crewID/libnfc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

swap 0 block write and other blocks write

Browse source 
when writing to gen2 and possible on gen3, it writes first block 3 wich is the trailing sector before writing to block 0, so the last write to block 0 fails because authenticate to old keyset
This commit is contained in:
Unknown 2020-06-26 01:50:11 +02:00
parent 02f0f6b290
commit 3c55b8746b
1 changed files with 55 additions and 54 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

109
utils/nfc-mfclassic.c
View file

@ -436,6 +436,61 @@ write_card(int write_block_zero)
} }
printf("Writing %d blocks |", uiBlocks + write_block_zero); printf("Writing %d blocks |", uiBlocks + write_block_zero);
//Write Block 0 if requested to do so
if (write_block_zero) {
uiBlock = 0;
is_first_block(0);
if (bFailure) {
// When a failure occured we need to redo the anti-collision
if (nfc_initiator_select_passive_target(pnd, nmMifare, NULL, 0, &nt) <= 0) {
printf("!\nError: tag was removed\n");
return false;
}
bFailure = false;
}
fflush(stdout);
// Try to authenticate for the current sector
// If we are are writing to a chinese magic card, we've already unlocked
// If we're writing to a One Time Write, we need to authenticate
// If we're writing something else, we'll need to authenticate
if ((write_block_zero && (magic2 || magic3)) || !write_block_zero) {
if (!authenticate(0) && !bTolerateFailures) {
printf("!\nError: authentication failed for block 00\n");
return false;
}
}
// Make sure a earlier write did not fail
if (!bFailure) {
// Try to write the data block
if (bFormatCard && uiBlock)
memset(mp.mpd.abtData, 0x00, sizeof(mp.mpd.abtData));
else
memcpy(mp.mpd.abtData, mtDump.amb[uiBlock].mbd.abtData, sizeof(mp.mpd.abtData));
// do not write a block 0 with incorrect BCC - card will be made invalid!
if ((mp.mpd.abtData[0] ^ mp.mpd.abtData[1] ^ mp.mpd.abtData[2] ^ mp.mpd.abtData[3] ^ mp.mpd.abtData[4]) != 0x00 && !magic2) {
printf("!\nError: incorrect BCC in MFD file!\n");
printf("Expecting BCC=%02X\n", mp.mpd.abtData[0] ^ mp.mpd.abtData[1] ^ mp.mpd.abtData[2] ^ mp.mpd.abtData[3]);
return false;
}
if (!nfc_initiator_mifare_cmd(pnd, MC_WRITE, uiBlock, &mp)) {
bFailure = true;
printf("Failure to write to data block 0\n");
}
}
else {
printf("Failure during write process.\n");
}
// Show if the write went well for block 0
print_success_or_failure(bFailure, &uiWriteBlocks);
if ((!bTolerateFailures) && bFailure)
return false;
}
// Completely write the card, but skipping block 0 // Completely write the card, but skipping block 0
for (uiBlock = 1; uiBlock <= uiBlocks; uiBlock++) { for (uiBlock = 1; uiBlock <= uiBlocks; uiBlock++) {
// Authenticate everytime we reach the first sector of a new block // Authenticate everytime we reach the first sector of a new block
@ -506,60 +561,6 @@ write_card(int write_block_zero)
return false; return false;
} }
//Write Block 0 if requested to do so
if (write_block_zero) {
uiBlock = 0;
is_first_block(0);
if (bFailure) {
// When a failure occured we need to redo the anti-collision
if (nfc_initiator_select_passive_target(pnd, nmMifare, NULL, 0, &nt) <= 0) {
printf("!\nError: tag was removed\n");
return false;
}
bFailure = false;
}
fflush(stdout);
// Try to authenticate for the current sector
// If we are are writing to a chinese magic card, we've already unlocked
// If we're writing to a One Time Write, we need to authenticate
// If we're writing something else, we'll need to authenticate
if ((write_block_zero && (magic2 || magic3)) || !write_block_zero) {
if (!authenticate(0) && !bTolerateFailures) {
printf("!\nError: authentication failed for block 00\n");
return false;
}
}
// Make sure a earlier write did not fail
if (!bFailure) {
// Try to write the data block
if (bFormatCard && uiBlock)
memset(mp.mpd.abtData, 0x00, sizeof(mp.mpd.abtData));
else
memcpy(mp.mpd.abtData, mtDump.amb[uiBlock].mbd.abtData, sizeof(mp.mpd.abtData));
// do not write a block 0 with incorrect BCC - card will be made invalid!
if ((mp.mpd.abtData[0] ^ mp.mpd.abtData[1] ^ mp.mpd.abtData[2] ^ mp.mpd.abtData[3] ^ mp.mpd.abtData[4]) != 0x00 && !magic2) {
printf("!\nError: incorrect BCC in MFD file!\n");
printf("Expecting BCC=%02X\n", mp.mpd.abtData[0] ^ mp.mpd.abtData[1] ^ mp.mpd.abtData[2] ^ mp.mpd.abtData[3]);
return false;
}
if (!nfc_initiator_mifare_cmd(pnd, MC_WRITE, uiBlock, &mp)) {
bFailure = true;
printf("Failure to write to data block 0\n");
}
} else {
printf("Failure during write process.\n");
}
// Show if the write went well for block 0
print_success_or_failure(bFailure, &uiWriteBlocks);
if ((! bTolerateFailures) && bFailure)
return false;
}
printf("|\n"); printf("|\n");
printf("Done, %d of %d blocks written.\n", uiWriteBlocks, uiBlocks + 1); printf("Done, %d of %d blocks written.\n", uiWriteBlocks, uiBlocks + 1);
fflush(stdout); fflush(stdout);