dash/proxmark3
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/RfidResearchGroup/proxmark3

Browse Source
This commit is contained in:
iceman1001
2020-03-25 11:20:47 +01:00
parent dc4bd2c1f7 04715cb2ea
commit 19a43d4726
18 changed files with 130 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
client/cmdhfmfdes.c
View File

@@ -26,8 +26,32 @@ uint8_t key_ones_data[16] = { 0x01 };
uint8_t key_defa_data[16] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f };
uint8_t key_picc_data[16] = { 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f };
typedef enum {
UNKNOWN = 0,
MF3ICD40,
EV1,
EV2,
LIGHT,
} desfire_cardtype_t;
static int CmdHelp(const char *Cmd);
static desfire_cardtype_t getCardType(uint8_t major, uint8_t minor) {
if (major == 0x00)
return MF3ICD40;
else if (major == 0x01 && minor == 0x00)
return EV1;
else if (major == 0x12 && minor == 0x00)
return EV2;
else if (major == 0x30 && minor == 0x00)
return LIGHT;
else
return UNKNOWN;
}
//ICEMAN: Turn on field method?
//none
static int test_desfire_authenticate() {
@@ -95,11 +119,20 @@ static int get_desfire_freemem(uint32_t *free_mem) {
// --- GET SIGNATURE
static int desfire_print_signature(uint8_t *uid, uint8_t *signature, size_t signature_len) {
static int desfire_print_signature(uint8_t *uid, uint8_t *signature, size_t signature_len, desfire_cardtype_t card_type) {
uint8_t public_key;
if (card_type == LIGHT)
public_key = 0;
else if (card_type == EV2)
public_key = 1;
else
return PM3_EINVARG;
#define PUBLIC_DESFIRE_ECDA_KEYLEN 57
// ref: MIFARE Desfire Originality Signature Validation
uint8_t nxp_desfire_keys[1][PUBLIC_DESFIRE_ECDA_KEYLEN] = {
uint8_t nxp_desfire_keys[2][PUBLIC_DESFIRE_ECDA_KEYLEN] = {
// DESFire Light
{
0x04, 0x0E, 0x98, 0xE1, 0x17, 0xAA, 0xA3, 0x64,
@@ -109,17 +142,26 @@ static int desfire_print_signature(uint8_t *uid, uint8_t *signature, size_t sign
0x7B, 0x94, 0x2A, 0x97, 0x74, 0xA1, 0xD9, 0x4A,
0xD0, 0x25, 0x72, 0x42, 0x7E, 0x5A, 0xE0, 0xA2,
0xDD, 0x36, 0x59, 0x1B, 0x1F, 0xB3, 0x4F, 0xCF, 0x3D
}
},
// DESFire Ev2
{
0x04, 0x8A, 0x9B, 0x38, 0x0A, 0xF2, 0xEE, 0x1B,
0x98, 0xDC, 0x41, 0x7F, 0xEC, 0xC2, 0x63, 0xF8,
0x44, 0x9C, 0x76, 0x25, 0xCE, 0xCE, 0x82, 0xD9,
0xB9, 0x16, 0xC9, 0x92, 0xDA, 0x20, 0x9D, 0x68,
0x42, 0x2B, 0x81, 0xEC, 0x20, 0xB6, 0x5A, 0x66,
0xB5, 0x10, 0x2A, 0x61, 0x59, 0x6A, 0xF3, 0x37,
0x92, 0x00, 0x59, 0x93, 0x16, 0xA0, 0x0A, 0x14, 0x10
}
};
uint8_t public_key = 0;
int res = ecdsa_signature_r_s_verify(MBEDTLS_ECP_DP_SECP224R1, nxp_desfire_keys[public_key], uid, 7, signature, signature_len, false);
bool is_valid = (res == 0);
PrintAndLogEx(INFO, " Tag Signature");
PrintAndLogEx(INFO, " IC signature public key name : NXP DESFire Light");
PrintAndLogEx(INFO, " IC signature public key name : %s", (card_type == LIGHT) ? "NXP DESFire Light" : "NXP DESFire Ev2");
PrintAndLogEx(INFO, " IC signature public key value : %s", sprint_hex(nxp_desfire_keys[public_key], 16));
PrintAndLogEx(INFO, " : %s", sprint_hex(nxp_desfire_keys[public_key] + 16, 16));
PrintAndLogEx(INFO, " : %s", sprint_hex(nxp_desfire_keys[public_key] + 32, 16));
@@ -423,9 +465,10 @@ static int CmdHF14ADesInfo(const char *Cmd) {
// Signature originality check
uint8_t signature[56] = {0};
size_t signature_len = 0;
desfire_cardtype_t cardtype = getCardType(package->versionHW[3], package->versionHW[4]);
if (get_desfire_signature(signature, &signature_len) == PM3_SUCCESS)
desfire_print_signature(package->uid, signature, signature_len);
desfire_print_signature(package->uid, signature, signature_len, cardtype);
// Master Key settings
uint8_t master_aid[3] = {0x00, 0x00, 0x00};
@@ -514,9 +557,6 @@ char *getVersionStr(uint8_t major, uint8_t minor) {
void getKeySettings(uint8_t *aid) {
char messStr[512] = {0x00};
const char *str = messStr;
if (memcmp(aid, "\x00\x00\x00", 3) == 0) {
// CARD MASTER KEY
@@ -544,9 +584,7 @@ void getKeySettings(uint8_t *aid) {
PrintAndLogEx(WARNING, _RED_(" Can't read Application Master key settings"));
}
memset(messStr, 0x00, sizeof(messStr));
str = " Operation of PICC master key : " _YELLOW_("%s");
const char *str = " Operation of PICC master key : " _YELLOW_("%s");
// 2 MSB denotes
switch (num_keys >> 6) {
@@ -666,8 +704,8 @@ static int CmdHF14ADesEnumApplications(const char *Cmd) {
// Get File IDs
if (get_desfire_fileids(file_ids, &file_ids_len) == PM3_SUCCESS) {
PrintAndLogEx(SUCCESS, " Tag report " _GREEN_("%d") "file%c", file_ids_len, (file_ids_len == 1) ? ' ' : 's');
for (int i = 0; i < file_ids_len; ++i) {
PrintAndLogEx(SUCCESS, " Fileid %d (0x%02x)", file_ids[i], file_ids[i]);
for (int j = 0; j < file_ids_len; ++j) {
PrintAndLogEx(SUCCESS, " Fileid %d (0x%02x)", file_ids[j], file_ids[j]);
}
}

2
client/cmdhfmfdesfire_disabled.c
View File

@@ -8,7 +8,7 @@
// High frequency MIFARE commands
//-----------------------------------------------------------------------------
#include "cmdhfmfdesfire.h"
#include "cmdhfmfdesfire_disabled.h"
#include "cmdparser.h" // command_t

2
client/cmdlfkeri.c
View File

@@ -128,7 +128,7 @@ static int CmdKeriMSScramble (KeriMSScramble_t Action, uint32_t *FC, uint32_t *I
*CardID = *CardID | Parity;
// Bit 31 was fixed but not in check/parity bits
*CardID |= (uint32_t)(1 << 31);
*CardID |= 1UL << 31;
PrintAndLogEx(SUCCESS, "Scrambled MS : FC %d - CN %d to RAW : E0000000%08X",*FC,*ID,*CardID);
}

10
client/cmdlft55xx.c
View File

@@ -482,12 +482,16 @@ static bool t55xxProtect(bool lock, bool usepwd, uint8_t override, uint32_t pass
int res = T55xxReadBlockEx(T55x7_CONFIGURATION_BLOCK, T55x7_PAGE0, usepwd, override, password, downlink_mode, false);
if (res != PM3_SUCCESS) {
PrintAndLogEx(WARNING, "Failed to read block0, use `p` password parameter?");
PrintAndLogEx(WARNING, "Failed to read block0, use " _YELLOW_("`p`") "password parameter?");
return false;
}
if (GetT55xxBlockData(&block0) == false)
if (GetT55xxBlockData(&block0) == false) {
PrintAndLogEx(DEBUG, "ERROR decoded block0 == %08x", block0);
return false;
}
PrintAndLogEx(DEBUG, "OK read block0 == %08x", block0);
bool isPwdBitAlreadySet = (block0 >> (32 - 28) & 1);
if (isPwdBitAlreadySet) {
@@ -3679,7 +3683,7 @@ static int CmdT55xxProtect(const char *Cmd) {
// lock
if (t55xxProtect(true, usepwd, override, password, downlink_mode, new_password) == false) {
PrintAndLogEx(WARNING, "Command failed. Did you run `lf t55xx detect` before?");
PrintAndLogEx(WARNING, "Command failed. Did you run " _YELLOW_("`lf t55xx detect`") "before?");
return PM3_ESOFT;
}
return PM3_SUCCESS;

28
client/resources/aidlist.json
View File

@@ -2128,27 +2128,35 @@
"Type": "EMV"
},
{
"AID": "7465736C6153746F7265303032",
"AID": "7465736C6153746F7265",
"Vendor": "Tesla",
"Country": "",
"Name": "teslaStore002",
"Description": "Tesla car key",
"Name": "teslaStore",
"Description": "Undocumented AID associated with official Tesla Key Cards",
"Type": "Tesla"
},
{
"AID": "7465736C614C6F67696330303201",
"AID": "7465736C614C6F6769633",
"Vendor": "Tesla",
"Country": "",
"Name": "teslaLogic002",
"Description": "Tesla car key",
"Name": "teslaLogic (Original AID)",
"Description": "Key for Tesla vehicles",
"Type": "Tesla"
},
{
"AID": "7465736C61",
"AID": "F465736C614C6F6769633",
"Vendor": "Tesla",
"Country": "",
"Name": "tesla",
"Description": "Tesla car key generic AID",
"Name": "teslaLogic (Alternate AID)",
"Description": "Key for Tesla vehicles",
"Type": "Tesla"
},
{
"AID": "5465736c61444150",
"Vendor": "Tesla",
"Country": "",
"Name": "TeslaDAP",
"Description": "Undocumented AID associated with official Tesla BTLE Key Fobs",
"Type": "Tesla"
}
]
]

4
client/tinycbor/cborpretty.c
View File

@@ -488,14 +488,14 @@ static CborError value_to_pretty(CborStreamFunction stream, void *out, CborValue
case CborFloatType:
cbor_value_get_float(it, &f);
val = f;
suffix = flags & CborPrettyNumericEncodingIndicators ? "_2" : "f";
suffix = (flags & CborPrettyNumericEncodingIndicators) ? "_2" : "f";
} else if (false) {
uint16_t f16;
case CborHalfFloatType:
#ifndef CBOR_NO_HALF_FLOAT_TYPE
cbor_value_get_half_float(it, &f16);
val = decode_half(f16);
suffix = flags & CborPrettyNumericEncodingIndicators ? "_1" : "f16";
suffix = (flags & CborPrettyNumericEncodingIndicators) ? "_1" : "f16";
#else
(void)f16;
err = CborErrorUnsupportedType;

2
client/tinycbor/cbortojson.c
View File

@@ -146,7 +146,7 @@
* the keys for the metadata clash with existing keys in the JSON map.
*/
extern FILE *open_memstream(char **bufptr, size_t *sizeptr);
extern FILE *open_memstream(char **bufptr, size_t *lenptr);
enum ConversionStatusFlags {
TypeWasNotNative = 0x100, /* anything but strings, boolean, null, arrays and maps */

1
client/ui.c
View File

@@ -159,6 +159,7 @@ void PrintAndLogEx(logLevel_t level, const char *fmt, ...) {
break;
case DEBUG:
strncpy(prefix, _BLUE_("[#]"), sizeof(prefix) - 1);
break;
case HINT:
case SUCCESS:
strncpy(prefix, _GREEN_("[+]"), sizeof(prefix) - 1);

12
client/wiegand_formatutils.c
View File

@@ -36,21 +36,21 @@ bool set_bit_by_position(wiegand_message_t *data, bool value, uint8_t pos) {
return false;
} else if (pos > 63) {
if (value)
data->Top |= (1 << (pos - 64));
data->Top |= (1UL << (pos - 64));
else
data->Top &= ~(1 << (pos - 64));
data->Top &= ~(1UL << (pos - 64));
return true;
} else if (pos > 31) {
if (value)
data->Mid |= (1 << (pos - 32));
data->Mid |= (1UL << (pos - 32));
else
data->Mid &= ~(1 << (pos - 32));
data->Mid &= ~(1UL << (pos - 32));
return true;
} else {
if (value)
data->Bot |= (1 << pos);
data->Bot |= (1UL << pos);
else
data->Bot &= ~(1 << pos);
data->Bot &= ~(1UL << pos);
return true;
}
}