static bool read_card (void) { uint32_t page; bool bFailure = false; uint32_t uiReadedPages = 0; printf ("Reading %d pages |", uiBlocks + 1); for (page = 0; page <= uiBlocks; page += 4) { // Try to read out the data block if (nfc_initiator_mifare_cmd (pnd, MC_READ, page, &mp)) { memcpy (mtDump.amb[page / 4].mbd.abtData, mp.mpd.abtData, 16); } else { bFailure = true; break; } print_success_or_failure (bFailure, &uiReadedPages); print_success_or_failure (bFailure, &uiReadedPages); print_success_or_failure (bFailure, &uiReadedPages); print_success_or_failure (bFailure, &uiReadedPages); } printf ("|\n"); printf ("Done, %d of %d pages readed.\n", uiReadedPages, uiBlocks + 1); fflush (stdout); return (!bFailure); }
static bool write_card (void) { uint32_t uiBlock = 0; bool bFailure = false; uint32_t uiWritenPages = 0; uint32_t uiSkippedPages; char buffer[BUFSIZ]; bool write_otp; bool write_lock; printf ("Write OTP bytes ? [yN] "); fgets (buffer, BUFSIZ, stdin); write_otp = ((buffer[0] == 'y') || (buffer[0] == 'Y')); printf ("Write Lock bytes ? [yN] "); fgets (buffer, BUFSIZ, stdin); write_lock = ((buffer[0] == 'y') || (buffer[0] == 'Y')); printf ("Writing %d pages |", uiBlocks + 1); /* We need to skip 2 first pages. */ printf ("ss"); uiSkippedPages = 2; for (int page = 0x2; page <= 0xF; page++) { if ((page==0x2) && (!write_lock)) { printf ("s"); uiSkippedPages++; continue; } if ((page==0x3) && (!write_otp)) { printf ("s"); uiSkippedPages++; continue; } // Show if the readout went well if (bFailure) { // When a failure occured we need to redo the anti-collision if (!nfc_initiator_select_passive_target (pnd, nmMifare, NULL, 0, &nt)) { ERR ("tag was removed"); return false; } bFailure = false; } // For the Mifare Ultralight, this write command can be used // in compatibility mode, which only actually writes the first // page (4 bytes). The Ultralight-specific Write command only // writes one page at a time. uiBlock = page / 4; memcpy (mp.mpd.abtData, mtDump.amb[uiBlock].mbd.abtData + ((page % 4) * 4), 16); if (!nfc_initiator_mifare_cmd (pnd, MC_WRITE, page, &mp)) bFailure = true; print_success_or_failure (bFailure, &uiWritenPages); } printf ("|\n"); printf ("Done, %d of %d pages written (%d pages skipped).\n", uiWritenPages, uiBlocks + 1, uiSkippedPages); return true; }
bool write_card(ReaderTag rt,mifareul_tag * tag){ uint32_t uiBlock = 0; bool bFailure = false; uint32_t uiWritenPages = 0; uint32_t uiSkippedPages; char buffer[BUFSIZ]; bool write_otp=0; bool write_lock=0; uiSkippedPages = 2; for (int page = 0x2; page <= 30; page++) { if ((page == 0x2) && (!write_lock)) { printf("s"); uiSkippedPages++; continue; } if ((page == 0x3) && (!write_otp)) { printf("s"); uiSkippedPages++; continue; } // Show if the readout went well if (bFailure) { // When a failure occured we need to redo the anti-collision if (nfc_initiator_select_passive_target(rt.device, nmMifare, NULL, 0, &rt.nt) <= 0) { ERR("tag was removed"); return false; } bFailure = false; } // For the Mifare Ultralight, this write command can be used // in compatibility mode, which only actually writes the first // page (4 bytes). The Ultralight-specific Write command only // writes one page at a time. uiBlock = page / 4; memcpy(mp.mpd.abtData, tag->amb[uiBlock].mbd.abtData + ((page % 4) * 4), 16); if (!nfc_initiator_mifare_cmd(rt.device, MC_WRITE, page, &mp)) bFailure = true; print_success_or_failure(bFailure, &uiWritenPages); } printf("|\n"); printf("Done, %d of 16 pages written (%d pages skipped).\n", uiWritenPages, uiSkippedPages); return true; }
bool read_card_ultralight(void) { uint32_t page; bool bFailure = false; uint32_t uiReadedPages = 0; #ifdef DEBUG_PRINTF fprintf(stderr,"Reading %d pages |", uiBlocks_ultralight + 1); #endif for (page = 0; page <= uiBlocks_ultralight; page += 4) { //! Try to read out the data block if (nfc_initiator_mifare_cmd(pnd, MC_READ, page, &mp)) { memcpy(mtDump.amb[page / 4].mbd.abtData, mp.mpd.abtData, 16); } else { bFailure = true; break; } print_success_or_failure(bFailure, &uiReadedPages); print_success_or_failure(bFailure, &uiReadedPages); print_success_or_failure(bFailure, &uiReadedPages); print_success_or_failure(bFailure, &uiReadedPages); } #ifdef DEBUG_PRINTF fprintf(stderr,"|\n"); fprintf(stderr,"Done : %d of %d pages readed.\n", uiReadedPages, uiBlocks_ultralight + 1); #endif fflush(stdout); if (bFailure) { sprintf(message_erreur,"Impossible d'accéder aux données de la carte !"); } return (!bFailure); }
static bool read_card(void) { uint32_t page; bool bFailure = false; uint32_t uiFailedPages = 0; printf("Reading %d pages |", uiBlocks); for (page = 0; page < uiBlocks; page += 4) { // Try to read out the data block if (nfc_initiator_mifare_cmd(pnd, MC_READ, page, &mp)) { memcpy(mtDump.amb[page / 4].mbd.abtData, mp.mpd.abtData, uiBlocks - page < 4 ? (uiBlocks - page) * 4 : 16); } else { bFailure = true; } for (uint8_t i = 0; i < (uiBlocks - page < 4 ? uiBlocks - page : 4); i++) { print_success_or_failure(bFailure, &uiReadPages, &uiFailedPages); } } printf("|\n"); printf("Done, %d of %d pages read (%d pages failed).\n", uiReadPages, uiBlocks, uiFailedPages); fflush(stdout); // copy EV1 secrets to dump data switch (iEV1Type) { case EV1_UL11: memcpy(mtDump.amb[4].mbc11.pwd, iPWD, 4); memcpy(mtDump.amb[4].mbc11.pack, iPACK, 2); break; case EV1_UL21: memcpy(mtDump.amb[9].mbc21a.pwd, iPWD, 4); memcpy(mtDump.amb[9].mbc21b.pack, iPACK, 2); break; case EV1_NONE: default: break; } return (!bFailure); }
bool write_card_ultralight(int argc, const char *argv[]) { uint32_t uiBlock = 0; bool bFailure = false; uint32_t uiWritenPages = 0; uint32_t uiSkippedPages = 0; bool write_otp; bool write_lock; bool write_uid; if (argc>3) // Mode EXPERT ! { write_otp = ((argv[3][0] == 'y') || (argv[3][0] == 'Y')); write_lock = ((argv[4][0] == 'y') || (argv[4][0] == 'Y')); write_uid = ((argv[5][0] == 'y') || (argv[5][0] == 'Y')); } else { write_otp = true; write_lock = true; write_uid = false; } #ifdef DEBUG_PRINTF fprintf(stderr,"Writing %d pages |", uiBlocks_ultralight + 1); #endif /* We may need to skip 2 first pages. */ if (!write_uid) { fprintf(stderr,"ss"); uiSkippedPages = 2; } int page; for (page = uiSkippedPages; page <= 0xF; page++) { if ((page == 0x2) && (!write_lock)) { #ifdef DEBUG_PRINTF fprintf(stderr,"s"); #endif uiSkippedPages++; continue; } if ((page == 0x3) && (!write_otp)) { #ifdef DEBUG_PRINTF fprintf(stderr,"s"); #endif uiSkippedPages++; continue; } //! Show if the readout went well if (bFailure) { //! When a failure occured we need to redo the anti-collision if (nfc_initiator_select_passive_target(pnd, nmMifare, NULL, 0, &nt) <= 0) { sprintf(message_erreur,"Tag was removed !"); return false; } bFailure = false; } //! For the Mifare Ultralight, this write command can be used //! in compatibility mode, which only actually writes the first //! page (4 bytes). The Ultralight-specific Write command only //! writes one page at a time. uiBlock = page / 4; memcpy(mp.mpd.abtData, mtDump.amb[uiBlock].mbd.abtData + ((page % 4) * 4), 16); if (!nfc_initiator_mifare_cmd(pnd, MC_WRITE, page, &mp)) bFailure = true; print_success_or_failure(bFailure, &uiWritenPages); } #ifdef DEBUG_PRINTF fprintf(stderr,"|\n"); fprintf(stderr,"Done, %d of %d pages written (%d pages skipped).\n", uiWritenPages, uiBlocks_ultralight + 1, uiSkippedPages); #endif return true; }
bool write_card(int write_block_zero) { uint32_t uiBlock; bool bFailure = false; uint32_t uiWriteBlocks = 0; if (write_block_zero) { if (!unlock_card()) { return false; } } #ifdef DEBUG_PRINTF fprintf(stderr,"Writing %d blocks |", uiBlocks + 1); #endif //! Write the card from begin to end; for (uiBlock = 0; uiBlock <= uiBlocks; uiBlock++) { //! Authenticate everytime we reach the first sector of a new block if (is_first_block(uiBlock)) { if (bFailure) { //! When a failure occured we need to redo the anti-collision if (nfc_initiator_select_passive_target(pnd, nmMifare, NULL, 0, &nt) <= 0) { #ifdef DEBUG_PRINTF fprintf(stderr,"!\nError: tag was removed\n"); #endif sprintf(message_erreur,"Error: tag was removed !"); return false; } bFailure = false; } fflush(stdout); //! Try to authenticate for the current sector if (!write_block_zero && !authenticate(uiBlock)) { #ifdef DEBUG_PRINTF fprintf(stderr,"!\nError: authentication failed for block %02x\n", uiBlock); #endif sprintf(message_erreur,"Error: authentication failed for block %02x !", uiBlock); return false; } } if (is_trailer_block(uiBlock)) { //! Copy the keys over from our key dump and store the retrieved access bits memcpy(mp.mpd.abtData, mtDump.amb[uiBlock].mbt.abtKeyA, 6); memcpy(mp.mpd.abtData + 6, mtDump.amb[uiBlock].mbt.abtAccessBits, 4); memcpy(mp.mpd.abtData + 10, mtDump.amb[uiBlock].mbt.abtKeyB, 6); //! Try to write the trailer if (nfc_initiator_mifare_cmd(pnd, MC_WRITE, uiBlock, &mp) == false) { #ifdef DEBUG_PRINTF fprintf(stderr,"failed to write trailer block %d \n", uiBlock); #endif bFailure = true; } } else { //! The first block 0x00 is read only, skip this if (uiBlock == 0 && ! write_block_zero && ! magic2) continue; //! Make sure a earlier write did not fail if (!bFailure) { //! Try to write the data block memcpy(mp.mpd.abtData, mtDump.amb[uiBlock].mbd.abtData, 16); //! do not write a block 0 with incorrect BCC - card will be made invalid! if (uiBlock == 0) { if ((mp.mpd.abtData[0] ^ mp.mpd.abtData[1] ^ mp.mpd.abtData[2] ^ mp.mpd.abtData[3] ^ mp.mpd.abtData[4]) != 0x00 && !magic2) { #ifdef DEBUG_PRINTF fprintf(stderr,"!\nError: incorrect BCC in MFD file!\n"); fprintf(stderr,"Expecting BCC=%02X\n", mp.mpd.abtData[0] ^ mp.mpd.abtData[1] ^ mp.mpd.abtData[2] ^ mp.mpd.abtData[3]); #endif sprintf(message_erreur,"Error: incorrect BCC in MFD file! "); return false; } } if (!nfc_initiator_mifare_cmd(pnd, MC_WRITE, uiBlock, &mp)) { bFailure = true; } } } //! Show if the write went well for each block print_success_or_failure(bFailure, &uiWriteBlocks); if ((! bTolerateFailures) && bFailure) { return false; } } #ifdef DEBUG_PRINTF fprintf(stderr,"|\n"); fprintf(stderr,"Done, %d of %d blocks written.\n", uiWriteBlocks, uiBlocks + 1); #endif fflush(stdout); return true; }
bool read_card(int read_unlocked) { int32_t iBlock; bool bFailure = false; uint32_t uiReadBlocks = 0; if (read_unlocked) { if (!unlock_card()) { return false; } } #ifdef DEBUG_PRINTF fprintf(stderr,"Reading out %d blocks |\n", uiBlocks + 1); #endif //! Read the card from end to begin for (iBlock = uiBlocks; iBlock >= 0; iBlock--) { //! Authenticate everytime we reach a trailer block if (is_trailer_block(iBlock)) { if (bFailure) { //! When a failure occured we need to redo the anti-collision if (nfc_initiator_select_passive_target(pnd, nmMifare, NULL, 0, &nt) <= 0) { #ifdef DEBUG_PRINTF fprintf(stderr,"!\nError: tag was removed\n"); #endif sprintf(message_erreur,"Error: tag was removed !"); return false; } bFailure = false; } fflush(stdout); //! Try to authenticate for the current sector if (!read_unlocked && !authenticate(iBlock)) { #ifdef DEBUG_PRINTF fprintf(stderr,"!\nError: authentication failed for block 0x%02x\n", iBlock); #endif sprintf(message_erreur,"Error: authentication failed for block 0x%02x !", iBlock); return false; } //! Try to read out the trailer if (nfc_initiator_mifare_cmd(pnd, MC_READ, iBlock, &mp)) { if (read_unlocked) { memcpy(mtDump.amb[iBlock].mbd.abtData, mp.mpd.abtData, 16); } else { //! Copy the keys over from our key dump and store the retrieved access bits memcpy(mtDump.amb[iBlock].mbt.abtKeyA, mtKeys.amb[iBlock].mbt.abtKeyA, 6); memcpy(mtDump.amb[iBlock].mbt.abtAccessBits, mp.mpd.abtData + 6, 4); memcpy(mtDump.amb[iBlock].mbt.abtKeyB, mtKeys.amb[iBlock].mbt.abtKeyB, 6); } } else { #ifdef DEBUG_PRINTF fprintf(stderr,"!\nfailed to read trailer block 0x%02x\n", iBlock); #endif bFailure = true; } } else { //! Make sure a earlier readout did not fail if (!bFailure) { //! Try to read out the data block if (nfc_initiator_mifare_cmd(pnd, MC_READ, iBlock, &mp)) { memcpy(mtDump.amb[iBlock].mbd.abtData, mp.mpd.abtData, 16); } else { #ifdef DEBUG_PRINTF fprintf(stderr,"!\nError: unable to read block 0x%02x\n", iBlock); #endif bFailure = true; } } } //! Show if the readout went well for each block print_success_or_failure(bFailure, &uiReadBlocks); if ((! bTolerateFailures) && bFailure) { return false; } } #ifdef DEBUG_PRINTF fprintf(stderr,"|\n"); fprintf(stderr,"Done : %d of %d blocks read.\n", uiReadBlocks, uiBlocks + 1); #endif fflush(stdout); return true; }
static bool write_card(bool write_otp, bool write_lock, bool write_uid) { uint32_t uiBlock = 0; bool bFailure = false; uint32_t uiWritenPages = 0; uint32_t uiSkippedPages = 0; char buffer[BUFSIZ]; if (!write_otp) { printf("Write OTP bytes ? [yN] "); if (!fgets(buffer, BUFSIZ, stdin)) { ERR("Unable to read standard input."); } write_otp = ((buffer[0] == 'y') || (buffer[0] == 'Y')); } if (!write_lock) { printf("Write Lock bytes ? [yN] "); if (!fgets(buffer, BUFSIZ, stdin)) { ERR("Unable to read standard input."); } write_lock = ((buffer[0] == 'y') || (buffer[0] == 'Y')); } if (!write_uid) { printf("Write UID bytes (only for special writeable UID cards) ? [yN] "); if (!fgets(buffer, BUFSIZ, stdin)) { ERR("Unable to read standard input."); } write_uid = ((buffer[0] == 'y') || (buffer[0] == 'Y')); } printf("Writing %d pages |", uiBlocks + 1); /* We may need to skip 2 first pages. */ if (!write_uid) { printf("ss"); uiSkippedPages = 2; } else { if (!check_magic()) { printf("\nUnable to unlock card - are you sure the card is magic?\n"); bFailure = false; return false; } } for (uint32_t page = uiSkippedPages; page <= ((uiBlocks / 4) * 4); page++) { if ((page == 0x2) && (!write_lock)) { printf("s"); uiSkippedPages++; continue; } if ((page == 0x3) && (!write_otp)) { printf("s"); uiSkippedPages++; continue; } // Show if the readout went well if (bFailure) { // When a failure occured we need to redo the anti-collision if (nfc_initiator_select_passive_target(pnd, nmMifare, NULL, 0, &nt) <= 0) { ERR("tag was removed"); return false; } bFailure = false; } // For the Mifare Ultralight, this write command can be used // in compatibility mode, which only actually writes the first // page (4 bytes). The Ultralight-specific Write command only // writes one page at a time. uiBlock = page / 4; memcpy(mp.mpd.abtData, mtDump.amb[uiBlock].mbd.abtData + ((page % 4) * 4), 4); memset(mp.mpd.abtData + 4, 0, 12); if (!nfc_initiator_mifare_cmd(pnd, MC_WRITE, page, &mp)) bFailure = true; print_success_or_failure(bFailure, &uiWritenPages); } printf("|\n"); printf("Done, %d of %d pages written (%d pages skipped).\n", uiWritenPages, uiBlocks + 1, uiSkippedPages); return true; }