBLOCK_SIZE 510
#define CANDIDATE_SIZE 0xFFFF * 6
uint8_t found = FALSE;
uint8_t found = false;
uint64_t key64 = 0;
uint8_t candidates[CANDIDATE_SIZE] = {0x00};
uint8_t keyBlock[KEYBLOCK_SIZE] = {0x00};
@ -239,9 +239,9 @@ int mfKeyBrute(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint64_t *resultk
memcpy(keyBlock, candidates + i, KEYBLOCK_SIZE);
// check a block of generated candidate keys.
if (!mfCheckKeys(blockNo, keyType, TRUE, KEYS_IN_BLOCK, keyBlock, &key64)) {
if (!mfCheckKeys(blockNo, keyType, true, KEYS_IN_BLOCK, keyBlock, &key64)) {
*resultkey = key64;
found = TRUE;
found = true;
break;
}
@ -414,7 +414,6 @@ int loadTraceCard(uint8_t *tuid, uint8_t uidlen) {
PrintAndLog("No trace file found or reading error.");
if (f) {
fclose(f);
f = NULL;
}
return 2;
}
@ -424,7 +423,6 @@ int loadTraceCard(uint8_t *tuid, uint8_t uidlen) {
PrintAndLog("File content error. Block data must include 32 HEX symbols");
if (f) {
fclose(f);
f = NULL;
}
return 2;
}
@ -437,7 +435,6 @@ int loadTraceCard(uint8_t *tuid, uint8_t uidlen) {
}
if (f) {
fclose(f);
f = NULL;
}
return 0;
}
@ -458,7 +455,6 @@ int saveTraceCard(void) {
fflush(f);
if (f) {
fclose(f);
f = NULL;
}
return 0;
}
@ -670,7 +666,7 @@ int tryDecryptWord(uint32_t nt, uint32_t ar_enc, uint32_t at_enc, uint8_t *data,
ks2 = ar_enc ^ prng_successor(nt, 64);
ks3 = at_enc ^ prng_successor(nt, 96);
s = lfsr_recovery64(ks2, ks3);
mf_crypto1_decrypt(s, data, len, FALSE);
mf_crypto1_decrypt(s, data, len, false);
PrintAndLog("Decrypted data: [%s]", sprint_hex(data, len) );
crypto1_destroy(s);
return 0;
@ -680,7 +676,7 @@ int tryDecryptWord(uint32_t nt, uint32_t ar_enc, uint32_t at_enc, uint8_t *data,
* function performs a partial AUTH, where it tries to authenticate against block0, key A, but only collects tag nonce.
* the tag nonce is check to see if it has a predictable PRNG.
* @returns
* TRUE if tag uses WEAK prng (ie Darkside attack possible)
* TRUE if tag uses WEAK prng (ie Now the NACK bug also needs to be present for Darkside attack)
* FALSE is tag uses HARDEND prng (ie hardnested attack possible, with known key)
*/
bool detect_classic_prng(){