96 lines
3.2 KiB
Diff
96 lines
3.2 KiB
Diff
diff --git a/src/mfoc.c b/src/mfoc.c
|
|
index 0cb917d..195de68 100644
|
|
--- a/src/mfoc.c
|
|
+++ b/src/mfoc.c
|
|
@@ -93,8 +93,8 @@ int main(int argc, char *const argv[])
|
|
{0x58, 0x7e, 0xe5, 0xf9, 0x35, 0x0f},
|
|
{0xa0, 0x47, 0x8c, 0xc3, 0x90, 0x91},
|
|
{0x53, 0x3c, 0xb6, 0xc7, 0x23, 0xf6},
|
|
- {0x8f, 0xd0, 0xa4, 0xf2, 0x56, 0xe9}
|
|
-
|
|
+ {0x8f, 0xd0, 0xa4, 0xf2, 0x56, 0xe9},
|
|
+ {0xb4, 0xc1, 0x32, 0x43, 0x9e, 0xef}
|
|
};
|
|
|
|
mftag t;
|
|
@@ -219,12 +219,31 @@ int main(int argc, char *const argv[])
|
|
goto error;
|
|
}
|
|
|
|
- // Save tag's block size (b4K)
|
|
- t.b4K = (t.nt.nti.nai.abtAtqa[1] == 0x02);
|
|
t.authuid = (uint32_t) bytes_to_num(t.nt.nti.nai.abtUid + t.nt.nti.nai.szUidLen - 4, 4);
|
|
|
|
- t.num_blocks = (t.b4K) ? 0xff : 0x3f;
|
|
- t.num_sectors = t.b4K ? NR_TRAILERS_4k : NR_TRAILERS_1k;
|
|
+ // Get Mifare Classic type from SAK
|
|
+ // see http://www.nxp.com/documents/application_note/AN10833.pdf Section 3.2
|
|
+ switch (t.nt.nti.nai.btSak)
|
|
+ {
|
|
+ case 0x08:
|
|
+ printf("Found Mifare Classic 1k tag\n");
|
|
+ t.num_sectors = NR_TRAILERS_1k;
|
|
+ t.num_blocks = NR_BLOCKS_1k;
|
|
+ break;
|
|
+ case 0x09:
|
|
+ printf("Found Mifare Classic Mini tag\n");
|
|
+ t.num_sectors = NR_TRAILERS_MINI;
|
|
+ t.num_blocks = NR_BLOCKS_MINI;
|
|
+ break;
|
|
+ case 0x18:
|
|
+ printf("Found Mifare Classic 4k tag\n");
|
|
+ t.num_sectors = NR_TRAILERS_4k;
|
|
+ t.num_blocks = NR_BLOCKS_4k;
|
|
+ break;
|
|
+ defaul:
|
|
+ ERR("Cannot determine card type from SAK");
|
|
+ goto error;
|
|
+ }
|
|
|
|
t.sectors = (void *) calloc(t.num_sectors, sizeof(sector));
|
|
if (t.sectors == NULL) {
|
|
@@ -564,7 +583,7 @@ void usage(FILE *stream, int errno)
|
|
fprintf(stream, " k try the specified key in addition to the default keys\n");
|
|
// fprintf(stream, " D number of distance probes, default is 20\n");
|
|
// fprintf(stream, " S number of sets with keystreams, default is 5\n");
|
|
- fprintf(stream, " P number of probes per sector, instead of default of 20\n");
|
|
+ fprintf(stream, " P number of probes per sector, instead of default of 150\n");
|
|
fprintf(stream, " T nonce tolerance half-range, instead of default of 20\n (i.e., 40 for the total range, in both directions)\n");
|
|
// fprintf(stream, " s specify the list of sectors to crack, for example -s 0,1,3,5\n");
|
|
fprintf(stream, " O file in which the card contents will be written (REQUIRED)\n");
|
|
diff --git a/src/mfoc.h b/src/mfoc.h
|
|
index b411670..532e834 100644
|
|
--- a/src/mfoc.h
|
|
+++ b/src/mfoc.h
|
|
@@ -2,11 +2,21 @@
|
|
#define TRY_KEYS 50
|
|
|
|
// Number of trailers == number of sectors
|
|
-// 16x64b = 16
|
|
+// Mifare Classic 1k 16x64b = 16
|
|
#define NR_TRAILERS_1k (16)
|
|
-// 32x64b + 8*256b = 40
|
|
+// Mifare Classic Mini
|
|
+#define NR_TRAILERS_MINI (5)
|
|
+// Mifare Classic 4k 32x64b + 8*256b = 40
|
|
#define NR_TRAILERS_4k (40)
|
|
|
|
+// Number of blocks
|
|
+// Mifare Classic 1k
|
|
+#define NR_BLOCKS_1k 0x3f
|
|
+// Mifare Classic Mini
|
|
+#define NR_BLOCKS_MINI 0x13
|
|
+// Mifare Classic 4k
|
|
+#define NR_BLOCKS_4k 0xff
|
|
+
|
|
#define MAX_FRAME_LEN 264
|
|
|
|
// Used for counting nonce distances, explore [nd-value, nd+value]
|
|
@@ -46,7 +56,6 @@ typedef struct {
|
|
uint8_t num_sectors;
|
|
uint8_t num_blocks;
|
|
uint32_t authuid;
|
|
- bool b4K;
|
|
} mftag;
|
|
|
|
typedef struct {
|