From 02c2ea5a1537ea09bed7ebd3e9a1f05eeee9aa2d Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Sun, 28 Apr 2019 19:26:26 +0200 Subject: [PATCH] chg: next batch of scripts --- client/scripts/test_t55x7_ask.lua | 56 +++++++++++--------- client/scripts/test_t55x7_bi.lua | 53 +++++++++++-------- client/scripts/test_t55x7_fsk.lua | 53 ++++++++++--------- client/scripts/test_t55x7_psk.lua | 59 ++++++++++++--------- client/scripts/tnp3clone.lua | 86 ++++++++++++++++++------------- client/scripts/tnp3dump.lua | 5 +- client/scripts/tnp3sim.lua | 5 +- client/scripts/ul_uid.lua | 2 +- 8 files changed, 184 insertions(+), 135 deletions(-) diff --git a/client/scripts/test_t55x7_ask.lua b/client/scripts/test_t55x7_ask.lua index 0e0d3d9e3..7ca3a1f29 100644 --- a/client/scripts/test_t55x7_ask.lua +++ b/client/scripts/test_t55x7_ask.lua @@ -6,11 +6,9 @@ local utils = require('utils') local format=string.format local floor=math.floor -example =[[ - 1. script run test_t55x7_ask -]] -author = "Iceman" -usage = "script run test_t55x7_ask" +copyright = '' +author = 'Iceman' +version = 'v1.0.1' desc =[[ This script will program a T55x7 TAG with the configuration: block 0x00 data 0x000100 The outlined procedure is as following: @@ -38,12 +36,17 @@ Loop: testsuit for the ASK/MANCHESTER demod +]] +example =[[ + 1. script run test_t55x7_ask +]] +usage = [[ +script run test_t55x7_ask Arguments: -h : this help ]] -local TIMEOUT = 2000 -- Shouldn't take longer than 2 seconds local DEBUG = true -- the debug flag --BLOCK 0 = 00008040 ASK / MAN @@ -58,31 +61,34 @@ local procedurecmds = { --- -- A debug printout-function local function dbg(args) - if not DEBUG then - return - end - - if type(args) == "table" then + if not DEBUG then return end + if type(args) == 'table' then local i = 1 - while args[i] do - dbg(args[i]) + while result[i] do + dbg(result[i]) i = i+1 end else - print("###", args) + print('###', args) end end --- -- This is only meant to be used when errors occur local function oops(err) - print("ERROR: ",err) + print('ERROR:', err) + core.clearCommandBuffer() + return nil, err end --- -- Usage help local function help() + print(copyright) + print(author) + print(version) print(desc) - print("Example usage") + print('Example usage') print(example) + print(usage) end -- -- Exit message @@ -95,7 +101,7 @@ end local function test() local y - local block = "00" + local block = '00' for y = 0x0, 0x1d, 0x4 do for _ = 1, #procedurecmds do local pcmd = procedurecmds[_] @@ -106,12 +112,14 @@ local function test() local config = pcmd:format(config1, y, config2) dbg(('lf t55xx write b 0 d %s'):format(config)) - config = tonumber(config,16) - - local writecmd = Command:new{cmd = cmds.CMD_T55XX_WRITE_BLOCK,arg1 = config, arg2 = block, arg3 = "00", data = "00"} - local err = core.SendCommand(writecmd:getBytes()) - if err then return oops(err) end - local response = core.WaitForResponseTimeout(cmds.CMD_ACK,TIMEOUT) + config = tonumber(config, 16) + local wc = Command:newMIX{ + cmd = cmds.CMD_T55XX_WRITE_BLOCK + , arg1 = config + , arg2 = block + } + local reponse, err = wc:sendMIX(false) + if not response then return oops(err) end else dbg(pcmd) @@ -130,7 +138,7 @@ local function main(args) -- Arguments for the script for o, arg in getopt.getopt(args, 'h') do - if o == "h" then return help() end + if o == 'h' then return help() end end core.clearCommandBuffer() diff --git a/client/scripts/test_t55x7_bi.lua b/client/scripts/test_t55x7_bi.lua index dce5350dc..21c0234c0 100644 --- a/client/scripts/test_t55x7_bi.lua +++ b/client/scripts/test_t55x7_bi.lua @@ -3,12 +3,10 @@ local getopt = require('getopt') local bin = require('bin') local utils = require('utils') -example =[[ - 1. script run test_t55x7_bi -]] -author = "Iceman" -usage = "script run test_t55x7_bi" -desc =[[ +copyright = '' +author = 'Iceman' +version = 'v1.0.1' +desc = [[ This script will program a T55x7 TAG with the configuration: block 0x00 data 0x00010040 The outlined procedure is as following: @@ -32,12 +30,17 @@ Loop: testsuit for the BIPHASE demod +]] +example = [[ + 1. script run test_t55x7_bi +]] +usage = [[ +script run test_t55x7_bi Arguments: -h : this help ]] -local TIMEOUT = 2000 -- Shouldn't take longer than 2 seconds local DEBUG = true -- the debug flag --BLOCK 0 = 00010040 BIPHASE @@ -52,31 +55,34 @@ local procedurecmds = { --- -- A debug printout-function local function dbg(args) - if not DEBUG then - return - end - - if type(args) == "table" then + if not DEBUG then return end + if type(args) == 'table' then local i = 1 while args[i] do dbg(args[i]) i = i+1 end else - print("###", args) + print('###', args) end end --- -- This is only meant to be used when errors occur local function oops(err) - print("ERROR: ",err) + print('ERROR:', err) + core.clearCommandBuffer() + return nil, err end --- -- Usage help local function help() + print(copyright) + print(author) + print(version) print(desc) - print("Example usage") + print('Example usage') print(example) + print(usage) end -- -- Exit message @@ -89,7 +95,7 @@ end local function test() local y - local block = "00" + local block = '00' for y = 1, 0x1D, 4 do for _ = 1, #procedurecmds do local pcmd = procedurecmds[_] @@ -101,11 +107,14 @@ local function test() local config = pcmd:format(config1, y, config2) dbg(('lf t55xx write b 0 d %s'):format(config)) - config = tonumber(config,16) - local writecmd = Command:new{cmd = cmds.CMD_T55XX_WRITE_BLOCK,arg1 = config, arg2 = block, arg3 = "00", data = "00"} - local err = core.SendCommand(writecmd:getBytes()) - if err then return oops(err) end - local response = core.WaitForResponseTimeout(cmds.CMD_ACK,TIMEOUT) + config = tonumber(config, 16) + local wc = Command:newMIX{ + cmd = cmds.CMD_T55XX_WRITE_BLOCK + , arg1 = config + , arg2 = block + } + local reponse, err = wc:sendMIX(false) + if not response then return oops(err) end else dbg(pcmd) core.console( pcmd ) @@ -124,7 +133,7 @@ local function main(args) -- Arguments for the script for o, arg in getopt.getopt(args, 'h') do - if o == "h" then return help() end + if o == 'h' then return help() end end core.clearCommandBuffer() diff --git a/client/scripts/test_t55x7_fsk.lua b/client/scripts/test_t55x7_fsk.lua index 492f71681..0b1c49e80 100644 --- a/client/scripts/test_t55x7_fsk.lua +++ b/client/scripts/test_t55x7_fsk.lua @@ -3,12 +3,10 @@ local getopt = require('getopt') local bin = require('bin') local utils = require('utils') -example =[[ - 1. script run test_t55x7_fsk -]] -author = "Iceman" -usage = "script run test_t55x7_fsk" -desc =[[ +copyright = '' +author = 'Iceman' +version = 'v1.0.1' +desc = [[ This script will program a T55x7 TAG with the configuration: block 0x00 data 0x000100 The outlined procedure is as following: @@ -33,14 +31,18 @@ Loop: -xx 18 xxxx = RF/100 -xx 1C xxxx = RF/128 - testsuit for the ASK/MANCHESTER demod +]] +example = [[ + 1. script run test_t55x7_fsk +]] +usage = [[ +script run test_t55x7_fsk Arguments: -h : this help ]] -local TIMEOUT = 2000 -- Shouldn't take longer than 2 seconds local DEBUG = true -- the debug flag --BLOCK 0 = 00008040 FSK @@ -55,31 +57,34 @@ local procedurecmds = { --- -- A debug printout-function local function dbg(args) - if not DEBUG then - return - end - - if type(args) == "table" then + if not DEBUG then return end + if type(args) == 'table' then local i = 1 while args[i] do dbg(args[i]) i = i+1 end else - print("###", args) + print('###', args) end end --- -- This is only meant to be used when errors occur local function oops(err) - print("ERROR: ",err) + print('ERROR:', err) + core.clearCommandBuffer() + return nil, err end --- -- Usage help local function help() + print(copyright) + print(author) + print(version) print(desc) - print("Example usage") + print('Example usage') print(example) + print(usage) end -- -- Exit message @@ -92,7 +97,7 @@ end local function test(modulation) local y - local block = "00" + local block = '00' for y = 0x0, 0x1d, 0x4 do for _ = 1, #procedurecmds do local pcmd = procedurecmds[_] @@ -105,11 +110,13 @@ local function test(modulation) dbg(('lf t55xx write b 0 d %s'):format(config)) config = tonumber(config,16) - local writecmd = Command:new{cmd = cmds.CMD_T55XX_WRITE_BLOCK,arg1 = config, arg2 = block, arg3 = "00", data = "00"} - local err = core.SendCommand(writecmd:getBytes()) - if err then return oops(err) end - local response = core.WaitForResponseTimeout(cmds.CMD_ACK,TIMEOUT) - + local wc = Command:newMIX{ + cmd = cmds.CMD_T55XX_WRITE_BLOCK + , arg1 = config + , arg2 = block + } + local reponse, err = wc:sendMIX(false) + if not response then return oops(err) end else dbg(pcmd) core.console( pcmd ) @@ -127,7 +134,7 @@ local function main(args) -- Arguments for the script for o, arg in getopt.getopt(args, 'h') do - if o == "h" then return help() end + if o == 'h' then return help() end end core.clearCommandBuffer() diff --git a/client/scripts/test_t55x7_psk.lua b/client/scripts/test_t55x7_psk.lua index bd3aa2f79..a3bce696d 100644 --- a/client/scripts/test_t55x7_psk.lua +++ b/client/scripts/test_t55x7_psk.lua @@ -3,13 +3,10 @@ local getopt = require('getopt') local bin = require('bin') local utils = require('utils') -example =[[ - 1. script run test_t55x7_psk - 2. script run test_t55x7_psk -o -]] -author = "Iceman" -usage = "script run test_t55x7_psk" -desc =[[ +copyright = '' +author = 'Iceman' +version = 'v1.0.1' +desc = [[ This script will program a T55x7 TAG with the configuration: block 0x00 data 0x00088040 The outlined procedure is as following: @@ -30,12 +27,18 @@ Loop OUTER: XXXXX8XX = PSK RF/8 In all 12 individual test for the PSK demod +]] +example = [[ + 1. script run test_t55x7_psk + 2. script run test_t55x7_psk -o +]] +usage = [[ +script run test_t55x7_psk Arguments: -h : this help ]] -local TIMEOUT = 2000 -- Shouldn't take longer than 2 seconds local DEBUG = true -- the debug flag -- --BLOCK 0 = 00 08 80 40 PSK @@ -53,31 +56,34 @@ local procedurecmds = { --- -- A debug printout-function local function dbg(args) - if not DEBUG then - return - end - - if type(args) == "table" then + if not DEBUG then return end + if type(args) == 'table' then local i = 1 while args[i] do dbg(args[i]) i = i+1 end else - print("###", args) + print('###', args) end end --- -- This is only meant to be used when errors occur local function oops(err) - print("ERROR: ",err) + print('ERROR:', err) + core.clearCommandBuffer() + return nil, err end --- -- Usage help local function help() + print(copyright) + print(author) + print(version) print(desc) - print("Example usage") + print('Example usage') print(example) + print(usage) end -- -- Exit message @@ -91,7 +97,7 @@ end local function test(modulation) local bitrate local clockrate - local block = "00" + local block = '00' for bitrate = 0x0, 0x1d, 0x4 do for clockrate = 0,8,4 do @@ -103,16 +109,19 @@ local function test(modulation) elseif _ == 1 then - dbg("Writing to T55x7 TAG") + dbg('Writing to T55x7 TAG') local config = cmd:format(bitrate, modulation, clockrate) - dbg(('lf t55xx write b 0 d %s'):format(config)) + dbg(('lf t55xx write b 0 d %s'):format(config)) - config = tonumber(config,16) - local writecmd = Command:new{cmd = cmds.CMD_T55XX_WRITE_BLOCK,arg1 = config, arg2 = block, arg3 = "00", data = "00"} - local err = core.SendCommand(writecmd:getBytes()) - if err then return oops(err) end - local response = core.WaitForResponseTimeout(cmds.CMD_ACK,TIMEOUT) + config = tonumber(config, 16) + local wc = Command:newMIX{ + cmd = cmds.CMD_T55XX_WRITE_BLOCK + , arg1 = config + , arg2 = block + } + local reponse, err = wc:sendMIX(false) + if not response then return oops(err) end else dbg(cmd) core.console( cmd ) @@ -131,7 +140,7 @@ local function main(args) -- Arguments for the script for o, arg in getopt.getopt(args, 'h') do - if o == "h" then return help() end + if o == 'h' then return help() end end core.clearCommandBuffer() diff --git a/client/scripts/tnp3clone.lua b/client/scripts/tnp3clone.lua index 386a7e25c..0bb18375b 100644 --- a/client/scripts/tnp3clone.lua +++ b/client/scripts/tnp3clone.lua @@ -10,6 +10,12 @@ local rsh = bit32.rshift local bor = bit32.bor local band = bit32.band +copyright = '' +author = "Iceman" +version = 'v1.0.1' +desc =[[ +This script will try making a barebone clone of a tnp3 tag on to a magic generation1 card. +]] example =[[ script run tnp3clone script run tnp3clone -h @@ -17,10 +23,8 @@ example =[[ script run tnp3clone -t aa00 -s 0030 ]] -author = "Iceman" -usage = "script run tnp3clone -t -s " -desc =[[ -This script will try making a barebone clone of a tnp3 tag on to a magic generation1 card. +usage = [[ +script run tnp3clone -t -s Arguments: -h : this help @@ -36,51 +40,59 @@ Arguments: 023c - Special 0020 - Swapforce ]] - +--- -- This is only meant to be used when errors occur local function oops(err) - print("ERROR: ",err) + print('ERROR:', err) + core.clearCommandBuffer() + return nil, err end -- Usage help local function help() + print(copyright) + print(author) + print(version) print(desc) - print("Example usage") + print('Example usage') print(example) + print(usage) end - -local function waitCmd() - local response = core.WaitForResponseTimeout(cmds.CMD_ACK,2000) - if response then - local count,cmd,arg0 = bin.unpack('LL',response) - if(arg0==1) then - local count,arg1,arg2,data = bin.unpack('LLH511',response,count) - return data:sub(1,32) - else - return nil, "Couldn't read block." - end +--- +-- decode response and get the blockdata from a normal mifare read command +local function getblockdata(response) + if not response then + return nil, 'No response from device' + end + + local count, cmd, arg0 = bin.unpack('LL', response) + if arg0 == 1 then + local count, arg1, arg2, data = bin.unpack('LLH511', response, count) + return data:sub(1, 32) + else + return nil, "Couldn't read block.. ["..arg0.."]" end - return nil, "No response from device" end local function readblock( blocknum, keyA ) -- Read block N - cmd = Command:new{cmd = cmds.CMD_MIFARE_READBL, arg1 = blocknum, arg2 = 0, arg3 = 0, data = keyA} - err = core.SendCommand(cmd:getBytes()) - if err then return nil, err end - local block0, err = waitCmd() - if err then return nil, err end - return block0 + local c = Command:newMIX{cmd = cmds.CMD_MIFARE_READBL, arg1 = blocknum, data = keyA} + local b, err = getblockdata(c:sendMIX()) + if not b then return oops(err) end + return b end - +--- +-- decode response and get the blockdata from backdoor magic command local function readmagicblock( blocknum ) -- Read block N local CSETBLOCK_SINGLE_OPERATION = 0x1F - cmd = Command:new{cmd = cmds.CMD_MIFARE_CGETBLOCK, arg1 = CSETBLOCK_SINGLE_OPERATION, arg2 = 0, arg3 = blocknum} - err = core.SendCommand(cmd:getBytes()) - if err then return nil, err end - local block0, err = waitCmd() - if err then return nil, err end - return block0 + local c = Command:newMIX{ + cmd = cmds.CMD_MIFARE_CGETBLOCK + , arg1 = CSETBLOCK_SINGLE_OPERATION + , arg3 = blocknum + } + local b, err = getblockdata(c:sendMIX()) + if not b then return oops(err) end + return b end local function main(args) @@ -103,10 +115,10 @@ local function main(args) -- Arguments for the script for o, a in getopt.getopt(args, 'ht:s:l') do - if o == "h" then return help() end - if o == "t" then toytype = a end - if o == "s" then subtype = a end - if o == "l" then return toys.List() end + if o == 'h' then return help() end + if o == 't' then toytype = a end + if o == 's' then subtype = a end + if o == 'l' then return toys.List() end end if #toytype ~= 4 then return oops('[!] Wrong size - toytype. (4hex symbols)') end @@ -115,7 +127,7 @@ local function main(args) -- look up type, find & validate types local item = toys.Find( toytype, subtype) if item then - print( ('[+] Looking up input: Found %s - %s (%s)'):format(item[6],item[5], item[4]) ) + print( ('[+] Looking up input: Found %s - %s (%s)'):format(item[6], item[5], item[4]) ) else print('[-] Didn\'t find item type. If you are sure about it, post on forum') end diff --git a/client/scripts/tnp3dump.lua b/client/scripts/tnp3dump.lua index 32afc6fdc..b0db89718 100644 --- a/client/scripts/tnp3dump.lua +++ b/client/scripts/tnp3dump.lua @@ -131,7 +131,8 @@ local function main(args) -- Turn off Debug local cmdSetDbgOff = "hf mf dbg 0" core.console( cmdSetDbgOff) - + utils.Sleep(0.5) + result, err = lib14a.read(false, true) if not result then return oops(err) end @@ -166,7 +167,7 @@ local function main(args) local block0, block1 -- Read block 0 dbg('Reading block 0') - cmd = Command:newMIX{cmd = cmds.CMD_MIFARE_READBL, data = keyA} + cmd = Command:newMIX{cmd = cmds.CMD_MIFARE_READBL, arg1 = 0, data = keyA} block0, err = getblockdata(cmd:sendMIX(false)) if not block0 then return oops(err) end diff --git a/client/scripts/tnp3sim.lua b/client/scripts/tnp3sim.lua index 21845794e..8ba56238d 100644 --- a/client/scripts/tnp3sim.lua +++ b/client/scripts/tnp3sim.lua @@ -235,7 +235,6 @@ local function LoadEmulator(uid, blocks) local key = md5.sumhexa(baseStr) local enc = core.aes128_encrypt(key, blockdata) blockdata = utils.ConvertAsciiToHex(enc) - io.write( _..',') end else -- add keys if not existing.. @@ -243,6 +242,9 @@ local function LoadEmulator(uid, blocks) blockdata = AddKey(keys, _, blockdata) end end + + io.write( _..',') + io.flush() core.clearCommandBuffer() cmd = Command:newMIX{cmd = cmds.CMD_MIFARE_EML_MEMSET, arg1 = _ ,arg2 = 1,arg3 = 16, data = blockdata} local err, msg = cmd:sendMIX(true) @@ -368,6 +370,7 @@ local function main(args) -- Turn off Debug local cmdSetDbgOff = 'hf mf dbg 0' core.console( cmdSetDbgOff) + utils.Sleep(0.5) -- Load dump.bin file print( ('Load data from %s'):format(inputTemplate)) diff --git a/client/scripts/ul_uid.lua b/client/scripts/ul_uid.lua index 16957d593..7b806b1fe 100644 --- a/client/scripts/ul_uid.lua +++ b/client/scripts/ul_uid.lua @@ -45,7 +45,7 @@ end -- This is only meant to be used when errors occur local function oops(err) print('ERROR:', err) - core.clearCommandBuffer() + core.clearCommandBuffer() return nil, err end ---