From 5d5d9d9be0b86d5343378948d5c9c89df9320a7f Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sat, 14 Jan 2023 22:22:04 +0100 Subject: [PATCH 01/23] make style --- armsrc/Standalone/lf_nedap_sim.c | 114 ++++--- client/src/cmdhfemrtd.c | 36 +-- client/src/cmdhfmf.c | 2 +- client/src/cmdhfmfu.c | 8 +- client/src/cmdlfparadox.c | 22 +- client/src/cmdpiv.c | 10 +- client/src/fileutils.c | 6 +- client/src/mifare/mifarehost.c | 40 +-- client/src/pm3line_vocabulory.h | 17 +- client/src/ui.c | 12 +- doc/commands.json | 493 +++++++++---------------------- doc/commands.md | 27 +- include/protocol_vigik.h | 2 +- include/protocols.h | 2 +- 14 files changed, 262 insertions(+), 529 deletions(-) diff --git a/armsrc/Standalone/lf_nedap_sim.c b/armsrc/Standalone/lf_nedap_sim.c index 491199c27..dcd093fee 100644 --- a/armsrc/Standalone/lf_nedap_sim.c +++ b/armsrc/Standalone/lf_nedap_sim.c @@ -30,11 +30,11 @@ #define MODULE_LONG_NAME "LF Nedap simple simulator" typedef struct _NEDAP_TAG { - uint8_t subType; - uint16_t customerCode; - uint32_t id; - - uint8_t bIsLong; + uint8_t subType; + uint16_t customerCode; + uint32_t id; + + uint8_t bIsLong; } NEDAP_TAG, *PNEDAP_TAG; const NEDAP_TAG Tag = {.subType = 0x5, .customerCode = 0x123, .id = 42424, .bIsLong = 1}; @@ -46,78 +46,67 @@ static uint8_t isEven_64_63(const uint8_t *data); static inline uint32_t bitcount32(uint32_t a); static void bytes_to_bytebits(const void *src, const size_t srclen, void *dest); -void ModInfo(void) -{ +void ModInfo(void) { DbpString(" " MODULE_LONG_NAME); } -void RunMod(void) -{ - int n; +void RunMod(void) { + int n; - StandAloneMode(); + StandAloneMode(); Dbprintf("[=] " MODULE_LONG_NAME " -- started"); - FpgaDownloadAndGo(FPGA_BITSTREAM_LF); - Dbprintf("[=] NEDAP (%s) - ID: " _GREEN_("%05u") " subtype: " _GREEN_("%1u") " customer code: " _GREEN_("%u / 0x%03X"), Tag.bIsLong ? "128b" : "64b", Tag.id, Tag.subType, Tag.customerCode, Tag.customerCode); - - n = NedapPrepareBigBuffer(&Tag); - do - { + FpgaDownloadAndGo(FPGA_BITSTREAM_LF); + Dbprintf("[=] NEDAP (%s) - ID: " _GREEN_("%05u") " subtype: " _GREEN_("%1u") " customer code: " _GREEN_("%u / 0x%03X"), Tag.bIsLong ? "128b" : "64b", Tag.id, Tag.subType, Tag.customerCode, Tag.customerCode); + + n = NedapPrepareBigBuffer(&Tag); + do { WDT_HIT(); if (data_available()) - break; + break; + + SimulateTagLowFrequency(n, 0, true); - SimulateTagLowFrequency(n, 0, true); - } while (BUTTON_HELD(1000) == BUTTON_NO_CLICK); Dbprintf("[=] " MODULE_LONG_NAME " -- exiting"); - + LEDsoff(); } -static int NedapPrepareBigBuffer(const NEDAP_TAG *pTag) -{ - int ret = 0; - uint8_t data[16], bitStream[sizeof(data) * 8], phase = 0; - uint16_t i, size = pTag->bIsLong ? sizeof(data) : (sizeof(data) / 2); - - NedapGen(pTag->subType, pTag->customerCode, pTag->id, pTag->bIsLong, data); - bytes_to_bytebits(data, size, bitStream); - size <<= 3; - - for (i = 0; i < size; i++) - { - biphaseSimBitInverted(!bitStream[i], &ret, &phase); - } - if (phase == 1) //run a second set inverted to keep phase in check - { - for (i = 0; i < size; i++) - { - biphaseSimBitInverted(!bitStream[i], &ret, &phase); - } - } - - return ret; +static int NedapPrepareBigBuffer(const NEDAP_TAG *pTag) { + int ret = 0; + uint8_t data[16], bitStream[sizeof(data) * 8], phase = 0; + uint16_t i, size = pTag->bIsLong ? sizeof(data) : (sizeof(data) / 2); + + NedapGen(pTag->subType, pTag->customerCode, pTag->id, pTag->bIsLong, data); + bytes_to_bytebits(data, size, bitStream); + size <<= 3; + + for (i = 0; i < size; i++) { + biphaseSimBitInverted(!bitStream[i], &ret, &phase); + } + if (phase == 1) { //run a second set inverted to keep phase in check + for (i = 0; i < size; i++) { + biphaseSimBitInverted(!bitStream[i], &ret, &phase); + } + } + + return ret; } -static void biphaseSimBitInverted(uint8_t c, int *n, uint8_t *phase) -{ - uint8_t *dest = BigBuf_get_addr(); +static void biphaseSimBitInverted(uint8_t c, int *n, uint8_t *phase) { + uint8_t *dest = BigBuf_get_addr(); - if (c) - { - memset(dest + (*n), c ^ 1 ^ *phase, 32); - memset(dest + (*n) + 32, c ^ *phase, 32); - } - else - { - memset(dest + (*n), c ^ *phase, 64); - *phase ^= 1; - } - *n += 64; + if (c) { + memset(dest + (*n), c ^ 1 ^ *phase, 32); + memset(dest + (*n) + 32, c ^ *phase, 32); + } else { + memset(dest + (*n), c ^ *phase, 64); + *phase ^= 1; + } + *n += 64; } #define FIXED_71 0x71 @@ -190,13 +179,11 @@ static uint8_t isEven_64_63(const uint8_t *data) { // 8 return (bitcount32(tmp[0]) + (bitcount32(tmp[1] & 0xfeffffff))) & 1; } -static void bytes_to_bytebits(const void *src, const size_t srclen, void *dest) -{ +static void bytes_to_bytebits(const void *src, const size_t srclen, void *dest) { uint8_t *s = (uint8_t *)src, *d = (uint8_t *)dest; size_t i = srclen * 8, j = srclen; - while (j--) - { + while (j--) { uint8_t b = s[j]; d[--i] = (b >> 0) & 1; d[--i] = (b >> 1) & 1; @@ -209,8 +196,7 @@ static void bytes_to_bytebits(const void *src, const size_t srclen, void *dest) } } -static inline uint32_t bitcount32(uint32_t a) -{ +static inline uint32_t bitcount32(uint32_t a) { #if defined __GNUC__ return __builtin_popcountl(a); #else diff --git a/client/src/cmdhfemrtd.c b/client/src/cmdhfemrtd.c index c99c4b939..bb0808a51 100644 --- a/client/src/cmdhfemrtd.c +++ b/client/src/cmdhfemrtd.c @@ -1964,11 +1964,11 @@ int infoHF_EMRTD_offline(const char *path) { strncat(filepath, PATHSEP, 2); strcat(filepath, dg_table[EF_COM].filename); - if ((loadFile_safeEx(filepath, ".BIN", (void **)&data, (size_t *)&datalen, false) != PM3_SUCCESS) && - (loadFile_safeEx(filepath, ".bin", (void **)&data, (size_t *)&datalen, false) != PM3_SUCCESS)) { - PrintAndLogEx(ERR, "Failed to read EF_COM"); - free(filepath); - return PM3_ESOFT; + if ((loadFile_safeEx(filepath, ".BIN", (void **)&data, (size_t *)&datalen, false) != PM3_SUCCESS) && + (loadFile_safeEx(filepath, ".bin", (void **)&data, (size_t *)&datalen, false) != PM3_SUCCESS)) { + PrintAndLogEx(ERR, "Failed to read EF_COM"); + free(filepath); + return PM3_ESOFT; } int res = emrtd_print_ef_com_info(data, datalen); @@ -1999,9 +1999,9 @@ int infoHF_EMRTD_offline(const char *path) { strcat(filepath, dg_table[EF_CardAccess].filename); if ((loadFile_safeEx(filepath, ".BIN", (void **)&data, (size_t *)&datalen, false) == PM3_SUCCESS) || - (loadFile_safeEx(filepath, ".bin", (void **)&data, (size_t *)&datalen, false) == PM3_SUCCESS)) { - emrtd_print_ef_cardaccess_info(data, datalen); - free(data); + (loadFile_safeEx(filepath, ".bin", (void **)&data, (size_t *)&datalen, false) == PM3_SUCCESS)) { + emrtd_print_ef_cardaccess_info(data, datalen); + free(data); } else { PrintAndLogEx(HINT, "The error above this is normal. It just means that your eMRTD lacks PACE"); } @@ -2010,11 +2010,11 @@ int infoHF_EMRTD_offline(const char *path) { strncat(filepath, PATHSEP, 2); strcat(filepath, dg_table[EF_SOD].filename); - if ((loadFile_safeEx(filepath, ".BIN", (void **)&data, (size_t *)&datalen, false) != PM3_SUCCESS) && - (loadFile_safeEx(filepath, ".bin", (void **)&data, (size_t *)&datalen, false) != PM3_SUCCESS)) { - PrintAndLogEx(ERR, "Failed to read EF_SOD"); - free(filepath); - return PM3_ESOFT; + if ((loadFile_safeEx(filepath, ".BIN", (void **)&data, (size_t *)&datalen, false) != PM3_SUCCESS) && + (loadFile_safeEx(filepath, ".bin", (void **)&data, (size_t *)&datalen, false) != PM3_SUCCESS)) { + PrintAndLogEx(ERR, "Failed to read EF_SOD"); + free(filepath); + return PM3_ESOFT; } // coverity scan CID 395630, @@ -2040,7 +2040,7 @@ int infoHF_EMRTD_offline(const char *path) { strncat(filepath, PATHSEP, 2); strcat(filepath, dg->filename); if ((loadFile_safeEx(filepath, ".BIN", (void **)&data, (size_t *)&datalen, false) == PM3_SUCCESS) || - (loadFile_safeEx(filepath, ".bin", (void **)&data, (size_t *)&datalen, false) == PM3_SUCCESS)) { + (loadFile_safeEx(filepath, ".bin", (void **)&data, (size_t *)&datalen, false) == PM3_SUCCESS)) { // we won't halt on parsing errors if (dg->parser != NULL) { dg->parser(data, datalen); @@ -2111,7 +2111,7 @@ static int CmdHFeMRTDDump(const char *Cmd) { if (CLIParamStrToBuf(arg_get_str(ctx, 1), docnum, 9, &slen) != 0 || slen == 0) { BAC = false; } else { - strn_upper((char*)docnum, slen); + strn_upper((char *)docnum, slen); if (slen != 9) { // Pad to 9 with < memset(docnum + slen, '<', 9 - slen); @@ -2144,7 +2144,7 @@ static int CmdHFeMRTDDump(const char *Cmd) { error = true; } else { BAC = true; - strn_upper((char*)mrz, slen); + strn_upper((char *)mrz, slen); memcpy(docnum, &mrz[0], 9); memcpy(dob, &mrz[13], 6); memcpy(expiry, &mrz[21], 6); @@ -2213,7 +2213,7 @@ static int CmdHFeMRTDInfo(const char *Cmd) { if (CLIParamStrToBuf(arg_get_str(ctx, 1), docnum, 9, &slen) != 0 || slen == 0) { BAC = false; } else { - strn_upper((char*)docnum, slen); + strn_upper((char *)docnum, slen); if (slen != 9) { memset(docnum + slen, '<', 9 - slen); } @@ -2245,7 +2245,7 @@ static int CmdHFeMRTDInfo(const char *Cmd) { error = true; } else { BAC = true; - strn_upper((char*)mrz, slen); + strn_upper((char *)mrz, slen); memcpy(docnum, &mrz[0], 9); memcpy(dob, &mrz[13], 6); memcpy(expiry, &mrz[21], 6); diff --git a/client/src/cmdhfmf.c b/client/src/cmdhfmf.c index 2ea197cf7..98a587cf1 100644 --- a/client/src/cmdhfmf.c +++ b/client/src/cmdhfmf.c @@ -569,7 +569,7 @@ static int CmdHF14AMfWrBl(const char *Cmd) { uint8_t blockno = (uint8_t)b; - // Sector trailer sanity checks. + // Sector trailer sanity checks. // Warn if ACL is strict read-only, or invalid ACL. if (mfIsSectorTrailer(blockno)) { PrintAndLogEx(INFO, "Sector trailer (ST) write detected"); diff --git a/client/src/cmdhfmfu.c b/client/src/cmdhfmfu.c index 00df6e710..bc8c10859 100644 --- a/client/src/cmdhfmfu.c +++ b/client/src/cmdhfmfu.c @@ -1376,7 +1376,7 @@ static int mfu_fingerprint(TagTypeUL_t tagtype, bool hasAuthKey, uint8_t *authke } } - // OTP checks + // OTP checks mfu_otp_identify_t *item = mfu_match_otp_fingerprint(data); if (item) { PrintAndLogEx(SUCCESS, "Found " _GREEN_("%s"), item->desc); @@ -1391,9 +1391,9 @@ static int mfu_fingerprint(TagTypeUL_t tagtype, bool hasAuthKey, uint8_t *authke } } } - // - - + // + + out: free(data); diff --git a/client/src/cmdlfparadox.c b/client/src/cmdlfparadox.c index e1a714c96..bbd6cd205 100644 --- a/client/src/cmdlfparadox.c +++ b/client/src/cmdlfparadox.c @@ -264,7 +264,7 @@ static int CmdParadoxClone(const char *Cmd) { } uint32_t blocks[4]; - + if (raw_len != 0) { if (raw_len != 12) { PrintAndLogEx(ERR, "Data must be 12 bytes (24 HEX characters) %d", raw_len); @@ -280,39 +280,39 @@ static int CmdParadoxClone(const char *Cmd) { manchester[0] = 0x0F; // preamble manchester[1] = 0x05; // Leading zeros - Note: from this byte on, is part of the CRC calculation - manchester[2] = 0x55; // Leading zeros its 4 bits out for the CRC, so we need too move + manchester[2] = 0x55; // Leading zeros its 4 bits out for the CRC, so we need too move manchester[3] = 0x55; // Leading zeros back 4 bits once we have the crc (done below) // add FC - t1 = manchesterEncode2Bytes (fc); + t1 = manchesterEncode2Bytes(fc); manchester[4] = (t1 >> 8) & 0xFF; manchester[5] = t1 & 0xFF; - + // add cn - t1 = manchesterEncode2Bytes (cn); + t1 = manchesterEncode2Bytes(cn); manchester[6] = (t1 >> 24) & 0xFF; manchester[7] = (t1 >> 16) & 0xFF; manchester[8] = (t1 >> 8) & 0xFF; manchester[9] = t1 & 0xFF; - uint8_t crc = (CRC8Maxim(manchester+1, 9) ^ 0x6) & 0xFF; + uint8_t crc = (CRC8Maxim(manchester + 1, 9) ^ 0x6) & 0xFF; // add crc - t1 = manchesterEncode2Bytes (crc); + t1 = manchesterEncode2Bytes(crc); manchester[10] = (t1 >> 8) & 0xFF; manchester[11] = t1 & 0xFF; // move left 4 bits left 4 bits - Now that we have the CRC we need to re-align the data. for (int i = 1; i < 12; i++) - manchester[i] = (manchester[i] << 4) + (manchester[i+1] >> 4); - + manchester[i] = (manchester[i] << 4) + (manchester[i + 1] >> 4); + // Add trailing 1010 (11) manchester[11] |= (1 << 3); manchester[11] |= (1 << 1); - + // move into tag blocks for (int i = 0; i < 12; i++) - blocks[1 + (i/4)] += (manchester[i] << (8 * (3 - i % 4))); + blocks[1 + (i / 4)] += (manchester[i] << (8 * (3 - i % 4))); } // Paradox - FSK2a, data rate 50, 3 data blocks diff --git a/client/src/cmdpiv.c b/client/src/cmdpiv.c index 3d703e1ec..12b217ebc 100644 --- a/client/src/cmdpiv.c +++ b/client/src/cmdpiv.c @@ -66,7 +66,7 @@ static const struct piv_container PIV_CONTAINERS[] = { {0x0100, PIV_TAG_ID("\x5F\xC1\x0A"), 3, PIV_CONDITIONAL, "X.509 Certificate for Digital Signature (key ref 9C)"}, {0x0102, PIV_TAG_ID("\x5F\xC1\x0B"), 3, PIV_CONDITIONAL, "X.509 Certificate for Key Management (key ref 9D)"}, {0x3001, PIV_TAG_ID("\x5F\xC1\x09"), 3, PIV_OPTIONAL, "Printed Information"}, - {0x6050, PIV_TAG_ID( "\x7E"), 1, PIV_OPTIONAL, "Discovery Object"}, + {0x6050, PIV_TAG_ID("\x7E"), 1, PIV_OPTIONAL, "Discovery Object"}, {0x6060, PIV_TAG_ID("\x5F\xC1\x0C"), 3, PIV_OPTIONAL, "Key History Object"}, {0x1001, PIV_TAG_ID("\x5F\xC1\x0D"), 3, PIV_OPTIONAL, "Retired X.509 Certificate for Key Management 1 (key ref 82)"}, {0x1002, PIV_TAG_ID("\x5F\xC1\x0E"), 3, PIV_OPTIONAL, "Retired X.509 Certificate for Key Management 2 (key ref 83)"}, @@ -89,7 +89,7 @@ static const struct piv_container PIV_CONTAINERS[] = { {0x1013, PIV_TAG_ID("\x5F\xC1\x1F"), 3, PIV_OPTIONAL, "Retired X.509 Certificate for Key Management 19 (key ref 94)"}, {0x1014, PIV_TAG_ID("\x5F\xC1\x20"), 3, PIV_OPTIONAL, "Retired X.509 Certificate for Key Management 20 (key ref 95)"}, {0x1015, PIV_TAG_ID("\x5F\xC1\x21"), 3, PIV_OPTIONAL, "Cardholder Iris Images"}, - {0x1016, PIV_TAG_ID( "\x7F\x61"), 2, PIV_OPTIONAL, "Biometric Information Templates Group Template"}, + {0x1016, PIV_TAG_ID("\x7F\x61"), 2, PIV_OPTIONAL, "Biometric Information Templates Group Template"}, {0x1017, PIV_TAG_ID("\x5F\xC1\x22"), 3, PIV_OPTIONAL, "Secure Messaging Certificate Signer"}, {0x1018, PIV_TAG_ID("\x5F\xC1\x23"), 3, PIV_OPTIONAL, "Pairing Code Reference Data Container"}, PIV_CONTAINER_FINISH, @@ -493,13 +493,13 @@ static void piv_print_cb(void *data, const struct tlv *tlv, int level, bool is_l } } -static void PrintTLV(const struct tlvdb* tlvdb) { +static void PrintTLV(const struct tlvdb *tlvdb) { if (tlvdb) { tlvdb_visit(tlvdb, piv_print_cb, NULL, 0); } } -static void PrintTLVFromBuffer(const uint8_t* buf, size_t len) { +static void PrintTLVFromBuffer(const uint8_t *buf, size_t len) { if (buf == NULL || len == 0) { return; } @@ -598,7 +598,7 @@ static int PivGetData(Iso7816CommandChannel channel, const uint8_t tag[], size_t return PM3_SUCCESS; } -static int PivGetDataByCidAndPrint(Iso7816CommandChannel channel, const struct piv_container* cid, bool decodeTLV, bool verbose) { +static int PivGetDataByCidAndPrint(Iso7816CommandChannel channel, const struct piv_container *cid, bool decodeTLV, bool verbose) { struct tlvdb_root *root = NULL; if (cid == NULL) { diff --git a/client/src/fileutils.c b/client/src/fileutils.c index 22cf3ad5e..e42ac5a16 100644 --- a/client/src/fileutils.c +++ b/client/src/fileutils.c @@ -258,13 +258,13 @@ static size_t path_size(savePaths_t a) { if (a == spItemCount) { return 0; } - return strlen( g_session.defaultPaths[a] ); + return strlen(g_session.defaultPaths[a]); } char *newfilenamemcopy(const char *preferredName, const char *suffix) { if (preferredName == NULL || suffix == NULL) { return NULL; - } + } uint16_t p_namelen = strlen(preferredName); if (str_endswith(preferredName, suffix)) @@ -328,7 +328,7 @@ int saveFileEML(const char *preferredName, uint8_t *data, size_t datalen, size_t } char *fileName = newfilenamemcopy(preferredName, ".eml"); - if (fileName == NULL) { + if (fileName == NULL) { return PM3_EMALLOC; } diff --git a/client/src/mifare/mifarehost.c b/client/src/mifare/mifarehost.c index 5ce88123d..0c8c8b274 100644 --- a/client/src/mifare/mifarehost.c +++ b/client/src/mifare/mifarehost.c @@ -1466,7 +1466,7 @@ int convert_mfc_2_arr(uint8_t *in, uint16_t ilen, uint8_t *out, uint16_t *olen) ilen -= MFBLOCK_SIZE; *olen += MFBLOCK_SIZE; } - return PM3_SUCCESS; + return PM3_SUCCESS; } static const vigik_pk_t vigik_rsa_pk[] = { @@ -1502,7 +1502,7 @@ static void reverse_array(const uint8_t *src, int src_len, uint8_t *dest) { int vigik_verify(uint8_t *uid, uint8_t uidlen, uint8_t *signature, int signature_len) { // iso9796 - // Exponent V = 2 + // Exponent V = 2 // n = The public modulus n is the product of the secret prime factors p and q. Its length is 1024 bits. if (g_debugMode == DEBUG) { @@ -1527,7 +1527,7 @@ int vigik_verify(uint8_t *uid, uint8_t uidlen, uint8_t *signature, int signature // signature = h( C || M1 || h(M2) ) // 1024 - 786 - 160 - 16 -1 - // salt C + // salt C // message M = 96 bytes, 768 bits // sha1 hash H = 20 bytes, 160 bits // padding = 20 bytes, 96 bits @@ -1563,18 +1563,18 @@ int vigik_verify(uint8_t *uid, uint8_t uidlen, uint8_t *signature, int signature mbedtls_mpi_init(&sqr); mbedtls_mpi_init(&res); - mbedtls_mpi_read_binary(&N, (const unsigned char*)n, PUBLIC_VIGIK_KEYLEN); + mbedtls_mpi_read_binary(&N, (const unsigned char *)n, PUBLIC_VIGIK_KEYLEN); //mbedtls_mpi_read_binary(&s, (const unsigned char*)signature, signature_len); - mbedtls_mpi_read_binary(&s, (const unsigned char*)rev_sig, signature_len); + mbedtls_mpi_read_binary(&s, (const unsigned char *)rev_sig, signature_len); // check is sign < (N/2) - + mbedtls_mpi n_2; mbedtls_mpi_init(&n_2); mbedtls_mpi_copy(&n_2, &N); mbedtls_mpi_shift_r(&n_2, 1); - bool is_less = (mbedtls_mpi_cmp_mpi(&s, &n_2) > 0) ? false : true; + bool is_less = (mbedtls_mpi_cmp_mpi(&s, &n_2) > 0) ? false : true; PrintAndLogEx(DEBUG, "z < (N/2) ..... %s", (is_less) ? _GREEN_("YES") : _RED_("NO")); mbedtls_mpi_free(&n_2); @@ -1644,10 +1644,10 @@ int vigik_verify(uint8_t *uid, uint8_t uidlen, uint8_t *signature, int signature PrintAndLogEx(DEBUG, "LSB............ " _GREEN_("%u"), lsb); if (g_debugMode == DEBUG) { - mbedtls_mpi_write_file( "[=] N.............. ", &N, 16, NULL ); - mbedtls_mpi_write_file( "[=] signature...... ", &s, 16, NULL ); - mbedtls_mpi_write_file( "[=] square mod n... ", &sqr, 16, NULL ); - mbedtls_mpi_write_file( "[=] n-fs........... ", &res, 16, NULL ); + mbedtls_mpi_write_file("[=] N.............. ", &N, 16, NULL); + mbedtls_mpi_write_file("[=] signature...... ", &s, 16, NULL); + mbedtls_mpi_write_file("[=] square mod n... ", &sqr, 16, NULL); + mbedtls_mpi_write_file("[=] n-fs........... ", &res, 16, NULL); } @@ -1656,9 +1656,9 @@ int vigik_verify(uint8_t *uid, uint8_t uidlen, uint8_t *signature, int signature // xor 0xDC01 int count_zero = 0; - for (int x = 0; x < sizeof(nfs); x +=2) { + for (int x = 0; x < sizeof(nfs); x += 2) { nfs[x] ^= 0xDC; - nfs[x+1] ^= 0x01; + nfs[x + 1] ^= 0x01; if (nfs[x] == 0x00) count_zero++; @@ -1689,10 +1689,10 @@ int vigik_verify(uint8_t *uid, uint8_t uidlen, uint8_t *signature, int signature PrintAndLogEx(INFO, "Hash byte... 0x%02X", ts.hash); switch(ts.rsa[126]) { case 0x11: - PrintAndLogEx(INFO, "Hash algo ( 0x%02X ) - SHA1"); + PrintAndLogEx(INFO, "Hash algo ( 0x%02X ) - SHA1"); break; case 0x22: - PrintAndLogEx(INFO, "Hash algo ( 0x%02X ) - RIPEMD"); + PrintAndLogEx(INFO, "Hash algo ( 0x%02X ) - RIPEMD"); break; case 0x33: PrintAndLogEx(INFO, "Hash algo ( 0x%02X ) - SHA1"); @@ -1711,7 +1711,7 @@ int vigik_verify(uint8_t *uid, uint8_t uidlen, uint8_t *signature, int signature print_hex_noascii_break(ts.rsa, sizeof(ts.rsa) - 20, 32); } */ - + mbedtls_mpi_free(&N); mbedtls_mpi_free(&s); mbedtls_mpi_free(&res); @@ -1722,7 +1722,7 @@ int vigik_verify(uint8_t *uid, uint8_t uidlen, uint8_t *signature, int signature PrintAndLogEx(INFO, ""); PrintAndLogEx(INFO, "--- " _CYAN_("Tag Signature")); PrintAndLogEx(INFO, "RSA: 1024bit"); - + if (is_valid == false || i == ARRAYLEN(vigik_rsa_pk)) { PrintAndLogEx(INFO, "Signature:"); print_hex_noascii_break(signature, signature_len, MFBLOCK_SIZE * 2); @@ -1736,7 +1736,7 @@ int vigik_verify(uint8_t *uid, uint8_t uidlen, uint8_t *signature, int signature PrintAndLogEx(INFO, "%.64s", vigik_rsa_pk[i].n + 64); PrintAndLogEx(INFO, "%.64s", vigik_rsa_pk[i].n + 128); PrintAndLogEx(INFO, "%.64s", vigik_rsa_pk[i].n + 192); - + PrintAndLogEx(INFO, "Signature:"); print_hex_noascii_break(signature, signature_len, MFBLOCK_SIZE * 2); @@ -1749,7 +1749,7 @@ int vigik_annotate(uint8_t *d) { if (d == NULL) return PM3_EINVARG; - mfc_vigik_t *foo = (mfc_vigik_t*)d; + mfc_vigik_t *foo = (mfc_vigik_t *)d; PrintAndLogEx(INFO, "Manufacture......... %s", sprint_hex(foo->b0, sizeof(foo->b0))); PrintAndLogEx(INFO, "MAD................. %s", sprint_hex(foo->mad, sizeof(foo->mad))); @@ -1773,4 +1773,4 @@ int vigik_annotate(uint8_t *d) { PrintAndLogEx(INFO, ""); return PM3_SUCCESS; -} \ No newline at end of file +} diff --git a/client/src/pm3line_vocabulory.h b/client/src/pm3line_vocabulory.h index de0cb6ace..4ea275639 100644 --- a/client/src/pm3line_vocabulory.h +++ b/client/src/pm3line_vocabulory.h @@ -244,11 +244,11 @@ const static vocabulory_t vocabulory[] = { { 1, "hf gallagher diversifykey" }, { 1, "hf gallagher decode" }, { 1, "hf ksx6924 help" }, - { 0, "hf ksx6924 select" }, - { 0, "hf ksx6924 info" }, { 0, "hf ksx6924 balance" }, - { 0, "hf ksx6924 init" }, + { 0, "hf ksx6924 info" }, + { 0, "hf ksx6924 initialize" }, { 0, "hf ksx6924 prec" }, + { 0, "hf ksx6924 select" }, { 1, "hf jooki help" }, { 0, "hf jooki clone" }, { 1, "hf jooki decode" }, @@ -347,10 +347,6 @@ const static vocabulory_t vocabulory[] = { { 0, "hf mf gen3uid" }, { 0, "hf mf gen3blk" }, { 0, "hf mf gen3freeze" }, - { 0, "hf mf ggetblk" }, - { 0, "hf mf gload" }, - { 0, "hf mf gsave" }, - { 0, "hf mf gsetblk" }, { 0, "hf mf gview" }, { 0, "hf mf ndefformat" }, { 0, "hf mf ndefread" }, @@ -380,7 +376,6 @@ const static vocabulory_t vocabulory[] = { { 1, "hf mfu view" }, { 0, "hf mfu wrbl" }, { 0, "hf mfu eload" }, - { 0, "hf mfu esave" }, { 0, "hf mfu eview" }, { 0, "hf mfu sim" }, { 0, "hf mfu setpwd" }, @@ -589,7 +584,6 @@ const static vocabulory_t vocabulory[] = { { 0, "lf idteck clone" }, { 0, "lf idteck sim" }, { 1, "lf indala help" }, - { 0, "lf indala brute" }, { 1, "lf indala demod" }, { 1, "lf indala altdemod" }, { 0, "lf indala reader" }, @@ -737,11 +731,6 @@ const static vocabulory_t vocabulory[] = { { 0, "nfc barcode read" }, { 0, "nfc barcode sim" }, { 1, "nfc barcode help" }, - { 1, "piv help" }, - { 0, "piv select" }, - { 0, "piv getdata" }, - { 0, "piv scan" }, - { 1, "piv list" }, { 1, "smart help" }, { 1, "smart list" }, { 0, "smart info" }, diff --git a/client/src/ui.c b/client/src/ui.c index 839dd22b0..d9f4514cf 100644 --- a/client/src/ui.c +++ b/client/src/ui.c @@ -62,9 +62,9 @@ pthread_mutex_t g_print_lock = PTHREAD_MUTEX_INITIALIZER; static void fPrintAndLog(FILE *stream, const char *fmt, ...); #ifdef _WIN32 - #define MKDIR_CHK _mkdir(path) +#define MKDIR_CHK _mkdir(path) #else - #define MKDIR_CHK mkdir(path, 0700) +#define MKDIR_CHK mkdir(path, 0700) #endif @@ -107,8 +107,7 @@ int searchHomeFilePath(char **foundpath, const char *subdir, const char *filenam if ((result != 0) && create_home) { - if (MKDIR_CHK) - { + if (MKDIR_CHK) { fprintf(stderr, "Could not create user directory %s\n", path); free(path); return PM3_EFILE; @@ -140,8 +139,7 @@ int searchHomeFilePath(char **foundpath, const char *subdir, const char *filenam if ((result != 0) && create_home) { - if (MKDIR_CHK) - { + if (MKDIR_CHK) { fprintf(stderr, "Could not create user directory %s\n", path); free(path); return PM3_EFILE; @@ -155,7 +153,7 @@ int searchHomeFilePath(char **foundpath, const char *subdir, const char *filenam } pathlen += strlen(filename); - char *tmp = realloc(path, pathlen *sizeof(char)); + char *tmp = realloc(path, pathlen * sizeof(char)); if (tmp == NULL) { //free(path); return PM3_EMALLOC; diff --git a/doc/commands.json b/doc/commands.json index 7546493bb..47f77d21a 100644 --- a/doc/commands.json +++ b/doc/commands.json @@ -761,7 +761,7 @@ "options": [ "-h, --help This help", "-k, -K, --keep Keep field ON for next command", - "-a, -A, --apdu Show APDU requests and responses", + "-a, -A, --apdu Show APDU reqests and responses", "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)" ], "usage": "emv challenge [-hkaw]" @@ -777,7 +777,7 @@ "options": [ "-h, --help This help", "-s, -S, --select Activate field and select card", - "-a, -A, --apdu Show APDU requests and responses", + "-a, -A, --apdu Show APDU reqests and responses", "-t, -T, --tlv TLV decode results", "-j, -J, --jload Load transaction parameters from `emv_defparams.json` file", "-f, -F, --forceaid Force search AID. Search AID instead of execute PPSE", @@ -807,7 +807,7 @@ "-d, -D, --decision Terminal decision. aac - declined, tc - approved, arqc - online authorisation requested", "-p, -P, --params Load parameters from `emv_defparams.json` file for CDOLdata making from CDOL and parameters", "-m, -M, --make Make CDOLdata from CDOL (tag 8C and 8D) and parameters (def: use default parameters)", - "-a, -A, --apdu Show APDU requests and responses", + "-a, -A, --apdu Show APDU reqests and responses", "-t, -T, --tlv TLV decode results of selected applets", "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)", " CDOLdata/CDOL" @@ -828,7 +828,7 @@ "-k, -K, --keep Keep field ON for next command", "-p, -P, --params Load parameters from `emv_defparams.json` file for PDOLdata making from PDOL and parameters", "-m, -M, --make Make PDOLdata from PDOL (tag 9F38) and parameters (def: uses default parameters)", - "-a, -A, --apdu Show APDU requests and responses", + "-a, -A, --apdu Show APDU reqests and responses", "-t, -T, --tlv TLV decode results of selected applets", "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)", " PDOLdata/PDOL" @@ -857,7 +857,7 @@ "-k, -K, --keep Keep field ON for next command", "-p, -P, --params Load parameters from `emv_defparams.json` file for DDOLdata making from DDOL and parameters", "-m, -M, --make Make DDOLdata from DDOL (tag 9F49) and parameters (def: use default parameters)", - "-a, -A, --apdu Show APDU requests and responses", + "-a, -A, --apdu Show APDU reqests and responses", "-t, -T, --tlv TLV decode results of selected applets", "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)", " DDOLdata/DDOL" @@ -868,22 +868,22 @@ "command": "emv list", "description": "Alias of `trace list -t 7816` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "emv list --frame -> show frame delay times", + "emv list -f -> show frame delay times", "emv list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "emv list [-h1crux] [--frame] [-f ]" + "usage": "emv list [-h1fcrux] [--dict ]" }, "emv pse": { "command": "emv pse", @@ -899,7 +899,7 @@ "-k, -K, --keep Keep field ON for next command", "-1, --pse PSE (1PAY.SYS.DDF01) mode", "-2, --ppse PPSE (2PAY.SYS.DDF01) mode (def)", - "-a, -A, --apdu Show APDU requests and responses", + "-a, -A, --apdu Show APDU reqests and responses", "-t, -T, --tlv TLV decode results of selected applets", "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)" ], @@ -916,7 +916,7 @@ "options": [ "-h, --help This help", "-k, -K, --keep Keep field ON for next command", - "-a, -A, --apdu Show APDU requests and responses", + "-a, -A, --apdu Show APDU reqests and responses", "-t, -T, --tlv TLV decode results of selected applets", "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)", " help` for details of a command prefs { Edit client/device preferences... } -------- ----------------------- Technology ----------------------- analyse { Analyse utils... } data { Plot window / data buffer manipulation... } emv { EMV ISO-14443 / ISO-7816... } hf { High frequency commands... } hw { Hardware commands... } lf { Low frequency commands... } nfc { NFC commands... } piv { PIV commands... } reveng { CRC calculations from RevEng software... } smart { Smart card ISO-7816 commands... } script { Scripting commands... } trace { Trace manipulation... } wiegand { Wiegand format manipulation... } -------- ----------------------- General ----------------------- clear Clear screen hints Turn hints on / off msleep Add a pause in milliseconds rem Add a text line in log file quit exit Exit program", + "description": "help Use ` help` for details of a command prefs { Edit client/device preferences... } -------- ----------------------- Technology ----------------------- analyse { Analyse utils... } data { Plot window / data buffer manipulation... } emv { EMV ISO-14443 / ISO-7816... } hf { High frequency commands... } hw { Hardware commands... } lf { Low frequency commands... } nfc { NFC commands... } reveng { CRC calculations from RevEng software... } smart { Smart card ISO-7816 commands... } script { Scripting commands... } trace { Trace manipulation... } wiegand { Wiegand format manipulation... } -------- ----------------------- General ----------------------- clear Clear screen hints Turn hints on / off msleep Add a pause in milliseconds rem Add a text line in log file quit exit Exit program", "notes": [], "offline": true, "options": [], @@ -1145,22 +1145,22 @@ "command": "hf 14a list", "description": "Alias of `trace list -t 14a` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf 14a list --frame -> show frame delay times", + "hf 14a list -f -> show frame delay times", "hf 14a list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "hf 14a list [-h1crux] [--frame] [-f ]" + "usage": "hf 14a list [-h1fcrux] [--dict ]" }, "hf 14a ndefformat": { "command": "hf 14a ndefformat", @@ -1259,7 +1259,7 @@ }, "hf 14a sim": { "command": "hf 14a sim", - "description": "Simulate ISO/IEC 14443 type A tag with 4,7 or 10 byte UID Use type 7 for Mifare Ultralight EV1, Amiibo (NTAG215 pack 0x8080)", + "description": "Simulate ISO/IEC 14443 type A tag with 4,7 or 10 byte UID", "notes": [ "hf 14a sim -t 1 --uid 11223344 -> MIFARE Classic 1k", "hf 14a sim -t 2 -> MIFARE Ultralight", @@ -1267,7 +1267,7 @@ "hf 14a sim -t 4 -> ISO/IEC 14443-4", "hf 14a sim -t 5 -> MIFARE Tnp3xxx", "hf 14a sim -t 6 -> MIFARE Mini", - "hf 14a sim -t 7 -> MFU EV1 / NTAG 215 Amiibo", + "hf 14a sim -t 7 -> Amiibo (NTAG 215), pack 0x8080", "hf 14a sim -t 8 -> MIFARE Classic 4k", "hf 14a sim -t 9 -> FM11RF005SH Shanghai Metro", "hf 14a sim -t 10 -> ST25TA IKEA Rothult" @@ -1363,22 +1363,22 @@ "command": "hf 14b list", "description": "Alias of `trace list -t 14b` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf 14b list --frame -> show frame delay times", + "hf 14b list -f -> show frame delay times", "hf 14b list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "hf 14b list [-h1crux] [--frame] [-f ]" + "usage": "hf 14b list [-h1fcrux] [--dict ]" }, "hf 14b ndefread": { "command": "hf 14b ndefread", @@ -1637,22 +1637,22 @@ "command": "hf 15 list", "description": "Alias of `trace list -t 15` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf 15 list --frame -> show frame delay times", + "hf 15 list -f -> show frame delay times", "hf 15 list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "hf 15 list [-h1crux] [--frame] [-f ]" + "usage": "hf 15 list [-h1fcrux] [--dict ]" }, "hf 15 raw": { "command": "hf 15 raw", @@ -2232,22 +2232,22 @@ "command": "hf emrtd list", "description": "Alias of `trace list -t 7816` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf emrtd list --frame -> show frame delay times", + "hf emrtd list -f -> show frame delay times", "hf emrtd list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "hf emrtd list [-h1crux] [--frame] [-f ]" + "usage": "hf emrtd list [-h1fcrux] [--dict ]" }, "hf epa cnonces": { "command": "hf epa cnonces", @@ -2367,22 +2367,22 @@ "command": "hf felica list", "description": "Alias of `trace list -t felica` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf felica list --frame -> show frame delay times", + "hf felica list -f -> show frame delay times", "hf felica list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "hf felica list [-h1crux] [--frame] [-f ]" + "usage": "hf felica list [-h1fcrux] [--dict ]" }, "hf felica litedump": { "command": "hf felica litedump", @@ -2575,7 +2575,7 @@ "offline": false, "options": [ "-h, --help This help", - "-a, --apdu Show APDU requests and responses", + "-a, --apdu Show APDU reqests and responses", "-v, --verbose Verbose mode. vv - show full certificates data", "-c, --cbor Show CBOR decoded data", "-l, --list Add CredentialId from json to allowList", @@ -2596,7 +2596,7 @@ "offline": false, "options": [ "-h, --help This help", - "-a, --apdu Show APDU requests and responses", + "-a, --apdu Show APDU reqests and responses", "-v, --verbose Verbose mode", "default mode: dont-enforce-user-presence-and-sign", "-u, --user mode: enforce-user-presence-and-sign", @@ -2635,22 +2635,22 @@ "command": "hf fido list", "description": "Alias of `trace list -t 14a` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf fido list --frame -> show frame delay times", + "hf fido list -f -> show frame delay times", "hf fido list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "hf fido list [-h1crux] [--frame] [-f ]" + "usage": "hf fido list [-h1fcrux] [--dict ]" }, "hf fido make": { "command": "hf fido make", @@ -2662,7 +2662,7 @@ "offline": false, "options": [ "-h, --help This help", - "-a, --apdu Show APDU requests and responses", + "-a, --apdu Show APDU reqests and responses", "-v, --verbose Verbose mode. vv - show full certificates data", "-t, --tlv Show DER certificate contents in TLV representation", "-c, --cbor Show CBOR decoded data", @@ -2916,10 +2916,9 @@ "-f, --file Dictionary file with default iclass keys", "--credit key is assumed to be the credit key", "--elite elite computations applied to key", - "--raw no computations applied to key (raw)", - "--shallow use shallow (ASK) reader modulation instead of OOK" + "--raw no computations applied to key (raw)" ], - "usage": "hf iclass chk [-h] -f [--credit] [--elite] [--raw] [--shallow]" + "usage": "hf iclass chk [-h] -f [--credit] [--elite] [--raw]" }, "hf iclass configcard": { "command": "hf iclass configcard", @@ -2970,11 +2969,9 @@ "--elite elite computations applied to key", "--raw raw, the key is interpreted as raw block 3/4", "--nr replay of NR/MAC", - "-z, --dense dense dump output style", - "--force force unsecure card read", - "--shallow use shallow (ASK) reader modulation instead of OOK" + "-z, --dense dense dump output style" ], - "usage": "hf iclass dump [-hz] [-f ] [-k ] [--ki ] [--credit ] [--ci ] [--elite] [--raw] [--nr] [--force] [--shallow]" + "usage": "hf iclass dump [-hz] [-f ] [-k ] [--ki ] [--credit ] [--ci ] [--elite] [--raw] [--nr]" }, "hf iclass eload": { "command": "hf iclass eload", @@ -2993,7 +2990,7 @@ }, "hf iclass encode": { "command": "hf iclass encode", - "description": "Encode binary wiegand to block 7,8,9 Use either --bin or --wiegand/--fc/--cn", + "description": "Encode binary wiegand to block 7 Use either --bin or --wiegand/--fc/--cn", "notes": [ "hf iclass encode --bin 10001111100000001010100011 --ki 0 -> FC 31 CN 337", "hf iclass encode --fc 31 --cn 337 --ki 0 -> FC 31 CN 337", @@ -3010,10 +3007,9 @@ "--enckey 3DES transport key, 16 hex bytes", "--fc facility code", "--cn card number", - "-w, --wiegand see `wiegand list` for available formats", - "--shallow use shallow (ASK) reader modulation instead of OOK" + "-w, --wiegand see `wiegand list` for available formats" ], - "usage": "hf iclass encode [-h] [--bin ] --ki [--credit] [--elite] [--raw] [--enckey ] [--fc ] [--cn ] [-w ] [--shallow]" + "usage": "hf iclass encode [-h] [--bin ] --ki [--credit] [--elite] [--raw] [--enckey ] [--fc ] [--cn ] [-w ]" }, "hf iclass encrypt": { "command": "hf iclass encrypt", @@ -3080,31 +3076,30 @@ ], "offline": true, "options": [ - "-h, --help This help", - "--shallow use shallow (ASK) reader modulation instead of OOK" + "-h, --help This help" ], - "usage": "hf iclass info [-h] [--shallow]" + "usage": "hf iclass info [-h]" }, "hf iclass list": { "command": "hf iclass list", "description": "Alias of `trace list -t iclass` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf iclass list --frame -> show frame delay times", + "hf iclass list -f -> show frame delay times", "hf iclass list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "hf iclass list [-h1crux] [--frame] [-f ]" + "usage": "hf iclass list [-h1fcrux] [--dict ]" }, "hf iclass loclass": { "command": "hf iclass loclass", @@ -3195,10 +3190,9 @@ "--elite elite computations applied to key", "--raw no computations applied to key", "--nr replay of NR/MAC", - "-v, --verbose verbose output", - "--shallow use shallow (ASK) reader modulation instead of OOK" + "-v, --verbose verbose output" ], - "usage": "hf iclass rdbl [-hv] [-k ] [--ki ] -b [--credit] [--elite] [--raw] [--nr] [--shallow]" + "usage": "hf iclass rdbl [-hv] [-k ] [--ki ] -b [--credit] [--elite] [--raw] [--nr]" }, "hf iclass reader": { "command": "hf iclass reader", @@ -3209,10 +3203,9 @@ "offline": false, "options": [ "-h, --help This help", - "-@ optional - continuous reader mode", - "--shallow use shallow (ASK) reader modulation instead of OOK" + "-@ optional - continuous reader mode" ], - "usage": "hf iclass reader [-h@] [--shallow]" + "usage": "hf iclass reader [-h@]" }, "hf iclass restore": { "command": "hf iclass restore", @@ -3233,10 +3226,9 @@ "--credit key is assumed to be the credit key", "--elite elite computations applied to key", "--raw no computations applied to key", - "-v, --verbose verbose output", - "--shallow use shallow (ASK) reader modulation instead of OOK" + "-v, --verbose verbose output" ], - "usage": "hf iclass restore [-hv] -f [-k ] [--ki ] --first --last [--credit] [--elite] [--raw] [--shallow]" + "usage": "hf iclass restore [-hv] -f [-k ] [--ki ] --first --last [--credit] [--elite] [--raw]" }, "hf iclass sim": { "command": "hf iclass sim", @@ -3308,10 +3300,9 @@ "--elite elite computations applied to key", "--raw no computations applied to key", "--nr replay of NR/MAC", - "-v, --verbose verbose output", - "--shallow use shallow (ASK) reader modulation instead of OOK" + "-v, --verbose verbose output" ], - "usage": "hf iclass wrbl [-hv] [-k ] [--ki ] -b -d [-m ] [--credit] [--elite] [--raw] [--nr] [--shallow]" + "usage": "hf iclass wrbl [-hv] [-k ] [--ki ] -b -d [-m ] [--credit] [--elite] [--raw] [--nr]" }, "hf jooki clone": { "command": "hf jooki clone", @@ -3409,7 +3400,7 @@ "options": [ "-h, --help This help", "-k, --keep keep field ON for next command", - "-a, --apdu Show APDU requests and responses" + "-a, --apdu show APDU reqests and responses" ], "usage": "hf ksx6924 balance [-hka]" }, @@ -3431,23 +3422,23 @@ "options": [ "-h, --help This help", "-k, --keep keep field ON for next command", - "-a, --apdu Show APDU requests and responses" + "-a, --apdu show APDU reqests and responses" ], "usage": "hf ksx6924 info [-hka]" }, - "hf ksx6924 init": { - "command": "hf ksx6924 init", - "description": "Perform transaction initialization with Mpda (Money of Purchase Transaction)", + "hf ksx6924 initialize": { + "command": "hf ksx6924 initialize", + "description": "Perform transaction initialization (mpda)", "notes": [ - "hf ksx6924 init 000003e8 -> Mpda" + "hf ksx6924 initialize 000003e8 -> mpda" ], "offline": false, "options": [ "-h, --help This help", "-k, --keep keep field ON for next command", - "-a, --apdu Show APDU requests and responses" + "-a, --apdu show APDU reqests and responses" ], - "usage": "hf ksx6924 init [-hka] " + "usage": "hf ksx6924 initialize [-hka] " }, "hf ksx6924 prec": { "command": "hf ksx6924 prec", @@ -3459,7 +3450,7 @@ "options": [ "-h, --help This help", "-k, --keep keep field ON for next command", - "-a, --apdu Show APDU requests and responses" + "-a, --apdu show APDU reqests and responses" ], "usage": "hf ksx6924 prec [-hka] " }, @@ -3472,7 +3463,7 @@ "offline": false, "options": [ "-h, --help This help", - "-a, --apdu Show APDU requests and responses" + "-a, --apdu show APDU reqests and responses" ], "usage": "hf ksx6924 select [-ha]" }, @@ -3582,22 +3573,22 @@ "command": "hf legic list", "description": "Alias of `trace list -t legic` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf legic list --frame -> show frame delay times", + "hf legic list -f -> show frame delay times", "hf legic list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "hf legic list [-h1crux] [--frame] [-f ]" + "usage": "hf legic list [-h1fcrux] [--dict ]" }, "hf legic rdbl": { "command": "hf legic rdbl", @@ -3704,22 +3695,22 @@ "command": "hf list", "description": "Alias of `trace list -t raw` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf list --frame -> show frame delay times", + "hf list -f -> show frame delay times", "hf list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "hf list [-h1crux] [--frame] [-f ]" + "usage": "hf list [-h1fcrux] [--dict ]" }, "hf lto dump": { "command": "hf lto dump", @@ -3758,22 +3749,22 @@ "command": "hf lto list", "description": "Alias of `trace list -t lto` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf lto list --frame -> show frame delay times", + "hf lto list -f -> show frame delay times", "hf lto list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "hf lto list [-h1crux] [--frame] [-f ]" + "usage": "hf lto list [-h1fcrux] [--dict ]" }, "hf lto rdbl": { "command": "hf lto rdbl", @@ -3978,7 +3969,7 @@ "--1k MIFARE Classic 1k / S50 (def)", "--2k MIFARE Classic/Plus 2k", "--4k MIFARE Classic 4k / S70", - "--emu to emulator memory" + "--emu from emulator memory" ], "usage": "hf mf csave [-h] [-f ] [--mini] [--1k] [--2k] [--4k] [--emu]" }, @@ -4312,85 +4303,6 @@ ], "usage": "hf mf gen3uid [-h] [-u ]" }, - "hf mf ggetblk": { - "command": "hf mf ggetblk", - "description": "Get block data from magic gen4 GTU card.", - "notes": [ - "hf mf ggetblk --blk 0 -> get block 0 (manufacturer)", - "hf mf ggetblk --blk 3 -v -> get block 3, decode sector trailer" - ], - "offline": false, - "options": [ - "-h, --help This help", - "-b, --blk block number", - "-v, --verbose verbose output", - "-p, --pwd password 4bytes" - ], - "usage": "hf mf ggetblk [-hv] -b [-p ]" - }, - "hf mf gload": { - "command": "hf mf gload", - "description": "Load magic gen4 gtu card with data from (bin/eml/json) dump file or from emulator memory.", - "notes": [ - "hf mf gload --emu", - "hf mf gload -f hf-mf-01020304.eml", - "hf mf gload -p AABBCCDD --4k -v -f hf-mf-01020304-dump.bin", - "", - "Card must be configured beforehand with `script run hf_mf_ultimatecard`.", - "Blocks are 16 bytes long." - ], - "offline": false, - "options": [ - "-h, --help This help", - "--mini MIFARE Classic Mini / S20", - "--1k MIFARE Classic 1k / S50 (def)", - "--2k MIFARE Classic/Plus 2k", - "--4k MIFARE Classic 4k / S70", - "-p, --pwd password 4bytes", - "-v, --verbose verbose output", - "-f, --file filename of dump", - "--emu from emulator memory", - "--start index of block to start writing (default 0)", - "--end index of block to end writing (default last block)" - ], - "usage": "hf mf gload [-hv] [--mini] [--1k] [--2k] [--4k] [-p ] [-f ] [--emu] [--start ] [--end ]" - }, - "hf mf gsave": { - "command": "hf mf gsave", - "description": "Save `magic gen4 gtu` card memory into three files (BIN/EML/JSON)or into emulator memory", - "notes": [ - "hf mf gsave", - "hf mf gsave --4k", - "hf mf gsave -p DEADBEEF -f hf-mf-01020304.json" - ], - "offline": false, - "options": [ - "-h, --help This help", - "--mini MIFARE Classic Mini / S20", - "--1k MIFARE Classic 1k / S50 (def)", - "--2k MIFARE Classic/Plus 2k", - "--4k MIFARE Classic 4k / S70", - "-p, --pwd password 4bytes", - "-f, --file filename of dump", - "--emu to emulator memory" - ], - "usage": "hf mf gsave [-h] [--mini] [--1k] [--2k] [--4k] [-p ] [-f ] [--emu]" - }, - "hf mf gsetblk": { - "command": "hf mf gsetblk", - "description": "Set block data on a magic gen4 GTU card", - "notes": [ - "hf mf gsetblk --blk 1 -d 000102030405060708090a0b0c0d0e0f" - ], - "offline": false, - "options": [ - "-h, --help This help", - "-b, --blk block number", - "-d, --data bytes to write, 16 hex bytes", - "-p, --pwd password 4bytes" - ], - "usage": "hf mf gsetblk [-h] -b [-d ] [-p ]" - }, "hf mf gview": { "command": "hf mf gview", "description": "View `magic gen4 gtu` card memory", @@ -4412,9 +4324,8 @@ }, "hf mf hardnested": { "command": "hf mf hardnested", - "description": "Nested attack for hardened MIFARE Classic cards. if card is EV1, command can detect and use known key see example below `--i` set type of SIMD instructions. Without this flag programs autodetect it. or hf mf hardnested -r --tk [known target key] Add the known target key to check if it is present in the remaining key space hf mf hardnested --blk 0 -a -k A0A1A2A3A4A5 --tblk 4 --ta --tk FFFFFFFFFFFF", + "description": "Nested attack for hardened MIFARE Classic cards. `--i` set type of SIMD instructions. Without this flag programs autodetect it. or hf mf hardnested -r --tk [known target key] Add the known target key to check if it is present in the remaining key space hf mf hardnested --blk 0 -a -k A0A1A2A3A4A5 --tblk 4 --ta --tk FFFFFFFFFFFF", "notes": [ - "hf mf hardnested --tblk 4 --ta -> works for MFC EV1", "hf mf hardnested --blk 0 -a -k FFFFFFFFFFFF --tblk 4 --ta", "hf mf hardnested --blk 0 -a -k FFFFFFFFFFFF --tblk 4 --ta -w", "hf mf hardnested --blk 0 -a -k FFFFFFFFFFFF --tblk 4 --ta -f nonces.bin -w -s", @@ -4461,22 +4372,22 @@ "command": "hf mf list", "description": "Alias of `trace list -t mf` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf mf list --frame -> show frame delay times", + "hf mf list -f -> show frame delay times", "hf mf list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "hf mf list [-h1crux] [--frame] [-f ]" + "usage": "hf mf list [-h1fcrux] [--dict ]" }, "hf mf mad": { "command": "hf mf mad", @@ -5640,22 +5551,22 @@ "command": "hf mfdes list", "description": "Alias of `trace list -t des` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf mfdes list --frame -> show frame delay times", + "hf mfdes list -f -> show frame delay times", "hf mfdes list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "hf mfdes list [-h1crux] [--frame] [-f ]" + "usage": "hf mfdes list [-h1fcrux] [--dict ]" }, "hf mfdes lsapp": { "command": "hf mfdes lsapp", @@ -6202,35 +6113,17 @@ ], "usage": "hf mfu eload [-h] -f [-q ]" }, - "hf mfu esave": { - "command": "hf mfu esave", - "description": "Saves emulator memory to a MIFARE Ultralight/NTAG dump file (bin/eml/json) By default number of pages saved depends on defined tag type. You can override this with option --end.", - "notes": [ - "hf mfu esave", - "hf mfu esave --end 255 -> saves whole memory", - "hf mfu esave -f hf-mfu-04010203040506-dump.json" - ], - "offline": false, - "options": [ - "-h, --help This help", - "-e, --end index of last block", - "-f, --file filename of dump" - ], - "usage": "hf mfu esave [-h] [-e ] [-f ]" - }, "hf mfu eview": { "command": "hf mfu eview", - "description": "Displays emulator memory By default number of pages shown depends on defined tag type. You can override this with option --end.", + "description": "It displays emulator memory", "notes": [ - "hf mfu eview", - "hf mfu eview --end 255 -> dumps whole memory" + "hf mfu eview" ], "offline": false, "options": [ - "-h, --help This help", - "-e, --end index of last block" + "-h, --help This help" ], - "usage": "hf mfu eview [-h] [-e ]" + "usage": "hf mfu eview [-h]" }, "hf mfu help": { "command": "hf mfu help", @@ -6398,8 +6291,8 @@ "description": "Simulate MIFARE Ultralight family type based upon ISO/IEC 14443 type A tag with 4,7 or 10 byte UID from emulator memory. See `hf mfu eload` first. The UID from emulator memory will be used if not specified. See `hf 14a sim -h` to see available types. You want 2 or 7 usually.", "notes": [ "hf mfu sim -t 2 --uid 11223344556677 -> MIFARE Ultralight", - "hf mfu sim -t 7 --uid 11223344556677 -n 5 -> MFU EV1 / NTAG 215 Amiibo", - "hf mfu sim -t 7 -> MFU EV1 / NTAG 215 Amiibo" + "hf mfu sim -t 7 --uid 11223344556677 -n 5 -> Amiibo (NTAG 215), pack 0x8080", + "hf mfu sim -t 7 -> Amiibo (NTAG 215), pack 0x8080" ], "offline": false, "options": [ @@ -6540,22 +6433,22 @@ "command": "hf seos list", "description": "Alias of `trace list -t 7816` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf seos list --frame -> show frame delay times", + "hf seos list -f -> show frame delay times", "hf seos list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "hf seos list [-h1crux] [--frame] [-f ]" + "usage": "hf seos list [-h1fcrux] [--dict ]" }, "hf sniff": { "command": "hf sniff", @@ -6598,22 +6491,22 @@ "command": "hf st25ta list", "description": "Alias of `trace list -t 7816` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf st25ta list --frame -> show frame delay times", + "hf st25ta list -f -> show frame delay times", "hf st25ta list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "hf st25ta list [-h1crux] [--frame] [-f ]" + "usage": "hf st25ta list [-h1fcrux] [--dict ]" }, "hf st25ta ndefread": { "command": "hf st25ta ndefread", @@ -6748,22 +6641,22 @@ "command": "hf thinfilm list", "description": "Alias of `trace list -t thinfilm` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf thinfilm list --frame -> show frame delay times", + "hf thinfilm list -f -> show frame delay times", "hf thinfilm list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "hf thinfilm list [-h1crux] [--frame] [-f ]" + "usage": "hf thinfilm list [-h1fcrux] [--dict ]" }, "hf thinfilm sim": { "command": "hf thinfilm sim", @@ -6819,22 +6712,22 @@ "command": "hf topaz list", "description": "Alias of `trace list -t topaz` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf topaz list --frame -> show frame delay times", + "hf topaz list -f -> show frame delay times", "hf topaz list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "hf topaz list [-h1crux] [--frame] [-f ]" + "usage": "hf topaz list [-h1fcrux] [--dict ]" }, "hf topaz raw": { "command": "hf topaz raw", @@ -8562,22 +8455,22 @@ "command": "lf hitag list", "description": "Alias of `trace list -t hitag2` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "lf hitag list --frame -> show frame delay times", + "lf hitag list -f -> show frame delay times", "lf hitag list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "lf hitag list [-h1crux] [--frame] [-f ]" + "usage": "lf hitag list [-h1fcrux] [--dict ]" }, "lf hitag reader": { "command": "lf hitag reader", @@ -8734,28 +8627,6 @@ ], "usage": "lf indala altdemod [-hl]" }, - "lf indala brute": { - "command": "lf indala brute", - "description": "Enables bruteforce of INDALA readers with specified facility code. This is a attack against reader. if cardnumber is given, it starts with it and goes up / down one step if cardnumber is not given, it starts with 1 and goes up to 65535", - "notes": [ - "lf indala brute --fc 224", - "lf indala brute --fc 21 -d 2000", - "lf indala brute -v --fc 21 --cn 200 -d 2000", - "lf indala brute -v --fc 21 --cn 200 -d 2000 --up" - ], - "offline": false, - "options": [ - "-h, --help This help", - "-v, --verbose verbose output", - "--fc facility code", - "--cn card number to start with", - "-d, --delay delay betweens attempts in ms. Default 1000ms", - "--up direction to increment card number. (default is both directions)", - "--down direction to decrement card number. (default is both directions)", - "--4041x specify Indala 4041X format" - ], - "usage": "lf indala brute [-hv] [--fc ] [--cn ] [-d ] [--up] [--down] [--4041x]" - }, "lf indala clone": { "command": "lf indala clone", "description": "clone Indala UID to T55x7 or Q5/T5555 tag using different known formats", @@ -8811,8 +8682,6 @@ "description": "Enables simulation of Indala card with specified facility code and card number. Simulation runs until the button is pressed or another USB command is issued.", "notes": [ "lf indala sim --heden 888", - "lf indala sim --fc 123 --cn 1337", - "lf indala sim --fc 123 --cn 1337 --4041x", "lf indala sim --raw a0000000a0002021", "lf indala sim --raw 80000001b23523a6c2e31eba3cbee4afb3c6ad1fcf649393928c14e5" ], @@ -8820,12 +8689,9 @@ "options": [ "-h, --help This help", "-r, --raw raw bytes", - "--heden Cardnumber for Heden 2L format", - "--fc Facility code (26 bit H10301 format)", - "--cn Card number (26 bit H10301 format)", - "--4041x Optional - specify Indala 4041X format, must use with fc and cn" + "--heden Cardnumber for Heden 2L format" ], - "usage": "lf indala sim [-h] [-r ] [--heden ] [--fc ] [--cn ] [--4041x]" + "usage": "lf indala sim [-h] [-r ] [--heden ]" }, "lf io clone": { "command": "lf io clone", @@ -10952,93 +10818,6 @@ ], "usage": "hf 14b ndefread [-hv] [-f ]" }, - "piv getdata": { - "command": "piv getdata", - "description": "Get a data container of a given tag", - "notes": [ - "piv getdata -s 5fc102 -> select card, select applet, get card holder unique identifer", - "piv getdata -st 5fc102 -> select card, select applet, get card holder unique identifer, show result in TLV" - ], - "offline": false, - "options": [ - "-h, --help This help", - "-s, -S, --select Activate field and select applet", - "-k, -K, --keep Keep field for next command", - "-a, -A, --apdu Show APDU requests and responses", - "-t, -T, --tlv TLV decode results", - "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)", - "--aid Applet ID to select. By default A0000003080000100 will be used", - " Tag ID to read, between 1 and 3 bytes." - ], - "usage": "piv getdata [-hskatw] [--aid ] " - }, - "piv help": { - "command": "piv help", - "description": "help This help list List ISO7816 history", - "notes": [], - "offline": true, - "options": [], - "usage": "" - }, - "piv list": { - "command": "piv list", - "description": "Alias of `trace list -t 7816` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", - "notes": [ - "piv list --frame -> show frame delay times", - "piv list -1 -> use trace buffer" - ], - "offline": true, - "options": [ - "-h, --help This help", - "-1, --buffer use data from trace buffer", - "--frame show frame delay times", - "-c mark CRC bytes", - "-r show relative times (gap and duration)", - "-u display times in microseconds instead of clock cycles", - "-x show hexdump to convert to pcap(ng)", - "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" - ], - "usage": "piv list [-h1crux] [--frame] [-f ]" - }, - "piv scan": { - "command": "piv scan", - "description": "Scan a PIV card for known containers", - "notes": [ - "piv scan -s -> select card, select applet and run scan", - "piv scan -st --aid a00000030800001000 -> select card, select applet a00000030800001000, show result of the scan in TLV" - ], - "offline": false, - "options": [ - "-h, --help This help", - "-s, -S, --select Activate field and select applet", - "-k, -K, --keep Keep field for next command", - "-a, -A, --apdu Show APDU requests and responses", - "-t, -T, --tlv TLV decode results", - "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)", - "--aid Applet ID to select. By default A0000003080000100 will be used" - ], - "usage": "piv scan [-hskatw] [--aid ]" - }, - "piv select": { - "command": "piv select", - "description": "Executes select applet command", - "notes": [ - "piv select -s -> select card, select applet", - "piv select -st --aid a00000030800001000 -> select card, select applet a00000030800001000, show result in TLV" - ], - "offline": false, - "options": [ - "-h, --help This help", - "-s, -S, --select Activate field and select applet", - "-k, -K, --keep Keep field for next command", - "-a, -A, --apdu Show APDU requests and responses", - "-t, -T, --tlv TLV decode results", - "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)", - "--aid Applet ID to select. By default A0000003080000100 will be used" - ], - "usage": "piv select [-hskatw] [--aid ]" - }, "prefs get barmode": { "command": "prefs get barmode", "description": "Get preference of HF/LF tune command styled output in the client", @@ -11394,22 +11173,22 @@ "command": "smart list", "description": "Alias of `trace list -t 7816` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "smart list --frame -> show frame delay times", + "smart list -f -> show frame delay times", "smart list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "smart list [-h1crux] [--frame] [-f ]" + "usage": "smart list [-h1fcrux] [--dict ]" }, "smart raw": { "command": "smart raw", @@ -11516,24 +11295,24 @@ "trace list -t thinfilm -> interpret as Thinfilm", "trace list -t topaz -> interpret as Topaz", "", - "trace list -t mf -f mfc_default_keys.dic -> use default dictionary file", - "trace list -t 14a --frame -> show frame delay times", + "trace list -t mf --dict -> use dictionary keys file", + "trace list -t 14a -f -> show frame delay times", "trace list -t 14a -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "--frame show frame delay times", + "-f show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", "-t, --type protocol to annotate the trace", - "-f, --file filename of dictionary" + "--dict use dictionary keys file" ], - "usage": "trace list [-h1crux] [--frame] [-t ] [-f ]" + "usage": "trace list [-h1fcrux] [-t ] [--dict ]" }, "trace load": { "command": "trace load", @@ -11731,8 +11510,8 @@ } }, "metadata": { - "commands_extracted": 738, + "commands_extracted": 727, "extracted_by": "PM3Help2JSON v1.00", - "extracted_on": "2023-01-06T21:37:50" + "extracted_on": "2023-01-14T21:16:27" } } \ No newline at end of file diff --git a/doc/commands.md b/doc/commands.md index bb4c68869..2133d960b 100644 --- a/doc/commands.md +++ b/doc/commands.md @@ -367,11 +367,11 @@ Check column "offline" for their availability. |command |offline |description |------- |------- |----------- |`hf ksx6924 help `|Y |`This help` -|`hf ksx6924 select `|N |`Select application, and leave field up` -|`hf ksx6924 info `|N |`Get info about a KS X 6924 (T-Money, Snapper+) transit card` |`hf ksx6924 balance `|N |`Get current purse balance` -|`hf ksx6924 init `|N |`Perform transaction initialization with Mpda` +|`hf ksx6924 info `|N |`Get info about a KS X 6924 (T-Money, Snapper+) transit card` +|`hf ksx6924 initialize `|N |`Perform transaction initialization (Mpda)` |`hf ksx6924 prec `|N |`Send proprietary get record command (CLA=90, INS=4C)` +|`hf ksx6924 select `|N |`Select application, and leave field up` ### hf jooki @@ -510,10 +510,6 @@ Check column "offline" for their availability. |`hf mf gen3uid `|N |`Set UID without changing manufacturer block` |`hf mf gen3blk `|N |`Overwrite manufacturer block` |`hf mf gen3freeze `|N |`Perma lock UID changes. irreversible` -|`hf mf ggetblk `|N |`Read block from card` -|`hf mf gload `|N |`Load dump to card` -|`hf mf gsave `|N |`Save dump from card into file or emulator` -|`hf mf gsetblk `|N |`Write block to card` |`hf mf gview `|N |`View card` |`hf mf ndefformat `|N |`Format MIFARE Classic Tag as NFC Tag` |`hf mf ndefread `|N |`Read and print NDEF records from card` @@ -558,8 +554,7 @@ Check column "offline" for their availability. |`hf mfu restore `|N |`Restore a dump onto a MFU MAGIC tag` |`hf mfu view `|Y |`Display content from tag dump file` |`hf mfu wrbl `|N |`Write block` -|`hf mfu eload `|N |`Load Ultralight dump file into emulator memory` -|`hf mfu esave `|N |`Save Ultralight dump file from emulator memory` +|`hf mfu eload `|N |`Load Ultralight .eml dump file into emulator memory` |`hf mfu eview `|N |`View emulator memory` |`hf mfu sim `|N |`Simulate MIFARE Ultralight from emulator memory` |`hf mfu setpwd `|N |`Set 3DES key - Ultralight-C` @@ -976,7 +971,6 @@ Check column "offline" for their availability. |command |offline |description |------- |------- |----------- |`lf indala help `|Y |`This help` -|`lf indala brute `|N |`Demodulate an Indala tag (PSK1) from the GraphBuffer` |`lf indala demod `|Y |`Demodulate an Indala tag (PSK1) from the GraphBuffer` |`lf indala altdemod `|Y |`Alternative method to demodulate samples for Indala 64 bit UID (option '224' for 224 bit)` |`lf indala reader `|N |`Read an Indala tag from the antenna` @@ -1334,19 +1328,6 @@ Check column "offline" for their availability. |`nfc barcode help `|Y |`This help` -### piv - - { PIV commands... } - -|command |offline |description -|------- |------- |----------- -|`piv help `|Y |`This help` -|`piv select `|N |`Select the PIV applet` -|`piv getdata `|N |`Gets a container on a PIV card` -|`piv scan `|N |`Scan PIV card for known containers` -|`piv list `|Y |`List ISO7816 history` - - ### reveng { CRC calculations from RevEng software... } diff --git a/include/protocol_vigik.h b/include/protocol_vigik.h index a61c4ce03..7512c1c2d 100644 --- a/include/protocol_vigik.h +++ b/include/protocol_vigik.h @@ -42,4 +42,4 @@ typedef struct vigik_pk_s { const char *n; } vigik_pk_t; -#endif \ No newline at end of file +#endif diff --git a/include/protocols.h b/include/protocols.h index 8a00f064c..016584098 100644 --- a/include/protocols.h +++ b/include/protocols.h @@ -506,7 +506,7 @@ ISO 7816-4 Basic interindustry commands. For command APDU's. #define ISO7816_LC_TLV_CONFLICT 0x6A85 // LC / TLV conlict #define ISO7816_INCORRECT_P1P2 0x6A86 // Incorrect parameters (P1,P2) #define ISO7816_FILE_EXISTS 0x6A89 // File exists -#define ISO7816_NOT_IMPLEMENTED 0x6AFF // +#define ISO7816_NOT_IMPLEMENTED 0x6AFF // // 6x 00 #define ISO7816_WRONG_P1P2 0x6B00 // Incorrect parameters (P1,P2) From c9984985fdebafcf2975437e18dfe8132f52f450 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sat, 14 Jan 2023 22:23:40 +0100 Subject: [PATCH 02/23] make miscchecks --- armsrc/Standalone/lf_em4100rsww.c | 2 +- armsrc/Standalone/lf_nedap_sim.c | 2 +- armsrc/iso14443b.c | 18 +- client/luascripts/hf_14a_i2crevive.lua | 2 +- client/luascripts/hf_mf_em_util.lua | 4 +- client/luascripts/hf_mf_uidbruteforce.lua | 4 +- client/luascripts/hf_mf_ultimatecard.lua | 488 +++++++++++----------- client/src/cmdhfepa.c | 4 +- client/src/cmdhfxerox.c | 166 ++++---- doc/commands.json | 2 +- include/protocols.h | 2 +- 11 files changed, 347 insertions(+), 347 deletions(-) diff --git a/armsrc/Standalone/lf_em4100rsww.c b/armsrc/Standalone/lf_em4100rsww.c index 727d188a3..dc202d49a 100644 --- a/armsrc/Standalone/lf_em4100rsww.c +++ b/armsrc/Standalone/lf_em4100rsww.c @@ -11,7 +11,7 @@ // then from shell: // hexdump lf.bin -e '5/1 "%02X" /0 "\n"' // -// To recall only LAST stored ID from flash use lf-last instead of lf file. +// To recall only LAST stored ID from flash use lf-last instead of lf file. // //----------------------------------------------------------------------------- // Modes of operation: diff --git a/armsrc/Standalone/lf_nedap_sim.c b/armsrc/Standalone/lf_nedap_sim.c index dcd093fee..726f13ca8 100644 --- a/armsrc/Standalone/lf_nedap_sim.c +++ b/armsrc/Standalone/lf_nedap_sim.c @@ -27,7 +27,7 @@ #include "BigBuf.h" #include "crc16.h" -#define MODULE_LONG_NAME "LF Nedap simple simulator" +#define MODULE_LONG_NAME "LF Nedap simple simulator" typedef struct _NEDAP_TAG { uint8_t subType; diff --git a/armsrc/iso14443b.c b/armsrc/iso14443b.c index 760736a5a..e4f1e4e93 100644 --- a/armsrc/iso14443b.c +++ b/armsrc/iso14443b.c @@ -1814,17 +1814,17 @@ int iso14443b_select_xrx_card(iso14b_card_select_t *card) { static const uint8_t x_wup2[] = { 0x5D, 0x37, 0x21, 0x71, 0x71 }; uint8_t slot_mark[1]; - uint8_t x_atqb[24] = {0x0}; // ATQB len = 18 + uint8_t x_atqb[24] = {0x0}; // ATQB len = 18 uint32_t start_time = 0; uint32_t eof_time = 0; - iso14b_set_timeout(24); // wait for carrier + iso14b_set_timeout(24); // wait for carrier // wup1 CodeAndTransmit14443bAsReader(x_wup1, sizeof(x_wup1), &start_time, &eof_time, true); - start_time = eof_time + US_TO_SSP(9000); // 9ms before next cmd + start_time = eof_time + US_TO_SSP(9000); // 9ms before next cmd // wup2 CodeAndTransmit14443bAsReader(x_wup2, sizeof(x_wup2), &start_time, &eof_time, true); @@ -1836,7 +1836,7 @@ int iso14443b_select_xrx_card(iso14b_card_select_t *card) { int slot; for (slot = 0; slot < 4; slot++) { - start_time = eof_time + ETU_TO_SSP(30); //(24); // next slot after 24 ETU + start_time = eof_time + ETU_TO_SSP(30); //(24); // next slot after 24 ETU retlen = Get14443bAnswerFromTag(x_atqb, sizeof(x_atqb), iso14b_timeout, &eof_time); @@ -1850,14 +1850,14 @@ int iso14443b_select_xrx_card(iso14b_card_select_t *card) { // tx unframed slot-marker - if (Demod.posCount) { // no rx, but subcarrier burst detected + if (Demod.posCount) { // no rx, but subcarrier burst detected uid |= (uint64_t)slot << uid_pos; - slot_mark[0] = 0xB1 + (slot << 1); // ack slot + slot_mark[0] = 0xB1 + (slot << 1); // ack slot CodeAndTransmit14443bAsReader(slot_mark, sizeof(slot_mark), &start_time, &eof_time, false); break; - } else { // no subcarrier burst - slot_mark[0] = 0xA1 + (slot << 1); // nak slot + } else { // no subcarrier burst + slot_mark[0] = 0xA1 + (slot << 1); // nak slot CodeAndTransmit14443bAsReader(slot_mark, sizeof(slot_mark), &start_time, &eof_time, false); } } @@ -1884,7 +1884,7 @@ int iso14443b_select_xrx_card(iso14b_card_select_t *card) { } // VALIDATE CRC - if (check_crc(CRC_14443_B, x_atqb, 18) == false) { // use fixed len because unstable EOF catch + if (check_crc(CRC_14443_B, x_atqb, 18) == false) { // use fixed len because unstable EOF catch return 3; } diff --git a/client/luascripts/hf_14a_i2crevive.lua b/client/luascripts/hf_14a_i2crevive.lua index 3610979b6..59659bb5c 100644 --- a/client/luascripts/hf_14a_i2crevive.lua +++ b/client/luascripts/hf_14a_i2crevive.lua @@ -62,7 +62,7 @@ function main(args) local i local cmds = {} - --check for params + --check for params for o, a in getopt.getopt(args, 'h') do if o == 'h' then return help() end end diff --git a/client/luascripts/hf_mf_em_util.lua b/client/luascripts/hf_mf_em_util.lua index 69537d7dd..e82bc9d1e 100644 --- a/client/luascripts/hf_mf_em_util.lua +++ b/client/luascripts/hf_mf_em_util.lua @@ -63,8 +63,8 @@ local function card_format(key_a,key_b,ab,user,s70) core.console(cmd) print(cmd) core.clearCommandBuffer() - if s70 == false and k > 15 then - return + if s70 == false and k > 15 then + return end end end diff --git a/client/luascripts/hf_mf_uidbruteforce.lua b/client/luascripts/hf_mf_uidbruteforce.lua index 62872e2a3..4835ba03b 100644 --- a/client/luascripts/hf_mf_uidbruteforce.lua +++ b/client/luascripts/hf_mf_uidbruteforce.lua @@ -109,8 +109,8 @@ local function main(args) command = 'hf 14a sim -t 1 -u ' .. uid_format msg('Bruteforcing Mifare Classic card numbers') elseif mftype == 'mfc4' then - command = 'hf 14a sim -t 8 -u ' .. uid_format - msg('Bruteforcing Mifare Classic 4K card numbers') + command = 'hf 14a sim -t 8 -u ' .. uid_format + msg('Bruteforcing Mifare Classic 4K card numbers') elseif mftype == 'mfu' then command = 'hf 14a sim -t 2 -u ' .. uid_format msg('Bruteforcing Mifare Ultralight card numbers') diff --git a/client/luascripts/hf_mf_ultimatecard.lua b/client/luascripts/hf_mf_ultimatecard.lua index aec47e9d0..42a5e1887 100644 --- a/client/luascripts/hf_mf_ultimatecard.lua +++ b/client/luascripts/hf_mf_ultimatecard.lua @@ -50,17 +50,17 @@ arguments = [[ -c read magic configuration -u UID (8-14 hexsymbols), set UID on tag -t tag type to impersonate - 1 = Mifare Mini S20 4-byte 12 = NTAG 210 - 2 = Mifare Mini S20 7-byte 13 = NTAG 212 - 3 = Mifare 1k S50 4-byte 14 = NTAG 213 - 4 = Mifare 1k S50 7-byte 15 = NTAG 215 - 5 = Mifare 4k S70 4-byte 16 = NTAG 216 - 6 = Mifare 4k S70 7-byte 17 = NTAG I2C 1K - *** 7 = UL - NOT WORKING FULLY 18 = NTAG I2C 2K - *** 8 = UL-C - NOT WORKING FULLY 19 = NTAG I2C 1K PLUS - 9 = UL EV1 48b 20 = NTAG I2C 2K PLUS - 10 = UL EV1 128b 21 = NTAG 213F - *** 11 = UL Plus - NOT WORKING YET 22 = NTAG 216F + 1 = Mifare Mini S20 4-byte 12 = NTAG 210 + 2 = Mifare Mini S20 7-byte 13 = NTAG 212 + 3 = Mifare 1k S50 4-byte 14 = NTAG 213 + 4 = Mifare 1k S50 7-byte 15 = NTAG 215 + 5 = Mifare 4k S70 4-byte 16 = NTAG 216 + 6 = Mifare 4k S70 7-byte 17 = NTAG I2C 1K + *** 7 = UL - NOT WORKING FULLY 18 = NTAG I2C 2K + *** 8 = UL-C - NOT WORKING FULLY 19 = NTAG I2C 1K PLUS + 9 = UL EV1 48b 20 = NTAG I2C 2K PLUS + 10 = UL EV1 128b 21 = NTAG 213F + *** 11 = UL Plus - NOT WORKING YET 22 = NTAG 216F -p NTAG password (8 hexsymbols), set NTAG password on tag. -a NTAG pack ( 4 hexsymbols), set NTAG pack on tag. @@ -178,7 +178,7 @@ local function read_config() if not info then return false, "Can't select card" end -- read Ultimate Magic Card CONFIG if magicconfig == nil then - magicconfig = send("CF".._key.."C6") + magicconfig = send("CF".._key.."C6") else print('No Config') end -- extract data from CONFIG - based on CONFIG in https://github.com/RfidResearchGroup/proxmark3/blob/master/doc/magic_cards_notes.md#gen-4-gtu @@ -196,92 +196,92 @@ local function read_config() else atsstr = (string.sub(ats, 3)) end if ulprotocol == '00' then - cardprotocol = 'MIFARE Classic Protocol' - ultype = 'Disabled' - if uidlength == '00' then - uid = send("CF".._key.."CE00"):sub(1,8) - if atqaf == '00 04' and sak == '09' then cardtype = 'MIFARE Mini S20 4-byte UID' - elseif atqaf == '00 04' and sak == '08' then cardtype = 'MIFARE 1k S50 4-byte UID' - elseif atqaf == '00 02' and sak == '18' then cardtype = 'MIFARE 4k S70 4-byte UID' - end - elseif uidlength == '01' then - uid = send("CF".._key.."CE00"):sub(1,14) - if atqaf == '00 44' and sak == '09' then cardtype = 'MIFARE Mini S20 7-byte UID' - elseif atqaf == '00 44' and sak == '08' then cardtype = 'MIFARE 1k S50 7-byte UID' - elseif atqaf == '00 42' and sak == '18' then cardtype = 'MIFARE 4k S70 7-byte UID' - end - end + cardprotocol = 'MIFARE Classic Protocol' + ultype = 'Disabled' + if uidlength == '00' then + uid = send("CF".._key.."CE00"):sub(1,8) + if atqaf == '00 04' and sak == '09' then cardtype = 'MIFARE Mini S20 4-byte UID' + elseif atqaf == '00 04' and sak == '08' then cardtype = 'MIFARE 1k S50 4-byte UID' + elseif atqaf == '00 02' and sak == '18' then cardtype = 'MIFARE 4k S70 4-byte UID' + end + elseif uidlength == '01' then + uid = send("CF".._key.."CE00"):sub(1,14) + if atqaf == '00 44' and sak == '09' then cardtype = 'MIFARE Mini S20 7-byte UID' + elseif atqaf == '00 44' and sak == '08' then cardtype = 'MIFARE 1k S50 7-byte UID' + elseif atqaf == '00 42' and sak == '18' then cardtype = 'MIFARE 4k S70 7-byte UID' + end + end elseif ulprotocol == '01' then - -- Read Ultralight config only if UL protocol is enabled - cardprotocol = 'MIFARE Ultralight/NTAG' - block0 = send("3000") - uid0 = block0:sub(1,6) - uid = uid0..block0:sub(9,16) - if ulmode == '00' then ultype = 'Ultralight EV1' - elseif ulmode == '01' then ultype = 'NTAG21x' - elseif ulmode == '02' then ultype = 'Ultralight-C' - elseif ulmode == '03' then ultype = 'Ultralight' - end - -- read VERSION - cversion = send('30FA'):sub(1,16) - -- pwdblock must be set since the 30F1 and 30F2 special commands don't work on the ntag21x part of the UMC - if ulmode == '03' then versionstr = 'Ultralight' - elseif ulmode == '02' then versionstr = 'Ultralight-C' - elseif cversion == '0004030101000B03' then versionstr = 'UL EV1 48b' - elseif cversion == '0004030101000E03' then versionstr = 'UL EV1 128b' - elseif cversion == '0004040101000B03' then versionstr = 'NTAG 210' - elseif cversion == '0004040101000E03' then versionstr = 'NTAG 212' - elseif cversion == '0004040201000F03' then versionstr = 'NTAG 213' - elseif cversion == '0004040201001103' then versionstr = 'NTAG 215' - elseif cversion == '0004040201001303' then versionstr = 'NTAG 216' - elseif cversion == '0004040502011303' then versionstr = 'NTAG I2C 1K' - elseif cversion == '0004040502011503' then versionstr = 'NTAG I2C 2K' - elseif cversion == '0004040502021303' then versionstr = 'NTAG I2C 1K PLUS' - elseif cversion == '0004040502021503' then versionstr = 'NTAG I2C 2K PLUS' - elseif cversion == '0004040401000F03' then versionstr = 'NTAG 213F' - elseif cversion == '0004040401001303' then versionstr = 'NTAG 216F' - end - -- read PWD - cpwd = send("30F0"):sub(1,8) - pwd = send("30E5"):sub(1,8) - -- 04 response indicates that blocks has been locked down. - if pwd == '04' then lib14a.disconnect(); return nil, "can't read configuration, "..err_lock end - -- read PACK - cpack = send("30F1"):sub(1,4) - pack = send("30E6"):sub(1,4) - -- read SIGNATURE - signature1 = send('30F2'):sub(1,32) - signature2 = send('30F6'):sub(1,32) - lib14a.disconnect() + -- Read Ultralight config only if UL protocol is enabled + cardprotocol = 'MIFARE Ultralight/NTAG' + block0 = send("3000") + uid0 = block0:sub(1,6) + uid = uid0..block0:sub(9,16) + if ulmode == '00' then ultype = 'Ultralight EV1' + elseif ulmode == '01' then ultype = 'NTAG21x' + elseif ulmode == '02' then ultype = 'Ultralight-C' + elseif ulmode == '03' then ultype = 'Ultralight' + end + -- read VERSION + cversion = send('30FA'):sub(1,16) + -- pwdblock must be set since the 30F1 and 30F2 special commands don't work on the ntag21x part of the UMC + if ulmode == '03' then versionstr = 'Ultralight' + elseif ulmode == '02' then versionstr = 'Ultralight-C' + elseif cversion == '0004030101000B03' then versionstr = 'UL EV1 48b' + elseif cversion == '0004030101000E03' then versionstr = 'UL EV1 128b' + elseif cversion == '0004040101000B03' then versionstr = 'NTAG 210' + elseif cversion == '0004040101000E03' then versionstr = 'NTAG 212' + elseif cversion == '0004040201000F03' then versionstr = 'NTAG 213' + elseif cversion == '0004040201001103' then versionstr = 'NTAG 215' + elseif cversion == '0004040201001303' then versionstr = 'NTAG 216' + elseif cversion == '0004040502011303' then versionstr = 'NTAG I2C 1K' + elseif cversion == '0004040502011503' then versionstr = 'NTAG I2C 2K' + elseif cversion == '0004040502021303' then versionstr = 'NTAG I2C 1K PLUS' + elseif cversion == '0004040502021503' then versionstr = 'NTAG I2C 2K PLUS' + elseif cversion == '0004040401000F03' then versionstr = 'NTAG 213F' + elseif cversion == '0004040401001303' then versionstr = 'NTAG 216F' + end + -- read PWD + cpwd = send("30F0"):sub(1,8) + pwd = send("30E5"):sub(1,8) + -- 04 response indicates that blocks has been locked down. + if pwd == '04' then lib14a.disconnect(); return nil, "can't read configuration, "..err_lock end + -- read PACK + cpack = send("30F1"):sub(1,4) + pack = send("30E6"):sub(1,4) + -- read SIGNATURE + signature1 = send('30F2'):sub(1,32) + signature2 = send('30F6'):sub(1,32) + lib14a.disconnect() end if _print < 1 then - print(string.rep('=', 88)) - print('\t\t\tUltimate Magic Card Configuration') - print(string.rep('=', 88)) - print(' - Raw Config ', string.sub(magicconfig, 1, -9)) - print(' - Card Protocol ', cardprotocol) - print(' - Ultralight Mode ', ultype) - print(' - ULM Backdoor Key ', readpass) - print(' - GTU Mode ', gtustr) - if ulprotocol == '01' then - print(' - Card Type ', versionstr) - else - print(' - Card Type ', cardtype) - end - print(' - UID ', uid) - print(' - ATQA ', atqaf) - print(' - SAK ', sak) - if ulprotocol == '01' then - print('') - print(string.rep('=', 88)) - print('\t\t\tMagic UL/NTAG 21* Configuration') - print(string.rep('=', 88)) - print(' - ATS ', atsstr) - print(' - Password ', '[0xE5] '..pwd, '[0xF0] '..cpwd) - print(' - Pack ', '[0xE6] '..pack, '[0xF1] '..cpack) - print(' - Version ', cversion) - print(' - Signature ', signature1..signature2) - end + print(string.rep('=', 88)) + print('\t\t\tUltimate Magic Card Configuration') + print(string.rep('=', 88)) + print(' - Raw Config ', string.sub(magicconfig, 1, -9)) + print(' - Card Protocol ', cardprotocol) + print(' - Ultralight Mode ', ultype) + print(' - ULM Backdoor Key ', readpass) + print(' - GTU Mode ', gtustr) + if ulprotocol == '01' then + print(' - Card Type ', versionstr) + else + print(' - Card Type ', cardtype) + end + print(' - UID ', uid) + print(' - ATQA ', atqaf) + print(' - SAK ', sak) + if ulprotocol == '01' then + print('') + print(string.rep('=', 88)) + print('\t\t\tMagic UL/NTAG 21* Configuration') + print(string.rep('=', 88)) + print(' - ATS ', atsstr) + print(' - Password ', '[0xE5] '..pwd, '[0xF0] '..cpwd) + print(' - Pack ', '[0xE6] '..pack, '[0xF1] '..cpack) + print(' - Version ', cversion) + print(' - Signature ', signature1..signature2) + end end lib14a.disconnect() return true, 'Ok' @@ -291,41 +291,41 @@ end local function write_uid(useruid) -- read CONFIG if not magicconfig then - _print = 1 - read_config() + _print = 1 + read_config() end local info = connect() if not info then return false, "Can't select card" end -- Writes a MFC UID with GEN4 magic commands. if ulprotocol == '00' then - -- uid string checks - if useruid == nil then return nil, 'empty uid string' end - if #useruid == 0 then return nil, 'empty uid string' end - if (#useruid ~= 8) and (#useruid ~= 14) then return nil, 'UID wrong length. Should be 4 or 7 hex bytes' end - print('Writing new UID ', useruid) - local uidbytes = utils.ConvertHexToBytes(useruid) - local bcc1 = bxor(bxor(bxor(uidbytes[1], uidbytes[2]), uidbytes[3]), uidbytes[4]) - local block0 = string.format('%02X%02X%02X%02X%02X', uidbytes[1], uidbytes[2], uidbytes[3], uidbytes[4], bcc1) - local resp = send('CF'.._key..'CD00'..block0) + -- uid string checks + if useruid == nil then return nil, 'empty uid string' end + if #useruid == 0 then return nil, 'empty uid string' end + if (#useruid ~= 8) and (#useruid ~= 14) then return nil, 'UID wrong length. Should be 4 or 7 hex bytes' end + print('Writing new UID ', useruid) + local uidbytes = utils.ConvertHexToBytes(useruid) + local bcc1 = bxor(bxor(bxor(uidbytes[1], uidbytes[2]), uidbytes[3]), uidbytes[4]) + local block0 = string.format('%02X%02X%02X%02X%02X', uidbytes[1], uidbytes[2], uidbytes[3], uidbytes[4], bcc1) + local resp = send('CF'.._key..'CD00'..block0) -- Writes a MFUL UID with bcc1, bcc2 using NTAG21xx commands. elseif ulprotocol == '01' then - -- uid string checks - if useruid == nil then return nil, 'empty uid string' end - if #useruid == 0 then return nil, 'empty uid string' end - if #useruid ~= 14 then return nil, 'uid wrong length. Should be 7 hex bytes' end - print('Writing new UID ', useruid) - local uidbytes = utils.ConvertHexToBytes(useruid) - local bcc1 = bxor(bxor(bxor(uidbytes[1], uidbytes[2]), uidbytes[3]), 0x88) - local bcc2 = bxor(bxor(bxor(uidbytes[4], uidbytes[5]), uidbytes[6]), uidbytes[7]) - local block0 = string.format('%02X%02X%02X%02X', uidbytes[1], uidbytes[2], uidbytes[3], bcc1) - local block1 = string.format('%02X%02X%02X%02X', uidbytes[4], uidbytes[5], uidbytes[6], uidbytes[7]) - local block2 = string.format('%02X%02X%02X%02X', bcc2, 0x48, 0x00, 0x00) - local resp - resp = send('A200'..block0) - resp = send('A201'..block1) - resp = send('A202'..block2) + -- uid string checks + if useruid == nil then return nil, 'empty uid string' end + if #useruid == 0 then return nil, 'empty uid string' end + if #useruid ~= 14 then return nil, 'uid wrong length. Should be 7 hex bytes' end + print('Writing new UID ', useruid) + local uidbytes = utils.ConvertHexToBytes(useruid) + local bcc1 = bxor(bxor(bxor(uidbytes[1], uidbytes[2]), uidbytes[3]), 0x88) + local bcc2 = bxor(bxor(bxor(uidbytes[4], uidbytes[5]), uidbytes[6]), uidbytes[7]) + local block0 = string.format('%02X%02X%02X%02X', uidbytes[1], uidbytes[2], uidbytes[3], bcc1) + local block1 = string.format('%02X%02X%02X%02X', uidbytes[4], uidbytes[5], uidbytes[6], uidbytes[7]) + local block2 = string.format('%02X%02X%02X%02X', bcc2, 0x48, 0x00, 0x00) + local resp + resp = send('A200'..block0) + resp = send('A201'..block1) + resp = send('A202'..block2) else - print('Incorrect ul') + print('Incorrect ul') end lib14a.disconnect() if resp ~= nil then @@ -339,8 +339,8 @@ end local function write_atqasak(atqasak) -- read CONFIG if not magicconfig then - _print = 1 - read_config() + _print = 1 + read_config() end if atqasak == nil then return nil, 'Empty ATQA/SAK string' end if #atqasak == 0 then return nil, 'Empty ATQA/SAK string' end @@ -350,25 +350,25 @@ end local atqauserf = atqauser2..atqauser1 local sakuser = atqasak:sub(5,6) if sakuser == '04' then - print('Never set SAK bit 3 (e.g. SAK=04), it indicates an extra cascade level is required') - return nil + print('Never set SAK bit 3 (e.g. SAK=04), it indicates an extra cascade level is required') + return nil elseif (sakuser == '20' or sakuser == '28') and atslen == '00' then - print('When SAK equals 20 or 28, ATS must be turned on') - return nil + print('When SAK equals 20 or 28, ATS must be turned on') + return nil elseif atqauser2 == '40' then - print('ATQA of [00 40] will cause the card to not answer.') - return nil + print('ATQA of [00 40] will cause the card to not answer.') + return nil else - local info = connect() - if not info then return false, "Can't select card" end - print('New ATQA: '..atqauser1..' '..atqauser2..' New SAK: '..sakuser) - local resp = send("CF".._key.."35"..atqauserf..sakuser) - lib14a.disconnect() - if resp == nil then - return nil, oops('Failed to write ATQA/SAK') - else - return true, 'Ok' - end + local info = connect() + if not info then return false, "Can't select card" end + print('New ATQA: '..atqauser1..' '..atqauser2..' New SAK: '..sakuser) + local resp = send("CF".._key.."35"..atqauserf..sakuser) + lib14a.disconnect() + if resp == nil then + return nil, oops('Failed to write ATQA/SAK') + else + return true, 'Ok' + end end end --- @@ -376,8 +376,8 @@ end local function write_ntagpwd(ntagpwd) -- read CONFIG if not magicconfig then - _print = 1 - read_config() + _print = 1 + read_config() end if ulprotocol == '00' then return nil, 'Magic Card is not using the Ultralight Protocol' end -- PWD string checks @@ -401,8 +401,8 @@ end local function write_pack(userpack) -- read CONFIG if not magicconfig then - _print = 1 - read_config() + _print = 1 + read_config() end if ulprotocol == 0 then return nil, 'Magic Card is not using the Ultralight Protocol' end -- PACK string checks @@ -426,8 +426,8 @@ local function write_otp(block3) if #block3 ~= 8 then return nil, 'OTP wrong length. Should be 4 hex bytes' end -- read CONFIG if not magicconfig then - _print = 1 - read_config() + _print = 1 + read_config() end if ulprotocol == '00' then return nil, 'Magic Card is not using the Ultralight Protocol' end local info = connect() @@ -450,8 +450,8 @@ local function write_version(data) if #data ~= 16 then return nil, 'version wrong length. Should be 8 hex bytes' end -- read CONFIG if not magicconfig then - _print = 1 - read_config() + _print = 1 + read_config() end if ulprotocol == '00' then return nil, 'Magic Card is not using the Ultralight Protocol' end print('Writing new version', data) @@ -478,8 +478,8 @@ local function write_signature(data) if #data ~= 64 then return nil, 'data wrong length. Should be 32 hex bytes' end -- read CONFIG if not magicconfig then - _print = 1 - read_config() + _print = 1 + read_config() end local info = connect() if not info then return false, "Can't select card" end @@ -508,19 +508,19 @@ local function write_gtu(gtu) local info = connect() if not info then return false, "Can't select card" end if gtu == '00' then - print('Enabling GTU Pre-Write') - send('CF'.._key..'32'..gtu) + print('Enabling GTU Pre-Write') + send('CF'.._key..'32'..gtu) elseif gtu == '01' then - print('Enabling GTU Restore Mode') - send('CF'.._key..'32'..gtu) + print('Enabling GTU Restore Mode') + send('CF'.._key..'32'..gtu) elseif gtu == '02' then - print('Disabled GTU') - send('CF'.._key..'32'..gtu) + print('Disabled GTU') + send('CF'.._key..'32'..gtu) elseif gtu == '03' then - print('Disabled GTU, high speed R/W mode for Ultralight') - send('CF'.._key..'32'..gtu) + print('Disabled GTU, high speed R/W mode for Ultralight') + send('CF'.._key..'32'..gtu) else - print('Failed to set GTU mode') + print('Failed to set GTU mode') end lib14a.disconnect() return true, 'Ok' @@ -536,13 +536,13 @@ local function write_ats(atsuser) local atscardlendecimal = tonumber(atscardlen, 16) local atsf = string.sub(atsuser, 3) if (#atsf / 2) ~= atscardlendecimal then - oops('Given length of ATS ('..atscardlendecimal..') does not match the ATS_length ('..(#atsf / 2)..')') - return true, 'Ok' + oops('Given length of ATS ('..atscardlendecimal..') does not match the ATS_length ('..(#atsf / 2)..')') + return true, 'Ok' else - local info = connect() - if not info then return false, "Can't select card" end - print('Writing '..atscardlendecimal..' ATS bytes of '..atsf) - send("CF".._key.."34"..atsuser) + local info = connect() + if not info then return false, "Can't select card" end + print('Writing '..atscardlendecimal..' ATS bytes of '..atsf) + send("CF".._key.."34"..atsuser) end lib14a.disconnect() return true, 'Ok' @@ -556,11 +556,11 @@ local function write_ulp(ulp) local info = connect() if not info then return false, "Can't select card" end if ulp == '00' then - print('Changing card to Mifare Classic Protocol') - send("CF".._key.."69"..ulp) + print('Changing card to Mifare Classic Protocol') + send("CF".._key.."69"..ulp) elseif ulp == '01' then - print('Changing card to Ultralight Protocol') - send("CF".._key.."69"..ulp) + print('Changing card to Ultralight Protocol') + send("CF".._key.."69"..ulp) else oops('Protocol needs to be either 00 or 01') end @@ -576,17 +576,17 @@ local function write_ulm(ulm) local info = connect() if not info then return false, "Can't select card" end if ulm == '00' then - print('Changing card UL mode to Ultralight EV1') - send("CF".._key.."6A"..ulm) + print('Changing card UL mode to Ultralight EV1') + send("CF".._key.."6A"..ulm) elseif ulm == '01' then - print('Changing card UL mode to NTAG') - send("CF".._key.."6A"..ulm) + print('Changing card UL mode to NTAG') + send("CF".._key.."6A"..ulm) elseif ulm == '02' then - print('Changing card UL mode to Ultralight-C') - send("CF".._key.."6A"..ulm) + print('Changing card UL mode to Ultralight-C') + send("CF".._key.."6A"..ulm) elseif ulm == '03' then - print('Changing card UL mode to Ultralight') - send("CF".._key.."6A"..ulm) + print('Changing card UL mode to Ultralight') + send("CF".._key.."6A"..ulm) else oops('UL mode needs to be either 00, 01, 02, 03') end @@ -603,50 +603,50 @@ local function set_type(tagtype) if tagtype == 1 then print('Setting: Ultimate Magic card to Mifare mini S20 4-byte') connect() - send("CF".._key.."F000000000000002000978009102DABC19101011121314151604000900") - lib14a.disconnect() + send("CF".._key.."F000000000000002000978009102DABC19101011121314151604000900") + lib14a.disconnect() write_uid('04112233') -- Setting Mifare mini S20 7-byte elseif tagtype == 2 then print('Setting: Ultimate Magic card to Mifare mini S20 7-byte') connect() - send("CF".._key.."F000010000000002000978009102DABC19101011121314151644000900") - lib14a.disconnect() + send("CF".._key.."F000010000000002000978009102DABC19101011121314151644000900") + lib14a.disconnect() write_uid('04112233445566') -- Setting Mifare 1k S50 4--byte elseif tagtype == 3 then print('Setting: Ultimate Magic card to Mifare 1k S50 4-byte') connect() - send("CF".._key.."F000000000000002000978009102DABC19101011121314151604000800") - lib14a.disconnect() + send("CF".._key.."F000000000000002000978009102DABC19101011121314151604000800") + lib14a.disconnect() write_uid('04112233') -- Setting Mifare 1k S50 7-byte elseif tagtype == 4 then print('Setting: Ultimate Magic card to Mifare 1k S50 7-byte') connect() - send("CF".._key.."F000010000000002000978009102DABC19101011121314151644000800") - lib14a.disconnect() + send("CF".._key.."F000010000000002000978009102DABC19101011121314151644000800") + lib14a.disconnect() write_uid('04112233445566') -- Setting Mifare 4k S70 4-byte elseif tagtype == 5 then print('Setting: Ultimate Magic card to Mifare 4k S70 4-byte') connect() - send("CF".._key.."F000000000000002000978009102DABC19101011121314151602001800") - lib14a.disconnect() + send("CF".._key.."F000000000000002000978009102DABC19101011121314151602001800") + lib14a.disconnect() write_uid('04112233') -- Setting Mifare 4k S70 7-byte elseif tagtype == 6 then print('Setting: Ultimate Magic card to Mifare 4k S70 7-byte') connect() - send("CF".._key.."F000010000000002000978009102DABC19101011121314151642001800") - lib14a.disconnect() + send("CF".._key.."F000010000000002000978009102DABC19101011121314151642001800") + lib14a.disconnect() write_uid('04112233445566') -- Setting UL elseif tagtype == 7 then print('Setting: Ultimate Magic card to UL') connect() - send("CF".._key.."F0010100000000030A0A78008102DBA0C119402AB5BA4D321A44000003") - lib14a.disconnect() + send("CF".._key.."F0010100000000030A0A78008102DBA0C119402AB5BA4D321A44000003") + lib14a.disconnect() write_uid('04112233445566') write_otp('00000000') -- Setting OTP to default 00 00 00 00 write_version('0000000000000000') -- UL-C does not have a version @@ -654,48 +654,48 @@ local function set_type(tagtype) elseif tagtype == 8 then print('Setting: Ultimate Magic card to UL-C') connect() - send("CF".._key.."F0010100000000030A0A78008102DBA0C119402AB5BA4D321A44000002") - print('Setting default permissions and 3des key') - send('A22A30000000') -- Auth0 page 48/0x30 and above need authentication - send('A22B80000000') -- Auth1 read and write access restricted - send('A22C42524541') -- Default 3des key - send('A22D4B4D4549') - send('A22E46594F55') - send('A22F43414E21') - lib14a.disconnect() + send("CF".._key.."F0010100000000030A0A78008102DBA0C119402AB5BA4D321A44000002") + print('Setting default permissions and 3des key') + send('A22A30000000') -- Auth0 page 48/0x30 and above need authentication + send('A22B80000000') -- Auth1 read and write access restricted + send('A22C42524541') -- Default 3des key + send('A22D4B4D4549') + send('A22E46594F55') + send('A22F43414E21') + lib14a.disconnect() write_uid('04112233445566') write_otp('00000000') -- Setting OTP to default 00 00 00 00 write_version('0000000000000000') -- UL-C does not have a version elseif tagtype == 9 then print('Setting: Ultimate Magic card to UL-EV1 48') - connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000000") + connect() + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000000") -- Setting UL-Ev1 default config bl 16,17 - send('a2E5FFFFFFFF') -- A2F0 block does not align correctly to actual pwd block - send('a2E6FFFFFFFF') -- A2F1 block does not align correctly to actual pack block + send('a2E5FFFFFFFF') -- A2F0 block does not align correctly to actual pwd block + send('a2E6FFFFFFFF') -- A2F1 block does not align correctly to actual pack block send('a210000000FF') send('a21100050000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_otp('00000000') -- Setting OTP to default 00 00 00 00 write_version('0004030101000b03') -- UL-EV1 (48) 00 04 03 01 01 00 0b 03 elseif tagtype == 10 then print('Setting: Ultimate Magic card to UL-EV1 128') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000000") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000000") -- Setting UL-Ev1 default config bl 37,38 - send('a2E5FFFFFFFF') -- A2F0 block does not align correctly to actual pwd block - send('a2E6FFFFFFFF') -- A2F1 block does not align correctly to actual pack block + send('a2E5FFFFFFFF') -- A2F0 block does not align correctly to actual pwd block + send('a2E6FFFFFFFF') -- A2F1 block does not align correctly to actual pack block send('a225000000FF') send('a22600050000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_otp('00000000') -- Setting OTP to default 00 00 00 00 write_version('0004030101000e03') -- UL-EV1 (128) 00 04 03 01 01 00 0e 03 elseif tagtype == 12 then print('Setting: Ultimate Magic card to NTAG 210') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG210 default CC block456 send('a203e1100600') send('a2040300fe00') @@ -703,13 +703,13 @@ local function set_type(tagtype) -- Setting cfg1/cfg2 send('a210000000FF') send('a21100050000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040101000b03') -- NTAG210 00 04 04 01 01 00 0b 03 elseif tagtype == 13 then print('Setting: Ultimate Magic card to NTAG 212') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG212 default CC block456 send('a203e1101000') send('a2040103900a') @@ -717,13 +717,13 @@ local function set_type(tagtype) -- Setting cfg1/cfg2 send('a225000000FF') send('a22600050000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040101000E03') -- NTAG212 00 04 04 01 01 00 0E 03 elseif tagtype == 14 then print('Setting: Ultimate Magic card to NTAG 213') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG213 default CC block456 send('a203e1101200') send('a2040103a00c') @@ -731,13 +731,13 @@ local function set_type(tagtype) -- setting cfg1/cfg2 send('a229000000ff') send('a22a00050000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040201000F03') -- NTAG213 00 04 04 02 01 00 0f 03 elseif tagtype == 15 then print('Setting: Ultimate Magic card to NTAG 215') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG215 default CC block456 send('a203e1103e00') send('a2040300fe00') @@ -745,13 +745,13 @@ local function set_type(tagtype) -- setting cfg1/cfg2 send('a283000000ff') send('a28400050000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040201001103') -- NTAG215 00 04 04 02 01 00 11 03 elseif tagtype == 16 then print('Setting: Ultimate Magic card to NTAG 216') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG216 default CC block456 send('a203e1106d00') send('a2040300fe00') @@ -759,56 +759,56 @@ local function set_type(tagtype) -- setting cfg1/cfg2 send('a2e3000000ff') send('a2e400050000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040201001303') -- NTAG216 00 04 04 02 01 00 13 03 elseif tagtype == 17 then print('Setting: Ultimate Magic card to NTAG I2C 1K') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG I2C 1K default CC block456 send('a203e1106D00') send('a2040300fe00') send('a20500000000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040502011303') -- NTAG_I2C_1K 00 04 04 05 02 01 13 03 elseif tagtype == 18 then print('Setting: Ultimate Magic card to NTAG I2C 2K') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG I2C 2K default CC block456 send('a203e110EA00') send('a2040300fe00') send('a20500000000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040502011503') -- NTAG_I2C_2K 00 04 04 05 02 01 15 03 elseif tagtype == 19 then print('Setting: Ultimate Magic card to NTAG I2C plus 1K') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG I2C 1K default CC block456 send('a203e1106D00') send('a2040300fe00') send('a20500000000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040502021303') -- NTAG_I2C_1K 00 04 04 05 02 02 13 03 elseif tagtype == 20 then print('Setting: Ultimate Magic card to NTAG I2C plus 2K') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG I2C 2K default CC block456 send('a203e1106D00') send('a2040300fe00') send('a20500000000') - write_uid('04112233445566') + write_uid('04112233445566') write_version('0004040502021503') -- NTAG_I2C_2K 00 04 04 05 02 02 15 03 elseif tagtype == 21 then print('Setting: Ultimate Magic card to NTAG 213F') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG213 default CC block456 send('a203e1101200') send('a2040103a00c') @@ -816,13 +816,13 @@ local function set_type(tagtype) -- setting cfg1/cfg2 send('a229000000ff') send('a22a00050000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040401000F03') -- NTAG213F 00 04 04 04 01 00 0f 03 elseif tagtype == 22 then print('Setting: Ultimate Magic card to NTAG 216F') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG216 default CC block456 send('a203e1106d00') send('a2040300fe00') @@ -830,11 +830,11 @@ local function set_type(tagtype) -- setting cfg1/cfg2 send('a2e3000000ff') send('a2e400050000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040401001303') -- NTAG216F 00 04 04 04 01 00 13 03 else - oops('No matching tag types') + oops('No matching tag types') end lib14a.disconnect() if resp == '04' then diff --git a/client/src/cmdhfepa.c b/client/src/cmdhfepa.c index 7ce9a3e97..66ce37d6b 100644 --- a/client/src/cmdhfepa.c +++ b/client/src/cmdhfepa.c @@ -228,7 +228,7 @@ static int CmdHFEPAPACESimulate(const char *Cmd) { CLIExecWithReturn(ctx, Cmd, argtable, false); // bool use_pc = arg_get_lit(ctx, 1); -// uint8_t pwd_type = 0; +// uint8_t pwd_type = 0; int plen = 0; uint8_t pwd[6] = {0}; @@ -273,7 +273,7 @@ static command_t CommandTable[] = { {"help", CmdHelp, AlwaysAvailable, "This help"}, {"cnonces", CmdHFEPACollectPACENonces, IfPm3Iso14443, "Acquire encrypted PACE nonces of specific size"}, {"replay", CmdHFEPAPACEReplay, IfPm3Iso14443, "Perform PACE protocol by replaying given APDUs"}, - {"sim", CmdHFEPAPACESimulate, IfPm3Iso14443, "Simulate PACE protocol"}, + {"sim", CmdHFEPAPACESimulate, IfPm3Iso14443, "Simulate PACE protocol"}, {NULL, NULL, NULL, NULL} }; diff --git a/client/src/cmdhfxerox.c b/client/src/cmdhfxerox.c index 578f797e0..9ba1577da 100644 --- a/client/src/cmdhfxerox.c +++ b/client/src/cmdhfxerox.c @@ -15,77 +15,77 @@ #define TIMEOUT 2000 -#define c2l(c,l) (l = ((unsigned long)(*((c)++))), \ - l |= ((unsigned long)(*((c)++))) << 8L, \ - l |= ((unsigned long)(*((c)++))) << 16L, \ - l |= ((unsigned long)(*((c)++))) << 24L) +#define c2l(c,l) (l = ((unsigned long)(*((c)++))), \ + l |= ((unsigned long)(*((c)++))) << 8L, \ + l |= ((unsigned long)(*((c)++))) << 16L, \ + l |= ((unsigned long)(*((c)++))) << 24L) /* NOTE - c is not incremented as per c2l */ -#define c2ln(c,l1,l2,n) { \ - c += n; \ - l1 = l2 = 0; \ - switch (n) { \ - case 8: l2 = ((unsigned long)(*(--(c)))) << 24L; \ - case 7: l2 |= ((unsigned long)(*(--(c)))) << 16L; \ - case 6: l2 |= ((unsigned long)(*(--(c)))) << 8L; \ - case 5: l2 |= ((unsigned long)(*(--(c)))); \ - case 4: l1 = ((unsigned long)(*(--(c)))) << 24L; \ - case 3: l1 |= ((unsigned long)(*(--(c)))) << 16L; \ - case 2: l1 |= ((unsigned long)(*(--(c)))) << 8L; \ - case 1: l1 |= ((unsigned long)(*(--(c)))); \ - } \ - } +#define c2ln(c,l1,l2,n) { \ + c += n; \ + l1 = l2 = 0; \ + switch (n) { \ + case 8: l2 = ((unsigned long)(*(--(c)))) << 24L; \ + case 7: l2 |= ((unsigned long)(*(--(c)))) << 16L; \ + case 6: l2 |= ((unsigned long)(*(--(c)))) << 8L; \ + case 5: l2 |= ((unsigned long)(*(--(c)))); \ + case 4: l1 = ((unsigned long)(*(--(c)))) << 24L; \ + case 3: l1 |= ((unsigned long)(*(--(c)))) << 16L; \ + case 2: l1 |= ((unsigned long)(*(--(c)))) << 8L; \ + case 1: l1 |= ((unsigned long)(*(--(c)))); \ + } \ + } -#define l2c(l,c) (*((c)++) = (uint8_t)(((l)) & 0xff), \ - *((c)++) = (uint8_t)(((l) >> 8L) & 0xff), \ - *((c)++) = (uint8_t)(((l) >> 16L) & 0xff), \ - *((c)++) = (uint8_t)(((l) >> 24L) & 0xff)) +#define l2c(l,c) (*((c)++) = (uint8_t)(((l)) & 0xff), \ + *((c)++) = (uint8_t)(((l) >> 8L) & 0xff), \ + *((c)++) = (uint8_t)(((l) >> 16L) & 0xff), \ + *((c)++) = (uint8_t)(((l) >> 24L) & 0xff)) /* NOTE - c is not incremented as per l2c */ -#define l2cn(l1,l2,c,n) { \ - c += n; \ - switch (n) { \ - case 8: *(--(c)) = (uint8_t)(((l2) >> 24L) & 0xff); \ - case 7: *(--(c)) = (uint8_t)(((l2) >> 16L) & 0xff); \ - case 6: *(--(c)) = (uint8_t)(((l2) >> 8L) & 0xff); \ - case 5: *(--(c)) = (uint8_t)(((l2)) & 0xff); \ - case 4: *(--(c)) = (uint8_t)(((l1) >> 24L) & 0xff); \ - case 3: *(--(c)) = (uint8_t)(((l1) >> 16L) & 0xff); \ - case 2: *(--(c)) = (uint8_t)(((l1) >> 8L) & 0xff); \ - case 1: *(--(c)) = (uint8_t)(((l1)) & 0xff); \ - } \ - } +#define l2cn(l1,l2,c,n) { \ + c += n; \ + switch (n) { \ + case 8: *(--(c)) = (uint8_t)(((l2) >> 24L) & 0xff); \ + case 7: *(--(c)) = (uint8_t)(((l2) >> 16L) & 0xff); \ + case 6: *(--(c)) = (uint8_t)(((l2) >> 8L) & 0xff); \ + case 5: *(--(c)) = (uint8_t)(((l2)) & 0xff); \ + case 4: *(--(c)) = (uint8_t)(((l1) >> 24L) & 0xff); \ + case 3: *(--(c)) = (uint8_t)(((l1) >> 16L) & 0xff); \ + case 2: *(--(c)) = (uint8_t)(((l1) >> 8L) & 0xff); \ + case 1: *(--(c)) = (uint8_t)(((l1)) & 0xff); \ + } \ + } /* NOTE - c is not incremented as per n2l */ -#define n2ln(c,l1,l2,n) { \ - c += n; \ - l1 = l2 = 0; \ - switch (n) { \ - case 8: l2 = ((unsigned long)(*(--(c)))); \ - case 7: l2 |= ((unsigned long)(*(--(c)))) << 8; \ - case 6: l2 |= ((unsigned long)(*(--(c)))) << 16; \ - case 5: l2 |= ((unsigned long)(*(--(c)))) << 24; \ - case 4: l1 = ((unsigned long)(*(--(c)))); \ - case 3: l1 |= ((unsigned long)(*(--(c)))) << 8; \ - case 2: l1 |= ((unsigned long)(*(--(c)))) << 16; \ - case 1: l1 |= ((unsigned long)(*(--(c)))) << 24; \ - } \ - } +#define n2ln(c,l1,l2,n) { \ + c += n; \ + l1 = l2 = 0; \ + switch (n) { \ + case 8: l2 = ((unsigned long)(*(--(c)))); \ + case 7: l2 |= ((unsigned long)(*(--(c)))) << 8; \ + case 6: l2 |= ((unsigned long)(*(--(c)))) << 16; \ + case 5: l2 |= ((unsigned long)(*(--(c)))) << 24; \ + case 4: l1 = ((unsigned long)(*(--(c)))); \ + case 3: l1 |= ((unsigned long)(*(--(c)))) << 8; \ + case 2: l1 |= ((unsigned long)(*(--(c)))) << 16; \ + case 1: l1 |= ((unsigned long)(*(--(c)))) << 24; \ + } \ + } /* NOTE - c is not incremented as per l2n */ -#define l2nn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c)) = (uint8_t)(((l2)) & 0xff); \ - case 7: *(--(c)) = (uint8_t)(((l2) >> 8) & 0xff); \ - case 6: *(--(c)) = (uint8_t)(((l2) >> 16) & 0xff); \ - case 5: *(--(c)) = (uint8_t)(((l2) >> 24) & 0xff); \ - case 4: *(--(c)) = (uint8_t)(((l1)) & 0xff); \ - case 3: *(--(c)) = (uint8_t)(((l1) >> 8) & 0xff); \ - case 2: *(--(c)) = (uint8_t)(((l1) >> 16) & 0xff); \ - case 1: *(--(c)) = (uint8_t)(((l1) >> 24) & 0xff); \ - } \ - } +#define l2nn(l1,l2,c,n) { \ + c+=n; \ + switch (n) { \ + case 8: *(--(c)) = (uint8_t)(((l2)) & 0xff); \ + case 7: *(--(c)) = (uint8_t)(((l2) >> 8) & 0xff); \ + case 6: *(--(c)) = (uint8_t)(((l2) >> 16) & 0xff); \ + case 5: *(--(c)) = (uint8_t)(((l2) >> 24) & 0xff); \ + case 4: *(--(c)) = (uint8_t)(((l1)) & 0xff); \ + case 3: *(--(c)) = (uint8_t)(((l1) >> 8) & 0xff); \ + case 2: *(--(c)) = (uint8_t)(((l1) >> 16) & 0xff); \ + case 1: *(--(c)) = (uint8_t)(((l1) >> 24) & 0xff); \ + } \ + } #define n2l(c,l) (l = ((unsigned long)(*((c)++))) << 24L, \ l |= ((unsigned long)(*((c)++))) << 16L, \ @@ -98,17 +98,17 @@ *((c)++) = (uint8_t)(((l)) & 0xff)) #define C_RC2(n) \ - t = (x0 + (x1 & ~x3) + (x2 & x3) + *(p0++)) & 0xffff; \ - x0 = (t << 1) | (t >> 15); \ - t = (x1 + (x2 & ~x0) + (x3 & x0) + *(p0++)) & 0xffff; \ - x1 = (t << 2) | (t >> 14); \ - t = (x2 + (x3 & ~x1) + (x0 & x1) + *(p0++)) & 0xffff; \ - x2 = (t << 3) | (t >> 13); \ - t = (x3 + (x0 & ~x2) + (x1 & x2) + *(p0++)) & 0xffff; \ - x3 = (t << 5) | (t >> 11); + t = (x0 + (x1 & ~x3) + (x2 & x3) + *(p0++)) & 0xffff; \ + x0 = (t << 1) | (t >> 15); \ + t = (x1 + (x2 & ~x0) + (x3 & x0) + *(p0++)) & 0xffff; \ + x1 = (t << 2) | (t >> 14); \ + t = (x2 + (x3 & ~x1) + (x0 & x1) + *(p0++)) & 0xffff; \ + x2 = (t << 3) | (t >> 13); \ + t = (x3 + (x0 & ~x2) + (x1 & x2) + *(p0++)) & 0xffff; \ + x3 = (t << 5) | (t >> 11); -#define RC2_ENCRYPT 1 -#define RC2_DECRYPT 0 +#define RC2_ENCRYPT 1 +#define RC2_DECRYPT 0 typedef unsigned int RC2_INT; @@ -533,8 +533,8 @@ static int CmdHFXeroxInfo(const char *Cmd) { packet->flags = (ISO14B_APPEND_CRC | ISO14B_RAW); packet->rawlen = 11; packet->raw[0] = 0x02; - packet->raw[1] = 0x20; // set command: read mem - memcpy(packet->raw + 2, card.uid, 8); // store uid + packet->raw[1] = 0x20; // set command: read mem + memcpy(packet->raw + 2, card.uid, 8); // store uid for (int retry = 0; (retry < 5 && blocknum < sizeof(info_blocks)); retry++) { @@ -623,7 +623,7 @@ static int CmdHFXeroxDump(const char *Cmd) { } iso14b_card_select_t card; - int status = findXerox(&card, false); // remain RF on + int status = findXerox(&card, false); // remain RF on if (status != PM3_SUCCESS) { free(packet); switch_off_field(); @@ -632,20 +632,20 @@ static int CmdHFXeroxDump(const char *Cmd) { PrintAndLogEx(INFO, "Reading memory from tag UID " _GREEN_("%s"), sprint_hex(card.uid, card.uidlen)); - int blocknum = 1; // block 0 all zeros + int blocknum = 1; // block 0 all zeros uint8_t data[256 * 4] = {0}; // set up the read command packet->flags = (ISO14B_APPEND_CRC | ISO14B_RAW); packet->rawlen = 11; packet->raw[0] = 0x02; - memcpy(packet->raw + 2, card.uid, 8); // store uid + memcpy(packet->raw + 2, card.uid, 8); // store uid PrintAndLogEx(INFO, "." NOLF); for (int retry = 0; (retry < 5 && blocknum < 0x100); retry++) { - packet->raw[1] = (blocknum < 12) ? 0x30 : 0x20; // set command: read ext mem or read mem + packet->raw[1] = (blocknum < 12) ? 0x30 : 0x20; // set command: read ext mem or read mem packet->raw[10] = blocknum & 0xFF; PacketResponseNG resp; @@ -657,7 +657,7 @@ static int CmdHFXeroxDump(const char *Cmd) { resp.cmd, resp.length, resp.magic, resp.status, resp.crc, resp.oldarg[0], resp.oldarg[1], resp.oldarg[2], resp.data.asBytes[0], resp.data.asBytes[1], resp.data.asBytes[2], resp.ng ? 't' : 'f'); */ - if (/*resp.status != 0 ||*/ resp.length < 7) { // 14b raw command send data_len instead of status + if (/*resp.status != 0 ||*/ resp.length < 7) { // 14b raw command send data_len instead of status PrintAndLogEx(FAILED, "retrying one more time"); continue; } @@ -722,8 +722,8 @@ static int CmdHFXeroxDump(const char *Cmd) { memcpy(k1, k2, sizeof(k1)); k1[2] = k2[3] ^ data[0x22 * 4 + 0]; - k1[3] = k2[4] ^ data[0x22 * 4 + 1]; // first_key[7]; - k1[5] = k2[1] ^ 0x01; // 01 = crypto method? rfid[23][2] + k1[3] = k2[4] ^ data[0x22 * 4 + 1]; // first_key[7]; + k1[5] = k2[1] ^ 0x01; // 01 = crypto method? rfid[23][2] RC2_set_key(&exp_key, 8, k1, 64); @@ -747,7 +747,7 @@ static int CmdHFXeroxDump(const char *Cmd) { uint16_t cs, csd; // calc checksum - for (b = 0, cs = 0; b < sizeof(decr) - 2; b += 2) cs += decr[b] | (decr[b + 1] << 8); + for (b = 0, cs = 0; b < sizeof(decr) - 2; b += 2) cs += decr[b] | (decr[b + 1] << 8); cs = ~cs; csd = (decr[7] << 8) | decr[6]; @@ -772,7 +772,7 @@ static int CmdHFXeroxDump(const char *Cmd) { PrintAndLogEx(INFO, "---------+--------------+----------"); PrintAndLogEx(NORMAL, ""); - if (0 == filename[0]) { // generate filename from uid + if (0 == filename[0]) { // generate filename from uid /* PrintAndLogEx(INFO, "Using UID as filename"); diff --git a/doc/commands.json b/doc/commands.json index 47f77d21a..e055a70b4 100644 --- a/doc/commands.json +++ b/doc/commands.json @@ -11512,6 +11512,6 @@ "metadata": { "commands_extracted": 727, "extracted_by": "PM3Help2JSON v1.00", - "extracted_on": "2023-01-14T21:16:27" + "extracted_on": "2023-01-14T21:23:30" } } \ No newline at end of file diff --git a/include/protocols.h b/include/protocols.h index 016584098..9de07e4e7 100644 --- a/include/protocols.h +++ b/include/protocols.h @@ -473,7 +473,7 @@ ISO 7816-4 Basic interindustry commands. For command APDU's. // 65 xx #define ISO7816_MEMORY_FULL 0x6501 // Memory failure -#define ISO7816_WRITE_MEMORY_ERR 0x6581 // Write problem / Memory failure / Unknown mode +#define ISO7816_WRITE_MEMORY_ERR 0x6581 // Write problem / Memory failure / Unknown mode // 67 xx #define ISO7816_WRONG_LENGTH 0x6700 // Wrong length From 6a576701c7d9f1357b21e10a4e917c0d2880960c Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sat, 14 Jan 2023 22:40:05 +0100 Subject: [PATCH 03/23] Topaz dump: remove unnecessary casts increasing required alignment and add dump size check --- client/src/cmdhftopaz.c | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/client/src/cmdhftopaz.c b/client/src/cmdhftopaz.c index 8ad9c23ee..a59cd02be 100644 --- a/client/src/cmdhftopaz.c +++ b/client/src/cmdhftopaz.c @@ -583,9 +583,7 @@ static void topaz_print_lifecycle_state(uint8_t *data) { // to be done } -static void printTopazDumpContents(uint8_t *dump, size_t size) { - - topaz_tag_t *t = (topaz_tag_t *)dump; +static void printTopazDumpContents(topaz_tag_t *dump) { // uses a global var for all PrintAndLogEx(NORMAL, ""); @@ -608,14 +606,14 @@ static void printTopazDumpContents(uint8_t *dump, size_t size) { PrintAndLogEx(SUCCESS, " %3u / 0x%02x | %s| %s | %s", i, i, - sprint_hex(&t->data_blocks[i][0], 8), + sprint_hex(&dump->data_blocks[i][0], 8), lockstr, block_info ); } - PrintAndLogEx(SUCCESS, " %3u / 0x%02x | %s| | %s", 0x0D, 0x0D, sprint_hex(&t->data_blocks[0x0D][0], 8), topaz_ks[2]); - PrintAndLogEx(SUCCESS, " %3u / 0x%02x | %s| | %s", 0x0E, 0x0E, sprint_hex(&t->data_blocks[0x0E][0], 8), topaz_ks[3]); + PrintAndLogEx(SUCCESS, " %3u / 0x%02x | %s| | %s", 0x0D, 0x0D, sprint_hex(&dump->data_blocks[0x0D][0], 8), topaz_ks[2]); + PrintAndLogEx(SUCCESS, " %3u / 0x%02x | %s| | %s", 0x0E, 0x0E, sprint_hex(&dump->data_blocks[0x0E][0], 8), topaz_ks[3]); PrintAndLogEx(SUCCESS, "------------+-------------------------+---+------------"); PrintAndLogEx(NORMAL, ""); } @@ -797,7 +795,7 @@ static int CmdHFTopazDump(const char *Cmd) { if (status != PM3_SUCCESS) { return status; } - printTopazDumpContents((uint8_t *)&topaz_tag, sizeof(topaz_tag_t)); + printTopazDumpContents(&topaz_tag); bool set_dynamic = false; if (topaz_set_cc_dynamic(&topaz_tag.data_blocks[1][0]) == PM3_SUCCESS) { @@ -853,14 +851,17 @@ static int CmdHFTopazView(const char *Cmd) { CLIParserFree(ctx); // read dump file - uint8_t *dump = NULL; + topaz_tag_t *dump = NULL; size_t bytes_read = TOPAZ_MAX_SIZE; int res = pm3_load_dump(filename, (void **)&dump, &bytes_read, sizeof(topaz_tag_t) + TOPAZ_MAX_SIZE); if (res != PM3_SUCCESS) { return res; } - - printTopazDumpContents(dump, bytes_read); + if (bytes_read < sizeof(topaz_tag_t)) { + free(dump); + return PM3_EFAILED; + } + printTopazDumpContents(dump); if (topaz_set_cc_dynamic(&topaz_tag.data_blocks[1][0]) == PM3_SUCCESS) { From 04bab85557ff9d243436e781c8e78becd4785d32 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sat, 14 Jan 2023 23:02:06 +0100 Subject: [PATCH 04/23] fileutils: replace casts by union and remove warning about increase alignment requirement --- client/src/fileutils.c | 64 ++++++++++++++++++++++-------------------- 1 file changed, 34 insertions(+), 30 deletions(-) diff --git a/client/src/fileutils.c b/client/src/fileutils.c index e42ac5a16..8c2f7a6f0 100644 --- a/client/src/fileutils.c +++ b/client/src/fileutils.c @@ -1162,12 +1162,19 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz goto out; } - uint8_t *udata = (uint8_t *)data; + typedef union UDATA + { + void* v; + uint8_t* bytes; + mfu_dump_t* mfu; + topaz_tag_t* topaz; + } UDATA; + UDATA udata = (UDATA)data; char ctype[100] = {0}; JsonLoadStr(root, "$.FileType", ctype); if (!strcmp(ctype, "raw")) { - JsonLoadBufAsHex(root, "$.raw", udata, maxdatalen, datalen); + JsonLoadBufAsHex(root, "$.raw", udata.bytes, maxdatalen, datalen); } if (!strcmp(ctype, "mfcard")) { @@ -1187,7 +1194,7 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz goto out; } - memcpy(&udata[sptr], block, 16); + memcpy(&udata.bytes[sptr], block, 16); sptr += len; } @@ -1206,7 +1213,7 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz snprintf(blocks, sizeof(blocks), "$.blocks.%d", i); size_t len = 0; - JsonLoadBufAsHex(root, blocks, &udata[sptr], 4, &len); + JsonLoadBufAsHex(root, blocks, &udata.bytes[sptr], 4, &len); if (!len) break; @@ -1218,18 +1225,16 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz if (!strcmp(ctype, "mfu")) { - mfu_dump_t *mem = (mfu_dump_t *)udata; - - JsonLoadBufAsHex(root, "$.Card.Version", mem->version, sizeof(mem->version), datalen); - JsonLoadBufAsHex(root, "$.Card.TBO_0", mem->tbo, sizeof(mem->tbo), datalen); - JsonLoadBufAsHex(root, "$.Card.TBO_1", mem->tbo1, sizeof(mem->tbo1), datalen); - JsonLoadBufAsHex(root, "$.Card.Signature", mem->signature, sizeof(mem->signature), datalen); - JsonLoadBufAsHex(root, "$.Card.Counter0", &mem->counter_tearing[0][0], 3, datalen); - JsonLoadBufAsHex(root, "$.Card.Tearing0", &mem->counter_tearing[0][3], 1, datalen); - JsonLoadBufAsHex(root, "$.Card.Counter1", &mem->counter_tearing[1][0], 3, datalen); - JsonLoadBufAsHex(root, "$.Card.Tearing1", &mem->counter_tearing[1][3], 1, datalen); - JsonLoadBufAsHex(root, "$.Card.Counter2", &mem->counter_tearing[2][0], 3, datalen); - JsonLoadBufAsHex(root, "$.Card.Tearing2", &mem->counter_tearing[2][3], 1, datalen); + JsonLoadBufAsHex(root, "$.Card.Version", udata.mfu->version, sizeof(udata.mfu->version), datalen); + JsonLoadBufAsHex(root, "$.Card.TBO_0", udata.mfu->tbo, sizeof(udata.mfu->tbo), datalen); + JsonLoadBufAsHex(root, "$.Card.TBO_1", udata.mfu->tbo1, sizeof(udata.mfu->tbo1), datalen); + JsonLoadBufAsHex(root, "$.Card.Signature", udata.mfu->signature, sizeof(udata.mfu->signature), datalen); + JsonLoadBufAsHex(root, "$.Card.Counter0", &udata.mfu->counter_tearing[0][0], 3, datalen); + JsonLoadBufAsHex(root, "$.Card.Tearing0", &udata.mfu->counter_tearing[0][3], 1, datalen); + JsonLoadBufAsHex(root, "$.Card.Counter1", &udata.mfu->counter_tearing[1][0], 3, datalen); + JsonLoadBufAsHex(root, "$.Card.Tearing1", &udata.mfu->counter_tearing[1][3], 1, datalen); + JsonLoadBufAsHex(root, "$.Card.Counter2", &udata.mfu->counter_tearing[2][0], 3, datalen); + JsonLoadBufAsHex(root, "$.Card.Tearing2", &udata.mfu->counter_tearing[2][3], 1, datalen); *datalen = MFU_DUMP_PREFIX_LENGTH; size_t sptr = 0; @@ -1243,15 +1248,15 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz snprintf(blocks, sizeof(blocks), "$.blocks.%d", i); size_t len = 0; - JsonLoadBufAsHex(root, blocks, &mem->data[sptr], MFU_BLOCK_SIZE, &len); + JsonLoadBufAsHex(root, blocks, &udata.mfu->data[sptr], MFU_BLOCK_SIZE, &len); if (!len) break; sptr += len; - mem->pages++; + udata.mfu->pages++; } // remove one, since pages indicates a index rather than number of available pages - --mem->pages; + --udata.mfu->pages; *datalen += sptr; } @@ -1268,7 +1273,7 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz snprintf(blocks, sizeof(blocks), "$.blocks.%zu", i); size_t len = 0; - JsonLoadBufAsHex(root, blocks, &udata[sptr], 4, &len); + JsonLoadBufAsHex(root, blocks, &udata.bytes[sptr], 4, &len); if (!len) break; @@ -1290,7 +1295,7 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz snprintf(blocks, sizeof(blocks), "$.blocks.%zu", i); size_t len = 0; - JsonLoadBufAsHex(root, blocks, &udata[sptr], 8, &len); + JsonLoadBufAsHex(root, blocks, &udata.bytes[sptr], 8, &len); if (!len) break; @@ -1311,7 +1316,7 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz snprintf(blocks, sizeof(blocks), "$.blocks.%zu", i); size_t len = 0; - JsonLoadBufAsHex(root, blocks, &udata[sptr], 4, &len); + JsonLoadBufAsHex(root, blocks, &udata.bytes[sptr], 4, &len); if (!len) break; @@ -1332,7 +1337,7 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz snprintf(blocks, sizeof(blocks), "$.blocks.%zu", i); size_t len = 0; - JsonLoadBufAsHex(root, blocks, &udata[sptr], 4, &len); + JsonLoadBufAsHex(root, blocks, &udata.bytes[sptr], 4, &len); if (!len) break; @@ -1342,19 +1347,18 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz } if (!strcmp(ctype, "15693")) { - JsonLoadBufAsHex(root, "$.raw", udata, maxdatalen, datalen); + JsonLoadBufAsHex(root, "$.raw", udata.bytes, maxdatalen, datalen); } if (!strcmp(ctype, "legic")) { - JsonLoadBufAsHex(root, "$.raw", udata, maxdatalen, datalen); + JsonLoadBufAsHex(root, "$.raw", udata.bytes, maxdatalen, datalen); } if (!strcmp(ctype, "topaz")) { - topaz_tag_t *mem = (topaz_tag_t *)udata; - JsonLoadBufAsHex(root, "$.Card.UID", mem->uid, sizeof(mem->uid), datalen); - JsonLoadBufAsHex(root, "$.Card.HR01", mem->HR01, sizeof(mem->HR01), datalen); - JsonLoadBufAsHex(root, "$.Card.Size", (uint8_t *) & (mem->size), 2, datalen); + JsonLoadBufAsHex(root, "$.Card.UID", udata.topaz->uid, sizeof(udata.topaz->uid), datalen); + JsonLoadBufAsHex(root, "$.Card.HR01", udata.topaz->HR01, sizeof(udata.topaz->HR01), datalen); + JsonLoadBufAsHex(root, "$.Card.Size", (uint8_t *) & (udata.topaz->size), 2, datalen); size_t sptr = 0; for (int i = 0; i < (TOPAZ_STATIC_MEMORY / 8); i++) { @@ -1368,7 +1372,7 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz snprintf(blocks, sizeof(blocks), "$.blocks.%d", i); size_t len = 0; - JsonLoadBufAsHex(root, blocks, &mem->data_blocks[sptr][0], TOPAZ_BLOCK_SIZE, &len); + JsonLoadBufAsHex(root, blocks, &udata.topaz->data_blocks[sptr][0], TOPAZ_BLOCK_SIZE, &len); if (!len) break; From 46f8b522ca1854de25e2af1e1675b6d81c1fcf26 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sat, 14 Jan 2023 23:05:46 +0100 Subject: [PATCH 05/23] t55: remove cast and warning about increase alignment requirement --- client/src/cmdlft55xx.c | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/client/src/cmdlft55xx.c b/client/src/cmdlft55xx.c index dccacc3b1..ba3df4088 100644 --- a/client/src/cmdlft55xx.c +++ b/client/src/cmdlft55xx.c @@ -2362,7 +2362,7 @@ static int CmdT55xxRestore(const char *Cmd) { } // read dump file - uint8_t *dump = NULL; + uint32_t *dump = NULL; size_t bytes_read = 0; res = pm3_load_dump(filename, (void **)&dump, &bytes_read, (T55x7_BLOCK_COUNT * 4)); if (res != PM3_SUCCESS) { @@ -2387,11 +2387,10 @@ static int CmdT55xxRestore(const char *Cmd) { snprintf(pwdopt, sizeof(pwdopt), "-p %08X", password); } - uint32_t *data = (uint32_t *) dump; uint8_t idx; // Restore endien for writing to card for (idx = 0; idx < 12; idx++) { - data[idx] = BSWAP_32(data[idx]); + dump[idx] = BSWAP_32(dump[idx]); } // Have data ready, lets write @@ -2400,12 +2399,12 @@ static int CmdT55xxRestore(const char *Cmd) { // write blocks 1..3 page 1 // update downlink mode (if needed) and write b 0 downlink_mode = 0; - if ((((data[11] >> 28) & 0xF) == 6) || (((data[11] >> 28) & 0xF) == 9)) - downlink_mode = (data[11] >> 10) & 3; + if ((((dump[11] >> 28) & 0xF) == 6) || (((dump[11] >> 28) & 0xF) == 9)) + downlink_mode = (dump[11] >> 10) & 3; // write out blocks 1-7 page 0 for (idx = 1; idx <= 7; idx++) { - snprintf(wcmd, sizeof(wcmd), "-b %d -d %08X %s", idx, data[idx], pwdopt); + snprintf(wcmd, sizeof(wcmd), "-b %d -d %08X %s", idx, dump[idx], pwdopt); if (CmdT55xxWriteBlock(wcmd) != PM3_SUCCESS) { PrintAndLogEx(WARNING, "Warning: error writing blk %d", idx); @@ -2414,12 +2413,12 @@ static int CmdT55xxRestore(const char *Cmd) { // if password was set on the "blank" update as we may have just changed it if (usepwd) { - snprintf(pwdopt, sizeof(pwdopt), "-p %08X", data[7]); + snprintf(pwdopt, sizeof(pwdopt), "-p %08X", dump[7]); } // write out blocks 1-3 page 1 for (idx = 9; idx <= 11; idx++) { - snprintf(wcmd, sizeof(wcmd), "-b %d --pg1 -d %08X %s", idx - 8, data[idx], pwdopt); + snprintf(wcmd, sizeof(wcmd), "-b %d --pg1 -d %08X %s", idx - 8, dump[idx], pwdopt); if (CmdT55xxWriteBlock(wcmd) != PM3_SUCCESS) { PrintAndLogEx(WARNING, "Warning: error writing blk %d", idx); @@ -2430,7 +2429,7 @@ static int CmdT55xxRestore(const char *Cmd) { config.downlink_mode = downlink_mode; // Write the page 0 config - snprintf(wcmd, sizeof(wcmd), "-b 0 -d %08X %s", data[0], pwdopt); + snprintf(wcmd, sizeof(wcmd), "-b 0 -d %08X %s", dump[0], pwdopt); if (CmdT55xxWriteBlock(wcmd) != PM3_SUCCESS) { PrintAndLogEx(WARNING, "Warning: error writing blk 0"); } From 0e1ea167a46d40e45c0e161b68bef4b7b6249e6e Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sat, 14 Jan 2023 23:29:38 +0100 Subject: [PATCH 06/23] vigik: use mfc_vigik_t in API and remove warning about increased alignment --- client/src/cmdhfmf.c | 18 ++++++++---- client/src/mifare/mifarehost.c | 52 ++++++++++++++++------------------ client/src/mifare/mifarehost.h | 5 ++-- 3 files changed, 40 insertions(+), 35 deletions(-) diff --git a/client/src/cmdhfmf.c b/client/src/cmdhfmf.c index 98a587cf1..89cb68023 100644 --- a/client/src/cmdhfmf.c +++ b/client/src/cmdhfmf.c @@ -6915,9 +6915,15 @@ static int CmdHF14AMfView(const char *Cmd) { return res; } + typedef union UDATA + { + uint8_t *bytes; + mfc_vigik_t *vigik; + } UDATA; // allocate memory - uint8_t *d = calloc(bytes_read, sizeof(uint8_t)); - if (d == NULL) { + UDATA d; + d.bytes = calloc(bytes_read, sizeof(uint8_t)); + if (d.bytes == NULL) { return PM3_EMALLOC; } uint16_t dlen = 0; @@ -6925,14 +6931,14 @@ static int CmdHF14AMfView(const char *Cmd) { // vigik struture sector 0 uint8_t *pdump = dump; - memcpy(d + dlen, pdump, MFBLOCK_SIZE * 3); + memcpy(d.bytes + dlen, pdump, MFBLOCK_SIZE * 3); dlen += MFBLOCK_SIZE * 3; pdump += (MFBLOCK_SIZE * 4); // skip sectortrailer // extract memory from MAD sectors for (int i = 0; i <= madlen; i++) { if (0x4910 == mad[i] || 0x4916 == mad[i]) { - memcpy(d + dlen, pdump, MFBLOCK_SIZE * 3); + memcpy(d.bytes + dlen, pdump, MFBLOCK_SIZE * 3); dlen += MFBLOCK_SIZE * 3; } @@ -6940,8 +6946,8 @@ static int CmdHF14AMfView(const char *Cmd) { } // convert_mfc_2_arr(pdump, bytes_read, d, &dlen); - vigik_annotate(d); - free(d); + vigik_annotate(d.vigik); + free(d.bytes); } free(dump); diff --git a/client/src/mifare/mifarehost.c b/client/src/mifare/mifarehost.c index 0c8c8b274..56d10c608 100644 --- a/client/src/mifare/mifarehost.c +++ b/client/src/mifare/mifarehost.c @@ -1499,7 +1499,7 @@ static void reverse_array(const uint8_t *src, int src_len, uint8_t *dest) { } }; -int vigik_verify(uint8_t *uid, uint8_t uidlen, uint8_t *signature, int signature_len) { +int vigik_verify(mfc_vigik_t *d) { // iso9796 // Exponent V = 2 @@ -1507,16 +1507,16 @@ int vigik_verify(uint8_t *uid, uint8_t uidlen, uint8_t *signature, int signature if (g_debugMode == DEBUG) { PrintAndLogEx(INFO, "Raw"); - print_hex_noascii_break(uid, uidlen, MFBLOCK_SIZE * 2); + print_hex_noascii_break((uint8_t *)d, sizeof(*d) - sizeof(d->rsa_signature), MFBLOCK_SIZE * 2); PrintAndLogEx(INFO, "Raw signature"); - print_hex_noascii_break(signature, signature_len, MFBLOCK_SIZE * 2); + print_hex_noascii_break(d->rsa_signature, sizeof(d->rsa_signature), MFBLOCK_SIZE * 2); } uint8_t rev_sig[128]; - reverse_array(signature, signature_len, rev_sig); + reverse_array(d->rsa_signature, sizeof(d->rsa_signature), rev_sig); PrintAndLogEx(INFO, "Raw signature reverse"); - print_hex_noascii_break(rev_sig, signature_len, MFBLOCK_SIZE * 2); + print_hex_noascii_break(rev_sig, sizeof(d->rsa_signature), MFBLOCK_SIZE * 2); // t = 0xBC = Implicitly known // t = 0xCC = look at byte before to determine hash function @@ -1566,7 +1566,7 @@ int vigik_verify(uint8_t *uid, uint8_t uidlen, uint8_t *signature, int signature mbedtls_mpi_read_binary(&N, (const unsigned char *)n, PUBLIC_VIGIK_KEYLEN); //mbedtls_mpi_read_binary(&s, (const unsigned char*)signature, signature_len); - mbedtls_mpi_read_binary(&s, (const unsigned char *)rev_sig, signature_len); + mbedtls_mpi_read_binary(&s, (const unsigned char *)rev_sig, sizeof(d->rsa_signature)); // check is sign < (N/2) @@ -1725,7 +1725,7 @@ int vigik_verify(uint8_t *uid, uint8_t uidlen, uint8_t *signature, int signature if (is_valid == false || i == ARRAYLEN(vigik_rsa_pk)) { PrintAndLogEx(INFO, "Signature:"); - print_hex_noascii_break(signature, signature_len, MFBLOCK_SIZE * 2); + print_hex_noascii_break(d->rsa_signature, sizeof(d->rsa_signature), MFBLOCK_SIZE * 2); PrintAndLogEx(SUCCESS, "Signature verification: " _RED_("failed")); return PM3_ESOFT; } @@ -1738,37 +1738,35 @@ int vigik_verify(uint8_t *uid, uint8_t uidlen, uint8_t *signature, int signature PrintAndLogEx(INFO, "%.64s", vigik_rsa_pk[i].n + 192); PrintAndLogEx(INFO, "Signature:"); - print_hex_noascii_break(signature, signature_len, MFBLOCK_SIZE * 2); + print_hex_noascii_break(d->rsa_signature, sizeof(d->rsa_signature), MFBLOCK_SIZE * 2); PrintAndLogEx(SUCCESS, "Signature verification: " _GREEN_("successful")); return PM3_SUCCESS; } -int vigik_annotate(uint8_t *d) { +int vigik_annotate(mfc_vigik_t *d) { if (d == NULL) return PM3_EINVARG; - mfc_vigik_t *foo = (mfc_vigik_t *)d; - - PrintAndLogEx(INFO, "Manufacture......... %s", sprint_hex(foo->b0, sizeof(foo->b0))); - PrintAndLogEx(INFO, "MAD................. %s", sprint_hex(foo->mad, sizeof(foo->mad))); - PrintAndLogEx(INFO, "Counters............ %u", foo->counters); - PrintAndLogEx(INFO, "rtf................. %s", sprint_hex(foo->rtf, sizeof(foo->rtf))); - PrintAndLogEx(INFO, "Service code........ 0x%08x / %u - " _YELLOW_("%s"), foo->service_code, foo->service_code, vigik_get_service(foo->service_code)); - PrintAndLogEx(INFO, "Info flag........... %u -", foo->info_flag); // , sprint_bin(foo->info_flag, 1)); - PrintAndLogEx(INFO, "Key version......... %u", foo->key_version); - PrintAndLogEx(INFO, "PTR Counter......... %u", foo->ptr_counter); - PrintAndLogEx(INFO, "Counter num......... %u", foo->counter_num); - PrintAndLogEx(INFO, "Slot access date.... %s", sprint_hex(foo->slot_access_date, sizeof(foo->slot_access_date))); - PrintAndLogEx(INFO, "Slot dst duration... %u", foo->slot_dst_duration); - PrintAndLogEx(INFO, "Other Slots......... %s", sprint_hex(foo->other_slots, sizeof(foo->other_slots))); - PrintAndLogEx(INFO, "Services counter.... %u", foo->services_counter); - PrintAndLogEx(INFO, "Loading date........ %s", sprint_hex(foo->loading_date, sizeof(foo->loading_date))); - PrintAndLogEx(INFO, "Reserved null....... %u", foo->reserved_null); + PrintAndLogEx(INFO, "Manufacture......... %s", sprint_hex(d->b0, sizeof(d->b0))); + PrintAndLogEx(INFO, "MAD................. %s", sprint_hex(d->mad, sizeof(d->mad))); + PrintAndLogEx(INFO, "Counters............ %u", d->counters); + PrintAndLogEx(INFO, "rtf................. %s", sprint_hex(d->rtf, sizeof(d->rtf))); + PrintAndLogEx(INFO, "Service code........ 0x%08x / %u - " _YELLOW_("%s"), d->service_code, d->service_code, vigik_get_service(d->service_code)); + PrintAndLogEx(INFO, "Info flag........... %u -", d->info_flag); // , sprint_bin(d->info_flag, 1)); + PrintAndLogEx(INFO, "Key version......... %u", d->key_version); + PrintAndLogEx(INFO, "PTR Counter......... %u", d->ptr_counter); + PrintAndLogEx(INFO, "Counter num......... %u", d->counter_num); + PrintAndLogEx(INFO, "Slot access date.... %s", sprint_hex(d->slot_access_date, sizeof(d->slot_access_date))); + PrintAndLogEx(INFO, "Slot dst duration... %u", d->slot_dst_duration); + PrintAndLogEx(INFO, "Other Slots......... %s", sprint_hex(d->other_slots, sizeof(d->other_slots))); + PrintAndLogEx(INFO, "Services counter.... %u", d->services_counter); + PrintAndLogEx(INFO, "Loading date........ %s", sprint_hex(d->loading_date, sizeof(d->loading_date))); + PrintAndLogEx(INFO, "Reserved null....... %u", d->reserved_null); PrintAndLogEx(INFO, "----------------------------------------------------------------"); PrintAndLogEx(INFO, ""); - vigik_verify(d, 96, foo->rsa_signature, sizeof(foo->rsa_signature)); + vigik_verify(d); PrintAndLogEx(INFO, "----------------------------------------------------------------"); PrintAndLogEx(INFO, ""); return PM3_SUCCESS; diff --git a/client/src/mifare/mifarehost.h b/client/src/mifare/mifarehost.h index 0212dd4f0..ccefbbd40 100644 --- a/client/src/mifare/mifarehost.h +++ b/client/src/mifare/mifarehost.h @@ -23,6 +23,7 @@ #include "common.h" #include "util.h" // FILE_PATH_SIZE +#include "protocol_vigik.h" #define MIFARE_SECTOR_RETRY 10 @@ -113,6 +114,6 @@ void mf_crypto1_decrypt(struct Crypto1State *pcs, uint8_t *data, int len, bool i // remove all sector trailers in a MFC dump int convert_mfc_2_arr(uint8_t *in, uint16_t ilen, uint8_t *out, uint16_t *olen); const char *vigik_get_service(uint16_t service_code); -int vigik_verify(uint8_t *uid, uint8_t uidlen, uint8_t *signature, int signature_len); -int vigik_annotate(uint8_t *d); +int vigik_verify(mfc_vigik_t *d); +int vigik_annotate(mfc_vigik_t *d); #endif From 2d58c109ba3480411cf49ba9e24672d4ccfd8a1e Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sat, 14 Jan 2023 23:39:07 +0100 Subject: [PATCH 07/23] ksx6924: use ARRAYLEN --- client/src/ksx6924/ksx6924core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/src/ksx6924/ksx6924core.c b/client/src/ksx6924/ksx6924core.c index 39b390039..307573f74 100644 --- a/client/src/ksx6924/ksx6924core.c +++ b/client/src/ksx6924/ksx6924core.c @@ -99,7 +99,7 @@ typedef struct { KEY_TYPE key, const char* defaultValue) { \ struct _ksx6924_enum_ ## KEY_TYPE *r = bsearch( \ &key, KSX6924_ENUM_ ## NAME, \ - sizeof(KSX6924_ENUM_ ## NAME) / sizeof(KSX6924_ENUM_ ## NAME [0]), \ + ARRAYLEN(KSX6924_ENUM_ ## NAME), \ sizeof(KSX6924_ENUM_ ## NAME [0]), \ _ksx6924_ ## KEY_TYPE ## _enum_compare); \ if (r == NULL) { \ From 8ac8e3d7d0016eac9af4b0519213d457fd5e3d59 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 15 Jan 2023 01:43:38 +0100 Subject: [PATCH 08/23] reduce variable scopes --- armsrc/frozen.c | 10 ++++--- armsrc/hitagS.c | 3 +-- armsrc/iclass.c | 3 +-- armsrc/mifareutil.c | 3 +-- client/src/cmdhf15.c | 4 +-- client/src/cmdhfmf.c | 9 +++---- client/src/cmdhfwaveshare.c | 22 ++++++++-------- client/src/cmdhfxerox.c | 8 +++--- client/src/cmdlfem410x.c | 5 ---- client/src/cmdlfem4x05.c | 13 +++++---- client/src/cmdlft55xx.c | 3 +-- client/src/cmdpiv.c | 3 +-- client/src/cmdtrace.c | 4 +-- client/src/emv/emvcore.c | 11 ++++---- client/src/mifare/desfirecore.c | 2 +- client/src/ui.c | 3 +-- common/cryptorf/cryptolib.c | 3 +-- tools/cryptorf/sma.cpp | 11 ++++---- tools/cryptorf/sma_multi.cpp | 42 ++++++++++++------------------ tools/mf_nonce_brute/iso14443crc.c | 3 +-- tools/mfd_aes_brute/randoms.c | 3 +-- 21 files changed, 71 insertions(+), 97 deletions(-) diff --git a/armsrc/frozen.c b/armsrc/frozen.c index 455d9a3f2..963b0a52b 100644 --- a/armsrc/frozen.c +++ b/armsrc/frozen.c @@ -235,9 +235,10 @@ static int json_get_utf8_char_len(unsigned char ch) { /* string = '"' { quoted_printable_chars } '"' */ static int json_parse_string(struct frozen *f) { - int n, ch = 0, len = 0; + int ch = 0; TRY(json_test_and_skip(f, '"')); { + int len = 0; SET_STATE(f, f->cur, "", 0); for (; f->cur < f->end; f->cur += len) { ch = *(unsigned char *) f->cur; @@ -245,6 +246,7 @@ static int json_parse_string(struct frozen *f) { EXPECT(ch >= 32 && len > 0, JSON_STRING_INVALID); /* No control chars */ EXPECT(len <= json_left(f), JSON_STRING_INCOMPLETE); if (ch == '\\') { + int n; EXPECT((n = json_get_escape_len(f->cur + 1, json_left(f))) > 0, n); len += n; } else if (ch == '"') { @@ -295,17 +297,17 @@ static int json_parse_number(struct frozen *f) { #if JSON_ENABLE_ARRAY /* array = '[' [ value { ',' value } ] ']' */ static int json_parse_array(struct frozen *f) { - int i = 0, current_path_len; - char buf[20]; CALL_BACK(f, JSON_TYPE_ARRAY_START, NULL, 0); TRY(json_test_and_skip(f, '[')); { { + int i = 0; SET_STATE(f, f->cur - 1, "", 0); while (json_cur(f) != ']') { + char buf[20]; snprintf(buf, sizeof(buf), "[%d]", i); i++; - current_path_len = json_append_to_path(f, buf, strlen(buf)); + int current_path_len = json_append_to_path(f, buf, strlen(buf)); f->cur_name = f->path + strlen(f->path) - strlen(buf) + 1 /*opening brace*/; f->cur_name_len = strlen(buf) - 2 /*braces*/; diff --git a/armsrc/hitagS.c b/armsrc/hitagS.c index a4a3630c7..db219bcf2 100644 --- a/armsrc/hitagS.c +++ b/armsrc/hitagS.c @@ -1268,7 +1268,6 @@ void ReadHitagS(hitag_function htf, hitag_data *htd, bool ledcontrol) { uint8_t rx[HITAG_FRAME_LEN]; size_t rxlen = 0; uint8_t tx[HITAG_FRAME_LEN]; - size_t txlen; int t_wait = HITAG_T_WAIT_MAX; @@ -1284,7 +1283,7 @@ void ReadHitagS(hitag_function htf, hitag_data *htd, bool ledcontrol) { WDT_HIT(); //send read request - txlen = 0; + size_t txlen = 0; uint8_t cmd = 0x0c; txlen = concatbits(tx, txlen, &cmd, 8 - 4, 4); uint8_t addr = pageNum; diff --git a/armsrc/iclass.c b/armsrc/iclass.c index a25fbd52c..5a68a8207 100644 --- a/armsrc/iclass.c +++ b/armsrc/iclass.c @@ -1258,7 +1258,6 @@ static bool iclass_send_cmd_with_retries(uint8_t *cmd, size_t cmdsize, uint8_t * uint16_t timeout, uint32_t *eof_time, bool shallow_mod) { uint16_t resp_len = 0; - int res; while (tries-- > 0) { iclass_send_as_reader(cmd, cmdsize, start_time, eof_time, shallow_mod); @@ -1267,7 +1266,7 @@ static bool iclass_send_cmd_with_retries(uint8_t *cmd, size_t cmdsize, uint8_t * return true; } - res = GetIso15693AnswerFromTag(resp, max_resp_size, timeout, eof_time, false, true, &resp_len); + int res = GetIso15693AnswerFromTag(resp, max_resp_size, timeout, eof_time, false, true, &resp_len); if (res == PM3_SUCCESS && expected_size == resp_len) { return true; } diff --git a/armsrc/mifareutil.c b/armsrc/mifareutil.c index fd9d86ccc..5c0905e68 100644 --- a/armsrc/mifareutil.c +++ b/armsrc/mifareutil.c @@ -461,7 +461,6 @@ int mifare_classic_value(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo uint16_t len = 0; uint32_t pos = 0; uint8_t par[3] = {0x00, 0x00, 0x00}; // enough for 18 Bytes to send - uint8_t res = 0; uint8_t d_block[18], d_block_enc[18]; uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE] = {0x00}; @@ -495,7 +494,7 @@ int mifare_classic_value(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo len = ReaderReceive(receivedAnswer, receivedAnswerPar); if (len != 0) { // Something not right, len == 0 (no response is ok as its waiting for transfer - res = 0; + uint8_t res = 0; res |= (crypto1_bit(pcs, 0, 0) ^ BIT(receivedAnswer[0], 0)) << 0; res |= (crypto1_bit(pcs, 0, 0) ^ BIT(receivedAnswer[0], 1)) << 1; res |= (crypto1_bit(pcs, 0, 0) ^ BIT(receivedAnswer[0], 2)) << 2; diff --git a/client/src/cmdhf15.c b/client/src/cmdhf15.c index 84629d56e..c35df7238 100644 --- a/client/src/cmdhf15.c +++ b/client/src/cmdhf15.c @@ -1384,11 +1384,11 @@ static int CmdHF15WriteAfi(const char *Cmd) { // arg0 (datalen, cmd len? .arg0 == crc?) // arg1 (speed == 0 == 1 of 256, == 1 == 1 of 4 ) // arg2 (recv == 1 == expect a response) - uint8_t read_respone = 1; + uint8_t read_response = 1; PacketResponseNG resp; clearCommandBuffer(); - SendCommandMIX(CMD_HF_ISO15693_COMMAND, reqlen, fast, read_respone, req, reqlen); + SendCommandMIX(CMD_HF_ISO15693_COMMAND, reqlen, fast, read_response, req, reqlen); if (WaitForResponseTimeout(CMD_HF_ISO15693_COMMAND, &resp, 2000) == false) { PrintAndLogEx(ERR, "iso15693 timeout"); diff --git a/client/src/cmdhfmf.c b/client/src/cmdhfmf.c index 89cb68023..b00dd5651 100644 --- a/client/src/cmdhfmf.c +++ b/client/src/cmdhfmf.c @@ -3688,8 +3688,6 @@ static int CmdHF14AMfSim(const char *Cmd) { } CLIParserFree(ctx); - nonces_t data[1]; - sector_t *k_sector = NULL; //Validations @@ -3780,7 +3778,7 @@ static int CmdHF14AMfSim(const char *Cmd) { if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) continue; if (!(flags & FLAG_NR_AR_ATTACK)) break; if ((resp.oldarg[0] & 0xffff) != CMD_HF_MIFARE_SIMULATE) break; - + nonces_t data[1]; memcpy(data, resp.data.asBytes, sizeof(data)); readerAttack(k_sector, k_sectorsCount, data[0], setEmulatorMem, verbose); } @@ -7619,7 +7617,6 @@ static int CmdHF14AMfValue(const char *Cmd) { int64_t decval = (int64_t)arg_get_u64_def(ctx, 5, -1); // Inc by -1 is invalid, so not set. int64_t setval = (int64_t)arg_get_u64_def(ctx, 6, 0x7FFFFFFFFFFFFFFF); // out of bounds (for int32) so not set bool getval = arg_get_lit(ctx, 7); - uint8_t block[MFBLOCK_SIZE] = {0x00}; int dlen = 0; uint8_t data[16] = {0}; CLIGetHexWithReturn(ctx, 9, data, &dlen); @@ -7627,7 +7624,6 @@ static int CmdHF14AMfValue(const char *Cmd) { uint8_t action = 3; // 0 Increment, 1 - Decrement, 2 - Set, 3 - Get, 4 - Decode from data uint32_t value = 0; - uint8_t isok = true; // Need to check we only have 1 of inc/dec/set and get the value from the selected option int optionsprovided = 0; @@ -7683,11 +7679,12 @@ static int CmdHF14AMfValue(const char *Cmd) { } if (action < 3) { - + uint8_t isok = true; if (g_session.pm3_present == false) return PM3_ENOTTY; if (action <= 1) { // increment/decrement value + uint8_t block[MFBLOCK_SIZE] = {0x00}; memcpy(block, (uint8_t *)&value, 4); uint8_t cmddata[26]; memcpy(cmddata, key, sizeof(key)); // Key == 6 data went to 10, so lets offset 9 for inc/dec diff --git a/client/src/cmdhfwaveshare.c b/client/src/cmdhfwaveshare.c index ae2f74582..78c6ef825 100644 --- a/client/src/cmdhfwaveshare.c +++ b/client/src/cmdhfwaveshare.c @@ -660,7 +660,6 @@ static int start_drawing_1in54B(uint8_t model_nr, uint8_t *black, uint8_t *red) } static int start_drawing(uint8_t model_nr, uint8_t *black, uint8_t *red) { - uint8_t progress; uint8_t step0[2] = {0xcd, 0x0d}; uint8_t step1[3] = {0xcd, 0x00, 10}; // select e-paper type and reset e-paper // 4 :2.13inch e-Paper @@ -687,7 +686,7 @@ static int start_drawing(uint8_t model_nr, uint8_t *black, uint8_t *red) { // uint8_t step13[2]={0xcd,0x0b}; // Judge whether the power supply is turned off successfully // uint8_t step14[2]={0xcd,0x0c}; // The end of the transmission uint8_t rx[20]; - uint16_t actrxlen[20], i; + uint16_t actrxlen[20]; clearCommandBuffer(); SendCommandMIX(CMD_HF_ISO14443A_READER, ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0, NULL, 0); @@ -812,6 +811,7 @@ static int start_drawing(uint8_t model_nr, uint8_t *black, uint8_t *red) { } // 1.54B Data transfer is complete and wait for refresh } else { + uint8_t progress; PrintAndLogEx(DEBUG, "Step5: e-paper config2"); ret = transceive_blocking(step5, 2, rx, 20, actrxlen, true); // cd 05 if (ret != PM3_SUCCESS) { @@ -831,7 +831,7 @@ static int start_drawing(uint8_t model_nr, uint8_t *black, uint8_t *red) { } PrintAndLogEx(DEBUG, "Step8: Start data transfer"); if (model_nr == M2in13) { // 2.13inch - for (i = 0; i < 250; i++) { + for (uint16_t i = 0; i < 250; i++) { read_black(i, step8, model_nr, black); ret = transceive_blocking(step8, 19, rx, 20, actrxlen, true); // cd 08 if (ret != PM3_SUCCESS) { @@ -841,7 +841,7 @@ static int start_drawing(uint8_t model_nr, uint8_t *black, uint8_t *red) { PrintAndLogEx(INPLACE, "Progress: %d %%", progress); } } else if (model_nr == M2in9) { - for (i = 0; i < 296; i++) { + for (uint16_t i = 0; i < 296; i++) { read_black(i, step8, model_nr, black); ret = transceive_blocking(step8, 19, rx, 20, actrxlen, true); // cd 08 if (ret != PM3_SUCCESS) { @@ -851,7 +851,7 @@ static int start_drawing(uint8_t model_nr, uint8_t *black, uint8_t *red) { PrintAndLogEx(INPLACE, "Progress: %d %%", progress); } } else if (model_nr == M4in2) { //4.2inch - for (i = 0; i < 150; i++) { + for (uint16_t i = 0; i < 150; i++) { read_black(i, step8, model_nr, black); ret = transceive_blocking(step8, 103, rx, 20, actrxlen, true); // cd 08 if (ret != PM3_SUCCESS) { @@ -861,7 +861,7 @@ static int start_drawing(uint8_t model_nr, uint8_t *black, uint8_t *red) { PrintAndLogEx(INPLACE, "Progress: %d %%", progress); } } else if (model_nr == M7in5) { //7.5inch - for (i = 0; i < 400; i++) { + for (uint16_t i = 0; i < 400; i++) { read_black(i, step8, model_nr, black); ret = transceive_blocking(step8, 123, rx, 20, actrxlen, true); // cd 08 if (ret != PM3_SUCCESS) { @@ -872,7 +872,7 @@ static int start_drawing(uint8_t model_nr, uint8_t *black, uint8_t *red) { msleep(6); } } else if (model_nr == M2in13B) { //2.13inch B - for (i = 0; i < 26; i++) { + for (uint16_t i = 0; i < 26; i++) { read_black(i, step8, model_nr, black); ret = transceive_blocking(step8, 109, rx, 20, actrxlen, false); // cd 08 if (ret != PM3_SUCCESS) { @@ -883,7 +883,7 @@ static int start_drawing(uint8_t model_nr, uint8_t *black, uint8_t *red) { } } else if (model_nr == M7in5HD) { //7.5HD - for (i = 0; i < 484; i++) { + for (uint16_t i = 0; i < 484; i++) { read_black(i, step8, model_nr, black); //memset(&step8[3], 0xf0, 120); ret = transceive_blocking(step8, 123, rx, 20, actrxlen, true); // cd 08 @@ -899,7 +899,7 @@ static int start_drawing(uint8_t model_nr, uint8_t *black, uint8_t *red) { return ret; } } else if (model_nr == M2in7) { //2.7inch - for (i = 0; i < 48; i++) { + for (uint16_t i = 0; i < 48; i++) { //read_black(i,step8, model_nr, black); memset(&step8[3], 0xFF, sizeof(step8) - 3); ret = transceive_blocking(step8, 124, rx, 20, actrxlen, true); // cd 08 @@ -925,7 +925,7 @@ static int start_drawing(uint8_t model_nr, uint8_t *black, uint8_t *red) { } PrintAndLogEx(DEBUG, "Step9b"); if (model_nr == M2in7) { - for (i = 0; i < 48; i++) { + for (uint16_t i = 0; i < 48; i++) { read_black(i, step13, model_nr, black); ret = transceive_blocking(step13, 124, rx, 20, actrxlen, true); //CD 19 if (ret != PM3_SUCCESS) { @@ -935,7 +935,7 @@ static int start_drawing(uint8_t model_nr, uint8_t *black, uint8_t *red) { PrintAndLogEx(INPLACE, "Progress: %d %%", progress); } } else if (model_nr == M2in13B) { - for (i = 0; i < 26; i++) { + for (uint16_t i = 0; i < 26; i++) { read_red(i, step13, model_nr, red); //memset(&step13[3], 0xfE, 106); ret = transceive_blocking(step13, 109, rx, 20, actrxlen, false); diff --git a/client/src/cmdhfxerox.c b/client/src/cmdhfxerox.c index 9ba1577da..fec69855e 100644 --- a/client/src/cmdhfxerox.c +++ b/client/src/cmdhfxerox.c @@ -202,7 +202,7 @@ void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) { void RC2_encrypt(unsigned long *d, RC2_KEY *key) { int i, n; register RC2_INT *p0, *p1; - register RC2_INT x0, x1, x2, x3, t; + register RC2_INT x0, x1, x2, x3; unsigned long l; l = d[0]; @@ -217,7 +217,7 @@ void RC2_encrypt(unsigned long *d, RC2_KEY *key) { p0 = p1 = &(key->data[0]); for (;;) { - t = (x0 + (x1 & ~x3) + (x2 & x3) + * (p0++)) & 0xffff; + register RC2_INT t = (x0 + (x1 & ~x3) + (x2 & x3) + * (p0++)) & 0xffff; x0 = (t << 1) | (t >> 15); t = (x1 + (x2 & ~x0) + (x3 & x0) + * (p0++)) & 0xffff; x1 = (t << 2) | (t >> 14); @@ -244,7 +244,7 @@ void RC2_encrypt(unsigned long *d, RC2_KEY *key) { void RC2_decrypt(unsigned long *d, RC2_KEY *key) { int i, n; register RC2_INT *p0, *p1; - register RC2_INT x0, x1, x2, x3, t; + register RC2_INT x0, x1, x2, x3; unsigned long l; l = d[0]; @@ -260,7 +260,7 @@ void RC2_decrypt(unsigned long *d, RC2_KEY *key) { p0 = &(key->data[63]); p1 = &(key->data[0]); for (;;) { - t = ((x3 << 11) | (x3 >> 5)) & 0xffff; + register RC2_INT t = ((x3 << 11) | (x3 >> 5)) & 0xffff; x3 = (t - (x0 & ~x2) - (x1 & x2) - * (p0--)) & 0xffff; t = ((x2 << 13) | (x2 >> 3)) & 0xffff; x2 = (t - (x3 & ~x1) - (x0 & x1) - * (p0--)) & 0xffff; diff --git a/client/src/cmdlfem410x.c b/client/src/cmdlfem410x.c index ef9caf959..ea502fc07 100644 --- a/client/src/cmdlfem410x.c +++ b/client/src/cmdlfem410x.c @@ -672,11 +672,6 @@ static int CmdEM410xClone(const char *Cmd) { return PM3_EINVARG; } - char cardtype[16] = {"T55x7"}; - if (q5) { - snprintf(cardtype, sizeof(cardtype), "Q5/T5555"); - } - PrintAndLogEx(SUCCESS, "Preparing to clone EM4102 to " _YELLOW_("%s") " tag with EM Tag ID " _GREEN_("%010" PRIX64) " (RF/%d)", q5 ? "Q5/T5555" : (em ? "EM4305/4469" : "T55x7"), id, clk); struct { diff --git a/client/src/cmdlfem4x05.c b/client/src/cmdlfem4x05.c index 8e6110c62..cff7203d2 100644 --- a/client/src/cmdlfem4x05.c +++ b/client/src/cmdlfem4x05.c @@ -2025,10 +2025,8 @@ int CmdEM4x05Sniff(const char *Cmd) { size_t idx = 0; // loop though sample buffer while (idx < g_GraphTraceLen) { - bool eop = false; bool haveData = false; bool pwd = false; - uint32_t tmpValue; idx = em4x05_Sniff_GetNextBitStart(idx, g_GraphTraceLen, g_GraphBuffer, &pulseSamples); size_t pktOffset = idx; @@ -2044,6 +2042,7 @@ int CmdEM4x05Sniff(const char *Cmd) { memset(bits.ptr, 0, bits.size); bits.idx = 0; + bool eop = false; while ((idx < g_GraphTraceLen) && !eop) { CycleWidth = idx; idx = em4x05_Sniff_GetNextBitStart(idx, g_GraphTraceLen, g_GraphBuffer, &pulseSamples); @@ -2081,7 +2080,7 @@ int CmdEM4x05Sniff(const char *Cmd) { pwd = true; cmdText = "Logon"; strncpy(blkAddr, " ", sizeof(blkAddr)); - tmpValue = em4x05_Sniff_GetBlock(&bits.ptr[4], fwd); + uint32_t tmpValue = em4x05_Sniff_GetBlock(&bits.ptr[4], fwd); snprintf(dataText, sizeof(dataText), "%08X", tmpValue); } @@ -2089,7 +2088,7 @@ int CmdEM4x05Sniff(const char *Cmd) { if ((strncmp(bits.ptr, "0101", 4) == 0) && (bits.idx == 56)) { haveData = true; cmdText = "Write"; - tmpValue = (bits.ptr[4] - '0') + ((bits.ptr[5] - '0') << 1) + ((bits.ptr[6] - '0') << 2) + ((bits.ptr[7] - '0') << 3); + uint32_t tmpValue = (bits.ptr[4] - '0') + ((bits.ptr[5] - '0') << 1) + ((bits.ptr[6] - '0') << 2) + ((bits.ptr[7] - '0') << 3); snprintf(blkAddr, sizeof(blkAddr), "%u", tmpValue); if (tmpValue == 2) { pwd = true; @@ -2103,7 +2102,7 @@ int CmdEM4x05Sniff(const char *Cmd) { haveData = true; pwd = false; cmdText = "Read"; - tmpValue = (bits.ptr[4] - '0') + ((bits.ptr[5] - '0') << 1) + ((bits.ptr[6] - '0') << 2) + ((bits.ptr[7] - '0') << 3); + uint32_t tmpValue = (bits.ptr[4] - '0') + ((bits.ptr[5] - '0') << 1) + ((bits.ptr[6] - '0') << 2) + ((bits.ptr[7] - '0') << 3); snprintf(blkAddr, sizeof(blkAddr), "%u", tmpValue); strncpy(dataText, " ", sizeof(dataText)); } @@ -2114,7 +2113,7 @@ int CmdEM4x05Sniff(const char *Cmd) { pwd = false; cmdText = "Protect"; strncpy(blkAddr, " ", sizeof(blkAddr)); - tmpValue = em4x05_Sniff_GetBlock(&bits.ptr[11], fwd); + uint32_t tmpValue = em4x05_Sniff_GetBlock(&bits.ptr[11], fwd); snprintf(dataText, sizeof(dataText), "%08X", tmpValue); } @@ -2124,7 +2123,7 @@ int CmdEM4x05Sniff(const char *Cmd) { pwd = false; cmdText = "Disable"; strncpy(blkAddr, " ", sizeof(blkAddr)); - tmpValue = em4x05_Sniff_GetBlock(&bits.ptr[11], fwd); + uint32_t tmpValue = em4x05_Sniff_GetBlock(&bits.ptr[11], fwd); snprintf(dataText, sizeof(dataText), "%08X", tmpValue); } diff --git a/client/src/cmdlft55xx.c b/client/src/cmdlft55xx.c index ba3df4088..f1cb773fb 100644 --- a/client/src/cmdlft55xx.c +++ b/client/src/cmdlft55xx.c @@ -4011,7 +4011,6 @@ static int CmdT55xxSniff(const char *Cmd) { size_t idx = 0; uint32_t usedPassword, blockData; int pulseSamples = 0, pulseIdx = 0; - const char *modeText; char pwdText[100]; char dataText[100]; int pulseBuffer[80] = { 0 }; // max should be 73 +/- - Holds Pulse widths @@ -4037,7 +4036,7 @@ static int CmdT55xxSniff(const char *Cmd) { int maxWidth = 0; data[0] = 0; bool have_data = false; - modeText = "Default"; + const char *modeText = "Default"; strncpy(pwdText, " ", sizeof(pwdText)); strncpy(dataText, " ", sizeof(dataText)); diff --git a/client/src/cmdpiv.c b/client/src/cmdpiv.c index 12b217ebc..dc6584f40 100644 --- a/client/src/cmdpiv.c +++ b/client/src/cmdpiv.c @@ -940,9 +940,8 @@ static int CmdPIVScan(const char *Cmd) { memcpy(applet_id, PIV_APPLET, sizeof(PIV_APPLET)); aid_len = sizeof(PIV_APPLET); } - int res = 0; if (activateField == true) { - res = PivSelect(channel, activateField, true, decodeTLV, true, applet_id, aid_len); + int res = PivSelect(channel, activateField, true, decodeTLV, true, applet_id, aid_len); if (res != PM3_SUCCESS) { if (leaveSignalON == false) { DropFieldEx(channel); diff --git a/client/src/cmdtrace.c b/client/src/cmdtrace.c index af97e8466..d3096307a 100644 --- a/client/src/cmdtrace.c +++ b/client/src/cmdtrace.c @@ -485,8 +485,6 @@ static uint16_t printTraceLine(uint16_t tracepos, uint16_t traceLen, uint8_t *tr uint32_t end_of_transmission_timestamp = 0; uint8_t topaz_reader_command[9]; char explanation[40] = {0}; - uint8_t mfData[32] = {0}; - size_t mfDataLen = 0; tracelog_hdr_t *first_hdr = (tracelog_hdr_t *)(trace); tracelog_hdr_t *hdr = (tracelog_hdr_t *)(trace + tracepos); @@ -871,6 +869,8 @@ static uint16_t printTraceLine(uint16_t tracepos, uint16_t traceLen, uint8_t *tr } if (protocol == PROTO_MIFARE) { + uint8_t mfData[32] = {0}; + size_t mfDataLen = 0; if (DecodeMifareData(frame, data_len, parityBytes, hdr->isResponse, mfData, &mfDataLen, mfDicKeys, mfDicKeysCount)) { memset(explanation, 0x00, sizeof(explanation)); annotateIso14443a(explanation, sizeof(explanation), mfData, mfDataLen, hdr->isResponse); diff --git a/client/src/emv/emvcore.c b/client/src/emv/emvcore.c index 34aa4d4be..fbc59b1c0 100644 --- a/client/src/emv/emvcore.c +++ b/client/src/emv/emvcore.c @@ -381,8 +381,6 @@ static int EMVCheckAID(Iso7816CommandChannel channel, bool decodeTLV, struct tlv int EMVSearchPSE(Iso7816CommandChannel channel, bool ActivateField, bool LeaveFieldON, uint8_t PSENum, bool decodeTLV, struct tlvdb *tlv) { uint8_t data[APDU_RES_LEN] = {0}; size_t datalen = 0; - uint8_t sfidata[0x11][APDU_RES_LEN]; - size_t sfidatalen[0x11] = {0}; uint16_t sw = 0; int res; const char *PSE_or_PPSE = PSENum == 1 ? "PSE" : "PPSE"; @@ -402,6 +400,8 @@ int EMVSearchPSE(Iso7816CommandChannel channel, bool ActivateField, bool LeaveFi // PSE/PPSE with SFI struct tlvdb *tsfi = tlvdb_find_path(t, (tlv_tag_t[]) {0x6f, 0xa5, 0x88, 0x00}); if (tsfi) { + uint8_t sfidata[0x11][APDU_RES_LEN]; + size_t sfidatalen[0x11] = {0}; uint8_t sfin = 0; tlv_get_uint8(tlvdb_get_tlv(tsfi), &sfin); PrintAndLogEx(INFO, "* PPSE get SFI: 0x%02x.", sfin); @@ -669,10 +669,6 @@ static const unsigned char default_ddol_value[] = {0x9f, 0x37, 0x04}; static struct tlv default_ddol_tlv = {.tag = 0x9f49, .len = 3, .value = default_ddol_value }; int trDDA(Iso7816CommandChannel channel, bool decodeTLV, struct tlvdb *tlv) { - uint8_t buf[APDU_RES_LEN] = {0}; - size_t len = 0; - uint16_t sw = 0; - struct emv_pk *pk = get_ca_pk(tlv); if (!pk) { PrintAndLogEx(ERR, "Error: Key not found, exiting"); @@ -767,6 +763,9 @@ int trDDA(Iso7816CommandChannel channel, bool decodeTLV, struct tlvdb *tlv) { tlvdb_free(atc_db); } else { + uint8_t buf[APDU_RES_LEN] = {0}; + size_t len = 0; + uint16_t sw = 0; struct tlvdb *dac_db = emv_pki_recover_dac(issuer_pk, tlv, sda_tlv); if (dac_db) { const struct tlv *dac_tlv = tlvdb_get(dac_db, 0x9f45, NULL); diff --git a/client/src/mifare/desfirecore.c b/client/src/mifare/desfirecore.c index 3e002a7ef..9c3326f83 100644 --- a/client/src/mifare/desfirecore.c +++ b/client/src/mifare/desfirecore.c @@ -2301,9 +2301,9 @@ static const char *GetDesfireKeyType(uint8_t keytype) { } const char *GetDesfireAccessRightStr(uint8_t right) { - static char int_access_str[200]; if (right <= 0x0d) { + static char int_access_str[200]; snprintf(int_access_str, sizeof(int_access_str), "key 0x%02x", right); return int_access_str; } diff --git a/client/src/ui.c b/client/src/ui.c index d9f4514cf..2281497c1 100644 --- a/client/src/ui.c +++ b/client/src/ui.c @@ -531,12 +531,11 @@ void memcpy_filter_emoji(void *dest, const void *src, size_t n, emojiMode_t mode uint8_t emojified_token_length = 0; char *current_token = NULL; uint8_t current_token_length = 0; - char current_char; char *rdest = (char *)dest; char *rsrc = (char *)src; uint16_t si = 0; for (size_t i = 0; i < n; i++) { - current_char = rsrc[i]; + char current_char = rsrc[i]; if (current_token_length == 0) { // starting a new token. diff --git a/common/cryptorf/cryptolib.c b/common/cryptorf/cryptolib.c index eded5315c..b4abbdd54 100644 --- a/common/cryptorf/cryptolib.c +++ b/common/cryptorf/cryptolib.c @@ -280,7 +280,6 @@ void cm_auth(const uint8_t *Gc, const uint8_t *Ci, const uint8_t *Q, uint8_t *Ch static void cm_crypt(const CryptoAction ca, const uint8_t offset, const uint8_t len, const uint8_t *in, uint8_t *out, crypto_state s) { size_t pos; - uint8_t bt; next_n(true, 5, 0, s); next(true, offset, s); @@ -288,7 +287,7 @@ static void cm_crypt(const CryptoAction ca, const uint8_t offset, const uint8_t next(true, len, s); for (pos = 0; pos < len; pos++) { // Perform the crypto operation - bt = in[pos] ^ cm_byte(s); + uint8_t bt = in[pos] ^ cm_byte(s); // Generate output if (out) out[pos] = bt; diff --git a/tools/cryptorf/sma.cpp b/tools/cryptorf/sma.cpp index eb9cf3c9d..d15b0e6a2 100644 --- a/tools/cryptorf/sma.cpp +++ b/tools/cryptorf/sma.cpp @@ -331,11 +331,10 @@ static inline uint8_t next_right_fast(uint8_t in, uint64_t *right) { static inline void sm_left_mask(const uint8_t *ks, uint8_t *mask, uint64_t rstate) { size_t pos; - uint8_t bt; for (pos = 0; pos < 16; pos++) { next_right_fast(0, &rstate); - bt = next_right_fast(0, &rstate) << 4; + uint8_t bt = next_right_fast(0, &rstate) << 4; next_right_fast(0, &rstate); bt |= next_right_fast(0, &rstate); @@ -349,7 +348,7 @@ static inline void sm_left_mask(const uint8_t *ks, uint8_t *mask, uint64_t rstat static inline uint32_t sm_right(const uint8_t *ks, uint8_t *mask, vector *pcrstates) { uint8_t tmp_mask[16]; - size_t pos, bits, bit, topbits; + size_t pos, bit, topbits; uint64_t rstate, counter; map bincstates; map::iterator it; @@ -358,7 +357,7 @@ static inline uint32_t sm_right(const uint8_t *ks, uint8_t *mask, vector *pcstates) { map bincstates; map::iterator it; - uint64_t counter, lstate; + uint64_t counter; size_t pos, bits, bit; uint8_t correct_bits[16]; uint8_t bt; @@ -526,7 +525,7 @@ static inline void sm_left(const uint8_t *ks, const uint8_t *mask, vector state.invalid = false; for (counter = 0; counter < 0x800000000ull; counter++) { - lstate = counter; + uint64_t lstate = counter; for (pos = 0; pos < 16; pos++) { lstate = (((lstate) >> 5) | ((uint64_t)left_addition[((lstate) & 0xf801f)] << 30)); diff --git a/tools/cryptorf/sma_multi.cpp b/tools/cryptorf/sma_multi.cpp index 577811f64..f7047d977 100644 --- a/tools/cryptorf/sma_multi.cpp +++ b/tools/cryptorf/sma_multi.cpp @@ -199,18 +199,15 @@ static lookup_entry lookup_right[0x8000]; static uint8_t left_addition[0x100000]; static inline void init_lookup_left() { - uint8_t b3, b6, temp; - int i, index; - - for (i = 0; i < 0x400; i++) { - b6 = i & 0x1f; - b3 = (i >> 5) & 0x1f; - index = (b3 << 15) | b6; + for (int i = 0; i < 0x400; i++) { + uint8_t b6 = i & 0x1f; + uint8_t b3 = (i >> 5) & 0x1f; + int index = (b3 << 15) | b6; // b6 = bit_rotate_l(b6, 5); b6 = BIT_ROL(b6); - temp = mod(b3 + b6, 0x1f); + uint8_t temp = mod(b3 + b6, 0x1f); left_addition[index] = temp; lookup_left[index].addition = temp; lookup_left[index].out = ((temp ^ b3) & 0x0f); @@ -218,15 +215,12 @@ static inline void init_lookup_left() { } static inline void init_lookup_right() { - uint8_t b16, b18, temp; - int i, index; + for (int i = 0; i < 0x400; i++) { + uint8_t b18 = i & 0x1f; + uint8_t b16 = (i >> 5) & 0x1f; + int index = (b16 << 10) | b18; - for (i = 0; i < 0x400; i++) { - b18 = i & 0x1f; - b16 = (i >> 5) & 0x1f; - index = (b16 << 10) | b18; - - temp = mod(b18 + b16, 0x1f); + uint8_t temp = mod(b18 + b16, 0x1f); lookup_right[index].addition = temp; lookup_right[index].out = ((temp ^ b16) & 0x0f); } @@ -589,23 +583,21 @@ static void ice_sm_left(const uint8_t *ks, uint8_t *mask, vector *pcstates static inline uint32_t sm_right(const uint8_t *ks, uint8_t *mask, vector *pcrstates) { uint8_t tmp_mask[16]; - size_t pos, bits, bit, topbits; + size_t topbits = 0; map bincstates; map::iterator it; - uint8_t bt; - topbits = 0; for (uint64_t counter = 0; counter < 0x2000000; counter++) { // Reset the current bitcount of correct bits - bits = 0; + size_t bits = 0; // Copy the state we are going to test uint64_t rstate = counter; - for (pos = 0; pos < 16; pos++) { + for (size_t pos = 0; pos < 16; pos++) { next_right_fast(0, &rstate); - bt = next_right_fast(0, &rstate) << 4; + uint8_t bt = next_right_fast(0, &rstate) << 4; next_right_fast(0, &rstate); bt |= next_right_fast(0, &rstate); @@ -615,7 +607,7 @@ static inline uint32_t sm_right(const uint8_t *ks, uint8_t *mask, vector>= 1; @@ -744,7 +736,7 @@ static inline void search_gc_candidates_right(const uint64_t rstate_before_gc, c static inline void sm_left(const uint8_t *ks, const uint8_t *mask, vector *pcstates) { map bincstates; map::iterator it; - uint64_t counter, lstate; + uint64_t counter; size_t pos, bits; uint8_t correct_bits[16]; uint8_t bt; @@ -756,7 +748,7 @@ static inline void sm_left(const uint8_t *ks, const uint8_t *mask, vector state.invalid = false; for (counter = 0; counter < 0x800000000ull; counter++) { - lstate = counter; + uint64_t lstate = counter; for (pos = 0; pos < 16; pos++) { diff --git a/tools/mf_nonce_brute/iso14443crc.c b/tools/mf_nonce_brute/iso14443crc.c index 60631f4fb..c5acbb9be 100644 --- a/tools/mf_nonce_brute/iso14443crc.c +++ b/tools/mf_nonce_brute/iso14443crc.c @@ -20,11 +20,10 @@ void ComputeCrc14443(int CrcType, const unsigned char *Data, int Length, unsigned char *TransmitFirst, unsigned char *TransmitSecond) { - unsigned char chBlock; unsigned short wCrc = CrcType; do { - chBlock = *Data++; + unsigned char chBlock = *Data++; UpdateCrc14443(chBlock, &wCrc); } while (--Length); diff --git a/tools/mfd_aes_brute/randoms.c b/tools/mfd_aes_brute/randoms.c index c957350ec..523366d9d 100644 --- a/tools/mfd_aes_brute/randoms.c +++ b/tools/mfd_aes_brute/randoms.c @@ -68,13 +68,12 @@ void make_key_turbopascal_n(uint32_t seed, uint8_t key[], const size_t keylen) { void make_key_posix_rand_r_n(uint32_t seed, uint8_t key[], const size_t keylen) { uint32_t lseed = seed; - int result; for (int i = 0; i < keylen; i++) { lseed *= 1103515245; lseed += 12345; - result = (uint16_t)(lseed / 0x10000) % 2048; + int result = (uint16_t)(lseed / 0x10000) % 2048; lseed *= 1103515245; lseed += 12345; From 3936afcca99f716cc63928fbebd0271a51ed3046 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 15 Jan 2023 01:48:45 +0100 Subject: [PATCH 09/23] cppcheck divide by zero --- tools/cryptorf/sma_multi.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tools/cryptorf/sma_multi.cpp b/tools/cryptorf/sma_multi.cpp index f7047d977..c4e61e37e 100644 --- a/tools/cryptorf/sma_multi.cpp +++ b/tools/cryptorf/sma_multi.cpp @@ -165,6 +165,9 @@ void print_cs(const char *text, pcs s) { } static inline uint8_t mod(uint8_t a, uint8_t m) { + if (m==0) { + return 0; // Actually, divide by zero error + } // Just return the input when this is less or equal than the modular value if (a < m) return a; From 857f0c0d9bce056acbca828155f93a3faa712dec Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 15 Jan 2023 01:50:44 +0100 Subject: [PATCH 10/23] cppcheck fix returnNonBoolInBooleanFunction --- client/src/cmdhfmf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/src/cmdhfmf.c b/client/src/cmdhfmf.c index b00dd5651..dfac4dbee 100644 --- a/client/src/cmdhfmf.c +++ b/client/src/cmdhfmf.c @@ -369,7 +369,7 @@ static bool mf_write_block(const uint8_t *key, uint8_t keytype, uint8_t blockno, PacketResponseNG resp; if (WaitForResponseTimeout(CMD_ACK, &resp, 1500) == false) { PrintAndLogEx(FAILED, "Command execute timeout"); - return PM3_ETIMEOUT; + return false; } return (resp.oldarg[0] & 0xff); From b8458322e15deb33f143ec170427a380434bbf75 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 15 Jan 2023 01:52:30 +0100 Subject: [PATCH 11/23] cppcheck fix null pointer dereference --- client/src/cmdhw.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/src/cmdhw.c b/client/src/cmdhw.c index f10fa8330..0efa5eafe 100644 --- a/client/src/cmdhw.c +++ b/client/src/cmdhw.c @@ -592,12 +592,12 @@ static int CmdLCD(const char *Cmd) { arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); - CLIParserFree(ctx); int r_len = 0; uint8_t raw[1] = {0}; CLIGetHexWithReturn(ctx, 1, raw, &r_len); int j = arg_get_int_def(ctx, 2, 1); + CLIParserFree(ctx); if (j < 1) { PrintAndLogEx(WARNING, "Count must be larger than zero"); return PM3_EINVARG; From 127aebd8b0e540d0b136b6e858c9abdca52356a1 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 15 Jan 2023 01:54:10 +0100 Subject: [PATCH 12/23] cppcheck fix uninitialized variable --- client/src/cmdlfparadox.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/src/cmdlfparadox.c b/client/src/cmdlfparadox.c index bbd6cd205..a2fa50f11 100644 --- a/client/src/cmdlfparadox.c +++ b/client/src/cmdlfparadox.c @@ -263,7 +263,7 @@ static int CmdParadoxClone(const char *Cmd) { return PM3_EINVARG; } - uint32_t blocks[4]; + uint32_t blocks[4] = {0}; if (raw_len != 0) { if (raw_len != 12) { From c2eb6395e242986c10155e1917614e6c1dfce112 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 15 Jan 2023 01:55:29 +0100 Subject: [PATCH 13/23] cppcheck clarify boolean result used in bitwise operation --- client/src/cmdhftexkom.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/src/cmdhftexkom.c b/client/src/cmdhftexkom.c index 88add72d6..2b54480ca 100644 --- a/client/src/cmdhftexkom.c +++ b/client/src/cmdhftexkom.c @@ -311,7 +311,7 @@ static bool TexcomTK15Decode(uint32_t *implengths, uint32_t implengthslen, char bool prevbit = (implengths[implengthslen - 3] > implengths[implengthslen - 2]); bool thesamebit = (abs(lastimplen - (int)implengths[implengthslen - 3]) < abs(lastimplen - (int)implengths[implengthslen - 2])); - if (prevbit ^ !thesamebit) { + if (prevbit ^ (!thesamebit)) { strcat(bitstring, "10"); strcat(cbitstring, "1"); } else { From 17d7fb8abb600ae6e7a7675efe7892726f11fe38 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 15 Jan 2023 01:58:57 +0100 Subject: [PATCH 14/23] cppcheck test unsigned less than zero --- armsrc/felica.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/armsrc/felica.c b/armsrc/felica.c index 3cf75a0b4..0a74a30cc 100644 --- a/armsrc/felica.c +++ b/armsrc/felica.c @@ -298,7 +298,7 @@ static uint8_t felica_select_card(felica_card_select_t *card) { // 8-byte IDm, number of blocks, blocks numbers // number of blocks limited to 4 for FelicaLite(S) static void BuildFliteRdblk(const uint8_t *idm, uint8_t blocknum, const uint16_t *blocks) { - if (blocknum > 4 || blocknum <= 0) + if (blocknum > 4 || blocknum == 0) Dbprintf("Invalid number of blocks, %d != 4", blocknum); uint8_t c = 0, i = 0; From eb23028514e301d878358bf11ce31210517888fc Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 15 Jan 2023 02:02:25 +0100 Subject: [PATCH 15/23] cppcheck: add test to avoid dereferncing null pointer --- client/src/iso7816/apduinfo.c | 3 ++- tools/hitag2crack/common/ht2crackutils.c | 2 ++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/client/src/iso7816/apduinfo.c b/client/src/iso7816/apduinfo.c index b2d879b78..b7d77aca9 100644 --- a/client/src/iso7816/apduinfo.c +++ b/client/src/iso7816/apduinfo.c @@ -440,7 +440,8 @@ int APDUDecode(uint8_t *data, int len, APDU_t *apdu) { int APDUEncode(APDU_t *apdu, uint8_t *data, int *len) { if (len) *len = 0; - + if (apdu == NULL) + return 1; if (apdu->le > 0x10000) return 1; diff --git a/tools/hitag2crack/common/ht2crackutils.c b/tools/hitag2crack/common/ht2crackutils.c index cfac2bfd8..492676724 100644 --- a/tools/hitag2crack/common/ht2crackutils.c +++ b/tools/hitag2crack/common/ht2crackutils.c @@ -141,6 +141,8 @@ int fnf(uint64_t s) { // builds the lfsr for the prng (quick calcs for hitag2_nstep()) void buildlfsr(Hitag_State *hstate) { + if (hstate == NULL) + return; uint64_t state = hstate->shiftreg; uint64_t temp = state ^ (state >> 1); hstate->lfsr = state ^ (state >> 6) ^ (state >> 16) From 0a19c3e8917f9fa8d157b60afa7a27cf0e784af5 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 15 Jan 2023 02:05:58 +0100 Subject: [PATCH 16/23] cppcheck remove redundant continue as last loop statement --- client/deps/hardnested/hardnested_bf_core.c | 1 - 1 file changed, 1 deletion(-) diff --git a/client/deps/hardnested/hardnested_bf_core.c b/client/deps/hardnested/hardnested_bf_core.c index 64b0696aa..63eba8eba 100644 --- a/client/deps/hardnested/hardnested_bf_core.c +++ b/client/deps/hardnested/hardnested_bf_core.c @@ -530,7 +530,6 @@ stop_tests: bucket_states_tested += bucket_size[block_idx]; // prepare to set new states state_p = &states[KEYSTREAM_SIZE]; - continue; } } out: From 048291dcb3ea6580699ff48b8d5614cbeb4ec3b0 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 15 Jan 2023 02:12:19 +0100 Subject: [PATCH 17/23] cppcheck: can add const on some params --- client/src/cmdhfmfdes.c | 4 ++-- client/src/cmdhftopaz.c | 2 +- client/src/util.c | 2 +- client/src/util.h | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/client/src/cmdhfmfdes.c b/client/src/cmdhfmfdes.c index f3da73c2c..00c6306e7 100644 --- a/client/src/cmdhfmfdes.c +++ b/client/src/cmdhfmfdes.c @@ -306,7 +306,7 @@ static nxp_cardtype_t getCardType(uint8_t major, uint8_t minor) { } // ref: https://www.nxp.com/docs/en/application-note/AN12343.pdf p7 -static nxp_producttype_t getProductType(uint8_t *versionhw) { +static nxp_producttype_t getProductType(const uint8_t *versionhw) { uint8_t product = versionhw[2]; @@ -323,7 +323,7 @@ static nxp_producttype_t getProductType(uint8_t *versionhw) { return DESFIRE_UNKNOWN_PROD; } -static const char *getProductTypeStr(uint8_t *versionhw) { +static const char *getProductTypeStr(const uint8_t *versionhw) { uint8_t product = versionhw[2]; diff --git a/client/src/cmdhftopaz.c b/client/src/cmdhftopaz.c index a59cd02be..6311b50ed 100644 --- a/client/src/cmdhftopaz.c +++ b/client/src/cmdhftopaz.c @@ -292,7 +292,7 @@ static bool topaz_byte_is_locked(uint16_t byteno) { } } -static int topaz_set_cc_dynamic(uint8_t *data) { +static int topaz_set_cc_dynamic(const uint8_t *data) { if (data[0] != 0xE1) { topaz_tag.size = TOPAZ_STATIC_MEMORY; diff --git a/client/src/util.c b/client/src/util.c index dc58eef2c..63141d01c 100644 --- a/client/src/util.c +++ b/client/src/util.c @@ -1247,7 +1247,7 @@ inline uint64_t leadingzeros64(uint64_t a) { } -int byte_strstr(uint8_t *src, size_t srclen, uint8_t *pattern, size_t plen) { +int byte_strstr(const uint8_t *src, size_t srclen, const uint8_t *pattern, size_t plen) { size_t max = srclen - plen + 1; diff --git a/client/src/util.h b/client/src/util.h index d831a750b..c29fbd50f 100644 --- a/client/src/util.h +++ b/client/src/util.h @@ -148,7 +148,7 @@ uint64_t bitcount64(uint64_t a); uint32_t leadingzeros32(uint32_t a); uint64_t leadingzeros64(uint64_t a); -int byte_strstr(uint8_t *src, size_t srclen, uint8_t *pattern, size_t plen); +int byte_strstr(const uint8_t *src, size_t srclen, const uint8_t *pattern, size_t plen); struct smartbuf { char *ptr; From 0fbc101ac51f5d4e292a93a2d378a65f8c2c7002 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 15 Jan 2023 02:12:47 +0100 Subject: [PATCH 18/23] cppcheck uninitialized vars (false positive) --- armsrc/frozen.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/armsrc/frozen.c b/armsrc/frozen.c index 963b0a52b..a77d7dd9d 100644 --- a/armsrc/frozen.c +++ b/armsrc/frozen.c @@ -1429,9 +1429,12 @@ static void json_next_cb(void *userdata, const char *name, size_t name_len, static void *json_next(const char *s, int len, void *handle, const char *path, struct json_token *key, struct json_token *val, int *i) { - struct json_token tmpval, *v = val == NULL ? &tmpval : val; - struct json_token tmpkey, *k = key == NULL ? &tmpkey : key; - int tmpidx, *pidx = i == NULL ? &tmpidx : i; + struct json_token tmpval; + struct json_token *v = val == NULL ? &tmpval : val; + struct json_token tmpkey; + struct json_token *k = key == NULL ? &tmpkey : key; + int tmpidx; + int *pidx = i == NULL ? &tmpidx : i; struct next_data data = {handle, path, (int) strlen(path), 0, k, v, pidx}; json_walk(s, len, json_next_cb, &data); return data.found ? data.handle : NULL; From 951d6cd218f26cf0c65ee9dfa2b19befd3724842 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 15 Jan 2023 02:17:14 +0100 Subject: [PATCH 19/23] cppcheck uninitialized vars --- client/src/cmdlfindala.c | 2 +- tools/mf_nonce_brute/mf_nonce_brute.c | 2 ++ tools/mf_nonce_brute/mf_trace_brute.c | 2 ++ 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/client/src/cmdlfindala.c b/client/src/cmdlfindala.c index 781db217b..fa59894e1 100644 --- a/client/src/cmdlfindala.c +++ b/client/src/cmdlfindala.c @@ -404,7 +404,7 @@ static int CmdIndalaDemodAlt(const char *Cmd) { uint8_t data[MAX_GRAPH_TRACE_LEN] = {0}; size_t datasize = getFromGraphBuf(data); - uint8_t rawbits[4096]; + uint8_t rawbits[4096] = {0}; int rawbit = 0; int worst = 0, worstPos = 0; diff --git a/tools/mf_nonce_brute/mf_nonce_brute.c b/tools/mf_nonce_brute/mf_nonce_brute.c index 8d98e04cf..161f1c749 100644 --- a/tools/mf_nonce_brute/mf_nonce_brute.c +++ b/tools/mf_nonce_brute/mf_nonce_brute.c @@ -331,6 +331,8 @@ static bool checkValidCmd(uint32_t decrypted) { static bool checkValidCmdByte(uint8_t *cmd, uint16_t n) { bool ok = false; + if (cmd == NULL) + return false; for (int i = 0; i < 8; ++i) { if (cmd[0] == cmds[i][0]) { diff --git a/tools/mf_nonce_brute/mf_trace_brute.c b/tools/mf_nonce_brute/mf_trace_brute.c index 8bc255517..1d8a7c6fb 100644 --- a/tools/mf_nonce_brute/mf_trace_brute.c +++ b/tools/mf_nonce_brute/mf_trace_brute.c @@ -174,6 +174,8 @@ static char *sprint_hex_inrow_ex(const uint8_t *data, const size_t len, const si static bool checkValidCmdByte(uint8_t *cmd, uint16_t n) { bool ok = false; + if (cmd == NULL) + return false; for (int i = 0; i < 8; ++i) { if (cmd[0] == cmds[i][0]) { From 30ae0bf521fb14d76d56b72682a926ea502d1a6c Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 15 Jan 2023 02:24:46 +0100 Subject: [PATCH 20/23] make style --- client/src/cmdhfmf.c | 3 +- client/src/fileutils.c | 11 +- client/src/pm3line_vocabulory.h | 20 +- doc/commands.json | 544 +++++++++++++++++++++++--------- doc/commands.md | 30 +- tools/cryptorf/sma_multi.cpp | 2 +- 6 files changed, 445 insertions(+), 165 deletions(-) diff --git a/client/src/cmdhfmf.c b/client/src/cmdhfmf.c index dfac4dbee..11d101391 100644 --- a/client/src/cmdhfmf.c +++ b/client/src/cmdhfmf.c @@ -6913,8 +6913,7 @@ static int CmdHF14AMfView(const char *Cmd) { return res; } - typedef union UDATA - { + typedef union UDATA { uint8_t *bytes; mfc_vigik_t *vigik; } UDATA; diff --git a/client/src/fileutils.c b/client/src/fileutils.c index 8c2f7a6f0..3182f47c3 100644 --- a/client/src/fileutils.c +++ b/client/src/fileutils.c @@ -1162,12 +1162,11 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz goto out; } - typedef union UDATA - { - void* v; - uint8_t* bytes; - mfu_dump_t* mfu; - topaz_tag_t* topaz; + typedef union UDATA { + void *v; + uint8_t *bytes; + mfu_dump_t *mfu; + topaz_tag_t *topaz; } UDATA; UDATA udata = (UDATA)data; char ctype[100] = {0}; diff --git a/client/src/pm3line_vocabulory.h b/client/src/pm3line_vocabulory.h index 4ea275639..5a517c645 100644 --- a/client/src/pm3line_vocabulory.h +++ b/client/src/pm3line_vocabulory.h @@ -244,11 +244,11 @@ const static vocabulory_t vocabulory[] = { { 1, "hf gallagher diversifykey" }, { 1, "hf gallagher decode" }, { 1, "hf ksx6924 help" }, - { 0, "hf ksx6924 balance" }, - { 0, "hf ksx6924 info" }, - { 0, "hf ksx6924 initialize" }, - { 0, "hf ksx6924 prec" }, { 0, "hf ksx6924 select" }, + { 0, "hf ksx6924 info" }, + { 0, "hf ksx6924 balance" }, + { 0, "hf ksx6924 init" }, + { 0, "hf ksx6924 prec" }, { 1, "hf jooki help" }, { 0, "hf jooki clone" }, { 1, "hf jooki decode" }, @@ -347,6 +347,10 @@ const static vocabulory_t vocabulory[] = { { 0, "hf mf gen3uid" }, { 0, "hf mf gen3blk" }, { 0, "hf mf gen3freeze" }, + { 0, "hf mf ggetblk" }, + { 0, "hf mf gload" }, + { 0, "hf mf gsave" }, + { 0, "hf mf gsetblk" }, { 0, "hf mf gview" }, { 0, "hf mf ndefformat" }, { 0, "hf mf ndefread" }, @@ -376,6 +380,7 @@ const static vocabulory_t vocabulory[] = { { 1, "hf mfu view" }, { 0, "hf mfu wrbl" }, { 0, "hf mfu eload" }, + { 0, "hf mfu esave" }, { 0, "hf mfu eview" }, { 0, "hf mfu sim" }, { 0, "hf mfu setpwd" }, @@ -584,6 +589,7 @@ const static vocabulory_t vocabulory[] = { { 0, "lf idteck clone" }, { 0, "lf idteck sim" }, { 1, "lf indala help" }, + { 0, "lf indala brute" }, { 1, "lf indala demod" }, { 1, "lf indala altdemod" }, { 0, "lf indala reader" }, @@ -731,6 +737,12 @@ const static vocabulory_t vocabulory[] = { { 0, "nfc barcode read" }, { 0, "nfc barcode sim" }, { 1, "nfc barcode help" }, + { 1, "piv help" }, + { 0, "piv select" }, + { 0, "piv getdata" }, + { 0, "piv authsign" }, + { 0, "piv scan" }, + { 1, "piv list" }, { 1, "smart help" }, { 1, "smart list" }, { 0, "smart info" }, diff --git a/doc/commands.json b/doc/commands.json index e055a70b4..1c21f81ba 100644 --- a/doc/commands.json +++ b/doc/commands.json @@ -761,7 +761,7 @@ "options": [ "-h, --help This help", "-k, -K, --keep Keep field ON for next command", - "-a, -A, --apdu Show APDU reqests and responses", + "-a, -A, --apdu Show APDU requests and responses", "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)" ], "usage": "emv challenge [-hkaw]" @@ -777,7 +777,7 @@ "options": [ "-h, --help This help", "-s, -S, --select Activate field and select card", - "-a, -A, --apdu Show APDU reqests and responses", + "-a, -A, --apdu Show APDU requests and responses", "-t, -T, --tlv TLV decode results", "-j, -J, --jload Load transaction parameters from `emv_defparams.json` file", "-f, -F, --forceaid Force search AID. Search AID instead of execute PPSE", @@ -807,7 +807,7 @@ "-d, -D, --decision Terminal decision. aac - declined, tc - approved, arqc - online authorisation requested", "-p, -P, --params Load parameters from `emv_defparams.json` file for CDOLdata making from CDOL and parameters", "-m, -M, --make Make CDOLdata from CDOL (tag 8C and 8D) and parameters (def: use default parameters)", - "-a, -A, --apdu Show APDU reqests and responses", + "-a, -A, --apdu Show APDU requests and responses", "-t, -T, --tlv TLV decode results of selected applets", "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)", " CDOLdata/CDOL" @@ -828,7 +828,7 @@ "-k, -K, --keep Keep field ON for next command", "-p, -P, --params Load parameters from `emv_defparams.json` file for PDOLdata making from PDOL and parameters", "-m, -M, --make Make PDOLdata from PDOL (tag 9F38) and parameters (def: uses default parameters)", - "-a, -A, --apdu Show APDU reqests and responses", + "-a, -A, --apdu Show APDU requests and responses", "-t, -T, --tlv TLV decode results of selected applets", "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)", " PDOLdata/PDOL" @@ -857,7 +857,7 @@ "-k, -K, --keep Keep field ON for next command", "-p, -P, --params Load parameters from `emv_defparams.json` file for DDOLdata making from DDOL and parameters", "-m, -M, --make Make DDOLdata from DDOL (tag 9F49) and parameters (def: use default parameters)", - "-a, -A, --apdu Show APDU reqests and responses", + "-a, -A, --apdu Show APDU requests and responses", "-t, -T, --tlv TLV decode results of selected applets", "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)", " DDOLdata/DDOL" @@ -868,22 +868,22 @@ "command": "emv list", "description": "Alias of `trace list -t 7816` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "emv list -f -> show frame delay times", + "emv list --frame -> show frame delay times", "emv list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "emv list [-h1fcrux] [--dict ]" + "usage": "emv list [-h1crux] [--frame] [-f ]" }, "emv pse": { "command": "emv pse", @@ -899,7 +899,7 @@ "-k, -K, --keep Keep field ON for next command", "-1, --pse PSE (1PAY.SYS.DDF01) mode", "-2, --ppse PPSE (2PAY.SYS.DDF01) mode (def)", - "-a, -A, --apdu Show APDU reqests and responses", + "-a, -A, --apdu Show APDU requests and responses", "-t, -T, --tlv TLV decode results of selected applets", "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)" ], @@ -916,7 +916,7 @@ "options": [ "-h, --help This help", "-k, -K, --keep Keep field ON for next command", - "-a, -A, --apdu Show APDU reqests and responses", + "-a, -A, --apdu Show APDU requests and responses", "-t, -T, --tlv TLV decode results of selected applets", "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)", " help` for details of a command prefs { Edit client/device preferences... } -------- ----------------------- Technology ----------------------- analyse { Analyse utils... } data { Plot window / data buffer manipulation... } emv { EMV ISO-14443 / ISO-7816... } hf { High frequency commands... } hw { Hardware commands... } lf { Low frequency commands... } nfc { NFC commands... } reveng { CRC calculations from RevEng software... } smart { Smart card ISO-7816 commands... } script { Scripting commands... } trace { Trace manipulation... } wiegand { Wiegand format manipulation... } -------- ----------------------- General ----------------------- clear Clear screen hints Turn hints on / off msleep Add a pause in milliseconds rem Add a text line in log file quit exit Exit program", + "description": "help Use ` help` for details of a command prefs { Edit client/device preferences... } -------- ----------------------- Technology ----------------------- analyse { Analyse utils... } data { Plot window / data buffer manipulation... } emv { EMV ISO-14443 / ISO-7816... } hf { High frequency commands... } hw { Hardware commands... } lf { Low frequency commands... } nfc { NFC commands... } piv { PIV commands... } reveng { CRC calculations from RevEng software... } smart { Smart card ISO-7816 commands... } script { Scripting commands... } trace { Trace manipulation... } wiegand { Wiegand format manipulation... } -------- ----------------------- General ----------------------- clear Clear screen hints Turn hints on / off msleep Add a pause in milliseconds rem Add a text line in log file quit exit Exit program", "notes": [], "offline": true, "options": [], @@ -1145,22 +1145,22 @@ "command": "hf 14a list", "description": "Alias of `trace list -t 14a` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf 14a list -f -> show frame delay times", + "hf 14a list --frame -> show frame delay times", "hf 14a list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "hf 14a list [-h1fcrux] [--dict ]" + "usage": "hf 14a list [-h1crux] [--frame] [-f ]" }, "hf 14a ndefformat": { "command": "hf 14a ndefformat", @@ -1259,7 +1259,7 @@ }, "hf 14a sim": { "command": "hf 14a sim", - "description": "Simulate ISO/IEC 14443 type A tag with 4,7 or 10 byte UID", + "description": "Simulate ISO/IEC 14443 type A tag with 4,7 or 10 byte UID Use type 7 for Mifare Ultralight EV1, Amiibo (NTAG215 pack 0x8080)", "notes": [ "hf 14a sim -t 1 --uid 11223344 -> MIFARE Classic 1k", "hf 14a sim -t 2 -> MIFARE Ultralight", @@ -1267,7 +1267,7 @@ "hf 14a sim -t 4 -> ISO/IEC 14443-4", "hf 14a sim -t 5 -> MIFARE Tnp3xxx", "hf 14a sim -t 6 -> MIFARE Mini", - "hf 14a sim -t 7 -> Amiibo (NTAG 215), pack 0x8080", + "hf 14a sim -t 7 -> MFU EV1 / NTAG 215 Amiibo", "hf 14a sim -t 8 -> MIFARE Classic 4k", "hf 14a sim -t 9 -> FM11RF005SH Shanghai Metro", "hf 14a sim -t 10 -> ST25TA IKEA Rothult" @@ -1363,22 +1363,22 @@ "command": "hf 14b list", "description": "Alias of `trace list -t 14b` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf 14b list -f -> show frame delay times", + "hf 14b list --frame -> show frame delay times", "hf 14b list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "hf 14b list [-h1fcrux] [--dict ]" + "usage": "hf 14b list [-h1crux] [--frame] [-f ]" }, "hf 14b ndefread": { "command": "hf 14b ndefread", @@ -1637,22 +1637,22 @@ "command": "hf 15 list", "description": "Alias of `trace list -t 15` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf 15 list -f -> show frame delay times", + "hf 15 list --frame -> show frame delay times", "hf 15 list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "hf 15 list [-h1fcrux] [--dict ]" + "usage": "hf 15 list [-h1crux] [--frame] [-f ]" }, "hf 15 raw": { "command": "hf 15 raw", @@ -2189,7 +2189,9 @@ "command": "hf emrtd dump", "description": "Dump all files on an eMRTD", "notes": [ - "hf emrtd dump" + "hf emrtd dump", + "hf emrtd dump --dir ../dump", + "hf emrtd dump -n 123456789 -d 19890101 -e 20250401" ], "offline": false, "options": [ @@ -2198,9 +2200,9 @@ "-d, --dateofbirth date of birth in YYMMDD format", "-e, --expiry expiry in YYMMDD format", "-m, --mrz <[0-9A-Z<]> 2nd line of MRZ, 44 chars", - "--path save dump to the given dirpath" + "--dir save dump to the given dirpath" ], - "usage": "hf emrtd dump [-h] [-n ] [-d ] [-e ] [-m <[0-9A-Z<]>] [--path ]" + "usage": "hf emrtd dump [-h] [-n ] [-d ] [-e ] [-m <[0-9A-Z<]>] [--dir ]" }, "hf emrtd help": { "command": "hf emrtd help", @@ -2214,7 +2216,10 @@ "command": "hf emrtd info", "description": "Display info about an eMRTD", "notes": [ - "hf emrtd info" + "hf emrtd info", + "hf emrtd info --dir ../dumps", + "hf emrtd info -n 123456789 -d 19890101 -e 20250401", + "hf emrtd info -n 123456789 -d 19890101 -e 20250401 -i" ], "offline": true, "options": [ @@ -2223,31 +2228,31 @@ "-d, --dateofbirth date of birth in YYMMDD format", "-e, --expiry expiry in YYMMDD format", "-m, --mrz <[0-9A-Z<]> 2nd line of MRZ, 44 chars (passports only)", - "--path display info from offline dump stored in dirpath", + "--dir display info from offline dump stored in dirpath", "-i, --images show images" ], - "usage": "hf emrtd info [-hi] [-n ] [-d ] [-e ] [-m <[0-9A-Z<]>] [--path ]" + "usage": "hf emrtd info [-hi] [-n ] [-d ] [-e ] [-m <[0-9A-Z<]>] [--dir ]" }, "hf emrtd list": { "command": "hf emrtd list", "description": "Alias of `trace list -t 7816` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf emrtd list -f -> show frame delay times", + "hf emrtd list --frame -> show frame delay times", "hf emrtd list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "hf emrtd list [-h1fcrux] [--dict ]" + "usage": "hf emrtd list [-h1crux] [--frame] [-f ]" }, "hf epa cnonces": { "command": "hf epa cnonces", @@ -2367,22 +2372,22 @@ "command": "hf felica list", "description": "Alias of `trace list -t felica` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf felica list -f -> show frame delay times", + "hf felica list --frame -> show frame delay times", "hf felica list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "hf felica list [-h1fcrux] [--dict ]" + "usage": "hf felica list [-h1crux] [--frame] [-f ]" }, "hf felica litedump": { "command": "hf felica litedump", @@ -2575,7 +2580,7 @@ "offline": false, "options": [ "-h, --help This help", - "-a, --apdu Show APDU reqests and responses", + "-a, --apdu Show APDU requests and responses", "-v, --verbose Verbose mode. vv - show full certificates data", "-c, --cbor Show CBOR decoded data", "-l, --list Add CredentialId from json to allowList", @@ -2596,7 +2601,7 @@ "offline": false, "options": [ "-h, --help This help", - "-a, --apdu Show APDU reqests and responses", + "-a, --apdu Show APDU requests and responses", "-v, --verbose Verbose mode", "default mode: dont-enforce-user-presence-and-sign", "-u, --user mode: enforce-user-presence-and-sign", @@ -2635,22 +2640,22 @@ "command": "hf fido list", "description": "Alias of `trace list -t 14a` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf fido list -f -> show frame delay times", + "hf fido list --frame -> show frame delay times", "hf fido list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "hf fido list [-h1fcrux] [--dict ]" + "usage": "hf fido list [-h1crux] [--frame] [-f ]" }, "hf fido make": { "command": "hf fido make", @@ -2662,7 +2667,7 @@ "offline": false, "options": [ "-h, --help This help", - "-a, --apdu Show APDU reqests and responses", + "-a, --apdu Show APDU requests and responses", "-v, --verbose Verbose mode. vv - show full certificates data", "-t, --tlv Show DER certificate contents in TLV representation", "-c, --cbor Show CBOR decoded data", @@ -2916,9 +2921,10 @@ "-f, --file Dictionary file with default iclass keys", "--credit key is assumed to be the credit key", "--elite elite computations applied to key", - "--raw no computations applied to key (raw)" + "--raw no computations applied to key (raw)", + "--shallow use shallow (ASK) reader modulation instead of OOK" ], - "usage": "hf iclass chk [-h] -f [--credit] [--elite] [--raw]" + "usage": "hf iclass chk [-h] -f [--credit] [--elite] [--raw] [--shallow]" }, "hf iclass configcard": { "command": "hf iclass configcard", @@ -2969,9 +2975,11 @@ "--elite elite computations applied to key", "--raw raw, the key is interpreted as raw block 3/4", "--nr replay of NR/MAC", - "-z, --dense dense dump output style" + "-z, --dense dense dump output style", + "--force force unsecure card read", + "--shallow use shallow (ASK) reader modulation instead of OOK" ], - "usage": "hf iclass dump [-hz] [-f ] [-k ] [--ki ] [--credit ] [--ci ] [--elite] [--raw] [--nr]" + "usage": "hf iclass dump [-hz] [-f ] [-k ] [--ki ] [--credit ] [--ci ] [--elite] [--raw] [--nr] [--force] [--shallow]" }, "hf iclass eload": { "command": "hf iclass eload", @@ -2990,7 +2998,7 @@ }, "hf iclass encode": { "command": "hf iclass encode", - "description": "Encode binary wiegand to block 7 Use either --bin or --wiegand/--fc/--cn", + "description": "Encode binary wiegand to block 7,8,9 Use either --bin or --wiegand/--fc/--cn", "notes": [ "hf iclass encode --bin 10001111100000001010100011 --ki 0 -> FC 31 CN 337", "hf iclass encode --fc 31 --cn 337 --ki 0 -> FC 31 CN 337", @@ -3007,9 +3015,10 @@ "--enckey 3DES transport key, 16 hex bytes", "--fc facility code", "--cn card number", - "-w, --wiegand see `wiegand list` for available formats" + "-w, --wiegand see `wiegand list` for available formats", + "--shallow use shallow (ASK) reader modulation instead of OOK" ], - "usage": "hf iclass encode [-h] [--bin ] --ki [--credit] [--elite] [--raw] [--enckey ] [--fc ] [--cn ] [-w ]" + "usage": "hf iclass encode [-h] [--bin ] --ki [--credit] [--elite] [--raw] [--enckey ] [--fc ] [--cn ] [-w ] [--shallow]" }, "hf iclass encrypt": { "command": "hf iclass encrypt", @@ -3076,30 +3085,31 @@ ], "offline": true, "options": [ - "-h, --help This help" + "-h, --help This help", + "--shallow use shallow (ASK) reader modulation instead of OOK" ], - "usage": "hf iclass info [-h]" + "usage": "hf iclass info [-h] [--shallow]" }, "hf iclass list": { "command": "hf iclass list", "description": "Alias of `trace list -t iclass` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf iclass list -f -> show frame delay times", + "hf iclass list --frame -> show frame delay times", "hf iclass list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "hf iclass list [-h1fcrux] [--dict ]" + "usage": "hf iclass list [-h1crux] [--frame] [-f ]" }, "hf iclass loclass": { "command": "hf iclass loclass", @@ -3190,9 +3200,10 @@ "--elite elite computations applied to key", "--raw no computations applied to key", "--nr replay of NR/MAC", - "-v, --verbose verbose output" + "-v, --verbose verbose output", + "--shallow use shallow (ASK) reader modulation instead of OOK" ], - "usage": "hf iclass rdbl [-hv] [-k ] [--ki ] -b [--credit] [--elite] [--raw] [--nr]" + "usage": "hf iclass rdbl [-hv] [-k ] [--ki ] -b [--credit] [--elite] [--raw] [--nr] [--shallow]" }, "hf iclass reader": { "command": "hf iclass reader", @@ -3203,9 +3214,10 @@ "offline": false, "options": [ "-h, --help This help", - "-@ optional - continuous reader mode" + "-@ optional - continuous reader mode", + "--shallow use shallow (ASK) reader modulation instead of OOK" ], - "usage": "hf iclass reader [-h@]" + "usage": "hf iclass reader [-h@] [--shallow]" }, "hf iclass restore": { "command": "hf iclass restore", @@ -3226,9 +3238,10 @@ "--credit key is assumed to be the credit key", "--elite elite computations applied to key", "--raw no computations applied to key", - "-v, --verbose verbose output" + "-v, --verbose verbose output", + "--shallow use shallow (ASK) reader modulation instead of OOK" ], - "usage": "hf iclass restore [-hv] -f [-k ] [--ki ] --first --last [--credit] [--elite] [--raw]" + "usage": "hf iclass restore [-hv] -f [-k ] [--ki ] --first --last [--credit] [--elite] [--raw] [--shallow]" }, "hf iclass sim": { "command": "hf iclass sim", @@ -3300,9 +3313,10 @@ "--elite elite computations applied to key", "--raw no computations applied to key", "--nr replay of NR/MAC", - "-v, --verbose verbose output" + "-v, --verbose verbose output", + "--shallow use shallow (ASK) reader modulation instead of OOK" ], - "usage": "hf iclass wrbl [-hv] [-k ] [--ki ] -b -d [-m ] [--credit] [--elite] [--raw] [--nr]" + "usage": "hf iclass wrbl [-hv] [-k ] [--ki ] -b -d [-m ] [--credit] [--elite] [--raw] [--nr] [--shallow]" }, "hf jooki clone": { "command": "hf jooki clone", @@ -3400,7 +3414,7 @@ "options": [ "-h, --help This help", "-k, --keep keep field ON for next command", - "-a, --apdu show APDU reqests and responses" + "-a, --apdu Show APDU requests and responses" ], "usage": "hf ksx6924 balance [-hka]" }, @@ -3422,23 +3436,23 @@ "options": [ "-h, --help This help", "-k, --keep keep field ON for next command", - "-a, --apdu show APDU reqests and responses" + "-a, --apdu Show APDU requests and responses" ], "usage": "hf ksx6924 info [-hka]" }, - "hf ksx6924 initialize": { - "command": "hf ksx6924 initialize", - "description": "Perform transaction initialization (mpda)", + "hf ksx6924 init": { + "command": "hf ksx6924 init", + "description": "Perform transaction initialization with Mpda (Money of Purchase Transaction)", "notes": [ - "hf ksx6924 initialize 000003e8 -> mpda" + "hf ksx6924 init 000003e8 -> Mpda" ], "offline": false, "options": [ "-h, --help This help", "-k, --keep keep field ON for next command", - "-a, --apdu show APDU reqests and responses" + "-a, --apdu Show APDU requests and responses" ], - "usage": "hf ksx6924 initialize [-hka] " + "usage": "hf ksx6924 init [-hka] " }, "hf ksx6924 prec": { "command": "hf ksx6924 prec", @@ -3450,7 +3464,7 @@ "options": [ "-h, --help This help", "-k, --keep keep field ON for next command", - "-a, --apdu show APDU reqests and responses" + "-a, --apdu Show APDU requests and responses" ], "usage": "hf ksx6924 prec [-hka] " }, @@ -3463,7 +3477,7 @@ "offline": false, "options": [ "-h, --help This help", - "-a, --apdu show APDU reqests and responses" + "-a, --apdu Show APDU requests and responses" ], "usage": "hf ksx6924 select [-ha]" }, @@ -3573,22 +3587,22 @@ "command": "hf legic list", "description": "Alias of `trace list -t legic` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf legic list -f -> show frame delay times", + "hf legic list --frame -> show frame delay times", "hf legic list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "hf legic list [-h1fcrux] [--dict ]" + "usage": "hf legic list [-h1crux] [--frame] [-f ]" }, "hf legic rdbl": { "command": "hf legic rdbl", @@ -3695,22 +3709,22 @@ "command": "hf list", "description": "Alias of `trace list -t raw` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf list -f -> show frame delay times", + "hf list --frame -> show frame delay times", "hf list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "hf list [-h1fcrux] [--dict ]" + "usage": "hf list [-h1crux] [--frame] [-f ]" }, "hf lto dump": { "command": "hf lto dump", @@ -3749,22 +3763,22 @@ "command": "hf lto list", "description": "Alias of `trace list -t lto` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf lto list -f -> show frame delay times", + "hf lto list --frame -> show frame delay times", "hf lto list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "hf lto list [-h1fcrux] [--dict ]" + "usage": "hf lto list [-h1crux] [--frame] [-f ]" }, "hf lto rdbl": { "command": "hf lto rdbl", @@ -3969,7 +3983,7 @@ "--1k MIFARE Classic 1k / S50 (def)", "--2k MIFARE Classic/Plus 2k", "--4k MIFARE Classic 4k / S70", - "--emu from emulator memory" + "--emu to emulator memory" ], "usage": "hf mf csave [-h] [-f ] [--mini] [--1k] [--2k] [--4k] [--emu]" }, @@ -4303,6 +4317,85 @@ ], "usage": "hf mf gen3uid [-h] [-u ]" }, + "hf mf ggetblk": { + "command": "hf mf ggetblk", + "description": "Get block data from magic gen4 GTU card.", + "notes": [ + "hf mf ggetblk --blk 0 -> get block 0 (manufacturer)", + "hf mf ggetblk --blk 3 -v -> get block 3, decode sector trailer" + ], + "offline": false, + "options": [ + "-h, --help This help", + "-b, --blk block number", + "-v, --verbose verbose output", + "-p, --pwd password 4bytes" + ], + "usage": "hf mf ggetblk [-hv] -b [-p ]" + }, + "hf mf gload": { + "command": "hf mf gload", + "description": "Load magic gen4 gtu card with data from (bin/eml/json) dump file or from emulator memory.", + "notes": [ + "hf mf gload --emu", + "hf mf gload -f hf-mf-01020304.eml", + "hf mf gload -p AABBCCDD --4k -v -f hf-mf-01020304-dump.bin", + "", + "Card must be configured beforehand with `script run hf_mf_ultimatecard`.", + "Blocks are 16 bytes long." + ], + "offline": false, + "options": [ + "-h, --help This help", + "--mini MIFARE Classic Mini / S20", + "--1k MIFARE Classic 1k / S50 (def)", + "--2k MIFARE Classic/Plus 2k", + "--4k MIFARE Classic 4k / S70", + "-p, --pwd password 4bytes", + "-v, --verbose verbose output", + "-f, --file filename of dump", + "--emu from emulator memory", + "--start index of block to start writing (default 0)", + "--end index of block to end writing (default last block)" + ], + "usage": "hf mf gload [-hv] [--mini] [--1k] [--2k] [--4k] [-p ] [-f ] [--emu] [--start ] [--end ]" + }, + "hf mf gsave": { + "command": "hf mf gsave", + "description": "Save `magic gen4 gtu` card memory into three files (BIN/EML/JSON)or into emulator memory", + "notes": [ + "hf mf gsave", + "hf mf gsave --4k", + "hf mf gsave -p DEADBEEF -f hf-mf-01020304.json" + ], + "offline": false, + "options": [ + "-h, --help This help", + "--mini MIFARE Classic Mini / S20", + "--1k MIFARE Classic 1k / S50 (def)", + "--2k MIFARE Classic/Plus 2k", + "--4k MIFARE Classic 4k / S70", + "-p, --pwd password 4bytes", + "-f, --file filename of dump", + "--emu to emulator memory" + ], + "usage": "hf mf gsave [-h] [--mini] [--1k] [--2k] [--4k] [-p ] [-f ] [--emu]" + }, + "hf mf gsetblk": { + "command": "hf mf gsetblk", + "description": "Set block data on a magic gen4 GTU card", + "notes": [ + "hf mf gsetblk --blk 1 -d 000102030405060708090a0b0c0d0e0f" + ], + "offline": false, + "options": [ + "-h, --help This help", + "-b, --blk block number", + "-d, --data bytes to write, 16 hex bytes", + "-p, --pwd password 4bytes" + ], + "usage": "hf mf gsetblk [-h] -b [-d ] [-p ]" + }, "hf mf gview": { "command": "hf mf gview", "description": "View `magic gen4 gtu` card memory", @@ -4324,8 +4417,9 @@ }, "hf mf hardnested": { "command": "hf mf hardnested", - "description": "Nested attack for hardened MIFARE Classic cards. `--i` set type of SIMD instructions. Without this flag programs autodetect it. or hf mf hardnested -r --tk [known target key] Add the known target key to check if it is present in the remaining key space hf mf hardnested --blk 0 -a -k A0A1A2A3A4A5 --tblk 4 --ta --tk FFFFFFFFFFFF", + "description": "Nested attack for hardened MIFARE Classic cards. if card is EV1, command can detect and use known key see example below `--i` set type of SIMD instructions. Without this flag programs autodetect it. or hf mf hardnested -r --tk [known target key] Add the known target key to check if it is present in the remaining key space hf mf hardnested --blk 0 -a -k A0A1A2A3A4A5 --tblk 4 --ta --tk FFFFFFFFFFFF", "notes": [ + "hf mf hardnested --tblk 4 --ta -> works for MFC EV1", "hf mf hardnested --blk 0 -a -k FFFFFFFFFFFF --tblk 4 --ta", "hf mf hardnested --blk 0 -a -k FFFFFFFFFFFF --tblk 4 --ta -w", "hf mf hardnested --blk 0 -a -k FFFFFFFFFFFF --tblk 4 --ta -f nonces.bin -w -s", @@ -4372,22 +4466,22 @@ "command": "hf mf list", "description": "Alias of `trace list -t mf` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf mf list -f -> show frame delay times", + "hf mf list --frame -> show frame delay times", "hf mf list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "hf mf list [-h1fcrux] [--dict ]" + "usage": "hf mf list [-h1crux] [--frame] [-f ]" }, "hf mf mad": { "command": "hf mf mad", @@ -4710,7 +4804,7 @@ }, "hf mf wrbl": { "command": "hf mf wrbl", - "description": "Write MIFARE Classic block with 16 hex bytes of data Sector 0 / Block 0 - Manufacturer block When writing to block 0 you must use a VALID block 0 data (UID, BCC, SAK, ATQA) Writing an invalid block 0 means rendering your Magic GEN2 card undetectable. Look in the magic_cards_notes.md file for help to resolve it.", + "description": "Write MIFARE Classic block with 16 hex bytes of data Sector 0 / Block 0 - Manufacturer block When writing to block 0 you must use a VALID block 0 data (UID, BCC, SAK, ATQA) Writing an invalid block 0 means rendering your Magic GEN2 card undetectable. Look in the magic_cards_notes.md file for help to resolve it. `--force` param is used to override warnings like bad ACL and BLOCK 0 writes. if not specified, it will exit if detected", "notes": [ "hf mf wrbl --blk 1 -k FFFFFFFFFFFF -d 000102030405060708090a0b0c0d0e0f" ], @@ -4720,7 +4814,7 @@ "--blk block number", "-a input key type is key A (def)", "-b input key type is key B", - "--force enforce block0 writes", + "--force override warnings", "-k, --key key, 6 hex bytes", "-d, --data bytes to write, 16 hex bytes" ], @@ -5551,22 +5645,22 @@ "command": "hf mfdes list", "description": "Alias of `trace list -t des` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf mfdes list -f -> show frame delay times", + "hf mfdes list --frame -> show frame delay times", "hf mfdes list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "hf mfdes list [-h1fcrux] [--dict ]" + "usage": "hf mfdes list [-h1crux] [--frame] [-f ]" }, "hf mfdes lsapp": { "command": "hf mfdes lsapp", @@ -6113,17 +6207,35 @@ ], "usage": "hf mfu eload [-h] -f [-q ]" }, - "hf mfu eview": { - "command": "hf mfu eview", - "description": "It displays emulator memory", + "hf mfu esave": { + "command": "hf mfu esave", + "description": "Saves emulator memory to a MIFARE Ultralight/NTAG dump file (bin/eml/json) By default number of pages saved depends on defined tag type. You can override this with option --end.", "notes": [ - "hf mfu eview" + "hf mfu esave", + "hf mfu esave --end 255 -> saves whole memory", + "hf mfu esave -f hf-mfu-04010203040506-dump.json" ], "offline": false, "options": [ - "-h, --help This help" + "-h, --help This help", + "-e, --end index of last block", + "-f, --file filename of dump" ], - "usage": "hf mfu eview [-h]" + "usage": "hf mfu esave [-h] [-e ] [-f ]" + }, + "hf mfu eview": { + "command": "hf mfu eview", + "description": "Displays emulator memory By default number of pages shown depends on defined tag type. You can override this with option --end.", + "notes": [ + "hf mfu eview", + "hf mfu eview --end 255 -> dumps whole memory" + ], + "offline": false, + "options": [ + "-h, --help This help", + "-e, --end index of last block" + ], + "usage": "hf mfu eview [-h] [-e ]" }, "hf mfu help": { "command": "hf mfu help", @@ -6291,8 +6403,8 @@ "description": "Simulate MIFARE Ultralight family type based upon ISO/IEC 14443 type A tag with 4,7 or 10 byte UID from emulator memory. See `hf mfu eload` first. The UID from emulator memory will be used if not specified. See `hf 14a sim -h` to see available types. You want 2 or 7 usually.", "notes": [ "hf mfu sim -t 2 --uid 11223344556677 -> MIFARE Ultralight", - "hf mfu sim -t 7 --uid 11223344556677 -n 5 -> Amiibo (NTAG 215), pack 0x8080", - "hf mfu sim -t 7 -> Amiibo (NTAG 215), pack 0x8080" + "hf mfu sim -t 7 --uid 11223344556677 -n 5 -> MFU EV1 / NTAG 215 Amiibo", + "hf mfu sim -t 7 -> MFU EV1 / NTAG 215 Amiibo" ], "offline": false, "options": [ @@ -6433,22 +6545,22 @@ "command": "hf seos list", "description": "Alias of `trace list -t 7816` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf seos list -f -> show frame delay times", + "hf seos list --frame -> show frame delay times", "hf seos list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "hf seos list [-h1fcrux] [--dict ]" + "usage": "hf seos list [-h1crux] [--frame] [-f ]" }, "hf sniff": { "command": "hf sniff", @@ -6491,22 +6603,22 @@ "command": "hf st25ta list", "description": "Alias of `trace list -t 7816` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf st25ta list -f -> show frame delay times", + "hf st25ta list --frame -> show frame delay times", "hf st25ta list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "hf st25ta list [-h1fcrux] [--dict ]" + "usage": "hf st25ta list [-h1crux] [--frame] [-f ]" }, "hf st25ta ndefread": { "command": "hf st25ta ndefread", @@ -6641,22 +6753,22 @@ "command": "hf thinfilm list", "description": "Alias of `trace list -t thinfilm` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf thinfilm list -f -> show frame delay times", + "hf thinfilm list --frame -> show frame delay times", "hf thinfilm list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "hf thinfilm list [-h1fcrux] [--dict ]" + "usage": "hf thinfilm list [-h1crux] [--frame] [-f ]" }, "hf thinfilm sim": { "command": "hf thinfilm sim", @@ -6712,22 +6824,22 @@ "command": "hf topaz list", "description": "Alias of `trace list -t topaz` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "hf topaz list -f -> show frame delay times", + "hf topaz list --frame -> show frame delay times", "hf topaz list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "hf topaz list [-h1fcrux] [--dict ]" + "usage": "hf topaz list [-h1crux] [--frame] [-f ]" }, "hf topaz raw": { "command": "hf topaz raw", @@ -8455,22 +8567,22 @@ "command": "lf hitag list", "description": "Alias of `trace list -t hitag2` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "lf hitag list -f -> show frame delay times", + "lf hitag list --frame -> show frame delay times", "lf hitag list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "lf hitag list [-h1fcrux] [--dict ]" + "usage": "lf hitag list [-h1crux] [--frame] [-f ]" }, "lf hitag reader": { "command": "lf hitag reader", @@ -8627,6 +8739,28 @@ ], "usage": "lf indala altdemod [-hl]" }, + "lf indala brute": { + "command": "lf indala brute", + "description": "Enables bruteforce of INDALA readers with specified facility code. This is a attack against reader. if cardnumber is given, it starts with it and goes up / down one step if cardnumber is not given, it starts with 1 and goes up to 65535", + "notes": [ + "lf indala brute --fc 224", + "lf indala brute --fc 21 -d 2000", + "lf indala brute -v --fc 21 --cn 200 -d 2000", + "lf indala brute -v --fc 21 --cn 200 -d 2000 --up" + ], + "offline": false, + "options": [ + "-h, --help This help", + "-v, --verbose verbose output", + "--fc facility code", + "--cn card number to start with", + "-d, --delay delay betweens attempts in ms. Default 1000ms", + "--up direction to increment card number. (default is both directions)", + "--down direction to decrement card number. (default is both directions)", + "--4041x specify Indala 4041X format" + ], + "usage": "lf indala brute [-hv] [--fc ] [--cn ] [-d ] [--up] [--down] [--4041x]" + }, "lf indala clone": { "command": "lf indala clone", "description": "clone Indala UID to T55x7 or Q5/T5555 tag using different known formats", @@ -8682,6 +8816,8 @@ "description": "Enables simulation of Indala card with specified facility code and card number. Simulation runs until the button is pressed or another USB command is issued.", "notes": [ "lf indala sim --heden 888", + "lf indala sim --fc 123 --cn 1337", + "lf indala sim --fc 123 --cn 1337 --4041x", "lf indala sim --raw a0000000a0002021", "lf indala sim --raw 80000001b23523a6c2e31eba3cbee4afb3c6ad1fcf649393928c14e5" ], @@ -8689,9 +8825,12 @@ "options": [ "-h, --help This help", "-r, --raw raw bytes", - "--heden Cardnumber for Heden 2L format" + "--heden Cardnumber for Heden 2L format", + "--fc Facility code (26 bit H10301 format)", + "--cn Card number (26 bit H10301 format)", + "--4041x Optional - specify Indala 4041X format, must use with fc and cn" ], - "usage": "lf indala sim [-h] [-r ] [--heden ]" + "usage": "lf indala sim [-h] [-r ] [--heden ] [--fc ] [--cn ] [--4041x]" }, "lf io clone": { "command": "lf io clone", @@ -9244,6 +9383,7 @@ "command": "lf paradox clone", "description": "clone a paradox tag to a T55x7, Q5/T5555 or EM4305/4469 tag.", "notes": [ + "lf paradox clone --fc 96 --cn 40426 -> encode for T55x7 tag with fc and cn", "lf paradox clone --raw 0f55555695596a6a9999a59a -> encode for T55x7 tag", "lf paradox clone --raw 0f55555695596a6a9999a59a --q5 -> encode for Q5/T5555 tag", "lf paradox clone --raw 0f55555695596a6a9999a59a --em -> encode for EM4305/4469" @@ -9252,10 +9392,12 @@ "options": [ "-h, --help This help", "-r, --raw raw hex data. 12 bytes max", + "--fc facility code", + "--cn card number", "--q5 optional - specify writing to Q5/T5555 tag", "--em optional - specify writing to EM4305/4469 tag" ], - "usage": "lf paradox clone [-h] [-r ] [--q5] [--em]" + "usage": "lf paradox clone [-h] [-r ] [--fc ] [--cn ] [--q5] [--em]" }, "lf paradox demod": { "command": "lf paradox demod", @@ -10818,6 +10960,114 @@ ], "usage": "hf 14b ndefread [-hv] [-f ]" }, + "piv authsign": { + "command": "piv authsign", + "description": "Send a nonce and ask the PIV card to sign it", + "notes": [ + "piv sign -sk -> select card, select applet, sign a NULL nonce" + ], + "offline": false, + "options": [ + "-h, --help This help", + "-s, -S, --select Activate field and select applet", + "-k, -K, --keep Keep field for next command", + "-a, -A, --apdu Show APDU requests and responses", + "-t, -T, --tlv TLV decode results", + "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)", + "--aid Applet ID to select. By default A0000003080000100 will be used", + "--nonce Nonce to sign.", + "--slot Slot number. Default will be 0x9E (card auth cert).", + "--alg Algorithm to use to sign. Example values: 06=RSA-1024, 07=RSA-2048, 11=ECC-P256 (default), 14=ECC-P384" + ], + "usage": "piv sign [-hskatw] [--aid ] --nonce [--slot ] [--alg ]" + }, + "piv getdata": { + "command": "piv getdata", + "description": "Get a data container of a given tag", + "notes": [ + "piv getdata -s 5fc102 -> select card, select applet, get card holder unique identifer", + "piv getdata -st 5fc102 -> select card, select applet, get card holder unique identifer, show result in TLV" + ], + "offline": false, + "options": [ + "-h, --help This help", + "-s, -S, --select Activate field and select applet", + "-k, -K, --keep Keep field for next command", + "-a, -A, --apdu Show APDU requests and responses", + "-t, -T, --tlv TLV decode results", + "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)", + "--aid Applet ID to select. By default A0000003080000100 will be used", + " Tag ID to read, between 1 and 3 bytes." + ], + "usage": "piv getdata [-hskatw] [--aid ] " + }, + "piv help": { + "command": "piv help", + "description": "help This help list List ISO7816 history", + "notes": [], + "offline": true, + "options": [], + "usage": "" + }, + "piv list": { + "command": "piv list", + "description": "Alias of `trace list -t 7816` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", + "notes": [ + "piv list --frame -> show frame delay times", + "piv list -1 -> use trace buffer" + ], + "offline": true, + "options": [ + "-h, --help This help", + "-1, --buffer use data from trace buffer", + "--frame show frame delay times", + "-c mark CRC bytes", + "-r show relative times (gap and duration)", + "-u display times in microseconds instead of clock cycles", + "-x show hexdump to convert to pcap(ng)", + "or to import into Wireshark using encapsulation type \"ISO 14443\"", + "-f, --file filename of dictionary" + ], + "usage": "piv list [-h1crux] [--frame] [-f ]" + }, + "piv scan": { + "command": "piv scan", + "description": "Scan a PIV card for known containers", + "notes": [ + "piv scan -s -> select card, select applet and run scan", + "piv scan -st --aid a00000030800001000 -> select card, select applet a00000030800001000, show result of the scan in TLV" + ], + "offline": false, + "options": [ + "-h, --help This help", + "-s, -S, --select Activate field and select applet", + "-k, -K, --keep Keep field for next command", + "-a, -A, --apdu Show APDU requests and responses", + "-t, -T, --tlv TLV decode results", + "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)", + "--aid Applet ID to select. By default A0000003080000100 will be used" + ], + "usage": "piv scan [-hskatw] [--aid ]" + }, + "piv select": { + "command": "piv select", + "description": "Executes select applet command", + "notes": [ + "piv select -s -> select card, select applet", + "piv select -st --aid a00000030800001000 -> select card, select applet a00000030800001000, show result in TLV" + ], + "offline": false, + "options": [ + "-h, --help This help", + "-s, -S, --select Activate field and select applet", + "-k, -K, --keep Keep field for next command", + "-a, -A, --apdu Show APDU requests and responses", + "-t, -T, --tlv TLV decode results", + "-w, -W, --wired Send data via contact (iso7816) interface. (def: Contactless interface)", + "--aid Applet ID to select. By default A0000003080000100 will be used" + ], + "usage": "piv select [-hskatw] [--aid ]" + }, "prefs get barmode": { "command": "prefs get barmode", "description": "Get preference of HF/LF tune command styled output in the client", @@ -11173,22 +11423,22 @@ "command": "smart list", "description": "Alias of `trace list -t 7816` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol", "notes": [ - "smart list -f -> show frame delay times", + "smart list --frame -> show frame delay times", "smart list -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "smart list [-h1fcrux] [--dict ]" + "usage": "smart list [-h1crux] [--frame] [-f ]" }, "smart raw": { "command": "smart raw", @@ -11295,24 +11545,24 @@ "trace list -t thinfilm -> interpret as Thinfilm", "trace list -t topaz -> interpret as Topaz", "", - "trace list -t mf --dict -> use dictionary keys file", - "trace list -t 14a -f -> show frame delay times", + "trace list -t mf -f mfc_default_keys.dic -> use default dictionary file", + "trace list -t 14a --frame -> show frame delay times", "trace list -t 14a -1 -> use trace buffer" ], "offline": true, "options": [ "-h, --help This help", "-1, --buffer use data from trace buffer", - "-f show frame delay times", + "--frame show frame delay times", "-c mark CRC bytes", "-r show relative times (gap and duration)", "-u display times in microseconds instead of clock cycles", "-x show hexdump to convert to pcap(ng)", "or to import into Wireshark using encapsulation type \"ISO 14443\"", "-t, --type protocol to annotate the trace", - "--dict use dictionary keys file" + "-f, --file filename of dictionary" ], - "usage": "trace list [-h1fcrux] [-t ] [--dict ]" + "usage": "trace list [-h1crux] [--frame] [-t ] [-f ]" }, "trace load": { "command": "trace load", @@ -11510,8 +11760,8 @@ } }, "metadata": { - "commands_extracted": 727, + "commands_extracted": 739, "extracted_by": "PM3Help2JSON v1.00", - "extracted_on": "2023-01-14T21:23:30" + "extracted_on": "2023-01-15T01:24:39" } } \ No newline at end of file diff --git a/doc/commands.md b/doc/commands.md index 2133d960b..1c6110cea 100644 --- a/doc/commands.md +++ b/doc/commands.md @@ -367,11 +367,11 @@ Check column "offline" for their availability. |command |offline |description |------- |------- |----------- |`hf ksx6924 help `|Y |`This help` -|`hf ksx6924 balance `|N |`Get current purse balance` -|`hf ksx6924 info `|N |`Get info about a KS X 6924 (T-Money, Snapper+) transit card` -|`hf ksx6924 initialize `|N |`Perform transaction initialization (Mpda)` -|`hf ksx6924 prec `|N |`Send proprietary get record command (CLA=90, INS=4C)` |`hf ksx6924 select `|N |`Select application, and leave field up` +|`hf ksx6924 info `|N |`Get info about a KS X 6924 (T-Money, Snapper+) transit card` +|`hf ksx6924 balance `|N |`Get current purse balance` +|`hf ksx6924 init `|N |`Perform transaction initialization with Mpda` +|`hf ksx6924 prec `|N |`Send proprietary get record command (CLA=90, INS=4C)` ### hf jooki @@ -510,6 +510,10 @@ Check column "offline" for their availability. |`hf mf gen3uid `|N |`Set UID without changing manufacturer block` |`hf mf gen3blk `|N |`Overwrite manufacturer block` |`hf mf gen3freeze `|N |`Perma lock UID changes. irreversible` +|`hf mf ggetblk `|N |`Read block from card` +|`hf mf gload `|N |`Load dump to card` +|`hf mf gsave `|N |`Save dump from card into file or emulator` +|`hf mf gsetblk `|N |`Write block to card` |`hf mf gview `|N |`View card` |`hf mf ndefformat `|N |`Format MIFARE Classic Tag as NFC Tag` |`hf mf ndefread `|N |`Read and print NDEF records from card` @@ -554,7 +558,8 @@ Check column "offline" for their availability. |`hf mfu restore `|N |`Restore a dump onto a MFU MAGIC tag` |`hf mfu view `|Y |`Display content from tag dump file` |`hf mfu wrbl `|N |`Write block` -|`hf mfu eload `|N |`Load Ultralight .eml dump file into emulator memory` +|`hf mfu eload `|N |`Load Ultralight dump file into emulator memory` +|`hf mfu esave `|N |`Save Ultralight dump file from emulator memory` |`hf mfu eview `|N |`View emulator memory` |`hf mfu sim `|N |`Simulate MIFARE Ultralight from emulator memory` |`hf mfu setpwd `|N |`Set 3DES key - Ultralight-C` @@ -971,6 +976,7 @@ Check column "offline" for their availability. |command |offline |description |------- |------- |----------- |`lf indala help `|Y |`This help` +|`lf indala brute `|N |`Demodulate an Indala tag (PSK1) from the GraphBuffer` |`lf indala demod `|Y |`Demodulate an Indala tag (PSK1) from the GraphBuffer` |`lf indala altdemod `|Y |`Alternative method to demodulate samples for Indala 64 bit UID (option '224' for 224 bit)` |`lf indala reader `|N |`Read an Indala tag from the antenna` @@ -1328,6 +1334,20 @@ Check column "offline" for their availability. |`nfc barcode help `|Y |`This help` +### piv + + { PIV commands... } + +|command |offline |description +|------- |------- |----------- +|`piv help `|Y |`This help` +|`piv select `|N |`Select the PIV applet` +|`piv getdata `|N |`Gets a container on a PIV card` +|`piv authsign `|N |`Authenticate with the card` +|`piv scan `|N |`Scan PIV card for known containers` +|`piv list `|Y |`List ISO7816 history` + + ### reveng { CRC calculations from RevEng software... } diff --git a/tools/cryptorf/sma_multi.cpp b/tools/cryptorf/sma_multi.cpp index c4e61e37e..50b962248 100644 --- a/tools/cryptorf/sma_multi.cpp +++ b/tools/cryptorf/sma_multi.cpp @@ -165,7 +165,7 @@ void print_cs(const char *text, pcs s) { } static inline uint8_t mod(uint8_t a, uint8_t m) { - if (m==0) { + if (m == 0) { return 0; // Actually, divide by zero error } // Just return the input when this is less or equal than the modular value From ad87e2051dba66ff2df7d20bac86cb845dfb0e22 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 15 Jan 2023 02:33:56 +0100 Subject: [PATCH 21/23] build_all_firmwares.sh able to build HF_14ASNIFF HF_15SNIFF without flash --- armsrc/Standalone/Makefile.hal | 2 +- tools/build_all_firmwares.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/armsrc/Standalone/Makefile.hal b/armsrc/Standalone/Makefile.hal index afd144e5d..5d571fa74 100644 --- a/armsrc/Standalone/Makefile.hal +++ b/armsrc/Standalone/Makefile.hal @@ -125,7 +125,7 @@ STANDALONE_MODES := LF_SKELETON LF_EM4100EMUL LF_EM4100RSWB LF_EM4100RSWW LF_EM4 STANDALONE_MODES += HF_14ASNIFF HF_14BSNIFF HF_15SNIFF HF_AVEFUL HF_BOG HF_COLIN HF_CRAFTBYTE HF_ICECLASS HF_LEGIC HF_LEGICSIM HF_MATTYRUN HF_MFCSIM HF_MSDSAL HF_TCPRST HF_TMUDFORD HF_YOUNG HF_REBLAY DANKARMULTI STANDALONE_MODES_REQ_BT := HF_REBLAY STANDALONE_MODES_REQ_SMARTCARD := -STANDALONE_MODES_REQ_FLASH := LF_HIDFCBRUTE LF_ICEHID LF_NEXID LF_THAREXDE HF_BOG HF_COLIN HF_ICECLASS HF_MFCSIM HF_LEGICSIM +STANDALONE_MODES_REQ_FLASH := LF_HIDFCBRUTE LF_ICEHID LF_NEXID LF_THAREXDE HF_BOG HF_COLIN HF_ICECLASS HF_LEGICSIM HF_MFCSIM ifneq ($(filter $(STANDALONE),$(STANDALONE_MODES)),) STANDALONE_PLATFORM_DEFS += -DWITH_STANDALONE_$(STANDALONE) ifneq ($(filter $(STANDALONE),$(STANDALONE_MODES_REQ_SMARTCARD)),) diff --git a/tools/build_all_firmwares.sh b/tools/build_all_firmwares.sh index a0ef2e1dd..c6bb8969d 100755 --- a/tools/build_all_firmwares.sh +++ b/tools/build_all_firmwares.sh @@ -34,7 +34,7 @@ STANDALONE_MODES=(LF_SKELETON LF_EM4100EMUL LF_EM4100RSWB LF_EM4100RSWW LF_EM410 STANDALONE_MODES+=(HF_14ASNIFF HF_14BSNIFF HF_15SNIFF HF_AVEFUL HF_BOG HF_COLIN HF_CRAFTBYTE HF_ICECLASS HF_LEGIC HF_LEGICSIM HF_MATTYRUN HF_MFCSIM HF_MSDSAL HF_TCPRST HF_TMUDFORD HF_YOUNG HF_REBLAY DANKARMULTI) STANDALONE_MODES_REQ_BT=(HF_REBLAY) STANDALONE_MODES_REQ_SMARTCARD=() -STANDALONE_MODES_REQ_FLASH=(LF_HIDFCBRUTE LF_ICEHID LF_NEXID LF_THAREXDE HF_14ASNIFF HF_15SNIFF HF_BOG HF_COLIN HF_ICECLASS HF_LEGICSIM HF_MFCSIM) +STANDALONE_MODES_REQ_FLASH=(LF_HIDFCBRUTE LF_ICEHID LF_NEXID LF_THAREXDE HF_BOG HF_COLIN HF_ICECLASS HF_LEGICSIM HF_MFCSIM) # PM3GENERIC 256kb, no flash, need to skip some parts to reduce size From c2546d35f81ad8096616fc2fc200cd5930397fa8 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 15 Jan 2023 02:40:58 +0100 Subject: [PATCH 22/23] experimental_lib/CMakeLists missing files --- client/CMakeLists.txt | 2 +- client/experimental_lib/CMakeLists.txt | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/client/CMakeLists.txt b/client/CMakeLists.txt index 1622190f9..5519b2e77 100644 --- a/client/CMakeLists.txt +++ b/client/CMakeLists.txt @@ -293,9 +293,9 @@ set (TARGET_SOURCES ${PM3_ROOT}/client/src/cmdhfseos.c ${PM3_ROOT}/client/src/cmdhfst.c ${PM3_ROOT}/client/src/cmdhfst25ta.c + ${PM3_ROOT}/client/src/cmdhftexkom.c ${PM3_ROOT}/client/src/cmdhfthinfilm.c ${PM3_ROOT}/client/src/cmdhftopaz.c - ${PM3_ROOT}/client/src/cmdhftexkom.c ${PM3_ROOT}/client/src/cmdhfwaveshare.c ${PM3_ROOT}/client/src/cmdhfxerox.c ${PM3_ROOT}/client/src/cmdhw.c diff --git a/client/experimental_lib/CMakeLists.txt b/client/experimental_lib/CMakeLists.txt index 5c64fd135..3855d6884 100644 --- a/client/experimental_lib/CMakeLists.txt +++ b/client/experimental_lib/CMakeLists.txt @@ -276,6 +276,7 @@ set (TARGET_SOURCES ${PM3_ROOT}/client/src/cmdhfepa.c ${PM3_ROOT}/client/src/cmdhffelica.c ${PM3_ROOT}/client/src/cmdhffido.c + ${PM3_ROOT}/client/src/cmdhffudan.c ${PM3_ROOT}/client/src/cmdhfgallagher.c ${PM3_ROOT}/client/src/cmdhfcipurse.c ${PM3_ROOT}/client/src/cmdhficlass.c @@ -293,9 +294,11 @@ set (TARGET_SOURCES ${PM3_ROOT}/client/src/cmdhfseos.c ${PM3_ROOT}/client/src/cmdhfst.c ${PM3_ROOT}/client/src/cmdhfst25ta.c + ${PM3_ROOT}/client/src/cmdhftexkom.c ${PM3_ROOT}/client/src/cmdhfthinfilm.c ${PM3_ROOT}/client/src/cmdhftopaz.c ${PM3_ROOT}/client/src/cmdhfwaveshare.c + ${PM3_ROOT}/client/src/cmdhfxerox.c ${PM3_ROOT}/client/src/cmdhw.c ${PM3_ROOT}/client/src/cmdlf.c ${PM3_ROOT}/client/src/cmdlfawid.c @@ -334,6 +337,7 @@ set (TARGET_SOURCES ${PM3_ROOT}/client/src/cmdmain.c ${PM3_ROOT}/client/src/cmdnfc.c ${PM3_ROOT}/client/src/cmdparser.c + ${PM3_ROOT}/client/src/cmdpiv.c ${PM3_ROOT}/client/src/cmdscript.c ${PM3_ROOT}/client/src/cmdsmartcard.c ${PM3_ROOT}/client/src/cmdtrace.c From fe286ed6d76e866baeaa3bddc15ec4b16a8a2014 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 15 Jan 2023 02:50:16 +0100 Subject: [PATCH 23/23] remove Android from release checklist --- .github/ISSUE_TEMPLATE/checklist-for-release.md | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/ISSUE_TEMPLATE/checklist-for-release.md b/.github/ISSUE_TEMPLATE/checklist-for-release.md index 514b454d7..437a673b4 100644 --- a/.github/ISSUE_TEMPLATE/checklist-for-release.md +++ b/.github/ISSUE_TEMPLATE/checklist-for-release.md @@ -18,7 +18,6 @@ assignees: doegox, iceman1001 - [ ] `tools/build_all_firmwares.sh` check that the script contains all standalone modes then compile all standalone modes (linux only) - [ ] `experimental_lib` compilation & tests - [ ] `experimental_client_with_swig` compilation & tests -- [ ] Check Android `CMakeLists.txt` list of source file - [ ] GitHub Actions - green across the board ( MacOS, Ubuntu, Windows) # OS compilation and tests