From 3d82da8ebe9a87f6e60984fb7274abe31f9b4dc9 Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Sat, 21 Aug 2021 14:52:45 +0300 Subject: [PATCH 1/6] fix value operations in the encoded state --- client/src/cmdhfmfdes.c | 4 ++++ client/src/mifare/desfiresecurechan.c | 10 +++++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/client/src/cmdhfmfdes.c b/client/src/cmdhfmfdes.c index 09317ddb0..98fca667e 100644 --- a/client/src/cmdhfmfdes.c +++ b/client/src/cmdhfmfdes.c @@ -4227,6 +4227,8 @@ static int CmdHF14ADesValueOperations(const char *Cmd) { DropField(); return PM3_ESOFT; } + if (verbose) + PrintAndLogEx(INFO, "Operation %s OK", CLIGetOptionListStr(DesfireValueFileOperOpts, op)); if (op == MFDES_GET_VALUE) { PrintAndLogEx(SUCCESS, "Value: " _GREEN_("%d (0x%08x)"), value, value); @@ -4238,6 +4240,8 @@ static int CmdHF14ADesValueOperations(const char *Cmd) { DropField(); return PM3_ESOFT; } + if (verbose) + PrintAndLogEx(INFO, "Commit OK"); PrintAndLogEx(SUCCESS, "Value changed " _GREEN_("successfully")); } diff --git a/client/src/mifare/desfiresecurechan.c b/client/src/mifare/desfiresecurechan.c index a26dbe312..b40e08b76 100644 --- a/client/src/mifare/desfiresecurechan.c +++ b/client/src/mifare/desfiresecurechan.c @@ -28,13 +28,16 @@ static const uint8_t CommandsCanUseAnyChannel[] = { MFDES_READ_DATA2, MFDES_WRITE_DATA, MFDES_WRITE_DATA2, - MFDES_GET_VALUE, MFDES_READ_RECORDS, MFDES_READ_RECORDS2, MFDES_WRITE_RECORD, MFDES_WRITE_RECORD2, MFDES_UPDATE_RECORD, MFDES_UPDATE_RECORD2, + MFDES_GET_VALUE, + MFDES_CREDIT, + MFDES_DEBIT, + MFDES_LIMITED_CREDIT, }; static bool CommandCanUseAnyChannel(uint8_t cmd) { @@ -154,6 +157,7 @@ static const AllowedChannelModesS AllowedChannelModes[] = { {MFDES_GET_FILE_SETTINGS, DACLRP, DCCNative, DCMMACed}, {MFDES_GET_KEY_VERSION, DACLRP, DCCNative, DCMMACed}, {MFDES_CLEAR_RECORD_FILE, DACLRP, DCCNative, DCMMACed}, + {MFDES_COMMIT_TRANSACTION, DACLRP, DCCNative, DCMMACed}, {MFDES_GET_UID, DACLRP, DCCNative, DCMEncrypted}, {MFDES_CHANGE_FILE_SETTINGS, DACLRP, DCCNative, DCMEncrypted}, @@ -183,6 +187,10 @@ static const CmdHeaderLengthsS CmdHeaderLengths[] = { {MFDES_WRITE_RECORD2, 7}, {MFDES_UPDATE_RECORD, 10}, {MFDES_UPDATE_RECORD2, 10}, + {MFDES_GET_VALUE, 1}, + {MFDES_CREDIT, 1}, + {MFDES_DEBIT, 1}, + {MFDES_LIMITED_CREDIT, 1}, }; static uint8_t DesfireGetCmdHeaderLen(uint8_t cmd) { From 4ffddb3c6d8ada267c03efa76bcbeba2dbd325af Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Sat, 21 Aug 2021 15:09:13 +0300 Subject: [PATCH 2/6] add hints --- client/src/cmdhfmfdes.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/client/src/cmdhfmfdes.c b/client/src/cmdhfmfdes.c index 98fca667e..3e62f5039 100644 --- a/client/src/cmdhfmfdes.c +++ b/client/src/cmdhfmfdes.c @@ -4147,7 +4147,9 @@ static int CmdHF14ADesValueOperations(const char *Cmd) { "Get File Settings from file from application. Master key needs to be provided or flag --no-auth set (depend on cards settings).", "hf mfdes value --aid 123456 --fid 01 -> get value app=123456, file=01 with defaults from `default` command\n" "hf mfdes value --aid 123456 --fid 01 --op credit -d 00000001 -> credit value app=123456, file=01 with defaults from `default` command\n" - "hf mfdes value -n 0 -t des -k 0000000000000000 -f none --aid 123456 --fid 01 -> get value with default factory setup"); + "hf mfdes value -n 0 -t des -k 0000000000000000 -f none --aid 123456 --fid 01 -> get value with default factory setup\n" + "hf mfdes val --appisoid df01 --fid 03 -s lrp -t aes -n 1 --op credit --d 00000001 -m encrypt -> credit value in the lrp encrypted mode\n" + "hf mfdes val --appisoid df01 --fid 03 -s lrp -t aes -n 1 --op get -m plain -> get value in plain (nevertheless of mode) works for desfire light (look SetConfiguration option 0x09)"); void *argtable[] = { arg_param_begin, @@ -4228,7 +4230,7 @@ static int CmdHF14ADesValueOperations(const char *Cmd) { return PM3_ESOFT; } if (verbose) - PrintAndLogEx(INFO, "Operation %s OK", CLIGetOptionListStr(DesfireValueFileOperOpts, op)); + PrintAndLogEx(INFO, "Operation %s " _GREEN_("OK"), CLIGetOptionListStr(DesfireValueFileOperOpts, op)); if (op == MFDES_GET_VALUE) { PrintAndLogEx(SUCCESS, "Value: " _GREEN_("%d (0x%08x)"), value, value); @@ -4241,7 +4243,7 @@ static int CmdHF14ADesValueOperations(const char *Cmd) { return PM3_ESOFT; } if (verbose) - PrintAndLogEx(INFO, "Commit OK"); + PrintAndLogEx(INFO, "Commit " _GREEN_("OK")); PrintAndLogEx(SUCCESS, "Value changed " _GREEN_("successfully")); } From 0b04e2284c13a2256f182c6ec8fbe82aa8a9cca0 Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Sat, 21 Aug 2021 15:20:42 +0300 Subject: [PATCH 3/6] fix read bug --- client/src/cmdhfmfdes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/src/cmdhfmfdes.c b/client/src/cmdhfmfdes.c index 3e62f5039..338e9c6e7 100644 --- a/client/src/cmdhfmfdes.c +++ b/client/src/cmdhfmfdes.c @@ -4768,7 +4768,7 @@ static int CmdHF14ADesReadData(const char *Cmd) { return PM3_EINVARG; } - res = DesfireSelectAndAuthenticateW(&dctx, securechann, selectway, id, noauth, true, fileisoid, verbose); + res = DesfireSelectAndAuthenticateW(&dctx, securechann, selectway, id, fileisoidpresent, fileisoid, noauth, verbose); if (res != PM3_SUCCESS) { DropField(); PrintAndLogEx(FAILED, "Select or authentication %s " _RED_("failed") ". Result [%d] %s", DesfireWayIDStr(selectway, id), res, DesfireAuthErrorToStr(res)); From aac6c7dea7c3c8b06f2cc07d2bef20662ecc1a3e Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Sat, 21 Aug 2021 15:38:19 +0300 Subject: [PATCH 4/6] fix write iso mode --- client/src/cmdhfmfdes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/src/cmdhfmfdes.c b/client/src/cmdhfmfdes.c index 338e9c6e7..2bf56c189 100644 --- a/client/src/cmdhfmfdes.c +++ b/client/src/cmdhfmfdes.c @@ -4966,7 +4966,7 @@ static int CmdHF14ADesWriteData(const char *Cmd) { if (trkeylen > 0) DesfireGetCardUID(&dctx); - res = DesfireSelectAndAuthenticateW(&dctx, securechann, selectway, id, noauth, true, fileisoid, verbose); + res = DesfireSelectAndAuthenticateW(&dctx, securechann, selectway, id, fileisoidpresent, fileisoid, noauth, verbose); if (res != PM3_SUCCESS) { DropField(); PrintAndLogEx(FAILED, "Select or authentication %s " _RED_("failed") ". Result [%d] %s", DesfireWayIDStr(selectway, id), res, DesfireAuthErrorToStr(res)); From a5668a91a22162038daf20c904a4abd88f7685f1 Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Sat, 21 Aug 2021 15:42:28 +0300 Subject: [PATCH 5/6] fix setconfig --- client/src/cmdhfmfdes.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/client/src/cmdhfmfdes.c b/client/src/cmdhfmfdes.c index 2bf56c189..f63025fa7 100644 --- a/client/src/cmdhfmfdes.c +++ b/client/src/cmdhfmfdes.c @@ -2102,9 +2102,10 @@ static int CmdHF14ADesSetConfiguration(const char *Cmd) { PrintAndLogEx(INFO, _CYAN_("%s %06x") " param ID: 0x%02x param[%d]: %s", DesfireSelectWayToStr(selectway), id, paramid, paramlen, sprint_hex(param, paramlen)); } - res = DesfireSelectAndAuthenticateW(&dctx, securechann, selectway, id, false, 0, false, verbose); + res = DesfireSelectAndAuthenticateAppW(&dctx, securechann, selectway, id, false, verbose); if (res != PM3_SUCCESS) { DropField(); + PrintAndLogEx(FAILED, "Select or authentication %s " _RED_("failed") ". Result [%d] %s", DesfireWayIDStr(selectway, id), res, DesfireAuthErrorToStr(res)); return res; } From 62d98f2218fe0df9911f6b1d2caba8a1b3874c1c Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Sat, 21 Aug 2021 15:45:17 +0300 Subject: [PATCH 6/6] added abort transaction to the channel --- client/src/mifare/desfiresecurechan.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/client/src/mifare/desfiresecurechan.c b/client/src/mifare/desfiresecurechan.c index b40e08b76..37da5f394 100644 --- a/client/src/mifare/desfiresecurechan.c +++ b/client/src/mifare/desfiresecurechan.c @@ -82,6 +82,7 @@ static const AllowedChannelModesS AllowedChannelModes[] = { {MFDES_GET_FILE_IDS, DACd40, DCCNative, DCMMACed}, {MFDES_GET_ISOFILE_IDS, DACd40, DCCNative, DCMMACed}, {MFDES_COMMIT_READER_ID, DACd40, DCCNative, DCMMACed}, + {MFDES_ABORT_TRANSACTION, DACd40, DCCNative, DCMMACed}, {MFDES_GET_UID, DACd40, DCCNative, DCMEncrypted}, {MFDES_CHANGE_KEY_SETTINGS, DACd40, DCCNative, DCMEncrypted}, @@ -117,6 +118,7 @@ static const AllowedChannelModesS AllowedChannelModes[] = { {MFDES_COMMIT_TRANSACTION, DACEV1, DCCNative, DCMMACed}, {MFDES_CLEAR_RECORD_FILE, DACEV1, DCCNative, DCMMACed}, {MFDES_COMMIT_READER_ID, DACEV1, DCCNative, DCMMACed}, + {MFDES_ABORT_TRANSACTION, DACEV1, DCCNative, DCMMACed}, {MFDES_GET_UID, DACEV1, DCCNative, DCMEncrypted}, {MFDES_CHANGE_KEY_SETTINGS, DACEV1, DCCNative, DCMEncrypted}, @@ -158,6 +160,7 @@ static const AllowedChannelModesS AllowedChannelModes[] = { {MFDES_GET_KEY_VERSION, DACLRP, DCCNative, DCMMACed}, {MFDES_CLEAR_RECORD_FILE, DACLRP, DCCNative, DCMMACed}, {MFDES_COMMIT_TRANSACTION, DACLRP, DCCNative, DCMMACed}, + {MFDES_ABORT_TRANSACTION, DACLRP, DCCNative, DCMMACed}, {MFDES_GET_UID, DACLRP, DCCNative, DCMEncrypted}, {MFDES_CHANGE_FILE_SETTINGS, DACLRP, DCCNative, DCMEncrypted},