From 821a3066a698b5a5bb985c13237dbc6bcbe302d2 Mon Sep 17 00:00:00 2001 From: pingu2211 Date: Sun, 10 Nov 2024 22:36:39 +1100 Subject: [PATCH 1/3] move mfWriteBlock --- client/src/cmdhfmf.c | 29 +++++++---------------------- client/src/mifare/mifarehost.c | 17 +++++++++++++++++ client/src/mifare/mifarehost.h | 2 ++ 3 files changed, 26 insertions(+), 22 deletions(-) diff --git a/client/src/cmdhfmf.c b/client/src/cmdhfmf.c index 5a02d1120..fb240763e 100644 --- a/client/src/cmdhfmf.c +++ b/client/src/cmdhfmf.c @@ -45,6 +45,7 @@ #include "mifare/gen4.h" #include "generator.h" // keygens. #include "fpga.h" +#include "mifare/mifarehost.h" static int CmdHelp(const char *Cmd); @@ -494,22 +495,6 @@ void mf_print_sector_hdr(uint8_t sector) { PrintAndLogEx(INFO, "----+-------------------------------------------------+-----------------"); } -static bool mf_write_block(const uint8_t *key, uint8_t keytype, uint8_t blockno, uint8_t *block) { - - uint8_t data[26]; - memcpy(data, key, MIFARE_KEY_SIZE); - memcpy(data + 10, block, MFBLOCK_SIZE); - - clearCommandBuffer(); - SendCommandMIX(CMD_HF_MIFARE_WRITEBL, blockno, keytype, 0, data, sizeof(data)); - PacketResponseNG resp; - if (WaitForResponseTimeout(CMD_ACK, &resp, 1500) == false) { - PrintAndLogEx(FAILED, "command execution time out"); - return false; - } - - return ((resp.oldarg[0] & 0xff) == 1); -} // assumes n is in number of blocks 0..255 static void mf_analyse_acl(uint16_t n, uint8_t *d) { @@ -6784,9 +6769,9 @@ skipfile: } // write to card, try B key first - if (mf_write_block(keyB[i], MF_KEY_B, b, block) == 0) { + if (mfWriteBlock(keyB[i], MF_KEY_B, b, block) != PM3_SUCCESS) { // try A key, - if (mf_write_block(keyA[i], MF_KEY_A, b, block) == 0) { + if (mfWriteBlock(keyA[i], MF_KEY_A, b, block) != PM3_SUCCESS) { return PM3_EFAILED; } } @@ -7027,10 +7012,10 @@ int CmdHFMFNDEFWrite(const char *Cmd) { } // write to card, try B key first - if (mf_write_block(g_mifare_default_key, MF_KEY_B, block_no, block) == 0) { + if (mfWriteBlock(g_mifare_default_key, MF_KEY_B, block_no, block) != PM3_SUCCESS) { // try A key, - if (mf_write_block(g_mifare_ndef_key, MF_KEY_A, block_no, block) == 0) { + if (mfWriteBlock(g_mifare_ndef_key, MF_KEY_A, block_no, block) != PM3_SUCCESS) { return PM3_EFAILED; } } @@ -9507,8 +9492,8 @@ static int CmdHFMFHidEncode(const char *Cmd) { PrintAndLogEx(INFO, "Writing %u - %s", (i + 1), sprint_hex_inrow(blocks + (i * MFBLOCK_SIZE), MFBLOCK_SIZE)); } - if (mf_write_block(empty, MF_KEY_A, (i + 1), blocks + (i * MFBLOCK_SIZE)) == false) { - if (mf_write_block(empty, MF_KEY_B, (i + 1), blocks + (i * MFBLOCK_SIZE)) == false) { + if (mfWriteBlock(empty, MF_KEY_A, (i + 1), blocks + (i * MFBLOCK_SIZE)) == PM3_EFAILED) { + if (mfWriteBlock(empty, MF_KEY_B, (i + 1), blocks + (i * MFBLOCK_SIZE)) == PM3_EFAILED) { PrintAndLogEx(WARNING, "failed writing block %d using default empty key", (i + 1)); res = false; break; diff --git a/client/src/mifare/mifarehost.c b/client/src/mifare/mifarehost.c index d24fe35ce..74d541827 100644 --- a/client/src/mifare/mifarehost.c +++ b/client/src/mifare/mifarehost.c @@ -994,6 +994,23 @@ int mfReadBlock(uint8_t blockNo, uint8_t keyType, const uint8_t *key, uint8_t *d return PM3_SUCCESS; } +int mfWriteBlock(const uint8_t *key, uint8_t keytype, uint8_t blockno, uint8_t *block) { + + uint8_t data[26]; + memcpy(data, key, MIFARE_KEY_SIZE); + memcpy(data + 10, block, MFBLOCK_SIZE); + + clearCommandBuffer(); + SendCommandMIX(CMD_HF_MIFARE_WRITEBL, blockno, keytype, 0, data, sizeof(data)); + PacketResponseNG resp; + if (WaitForResponseTimeout(CMD_ACK, &resp, 1500) == false) { + PrintAndLogEx(FAILED, "mfWriteBlock execution time out"); + return PM3_ETIMEOUT; + } + + return ((resp.oldarg[0] & 0xff) == 1)?PM3_SUCCESS:PM3_EFAILED; +} + // EMULATOR int mfEmlGetMem(uint8_t *data, int blockNum, int blocksCount) { diff --git a/client/src/mifare/mifarehost.h b/client/src/mifare/mifarehost.h index facb6c007..63b24ef63 100644 --- a/client/src/mifare/mifarehost.h +++ b/client/src/mifare/mifarehost.h @@ -88,6 +88,8 @@ int mfKeyBrute(uint8_t blockNo, uint8_t keyType, const uint8_t *key, uint64_t *r int mfReadSector(uint8_t sectorNo, uint8_t keyType, const uint8_t *key, uint8_t *data); int mfReadBlock(uint8_t blockNo, uint8_t keyType, const uint8_t *key, uint8_t *data); +int mfWriteBlock(const uint8_t *key, uint8_t keytype, uint8_t blockno, uint8_t *block); + int mfEmlGetMem(uint8_t *data, int blockNum, int blocksCount); int mfEmlSetMem(uint8_t *data, int blockNum, int blocksCount); int mfEmlSetMem_xt(uint8_t *data, int blockNum, int blocksCount, int blockBtWidth); From dae0ddc6e3ea9d3323f8892369511b91ceeb4e8e Mon Sep 17 00:00:00 2001 From: pingu2211 Date: Sun, 10 Nov 2024 23:33:22 +1100 Subject: [PATCH 2/3] Re-ordered function parameters to match mfReadBlock --- client/src/cmdhfmf.c | 13 +++++++------ client/src/mifare/mifarehost.c | 6 +++++- client/src/mifare/mifarehost.h | 3 +-- 3 files changed, 13 insertions(+), 9 deletions(-) diff --git a/client/src/cmdhfmf.c b/client/src/cmdhfmf.c index fb240763e..1b670f200 100644 --- a/client/src/cmdhfmf.c +++ b/client/src/cmdhfmf.c @@ -6769,9 +6769,9 @@ skipfile: } // write to card, try B key first - if (mfWriteBlock(keyB[i], MF_KEY_B, b, block) != PM3_SUCCESS) { + if (mfWriteBlock(b, MF_KEY_B, keyB[i], block) != PM3_SUCCESS) { // try A key, - if (mfWriteBlock(keyA[i], MF_KEY_A, b, block) != PM3_SUCCESS) { + if (mfWriteBlock(b, MF_KEY_A, keyA[i], block) != PM3_SUCCESS) { return PM3_EFAILED; } } @@ -7012,10 +7012,11 @@ int CmdHFMFNDEFWrite(const char *Cmd) { } // write to card, try B key first - if (mfWriteBlock(g_mifare_default_key, MF_KEY_B, block_no, block) != PM3_SUCCESS) { + if (mfWriteBlock(block_no, MF_KEY_B, g_mifare_default_key, block) != PM3_SUCCESS) { // try A key, - if (mfWriteBlock(g_mifare_ndef_key, MF_KEY_A, block_no, block) != PM3_SUCCESS) { + + if (mfWriteBlock(block_no, MF_KEY_A, g_mifare_ndef_key, block) != PM3_SUCCESS) { return PM3_EFAILED; } } @@ -9492,8 +9493,8 @@ static int CmdHFMFHidEncode(const char *Cmd) { PrintAndLogEx(INFO, "Writing %u - %s", (i + 1), sprint_hex_inrow(blocks + (i * MFBLOCK_SIZE), MFBLOCK_SIZE)); } - if (mfWriteBlock(empty, MF_KEY_A, (i + 1), blocks + (i * MFBLOCK_SIZE)) == PM3_EFAILED) { - if (mfWriteBlock(empty, MF_KEY_B, (i + 1), blocks + (i * MFBLOCK_SIZE)) == PM3_EFAILED) { + if (mfWriteBlock((i + 1), MF_KEY_A, empty, blocks + (i * MFBLOCK_SIZE)) == PM3_EFAILED) { + if (mfWriteBlock((i + 1), MF_KEY_B, empty, blocks + (i * MFBLOCK_SIZE)) == PM3_EFAILED) { PrintAndLogEx(WARNING, "failed writing block %d using default empty key", (i + 1)); res = false; break; diff --git a/client/src/mifare/mifarehost.c b/client/src/mifare/mifarehost.c index 74d541827..09f980917 100644 --- a/client/src/mifare/mifarehost.c +++ b/client/src/mifare/mifarehost.c @@ -994,7 +994,7 @@ int mfReadBlock(uint8_t blockNo, uint8_t keyType, const uint8_t *key, uint8_t *d return PM3_SUCCESS; } -int mfWriteBlock(const uint8_t *key, uint8_t keytype, uint8_t blockno, uint8_t *block) { +int mfWriteBlock(uint8_t blockno, uint8_t keyType, const uint8_t *key, uint8_t *block) { uint8_t data[26]; memcpy(data, key, MIFARE_KEY_SIZE); @@ -1011,6 +1011,10 @@ int mfWriteBlock(const uint8_t *key, uint8_t keytype, uint8_t blockno, uint8_t * return ((resp.oldarg[0] & 0xff) == 1)?PM3_SUCCESS:PM3_EFAILED; } +int mfWriteSector(uint8_t sectorNo, uint8_t keyType, const uint8_t *key, uint8_t *sector){ + +} + // EMULATOR int mfEmlGetMem(uint8_t *data, int blockNum, int blocksCount) { diff --git a/client/src/mifare/mifarehost.h b/client/src/mifare/mifarehost.h index 63b24ef63..5823cbdf5 100644 --- a/client/src/mifare/mifarehost.h +++ b/client/src/mifare/mifarehost.h @@ -88,8 +88,7 @@ int mfKeyBrute(uint8_t blockNo, uint8_t keyType, const uint8_t *key, uint64_t *r int mfReadSector(uint8_t sectorNo, uint8_t keyType, const uint8_t *key, uint8_t *data); int mfReadBlock(uint8_t blockNo, uint8_t keyType, const uint8_t *key, uint8_t *data); -int mfWriteBlock(const uint8_t *key, uint8_t keytype, uint8_t blockno, uint8_t *block); - +int mfWriteBlock(uint8_t blockno, uint8_t keyType, const uint8_t *key, uint8_t *block); int mfEmlGetMem(uint8_t *data, int blockNum, int blocksCount); int mfEmlSetMem(uint8_t *data, int blockNum, int blocksCount); int mfEmlSetMem_xt(uint8_t *data, int blockNum, int blocksCount, int blockBtWidth); From 88587e672cb8d0c0226b41ee2daca21cca022f6c Mon Sep 17 00:00:00 2001 From: pingu2211 Date: Sun, 10 Nov 2024 23:34:19 +1100 Subject: [PATCH 3/3] add a write sector helper --- client/src/mifare/mifarehost.c | 9 ++++++++- client/src/mifare/mifarehost.h | 2 ++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/client/src/mifare/mifarehost.c b/client/src/mifare/mifarehost.c index 09f980917..19d6f609d 100644 --- a/client/src/mifare/mifarehost.c +++ b/client/src/mifare/mifarehost.c @@ -1012,7 +1012,14 @@ int mfWriteBlock(uint8_t blockno, uint8_t keyType, const uint8_t *key, uint8_t * } int mfWriteSector(uint8_t sectorNo, uint8_t keyType, const uint8_t *key, uint8_t *sector){ - + int res; + for (int i=0;i<4; i++){ + res = mfWriteBlock((sectorNo*4)+i, keyType, key, sector+(i*MFBLOCK_SIZE)); + if (res != PM3_SUCCESS){ + return (i==0)?PM3_EFAILED:PM3_EPARTIAL; + } + } + return PM3_SUCCESS; } // EMULATOR diff --git a/client/src/mifare/mifarehost.h b/client/src/mifare/mifarehost.h index 5823cbdf5..443e83b7e 100644 --- a/client/src/mifare/mifarehost.h +++ b/client/src/mifare/mifarehost.h @@ -89,6 +89,8 @@ int mfReadSector(uint8_t sectorNo, uint8_t keyType, const uint8_t *key, uint8_t int mfReadBlock(uint8_t blockNo, uint8_t keyType, const uint8_t *key, uint8_t *data); int mfWriteBlock(uint8_t blockno, uint8_t keyType, const uint8_t *key, uint8_t *block); +int mfWriteSector(uint8_t sectorNo, uint8_t keyType, const uint8_t *key, uint8_t *sector); + int mfEmlGetMem(uint8_t *data, int blockNum, int blocksCount); int mfEmlSetMem(uint8_t *data, int blockNum, int blocksCount); int mfEmlSetMem_xt(uint8_t *data, int blockNum, int blocksCount, int blockBtWidth);