mirror of
https://github.com/RfidResearchGroup/proxmark3.git
synced 2025-02-23 15:47:42 +08:00
ADD: Started a "collect nonces" concept to be able to analyse the tag generated nonces.
This commit is contained in:
parent
395f6a814f
commit
add0504dea
6 changed files with 81 additions and 5 deletions
|
@ -919,6 +919,9 @@ void UsbPacketReceived(uint8_t *packet, int len)
|
|||
MifareSendCommand(c->arg[0], c->arg[1], c->d.asBytes);
|
||||
break;
|
||||
|
||||
case CMD_MIFARE_COLLECT_NONCES:
|
||||
MifareCollectNonces(c->arg[0], c->[1]);
|
||||
break;
|
||||
#endif
|
||||
|
||||
#ifdef WITH_ICLASS
|
||||
|
|
|
@ -19,6 +19,7 @@
|
|||
#include <string.h>
|
||||
#include <strings.h>
|
||||
#include "../common/crc32.h"
|
||||
#include "../common/lfdemod.h"
|
||||
#include "BigBuf.h"
|
||||
#include "../include/hitag2.h"
|
||||
#include "../include/mifare.h"
|
||||
|
@ -196,6 +197,8 @@ void MifareCGetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datai
|
|||
void MifareCIdent(); // is "magic chinese" card?
|
||||
void MifareUSetPwd(uint8_t arg0, uint8_t *datain);
|
||||
|
||||
void MifareCollectNonces(uint32_t arg0, uint32_t arg1);
|
||||
|
||||
//desfire
|
||||
void Mifare_DES_Auth1(uint8_t arg0,uint8_t *datain);
|
||||
void Mifare_DES_Auth2(uint32_t arg0, uint8_t *datain);
|
||||
|
|
|
@ -1218,7 +1218,75 @@ void MifareCIdent(){
|
|||
cmd_send(CMD_ACK,isOK,0,0,0,0);
|
||||
}
|
||||
|
||||
//
|
||||
void MifareCollectNonces(uint32_t arg0, uint32_t arg1){
|
||||
|
||||
BigBuf_free();
|
||||
|
||||
uint32_t iterations = arg0;
|
||||
uint8_t uid[10] = {0x00};
|
||||
|
||||
uint8_t *response = BigBuf_malloc(MAX_MIFARE_FRAME_SIZE);
|
||||
uint8_t *responsePar = BigBuf_malloc(MAX_MIFARE_PARITY_SIZE);
|
||||
|
||||
uint8_t mf_auth[] = { 0x60,0x00,0xf5,0x7b };
|
||||
|
||||
// get memory from BigBuf.
|
||||
uint8_t *nonces = BigBuf_malloc(iterations * 4);
|
||||
|
||||
LED_A_ON();
|
||||
LED_B_OFF();
|
||||
LED_C_OFF();
|
||||
|
||||
clear_trace();
|
||||
set_tracing(TRUE);
|
||||
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
|
||||
|
||||
for (int i = 0; i < iterations; i++) {
|
||||
|
||||
WDT_HIT();
|
||||
|
||||
// Test if the action was cancelled
|
||||
if(BUTTON_PRESS()) break;
|
||||
|
||||
// if(mifare_classic_halt(pcs, cuid)) {
|
||||
// if (MF_DBGLEVEL >= 1) Dbprintf("Halt error");
|
||||
//}
|
||||
|
||||
if(!iso14443a_select_card(uid, NULL, NULL)) {
|
||||
if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");
|
||||
continue;
|
||||
};
|
||||
|
||||
// Transmit MIFARE_CLASSIC_AUTH.
|
||||
ReaderTransmit(mf_auth, sizeof(mf_auth), NULL);
|
||||
|
||||
// Receive the (4 Byte) "random" nonce
|
||||
if (!ReaderReceive(response, responsePar)) {
|
||||
if (MF_DBGLEVEL >= 1) Dbprintf("Couldn't receive tag nonce");
|
||||
continue;
|
||||
}
|
||||
|
||||
nonces[i*4] = bytes_to_num(response, 4);
|
||||
}
|
||||
|
||||
int packLen = iterations * 4;
|
||||
int packSize = 0;
|
||||
int packNum = 0;
|
||||
while (packLen > 0) {
|
||||
packSize = MIN(USB_CMD_DATA_SIZE, packLen);
|
||||
LED_B_ON();
|
||||
cmd_send(CMD_ACK, 77, 0, packSize, nonces - packLen, packSize);
|
||||
LED_B_OFF();
|
||||
|
||||
packLen -= packSize;
|
||||
packNum++;
|
||||
}
|
||||
|
||||
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
|
||||
LEDsoff();
|
||||
}
|
||||
|
||||
//
|
||||
// DESFIRE
|
||||
//
|
||||
|
||||
|
|
|
@ -433,7 +433,7 @@ int DesfireAPDU(uint8_t *cmd, size_t cmd_len, uint8_t *dataout){
|
|||
|
||||
size_t len = 0;
|
||||
size_t wrappedLen = 0;
|
||||
uint8_t wCmd[USB_CMD_DATA_SIZE] = {0};
|
||||
uint8_t wCmd[USB_CMD_DATA_SIZE] = {0x00};
|
||||
|
||||
uint8_t resp[MAX_FRAME_SIZE];
|
||||
uint8_t par[MAX_PARITY_SIZE];
|
||||
|
|
|
@ -365,9 +365,9 @@ int mifare_classic_writeblock(struct Crypto1State *pcs, uint32_t uid, uint8_t bl
|
|||
{
|
||||
// variables
|
||||
uint16_t len, i;
|
||||
uint32_t pos;
|
||||
uint8_t par[3] = {0}; // enough for 18 Bytes to send
|
||||
byte_t res;
|
||||
uint32_t pos = 0;
|
||||
uint8_t par[3] = {0x00}; // enough for 18 Bytes to send
|
||||
byte_t res = 0;
|
||||
|
||||
uint8_t d_block[18], d_block_enc[18];
|
||||
uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE];
|
||||
|
|
|
@ -193,6 +193,8 @@ typedef struct{
|
|||
#define CMD_MIFARE_DESFIRE_INFO 0x072d
|
||||
#define CMD_MIFARE_DESFIRE 0x072e
|
||||
|
||||
#define CMD_MIFARE_COLLECT_NONCES 0x072f
|
||||
|
||||
#define CMD_UNKNOWN 0xFFFF
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue