From 94b782ee107c9981e0eb2172bdada78bad462f30 Mon Sep 17 00:00:00 2001 From: Uli Heilmeier Date: Fri, 10 May 2019 12:24:38 +0200 Subject: [PATCH 1/5] client/Makefile: use brew libreadline on macOS Make sure we use libreadline from brew and not the default macOS shipped one. Otherwise compilation fails for undefined rl_event_hook --- client/Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/client/Makefile b/client/Makefile index 318e2f1bd..72b124d73 100644 --- a/client/Makefile +++ b/client/Makefile @@ -72,6 +72,8 @@ else LUAPLATFORM = macosx OBJCSRCS = util_darwin.m LDFLAGS += -framework Foundation -framework AppKit + LDLIBS := -L/usr/local/opt/readline/lib $(LDLIBS) + LIBS := -I/usr/local/opt/readline/include $(LIBS) else LUALIB += -ldl LDLIBS += -ltermcap -lncurses From 0119e13ff31007ca473a02f334f1897412ebb37b Mon Sep 17 00:00:00 2001 From: Uli Heilmeier Date: Fri, 10 May 2019 14:50:09 +0200 Subject: [PATCH 2/5] client/comms.c: fix buffer overflow Don't copy more bytes into pm3_capabilities as its size. Fix: RfidResearchGroup/proxmark3#189 --- client/comms.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/comms.c b/client/comms.c index 764b70089..187761ae0 100644 --- a/client/comms.c +++ b/client/comms.c @@ -613,7 +613,7 @@ int TestProxmark(void) { SendCommandNG(CMD_CAPABILITIES, NULL, 0); if (WaitForResponseTimeoutW(CMD_CAPABILITIES, &resp, 1000, false)) { - memcpy(&pm3_capabilities, resp.data.asBytes, resp.length); + memcpy(&pm3_capabilities, resp.data.asBytes, MIN(sizeof(capabilities_t), resp.length)); conn.send_via_fpc_usart = pm3_capabilities.via_fpc; conn.uart_speed = pm3_capabilities.baudrate; PrintAndLogEx(INFO, "Communicating with PM3 over %s", conn.send_via_fpc_usart ? _YELLOW_("FPC UART") : _YELLOW_("USB-CDC")); From a1c24c6c7df20ec205e4859a278f088332eecc90 Mon Sep 17 00:00:00 2001 From: Uli Heilmeier Date: Thu, 9 May 2019 16:34:06 +0200 Subject: [PATCH 3/5] Cmdtrace: Show trace ouput in hexdump format Adding option 'x' to show trace output for 14a in hexdump format. This output can be imported into Wireshark using the 'Import from Hex Dump' option. Encapsulation type should be set to 'ISO 14443' and Max Frame Length to 256. Format defined at https://www.kaiser.cx/pcap-iso14443.html --- client/cmdtrace.c | 95 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 95 insertions(+) diff --git a/client/cmdtrace.c b/client/cmdtrace.c index e50a2b2c4..eb0c70732 100644 --- a/client/cmdtrace.c +++ b/client/cmdtrace.c @@ -20,6 +20,8 @@ static int usage_trace_list() { PrintAndLogEx(NORMAL, "Usage: trace list [f][c| <0|1>"); PrintAndLogEx(NORMAL, " f - show frame delay times as well"); PrintAndLogEx(NORMAL, " c - mark CRC bytes"); + PrintAndLogEx(NORMAL, " x - show hexdump to convert to pcap(ng) or to import into Wireshark using encapsulation type \"ISO 14443\""); + PrintAndLogEx(NORMAL, " syntax to use: `text2pcap -t \"%%S.\" -l 264 -n `"); PrintAndLogEx(NORMAL, " <0|1> - use data from Tracebuffer, if not set, try reading data from tag."); PrintAndLogEx(NORMAL, "Supported values:"); PrintAndLogEx(NORMAL, " raw - just show raw data without annotations"); @@ -102,6 +104,90 @@ static bool merge_topaz_reader_frames(uint32_t timestamp, uint32_t *duration, ui return true; } +static uint16_t printHexLine(uint16_t tracepos, uint16_t traceLen, uint8_t *trace, uint8_t protocol) { + // sanity check + if (tracepos + sizeof(uint32_t) + sizeof(uint16_t) + sizeof(uint16_t) > traceLen) return traceLen; + + bool isResponse; + uint16_t data_len, parity_len; + uint32_t timestamp; + + timestamp = *((uint32_t *)(trace + tracepos)); + tracepos += 4; + + + // currently we don't use duration, so we skip it + tracepos += 2; + + data_len = *((uint16_t *)(trace + tracepos)); + tracepos += 2; + + if (data_len & 0x8000) { + data_len &= 0x7fff; + isResponse = true; + } else { + isResponse = false; + } + parity_len = (data_len - 1) / 8 + 1; + + if (tracepos + data_len + parity_len > traceLen) { + return traceLen; + } + uint8_t *frame = trace + tracepos; + tracepos += data_len; + //currently we don't use parity bytes, so we skip it + tracepos += parity_len; + + if (data_len == 0) { + PrintAndLogEx(NORMAL, ""); + return tracepos; + } + + switch (protocol) { + case ISO_14443A: + { + /* https://www.kaiser.cx/pcap-iso14443.html defines a pseudo header: + * version (currently 0x00), event (Rdr: 0xfe, Tag: 0xff), length (2 bytes) + * to convert to pcap(ng) via text2pcap or to import into Wireshark + * we use format timestamp, newline, offset (0x000000), pseudo header, data + * `text2pcap -t "%S." -l 264 -n ` + */ + char line[(data_len *3) + 1]; + char *ptr = &line[0]; + + for (int j = 0; j < data_len ; j++) { + ptr += sprintf (ptr, "%02x", frame[j]); + ptr += sprintf (ptr, " "); + } + + char data_len_str[5]; + char temp_str1[3] = {0}; + char temp_str2[3] = {0}; + + sprintf(data_len_str, "%04x", data_len); + strncat(temp_str1, data_len_str, 2); + temp_str1[2] = '\0'; + strncat(temp_str2, data_len_str + 2, 2); + temp_str2[2] = '\0'; + + PrintAndLogEx(NORMAL, "0.%010u", timestamp); + PrintAndLogEx(NORMAL, "000000 00 %s %s %s %s", + (isResponse ? "ff" : "fe"), + temp_str1, + temp_str2, + line); + return tracepos; + } + default: + PrintAndLogEx(NORMAL, "Currently only 14a supported"); + return traceLen; + } + + if (is_last_record(tracepos, trace, traceLen)) return traceLen; + + return tracepos; +} + static uint16_t printTraceLine(uint16_t tracepos, uint16_t traceLen, uint8_t *trace, uint8_t protocol, bool showWaitCycles, bool markCRCBytes) { // sanity check if (tracepos + sizeof(uint32_t) + sizeof(uint16_t) + sizeof(uint16_t) > traceLen) return traceLen; @@ -592,6 +678,7 @@ int CmdTraceList(const char *Cmd) { bool showWaitCycles = false; bool markCRCBytes = false; + bool showHex = false; bool isOnline = true; bool errors = false; uint8_t protocol = 0; @@ -618,6 +705,10 @@ int CmdTraceList(const char *Cmd) { markCRCBytes = true; cmdp++; break; + case 'x': + showHex = true; + cmdp++; + break; case '0': isOnline = true; cmdp++; @@ -695,6 +786,10 @@ int CmdTraceList(const char *Cmd) { PrintAndLogEx(INFO, ""); if (protocol == FELICA) { printFelica(traceLen, trace); + } else if (showHex) { + while (tracepos < traceLen) { + tracepos = printHexLine(tracepos, traceLen, trace, protocol); + } } else { PrintAndLogEx(NORMAL, "Start = Start of Start Bit, End = End of last modulation. Src = Source of Transfer"); if (protocol == ISO_14443A || protocol == PROTO_MIFARE) From 3412e9d8c55eae57b0366a393b1aa6c84b642499 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Fri, 10 May 2019 19:00:18 +0200 Subject: [PATCH 4/5] Capabilities versionning, would also detect platform struct pack issues --- armsrc/appmain.c | 1 + client/comms.c | 5 +++++ include/pm3_cmd.h | 3 ++- 3 files changed, 8 insertions(+), 1 deletion(-) diff --git a/armsrc/appmain.c b/armsrc/appmain.c index ef3d099d0..6b9bfaf6f 100644 --- a/armsrc/appmain.c +++ b/armsrc/appmain.c @@ -428,6 +428,7 @@ void SendStatus(void) { void SendCapabilities(void) { capabilities_t capabilities; + capabilities.version = CAPABILITIES_VERSION; capabilities.via_fpc = reply_via_fpc; if (reply_via_fpc) capabilities.baudrate = USART_BAUD_RATE; diff --git a/client/comms.c b/client/comms.c index 187761ae0..ab5ab27ab 100644 --- a/client/comms.c +++ b/client/comms.c @@ -613,6 +613,11 @@ int TestProxmark(void) { SendCommandNG(CMD_CAPABILITIES, NULL, 0); if (WaitForResponseTimeoutW(CMD_CAPABILITIES, &resp, 1000, false)) { + if ((resp.length != sizeof(pm3_capabilities)) || (resp.data.asBytes[0] != CAPABILITIES_VERSION)) { + PrintAndLogEx(ERR, _RED_("Capabilities structure version sent by Proxmark3 is not the same as the one used by the client!")); + PrintAndLogEx(ERR, _RED_("Please flash the Proxmark with the same version as the client.")); + return PM3_EDEVNOTSUPP; + } memcpy(&pm3_capabilities, resp.data.asBytes, MIN(sizeof(capabilities_t), resp.length)); conn.send_via_fpc_usart = pm3_capabilities.via_fpc; conn.uart_speed = pm3_capabilities.baudrate; diff --git a/include/pm3_cmd.h b/include/pm3_cmd.h index 102b87b82..ae576e087 100644 --- a/include/pm3_cmd.h +++ b/include/pm3_cmd.h @@ -138,6 +138,7 @@ typedef struct { } t55xx_config; typedef struct { + uint8_t version; uint32_t baudrate; bool via_fpc : 1; // rdv4 @@ -164,7 +165,7 @@ typedef struct { bool hw_available_flash : 1; bool hw_available_smartcard : 1; } PACKED capabilities_t; - +#define CAPABILITIES_VERSION 1 extern capabilities_t pm3_capabilities; // For the bootloader From 345f936054fe57069c634c50e561f78c22666a8b Mon Sep 17 00:00:00 2001 From: Uli Heilmeier Date: Fri, 10 May 2019 22:39:54 +0200 Subject: [PATCH 5/5] Doc: Update macOS install instruction Reviewed install instructions for macOS and updated where necessary. --- ...OS-X-Homebrew-Installation-Instructions.md | 20 +++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/doc/md/Installation_Instructions/Mac-OS-X-Homebrew-Installation-Instructions.md b/doc/md/Installation_Instructions/Mac-OS-X-Homebrew-Installation-Instructions.md index 0f6151869..34b9c3aa5 100644 --- a/doc/md/Installation_Instructions/Mac-OS-X-Homebrew-Installation-Instructions.md +++ b/doc/md/Installation_Instructions/Mac-OS-X-Homebrew-Installation-Instructions.md @@ -12,25 +12,33 @@ For further questions about Mac & Homebrew, contact @Chrisfu (https://github.c *This method is useful for those looking to run bleeding-edge versions of RRG/iceman's client. Keep this in mind when attempting to update your HomeBrew tap formula as this procedure could easily cause a build to break if an update is unstable on macOS.* -Tested on macOS High Sierra 10.13.2 +Tested on macOS Mojave 10.14.4 *Note: This assumes you have already installed RRG/iceman's fork from HomeBrew as mentioned above* Force HomeBrew to pull the latest source from github -``` -brew upgrade --fetch-HEAD RfidResearchGroup/proxmark3 + +```sh +brew upgrade --fetch-HEAD proxmark3 ``` ## Flash the BOOTROM & FULLIMAGE -With your Proxmark3 unplugged from your machine, press and hold the button on your Proxmark3 as you plug it into a USB port. Continue to hold the button until after this step is complete and the `proxmark3-flasher` command outputs "Have a nice day!"* +With your Proxmark3 unplugged from your machine, press and hold the button on your Proxmark3 as you plug it into a USB port. Continue to hold the button until after this step is complete and the `proxmark3-flasher` command outputs "Have a nice day!" + +```sh +sudo proxmark3-flasher /dev/tty.usbmodemiceman1 -b /usr/local/Cellar/proxmark3/HEAD-/share/firmware/bootrom.elf /usr/local/Cellar/proxmark3/HEAD-/share/firmware/fullimage.elf +``` + +> Replace \ with the HEAD-XXXX ID displayed by brew. +> Depending on the firmware version your Proxmark3 can also appear as `/dev/tty.usbmodem881` + -`$ sudo proxmark3-flasher /dev/tty.usbmodem881 -b /usr/local/Cellar/proxmark3/HEAD-6a710ef/share/firmware/bootrom.elf /usr/local/Cellar/proxmark3/HEAD-6a710ef/share/firmware/fullimage.elf` ## Run the client ```sh -sudo proxmark3 /dev/tty.usbmodem881 +sudo proxmark3 /dev/tty.usbmodemiceman1 ``` ## Next steps