robin.thoni
/
rfid-mfcuk


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384
							#!/usr/bin/python

# Original source: proxmark3.org community forum

import sys
import os
import string
import commands

def line_tag(line):
    if string.find(line, 'TAG') > 0:
        return True
    
    return False

def line_rdr(line):
    if string.find(line, 'TAG') < 1:
        return True
    
    return False

def line_bytes(line):
    bytes = line[20:len(line)-1]
    bytes = bytes.replace('crc', '')
    bytes = bytes.replace('!', '')
    bytes = bytes.replace(' ', '')
    
    return len(bytes)/2

try:
    file= open(sys.argv[1])
except:
    print
    print '\tusage:', sys.argv[0], '<proxmark3_snoop.log>'
    print
    sys.exit(True)

lines = file.readlines()
uid = ''
find_multi_sector = False

for i in range(len(lines)):
    if string.find(lines[i],':     93  20') > 0 and line_tag(lines[i + 1]) and line_bytes(lines[i + 1]) == 5:
        find_multi_sector = False
        key = ''        
        
        uid = lines[i + 1][20:34]
        uid = uid.replace(' ', '')
        print 'Found TAG UID:', uid
        
    if uid and (string.find(lines[i],':     60') > 0 or string.find(lines[i],':     61') > 0) and line_tag(lines[i + 1]) and line_bytes(lines[i + 1]) == 4 and line_rdr(lines[i + 2]) and line_bytes(lines[i + 2]) == 8 and line_tag(lines[i + 3]) and line_bytes(lines[i + 3]) == 4:
        tag_challenge = lines[i+1][20:34]
        tag_challenge = tag_challenge.replace(' ', '')
        tag_challenge = tag_challenge.replace('!', '')
        print 'Nt:', tag_challenge

        reader_challenge_response = lines[i+2][20:50]
        reader_challenge_response = reader_challenge_response.replace(' ', '')
        reader_challenge_response = reader_challenge_response.replace('!', '')
        print 'Nt\':', reader_challenge_response

        tag_response = lines[i+3][20:34]
        tag_response = tag_response.replace(' ', '')
        tag_response = tag_response.replace('!', '')
        print 'Nr:', tag_response

        find_multi_sector = True
    
    # Usually, a multi-sector authentication if a sequence of R->T 4 bytes (encrypted 60 xx p1 p2 or 61 xx p1 p2) and T->R 4 bytes
    if find_multi_sector and line_rdr(lines[i]) and line_bytes(lines[i]) == 4 and string.find(lines[i],':     60') < 1 and string.find(lines[i],':     61') < 1 and line_tag(lines[i + 1]) and line_bytes(lines[i + 1]) == 4:
        encr_multi_sect_auth = lines[i][20:34]
        encr_multi_sect_auth = encr_multi_sect_auth.replace(' ', '')
        encr_multi_sect_auth = encr_multi_sect_auth.replace('!', '')
        #print 'Multi-sector AUTH (candidates):', encr_multi_sect_auth
        
        encr_multi_sect_Nt = lines[i + 1][20:34]
        encr_multi_sect_Nt = encr_multi_sect_Nt.replace(' ', '')
        encr_multi_sect_Nt = encr_multi_sect_Nt.replace('!', '')
        #print 'Multi-sector encrypted Nt (candidates):', encr_multi_sect_Nt
        
        mfcuk_P_params = './mfcuk -P ' + '0x' + uid + ':' + '0x' + tag_challenge + ':' + '0x' + reader_challenge_response[0:8] + ':' + '0x' + reader_challenge_response[8:16] + ':' + '0x' + tag_response + ':' + '0x' + encr_multi_sect_auth

        print 'Executing ', mfcuk_P_params
        #os.execv('./mfcuk',string.split(mfcuk_P_params))