From 34a54089a939496411e0e4b77ffe02c3e6c2ecc6 Mon Sep 17 00:00:00 2001 From: AloneLiberty <111039319+AloneLiberty@users.noreply.github.com> Date: Mon, 1 May 2023 22:59:45 +0300 Subject: [PATCH] 1.3.0 - Check first_byte_sum (no more invalid ones) --- lib/nested/nested.c | 14 ++++---- lib/nested/nested.h | 3 +- mifare_nested_i.h | 2 +- mifare_nested_worker.c | 80 +++++++++++++++++++++++++++--------------- 4 files changed, 63 insertions(+), 36 deletions(-) diff --git a/lib/nested/nested.c b/lib/nested/nested.c index 08fb5af3ea1..d9eefdfa8c6 100644 --- a/lib/nested/nested.c +++ b/lib/nested/nested.c @@ -545,7 +545,7 @@ struct nonce_info nested_attack( return r; } -struct nonce_info_hard hard_nested_collect_nonces( +struct nonce_info_hard nested_hard_nonce_attack( FuriHalNfcTxRxContext* tx_rx, uint8_t blockNo, uint8_t keyType, @@ -553,6 +553,7 @@ struct nonce_info_hard hard_nested_collect_nonces( uint8_t targetKeyType, uint64_t ui64Key, uint32_t* found, + uint32_t* first_byte_sum, Stream* file_stream) { uint32_t cuid = 0; uint8_t same = 0; @@ -585,11 +586,6 @@ struct nonce_info_hard hard_nested_collect_nonces( (oddparity8(tx_rx->rx_data[j]) != ((tx_rx->rx_parity[0] >> (7 - j)) & 0x01)); } - // update unique nonces - if(!found[tx_rx->rx_data[0]]) { - found[tx_rx->rx_data[0]]++; - } - uint8_t pbits = 0; for(uint8_t j = 0; j < 4; j++) { uint8_t p = oddparity8(tx_rx->rx_data[j]); @@ -600,6 +596,12 @@ struct nonce_info_hard hard_nested_collect_nonces( pbits |= p; } + // update unique nonces + if(!found[tx_rx->rx_data[0]]) { + *first_byte_sum += evenparity32(pbits & 0x08); + found[tx_rx->rx_data[0]]++; + } + if(nt == previous) { same++; } diff --git a/lib/nested/nested.h b/lib/nested/nested.h index 6e142b7ed46..59746505193 100644 --- a/lib/nested/nested.h +++ b/lib/nested/nested.h @@ -62,7 +62,7 @@ struct nonce_info nested_attack( uint32_t distance, uint32_t delay); -struct nonce_info_hard hard_nested_collect_nonces( +struct nonce_info_hard nested_hard_nonce_attack( FuriHalNfcTxRxContext* tx_rx, uint8_t blockNo, uint8_t keyType, @@ -70,6 +70,7 @@ struct nonce_info_hard hard_nested_collect_nonces( uint8_t targetKeyType, uint64_t ui64Key, uint32_t* found, + uint32_t* first_byte_sum, Stream* file_stream); uint32_t nested_calibrate_distance( diff --git a/mifare_nested_i.h b/mifare_nested_i.h index f6320a2dfa8..4c983460bb8 100644 --- a/mifare_nested_i.h +++ b/mifare_nested_i.h @@ -19,7 +19,7 @@ #include #include "mifare_nested_icons.h" -#define NESTED_VERSION_APP "1.2.5" +#define NESTED_VERSION_APP "1.3.0" #define NESTED_GITHUB_LINK "https://github.com/AloneLiberty/FlipperNested" #define NESTED_RECOVER_KEYS_GITHUB_LINK "https://github.com/AloneLiberty/FlipperNestedRecovery" #define NESTED_NONCE_FORMAT_VERSION "3" diff --git a/mifare_nested_worker.c b/mifare_nested_worker.c index 65a118d647c..a0e1bc551d6 100644 --- a/mifare_nested_worker.c +++ b/mifare_nested_worker.c @@ -13,6 +13,10 @@ #define TAG "MifareNestedWorker" +// possible sum property values +static uint16_t sums[] = + {0, 32, 56, 64, 80, 96, 104, 112, 120, 128, 136, 144, 152, 160, 176, 192, 200, 224, 256}; + void mifare_nested_worker_change_state( MifareNestedWorker* mifare_nested_worker, MifareNestedWorkerState state) { @@ -468,7 +472,7 @@ uint32_t mifare_nested_worker_predict_delay( } free(crypto); - + return 1; } @@ -876,38 +880,38 @@ void mifare_nested_worker_collect_nonces_hard(MifareNestedWorker* mifare_nested_ continue; } - Stream* file_stream = file_stream_alloc(storage); - FuriString* hardnested_file = furi_string_alloc(); - mifare_nested_worker_get_hardnested_file_path( - &data, hardnested_file, sector, key_type); - - file_stream_open( - file_stream, - furi_string_get_cstr(hardnested_file), - FSAM_READ_WRITE, - FSOM_CREATE_ALWAYS); - - FuriString* header = furi_string_alloc_printf( - "Filetype: Flipper Nested Nonces File\nVersion: %s\nNote: you will need desktop app to recover keys: %s\nKey %c cuid 0x%08lx sec %u\n", - NESTED_NONCE_FORMAT_VERSION, - NESTED_RECOVER_KEYS_GITHUB_LINK, - !key_type ? 'A' : 'B', - cuid, - sector); - - stream_write_string(file_stream, header); - furi_string_free(header); - furi_string_free(hardnested_file); - while(!info->collected && mifare_nested_worker->state == MifareNestedWorkerStateCollecting) { + Stream* file_stream = file_stream_alloc(storage); + FuriString* hardnested_file = furi_string_alloc(); + mifare_nested_worker_get_hardnested_file_path( + &data, hardnested_file, sector, key_type); + + file_stream_open( + file_stream, + furi_string_get_cstr(hardnested_file), + FSAM_READ_WRITE, + FSOM_CREATE_ALWAYS); + + FuriString* header = furi_string_alloc_printf( + "Filetype: Flipper Nested Nonces File\nVersion: %s\nNote: you will need desktop app to recover keys: %s\nKey %c cuid 0x%08lx sec %u\n", + NESTED_NONCE_FORMAT_VERSION, + NESTED_RECOVER_KEYS_GITHUB_LINK, + !key_type ? 'A' : 'B', + cuid, + sector); + + stream_write_string(file_stream, header); + furi_string_free(header); + + uint32_t first_byte_sum = 0; uint32_t* found = malloc(sizeof(uint32_t) * 256); for(uint32_t i = 0; i < 256; i++) { found[i] = 0; } while(mifare_nested_worker->state == MifareNestedWorkerStateCollecting) { - struct nonce_info_hard result = hard_nested_collect_nonces( + struct nonce_info_hard result = nested_hard_nonce_attack( &tx_rx, key_block, found_key_type, @@ -915,11 +919,15 @@ void mifare_nested_worker_collect_nonces_hard(MifareNestedWorker* mifare_nested_ key_type, key, found, + &first_byte_sum, file_stream); if(result.static_encrypted) { - // TODO: Delete file? file_stream_close(file_stream); + + storage_simply_remove(storage, furi_string_get_cstr(hardnested_file)); + + furi_string_free(hardnested_file); free(found); free(mf_data); nfc_deactivate(); @@ -946,6 +954,22 @@ void mifare_nested_worker_collect_nonces_hard(MifareNestedWorker* mifare_nested_ FURI_LOG_D(TAG, "Found states: %lu", states); if(states == 256) { + FURI_LOG_D( + TAG, "All states collected, first_byte_sum: %lu", first_byte_sum); + + bool valid = false; + for(uint8_t i = 0; i < sizeof(sums); i++) { + if(sums[i] == first_byte_sum) { + valid = true; + break; + } + } + + if(!valid) { + FURI_LOG_E(TAG, "Invalid first_byte_sum!"); + break; + } + info->collected = true; info->hardnested = true; nonces->cuid = result.cuid; @@ -966,9 +990,9 @@ void mifare_nested_worker_collect_nonces_hard(MifareNestedWorker* mifare_nested_ } free(found); + furi_string_free(hardnested_file); + file_stream_close(file_stream); } - - file_stream_close(file_stream); } }