diff options
| author | laforge <laforge@e0336214-984f-0b4b-a45f-81c69e1f0ede> | 2008-01-22 15:46:47 +0000 |
|---|---|---|
| committer | laforge <laforge@e0336214-984f-0b4b-a45f-81c69e1f0ede> | 2008-01-22 15:46:47 +0000 |
| commit | b14030db2b85f86022686055d572b22014a0b917 (patch) | |
| tree | 3d38e3a38f29c93bced8d472fd2e247dc65b6ed9 | |
| parent | 322f6919c993efb7fadcf61f212a051ef7287cec (diff) | |
Patch to implement brute-forcng of mifare classic keys (Bjoern Riemer)
git-svn-id: https://svn.gnumonks.org/trunk/librfid@2040 e0336214-984f-0b4b-a45f-81c69e1f0ede
| -rw-r--r-- | utils/mifare-tool.c | 32 |
1 files changed, 30 insertions, 2 deletions
diff --git a/utils/mifare-tool.c b/utils/mifare-tool.c index dd6f148..664e566 100644 --- a/utils/mifare-tool.c +++ b/utils/mifare-tool.c @@ -50,7 +50,8 @@ static void help(void) " -r --read Read a mifare sector\n" " -l --loop-read Loop reading a mifare sector\n" " -w --write Write a mifare sector\n" - " -k --key Specify mifare access key (in hex tuples)\n"); + " -k --key Specify mifare access key (in hex tuples)\n" + " -b --brute-force n Brute Force read sector n\n"); } static struct option mifare_opts[] = { @@ -59,6 +60,7 @@ static struct option mifare_opts[] = { { "loop-read", 1, 0, 'l' }, { "write", 1 ,0, 'w' }, { "help", 0, 0, 'h' }, + { "brute-force", 1, 0, 'c' }, { 0, 0, 0, 0 } }; @@ -92,6 +94,19 @@ static void mifare_l3(void) printf("Mifare card available\n"); } +static void inc_key(char* key, int len) +{ + int i; + + if (len <= 0) + return; + i = len - 1; + if (key[i] < 0xff) + key[i]++; + else + key[i] = 0; +} + int main(int argc, char **argv) { int len, rc, c, option_index = 0; @@ -120,12 +135,25 @@ int main(int argc, char **argv) } while (1) { - c = getopt_long(argc, argv, "k:r:l:w:", mifare_opts, + c = getopt_long(argc, argv, "k:r:l:w:c:", mifare_opts, &option_index); if (c == -1) break; switch (c) { + int i; + case 'c': + page = atoi(optarg); + printf("key: %s\n", hexdump(key, MIFARE_CL_KEY_LEN)); + len = MIFARE_CL_PAGE_SIZE; + mifare_l3(); + for (i = 0; i <= 0xff; i++) { + key[MIFARE_CL_KEY_LEN-1]=i; + if (mifare_cl_auth(key, page) >= 0) + printf("KEY: %s\n",hexdump(key, MIFARE_CL_KEY_LEN)); + } + + break; case 'k': hexread(key, optarg, strlen(optarg)); printf("key: %s\n", hexdump(key, MIFARE_CL_KEY_LEN)); |