昨天悲剧了,把一个不完整的dump写到了饭卡里,控制位全是0,直接导致饭卡的大部分区锁死,万幸的是,关键数据区没损坏,消费,门禁还都好用……
为了防止悲剧的再次发生,给 nfc-mfclassic 添加了 防止控制位误写 功能,以下是 指定读写的块+防止控制位误写 补丁:
Index: nfc-mfclassic.c
===================================================================
--- nfc-mfclassic.c (版本 1416)
+++ nfc-mfclassic.c (工作副本)
@@ -38,6 +38,13 @@
# include "config.h"
#endif // HAVE_CONFIG_H
+#define BYTE_HIGH(X) ( 0XF & (X>>4) )
+#define BYTE_LOW(X) ( 0XF & X)
+#define BYTE_HIGH_NOT(X) ( 0XF & ~BYTE_HIGH(X) )
+#define BYTE_LOW_NOT(X) ( 0XF & ~BYTE_LOW(X) )
+
+#define GET_CX_BIT(half_byte,block) ( 0x1 & (half_byte >> block))
+
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
@@ -71,6 +78,9 @@
0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xab, 0xcd, 0xef, 0x12, 0x34, 0x56
};
+//Operate block
+static bool blocks[0xFF];
+static bool bSkip = false;
static const nfc_modulation nmMifare = {
.nmt = NMT_ISO14443A,
@@ -127,11 +137,11 @@
}
static void
-print_success_or_failure (bool bFailure, uint32_t *uiBlockCounter)
+print_success_or_failure (char bFailure)
{
- printf ("%c", (bFailure) ? 'x' : '.');
- if (uiBlockCounter && !bFailure)
- *uiBlockCounter += (*uiBlockCounter < 128) ? 4 : 16;
+ printf ("%c", (bFailure) ? (bFailure==true?'x':'-'): '.');
+// if (uiBlockCounter && !bFailure)
+// *uiBlockCounter += (*uiBlockCounter < 128) ? 4 : 16;
}
static bool
@@ -191,10 +201,10 @@
memcpy (mp.mpa.abtKey, mtKeys.amb[uiTrailerBlock].mbt.abtKeyA, 6);
else
memcpy (mp.mpa.abtKey, mtKeys.amb[uiTrailerBlock].mbt.abtKeyB, 6);
-
// Try to authenticate for the current sector
if (nfc_initiator_mifare_cmd (pnd, mc, uiBlock, &mp))
return true;
+ nfc_initiator_select_passive_target (pnd, nmMifare, nt.nti.nai.abtUid, nt.nti.nai.szUidLen, NULL);
} else {
// Try to guess the right key
for (key_index = 0; key_index < num_keys; key_index++) {
@@ -259,7 +269,7 @@
read_card (int read_unlocked)
{
int32_t iBlock;
- bool bFailure = false;
+ char bFailure = false;
uint3