RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-01-05 23:52:27 +08:00
Code Issues Projects Releases Packages Wiki Activity

Fix password write offset by 1

Browse source
This commit is contained in:
Victor 2019-08-03 17:17:35 +01:00
parent 0320455090
commit 714280fad2
1 changed files with 19 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
armsrc/hitag2.c
View file

@ -377,7 +377,7 @@ static bool hitag2_password(uint8_t *rx, const size_t rxlen, uint8_t *tx, size_t
// Reset the transmission frame length // Reset the transmission frame length
*txlen = 0; *txlen = 0;
if (bPwd && write) { if (bPwd && !bAuthenticating && write) {
if (!hitag2_write_page(rx, rxlen, tx, txlen)) { if (!hitag2_write_page(rx, rxlen, tx, txlen)) {
return false; return false;
} }
@ -399,21 +399,26 @@ static bool hitag2_password(uint8_t *rx, const size_t rxlen, uint8_t *tx, size_t
// Received UID, tag password // Received UID, tag password
case 32: { case 32: {
if (!bPwd) { if (!bPwd) {
*txlen = 32;
memcpy(tx, password, 4);
bPwd = true; bPwd = true;
memcpy(tag.sectors[blocknr], rx, 4); bAuthenticating = true;
blocknr++; memcpy(tx, password, 4);
} else { *txlen = 32;
}
if (blocknr == 1) { else {
//store password in block1, the TAG answers with Block3, but we need the password in memory if (bAuthenticating) {
memcpy(tag.sectors[blocknr], tx, 4); bAuthenticating = false;
} else { if (write) {
if (!hitag2_write_page(rx, rxlen, tx, txlen)) {
return false;
}
break;
}
}
else {
memcpy(tag.sectors[blocknr], rx, 4); memcpy(tag.sectors[blocknr], rx, 4);
blocknr++;
} }
blocknr++;
if (blocknr > 7) { if (blocknr > 7) {
DbpString("Read succesful!"); DbpString("Read succesful!");
bSuccessful = true; bSuccessful = true;
@ -1104,6 +1109,7 @@ void ReaderHitag(hitag_function htf, hitag_data *htd) {
memcpy(password, htd->pwd.password, 4); memcpy(password, htd->pwd.password, 4);
blocknr = 0; blocknr = 0;
bPwd = false; bPwd = false;
bAuthenticating = false;
break; break;
} }
case RHT2F_AUTHENTICATE: { case RHT2F_AUTHENTICATE: {
@ -1405,6 +1411,7 @@ void WriterHitag(hitag_function htf, hitag_data *htd, int page) {
Dbhexdump(4, password, false); Dbhexdump(4, password, false);
blocknr = page; blocknr = page;
bPwd = false; bPwd = false;
bAuthenticating = false;
writestate = WRITE_STATE_START; writestate = WRITE_STATE_START;
} }
break; break;