github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-19 21:03:48 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

ADD: num_to_bytebitsLSBF function.

Browse source 
ADD: lf guard clone - works...  needs some checking.
ADD: added a option to "addparity" to set zero on fixed pos.
This commit is contained in:
iceman1001 2016-02-28 22:43:21 +01:00
commit 0d2c590974
5 changed files with 121 additions and 70 deletions
Download patch file Download diff file Expand all files Collapse all files

4
client/cmddata.c
View file

@ -619,13 +619,13 @@ int CmdG_Prox_II_Demod(const char *Cmd)
continue; continue;
} }
if (keyCnt<8){ //lsb first if (keyCnt<8){ //lsb first
xorKey = xorKey | (DemodBuffer[startIdx+idx]<<keyCnt); xorKey |= (DemodBuffer[startIdx+idx]<<keyCnt);
keyCnt++; keyCnt++;
if (keyCnt==8 && g_debugMode) PrintAndLog("xorKey Found: %02x", xorKey); if (keyCnt==8 && g_debugMode) PrintAndLog("xorKey Found: %02x", xorKey);
continue; continue;
} }
//lsb first //lsb first
ByteStream[ByteCnt] = ByteStream[ByteCnt] | (DemodBuffer[startIdx+idx]<<bitCnt); ByteStream[ByteCnt] |= (DemodBuffer[startIdx+idx]<<bitCnt);
bitCnt++; bitCnt++;
if (bitCnt % 8 == 0){ if (bitCnt % 8 == 0){
if (g_debugMode) PrintAndLog("byte %u: %02x", (unsigned int)ByteCnt, ByteStream[ByteCnt]); if (g_debugMode) PrintAndLog("byte %u: %02x", (unsigned int)ByteCnt, ByteStream[ByteCnt]);

135
client/cmdlfguard.c
View file

@ -47,40 +47,14 @@ int GetGuardBits(uint32_t fc, uint32_t cn, uint8_t *guardBits) {
// Intializes random number generator // Intializes random number generator
time_t t; time_t t;
srand((unsigned) time(&t)); srand((unsigned) time(&t));
//uint8_t xorKey = rand() % 0xFF;
uint8_t xorKey = 0x6b;
uint8_t i;
uint8_t pre[96]; uint8_t pre[96];
memset(pre, 0x00, sizeof(pre)); memset(pre, 0x00, sizeof(pre));
uint8_t index = 8;
// preamble 6bits
pre[0] = 1;
pre[1] = 1;
pre[2] = 1;
pre[3] = 1;
pre[4] = 1;
//pre[5] = 0;
// add xor key
uint8_t xorKey = rand() % 0xFF;
num_to_bytebits(xorKey, 8, pre+index);
index += 8;
// add format length
// len | hex | bin wiegand pos fc/cn
// 26 | 1A | 0001 1010
num_to_bytebits(26, 8, pre+index);
// 36 | 24 | 0010 0100
//num_to_bytebits(36, 8, pre+index);
// 40 | 28 | 0010 1000
//num_to_bytebits(40, 8, pre+index);
index += 8;
// 2bit checksum
// unknown today.
index += 2;
// Get 26 wiegand from FacilityCode, CardNumber // Get 26 wiegand from FacilityCode, CardNumber
uint8_t wiegand[24]; uint8_t wiegand[24];
memset(wiegand, 0x00, sizeof(wiegand)); memset(wiegand, 0x00, sizeof(wiegand));
@ -88,26 +62,71 @@ int GetGuardBits(uint32_t fc, uint32_t cn, uint8_t *guardBits) {
num_to_bytebits(cn, 16, wiegand+8); num_to_bytebits(cn, 16, wiegand+8);
// add wiegand parity bits (dest, source, len) // add wiegand parity bits (dest, source, len)
wiegand_add_parity(pre+index, wiegand, 24); wiegand_add_parity(pre, wiegand, 24);
uint8_t tmp = 0, i = 0; // lets start. 12bytes of data to be produced.
for (i = 2; i < 12; ++i) { uint8_t rawbytes[12];
// // xor all bytes memset(rawbytes, 0x00, sizeof(rawbytes));
// tmp = xorKey ^ bytebits_to_byte(pre + (i*8), 8);
// // copy to out..
// num_to_bytebits(tmp, 8, pre + (i*8) );
}
// add spacer bit 0 every 5 // xor key
rawbytes[0] = xorKey;
// add format length (decimal)
// len | hex | bin
// 26 | 1A | 0001 1010
rawbytes[1] = (26 << 2);
// 36 | 24 | 0010 0100
//rawbytes[1] = (36 << 2);
// 40 | 28 | 0010 1000
//rawbytes[1] = (40 << 2);
// swap nibbles // 2bit checksum, unknown today,
// these two bits are the last ones of rawbyte[1], hence the LSHIFT above.
rawbytes[2] = 1;
rawbytes[3] = 0;
// add wiegand to rawbytes
for (i = 0; i < 4; ++i)
rawbytes[i+4] = bytebits_to_byte( pre + (i*8), 8);
// copy to outarray if (g_debugMode) printf(" WIE | %s\n", sprint_hex(rawbytes, sizeof(rawbytes)));
memcpy(guardBits, pre, sizeof(pre));
printf(" | %s\n", sprint_bin(guardBits, 96) ); // NIBBLE_SWAP (works on all data)
// for (i = 0; i < 12; ++i)
// rawbytes[i] = SWAP_NIBBLE( rawbytes[i] );
// printf("SWAP | %s\n", sprint_hex(rawbytes, sizeof(rawbytes)));
// XOR (only works on wiegand stuff)
for (i = 1; i < 12; ++i)
rawbytes[i] ^= xorKey ;
if (g_debugMode) printf(" XOR | %s \n", sprint_hex(rawbytes, sizeof(rawbytes)));
// convert rawbytes to bits in pre
for (i = 0; i < 12; ++i)
num_to_bytebitsLSBF( rawbytes[i], 8, pre + (i*8));
if (g_debugMode) printf("\n Raw | %s \n", sprint_hex(rawbytes, sizeof(rawbytes)));
if (g_debugMode) printf(" Raw | %s\n", sprint_bin(pre, 64) );
// add spacer bit 0 every 4 bits, starting with index 0,
// 12 bytes, 24 nibbles. 24+1 extra bites. 3bytes. Ie 9bytes | 1byte xorkey, 8bytes rawdata (64bits, should be enough for a 40bit wiegand)
addParity(pre, guardBits+6, 64, 5, 3);
// preamble
guardBits[0] = 1;
guardBits[1] = 1;
guardBits[2] = 1;
guardBits[3] = 1;
guardBits[4] = 1;
guardBits[5] = 0;
/* 6 B
PRE | 0110 1101 0101 1110 0001 1101 1101 0111 1101011011010110110101101101011
FIN | 111110 0 0110 0 1101 0 0101 0 1110 0 0001 0 1101 0 1101 0 0111 0 110100110011010011001101001100110100110000000000
*/
if (g_debugMode) printf(" FIN | %s\n", sprint_bin(guardBits, 96) );
return 1; return 1;
} }
@ -153,19 +172,19 @@ int CmdGuardClone(const char *Cmd) {
for ( i = 0; i<4; ++i ) for ( i = 0; i<4; ++i )
PrintAndLog(" %02d | %08x", i, blocks[i]); PrintAndLog(" %02d | %08x", i, blocks[i]);
// UsbCommand resp; UsbCommand resp;
// UsbCommand c = {CMD_T55XX_WRITE_BLOCK, {0,0,0}}; UsbCommand c = {CMD_T55XX_WRITE_BLOCK, {0,0,0}};
// for ( i = 0; i<5; ++i ) { for ( i = 0; i<4; ++i ) {
// c.arg[0] = blocks[i]; c.arg[0] = blocks[i];
// c.arg[1] = i; c.arg[1] = i;
// clearCommandBuffer(); clearCommandBuffer();
// SendCommand(&c); SendCommand(&c);
// if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000)){ if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000)){
// PrintAndLog("Error occurred, device did not respond during write operation."); PrintAndLog("Error occurred, device did not respond during write operation.");
// return -1; return -1;
// } }
// } }
return 0; return 0;
} }
@ -207,7 +226,7 @@ int CmdGuardSim(const char *Cmd) {
static command_t CommandTable[] = { static command_t CommandTable[] = {
{"help", CmdHelp, 1, "This help"}, {"help", CmdHelp, 1, "This help"},
{"read", CmdGuardRead, 0, "Attempt to read and extract tag data"}, {"read", CmdGuardRead, 0, "Attempt to read and extract tag data"},
// {"clone", CmdGuardClone, 0, "<Facility-Code> <Card Number> clone Guardall tag"}, {"clone", CmdGuardClone, 0, "<Facility-Code> <Card Number> clone Guardall tag"},
// {"sim", CmdGuardSim, 0, "<Facility-Code> <Card Number> simulate Guardall tag"}, // {"sim", CmdGuardSim, 0, "<Facility-Code> <Card Number> simulate Guardall tag"},
{NULL, NULL, 0, NULL} {NULL, NULL, 0, NULL}
}; };

20
client/util.c
View file

@ -103,6 +103,7 @@ void print_hex(const uint8_t * data, const size_t len) {
printf("%02x ", data[i]); printf("%02x ", data[i]);
printf("\n"); printf("\n");
} }
void print_hex_break(const uint8_t *data, const size_t len, uint8_t breaks) { void print_hex_break(const uint8_t *data, const size_t len, uint8_t breaks) {
int rownum = 0; int rownum = 0;
@ -178,6 +179,7 @@ char *sprint_hex_ascii(const uint8_t *data, const size_t len) {
sprintf(tmp, "%s| %s", sprint_hex(data, max_len) , data); sprintf(tmp, "%s| %s", sprint_hex(data, max_len) , data);
return buf; return buf;
} }
void num_to_bytes(uint64_t n, size_t len, uint8_t* dest) void num_to_bytes(uint64_t n, size_t len, uint8_t* dest)
{ {
while (len--) { while (len--) {
@ -197,12 +199,22 @@ uint64_t bytes_to_num(uint8_t* src, size_t len)
return num; return num;
} }
void num_to_bytebits(uint64_t n, size_t len, uint8_t *dest) { // takes a number (uint64_t) and creates a binarray in dest.
void num_to_bytebits(uint64_t n, size_t len, uint8_t *dest) {
while (len--) { while (len--) {
dest[len] = n & 1; dest[len] = n & 1;
n >>= 1; n >>= 1;
} }
} }
//least significant bit first
void num_to_bytebitsLSBF(uint64_t n, size_t len, uint8_t *dest)
{
for(int i = 0 ; i < len ; ++i) {
dest[i] = n & 1;
n >>= 1;
}
}
// aa,bb,cc,dd,ee,ff,gg,hh, ii,jj,kk,ll,mm,nn,oo,pp // aa,bb,cc,dd,ee,ff,gg,hh, ii,jj,kk,ll,mm,nn,oo,pp
// to // to
@ -220,6 +232,8 @@ uint8_t *SwapEndian64(const uint8_t *src, const size_t len, const uint8_t blockS
return tmp; return tmp;
} }
// takes a uint8_t src array, for len items and reverses the byte order in blocksizes (8,16,32,64),
// returns: the dest array contains the reordered src array.
void SwapEndian64ex(const uint8_t *src, const size_t len, const uint8_t blockSize, uint8_t *dest){ void SwapEndian64ex(const uint8_t *src, const size_t len, const uint8_t blockSize, uint8_t *dest){
for (uint8_t block=0; block < (uint8_t)(len/blockSize); block++){ for (uint8_t block=0; block < (uint8_t)(len/blockSize); block++){
for (size_t i = 0; i < blockSize; i++){ for (size_t i = 0; i < blockSize; i++){
@ -228,7 +242,6 @@ void SwapEndian64ex(const uint8_t *src, const size_t len, const uint8_t blockSiz
} }
} }
// ------------------------------------------------------------------------- // -------------------------------------------------------------------------
// string parameters lib // string parameters lib
// ------------------------------------------------------------------------- // -------------------------------------------------------------------------
@ -493,6 +506,7 @@ void wiegand_add_parity(uint8_t *target, uint8_t *source, uint8_t length)
*(target)= GetParity(source + length / 2, ODD, length / 2); *(target)= GetParity(source + length / 2, ODD, length / 2);
} }
// xor two arrays together for len items. The dst array contains the new xored values.
void xor(unsigned char * dst, unsigned char * src, size_t len) { void xor(unsigned char * dst, unsigned char * src, size_t len) {
for( ; len > 0; len--,dst++,src++) for( ; len > 0; len--,dst++,src++)
*dst ^= *src; *dst ^= *src;
@ -502,6 +516,7 @@ int32_t le24toh (uint8_t data[3]) {
return (data[2] << 16) | (data[1] << 8) | data[0]; return (data[2] << 16) | (data[1] << 8) | data[0];
} }
// Pack a bitarray into a uint32_t.
uint32_t PackBits(uint8_t start, uint8_t len, uint8_t* bits) { uint32_t PackBits(uint8_t start, uint8_t len, uint8_t* bits) {
if (len > 32) return 0; if (len > 32) return 0;
@ -526,6 +541,7 @@ void rol(uint8_t *data, const size_t len){
data[len-1] = first; data[len-1] = first;
} }
// Swap bit order on a uint32_t value. Can be limited by nrbits just use say 8bits reversal
uint32_t SwapBits(uint32_t value, int nrbits) { uint32_t SwapBits(uint32_t value, int nrbits) {
uint32_t newvalue = 0; uint32_t newvalue = 0;
for(int i = 0; i < nrbits; i++) { for(int i = 0; i < nrbits; i++) {

15
client/util.h
View file

@ -36,6 +36,18 @@
#define EVEN 0 #define EVEN 0
#define ODD 1 #define ODD 1
#ifndef NIBBLE_HIGH
# define NIBBLE_HIGH(b) ( (b & 0xF0) >> 4 )
#endif
#ifndef NIBBLE_LOW
# define NIBBLE_LOW(b) ( b & 0x0F )
#endif
#ifndef CRUMB
# define CRUMB(b,p) (((b & (0x3 << p) ) >> p ) & 0xF)
#endif
#ifndef SWAP_NIBBLE
# define SWAP_NIBBLE(b) ( (NIBBLE_LOW(b)<< 4) | NIBBLE_HIGH(b))
#endif
int ukbhit(void); int ukbhit(void);
void AddLogLine(char *fileName, char *extData, char *c); void AddLogLine(char *fileName, char *extData, char *c);
@ -53,7 +65,8 @@ char *sprint_hex_ascii(const uint8_t *data, const size_t len);
void num_to_bytes(uint64_t n, size_t len, uint8_t* dest); void num_to_bytes(uint64_t n, size_t len, uint8_t* dest);
uint64_t bytes_to_num(uint8_t* src, size_t len); uint64_t bytes_to_num(uint8_t* src, size_t len);
void num_to_bytebits(uint64_t n, size_t len, uint8_t *dest); void num_to_bytebits(uint64_t n, size_t len, uint8_t *dest);
void num_to_bytebitsLSBF(uint64_t n, size_t len, uint8_t *dest);
uint8_t *SwapEndian64(const uint8_t *src, const size_t len, const uint8_t blockSize); uint8_t *SwapEndian64(const uint8_t *src, const size_t len, const uint8_t blockSize);
void SwapEndian64ex(const uint8_t *src, const size_t len, const uint8_t blockSize, uint8_t *dest); void SwapEndian64ex(const uint8_t *src, const size_t len, const uint8_t blockSize, uint8_t *dest);

17
common/lfdemod.c
View file

@ -95,7 +95,7 @@ size_t removeParity(uint8_t *BitStream, size_t startIdx, uint8_t pLen, uint8_t p
// by marshmellow // by marshmellow
// takes a array of binary values, length of bits per parity (includes parity bit), // takes a array of binary values, length of bits per parity (includes parity bit),
// Parity Type (1 for odd; 0 for even; 2 Always 1's), and binary Length (length to run) // Parity Type (1 for odd; 0 for even; 2 Always 1's; 3 Always 0's), and binary Length (length to run)
size_t addParity(uint8_t *BitSource, uint8_t *dest, uint8_t sourceLen, uint8_t pLen, uint8_t pType) size_t addParity(uint8_t *BitSource, uint8_t *dest, uint8_t sourceLen, uint8_t pLen, uint8_t pType)
{ {
uint32_t parityWd = 0; uint32_t parityWd = 0;
@ -105,12 +105,16 @@ size_t addParity(uint8_t *BitSource, uint8_t *dest, uint8_t sourceLen, uint8_t p
parityWd = (parityWd << 1) | BitSource[word+bit]; parityWd = (parityWd << 1) | BitSource[word+bit];
dest[j++] = (BitSource[word+bit]); dest[j++] = (BitSource[word+bit]);
} }
// if parity fails then return 0 // if parity fails then return 0
if (pType == 2) { // then marker bit which should be a 1 switch (pType) {
dest[j++]=1; case 3: dest[j++]=0; break; // marker bit which should be a 0
} else { case 2: dest[j++]=1; break; // marker bit which should be a 1
dest[j++] = parityTest(parityWd, pLen-1, pType) ^ 1; default:
dest[j++] = parityTest(parityWd, pLen-1, pType) ^ 1;
break;
} }
bitCnt += pLen; bitCnt += pLen;
parityWd = 0; parityWd = 0;
} }
@ -122,8 +126,7 @@ size_t addParity(uint8_t *BitSource, uint8_t *dest, uint8_t sourceLen, uint8_t p
uint32_t bytebits_to_byte(uint8_t *src, size_t numbits) uint32_t bytebits_to_byte(uint8_t *src, size_t numbits)
{ {
uint32_t num = 0; uint32_t num = 0;
for(int i = 0 ; i < numbits ; i++) for(int i = 0 ; i < numbits ; i++) {
{
num = (num << 1) | (*src); num = (num << 1) | (*src);
src++; src++;
} }