diff --git a/CHANGELOG.md b/CHANGELOG.md index 9757a2952..ce9be2aa5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file. This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... ## [unreleased][unreleased] + - Changed `hf iclass list` to display matched keys on the CHECK command rather than the card response, and made it check for elite keys too (@nvx) - Added `hf gallagher decode` command and fix Gallagher diversification for card master key (@nvx) - Added mmbit-002 (kibi-002, kb5004xk1) russian tag to `hf texkom read` command (@merlokk) - Added `hf sniff --smode` skip/group adc data to consume less memory. Now it can sniff very long signals (@merlokk) diff --git a/client/src/cmdhficlass.c b/client/src/cmdhficlass.c index ea16de75c..6836df754 100644 --- a/client/src/cmdhficlass.c +++ b/client/src/cmdhficlass.c @@ -87,7 +87,7 @@ static int cmp_uint32(const void *a, const void *b) { bool check_known_default(uint8_t *csn, uint8_t *epurse, uint8_t *rmac, uint8_t *tmac, uint8_t *key) { - iclass_prekey_t *prekey = calloc(ICLASS_KEYS_MAX, sizeof(iclass_prekey_t)); + iclass_prekey_t *prekey = calloc(ICLASS_KEYS_MAX * 2, sizeof(iclass_prekey_t)); if (prekey == NULL) { return false; } @@ -97,17 +97,20 @@ bool check_known_default(uint8_t *csn, uint8_t *epurse, uint8_t *rmac, uint8_t * memcpy(ccnr + 8, rmac, 4); GenerateMacKeyFrom(csn, ccnr, false, false, (uint8_t *)iClass_Key_Table, ICLASS_KEYS_MAX, prekey); - qsort(prekey, ICLASS_KEYS_MAX, sizeof(iclass_prekey_t), cmp_uint32); + GenerateMacKeyFrom(csn, ccnr, false, true, (uint8_t *)iClass_Key_Table, ICLASS_KEYS_MAX, prekey + ICLASS_KEYS_MAX); + qsort(prekey, ICLASS_KEYS_MAX * 2, sizeof(iclass_prekey_t), cmp_uint32); iclass_prekey_t lookup; memcpy(lookup.mac, tmac, 4); // binsearch - iclass_prekey_t *item = (iclass_prekey_t *) bsearch(&lookup, prekey, ICLASS_KEYS_MAX, sizeof(iclass_prekey_t), cmp_uint32); + iclass_prekey_t *item = (iclass_prekey_t *) bsearch(&lookup, prekey, ICLASS_KEYS_MAX * 2, sizeof(iclass_prekey_t), cmp_uint32); if (item != NULL) { memcpy(key, item->key, 8); + free(prekey); return true; } + free(prekey); return false; } @@ -3534,8 +3537,6 @@ void GenerateMacKeyFrom(uint8_t *CSN, uint8_t *CCNR, bool use_raw, bool use_elit for (int i = 0; i < iclass_tc; i++) pthread_join(threads[i], NULL); - - PrintAndLogEx(NORMAL, ""); } // print diversified keys diff --git a/client/src/cmdhflist.c b/client/src/cmdhflist.c index 7e79b49ee..f326a8abb 100644 --- a/client/src/cmdhflist.c +++ b/client/src/cmdhflist.c @@ -464,10 +464,17 @@ void annotateIclass(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize, bool curr_state = PICO_NONE; break; case ICLASS_CMD_CHECK: - snprintf(exp, size, "CHECK"); curr_state = PICO_AUTH_MACS; memcpy(rmac, cmd + 1, 4); memcpy(tmac, cmd + 5, 4); + + uint8_t key[8]; + if (check_known_default(csn, epurse, rmac, tmac, key)) { + snprintf(exp, size, "CHECK ( %s )", sprint_hex_inrow(key, 8)); + } else { + snprintf(exp, size, "CHECK"); + } + break; case ICLASS_CMD_READ4: snprintf(exp, size, "READ4(%d)", cmd[1]); @@ -516,11 +523,7 @@ void annotateIclass(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize, bool } else if (curr_state == PICO_AUTH_EPURSE) { memcpy(epurse, cmd, 8); } else if (curr_state == PICO_AUTH_MACS) { - - uint8_t key[8]; - if (check_known_default(csn, epurse, rmac, tmac, key)) { - snprintf(exp, size, "( " _GREEN_("%s") " )", sprint_hex_inrow(key, 8)); - } + snprintf(exp, size, _GREEN_("CHECK SUCCESS")); curr_state = PICO_NONE; } }