Skip to content

Commit

Permalink
mf autopwn: try nested harder before hardnested; typos
Browse files Browse the repository at this point in the history
  • Loading branch information
@doegox
doegox committed Aug 26, 2019
1 parent d838c81 commit 9c677e0
Showing 1 changed file with 18 additions and 8 deletions.
26 changes: 18 additions & 8 deletions client/cmdhfmf.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1858,7 +1858,7 @@ static int CmdHF14AMfAutoPWN(const char *Cmd) {
i2 ? 'B' : 'A',
tmp_key[0], tmp_key[1], tmp_key[2], tmp_key[3], tmp_key[4], tmp_key[5]);

// Store vaild credentials for the nested / hardnested attack if none exist
// Store valid credentials for the nested / hardnested attack if none exist
if (know_target_key == false) {
num_to_bytes(e_sector[i].Key[i2], 6, key);
know_target_key = true;
Expand Down Expand Up @@ -1901,9 +1901,9 @@ static int CmdHF14AMfAutoPWN(const char *Cmd) {
break;
}
num_to_bytes(key64, 6, key);
// Check if the darkside key is vaild
// Check if the darkside key is valid
if (mfCheckKeys(FirstBlockOfSector(blockNo), keyType, true, 1, key, &key64) != PM3_SUCCESS) {
PrintAndLogEx(FAILED, "The key generated by the darkside attack is not vaild!"
PrintAndLogEx(FAILED, "The key generated by the darkside attack is not valid!"
_RED_("%3d") " key type:"_RED_("%c") " key: " _RED_("0x%02x%02x%02x%02x%02x%02x"),
blockNo,
keyType ? 'B' : 'A',
Expand All @@ -1924,6 +1924,7 @@ static int CmdHF14AMfAutoPWN(const char *Cmd) {
free(keyBlock);
// Clear the needed variables
num_to_bytes(0, 6, tmp_key);
bool nested_failed = false;

// Iterate over each sector and key(A/B)
for (current_sector_i=0; current_sector_i < sectors_cnt; current_sector_i++) {
Expand Down Expand Up @@ -1958,7 +1959,9 @@ static int CmdHF14AMfAutoPWN(const char *Cmd) {

// Use the nested / hardnested attack
if (e_sector[current_sector_i].foundKey[current_key_type_i] == 0) {
if (prng_type) {
if (prng_type && (! nested_failed)) {
uint8_t retries = 0;
tryNested:
PrintAndLogEx(INFO, "[ NESTED ] Sector no:%3d, target key type:%c",
current_sector_i,
current_key_type_i ? 'B' : 'A');
Expand All @@ -1982,8 +1985,15 @@ static int CmdHF14AMfAutoPWN(const char *Cmd) {
break;
case -4 : //key not found
calibrate = false;
PrintAndLogEx(FAILED, "Nested attack failed --> try hardnested instead!");
goto tryHardnested;
// this can happen on some old cards, it's worth trying some more before switching to slower hardnested
if (retries++ < MIFARE_SECTOR_RETRY) {
PrintAndLogEx(FAILED, "Nested attack failed, trying again (%i/%i)", retries, MIFARE_SECTOR_RETRY);
goto tryNested;
} else {
PrintAndLogEx(FAILED, "Nested attack failed, moving to hardnested");
nested_failed = true;
goto tryHardnested;
}
break;
case -5 :
calibrate = false;
Expand All @@ -1997,7 +2007,7 @@ static int CmdHF14AMfAutoPWN(const char *Cmd) {
break;
}
} else {
tryHardnested: // If the nested attack failes then we try the hardnested attack
tryHardnested: // If the nested attack fails then we try the hardnested attack
PrintAndLogEx(INFO, "[ HARDNESTED ] Sector no:%3d, target key type:%c, Slow: %s",
current_sector_i,
current_key_type_i ? 'B' : 'A',
Expand Down Expand Up @@ -2061,7 +2071,7 @@ static int CmdHF14AMfAutoPWN(const char *Cmd) {
PrintAndLogEx(INFO, "Dumping the keys:");
createMfcKeyDump(sectors_cnt, e_sector, GenerateFilename("hf-mf-", "-key.bin"));

PrintAndLogEx(SUCCESS, "Transfering the found keys to the simulator memory (Cmd Error: 04 can occour, but this shouldn't be a problem)");
PrintAndLogEx(SUCCESS, "Transferring the found keys to the simulator memory (Cmd Error: 04 can occur, but this shouldn't be a problem)");
for (current_sector_i=0; current_sector_i < sectors_cnt; current_sector_i++) {
mfEmlGetMem(block, current_sector_i, 1);
if (e_sector[current_sector_i].foundKey[0])
Expand Down

0 comments on commit 9c677e0

Please sign in to comment.