github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-20 05:13:46 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Added support for some ISO15693 custom NXP commands

Browse source
This commit is contained in:
unknown 2019-11-22 13:55:09 +02:00
commit 1b6566cd5c
4 changed files with 195 additions and 61 deletions
Download patch file Download diff file Expand all files Collapse all files

80
client/cmdhf15.c
View file

@ -85,10 +85,11 @@ const productName uidmapping[] = {
//I-Code SLI-S [IC id = 02]
//I-Code SLI-L [IC id = 03]
//I-Code SLIX [IC id = 01 + bit36 set to 1 (starting from bit0 - different from normal SLI)]
//I-Code SLIX2 [IC id = 01 + bit35 set to 1 + bit36 set to 0]
//I-Code SLIX-S [IC id = 02 + bit36 set to 1]
//I-Code SLIX-L [IC id = 03 + bit36 set to 1]
{ 0xE004000000000000LL, 16, "NXP Semiconductors Germany (Philips)" },
{ 0xE004010000000000LL, 24, "NXP(Philips); IC SL2 ICS20/ICS21(SLI) ICS2002/ICS2102(SLIX)" },
{ 0xE004010000000000LL, 24, "NXP(Philips); IC SL2 ICS20/ICS21(SLI) ICS2002/ICS2102(SLIX) ICS2602(SLIX2)" },
{ 0xE004020000000000LL, 24, "NXP(Philips); IC SL2 ICS53/ICS54(SLI-S) ICS5302/ICS5402(SLIX-S)" },
{ 0xE004030000000000LL, 24, "NXP(Philips); IC SL2 ICS50/ICS51(SLI-L) ICS5002/ICS5102(SLIX-L)" },
@ -237,7 +238,7 @@ static int getUID(uint8_t *buf) {
}
} // retry
return 0;
return PM3_SUCCESS;
}
// get a product description based on the UID
@ -297,12 +298,12 @@ static int CmdHF15Help(const char *Cmd);
static int usage_15_demod(void) {
PrintAndLogEx(NORMAL, "Tries to demodulate / decode ISO15693, from downloaded samples.\n"
"Gather samples with 'hf 15 read' / 'hf 15 record'");
return 0;
return PM3_SUCCESS;
}
static int usage_15_samples(void) {
PrintAndLogEx(NORMAL, "Acquire samples as Reader (enables carrier, send inquiry\n"
"and download it to graphbuffer. Try 'hf 15 demod' to try to demodulate/decode signal");
return 0;
return PM3_SUCCESS;
}
static int usage_15_info(void) {
PrintAndLogEx(NORMAL, "Uses the optional command 'get_systeminfo' 0x2B to try and extract information\n"
@ -318,11 +319,11 @@ static int usage_15_info(void) {
"\t * scan for tag\n"
"Examples:\n"
"\thf 15 info u");
return 0;
return PM3_SUCCESS;
}
static int usage_15_record(void) {
PrintAndLogEx(NORMAL, "Record activity without enableing carrier");
return 0;
PrintAndLogEx(NORMAL, "Record activity without enabling carrier");
return PM3_SUCCESS;
}
static int usage_15_reader(void) {
PrintAndLogEx(NORMAL, "This command identifies a ISO 15693 tag\n"
@ -333,23 +334,25 @@ static int usage_15_reader(void) {
"\n"
"Example:\n"
"\thf 15 reader");
return 0;
return PM3_SUCCESS;
}
static int usage_15_sim(void) {
PrintAndLogEx(NORMAL, "Usage: hf 15 sim <UID>\n"
"\n"
"Example:\n"
"\thf 15 sim E016240000000000");
return 0;
return PM3_SUCCESS;
}
static int usage_15_findafi(void) {
PrintAndLogEx(NORMAL, "'hf 15 finafi' This command needs a helptext. Feel free to add one!");
return 0;
PrintAndLogEx(NORMAL, "This command attempts to brute force AFI of an ISO15693 tag\n"
"\n"
"Usage: hf 15 findafi");
return PM3_SUCCESS;
}
static int usage_15_dump(void) {
PrintAndLogEx(NORMAL, "This command dumps the contents of a ISO-15693 tag and save it to file\n"
"\n"
"Usage: hf 15 dump [h] <f filname> \n"
"Usage: hf 15 dump [h] <f filename> \n"
"Options:\n"
"\th this help\n"
"\tf <name> filename, if no <name> UID will be used as filename\n"
@ -357,7 +360,7 @@ static int usage_15_dump(void) {
"Example:\n"
"\thf 15 dump f\n"
"\thf 15 dump f mydump");
return 0;
return PM3_SUCCESS;
}
static int usage_15_restore(void) {
const char *options[][2] = {
@ -371,7 +374,7 @@ static int usage_15_restore(void) {
};
PrintAndLogEx(NORMAL, "Usage: hf 15 restore [-2] [-o] [h] [r <NUM>] [u <UID>] [f <filename>] [b <block size>]");
PrintAndLogOptions(options, 7, 3);
return 0;
return PM3_SUCCESS;
}
static int usage_15_raw(void) {
const char *options[][2] = {
@ -382,7 +385,7 @@ static int usage_15_raw(void) {
};
PrintAndLogEx(NORMAL, "Usage: hf 15 raw [-r] [-2] [-c] <0A 0B 0C ... hex>\n");
PrintAndLogOptions(options, 4, 3);
return 0;
return PM3_SUCCESS;
}
static int usage_15_read(void) {
PrintAndLogEx(NORMAL, "Usage: hf 15 read [options] <uid|s|u|*> <page#>\n"
@ -393,7 +396,7 @@ static int usage_15_read(void) {
"\t u unaddressed mode\n"
"\t * scan for tag\n"
"\tpage#: page number 0-255");
return 0;
return PM3_SUCCESS;
}
static int usage_15_write(void) {
PrintAndLogEx(NORMAL, "Usage: hf 15 write [options] <uid|s|u|*> <page#> <hexdata>\n"
@ -406,7 +409,7 @@ static int usage_15_write(void) {
"\t * scan for tag\n"
"\tpage#: page number 0-255\n"
"\thexdata: data to be written eg AA BB CC DD");
return 0;
return PM3_SUCCESS;
}
static int usage_15_readmulti(void) {
PrintAndLogEx(NORMAL, "Usage: hf 15 readmulti [options] <uid|s|u|*> <start#> <count#>\n"
@ -418,7 +421,7 @@ static int usage_15_readmulti(void) {
"\t * scan for tag\n"
"\tstart#: page number to start 0-255\n"
"\tcount#: number of pages");
return 0;
return PM3_SUCCESS;
}
static int usage_15_csetuid(void) {
PrintAndLogEx(NORMAL, "Set UID for magic Chinese card (only works with such cards)\n"
@ -429,7 +432,7 @@ static int usage_15_csetuid(void) {
"\n"
"Example:\n"
"\thf 15 csetuid E011223344556677");
return 0;
return PM3_SUCCESS;
}
/**
@ -686,7 +689,7 @@ static int CmdHF15Info(const char *Cmd) {
return 0;
}
// Record Activity without enabeling carrier
// Record Activity without enabling carrier
//helptext
static int CmdHF15Record(const char *Cmd) {
char cmdp = tolower(param_getchar(Cmd, 0));
@ -724,8 +727,8 @@ static int CmdHF15Sim(const char *Cmd) {
return 0;
}
// finds the AFI (Application Family Idendifier) of a card, by trying all values
// (There is no standard way of reading the AFI, allthough some tags support this)
// finds the AFI (Application Family Identifier) of a card, by trying all values
// (There is no standard way of reading the AFI, although some tags support this)
// helptext
static int CmdHF15Afi(const char *Cmd) {
char cmdp = tolower(param_getchar(Cmd, 0));
@ -856,16 +859,26 @@ static int CmdHF15Dump(const char *Cmd) {
size_t datalen = blocknum * 4;
saveFileEML(filename, data, datalen, 4);
saveFile(filename, ".bin", data, datalen);
return 0;
return PM3_SUCCESS;
}
static int CmdHF15List(const char *Cmd) {
(void)Cmd; // Cmd is not used so far
//PrintAndLogEx(WARNING, "Deprecated command, use 'hf list 15' instead");
CmdTraceList("15");
return 0;
return PM3_SUCCESS;
}
/*
// Record Activity without enabling carrier
static int CmdHF15Sniff(const char *Cmd)
{
clearCommandBuffer();
SendCommandNG(CMD_HF_ISO15693_SNIFF, NULL, 0);
return PM3_SUCCESS;
}
*/
static int CmdHF15Raw(const char *Cmd) {
char cmdp = param_getchar(Cmd, 0);
@ -939,7 +952,7 @@ static int CmdHF15Raw(const char *Cmd) {
PrintAndLogEx(WARNING, "timeout while waiting for reply.");
}
}
return 0;
return PM3_SUCCESS;
}
/**
@ -1020,7 +1033,7 @@ static int CmdHF15Readmulti(const char *Cmd) {
currblock++;
}
return 0;
return PM3_SUCCESS;
}
/**
@ -1092,7 +1105,7 @@ static int CmdHF15Read(const char *Cmd) {
PrintAndLogEx(NORMAL, "------------+---+------");
PrintAndLogEx(NORMAL, "%s| %d | %s", sprint_hex(recv + 2, status - 4), recv[1], sprint_ascii(recv + 2, status - 4));
PrintAndLogEx(NORMAL, "");
return 0;
return PM3_SUCCESS;
}
/**
@ -1170,7 +1183,7 @@ static int CmdHF15Write(const char *Cmd) {
}
PrintAndLogEx(NORMAL, "OK");
return 0;
return PM3_SUCCESS;
}
static int CmdHF15Restore(const char *Cmd) {
@ -1257,7 +1270,7 @@ static int CmdHF15Restore(const char *Cmd) {
if (bytes_read == 0) {
PrintAndLogEx(SUCCESS, "File reading done `%s`", filename);
fclose(f);
return 0;
return PM3_SUCCESS;
} else if (bytes_read != blocksize) {
PrintAndLogEx(ERR, "File reading error (%s), %zu bytes read instead of %zu bytes.", filename, bytes_read, blocksize);
fclose(f);
@ -1290,7 +1303,7 @@ static int CmdHF15Restore(const char *Cmd) {
}
fclose(f);
PrintAndLogEx(INFO, "Finish restore");
return 0;
return PM3_SUCCESS;
}
/**
@ -1396,7 +1409,8 @@ static command_t CommandTable[] = {
{"dump", CmdHF15Dump, IfPm3Iso15693, "Read all memory pages of an ISO15693 tag, save to file"},
{"findafi", CmdHF15Afi, IfPm3Iso15693, "Brute force AFI of an ISO15693 tag"},
{"info", CmdHF15Info, IfPm3Iso15693, "Tag information"},
{"list", CmdHF15List, AlwaysAvailable, "List ISO15693 history"},
// {"sniff", CmdHF15Sniff, IfPm3Iso15693, "Sniff ISO15693 traffic"},
{"list", CmdHF15List, AlwaysAvailable, "List ISO15693 history"},
{"raw", CmdHF15Raw, IfPm3Iso15693, "Send raw hex data to tag"},
{"reader", CmdHF15Reader, IfPm3Iso15693, "Act like an ISO15693 reader"},
{"record", CmdHF15Record, IfPm3Iso15693, "Record Samples (ISO15693)"},
@ -1406,14 +1420,14 @@ static command_t CommandTable[] = {
{"read", CmdHF15Read, IfPm3Iso15693, "Read a block"},
{"write", CmdHF15Write, IfPm3Iso15693, "Write a block"},
{"readmulti", CmdHF15Readmulti, IfPm3Iso15693, "Reads multiple Blocks"},
{"csetuid", CmdHF15CSetUID, IfPm3Iso15693, "Set UID for magic Chinese card"},
{"csetuid", CmdHF15CSetUID, IfPm3Iso15693, "Set UID for magic Chinese card"},
{NULL, NULL, NULL, NULL}
};
static int CmdHF15Help(const char *Cmd) {
(void)Cmd; // Cmd is not used so far
CmdsHelp(CommandTable);
return 0;
return PM3_SUCCESS;
}
int CmdHF15(const char *Cmd) {

72
client/cmdhflist.c
View file

@ -428,6 +428,78 @@ void annotateIso15693(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize) {
case ISO15693_READ_MULTI_SECSTATUS:
snprintf(exp, size, "READ_MULTI_SECSTATUS");
return;
case ISO15693_INVENTORY_READ:
snprintf(exp, size, "INVENTORY_READ");
return;
case ISO15693_FAST_INVENTORY_READ:
snprintf(exp, size, "FAST_INVENTORY_READ");
return;
case ISO15693_SET_EAS:
snprintf(exp, size, "SET_EAS");
return;
case ISO15693_RESET_EAS:
snprintf(exp, size, "RESET_EAS");
return;
case ISO15693_LOCK_EAS:
snprintf(exp, size, "LOCK_EAS");
return;
case ISO15693_EAS_ALARM:
snprintf(exp, size, "EAS_ALARM");
return;
case ISO15693_PASSWORD_PROTECT_EAS:
snprintf(exp, size, "PASSWORD_PROTECT_EAS");
return;
case ISO15693_WRITE_EAS_ID:
snprintf(exp, size, "WRITE_EAS_ID");
return;
case ISO15693_READ_EPC:
snprintf(exp, size, "READ_EPC");
return;
case ISO15693_GET_NXP_SYSTEM_INFO:
snprintf(exp, size, "GET_NXP_SYSTEM_INFO");
return;
case ISO15693_INVENTORY_PAGE_READ:
snprintf(exp, size, "INVENTORY_PAGE_READ");
return;
case ISO15693_FAST_INVENTORY_PAGE_READ:
snprintf(exp, size, "FAST_INVENTORY_PAGE_READ");
return;
case ISO15693_GET_RANDOM_NUMBER:
snprintf(exp, size, "GET_RANDOM_NUMBER");
return;
case ISO15693_SET_PASSWORD:
snprintf(exp, size, "SET_PASSWORD");
return;
case ISO15693_WRITE_PASSWORD:
snprintf(exp, size, "WRITE_PASSWORD");
return;
case ISO15693_LOCK_PASSWORD:
snprintf(exp, size, "LOCK_PASSWORD");
return;
case ISO15693_PROTECT_PAGE:
snprintf(exp, size, "PROTECT_PAGE");
return;
case ISO15693_LOCK_PAGE_PROTECTION:
snprintf(exp, size, "LOCK_PAGE_PROTECTION");
return;
case ISO15693_GET_MULTI_BLOCK_PROTECTION:
snprintf(exp, size, "GET_MULTI_BLOCK_PROTECTION");
return;
case ISO15693_DESTROY:
snprintf(exp, size, "DESTROY");
return;
case ISO15693_ENABLE_PRIVACY:
snprintf(exp, size, "ENABLE_PRIVACY");
return;
case ISO15693_64BIT_PASSWORD_PROTECTION:
snprintf(exp, size, "64BIT_PASSWORD_PROTECTION");
return;
case ISO15693_STAYQUIET_PERSISTENT:
snprintf(exp, size, "STAYQUIET_PERSISTENT");
return;
case ISO15693_READ_SIGNATURE:
snprintf(exp, size, "READ_SIGNATURE");
return;
default:
break;
}

54
common/iso15693tools.h
View file

@ -51,21 +51,45 @@
#define ISO15_ERROR_BLOCL_WRITELOCK 0x14 // Locking was unsuccessful
// COMMAND CODES
#define ISO15_CMD_INVENTORY 0x01
#define ISO15_CMD_STAYQUIET 0x02
#define ISO15_CMD_READ 0x20
#define ISO15_CMD_WRITE 0x21
#define ISO15_CMD_LOCK 0x22
#define ISO15_CMD_READMULTI 0x23
#define ISO15_CMD_WRITEMULTI 0x24
#define ISO15_CMD_SELECT 0x25
#define ISO15_CMD_RESET 0x26
#define ISO15_CMD_WRITEAFI 0x27
#define ISO15_CMD_LOCKAFI 0x28
#define ISO15_CMD_WRITEDSFID 0x29
#define ISO15_CMD_LOCKDSFID 0x2A
#define ISO15_CMD_SYSINFO 0x2B
#define ISO15_CMD_SECSTATUS 0x2C
#define ISO15_CMD_INVENTORY 0x01
#define ISO15_CMD_STAYQUIET 0x02
#define ISO15_CMD_READ 0x20
#define ISO15_CMD_WRITE 0x21
#define ISO15_CMD_LOCK 0x22
#define ISO15_CMD_READMULTI 0x23
#define ISO15_CMD_WRITEMULTI 0x24
#define ISO15_CMD_SELECT 0x25
#define ISO15_CMD_RESET 0x26
#define ISO15_CMD_WRITEAFI 0x27
#define ISO15_CMD_LOCKAFI 0x28
#define ISO15_CMD_WRITEDSFID 0x29
#define ISO15_CMD_LOCKDSFID 0x2A
#define ISO15_CMD_SYSINFO 0x2B
#define ISO15_CMD_SECSTATUS 0x2C
#define ISO15_CMD_INVENTORYREAD 0xA0
#define ISO15_CMD_FASTINVENTORYREAD 0xA1
#define ISO15_CMD_SETEAS 0xA2
#define ISO15_CMD_RESETEAS 0xA3
#define ISO15_CMD_LOCKEAS 0xA4
#define ISO15_CMD_EASALARM 0xA5
#define ISO15_CMD_PASSWORDPROTECTEAS 0xA6
#define ISO15_CMD_WRITEEASID 0xA7
#define ISO15_CMD_READEPC 0xA8
#define ISO15_CMD_GETNXPSYSTEMINFO 0xAB
#define ISO15_CMD_INVENTORYPAGEREAD 0xB0
#define ISO15_CMD_FASTINVENTORYPAGEREAD 0xB1
#define ISO15_CMD_GETRANDOMNUMBER 0xB2
#define ISO15_CMD_SETPASSWORD 0xB3
#define ISO15_CMD_WRITEPASSWORD 0xB4
#define ISO15_CMD_LOCKPASSWORD 0xB5
#define ISO15_CMD_PROTECTPAGE 0xB6
#define ISO15_CMD_LOCKPAGEPROTECTION 0xB7
#define ISO15_CMD_GETMULTIBLOCKPROTECTION 0xB8
#define ISO15_CMD_DESTROY 0xB9
#define ISO15_CMD_ENABLEPRIVACY 0xBA
#define ISO15_CMD_64BITPASSWORDPROTECTION 0xBB
#define ISO15_CMD_STAYQUIETPERSISTENT 0xBC
#define ISO15_CMD_READSIGNATURE 0xBD
//-----------------------------------------------------------------------------
// Map a sequence of octets (~layer 2 command) into the set of bits to feed

50
include/protocols.h
View file

@ -239,19 +239,43 @@ ISO 7816-4 Basic interindustry commands. For command APDU's.
#define ISO15693_INVENTORY 0x01
#define ISO15693_STAYQUIET 0x02
//First byte is 02
#define ISO15693_READBLOCK 0x20
#define ISO15693_WRITEBLOCK 0x21
#define ISO15693_LOCKBLOCK 0x22
#define ISO15693_READ_MULTI_BLOCK 0x23
#define ISO15693_SELECT 0x25
#define ISO15693_RESET_TO_READY 0x26
#define ISO15693_WRITE_AFI 0x27
#define ISO15693_LOCK_AFI 0x28
#define ISO15693_WRITE_DSFID 0x29
#define ISO15693_LOCK_DSFID 0x2A
#define ISO15693_GET_SYSTEM_INFO 0x2B
#define ISO15693_READ_MULTI_SECSTATUS 0x2C
#define ISO15693_READBLOCK 0x20
#define ISO15693_WRITEBLOCK 0x21
#define ISO15693_LOCKBLOCK 0x22
#define ISO15693_READ_MULTI_BLOCK 0x23
#define ISO15693_SELECT 0x25
#define ISO15693_RESET_TO_READY 0x26
#define ISO15693_WRITE_AFI 0x27
#define ISO15693_LOCK_AFI 0x28
#define ISO15693_WRITE_DSFID 0x29
#define ISO15693_LOCK_DSFID 0x2A
#define ISO15693_GET_SYSTEM_INFO 0x2B
#define ISO15693_READ_MULTI_SECSTATUS 0x2C
// NXP/Philips custom commands
#define ISO15693_INVENTORY_READ 0xA0
#define ISO15693_FAST_INVENTORY_READ 0xA1
#define ISO15693_SET_EAS 0xA2
#define ISO15693_RESET_EAS 0xA3
#define ISO15693_LOCK_EAS 0xA4
#define ISO15693_EAS_ALARM 0xA5
#define ISO15693_PASSWORD_PROTECT_EAS 0xA6
#define ISO15693_WRITE_EAS_ID 0xA7
#define ISO15693_READ_EPC 0xA8
#define ISO15693_GET_NXP_SYSTEM_INFO 0xAB
#define ISO15693_INVENTORY_PAGE_READ 0xB0
#define ISO15693_FAST_INVENTORY_PAGE_READ 0xB1
#define ISO15693_GET_RANDOM_NUMBER 0xB2
#define ISO15693_SET_PASSWORD 0xB3
#define ISO15693_WRITE_PASSWORD 0xB4
#define ISO15693_LOCK_PASSWORD 0xB5
#define ISO15693_PROTECT_PAGE 0xB6
#define ISO15693_LOCK_PAGE_PROTECTION 0xB7
#define ISO15693_GET_MULTI_BLOCK_PROTECTION 0xB8
#define ISO15693_DESTROY 0xB9
#define ISO15693_ENABLE_PRIVACY 0xBA
#define ISO15693_64BIT_PASSWORD_PROTECTION 0xBB
#define ISO15693_STAYQUIET_PERSISTENT 0xBC
#define ISO15693_READ_SIGNATURE 0xBD
// Topaz command set:
#define TOPAZ_REQA 0x26 // Request