Skip to content

Commit

Permalink
Picopass: Remove elite user dictionary from Read Card (#48)
Browse files Browse the repository at this point in the history
  • Loading branch information
bettse authored Sep 19, 2023
1 parent 4af84c8 commit 83e7c4c
Showing 1 changed file with 16 additions and 6 deletions.
22 changes: 16 additions & 6 deletions picopass_worker.c
Original file line number Diff line number Diff line change
Expand Up @@ -282,11 +282,10 @@ ReturnCode picopass_auth(PicopassWorker* picopass_worker) {
return ERR_NONE;
}

FURI_LOG_I(TAG, "Starting user dictionary attack [Elite KDF]");
err = picopass_auth_dict(picopass_worker, IclassEliteDictTypeUser);
if(err == ERR_NONE) {
return ERR_NONE;
}
/* Because size of the user dictionary and could introduce confusing delay
* to the read screen (since there is no feedback), we omit checking it.
* It will be checked when the user uses Elite Dict. Attack, which has a progress bar
*/

FURI_LOG_I(TAG, "Starting system dictionary attack [Elite KDF]");
err = picopass_auth_dict(picopass_worker, IclassEliteDictTypeFlipper);
Expand Down Expand Up @@ -579,7 +578,18 @@ void picopass_worker_elite_dict_attack(PicopassWorker* picopass_worker) {

err = rfalPicoPassPollerCheck(mac, &chkRes);
if(err == ERR_NONE) {
FURI_LOG_I(TAG, "Found key");
FURI_LOG_I(
TAG,
"Found key: %02x%02x%02x%02x%02x%02x%02x%02x",
key[0],
key[1],
key[2],
key[3],
key[4],
key[5],
key[6],
key[7]);

memcpy(pacs->key, key, RFAL_PICOPASS_BLOCK_LEN);
pacs->elite_kdf = elite;
err = picopass_read_card(AA1);
Expand Down

0 comments on commit 83e7c4c

Please sign in to comment.