Created
August 11, 2021 15:49
-
-
Save Sucareto/94e1ce6b128e9813918669f155dc9805 to your computer and use it in GitHub Desktop.
简单的穷举mifare密钥方法。
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <Wire.h> | |
#include <PN532_I2C.h> | |
#include <PN532.h> | |
PN532_I2C pn532i2c(Wire); | |
PN532 nfc(pn532i2c); | |
#define SerialDevice SerialUSB //32u4,samd21 | |
void setup() { | |
SerialDevice.begin(119200); | |
SerialDevice.setTimeout(0); | |
nfc.begin(); | |
Wire.setClock(400000); | |
nfc.setPassiveActivationRetries(0x10); | |
while (!nfc.getFirmwareVersion()) { | |
SerialDevice.println("找不到PN532"); | |
} | |
nfc.SAMConfig(); | |
} | |
uint8_t MifareKey[6] = {0, 0, 0, 0, 0, 0}; | |
typedef struct { | |
uint8_t uid[4]; | |
uint8_t key[6]; | |
} Card; | |
Card card; | |
uint64_t Lkey = 0x85FF; | |
void loop() { | |
uint8_t tuid[4], uL; | |
if (nfc.readPassiveTargetID(PN532_MIFARE_ISO14443A, tuid, &uL)) { | |
for (uint8_t i = 0; i < 4; i++) { | |
SerialDevice.print(tuid[i], HEX); | |
} | |
if (memcmp(card.uid, tuid, uL)) { | |
memcpy(card.uid, tuid, uL); | |
SerialDevice.println(",是新卡!"); | |
memcpy(card.key, MifareKey, 6); | |
} else { | |
SerialDevice.println(",继续检测..."); | |
} | |
while (nfc.readPassiveTargetID(PN532_MIFARE_ISO14443A, tuid, &uL) && !memcmp(card.uid, tuid, uL)) { | |
if (card.key[5] == 0xFF) { | |
SerialDevice.print("使用密钥:"); | |
for (uint8_t i = 0; i < 6; i++) { | |
SerialDevice.print(card.key[i], HEX); | |
SerialDevice.print(" "); | |
} | |
} | |
if (!nfc.mifareclassic_AuthenticateBlock(card.uid, uL, 15, 0, card.key)) { | |
if (card.key[5] == 0xFF) { | |
SerialDevice.println(",验证失败..."); | |
} | |
Lkey++; | |
card.key[0] = Lkey >> 40 & 0xFF; | |
card.key[1] = Lkey >> 32 & 0xFF; | |
card.key[2] = Lkey >> 24 & 0xFF; | |
card.key[3] = Lkey >> 16 & 0xFF; | |
card.key[4] = Lkey >> 8 & 0xFF; | |
card.key[5] = Lkey & 0xFF; | |
} else { | |
SerialDevice.println(",验证成功!"); | |
delay(10000); | |
return; | |
} | |
} | |
} else { | |
SerialDevice.println("找不到卡"); | |
delay(500); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment