mirror of
https://github.com/RfidResearchGroup/proxmark3.git
synced 2025-03-17 18:50:32 +08:00
FIX: 'hf 14a reader' - detection of magic refactored, all test now assumes turn on/off readerfield.
This commit is contained in:
iceman1001
parent
59fbf1e354
commit
fdf1566c23
3 changed files with 29 additions and 32 deletions
|
|
@ -169,14 +169,13 @@ int CmdHF14AList(const char *Cmd) {
|
|||
|
||||
int CmdHF14AReader(const char *Cmd) {
|
||||
bool silent = (Cmd[0] == 's' || Cmd[0] == 'S');
|
||||
UsbCommand cDisconnect = {CMD_READER_ISO_14443a, {0,0,0}};
|
||||
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0}};
|
||||
clearCommandBuffer();
|
||||
SendCommand(&c);
|
||||
UsbCommand resp;
|
||||
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2500)) {
|
||||
if (!silent) PrintAndLog("iso14443a card select failed");
|
||||
SendCommand(&cDisconnect);
|
||||
ul_switch_off_field();
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
@ -193,14 +192,14 @@ int CmdHF14AReader(const char *Cmd) {
|
|||
|
||||
if (select_status == 0) {
|
||||
if (!silent) PrintAndLog("iso14443a card select failed");
|
||||
SendCommand(&cDisconnect);
|
||||
ul_switch_off_field();
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (select_status == 3) {
|
||||
PrintAndLog("Card doesn't support standard iso14443-3 anticollision");
|
||||
PrintAndLog("ATQA : %02x %02x", card.atqa[1], card.atqa[0]);
|
||||
SendCommand(&cDisconnect);
|
||||
ul_switch_off_field();
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
@ -383,28 +382,8 @@ int CmdHF14AReader(const char *Cmd) {
|
|||
} else {
|
||||
PrintAndLog("proprietary non iso14443-4 card found, RATS not supported");
|
||||
}
|
||||
|
||||
|
||||
// try to see if card responses to "chinese magic backdoor" commands.
|
||||
uint8_t isGeneration = 0;
|
||||
clearCommandBuffer();
|
||||
c.cmd = CMD_MIFARE_CIDENT;
|
||||
c.arg[0] = 0;
|
||||
c.arg[1] = 0;
|
||||
c.arg[2] = 0;
|
||||
SendCommand(&c);
|
||||
if (WaitForResponseTimeout(CMD_ACK, &resp, 1500))
|
||||
isGeneration = resp.arg[0] & 0xff;
|
||||
|
||||
switch( isGeneration ){
|
||||
case 1: PrintAndLog("Answers to magic commands (GEN 1a): YES"); break;
|
||||
case 2: PrintAndLog("Answers to magic commands (GEN 1b): YES"); break;
|
||||
//case 4: PrintAndLog("Answers to magic commands (GEN 2): YES"); break;
|
||||
default: PrintAndLog("Answers to magic commands: NO"); break;
|
||||
}
|
||||
|
||||
// disconnect
|
||||
//SendCommand(&cDisconnect);
|
||||
detect_classic_magic();
|
||||
|
||||
if (isMifareClassic) {
|
||||
if ( detect_classic_prng() )
|
||||
|
|
@ -706,7 +685,7 @@ int CmdHF14ACmdRaw(const char *cmd) {
|
|||
// Max buffer is USB_CMD_DATA_SIZE
|
||||
datalen = (datalen > USB_CMD_DATA_SIZE) ? USB_CMD_DATA_SIZE : datalen;
|
||||
|
||||
c.arg[1] = (datalen & 0xFFFF) | (uint32_t)(numbits << 16);
|
||||
c.arg[1] = (datalen & 0xFFFF) | ((uint32_t)(numbits << 16));
|
||||
memcpy(c.d.asBytes, data, datalen);
|
||||
|
||||
clearCommandBuffer();
|
||||
|
|
|
|||
|
|
@ -826,7 +826,7 @@ int tryDecryptWord(uint32_t nt, uint32_t ar_enc, uint32_t at_enc, uint8_t *data,
|
|||
* TRUE if tag uses WEAK prng (ie Now the NACK bug also needs to be present for Darkside attack)
|
||||
* FALSE is tag uses HARDEND prng (ie hardnested attack possible, with known key)
|
||||
*/
|
||||
bool detect_classic_prng(){
|
||||
bool detect_classic_prng(void){
|
||||
|
||||
UsbCommand resp, respA;
|
||||
uint8_t cmd[] = {MIFARE_AUTH_KEYA, 0x00};
|
||||
|
|
@ -849,10 +849,8 @@ bool detect_classic_prng(){
|
|||
uint32_t nonce = bytes_to_num(respA.d.asBytes, respA.arg[0]);
|
||||
return validate_prng_nonce(nonce);
|
||||
}
|
||||
/* Detect Mifare Classic NACK bug
|
||||
*
|
||||
*/
|
||||
bool detect_classic_nackbug(){
|
||||
/* Detect Mifare Classic NACK bug */
|
||||
bool detect_classic_nackbug(void){
|
||||
|
||||
// get nonce?
|
||||
|
||||
|
|
@ -860,4 +858,22 @@ bool detect_classic_nackbug(){
|
|||
// fixed nonce, different parity every call
|
||||
|
||||
return false;
|
||||
}
|
||||
/* try to see if card responses to "chinese magic backdoor" commands. */
|
||||
void detect_classic_magic(void) {
|
||||
|
||||
uint8_t isGeneration = 0;
|
||||
UsbCommand resp;
|
||||
UsbCommand c = {CMD_MIFARE_CIDENT, {0, 0, 0}};
|
||||
clearCommandBuffer();
|
||||
SendCommand(&c);
|
||||
if (WaitForResponseTimeout(CMD_ACK, &resp, 1500))
|
||||
isGeneration = resp.arg[0] & 0xff;
|
||||
|
||||
switch( isGeneration ){
|
||||
case 1: PrintAndLog("Answers to magic commands (GEN 1a): YES"); break;
|
||||
case 2: PrintAndLog("Answers to magic commands (GEN 1b): YES"); break;
|
||||
//case 4: PrintAndLog("Answers to magic commands (GEN 2): YES"); break;
|
||||
default: PrintAndLog("Answers to magic commands: NO"); break;
|
||||
}
|
||||
}
|
||||
|
|
@ -94,5 +94,7 @@ extern int loadTraceCard(uint8_t *tuid, uint8_t uidlen);
|
|||
extern int saveTraceCard(void);
|
||||
extern int tryDecryptWord(uint32_t nt, uint32_t ar_enc, uint32_t at_enc, uint8_t *data, int len);
|
||||
|
||||
extern bool detect_classic_prng();
|
||||
extern bool detect_classic_prng(void);
|
||||
extern bool detect_classic_nackbug(void);
|
||||
extern void detect_classic_magic(void);
|
||||
#endif
|
||||
Loading…
Reference in a new issue