Fix Gen3 detection bug against MFUL

2020-09-23 12:25:30 +02:00
parent f6d7890802
commit 7d4c6e8faa
6 changed files with 58 additions and 52 deletions
--- a/client/src/cmdhf14a.c
+++ b/client/src/cmdhf14a.c
@@ -1979,32 +1979,33 @@ int infoHF14A(bool verbose, bool do_nack_test, bool do_aid_search) {
    }

    int isMagic = 0;
-    if (isMifareClassic || isMifareUltralight) {
-        isMagic = detect_classic_magic();
+    if (isMifareClassic) {
+        isMagic = detect_mf_magic(true);
+    }
+    if (isMifareUltralight) {
+        isMagic = detect_mf_magic(false);
+    }
+    if (isMifareClassic) {
+        int res = detect_classic_static_nonce();
+        if (res == NONCE_STATIC)
+            PrintAndLogEx(SUCCESS, "Static nonce: " _YELLOW_("yes"));

-        if (isMifareClassic) {
+        if (res == NONCE_FAIL && verbose)
+            PrintAndLogEx(SUCCESS, "Static nonce:  " _RED_("read failed"));

-            int res = detect_classic_static_nonce();
-            if (res == NONCE_STATIC)
-                PrintAndLogEx(SUCCESS, "Static nonce: " _YELLOW_("yes"));
+        if (res == NONCE_NORMAL) {

-            if (res == NONCE_FAIL && verbose)
-                PrintAndLogEx(SUCCESS, "Static nonce:  " _RED_("read failed"));
+            // not static
+            res = detect_classic_prng();
+            if (res == 1)
+                PrintAndLogEx(SUCCESS, "Prng detection: " _GREEN_("weak"));
+            else if (res == 0)
+                PrintAndLogEx(SUCCESS, "Prng detection: " _YELLOW_("hard"));
+            else
+                PrintAndLogEx(FAILED, "Prng detection:  " _RED_("fail"));

-            if (res == NONCE_NORMAL) {
-
-                // not static
-                res = detect_classic_prng();
-                if (res == 1)
-                    PrintAndLogEx(SUCCESS, "Prng detection: " _GREEN_("weak"));
-                else if (res == 0)
-                    PrintAndLogEx(SUCCESS, "Prng detection: " _YELLOW_("hard"));
-                else
-                    PrintAndLogEx(FAILED, "Prng detection:  " _RED_("fail"));
-
-                if (do_nack_test)
-                    detect_classic_nackbug(false);
-            }
+            if (do_nack_test)
+                detect_classic_nackbug(false);
        }
    }

--- a/client/src/mifare/mifarehost.c
+++ b/client/src/mifare/mifarehost.c
@@ -1154,13 +1154,14 @@ int detect_classic_static_nonce(void) {
    return NONCE_FAIL;
 }

-/* try to see if card responses to "chinese magic backdoor" commands. */
-int detect_classic_magic(void) {
+/* try to see if card responses to "Chinese magic backdoor" commands. */
+int detect_mf_magic(bool is_mfc) {

    uint8_t isGeneration = 0;
    PacketResponseNG resp;
    clearCommandBuffer();
-    SendCommandNG(CMD_HF_MIFARE_CIDENT, NULL, 0);
+    uint8_t payload[] = { is_mfc };
+    SendCommandNG(CMD_HF_MIFARE_CIDENT, payload, sizeof(payload));
    if (WaitForResponseTimeout(CMD_HF_MIFARE_CIDENT, &resp, 1500)) {
        if (resp.status == PM3_SUCCESS)
            isGeneration = resp.data.asBytes[0];
--- a/client/src/mifare/mifarehost.h
+++ b/client/src/mifare/mifarehost.h
@@ -88,7 +88,7 @@ int tryDecryptWord(uint32_t nt, uint32_t ar_enc, uint32_t at_enc, uint8_t *data,

 int detect_classic_prng(void);
 int detect_classic_nackbug(bool verbose);
-int detect_classic_magic(void);
+int detect_mf_magic(bool is_mfc);
 int detect_classic_static_nonce(void);
 void mf_crypto1_decrypt(struct Crypto1State *pcs, uint8_t *data, int len, bool isEncrypted);
 #endif