depau/mfoc-always-skip-probes
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

hide authentication errors

Browse source
This commit is contained in:
Romuald Conty 2011-04-04 10:38:30 +00:00
parent dafa6e42db
commit 4d1ce73772
2 changed files with 52 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

100
src/mfoc.c
View file

@ -106,24 +106,24 @@ int main(int argc, char * const argv[]) {
case 'P': case 'P':
// Number of probes // Number of probes
if (!(probes = atoi(optarg)) || probes < 1) { if (!(probes = atoi(optarg)) || probes < 1) {
fprintf(stderr, "The number of probes must be a positive number\n"); ERR ("The number of probes must be a positive number");
exit(1); exit (EXIT_FAILURE);
} }
// fprintf(stdout, "Number of probes: %d\n", probes); // fprintf(stdout, "Number of probes: %d\n", probes);
break; break;
case 'T': case 'T':
// Nonce tolerance range // Nonce tolerance range
if (!(d.tolerance = atoi(optarg)) || d.tolerance < 0) { if (!(d.tolerance = atoi(optarg)) || d.tolerance < 0) {
fprintf(stderr, "The nonce distances range must be a zero or a positive number\n"); ERR ("The nonce distances range must be a zero or a positive number");
exit(1); exit (EXIT_FAILURE);
} }
// fprintf(stdout, "Tolerance number: %d\n", probes); // fprintf(stdout, "Tolerance number: %d\n", probes);
break; break;
case 'k': case 'k':
// Add this key to the default keys list // Add this key to the default keys list
if ((defKey = calloc(6, sizeof(byte_t))) == NULL) { if ((defKey = calloc(6, sizeof(byte_t))) == NULL) {
fprintf(stderr, "Cannot allocate memory for defKey\n"); ERR ("Cannot allocate memory for defKey");
exit(1); exit (EXIT_FAILURE);
} else { } else {
bzero(defKey, 6); bzero(defKey, 6);
num_to_bytes(strtoll(optarg, NULL, 16), 6, defKey); num_to_bytes(strtoll(optarg, NULL, 16), 6, defKey);
@ -136,7 +136,7 @@ int main(int argc, char * const argv[]) {
// File output // File output
if (!(pfDump = fopen(optarg, "wb"))) { if (!(pfDump = fopen(optarg, "wb"))) {
fprintf(stderr, "Cannot open: %s, exiting\n", optarg); fprintf(stderr, "Cannot open: %s, exiting\n", optarg);
exit(1); exit (EXIT_FAILURE);
} }
// fprintf(stdout, "Output file: %s\n", optarg); // fprintf(stdout, "Output file: %s\n", optarg);
break; break;
@ -150,8 +150,8 @@ int main(int argc, char * const argv[]) {
} }
if (!pfDump) { if (!pfDump) {
fprintf(stderr, "Error, parameter -O is mandatory\n"); ERR ("parameter -O is mandatory");
exit(1); exit (EXIT_FAILURE);
} }
// Initialize reader/tag structures // Initialize reader/tag structures
@ -169,16 +169,16 @@ int main(int argc, char * const argv[]) {
t.sectors = (void *) calloc(t.num_sectors, sizeof(sector)); t.sectors = (void *) calloc(t.num_sectors, sizeof(sector));
if (t.sectors == NULL) { if (t.sectors == NULL) {
fprintf(stderr, "Cannot allocate memory for t.sectors\n"); ERR ("Cannot allocate memory for t.sectors");
exit(1); exit (EXIT_FAILURE);
} }
if ((pk = (void *) malloc(sizeof(pKeys))) == NULL) { if ((pk = (void *) malloc(sizeof(pKeys))) == NULL) {
fprintf(stderr, "Cannot allocate memory for pk\n"); ERR ("Cannot allocate memory for pk");
exit(1); exit (EXIT_FAILURE);
} }
if ((bk = (void *) malloc(sizeof(bKeys))) == NULL) { if ((bk = (void *) malloc(sizeof(bKeys))) == NULL) {
fprintf(stderr, "Cannot allocate memory for bk\n"); ERR ("Cannot allocate memory for bk");
exit(1); exit (EXIT_FAILURE);
} else { } else {
bk->brokenKeys = NULL; bk->brokenKeys = NULL;
bk->size = 0; bk->size = 0;
@ -186,15 +186,15 @@ int main(int argc, char * const argv[]) {
d.distances = (void *) calloc(d.num_distances, sizeof(u_int32_t)); d.distances = (void *) calloc(d.num_distances, sizeof(u_int32_t));
if (d.distances == NULL) { if (d.distances == NULL) {
fprintf(stderr, "Cannot allocate memory for t.distances\n"); ERR ("Cannot allocate memory for t.distances");
exit(1); exit (EXIT_FAILURE);
} }
// Test if a compatible MIFARE tag is used // Test if a compatible MIFARE tag is used
if ((t.nt.nti.nai.btSak & 0x08) == 0) { if ((t.nt.nti.nai.btSak & 0x08) == 0) {
printf("Error: inserted tag is not a MIFARE Classic card\n"); ERR ("inserted tag is not a MIFARE Classic");
nfc_disconnect(r.pdi); nfc_disconnect(r.pdi);
exit(1); exit (EXIT_FAILURE);
} }
// Initialize t.sectors, keys are not known yet // Initialize t.sectors, keys are not known yet
@ -371,8 +371,8 @@ int main(int argc, char * const argv[]) {
} }
// We haven't found any key, exiting // We haven't found any key, exiting
if ((dumpKeysA && !t.sectors[j].foundKeyA) || (!dumpKeysA && !t.sectors[j].foundKeyB)) { if ((dumpKeysA && !t.sectors[j].foundKeyA) || (!dumpKeysA && !t.sectors[j].foundKeyB)) {
fprintf(stderr, "No success, maybe you should increase the probes\n"); ERR ("No success, maybe you should increase the probes");
exit(1); exit (EXIT_FAILURE);
} }
} }
} }
@ -399,7 +399,7 @@ int main(int argc, char * const argv[]) {
// Try A key, auth() + read() // Try A key, auth() + read()
memcpy(mp.mpa.abtKey, t.sectors[i].KeyA, sizeof(t.sectors[i].KeyA)); memcpy(mp.mpa.abtKey, t.sectors[i].KeyA, sizeof(t.sectors[i].KeyA));
if (!nfc_initiator_mifare_cmd(r.pdi, MC_AUTH_A, block, &mp)) { if (!nfc_initiator_mifare_cmd(r.pdi, MC_AUTH_A, block, &mp)) {
// fprintf(stderr, "Error: Auth A\n"); // ERR ("Error: Auth A");
mf_configure(r.pdi); mf_configure(r.pdi);
mf_anticollision(t, r); mf_anticollision(t, r);
} else { // and Read } else { // and Read
@ -411,12 +411,12 @@ int main(int argc, char * const argv[]) {
failure = false; failure = false;
} else { } else {
// Error, now try read() with B key // Error, now try read() with B key
// fprintf(stderr, "Error: Read A\n"); // ERR ("Error: Read A");
mf_configure(r.pdi); mf_configure(r.pdi);
mf_anticollision(t, r); mf_anticollision(t, r);
memcpy(mp.mpa.abtKey, t.sectors[i].KeyB, sizeof(t.sectors[i].KeyB)); memcpy(mp.mpa.abtKey, t.sectors[i].KeyB, sizeof(t.sectors[i].KeyB));
if (!nfc_initiator_mifare_cmd(r.pdi, MC_AUTH_B, block, &mp)) { if (!nfc_initiator_mifare_cmd(r.pdi, MC_AUTH_B, block, &mp)) {
// fprintf(stderr, "Error: Auth B\n"); // ERR ("Error: Auth B");
mf_configure(r.pdi); mf_configure(r.pdi);
mf_anticollision(t, r); mf_anticollision(t, r);
} else { // and Read } else { // and Read
@ -429,7 +429,7 @@ int main(int argc, char * const argv[]) {
} else { } else {
mf_configure(r.pdi); mf_configure(r.pdi);
mf_anticollision(t, r); mf_anticollision(t, r);
// fprintf(stderr, "Error: Read B\n"); // ERR ("Error: Read B");
} }
} }
} }
@ -447,7 +447,7 @@ int main(int argc, char * const argv[]) {
if (fwrite(&mtDump, 1, sizeof(mtDump), pfDump) != sizeof(mtDump)) { if (fwrite(&mtDump, 1, sizeof(mtDump), pfDump) != sizeof(mtDump)) {
fprintf(stdout, "Error, cannot write dump\n"); fprintf(stdout, "Error, cannot write dump\n");
fclose(pfDump); fclose(pfDump);
exit(1); exit (EXIT_FAILURE);
} }
fclose(pfDump); fclose(pfDump);
} }
@ -488,8 +488,8 @@ void mf_init(mftag *t, mfreader *r) {
// Connect to the first NFC device // Connect to the first NFC device
r->pdi = nfc_connect(NULL); r->pdi = nfc_connect(NULL);
if (!r->pdi) { if (!r->pdi) {
fprintf(stderr, "!Error connecting to the NFC reader\n"); ERR ("Unable to connection to NFC device\n");
exit(1); exit (EXIT_FAILURE);
} }
} }
@ -513,9 +513,9 @@ void mf_select_tag(nfc_device_t* pdi, nfc_target_t* pnt) {
.nbr = NBR_106, .nbr = NBR_106,
}; };
if (!nfc_initiator_select_passive_target(pdi, nm, NULL, 0, pnt)) { if (!nfc_initiator_select_passive_target(pdi, nm, NULL, 0, pnt)) {
fprintf(stderr, "!Error connecting to the MIFARE Classic tag\n"); ERR ("!Error connecting to the MIFARE Classic tag");
nfc_disconnect(pdi); nfc_disconnect(pdi);
exit(1); exit (EXIT_FAILURE);
} }
} }
@ -546,8 +546,8 @@ int find_exploit_sector(mftag t) {
return i; return i;
} }
} }
fprintf(stderr, "\n\nNo sector encrypted with the default key has been found, exiting..\n"); ERR ("\n\nNo sector encrypted with the default key has been found, exiting..");
exit(1); exit (EXIT_FAILURE);
} }
void mf_anticollision(mftag t, mfreader r) { void mf_anticollision(mftag t, mfreader r) {
@ -556,8 +556,8 @@ void mf_anticollision(mftag t, mfreader r) {
.nbr = NBR_106, .nbr = NBR_106,
}; };
if (!nfc_initiator_select_passive_target(r.pdi, nm, NULL, 0, &t.nt)) { if (!nfc_initiator_select_passive_target(r.pdi, nm, NULL, 0, &t.nt)) {
fprintf(stderr, "\n\n!Error: tag has been removed\n"); ERR ("\n\n!Error: tag has been removed");
exit(1); exit (EXIT_FAILURE);
} }
} }
@ -654,8 +654,8 @@ int mf_enhanced_auth(int e_sector, int a_sector, mftag t, mfreader r, denonce *d
// fprintf(stdout, "\t{Ar}:\t"); // fprintf(stdout, "\t{Ar}:\t");
// print_hex_par(ArEnc, 64, ArEncPar); // print_hex_par(ArEnc, 64, ArEncPar);
if ((!nfc_initiator_transceive_bits(r.pdi, ArEnc, 64, ArEncPar, Rx, &RxLen, RxPar)) || (RxLen != 32)) { if ((!nfc_initiator_transceive_bits(r.pdi, ArEnc, 64, ArEncPar, Rx, &RxLen, RxPar)) || (RxLen != 32)) {
fprintf(stderr, "Reader-answer transfer error, exiting..\n"); ERR ("Reader-answer transfer error, exiting..");
exit(1); exit (EXIT_FAILURE);
} }
// Now print the answer from the tag // Now print the answer from the tag
@ -665,8 +665,8 @@ int mf_enhanced_auth(int e_sector, int a_sector, mftag t, mfreader r, denonce *d
// Decrypt the tag answer and verify that suc3(Nt) is At // Decrypt the tag answer and verify that suc3(Nt) is At
Nt = prng_successor(Nt, 32); Nt = prng_successor(Nt, 32);
if (!((crypto1_word(pcs, 0x00, 0) ^ bytes_to_num(Rx, 4)) == (Nt&0xFFFFFFFF))) { if (!((crypto1_word(pcs, 0x00, 0) ^ bytes_to_num(Rx, 4)) == (Nt&0xFFFFFFFF))) {
fprintf(stderr, "[At] is not Suc3(Nt), something is wrong, exiting..\n"); ERR ("[At] is not Suc3(Nt), something is wrong, exiting..");
exit(1); exit (EXIT_FAILURE);
} }
// fprintf(stdout, "Authentication completed.\n\n"); // fprintf(stdout, "Authentication completed.\n\n");
@ -684,7 +684,7 @@ int mf_enhanced_auth(int e_sector, int a_sector, mftag t, mfreader r, denonce *d
// Sending the encrypted Auth command // Sending the encrypted Auth command
if (!nfc_initiator_transceive_bits(r.pdi, AuthEnc, 32, AuthEncPar,Rx, &RxLen, RxPar)) { if (!nfc_initiator_transceive_bits(r.pdi, AuthEnc, 32, AuthEncPar,Rx, &RxLen, RxPar)) {
fprintf(stdout, "Error requesting encrypted tag-nonce\n"); fprintf(stdout, "Error requesting encrypted tag-nonce\n");
exit(1); exit (EXIT_FAILURE);
} }
// Decrypt the encrypted auth // Decrypt the encrypted auth
@ -712,13 +712,13 @@ int mf_enhanced_auth(int e_sector, int a_sector, mftag t, mfreader r, denonce *d
} }
nfc_configure(r.pdi,NDO_HANDLE_PARITY,false); nfc_configure(r.pdi,NDO_HANDLE_PARITY,false);
if ((!nfc_initiator_transceive_bits(r.pdi, ArEnc, 64, ArEncPar, Rx, &RxLen, RxPar)) || (RxLen != 32)) { if ((!nfc_initiator_transceive_bits(r.pdi, ArEnc, 64, ArEncPar, Rx, &RxLen, RxPar)) || (RxLen != 32)) {
fprintf(stderr, "Reader-answer transfer error, exiting..\n"); ERR ("Reader-answer transfer error, exiting..");
exit(1); exit (EXIT_FAILURE);
} }
Nt = prng_successor(Nt, 32); Nt = prng_successor(Nt, 32);
if (!((crypto1_word(pcs, 0x00, 0) ^ bytes_to_num(Rx, 4)) == (Nt&0xFFFFFFFF))) { if (!((crypto1_word(pcs, 0x00, 0) ^ bytes_to_num(Rx, 4)) == (Nt&0xFFFFFFFF))) {
fprintf(stderr, "[At] is not Suc3(Nt), something is wrong, exiting..\n"); ERR ("[At] is not Suc3(Nt), something is wrong, exiting..");
exit(1); exit (EXIT_FAILURE);
} }
} // Next auth probe } // Next auth probe
@ -742,7 +742,7 @@ int mf_enhanced_auth(int e_sector, int a_sector, mftag t, mfreader r, denonce *d
} }
if (!nfc_initiator_transceive_bits(r.pdi, AuthEnc, 32, AuthEncPar,Rx, &RxLen, RxPar)) { if (!nfc_initiator_transceive_bits(r.pdi, AuthEnc, 32, AuthEncPar,Rx, &RxLen, RxPar)) {
fprintf(stdout, "Error requesting encrypted tag-nonce\n"); fprintf(stdout, "Error requesting encrypted tag-nonce\n");
exit(1); exit (EXIT_FAILURE);
} }
// Save the encrypted nonce // Save the encrypted nonce
@ -778,8 +778,8 @@ int mf_enhanced_auth(int e_sector, int a_sector, mftag t, mfreader r, denonce *d
// fprintf(stdout, "New chunk by %d, sizeof %lu\n", kcount, pk->size * sizeof(uint64_t)); // fprintf(stdout, "New chunk by %d, sizeof %lu\n", kcount, pk->size * sizeof(uint64_t));
pk->possibleKeys = (uint64_t *) realloc((void *)pk->possibleKeys, pk->size * sizeof(uint64_t)); pk->possibleKeys = (uint64_t *) realloc((void *)pk->possibleKeys, pk->size * sizeof(uint64_t));
if (pk->possibleKeys == NULL) { if (pk->possibleKeys == NULL) {
fprintf(stderr, "Memory allocation error for pk->possibleKeys\n"); ERR ("Memory allocation error for pk->possibleKeys");
exit(1); exit (EXIT_FAILURE);
} }
} }
pk->possibleKeys[kcount] = lfsr; pk->possibleKeys[kcount] = lfsr;
@ -794,8 +794,8 @@ int mf_enhanced_auth(int e_sector, int a_sector, mftag t, mfreader r, denonce *d
if (kcount != 0) { if (kcount != 0) {
pk->size = --kcount; pk->size = --kcount;
if ((pk->possibleKeys = (uint64_t *) realloc((void *)pk->possibleKeys, pk->size * sizeof(uint64_t))) == NULL) { if ((pk->possibleKeys = (uint64_t *) realloc((void *)pk->possibleKeys, pk->size * sizeof(uint64_t))) == NULL) {
fprintf(stderr, "Memory allocation error for pk->possibleKeys\n"); ERR ("Memory allocation error for pk->possibleKeys");
exit(1); exit (EXIT_FAILURE);
} }
} }
} }
@ -835,8 +835,8 @@ countKeys * uniqsort(uint64_t * possibleKeys, uint32_t size) {
our_counts = calloc(size, sizeof(countKeys)); our_counts = calloc(size, sizeof(countKeys));
if (our_counts == NULL) { if (our_counts == NULL) {
fprintf(stderr, "Memory allocation error for our_counts\n"); ERR ("Memory allocation error for our_counts");
exit(1); exit (EXIT_FAILURE);
} }
for (i = 0; i < size; i++) { for (i = 0; i < size; i++) {

2
src/mifare.c
View file

@ -106,6 +106,8 @@ nfc_initiator_mifare_cmd (nfc_device_t * pnd, const mifare_cmd mc, const uint8_t
// authenticated on a sector but the requested MIFARE cmd (read, write) // authenticated on a sector but the requested MIFARE cmd (read, write)
// is not permitted by current acces bytes; // is not permitted by current acces bytes;
// So there is nothing to do here. // So there is nothing to do here.
} else if (pnd->iLastError == EMFAUTH) {
// In MFOC, we have to hide authentication errors :)
} else { } else {
nfc_perror (pnd, "nfc_initiator_transceive_bytes"); nfc_perror (pnd, "nfc_initiator_transceive_bytes");
} }