Allow to find default keys using 7bytes UID MIFARE Classic tags

This commit is contained in:
Romuald Conty 2012-06-02 01:26:48 +00:00
parent 3b02985173
commit 435de61cc5
2 changed files with 4 additions and 4 deletions

View file

@ -257,7 +257,7 @@ int main(int argc, char * const argv[]) {
// Try to authenticate to all sectors with default keys // Try to authenticate to all sectors with default keys
// Set the authentication information (uid) // Set the authentication information (uid)
memcpy(mp.mpa.abtUid, t.nt.nti.nai.abtUid, sizeof(mp.mpa.abtUid)); memcpy(mp.mpa.abtAuthUid, t.nt.nti.nai.abtUid + t.nt.nti.nai.szUidLen - 4, sizeof(mp.mpa.abtAuthUid));
// Iterate over all keys (n = number of keys) // Iterate over all keys (n = number of keys)
n = sizeof(defaultKeys)/sizeof(defaultKeys[0]); n = sizeof(defaultKeys)/sizeof(defaultKeys[0]);
size_t defKey_bytes_todo = defKeys_len; size_t defKey_bytes_todo = defKeys_len;
@ -336,7 +336,7 @@ int main(int argc, char * const argv[]) {
for (m = 0; m < 2; ++m) { for (m = 0; m < 2; ++m) {
if (e_sector == -1) break; // All keys are default, I am skipping recovery mode if (e_sector == -1) break; // All keys are default, I am skipping recovery mode
for (j = 0; j < (t.num_sectors); ++j) { for (j = 0; j < (t.num_sectors); ++j) {
memcpy(mp.mpa.abtUid, t.nt.nti.nai.abtUid, sizeof(mp.mpa.abtUid)); memcpy(mp.mpa.abtAuthUid, t.nt.nti.nai.abtUid + t.nt.nti.nai.szUidLen - 4, sizeof(mp.mpa.abtAuthUid));
if ((dumpKeysA && !t.sectors[j].foundKeyA) || (!dumpKeysA && !t.sectors[j].foundKeyB)) { if ((dumpKeysA && !t.sectors[j].foundKeyA) || (!dumpKeysA && !t.sectors[j].foundKeyB)) {
// First, try already broken keys // First, try already broken keys
@ -500,7 +500,7 @@ int main(int argc, char * const argv[]) {
memcpy(mtDump.amb[block].mbt.abtKeyB,t.sectors[i].KeyB,6); memcpy(mtDump.amb[block].mbt.abtKeyB,t.sectors[i].KeyB,6);
if (!failure) memcpy(mtDump.amb[block].mbt.abtAccessBits,mp.mpd.abtData+6,4); if (!failure) memcpy(mtDump.amb[block].mbt.abtAccessBits,mp.mpd.abtData+6,4);
} else if (!failure) memcpy(mtDump.amb[block].mbd.abtData, mp.mpd.abtData,16); } else if (!failure) memcpy(mtDump.amb[block].mbd.abtData, mp.mpd.abtData,16);
memcpy(mp.mpa.abtUid,t.nt.nti.nai.abtUid,4); memcpy(mp.mpa.abtAuthUid, t.nt.nti.nai.abtUid + t.nt.nti.nai.szUidLen - 4, sizeof(mp.mpa.abtAuthUid));
} }
// Finally save all keys + data to file // Finally save all keys + data to file

View file

@ -55,7 +55,7 @@ typedef enum {
// MIFARE command params // MIFARE command params
struct mifare_param_auth { struct mifare_param_auth {
uint8_t abtKey[6]; uint8_t abtKey[6];
uint8_t abtUid[4]; uint8_t abtAuthUid[4];
}; };
struct mifare_param_data { struct mifare_param_data {