Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

  • Logged in as ikarus
  • Last visit: Today 11:22:42

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2015-01-18 18:03:27

iceman
Administrator
Registered: 2013-04-25
Posts: 9,468
Website

nonce2key

There is two different versions of the nonce2key code.

A) /client/nonce2key 
B) /tools/nonce2key


The code unde A is updated,  and the B code compiles but when running it the last two bytes of the found key is zeroed out.
I'm trying to get the code A to compile into a nice little program.  However the linker complains..

 ~/client/nonce2key$ gcc  -std=c99  -I../../include -I../../common -I../ *.c


c:\Temp\ccCWZQau.o:nonce2key.c:(.text+0x623): undefined reference to `num_to_bytes'
c:\Temp\ccCWZQau.o:nonce2key.c:(.text+0x667): undefined reference to `mfCheckKeys'
c:/mingw/bin/../lib/gcc/mingw32/4.8.1/../../../../mingw32/bin/ld.exe: c:\Temp\ccCWZQau.o: bad reloc address 0x20 in section `.eh_f
rame'
c:/mingw/bin/../lib/gcc/mingw32/4.8.1/../../../../mingw32/bin/ld.exe: final link failed: Invalid operation
collect2.exe: error: ld returned 1 exit status
pm3 ~/client/nonce2key$

What am I missing ??

Offline

#2 2016-01-19 17:20:13

rbubba1911
Contributor
Registered: 2014-08-14
Posts: 86

Re: nonce2key

Hi dudes,

I face exactly the same problem, did someone was able to compile (on linux i486) the nonce2key.c program, (located in ./client/nonce2key/)

I invoke gcc in this way :
    gcc  -I../../include/ -I../../common/ -I../   nonce2key.c

and I got this result :

/tmp/ccuabwqX.o: In function `nonce2key':
nonce2key.c:(.text+0x120): undefined reference to `PrintAndLog'
nonce2key.c:(.text+0x335): undefined reference to `PrintAndLog'
nonce2key.c:(.text+0x372): undefined reference to `lfsr_common_prefix'
nonce2key.c:(.text+0x3c1): undefined reference to `lfsr_rollback_word'
nonce2key.c:(.text+0x3e5): undefined reference to `crypto1_get_lfsr'
nonce2key.c:(.text+0x6ec): undefined reference to `num_to_bytes'
nonce2key.c:(.text+0x72c): undefined reference to `mfCheckKeys'
collect2: error: ld returned 1 exit status


note: I was able to compile the pm3 client without trouble .

What am I missing too ??

Last edited by rbubba1911 (2016-01-19 17:20:39)

Offline

#3 2016-01-19 18:15:19

iceman
Administrator
Registered: 2013-04-25
Posts: 9,468
Website

Re: nonce2key

I updated all these different version into one the latest crapto1 v3.3 in my fork.
So you can use the /tools/nonce2key without problems.

Offline

#4 2016-01-19 18:34:31

rbubba1911
Contributor
Registered: 2014-08-14
Posts: 86

Re: nonce2key

Hi iceman,

glad to ear you,  I follow your fork with attention, I see your great progress on hardnested, I'm waiting for the BF wink

I already use your firmware version,  tomorrow I'l update my repo and  compile your tools/nonce2key

thanks for the info, I keep you in touch

Offline

#5 2016-01-19 19:11:19

rbubba1911
Contributor
Registered: 2014-08-14
Posts: 86

Re: nonce2key

Can't wait tomorrow !

update/make

.. your version compiles without problem, nice job.

thank again iceman

Last edited by rbubba1911 (2016-01-19 19:14:47)

Offline

#6 2016-01-19 19:17:49

iceman
Administrator
Registered: 2013-04-25
Posts: 9,468
Website

Re: nonce2key

sorry, I don't touch the hardnested. That is @piwi 's baby,

What I did was using hardnested and save the nonces,  then run the crapto-ev1 solver (BF) from @blapost.    My testresult just verify what @piwi and @blapost already have done,  and that their different solutions works.

Offline

#7 2016-01-19 19:36:40

rbubba1911
Contributor
Registered: 2014-08-14
Posts: 86

Re: nonce2key

Doh !

I read so many post of both of you, I swaped your name smile

Hahaa, I understand a bit more, unfortunately the crapto-ev1 solver from bla is now unavailable, I can't do anything without this part (wink).

about the @piwi implementation, As I understand, it's work in progress and it need the brute force engine to find a key.

I'm missing something ?

Offline

#8 2016-01-19 19:41:38

iceman
Administrator
Registered: 2013-04-25
Posts: 9,468
Website

Re: nonce2key

yes, you are missing @piwi's point of not releasing a BF for his hardnested. He will not do that.
But @blapost will do release his tool again.

I've compile so many times now on MinGW/Win7  and on Ubuntu1404, 1510,  to remove warnings and fix crashes, so yeah my fork should be very stable in that sence.

Offline

#9 2016-01-19 20:11:20

rbubba1911
Contributor
Registered: 2014-08-14
Posts: 86

Re: nonce2key

oO !

In fact, I miss the party !!

that's what I was afraid to understand when I read the end pf his post.
so, my only hope is the bla tool, is it a big deal to ask you to send me a copy ?

Offline

#10 2016-01-19 20:16:50

iceman
Administrator
Registered: 2013-04-25
Posts: 9,468
Website

Re: nonce2key

Why don't you ask @blapost ?

You know that you need to have a known key to be able to crack another key on the same tag?  If you don't have that then the hardnested attack is useless. So don't put too much hope on it.



[edit]   does the nonce2key work for you?

Last edited by iceman (2016-01-19 20:17:53)

Offline

#11 2016-01-19 20:30:37

rbubba1911
Contributor
Registered: 2014-08-14
Posts: 86

Re: nonce2key

Good idea, I will ask to bla too !

I'm aware about the know key requirement (it's currently the case !)

the  program compile find, but I don't know how to find theses info, probably from nonces.bin or sniff trace ?

syntax: ./nonce2key <uid> <nt> <par> <ks>

Offline

#12 2016-01-19 20:34:57

iceman
Administrator
Registered: 2013-04-25
Posts: 9,468
Website

Re: nonce2key

If you run the  "hf mf mifare" ,  it prints a line like:

uid(e9cadd9c) nt(a8bf4a12) par(a020a8285858b090) ks(050f010607060e07)

That is the info you need to run..

Offline

#13 2016-01-19 20:38:10

rbubba1911
Contributor
Registered: 2014-08-14
Posts: 86

Re: nonce2key

again, you make my night !

I was looking for this into hardnested output !

I drop a mail to bla, cross my fingers,  fire a candle, kill a chicken and now I'm waiting for a reply smile

big thanks

Offline

#14 2016-04-18 19:58:48

Christian22
Contributor
Registered: 2016-04-11
Posts: 13

Re: nonce2key

iceman wrote:

sorry, I don't touch the hardnested. That is @piwi 's baby,

What I did was using hardnested and save the nonces,  then run the crapto-ev1 solver (BF) from @blapost.    My testresult just verify what @piwi and @blapost already have done,  and that their different solutions works.

Hey iceman,

did you save the nonces with the w command in nonces.bin? Because I saved the nonces.bin and use the command ./solve -f nonces.bin and the program says "Input parse error pos:0".

Any suggestions what I'm doing wrong?

Offline

#15 2016-04-18 20:03:29

iceman
Administrator
Registered: 2013-04-25
Posts: 9,468
Website

Re: nonce2key

that because you need to convert the noncefile from piwi into a format that blapost's solver can read...

Offline

#16 2016-04-18 20:13:27

iceman
Administrator
Registered: 2013-04-25
Posts: 9,468
Website

Re: nonce2key

The GiHub user Aczid has released a new bruteforcer for Hardnested. Which even outperforms blapost's solver.  I'vent tested it yet.
https://github.com/aczid/crypto1_bs/

Offline

#17 2016-04-18 20:36:47

Christian22
Contributor
Registered: 2016-04-11
Posts: 13

Re: nonce2key

iceman wrote:

The GiHub user Aczid has released a new bruteforcer for Hardnested. Which even outperforms blapost's solver.  I'vent tested it yet.
https://github.com/aczid/crypto1_bs/


Thank you iceman, I'll give it a try. I've seen, that I don't need to transform my bin for the tool from Aczid.
I'll give feedback...

Offline

#18 2016-04-19 20:06:17

Christian22
Contributor
Registered: 2016-04-11
Posts: 13

Re: nonce2key

The tool solve_piwi_bs works for me perfectly.
With a 6 core PC it finds the key in between 5 till 10 minutes.

Thanks for Aczid for this great BF.

Next step is to patch my pm3 client.

Offline

#19 2016-04-19 21:57:31

iceman
Administrator
Registered: 2013-04-25
Posts: 9,468
Website

Re: nonce2key

That is some impressing speedups.  Bonus of azcid to add three solvers for convinient testing.

Offline

#20 2016-04-20 13:01:43

rbubba1911
Contributor
Registered: 2014-08-14
Posts: 86

Re: nonce2key

Hi all,
I'm trying to use these tools, but I've got strange result:

./solve -f 0xcafec0de.txt -u 0xcafec0de
Leftover complexity: ffffffff548b43a4
100.00% done
FOUND: 626c61003333

./solve_bs 0xcafec0de.txt  0xcafec0de
Initializing BS crypto-1
Using 64-bit bitslices
Bitslicing rollback byte: 1f...
Bitslicing nonces...
Starting 6 threads to test 1418412964 states
Found key: 000061003333
Tested 3467318262 states

./solve_piwi 0xcafec0de.bin
Starting 6 threads to test 1418412964 states
Cracking...  56.71%
Found key: 000061003333

./solve_piwi_bs 0xcafec0de.bin
Initializing BS crypto-1
Using 64-bit bitslices
Bitslicing rollback byte: 1f...
Bitslicing nonces...
Starting 6 threads to test 1418412964 states
Found key: 000061003333
Tested 3518176550 states

It's seems that the first 2 bytes is zeroed (0000)

I'm think the real key is "626c61003333", why I've go this 'bad' result ?

btw if I try to compile just by using the makefile I've got an error :

crapto1-v3.3/crapto1.h:69:9: warning: implicit declaration of function ‘asm’ [-Wimplicit-function-declaration]
         asm(    "movl %1, %%eax\n"

crapto1-v3.3/crapto1.h:75:35: error: expected ‘)’ before ‘:’ token
                 "movzx %%al, %0\n": "=r"(x) : "r"(x): "eax","ecx");


As a workaround, I build library (.so) of crapto1
gcc -O3 crapto1.c -shared -o crapto1.so

and then use it instead of source.
gcc -O3 -mpopcnt -std=c99 solve_bs.c crypto1_bs.c crypto1_bs_crack.c -Icraptev1-v1.0 craptev1-v1.0/craptev1.c ./crapto1.so ./solve.so -o solve_bs -lpthread
or
gcc -O3 -mpopcnt -std=c99 solve_piwi_bs.c crypto1_bs.c crypto1_bs_crack.c -Icraptev1-v1.0 craptev1-v1.0/craptev1.c ./crapto1.so -o solve_piwi_bs -lpthread

Offline

#21 2016-04-20 13:13:25

iceman
Administrator
Registered: 2013-04-25
Posts: 9,468
Website

Re: nonce2key

yeah,   rename
    asm(    "movl %1, %%eax\n"
into
     __ asm(    "movl %1, %%eax\n"

the solvers seems to work but not printing the first two bytes.

Offline

#22 2016-04-20 13:14:01

iceman
Administrator
Registered: 2013-04-25
Posts: 9,468
Website

Re: nonce2key

Do you get more compiler warnings?

Offline

#23 2016-04-20 13:20:26

rbubba1911
Contributor
Registered: 2014-08-14
Posts: 86

Re: nonce2key

Hi iceman,

thank to you, now it's compile fine.

I'll add -mmmx to get ride of warning message

but the key is always truncated sad

Starting 6 threads to test 1418412964 states
Found key: 000061003333
Tested 3486435654 states

do you have an idea, what can be the cause ?

Last edited by rbubba1911 (2016-04-20 13:23:26)

Offline

#24 2016-04-20 13:24:33

iceman
Administrator
Registered: 2013-04-25
Posts: 9,468
Website

Re: nonce2key

did you pull the latest commit?

Offline

#25 2016-04-20 13:30:14

rbubba1911
Contributor
Registered: 2014-08-14
Posts: 86

Re: nonce2key

I take yesterday's commit
I see many modification today (a least <24h)

I refresh my files, and try again.

I keep you in touch

Offline

#26 2016-04-20 13:36:03

rbubba1911
Contributor
Registered: 2014-08-14
Posts: 86

Re: nonce2key

I've got same result with latest files
key is truncated.

so sad !

./solve_bs  Fail

a good point, now it's work with
"solve_piwi_bs" and "solve_piwi"
I've got full key

it's seems related to ./solve.so

Last edited by rbubba1911 (2016-04-20 13:47:03)

Offline

#27 2016-04-20 14:06:08

rbubba1911
Contributor
Registered: 2014-08-14
Posts: 86

Re: nonce2key

after some investigation,
I'm tend to think to a bug in solve_bs

is it working on your side ?

To test, I remove main() in solve.c and compile solve_bs like that

gcc -O3 -mpopcnt -mmmx -std=c99 solve_bs.c crypto1_bs.c crypto1_bs_crack.c -Icraptev1-v1.0 craptev1-v1.0/craptev1.c crapto1-v3.3/crapto1.c craptev1-v1.0/solve.c -o solve_bs -lpthread

(without building first the solve.so), compile fine but the key found is truncated.

Last edited by rbubba1911 (2016-04-20 14:08:46)

Offline

#28 2016-04-20 14:30:09

rbubba1911
Contributor
Registered: 2014-08-14
Posts: 86

Re: nonce2key

ok, I found the bug

in file "solve_bs.c" line 29

change the line :
            printf("Found key: %012lx\n", key);

by :
            printf("Found key: %012"llx"\n", key);

Hope it helps

Offline

#29 2016-04-20 14:39:59

iceman
Administrator
Registered: 2013-04-25
Posts: 9,468
Website

Re: nonce2key

Yeah, you are right, I missed that one "lx" in my first commit.
Added your -mmmx flags aswell and made another PR.

Offline

#30 2016-04-21 11:39:35

iceman
Administrator
Registered: 2013-04-25
Posts: 9,468
Website

Re: nonce2key

and I got @azcid's patch merged into my fork.  Buildw & work on Mingw & Ubuntu14.04,   breaks in Travis CI sad    I think Travis CI doesn't like "-march=native"  option for GCC

[edit]
it builds on my updated mingw enviroment, with gcc 4.9.3.    The mingw env in the proxspace distro, will have some gcc compiler issues.
[/edit]

Offline

Quick reply

Write your message and submit

Board footer

Powered by FluxBB