simulate sketch

2025-08-14 18:48:13 -07:00 · 2022-07-02 22:45:32 +03:00 · 2022-07-02 22:45:32 +03:00 · 1e91895b90
commit 1e91895b90
parent 45ea60c92b
5 changed files with 107 additions and 1 deletions
--- a/armsrc/appmain.c
+++ b/armsrc/appmain.c
@ -1392,6 +1392,13 @@ static void PacketReceived(PacketCommandNG *packet) {
            HfReadADC(samplesCount, true);
            break;
        }
+        case CMD_HF_TEXKOM_SIMULATE: {
+            uint32_t timeout = 0;
+            memcpy(&timeout, &packet->data.asBytes[9], 4);
+            HfWriteTkm(packet->data.asBytes, packet->data.asBytes[8], timeout);
+            break;
+        }
+
 #endif

 #ifdef WITH_ISO14443a
--- a/armsrc/hfops.c
+++ b/armsrc/hfops.c
@ -19,6 +19,7 @@
 #include "hfops.h"

 #include <string.h>
+#include "appmain.h"
 #include "proxmark3_arm.h"
 #include "cmd.h"
 #include "BigBuf.h"
@ -90,4 +91,55 @@ int HfReadADC(uint32_t samplesCount, bool ledcontrol) {
    return 0;
 }

+static uint32_t HfEncodeTkm(uint8_t *uid, uint8_t modulation) {

+    return 0;
+}
+
+int HfWriteTkm(uint8_t *uid, uint8_t modulation, uint32_t timeout) {
+    // free eventually allocated BigBuf memory
+    BigBuf_free_keep_EM();
+
+    LEDsoff();
+
+    uint32_t elen = HfEncodeTkm(uid, modulation);
+    if (elen == 0) {
+        DbpString("encode error");
+        reply_ng(CMD_HF_TEXKOM_SIMULATE, PM3_EAPDU_ENCODEFAIL, NULL, 0);
+        return PM3_EAPDU_ENCODEFAIL;
+    }
+
+    LED_C_ON();
+
+    int vHf = 0; // in mV
+    bool button_pressed = false;
+    bool exit_loop = false;
+    while (exit_loop == false) {
+
+        button_pressed = BUTTON_PRESS();
+        if (button_pressed || data_available())
+            break;
+
+        WDT_HIT();
+
+        vHf = (MAX_ADC_HF_VOLTAGE * SumAdc(ADC_CHAN_HF, 32)) >> 15;
+        if (vHf > MF_MINFIELDV) {
+            LED_A_ON();
+        } else {
+            LED_A_OFF();
+            continue;
+        }
+
+
+        // TransmitTo15693Reader(ts->buf, ts->max, &response_time, 0, slow);
+    }
+
+    switch_off();
+
+    if (button_pressed)
+        DbpString("button pressed");
+
+    reply_ng(CMD_HF_TEXKOM_SIMULATE, PM3_SUCCESS, NULL, 0);
+
+    return PM3_SUCCESS;
+}
--- a/armsrc/hfops.h
+++ b/armsrc/hfops.h
@ -22,5 +22,6 @@
 #include "common.h"

 int HfReadADC(uint32_t samplesCount, bool ledcontrol);
+int HfWriteTkm(uint8_t *uid, uint8_t modulation, uint32_t timeout);

 #endif
--- a/client/src/cmdhftexkom.c
+++ b/client/src/cmdhftexkom.c
@ -550,12 +550,57 @@ static int CmdHFTexkomReader(const char *Cmd) {
 }


+static int CmdHFTexkomSim(const char *Cmd) {
+    CLIParserContext *ctx;
+    CLIParserInit(&ctx, "hf texkom sim",
+                  "Simulate a texkom tag",
+                  "hf texkom sim");
+
+    void *argtable[] = {
+        arg_param_begin,
+        arg_lit0("v",  "verbose",  "Verbose work"),
+        arg_lit0("t",  "tk17",  "Use TK-17 modulation (TK-13 by default)"),
+        arg_param_end
+    };
+    CLIExecWithReturn(ctx, Cmd, argtable, true);
+
+    bool verbose = arg_get_lit(ctx, 1);
+    uint32_t cmdtimeout = 0;
+    uint8_t modulation = 0; // tk-13
+    if (arg_get_lit(ctx, 2))
+        modulation = 1; //tk-17
+
+    CLIParserFree(ctx);
+
+    // <texkom 8bytes><modulation 1b><timeout 4b>
+    uint8_t data[13] = {0};
+    data[8] = modulation;
+    memcpy(&data[9], &cmdtimeout, 4);
+    clearCommandBuffer();
+    SendCommandNG(CMD_HF_TEXKOM_SIMULATE, data, sizeof(data));
+
+    if (cmdtimeout > 0 && cmdtimeout < 2800) {
+        PacketResponseNG resp;
+        if (!WaitForResponseTimeout(CMD_HF_TEXKOM_SIMULATE, &resp, 3000)) {
+            if (verbose)
+                PrintAndLogEx(WARNING, "(hf texkom simulate) command execution time out");
+            return PM3_ETIMEOUT;
+        }
+        PrintAndLogEx(INFO, "simulate command execution done");
+    } else {
+        PrintAndLogEx(INFO, "simulate command started");
+    }
+
+    return PM3_SUCCESS;
+}
+
+
 static int CmdHelp(const char *Cmd);

 static command_t CommandTable[] = {
    {"help",    CmdHelp,            AlwaysAvailable,  "This help"},
    {"reader",  CmdHFTexkomReader,  IfPm3Iso14443a,   "Act like a Texkom reader"},
-    //{"sim",     CmdHFTexkomSim,     IfPm3Iso14443a,   "Simulate a Texkom tag"},
+    {"sim",     CmdHFTexkomSim,     IfPm3Iso14443a,   "Simulate a Texkom tag"},
    //{"write",   CmdHFTexkomWrite,   IfPm3Iso14443a,   "Write a Texkom tag"},
    {NULL,      NULL,               0, NULL}
 };
--- a/include/pm3_cmd.h
+++ b/include/pm3_cmd.h
@ -522,6 +522,7 @@ typedef struct {
 #define CMD_HF_ISO15693_CSETUID                                           0x0316
 #define CMD_HF_ISO15693_SLIX_L_DISABLE_PRIVACY                            0x0317
 #define CMD_HF_ISO15693_SLIX_L_DISABLE_AESAFI                             0x0318
+#define CMD_HF_TEXKOM_SIMULATE                                            0x0320

 #define CMD_LF_SNIFF_RAW_ADC                                              0x0360