[FL-3193] Additional checks before invalidating the key (#2533)

This commit is contained in:
Astra 2023-03-27 10:28:13 +03:00 committed by GitHub
parent fad24efdf0
commit ae9659d32d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -638,7 +638,8 @@ static void nfc_worker_mf_classic_key_attack(
(uint32_t)key); (uint32_t)key);
if(mf_classic_authenticate(tx_rx, block_num, key, MfClassicKeyA)) { if(mf_classic_authenticate(tx_rx, block_num, key, MfClassicKeyA)) {
mf_classic_set_key_found(data, i, MfClassicKeyA, key); mf_classic_set_key_found(data, i, MfClassicKeyA, key);
FURI_LOG_D(TAG, "Key found"); FURI_LOG_D(
TAG, "Key A found: %04lx%08lx", (uint32_t)(key >> 32), (uint32_t)key);
nfc_worker->callback(NfcWorkerEventFoundKeyA, nfc_worker->context); nfc_worker->callback(NfcWorkerEventFoundKeyA, nfc_worker->context);
uint64_t found_key; uint64_t found_key;
@ -661,7 +662,8 @@ static void nfc_worker_mf_classic_key_attack(
(uint32_t)key); (uint32_t)key);
if(mf_classic_authenticate(tx_rx, block_num, key, MfClassicKeyB)) { if(mf_classic_authenticate(tx_rx, block_num, key, MfClassicKeyB)) {
mf_classic_set_key_found(data, i, MfClassicKeyB, key); mf_classic_set_key_found(data, i, MfClassicKeyB, key);
FURI_LOG_D(TAG, "Key found"); FURI_LOG_D(
TAG, "Key B found: %04lx%08lx", (uint32_t)(key >> 32), (uint32_t)key);
nfc_worker->callback(NfcWorkerEventFoundKeyB, nfc_worker->context); nfc_worker->callback(NfcWorkerEventFoundKeyB, nfc_worker->context);
} }
} }
@ -760,10 +762,14 @@ void nfc_worker_mf_classic_dict_attack(NfcWorker* nfc_worker) {
furi_hal_nfc_sleep(); furi_hal_nfc_sleep();
deactivated = true; deactivated = true;
} else { } else {
// If the key A is marked as found and matches the searching key, invalidate it
if(mf_classic_is_key_found(data, i, MfClassicKeyA) &&
data->block[i].value[0] == key) {
mf_classic_set_key_not_found(data, i, MfClassicKeyA); mf_classic_set_key_not_found(data, i, MfClassicKeyA);
is_key_a_found = false; is_key_a_found = false;
FURI_LOG_D(TAG, "Key %dA not found in attack", i); FURI_LOG_D(TAG, "Key %dA not found in attack", i);
} }
}
if(!is_key_b_found) { if(!is_key_b_found) {
is_key_b_found = mf_classic_is_key_found(data, i, MfClassicKeyB); is_key_b_found = mf_classic_is_key_found(data, i, MfClassicKeyB);
if(mf_classic_authenticate_skip_activate( if(mf_classic_authenticate_skip_activate(
@ -775,10 +781,14 @@ void nfc_worker_mf_classic_dict_attack(NfcWorker* nfc_worker) {
} }
deactivated = true; deactivated = true;
} else { } else {
// If the key B is marked as found and matches the searching key, invalidate it
if(mf_classic_is_key_found(data, i, MfClassicKeyB) &&
data->block[i].value[10] == key) {
mf_classic_set_key_not_found(data, i, MfClassicKeyB); mf_classic_set_key_not_found(data, i, MfClassicKeyB);
is_key_b_found = false; is_key_b_found = false;
FURI_LOG_D(TAG, "Key %dB not found in attack", i); FURI_LOG_D(TAG, "Key %dB not found in attack", i);
} }
}
if(is_key_a_found && is_key_b_found) break; if(is_key_a_found && is_key_b_found) break;
if(nfc_worker->state != NfcWorkerStateMfClassicDictAttack) break; if(nfc_worker->state != NfcWorkerStateMfClassicDictAttack) break;
} else { } else {