RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-02-23 23:55:15 +08:00
Code Issues Projects Releases Packages Wiki Activity

text

Browse source
This commit is contained in:
iceman1001 2020-04-16 09:53:31 +02:00
parent 94192d0976
commit c6473afcc1
1 changed files with 14 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
armsrc/mifaresim.c
View file

@ -557,7 +557,7 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1
int res = EmGetCmd(receivedCmd, &receivedCmd_len, receivedCmd_par); int res = EmGetCmd(receivedCmd, &receivedCmd_len, receivedCmd_par);
if (res == 2) { //Field is off! if (res == 2) { //Field is off!
FpgaDisableTracing(); //FpgaDisableTracing();
LEDsoff(); LEDsoff();
cardSTATE = MFEMUL_NOFIELD; cardSTATE = MFEMUL_NOFIELD;
if (DBGLEVEL >= DBG_EXTENDED) if (DBGLEVEL >= DBG_EXTENDED)
@ -595,14 +595,16 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1
} }
switch (cardSTATE) { switch (cardSTATE) {
case MFEMUL_NOFIELD: case MFEMUL_NOFIELD: {
if (DBGLEVEL >= DBG_EXTENDED) if (DBGLEVEL >= DBG_EXTENDED)
Dbprintf("MFEMUL_NOFIELD"); Dbprintf("MFEMUL_NOFIELD");
break; break;
case MFEMUL_HALTED: }
case MFEMUL_HALTED: {
if (DBGLEVEL >= DBG_EXTENDED) if (DBGLEVEL >= DBG_EXTENDED)
Dbprintf("MFEMUL_HALTED"); Dbprintf("MFEMUL_HALTED");
break; break;
}
case MFEMUL_IDLE: { case MFEMUL_IDLE: {
LogTrace(uart->output, uart->len, uart->startTime * 16 - DELAY_AIR2ARM_AS_TAG, uart->endTime * 16 - DELAY_AIR2ARM_AS_TAG, uart->parity, true); LogTrace(uart->output, uart->len, uart->startTime * 16 - DELAY_AIR2ARM_AS_TAG, uart->endTime * 16 - DELAY_AIR2ARM_AS_TAG, uart->parity, true);
if (DBGLEVEL >= DBG_EXTENDED) if (DBGLEVEL >= DBG_EXTENDED)
@ -706,8 +708,9 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1
// WORK // WORK
case MFEMUL_WORK: { case MFEMUL_WORK: {
if (DBGLEVEL >= DBG_EXTENDED) if (DBGLEVEL >= DBG_EXTENDED) {
Dbprintf("[MFEMUL_WORK] Enter in case"); Dbprintf("[MFEMUL_WORK] Enter in case");
}
if (receivedCmd_len == 0) { if (receivedCmd_len == 0) {
if (DBGLEVEL >= DBG_EXTENDED) Dbprintf("[MFEMUL_WORK] NO CMD received"); if (DBGLEVEL >= DBG_EXTENDED) Dbprintf("[MFEMUL_WORK] NO CMD received");
@ -718,13 +721,14 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1
if (encrypted_data) { if (encrypted_data) {
// decrypt seqence // decrypt seqence
mf_crypto1_decryptEx(pcs, receivedCmd, receivedCmd_len, receivedCmd_dec); mf_crypto1_decryptEx(pcs, receivedCmd, receivedCmd_len, receivedCmd_dec);
if (DBGLEVEL >= DBG_EXTENDED) Dbprintf("[MFEMUL_WORK] Decrypt seqence"); if (DBGLEVEL >= DBG_EXTENDED) Dbprintf("[MFEMUL_WORK] Decrypt sequence");
} else { } else {
// Data in clear // Data in clear
memcpy(receivedCmd_dec, receivedCmd, receivedCmd_len); memcpy(receivedCmd_dec, receivedCmd, receivedCmd_len);
} }
if (!CheckCrc14A(receivedCmd_dec, receivedCmd_len)) { // all commands must have a valid CRC // all commands must have a valid CRC
if (!CheckCrc14A(receivedCmd_dec, receivedCmd_len)) {
EmSend4bit(encrypted_data ? mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA) : CARD_NACK_NA); EmSend4bit(encrypted_data ? mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA) : CARD_NACK_NA);
FpgaDisableTracing(); FpgaDisableTracing();
@ -1251,8 +1255,10 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1
} // End While Loop } // End While Loop
FpgaDisableTracing();
// NR AR ATTACK // NR AR ATTACK
// mfkey32
if (((flags & FLAG_NR_AR_ATTACK) == FLAG_NR_AR_ATTACK) && (DBGLEVEL >= DBG_INFO)) { if (((flags & FLAG_NR_AR_ATTACK) == FLAG_NR_AR_ATTACK) && (DBGLEVEL >= DBG_INFO)) {
for (uint8_t i = 0; i < ATTACK_KEY_COUNT; i++) { for (uint8_t i = 0; i < ATTACK_KEY_COUNT; i++) {
if (ar_nr_collected[i] == 2) { if (ar_nr_collected[i] == 2) {
@ -1268,7 +1274,8 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1
} }
} }
} }
// mfkey32 v2
for (uint8_t i = ATTACK_KEY_COUNT; i < ATTACK_KEY_COUNT * 2; i++) { for (uint8_t i = ATTACK_KEY_COUNT; i < ATTACK_KEY_COUNT * 2; i++) {
if (ar_nr_collected[i] == 2) { if (ar_nr_collected[i] == 2) {
Dbprintf("Collected two pairs of AR/NR which can be used to extract %s from reader for sector %d:", (i < ATTACK_KEY_COUNT / 2) ? "keyA" : "keyB", ar_nr_resp[i].sector); Dbprintf("Collected two pairs of AR/NR which can be used to extract %s from reader for sector %d:", (i < ATTACK_KEY_COUNT / 2) ? "keyA" : "keyB", ar_nr_resp[i].sector);
@ -1288,7 +1295,6 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1
Dbprintf("Emulator stopped. Tracing: %d trace length: %d ", get_tracing(), BigBuf_get_traceLen()); Dbprintf("Emulator stopped. Tracing: %d trace length: %d ", get_tracing(), BigBuf_get_traceLen());
} }
if ((flags & FLAG_INTERACTIVE) == FLAG_INTERACTIVE) { // Interactive mode flag, means we need to send ACK if ((flags & FLAG_INTERACTIVE) == FLAG_INTERACTIVE) { // Interactive mode flag, means we need to send ACK
//Send the collected ar_nr in the response //Send the collected ar_nr in the response
reply_mix(CMD_ACK, CMD_HF_MIFARE_SIMULATE, button_pushed, 0, &ar_nr_resp, sizeof(ar_nr_resp)); reply_mix(CMD_ACK, CMD_HF_MIFARE_SIMULATE, button_pushed, 0, &ar_nr_resp, sizeof(ar_nr_resp));