github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-21 05:43:48 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Merge pull request #33 from RfidResearchGroup/master

Browse source 
Update
This commit is contained in:
mwalker33 2020-04-11 16:32:44 +10:00 committed by GitHub
commit 449d2ac1ec
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
17 changed files with 1450 additions and 609 deletions
Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file.
This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...
## [unreleased][unreleased] ## [unreleased][unreleased]
- Updates `hf mfdes` functions, improved logging and added new commands (@bkerler)
- Updated 'legic.lua' and 'legic_clone.lua' script - works with current command set (@Pizza_4u) - Updated 'legic.lua' and 'legic_clone.lua' script - works with current command set (@Pizza_4u)
- Rewrote `hf mfdes` functions and added apdu debugging (@bkerler) - Rewrote `hf mfdes` functions and added apdu debugging (@bkerler)
- Add Mifare Desfire GetDFNames and improve HF MFDES Enum output (@bkerler) - Add Mifare Desfire GetDFNames and improve HF MFDES Enum output (@bkerler)

1
Makefile.platform.sample
View file

@ -5,3 +5,4 @@ PLATFORM=PM3RDV4
# If you want more than one PLATFORM_EXTRAS option, separate them by spaces: # If you want more than one PLATFORM_EXTRAS option, separate them by spaces:
#PLATFORM_EXTRAS=BTADDON #PLATFORM_EXTRAS=BTADDON
#STANDALONE=LF_SAMYRUN #STANDALONE=LF_SAMYRUN
STANDALONE=LF_ICEHID

4
armsrc/iso14443a.c
View file

@ -2672,8 +2672,10 @@ void ReaderIso14443a(PacketCommandNG *c) {
uint8_t buf[PM3_CMD_DATA_SIZE] = {0x00}; uint8_t buf[PM3_CMD_DATA_SIZE] = {0x00};
uint8_t par[MAX_PARITY_SIZE] = {0x00}; uint8_t par[MAX_PARITY_SIZE] = {0x00};
if ((param & ISO14A_CONNECT)) if ((param & ISO14A_CONNECT)) {
iso14_pcb_blocknum = 0;
clear_trace(); clear_trace();
}
set_tracing(true); set_tracing(true);

10
armsrc/iso14443b.c
View file

@ -29,7 +29,7 @@
# define FWT_TIMEOUT_14B 35312 # define FWT_TIMEOUT_14B 35312
#endif #endif
#ifndef ISO14443B_DMA_BUFFER_SIZE #ifndef ISO14443B_DMA_BUFFER_SIZE
# define ISO14443B_DMA_BUFFER_SIZE 256 # define ISO14443B_DMA_BUFFER_SIZE 512 //changed this from 256
#endif #endif
#ifndef RECEIVE_MASK #ifndef RECEIVE_MASK
# define RECEIVE_MASK (ISO14443B_DMA_BUFFER_SIZE-1) # define RECEIVE_MASK (ISO14443B_DMA_BUFFER_SIZE-1)
@ -37,7 +37,7 @@
// Guard Time (per 14443-2) // Guard Time (per 14443-2)
#ifndef TR0 #ifndef TR0
# define TR0 0 # define TR0 32 //this value equals 8 ETU = 32 ssp clk (w/ 424 khz)
#endif #endif
// Synchronization time (per 14443-2) // Synchronization time (per 14443-2)
@ -261,6 +261,10 @@ static void CodeIso14443bAsTag(const uint8_t *cmd, int len) {
// 80/fs < TR1 < 200/fs // 80/fs < TR1 < 200/fs
// 10 ETU < TR1 < 24 ETU // 10 ETU < TR1 < 24 ETU
// Send TR1.
// 10-11 ETU * 4times samples ONES
for (int i = 0; i < 10; i++) { SEND4STUFFBIT(1); }
// Send SOF. // Send SOF.
// 10-11 ETU * 4times samples ZEROS // 10-11 ETU * 4times samples ZEROS
for (int i = 0; i < 10; i++) { SEND4STUFFBIT(0); } for (int i = 0; i < 10; i++) { SEND4STUFFBIT(0); }
@ -307,7 +311,7 @@ static void CodeIso14443bAsTag(const uint8_t *cmd, int len) {
//for(i = 0; i < 10; i++) { ToSendStuffBit(0); } //for(i = 0; i < 10; i++) { ToSendStuffBit(0); }
// why this? // why this?
for (int i = 0; i < 40; i++) { SEND4STUFFBIT(1); } for (int i = 0; i < 2; i++) { SEND4STUFFBIT(1); }
//for(i = 0; i < 40; i++) { ToSendStuffBit(1); } //for(i = 0; i < 40; i++) { ToSendStuffBit(1); }
// Convert from last byte pos to length // Convert from last byte pos to length

280
armsrc/mifaredesfire.c
View file

@ -16,6 +16,7 @@
#include "commonutil.h" #include "commonutil.h"
#include "util.h" #include "util.h"
#include "mifare.h" #include "mifare.h"
#include "ticks.h"
#define MAX_APPLICATION_COUNT 28 #define MAX_APPLICATION_COUNT 28
#define MAX_FILE_COUNT 16 #define MAX_FILE_COUNT 16
@ -103,7 +104,7 @@ void MifareDesfireGetInformation() {
uint8_t versionSW[7]; uint8_t versionSW[7];
uint8_t details[14]; uint8_t details[14];
} PACKED payload; } PACKED payload;
/* /*
1 = PCB 1 1 = PCB 1
2 = cid 2 2 = cid 2
@ -116,6 +117,9 @@ void MifareDesfireGetInformation() {
clear_trace(); clear_trace();
set_tracing(true); set_tracing(true);
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
// reset the pcb_blocknum,
pcb_blocknum = 0;
// card select - information // card select - information
if (!iso14443a_select_card(NULL, &card, NULL, true, 0, false)) { if (!iso14443a_select_card(NULL, &card, NULL, true, 0, false)) {
@ -137,7 +141,7 @@ void MifareDesfireGetInformation() {
memcpy(payload.uid, card.uid, sizeof(payload.uid)); memcpy(payload.uid, card.uid, sizeof(payload.uid));
LED_A_ON(); LED_A_ON();
uint8_t cmd[] = {GET_VERSION, 0x00, 0x00, 0x00}; uint8_t cmd[] = {0x90, GET_VERSION, 0x00, 0x00, 0x00};
size_t cmd_len = sizeof(cmd); size_t cmd_len = sizeof(cmd);
len = DesfireAPDU(cmd, cmd_len, resp); len = DesfireAPDU(cmd, cmd_len, resp);
@ -152,7 +156,7 @@ void MifareDesfireGetInformation() {
memcpy(payload.versionHW, resp + 1, sizeof(payload.versionHW)); memcpy(payload.versionHW, resp + 1, sizeof(payload.versionHW));
// ADDITION_FRAME 1 // ADDITION_FRAME 1
cmd[0] = ADDITIONAL_FRAME; cmd[1] = ADDITIONAL_FRAME;
len = DesfireAPDU(cmd, cmd_len, resp); len = DesfireAPDU(cmd, cmd_len, resp);
if (!len) { if (!len) {
print_result("ERROR <--: ", resp, len); print_result("ERROR <--: ", resp, len);
@ -178,7 +182,7 @@ void MifareDesfireGetInformation() {
LED_B_ON(); LED_B_ON();
reply_ng(CMD_HF_DESFIRE_INFO, PM3_SUCCESS, (uint8_t *)&payload, sizeof(payload)); reply_ng(CMD_HF_DESFIRE_INFO, PM3_SUCCESS, (uint8_t *)&payload, sizeof(payload));
LED_B_OFF(); LED_B_OFF();
// reset the pcb_blocknum, // reset the pcb_blocknum,
pcb_blocknum = 0; pcb_blocknum = 0;
OnSuccess(); OnSuccess();
@ -246,9 +250,15 @@ void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
else if (arg1 == 1) else if (arg1 == 1)
Desfire_des_key_new(keybytes, key); Desfire_des_key_new(keybytes, key);
cmd[0] = AUTHENTICATE; cmd[0] = 0x90;
cmd[1] = arg2; //keynumber cmd[1] = AUTHENTICATE;
len = DesfireAPDU(cmd, 2, resp); cmd[2] = 0x0;
cmd[3] = 0x0;
cmd[4] = 0x1;
cmd[5] = arg2; //keynumber
cmd[6] = 0x0;
len = DesfireAPDU(cmd, 7, resp);
if (!len) { if (!len) {
if (DBGLEVEL >= DBG_ERROR) { if (DBGLEVEL >= DBG_ERROR) {
DbpString("Authentication failed. Card timeout."); DbpString("Authentication failed. Card timeout.");
@ -257,14 +267,13 @@ void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
return; return;
} }
if (resp[2] == 0xaf) { if (resp[2] == (uint8_t)0xaf) {
} else {
DbpString("Authentication failed. Invalid key number."); DbpString("Authentication failed. Invalid key number.");
OnError(3); OnError(3);
return; return;
} }
memcpy(encRndB, resp + 3, 8); memcpy(encRndB, resp + 1, 8);
if (arg1 == 2) if (arg1 == 2)
tdes_dec(&decRndB, &encRndB, key->data); tdes_dec(&decRndB, &encRndB, key->data);
else if (arg1 == 1) else if (arg1 == 1)
@ -275,6 +284,11 @@ void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
// This should be random // This should be random
uint8_t decRndA[8] = {0x00}; uint8_t decRndA[8] = {0x00};
uint32_t value = prng_successor(GetTickCount(), 32);
num_to_bytes(value, 4, &decRndA[0]);
value = prng_successor(GetTickCount(), 32);
num_to_bytes(value, 4, &decRndA[4]);
memcpy(RndA, decRndA, 8); memcpy(RndA, decRndA, 8);
uint8_t encRndA[8] = {0x00}; uint8_t encRndA[8] = {0x00};
@ -297,10 +311,14 @@ void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
memcpy(both + 8, encRndB, 8); memcpy(both + 8, encRndB, 8);
cmd[0] = ADDITIONAL_FRAME; cmd[0] = 0x90;
memcpy(cmd + 1, both, 16); cmd[1] = ADDITIONAL_FRAME;
cmd[2] = 0x00;
len = DesfireAPDU(cmd, 17, resp); cmd[3] = 0x00;
cmd[4] = 0x10;
memcpy(cmd + 5, both, 16);
cmd[16 + 5] = 0x0;
len = DesfireAPDU(cmd, 5 + 16 + 1, resp);
if (!len) { if (!len) {
if (DBGLEVEL >= DBG_ERROR) { if (DBGLEVEL >= DBG_ERROR) {
DbpString("Authentication failed. Card timeout."); DbpString("Authentication failed. Card timeout.");
@ -309,14 +327,14 @@ void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
return; return;
} }
if (resp[2] == 0x00) { if (resp[len - 3] == 0x00) {
struct desfire_key sessionKey = {0}; struct desfire_key sessionKey = {0};
desfirekey_t skey = &sessionKey; desfirekey_t skey = &sessionKey;
Desfire_session_key_new(RndA, RndB, key, skey); Desfire_session_key_new(RndA, RndB, key, skey);
//print_result("SESSION : ", skey->data, 8); //print_result("SESSION : ", skey->data, 8);
memcpy(encRndA, resp + 3, 8); memcpy(encRndA, resp + 1, 8);
if (arg1 == 2) if (arg1 == 2)
tdes_dec(&encRndA, &encRndA, key->data); tdes_dec(&encRndA, &encRndA, key->data);
@ -326,19 +344,20 @@ void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
rol(decRndA, 8); rol(decRndA, 8);
for (int x = 0; x < 8; x++) { for (int x = 0; x < 8; x++) {
if (decRndA[x] != encRndA[x]) { if (decRndA[x] != encRndA[x]) {
DbpString("Authentication failed. Cannot varify PICC."); DbpString("Authentication failed. Cannot verify PICC.");
OnError(4); OnError(4);
return; return;
} }
} }
//Change the selected key to a new value. //Change the selected key to a new value.
/*
/*
// Current key is a 3DES key, change it to a DES key // Current key is a 3DES key, change it to a DES key
if (arg1 == 2) { if (arg1 == 2) {
cmd[0] = CHANGE_KEY; cmd[0] = 0x90;
cmd[1] = arg2; cmd[1] = CHANGE_KEY;
cmd[2] = arg2;
uint8_t newKey[16] = {0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77}; uint8_t newKey[16] = {0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77};
@ -367,20 +386,21 @@ void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
buff3[x] = buff3[x] ^ buff2[x]; buff3[x] = buff3[x] ^ buff2[x];
} }
tdes_dec(&buff3, &buff3, skey->data); tdes_dec(&buff3, &buff3, skey->data);
memcpy(cmd+18,buff3,8); memcpy(cmd+19,buff3,8);
// The command always times out on the first attempt, this will retry until a response // The command always times out on the first attempt, this will retry until a response
// is recieved. // is recieved.
len = 0; len = 0;
while(!len) { while(!len) {
len = DesfireAPDU(cmd,26,resp); len = DesfireAPDU(cmd,27,resp);
} }
} else { } else {
// Current key is a DES key, change it to a 3DES key // Current key is a DES key, change it to a 3DES key
if (arg1 == 1) { if (arg1 == 1) {
cmd[0] = CHANGE_KEY; cmd[0] = 0x90;
cmd[1] = arg2; cmd[1] = CHANGE_KEY;
cmd[2] = arg2;
uint8_t newKey[16] = {0x40,0x41,0x42,0x43,0x44,0x45,0x46,0x47,0x48,0x49,0x4a,0x4b,0x4c,0x4d,0x4e,0x4f}; uint8_t newKey[16] = {0x40,0x41,0x42,0x43,0x44,0x45,0x46,0x47,0x48,0x49,0x4a,0x4b,0x4c,0x4d,0x4e,0x4f};
@ -397,31 +417,31 @@ void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
memcpy(buff3 + 1, &second, 1); memcpy(buff3 + 1, &second, 1);
des_dec(&buff1, &buff1, skey->data); des_dec(&buff1, &buff1, skey->data);
memcpy(cmd+2,buff1,8); memcpy(cmd+3,buff1,8);
for (int x = 0; x < 8; x++) { for (int x = 0; x < 8; x++) {
buff2[x] = buff2[x] ^ buff1[x]; buff2[x] = buff2[x] ^ buff1[x];
} }
des_dec(&buff2, &buff2, skey->data); des_dec(&buff2, &buff2, skey->data);
memcpy(cmd+10,buff2,8); memcpy(cmd+11,buff2,8);
for (int x = 0; x < 8; x++) { for (int x = 0; x < 8; x++) {
buff3[x] = buff3[x] ^ buff2[x]; buff3[x] = buff3[x] ^ buff2[x];
} }
des_dec(&buff3, &buff3, skey->data); des_dec(&buff3, &buff3, skey->data);
memcpy(cmd+18,buff3,8); memcpy(cmd+19,buff3,8);
// The command always times out on the first attempt, this will retry until a response // The command always times out on the first attempt, this will retry until a response
// is recieved. // is recieved.
len = 0; len = 0;
while(!len) { while(!len) {
len = DesfireAPDU(cmd,26,resp); len = DesfireAPDU(cmd,27,resp);
} }
} }
} }
*/ */
OnSuccess(); //OnSuccess();
if (arg1 == 2) if (arg1 == 2)
reply_old(CMD_ACK, 1, 0, 0, skey->data, 16); reply_old(CMD_ACK, 1, 0, 0, skey->data, 16);
else if (arg1 == 1) else if (arg1 == 1)
@ -433,11 +453,139 @@ void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
} }
} }
break; break;
case 2: case 2: {
//SendDesfireCommand(AUTHENTICATE_ISO, &arg2, resp); //SendDesfireCommand(AUTHENTICATE_ISO, &arg2, resp);
break; uint8_t keybytes[16];
case 3: { uint8_t RndA[8] = {0x00};
uint8_t RndB[8] = {0x00};
if (arg1 == 2) {
if (datain[1] == 0xff) {
memcpy(keybytes, PICC_MASTER_KEY16, 16);
} else {
memcpy(keybytes, datain + 1, datalen);
}
} else {
if (arg1 == 1) {
if (datain[1] == 0xff) {
uint8_t null_key_data8[8] = {0x00};
memcpy(keybytes, null_key_data8, 8);
} else {
memcpy(keybytes, datain + 1, datalen);
}
}
}
struct desfire_key defaultkey = {0};
desfirekey_t key = &defaultkey;
if (arg1 == 2)
Desfire_3des_key_new_with_version(keybytes, key);
else if (arg1 == 1)
Desfire_des_key_new(keybytes, key);
cmd[0] = AUTHENTICATE;
cmd[1] = arg2; //keynumber
len = DesfireAPDU(cmd, 2, resp);
if (!len) {
if (DBGLEVEL >= DBG_ERROR) {
DbpString("Authentication failed. Card timeout.");
}
OnError(3);
return;
}
if (resp[2] == (uint8_t)0xaf) {
DbpString("Authentication failed. Invalid key number.");
OnError(3);
return;
}
memcpy(encRndB, resp + 2, 8);
if (arg1 == 2)
tdes_dec(&decRndB, &encRndB, key->data);
else if (arg1 == 1)
des_dec(&decRndB, &encRndB, key->data);
memcpy(RndB, decRndB, 8);
rol(decRndB, 8);
// This should be random
uint8_t decRndA[8] = {0x00};
uint32_t value = prng_successor(GetTickCount(), 32);
num_to_bytes(value, 4, &decRndA[0]);
value = prng_successor(GetTickCount(), 32);
num_to_bytes(value, 4, &decRndA[4]);
memcpy(RndA, decRndA, 8);
uint8_t encRndA[8] = {0x00};
if (arg1 == 2)
tdes_dec(&encRndA, &decRndA, key->data);
else if (arg1 == 1)
des_dec(&encRndA, &decRndA, key->data);
memcpy(both, encRndA, 8);
for (int x = 0; x < 8; x++) {
decRndB[x] = decRndB[x] ^ encRndA[x];
}
if (arg1 == 2)
tdes_dec(&encRndB, &decRndB, key->data);
else if (arg1 == 1)
des_dec(&encRndB, &decRndB, key->data);
memcpy(both + 8, encRndB, 8);
cmd[0] = ADDITIONAL_FRAME;
memcpy(cmd + 1, both, 16);
len = DesfireAPDU(cmd, 1 + 16, resp);
if (!len) {
if (DBGLEVEL >= DBG_ERROR) {
DbpString("Authentication failed. Card timeout.");
}
OnError(3);
return;
}
if (resp[1] == 0x00) {
struct desfire_key sessionKey = {0};
desfirekey_t skey = &sessionKey;
Desfire_session_key_new(RndA, RndB, key, skey);
//print_result("SESSION : ", skey->data, 8);
memcpy(encRndA, resp + 2, 8);
if (arg1 == 2)
tdes_dec(&encRndA, &encRndA, key->data);
else if (arg1 == 1)
des_dec(&encRndA, &encRndA, key->data);
rol(decRndA, 8);
for (int x = 0; x < 8; x++) {
if (decRndA[x] != encRndA[x]) {
DbpString("Authentication failed. Cannot verify PICC.");
OnError(4);
return;
}
}
//OnSuccess();
if (arg1 == 2)
reply_old(CMD_ACK, 1, 0, 0, skey->data, 16);
else if (arg1 == 1)
reply_old(CMD_ACK, 1, 0, 0, skey->data, 8);
} else {
DbpString("Authentication failed.");
OnError(6);
return;
}
}
break;
case 3: {
//defaultkey //defaultkey
uint8_t keybytes[16] = {0x00}; uint8_t keybytes[16] = {0x00};
if (datain[1] == 0xff) { if (datain[1] == 0xff) {
@ -454,13 +602,14 @@ void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
uint8_t IV[16] = {0x00}; uint8_t IV[16] = {0x00};
mbedtls_aes_init(&ctx); mbedtls_aes_init(&ctx);
cmd[0] = AUTHENTICATE_AES; cmd[0] = 0x90;
cmd[1] = 0x0; cmd[1] = AUTHENTICATE_AES;
cmd[2] = 0x0; cmd[2] = 0x0;
cmd[3] = 0x1; cmd[3] = 0x0;
cmd[4] = arg2; //keynumber cmd[4] = 0x1;
cmd[5] = 0x0; cmd[5] = arg2; //keynumber
len = DesfireAPDU(cmd, 6, resp); cmd[6] = 0x0;
len = DesfireAPDU(cmd, 7, resp);
if (!len) { if (!len) {
if (DBGLEVEL >= DBG_ERROR) { if (DBGLEVEL >= DBG_ERROR) {
DbpString("Authentication failed. Card timeout."); DbpString("Authentication failed. Card timeout.");
@ -482,6 +631,14 @@ void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_DECRYPT, 16, IV, encRndB, decRndB); mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_DECRYPT, 16, IV, encRndB, decRndB);
rol(decRndB, 16); rol(decRndB, 16);
uint8_t nonce[16] = {0x00}; uint8_t nonce[16] = {0x00};
uint32_t val = prng_successor(GetTickCount(), 32);
num_to_bytes(val, 4, &nonce[0]);
val = prng_successor(GetTickCount(), 32);
num_to_bytes(val, 4, &nonce[4]);
val = prng_successor(GetTickCount(), 32);
num_to_bytes(val, 4, &nonce[8]);
val = prng_successor(GetTickCount(), 32);
num_to_bytes(val, 4, &nonce[12]);
memcpy(both, nonce, 16); memcpy(both, nonce, 16);
memcpy(both + 16, decRndB, 16); memcpy(both + 16, decRndB, 16);
uint8_t encBoth[32] = {0x00}; uint8_t encBoth[32] = {0x00};
@ -494,14 +651,15 @@ void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
} }
mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_ENCRYPT, 32, IV, both, encBoth); mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_ENCRYPT, 32, IV, both, encBoth);
cmd[0] = ADDITIONAL_FRAME; cmd[0] = 0x90;
cmd[1] = 0x00; cmd[1] = ADDITIONAL_FRAME;
cmd[2] = 0x00; cmd[2] = 0x00;
cmd[3] = 0x20; cmd[3] = 0x00;
memcpy(cmd + 4, encBoth, 32); cmd[4] = 0x20;
cmd[36]=0x0; memcpy(cmd + 5, encBoth, 32);
cmd[32 + 5] = 0x0;
len = DesfireAPDU(cmd, 37, resp); // 4 + 32 + 1 == 37 len = DesfireAPDU(cmd, 5 + 32 + 1, resp);
if (!len) { if (!len) {
if (DBGLEVEL >= DBG_ERROR) { if (DBGLEVEL >= DBG_ERROR) {
DbpString("Authentication failed. Card timeout."); DbpString("Authentication failed. Card timeout.");
@ -510,7 +668,7 @@ void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
return; return;
} }
if ((resp[1+16] == 0x91)&&(resp[1+16+1] == 0x00)) { if ((resp[1 + 16] == 0x91) && (resp[1 + 16 + 1] == 0x00)) {
// Create AES Session key // Create AES Session key
struct desfire_key sessionKey = {0}; struct desfire_key sessionKey = {0};
desfirekey_t skey = &sessionKey; desfirekey_t skey = &sessionKey;
@ -526,7 +684,7 @@ void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
} }
} }
OnSuccess(); //OnSuccess();
reply_mix(CMD_ACK, 1, len, 0, resp, len); reply_mix(CMD_ACK, 1, len, 0, resp, len);
} }
@ -557,10 +715,10 @@ int DesfireAPDU(uint8_t *cmd, size_t cmd_len, uint8_t *dataout) {
// if we received an I- or R(ACK)-Block with a block number equal to the // if we received an I- or R(ACK)-Block with a block number equal to the
// current block number, toggle the current block number // current block number, toggle the current block number
if (len >= 4 // PCB+CID+CRC = 4 bytes if (len >= 4 // PCB+CID+CRC = 4 bytes
&& ((resp[0] & 0xC0) == 0 // I-Block && ((resp[0] & 0xC0) == 0 // I-Block
|| (resp[0] & 0xD0) == 0x80) // R-Block with ACK bit set to 0 || (resp[0] & 0xD0) == 0x80) // R-Block with ACK bit set to 0
&& (resp[0] & 0x01) == pcb_blocknum) { // equal block numbers && (resp[0] & 0x01) == pcb_blocknum) { // equal block numbers
pcb_blocknum ^= 1; //toggle next block pcb_blocknum ^= 1; //toggle next block
} }
memcpy(dataout, resp, len); memcpy(dataout, resp, len);
@ -570,7 +728,7 @@ int DesfireAPDU(uint8_t *cmd, size_t cmd_len, uint8_t *dataout) {
// CreateAPDU // CreateAPDU
size_t CreateAPDU(uint8_t *datain, size_t len, uint8_t *dataout) { size_t CreateAPDU(uint8_t *datain, size_t len, uint8_t *dataout) {
size_t cmdlen = MIN(len + 4, PM3_CMD_DATA_SIZE - 1); size_t cmdlen = MIN(len + 3, PM3_CMD_DATA_SIZE - 1);
uint8_t cmd[cmdlen]; uint8_t cmd[cmdlen];
memset(cmd, 0, cmdlen); memset(cmd, 0, cmdlen);
@ -578,18 +736,18 @@ size_t CreateAPDU(uint8_t *datain, size_t len, uint8_t *dataout) {
cmd[0] = 0x02; // 0x0A = send cid, 0x02 = no cid. cmd[0] = 0x02; // 0x0A = send cid, 0x02 = no cid.
cmd[0] |= pcb_blocknum; // OR the block number into the PCB cmd[0] |= pcb_blocknum; // OR the block number into the PCB
if (DBGLEVEL >= DBG_EXTENDED) Dbprintf("pcb_blocknum %d == %d ", pcb_blocknum, cmd[0] ); if (DBGLEVEL >= DBG_EXTENDED) Dbprintf("pcb_blocknum %d == %d ", pcb_blocknum, cmd[0]);
cmd[1] = 0x90; // CID: 0x00 //TODO: allow multiple selected cards //cmd[1] = 0x90; // CID: 0x00 //TODO: allow multiple selected cards
memcpy(cmd + 2, datain, len); memcpy(cmd + 1, datain, len);
AddCrc14A(cmd, len + 2); AddCrc14A(cmd, len + 1);
/* /*
hf 14a apdu -sk 90 60 00 00 00 hf 14a apdu -sk 90 60 00 00 00
hf 14a apdu -k 90 AF 00 00 00 hf 14a apdu -k 90 AF 00 00 00
hf 14a apdu 90AF000000 hf 14a apdu 90AF000000
*/ */
memcpy(dataout, cmd, cmdlen); memcpy(dataout, cmd, cmdlen);
return cmdlen; return cmdlen;
} }

2
armsrc/mifareutil.c
View file

@ -697,7 +697,7 @@ int mifare_desfire_des_auth1(uint32_t uid, uint8_t *blockData) {
int mifare_desfire_des_auth2(uint32_t uid, uint8_t *key, uint8_t *blockData) { int mifare_desfire_des_auth2(uint32_t uid, uint8_t *key, uint8_t *blockData) {
int len; int len;
uint8_t data[17] = {MFDES_AUTHENTICATION_FRAME}; uint8_t data[17] = {MFDES_ADDITIONAL_FRAME};
memcpy(data + 1, key, 16); memcpy(data + 1, key, 16);
uint8_t receivedAnswer[MAX_FRAME_SIZE] = {0x00}; uint8_t receivedAnswer[MAX_FRAME_SIZE] = {0x00};

10
client/cmdhflist.c
View file

@ -675,7 +675,7 @@ void annotateMfDesfire(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize) {
// it's basically a ISO14443a tag, so try annotation from there // it's basically a ISO14443a tag, so try annotation from there
if (applyIso14443a(exp, size, cmd, cmdsize) == 0) { if (applyIso14443a(exp, size, cmd, cmdsize) == 0) {
// S-block 11xxx010 // S-block 11xxx010
if ((cmd[0] & 0xC0) && (cmdsize == 3)) { if ((cmd[0] & 0xC0) && (cmdsize == 3)) {
switch ((cmd[0] & 0x30)) { switch ((cmd[0] & 0x30)) {
@ -707,9 +707,8 @@ void annotateMfDesfire(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize) {
if ((cmd[0] & 0x04) == 0x04) // nad byte following if ((cmd[0] & 0x04) == 0x04) // nad byte following
pos++; pos++;
for (uint8_t i = 0; i < 2; i++, pos++) { for (uint8_t i = 0; i < 2; i++, pos++) {
switch (cmd[pos]) { switch (cmd[pos]) {
case MFDES_CREATE_APPLICATION: case MFDES_CREATE_APPLICATION:
snprintf(exp, size, "CREATE APPLICATION"); snprintf(exp, size, "CREATE APPLICATION");
@ -819,9 +818,12 @@ void annotateMfDesfire(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize) {
case MFDES_GET_KEY_VERSION: case MFDES_GET_KEY_VERSION:
snprintf(exp, size, "GET KEY VERSION"); snprintf(exp, size, "GET KEY VERSION");
break; break;
case MFDES_AUTHENTICATION_FRAME: case MFDES_ADDITIONAL_FRAME:
snprintf(exp, size, "AUTH FRAME / NEXT FRAME"); snprintf(exp, size, "AUTH FRAME / NEXT FRAME");
break; break;
case MFDES_READSIG:
snprintf(exp, size, "READ SIGNATURE");
break;
default: default:
break; break;
} }

1234
client/cmdhfmfdes.c
View file

File diff suppressed because it is too large Load diff

64
client/cmdhfmfdes.h
View file

@ -14,10 +14,11 @@
int CmdHFMFDes(const char *Cmd); int CmdHFMFDes(const char *Cmd);
/*
char *getCardSizeStr(uint8_t fsize); char *getCardSizeStr(uint8_t fsize);
char *getProtocolStr(uint8_t id);
char *getVersionStr(uint8_t major, uint8_t minor); char *getVersionStr(uint8_t major, uint8_t minor);
void getKeySettings(uint8_t *aid); int getKeySettings(uint8_t *aid);
*/
// Ev1 card limits // Ev1 card limits
#define MAX_NUM_KEYS 0x0F #define MAX_NUM_KEYS 0x0F
@ -26,57 +27,16 @@ void getKeySettings(uint8_t *aid);
#define MAX_FRAME_SIZE 60 #define MAX_FRAME_SIZE 60
#define FRAME_PAYLOAD_SIZE (MAX_FRAME_SIZE - 5) #define FRAME_PAYLOAD_SIZE (MAX_FRAME_SIZE - 5)
// Ev2 card limits
// Ev3 card limits
// Light card limits
// Light Ev1 card limits
#define NOT_YET_AUTHENTICATED 0xFF #define NOT_YET_AUTHENTICATED 0xFF
// status- and error codes |
#define OPERATION_OK 0x00 // Successful operation
#define NO_CHANGES 0x0C // No changes done to backup files
// ,CommitTransaction/
// AbortTransaction not necessary
#define OUT_OF_EEPROM_ERROR 0x0E // Insufficient NV-Memory to
// complete command
#define ILLEGAL_COMMAND_CODE 0x1C // Command code not supported
#define INTEGRITY_ERROR 0x1E // CRC or MAC does not match data
// Padding bytes not valid
#define NO_SUCH_KEY 0x40 // Invalid key number specified
#define LENGTH_ERROR 0x7E // Length of command string invalid
#define PERMISSION_DENIED 0x9D // Current configuration status
// does not allow the requested
// command
#define PARAMETER_ERROR 0x9E // Value of the parameter(s) inval.
#define APPLICATION_NOT_FOUND 0xA0 // Requested AID not present on PIC
#define APPL_INTEGRITY_ERROR 0xA1 // [1] // Unrecoverable error within app-
// lication, app will be disabled
#define AUTHENTICATION_ERROR 0xAE // Current authentication status
// does not allow the requested
// command
#define ADDITIONAL_FRAME 0xAF // Additional data frame is
// expected to be sent
#define BOUNDARY_ERROR 0xBE // Attempt to read/write data from/
// to beyond the file's/record's
// limits. Attempt to exceed the
// limits of a value file.
#define PICC_INTEGRITY_ERROR 0xC1 // [1] // Unrecoverable error within PICC
// ,PICC will be disabled
#define COMMAND_ABORTED 0xCA // Previous Command was not fully
// completed Not all Frames were
// requested or provided by PCD
#define PICC_DISABLED_ERROR 0xCD // [1] // PICC was disabled by an unrecoverable error
#define COUNT_ERROR 0xCE // Number of Applications limited
// to 28, no additional
// CreateApplication possible
#define DUPLICATE_ERROR 0xDE // Creation of file/application
// failed because file/application
// with same number already exists
#define EEPROM_ERROR 0xEE // [1] // Could not complete NV-write
// operation due to loss of power,
// internal backup/rollback
// mechanism activated
#define FILE_NOT_FOUND_ERROR 0xF0 // Specified file number does not
// exist
#define FILE_INTEGRITY_ERROR 0xF1 // [1] // Unrecoverable error within file,
// file will be disabled
//
// [1] These errors are not expected to appear during normal operation
#endif #endif

133
client/cmdhfmfp.c
View file

@ -27,11 +27,19 @@
#include "protocols.h" #include "protocols.h"
#include "crypto/libpcrypto.h" #include "crypto/libpcrypto.h"
static const uint8_t DefaultKey[16] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; static const uint8_t DefaultKey[16] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
uint16_t CardAddresses[] = {0x9000, 0x9001, 0x9002, 0x9003, 0x9004, 0xA000, 0xA001, 0xA080, 0xA081, 0xC000, 0xC001}; uint16_t CardAddresses[] = {0x9000, 0x9001, 0x9002, 0x9003, 0x9004, 0xA000, 0xA001, 0xA080, 0xA081, 0xC000, 0xC001};
typedef enum {
MFP_UNKNOWN = 0,
DESFIRE_MF3ICD40,
DESFIRE_EV1,
DESFIRE_EV2,
DESFIRE_EV3,
DESFIRE_LIGHT,
PLUS_EV1,
} nxp_cardtype_t;
static int CmdHelp(const char *Cmd); static int CmdHelp(const char *Cmd);
/* /*
@ -56,15 +64,21 @@ static char *getCardSizeStr(uint8_t fsize) {
return buf; return buf;
} }
static char *getProtocolStr(uint8_t id) { static char *getProtocolStr(uint8_t id, bool hw) {
static char buf[40] = {0x00}; static char buf[50] = {0x00};
char *retStr = buf; char *retStr = buf;
if (id == 0x05) if (id == 0x04) {
sprintf(retStr, "0x%02X ( " _YELLOW_("ISO 14443-3, 14443-4") ")", id); sprintf(retStr, "0x%02X ( " _YELLOW_("ISO 14443-3 MIFARE, 14443-4") ")", id);
else } else if (id == 0x05) {
if (hw)
sprintf(retStr, "0x%02X ( " _YELLOW_("ISO 14443-2, 14443-3") ")", id);
else
sprintf(retStr, "0x%02X ( " _YELLOW_("ISO 14443-3, 14443-4") ")", id);
} else {
sprintf(retStr, "0x%02X ( " _YELLOW_("Unknown") ")", id); sprintf(retStr, "0x%02X ( " _YELLOW_("Unknown") ")", id);
}
return buf; return buf;
} }
@ -91,6 +105,59 @@ static char *getVersionStr(uint8_t major, uint8_t minor) {
return buf; return buf;
} }
static char *getTypeStr(uint8_t type) {
static char buf[40] = {0x00};
char *retStr = buf;
switch (type) {
case 1:
sprintf(retStr, "0x%02X ( " _YELLOW_("DESFire") ")", type);
break;
case 2:
sprintf(retStr, "0x%02X ( " _YELLOW_("Plus") ")", type);
break;
case 3:
sprintf(retStr, "0x%02X ( " _YELLOW_("Ultralight") ")", type);
break;
case 4:
sprintf(retStr, "0x%02X ( " _YELLOW_("NTAG") ")", type);
break;
default:
break;
}
return buf;
}
static nxp_cardtype_t getCardType(uint8_t major, uint8_t minor) {
// DESFire MF3ICD40
if (major == 0x00 && minor == 0x00 )
return DESFIRE_MF3ICD40;
// DESFire EV1
if (major == 0x01 && minor == 0x00 )
return DESFIRE_EV1;
// DESFire EV2
if (major == 0x12 && minor == 0x00 )
return DESFIRE_EV2;
// DESFire EV3
// if (major == 0x13 && minor == 0x00 )
// return DESFIRE_EV3;
// DESFire Light
if (major == 0x30 && minor == 0x00 )
return DESFIRE_LIGHT;
// Plus EV1
if (major == 0x11 && minor == 0x00 )
return PLUS_EV1;
return MFP_UNKNOWN;
}
// --- GET SIGNATURE // --- GET SIGNATURE
static int plus_print_signature(uint8_t *uid, uint8_t uidlen, uint8_t *signature, int signature_len) { static int plus_print_signature(uint8_t *uid, uint8_t uidlen, uint8_t *signature, int signature_len) {
@ -115,13 +182,15 @@ static int plus_print_signature(uint8_t *uid, uint8_t uidlen, uint8_t *signature
if (is_valid) if (is_valid)
break; break;
} }
PrintAndLogEx(NORMAL, "");
PrintAndLogEx(INFO, "--- " _CYAN_("Tag Signature"));
if (is_valid == false) { if (is_valid == false) {
PrintAndLogEx(SUCCESS, "Signature verification " _RED_("failed")); PrintAndLogEx(SUCCESS, "Signature verification " _RED_("failed"));
return PM3_ESOFT; return PM3_ESOFT;
} }
PrintAndLogEx(NORMAL, "");
PrintAndLogEx(INFO, "--- " _CYAN_("Tag Signature"));
PrintAndLogEx(INFO, " IC signature public key name: " _GREEN_("%s"), nxp_plus_public_keys[i].desc); PrintAndLogEx(INFO, " IC signature public key name: " _GREEN_("%s"), nxp_plus_public_keys[i].desc);
PrintAndLogEx(INFO, "IC signature public key value: %.32s", nxp_plus_public_keys[i].value); PrintAndLogEx(INFO, "IC signature public key value: %.32s", nxp_plus_public_keys[i].value);
PrintAndLogEx(INFO, " : %.32s", nxp_plus_public_keys[i].value + 16); PrintAndLogEx(INFO, " : %.32s", nxp_plus_public_keys[i].value + 16);
@ -162,19 +231,19 @@ static int plus_print_version(uint8_t *version) {
PrintAndLogEx(NORMAL, ""); PrintAndLogEx(NORMAL, "");
PrintAndLogEx(INFO, "--- " _CYAN_("Hardware Information")); PrintAndLogEx(INFO, "--- " _CYAN_("Hardware Information"));
PrintAndLogEx(INFO, " Vendor Id: " _YELLOW_("%s"), getTagInfo(version[0])); PrintAndLogEx(INFO, " Vendor Id: " _YELLOW_("%s"), getTagInfo(version[0]));
PrintAndLogEx(INFO, " Type: " _YELLOW_("0x%02X"), version[1]); PrintAndLogEx(INFO, " Type: %s", getTypeStr(version[1]));
PrintAndLogEx(INFO, " Subtype: " _YELLOW_("0x%02X"), version[2]); PrintAndLogEx(INFO, " Subtype: " _YELLOW_("0x%02X"), version[2]);
PrintAndLogEx(INFO, " Version: %s", getVersionStr(version[3], version[4])); PrintAndLogEx(INFO, " Version: %s", getVersionStr(version[3], version[4]));
PrintAndLogEx(INFO, " Storage size: %s", getCardSizeStr(version[5])); PrintAndLogEx(INFO, " Storage size: %s", getCardSizeStr(version[5]));
PrintAndLogEx(INFO, " Protocol: %s", getProtocolStr(version[6])); PrintAndLogEx(INFO, " Protocol: %s", getProtocolStr(version[6], true));
PrintAndLogEx(NORMAL, ""); PrintAndLogEx(NORMAL, "");
PrintAndLogEx(INFO, "--- " _CYAN_("Software Information")); PrintAndLogEx(INFO, "--- " _CYAN_("Software Information"));
PrintAndLogEx(INFO, " Vendor Id: " _YELLOW_("%s"), getTagInfo(version[0])); PrintAndLogEx(INFO, " Vendor Id: " _YELLOW_("%s"), getTagInfo(version[7]));
PrintAndLogEx(INFO, " Type: " _YELLOW_("0x%02X"), version[1]); PrintAndLogEx(INFO, " Type: %s", getTypeStr(version[8]));
PrintAndLogEx(INFO, " Subtype: " _YELLOW_("0x%02X"), version[2]); PrintAndLogEx(INFO, " Subtype: " _YELLOW_("0x%02X"), version[9]);
PrintAndLogEx(INFO, " Version: " _YELLOW_("%d.%d"), version[3], version[4]); PrintAndLogEx(INFO, " Version: " _YELLOW_("%d.%d"), version[10], version[11]);
PrintAndLogEx(INFO, " Storage size: %s", getCardSizeStr(version[5])); PrintAndLogEx(INFO, " Storage size: %s", getCardSizeStr(version[12]));
PrintAndLogEx(INFO, " Protocol: %s", getProtocolStr(version[6])); PrintAndLogEx(INFO, " Protocol: %s", getProtocolStr(version[13], false));
return PM3_SUCCESS; return PM3_SUCCESS;
} }
static int get_plus_version(uint8_t *version, int *version_len) { static int get_plus_version(uint8_t *version, int *version_len) {
@ -235,17 +304,28 @@ static int CmdHFMFPInfo(const char *Cmd) {
if (select_status == 1 || select_status == 2) { if (select_status == 1 || select_status == 2) {
PrintAndLogEx(INFO, "--- " _CYAN_("Fingerprint")); PrintAndLogEx(INFO, "--- " _CYAN_("Fingerprint"));
if (supportVersion && supportSignature) { bool isPlus = false;
PrintAndLogEx(INFO, " Tech: " _GREEN_("MIFARE Plus EV1"));
} else { if (supportVersion) {
PrintAndLogEx(INFO, " Tech: " _YELLOW_("MIFARE Plus SE/X"));
int cardtype = getCardType(version[3], version[4]);
if (cardtype == 6) {
if (supportSignature) {
PrintAndLogEx(INFO, " Tech: " _GREEN_("MIFARE Plus EV1"));
} else {
PrintAndLogEx(INFO, " Tech: " _YELLOW_("MIFARE Plus SE/X"));
}
isPlus = true;
} else {
}
} }
// MIFARE Type Identification Procedure // MIFARE Type Identification Procedure
// https://www.nxp.com/docs/en/application-note/AN10833.pdf // https://www.nxp.com/docs/en/application-note/AN10833.pdf
uint16_t ATQA = card.atqa[0] + (card.atqa[1] << 8); uint16_t ATQA = card.atqa[0] + (card.atqa[1] << 8);
bool isPlus = false;
if (ATQA & 0x0004) { if (ATQA & 0x0004) {
PrintAndLogEx(INFO, " SIZE: " _GREEN_("2K") "(%s UID)", (ATQA & 0x0040) ? "7" : "4"); PrintAndLogEx(INFO, " SIZE: " _GREEN_("2K") "(%s UID)", (ATQA & 0x0040) ? "7" : "4");
@ -289,6 +369,10 @@ static int CmdHFMFPInfo(const char *Cmd) {
uint8_t cmd[3 + 16] = {0xa8, 0x90, 0x90, 0x00}; uint8_t cmd[3 + 16] = {0xa8, 0x90, 0x90, 0x00};
int res = ExchangeRAW14a(cmd, sizeof(cmd), true, false, data, sizeof(data), &datalen, false); int res = ExchangeRAW14a(cmd, sizeof(cmd), true, false, data, sizeof(data), &datalen, false);
// DESFire answers 0x1C
// Plus answers 0x0B, 0x09
PrintAndLogEx(INFO, "ICEE: %s", sprint_hex(data, datalen));
if (memcmp(data, "\x67\x00", 2) == 0) { if (memcmp(data, "\x67\x00", 2) == 0) {
PrintAndLogEx(INFO, "\tMost likely a MIFARE DESFire tag"); PrintAndLogEx(INFO, "\tMost likely a MIFARE DESFire tag");
PrintAndLogEx(HINT, "Hint: Try " _YELLOW_("`hf mfdes info`")); PrintAndLogEx(HINT, "Hint: Try " _YELLOW_("`hf mfdes info`"));
@ -1105,10 +1189,13 @@ static int CmdHFMFPChk(const char *Cmd) {
if (keyListLen == 0) { if (keyListLen == 0) {
PrintAndLogEx(ERR, "Key list is empty. Nothing to check."); PrintAndLogEx(ERR, "Key list is empty. Nothing to check.");
return PM3_EINVARG; return PM3_EINVARG;
} else {
PrintAndLogEx(INFO, "Loaded " _YELLOW_("%zu") "keys", keyListLen);
} }
if (!verbose) if (!verbose)
printf("Search keys:"); printf("Search keys:");
while (true) { while (true) {
res = MFPKeyCheck(startSector, endSector, startKeyAB, endKeyAB, keyList, keyListLen, foundKeys, verbose); res = MFPKeyCheck(startSector, endSector, startKeyAB, endKeyAB, keyList, keyListLen, foundKeys, verbose);
if (res == PM3_EOPABORTED) if (res == PM3_EOPABORTED)

7
client/proxguiqt.cpp
View file

@ -26,6 +26,7 @@
#include <string.h> #include <string.h>
#include "proxgui.h" #include "proxgui.h"
#include <QtGui> #include <QtGui>
#include "ui.h"
extern "C" { extern "C" {
#include "util_darwin.h" #include "util_darwin.h"
@ -168,7 +169,11 @@ void ProxWidget::vchange_dthr_down(int v) {
} }
ProxWidget::ProxWidget(QWidget *parent, ProxGuiQT *master) : QWidget(parent) { ProxWidget::ProxWidget(QWidget *parent, ProxGuiQT *master) : QWidget(parent) {
this->master = master; this->master = master;
resize(800, 400); // Set the initail postion and size from settings
if (session.settings_loaded)
setGeometry (session.window_plot_xpos,session.window_plot_ypos,session.window_plot_wsize,session.window_plot_hsize);
else
resize(800, 400);
// Setup the controller widget // Setup the controller widget
controlWidget = new QWidget(); controlWidget = new QWidget();

33
client/proxmark3.c
View file

@ -29,6 +29,10 @@
#include "flash.h" #include "flash.h"
#include "settings.h" #include "settings.h"
// Used to enable/disable use of settings json file
// #define USE_SETTING_FILE
static void showBanner(void) { static void showBanner(void) {
g_printAndLog = PRINTANDLOG_PRINT; g_printAndLog = PRINTANDLOG_PRINT;
@ -489,12 +493,15 @@ finish2:
return ret; return ret;
} }
#ifndef USE_SETTING_FILE
// Check if windows AnsiColor Support is enabled in the registery // Check if windows AnsiColor Support is enabled in the registery
// [HKEY_CURRENT_USER\Console] // [HKEY_CURRENT_USER\Console]
// "VirtualTerminalLevel"=dword:00000001 // "VirtualTerminalLevel"=dword:00000001
// 2nd Key needs to be enabled... This key takes the console out of legacy mode. // 2nd Key needs to be enabled... This key takes the console out of legacy mode.
// [HKEY_CURRENT_USER\Console] // [HKEY_CURRENT_USER\Console]
// "ForceV2"=dword:00000001 // "ForceV2"=dword:00000001
static bool DetectWindowsAnsiSupport(void) { static bool DetectWindowsAnsiSupport(void) {
bool ret = false; bool ret = false;
#if defined(_WIN32) #if defined(_WIN32)
@ -543,6 +550,8 @@ static bool DetectWindowsAnsiSupport(void) {
return ret; return ret;
} }
#endif
int main(int argc, char *argv[]) { int main(int argc, char *argv[]) {
srand(time(0)); srand(time(0));
@ -582,12 +591,17 @@ int main(int argc, char *argv[]) {
set_my_executable_path(); set_my_executable_path();
set_my_user_directory(); set_my_user_directory();
// Settings Load and Test #ifdef USE_SETTING_FILE
// settings_load (); // Load Settings and assign
// This will allow the command line to override the settings.json values
settings_load ();
// quick patch for debug level
g_debugMode = session.client_debug_level;
// settings_save (); // settings_save ();
// printf ("Ver : %s\n",mySettings.version);
// End Settings // End Settings
#endif
for (int i = 1; i < argc; i++) { for (int i = 1; i < argc; i++) {
if (argv[i][0] != '-') { if (argv[i][0] != '-') {
@ -766,8 +780,11 @@ int main(int argc, char *argv[]) {
return 1; return 1;
} }
#ifndef USE_SETTING_FILE
// comment next 2 lines to use session values set from settings_load
session.supports_colors = DetectWindowsAnsiSupport(); session.supports_colors = DetectWindowsAnsiSupport();
session.emoji_mode = ALTTEXT; session.emoji_mode = ALTTEXT;
#endif
session.stdinOnTTY = isatty(STDIN_FILENO); session.stdinOnTTY = isatty(STDIN_FILENO);
session.stdoutOnTTY = isatty(STDOUT_FILENO); session.stdoutOnTTY = isatty(STDOUT_FILENO);
@ -837,6 +854,14 @@ int main(int argc, char *argv[]) {
if (!script_cmds_file && !script_cmd && session.stdinOnTTY && session.stdoutOnTTY && !flash_mode) if (!script_cmds_file && !script_cmd && session.stdinOnTTY && session.stdoutOnTTY && !flash_mode)
showBanner(); showBanner();
#ifdef USE_SETTING_FILE
// Save settings if not load from settings json file.
// Doing this here will ensure other checks and updates are saved to over rule default
// e.g. Linux color use check
if (!session.settings_loaded)
settings_save ();
#endif
#ifdef HAVE_GUI #ifdef HAVE_GUI
# ifdef _WIN32 # ifdef _WIN32

201
client/settings.c
View file

@ -39,55 +39,55 @@
// Settings Functions // Settings Functions
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
// Notes
// To add a new setting
// Add the new setting to the session_arg_t; in ui.h
// Add the default value for the setting in the settings_load page below
// Update the settings_load_callback to load your setting into the stucture
// Update the settings_save_callback to enusre your setting gets saved when needed.
// use the setting as needed : session.<setting name>
// Can use (session.settings_loaded) to check if json settings file was used
//-----------------------------------------------------------------------------
#include "settings.h" #include "settings.h"
#include "comms.h" #include "comms.h"
#include "emv/emvjson.h" #include "emv/emvjson.h"
#include <string.h>
// Load all settings into memory (struct) // Load all settings into memory (struct)
int settings_load (void) { int settings_load (void) {
// Set all defaults
session.client_debug_level = OFF;
session.window_plot_xpos = 10;
session.window_plot_ypos = 30;
session.window_plot_hsize = 400;
session.window_plot_wsize = 800;
session.emoji_mode = ALIAS;
session.show_hints = false;
session.supports_colors = false;
// loadFileJson wants these, so pass in place holder values, though not used // loadFileJson wants these, so pass in place holder values, though not used
// in settings load; // in settings load;
uint8_t dummyData = 0x00; uint8_t dummyData = 0x00;
size_t dummyDL = 0x00; size_t dummyDL = 0x00;
// clear all settings
memset (&mySettings,0x00,sizeof(mySettings));
if (loadFileJSON(settingsFilename, &dummyData, sizeof(dummyData), &dummyDL) == PM3_SUCCESS) { if (loadFileJSON(settingsFilename, &dummyData, sizeof(dummyData), &dummyDL) == PM3_SUCCESS) {
printf ("==> Settings Loaded\n"); session.settings_loaded = true;
mySettings.loaded = true;
} }
// Note, if session.settings_loaded == false then the settings_save
// will be called in main () to save settings as set in defaults and main() checks.
// Test results
/* return PM3_SUCCESS;
bool os_windows_usecolor;
bool os_windows_useansicolor;
int window_xpos;
int window_ypos;
int window_hsize;
int window_wsize;
bool use_emojis
bool use_hints
*/
printf (" Settings Version : [%s]\n", mySettings.version);
printf (" os_windows_usecolor (bool) : [%d]\n", mySettings.os_windows_usecolor);
printf (" os_windows_useAnsicolor (bool) : [%d]\n", mySettings.os_windows_useansicolor);
printf (" window_xpos (int) : [%d]\n", mySettings.window_xpos);
printf (" window_ypos (int) : [%d]\n", mySettings.window_ypos);
printf (" window_hsize (int) : [%d]\n", mySettings.window_hsize);
printf (" window_wsize (int) : [%d]\n", mySettings.window_wsize);
printf (" use emoji (bool) : [%d]\n", mySettings.use_emojis);
printf (" use hints (bool) : [%d]\n", mySettings.use_hints);
return PM3_SUCCESS;
} }
// Save all settings from memory (struct) to file // Save all settings from memory (struct) to file
int settings_save(void) { int settings_save (void) {
// Note sure if backup has value ? // Note sure if backup has value ?
char backupFilename[500]; char backupFilename[500];
snprintf(backupFilename, sizeof(backupFilename),"%s.bak",settingsFilename); snprintf (backupFilename,sizeof(backupFilename),"%s.bak",settingsFilename);
if (fileExists (backupFilename)) { if (fileExists (backupFilename)) {
if (remove (backupFilename) != 0) { if (remove (backupFilename) != 0) {
@ -95,7 +95,7 @@ int settings_save(void) {
return PM3_ESOFT; return PM3_ESOFT;
} }
} }
if (fileExists (settingsFilename)) { if (fileExists (settingsFilename)) {
if (rename (settingsFilename,backupFilename) != 0) { if (rename (settingsFilename,backupFilename) != 0) {
PrintAndLogEx (FAILED, "Error - could not backup settings file \"%s\" to \"%s\"",settingsFilename,backupFilename); PrintAndLogEx (FAILED, "Error - could not backup settings file \"%s\" to \"%s\"",settingsFilename,backupFilename);
@ -105,90 +105,87 @@ int settings_save(void) {
uint8_t dummyData = 0x00; uint8_t dummyData = 0x00;
size_t dummyDL = 0x00; size_t dummyDL = 0x00;
if (saveFileJSON(settingsFilename, jsfSettings, &dummyData, dummyDL) == PM3_SUCCESS) if (saveFileJSON(settingsFilename, jsfSettings, &dummyData, dummyDL) == PM3_SUCCESS)
PrintAndLogEx (NORMAL, "settings have been saved to \"%s\"",settingsFilename); PrintAndLogEx (NORMAL, "settings have been saved to \"%s\"",settingsFilename);
return PM3_SUCCESS; return PM3_SUCCESS;
} }
void settings_save_callback(json_t *root) { void settings_save_callback (json_t *root) {
printf ("==> Save Settings\n"); JsonSaveStr (root,"FileType","settings");
//JsonSaveStr(root, "FileType", "settings");
//JsonSaveStr (root,"Test1.Test2","test settings"); // Log level, convert to text
/* switch (session.client_debug_level) {
"version": "1.0 Nov 2019", case OFF: JsonSaveStr (root,"client.debug.level","off"); break;
"os.windows.usecolor": true, case SIMPLE: JsonSaveStr (root,"client.debug.level","simple"); break;
"os.windows.useAnsiColor": true, case FULL: JsonSaveStr (root,"client.debug.level","full"); break;
"window.xpos": 10, default:
"window.ypos": 10, JsonSaveStr (root,"logging.level","NORMAL");
"window.hsize": 300, }
"window.wsize": 600
*/ // Plot window
JsonSaveStr (root,"FileType","settings"); JsonSaveInt (root,"window.plot.xpos",session.window_plot_xpos);
JsonSaveStr (root,"version","1.0 Nov 2019");//mySettings.version); JsonSaveInt (root,"window.plot.ypos",session.window_plot_ypos);
JsonSaveBoolean (root,"os.windows.useColor", mySettings.os_windows_usecolor); JsonSaveInt (root,"window.plot.hsize",session.window_plot_hsize);
JsonSaveBoolean (root,"os.windows.useAnsiColor", mySettings.os_windows_useansicolor); JsonSaveInt (root,"window.plot.wsize",session.window_plot_wsize);
JsonSaveInt (root,"window.xpos", mySettings.window_xpos);
JsonSaveInt (root,"window.ypos", mySettings.window_ypos); // Emoji
JsonSaveInt (root,"window.hsize", mySettings.window_hsize); switch (session.emoji_mode) {
JsonSaveInt (root,"window.wsize", mySettings.window_wsize); case ALIAS: JsonSaveStr (root,"show.emoji","alias"); break;
JsonSaveBoolean (root,"client.useEmojis", mySettings.use_emojis); case EMOJI: JsonSaveStr (root,"show.emoji","emoji"); break;
JsonSaveBoolean (root,"client.useHints", mySettings.use_hints); case ALTTEXT: JsonSaveStr (root,"show.emoji","alttext"); break;
case ERASE: JsonSaveStr (root,"show.emoji","erase"); break;
default:
JsonSaveStr (root,"show.emoji","ALIAS");
}
JsonSaveBoolean (root,"show.hints",session.show_hints);
JsonSaveBoolean (root,"os.supports.colors",session.supports_colors);
} }
void settings_load_callback(json_t *root) { void settings_load_callback (json_t *root) {
json_error_t up_error = {0}; json_error_t up_error = {0};
int b1; bool b1;
int i1; int i1;
const char *s1; const char *s1;
char tempStr [500]; // to use str_lower() since json unpack uses const char *
if (json_unpack_ex(root, &up_error , 0, "{s:s}","version", &s1) == 0) // Logging Level
strncpy (mySettings.version,s1,sizeof (mySettings.version) - 1); if (json_unpack_ex(root,&up_error, 0, "{s:s}","client.debug.level",&s1) == 0) {
else strncpy (tempStr,s1,sizeof(tempStr)-1);
strncpy (mySettings.version,"unknown",sizeof (mySettings.version) - 1); str_lower (tempStr);
if (strncmp (tempStr,"off",3) == 0) session.client_debug_level = OFF;
if (strncmp (tempStr,"simple",6) == 0) session.client_debug_level = SIMPLE;
if (strncmp (tempStr,"full",4) == 0) session.client_debug_level = FULL;
}
// os.windows... // window plot
if (json_unpack_ex(root,&up_error, 0, "{s:b}","os.windows.useColor",&b1) == 0) if (json_unpack_ex(root,&up_error, 0, "{s:i}","window.plot.xpos",&i1) == 0)
mySettings.os_windows_usecolor = b1; session.window_plot_xpos = i1;
else // default if (json_unpack_ex(root,&up_error, 0, "{s:i}","window.plot.ypos",&i1) == 0)
mySettings.os_windows_useansicolor = false; session.window_plot_ypos = i1;
if (json_unpack_ex(root,&up_error, 0, "{s:i}","window.plot.hsize",&i1) == 0)
session.window_plot_hsize = i1;
if (json_unpack_ex(root,&up_error, 0, "{s:i}","window.plot.wsize",&i1) == 0)
session.window_plot_wsize = i1;
if (json_unpack_ex(root,&up_error, 0, "{s:b}","os.windows.useAnsiColor",&b1) == 0) // show options
mySettings.os_windows_useansicolor = b1; if (json_unpack_ex(root,&up_error, 0, "{s:s}","show.emoji",&s1) == 0) {
else // default strncpy (tempStr,s1,sizeof(tempStr)-1);
mySettings.os_windows_useansicolor = false; str_lower (tempStr);
if (strncmp (tempStr,"alias",5) == 0) session.emoji_mode = ALIAS;
if (strncmp (tempStr,"emoji",5) == 0) session.emoji_mode = EMOJI;
if (strncmp (tempStr,"alttext",7) == 0) session.emoji_mode = ALTTEXT;
if (strncmp (tempStr,"erase",5) == 0) session.emoji_mode = ERASE;
}
// window... if (json_unpack_ex(root,&up_error, 0, "{s:b}","show.hints",&b1) == 0)
if (json_unpack_ex(root,&up_error, 0, "{s:i}","window.xpos",&i1) == 0) session.show_hints = b1;
mySettings.window_xpos = i1;
else // default if (json_unpack_ex(root,&up_error, 0, "{s:b}","os.supports.colors",&b1) == 0)
mySettings.window_xpos = 0; session.supports_colors = b1;
if (json_unpack_ex(root,&up_error, 0, "{s:i}","window.ypos",&i1) == 0)
mySettings.window_ypos = i1;
else // default
mySettings.window_ypos = 0;
if (json_unpack_ex(root,&up_error, 0, "{s:i}","window.hsize",&i1) == 0)
mySettings.window_hsize = i1;
else // default
mySettings.window_hsize = 0;
if (json_unpack_ex(root,&up_error, 0, "{s:i}","window.wsize",&i1) == 0)
mySettings.window_wsize = i1;
else // default
mySettings.window_wsize = 0;
// Use EMOJIS
if (json_unpack_ex(root,&up_error, 0, "{s:b}","client.useEmojis",&b1) == 0)
mySettings.use_emojis = b1;
else // default
mySettings.use_emojis = false;
// Use Hints
if (json_unpack_ex(root,&up_error, 0, "{s:b}","client.useHints",&b1) == 0)
mySettings.use_hints = b1;
else // default
mySettings.use_hints = false;
} }

20
client/settings.h
View file

@ -8,29 +8,13 @@
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
// Settings Functions // Settings Functions
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
#ifndef settings_h #ifndef SETTINGS_H_
#define settings_h #define SETTINGS_H_
#include "fileutils.h" #include "fileutils.h"
#define settingsFilename "settings.json" #define settingsFilename "settings.json"
typedef struct {
bool loaded;
char version[20];
bool os_windows_usecolor;
bool os_windows_useansicolor;
int window_xpos;
int window_ypos;
int window_hsize;
int window_wsize;
bool use_emojis;
bool use_hints;
} settings_t;
// Settings struct so as to be available to other modules by including settings.h
settings_t mySettings;
int settings_load (void); int settings_load (void);
int settings_save (void); int settings_save (void);

7
client/ui.h
View file

@ -19,8 +19,10 @@
typedef enum logLevel {NORMAL, SUCCESS, INFO, FAILED, WARNING, ERR, DEBUG, INPLACE, HINT} logLevel_t; typedef enum logLevel {NORMAL, SUCCESS, INFO, FAILED, WARNING, ERR, DEBUG, INPLACE, HINT} logLevel_t;
typedef enum emojiMode {ALIAS, EMOJI, ALTTEXT, ERASE} emojiMode_t; typedef enum emojiMode {ALIAS, EMOJI, ALTTEXT, ERASE} emojiMode_t;
typedef enum clientdebugLevel {OFF,SIMPLE,FULL} clientdebugLevel_t;
typedef struct { typedef struct {
bool settings_loaded;
bool stdinOnTTY; bool stdinOnTTY;
bool stdoutOnTTY; bool stdoutOnTTY;
bool supports_colors; bool supports_colors;
@ -28,6 +30,11 @@ typedef struct {
bool pm3_present; bool pm3_present;
bool help_dump_mode; bool help_dump_mode;
bool show_hints; bool show_hints;
int window_plot_xpos;
int window_plot_ypos;
int window_plot_hsize;
int window_plot_wsize;
clientdebugLevel_t client_debug_level;
} session_arg_t; } session_arg_t;
extern session_arg_t session; extern session_arg_t session;

1
client/util.c
View file

@ -212,7 +212,6 @@ void hex_to_buffer(const uint8_t *buf, const uint8_t *hex_data, const size_t hex
sprintf(tmp, " "); sprintf(tmp, " ");
// remove last space // remove last space
--tmp;
*tmp = '\0'; *tmp = '\0';
return; return;
} }

51
include/protocols.h
View file

@ -349,26 +349,20 @@ ISO 7816-4 Basic interindustry commands. For command APDU's.
// 6x xx = ERROR // 6x xx = ERROR
// MIFARE DESFire command set: // MIFARE DESFire command set:
#define MFDES_GET_VERSION 0x60
#define MFDES_AUTHENTICATE 0x0A // AUTHENTICATE_NATIVE #define MFDES_AUTHENTICATE 0x0A // AUTHENTICATE_NATIVE
#define MFDES_AUTHENTICATE_ISO 0x1A // AUTHENTICATE_STANDARD #define MFDES_AUTHENTICATE_ISO 0x1A // AUTHENTICATE_STANDARD
#define MFDES_AUTHENTICATE_AES 0xAA #define MFDES_AUTHENTICATE_AES 0xAA
#define MFDES_CREDIT 0x0C #define MFDES_CREDIT 0x0C
#define MFDES_LIMITED_CREDIT 0x1C #define MFDES_LIMITED_CREDIT 0x1C
#define MFDES_DEBIT 0xDC
#define MFDES_WRITE_RECORD 0x3B #define MFDES_WRITE_RECORD 0x3B
#define MFDES_READSIG 0x3C #define MFDES_READSIG 0x3C
#define MFDES_WRITE_DATA 0x3D #define MFDES_WRITE_DATA 0x3D
#define MFDES_GET_KEY_SETTINGS 0x45 #define MFDES_GET_KEY_SETTINGS 0x45
#define MFDES_CHANGE_KEY_SETTINGS 0x54 #define MFDES_CHANGE_KEY_SETTINGS 0x54
#define MFDES_SELECT_APPLICATION 0x5A #define MFDES_SELECT_APPLICATION 0x5A
#define MFDES_CHANGE_FILE_SETTINGS 0x5F #define MFDES_CHANGE_FILE_SETTINGS 0x5F
#define MFDES_GET_VERSION 0x60
#define MFDES_GET_ISOFILE_IDS 0x61 #define MFDES_GET_ISOFILE_IDS 0x61
#define MFDES_GET_KEY_VERSION 0x64 #define MFDES_GET_KEY_VERSION 0x64
#define MFDES_GET_APPLICATION_IDS 0x6A #define MFDES_GET_APPLICATION_IDS 0x6A
@ -376,19 +370,10 @@ ISO 7816-4 Basic interindustry commands. For command APDU's.
#define MFDES_GET_FREE_MEMORY 0x6E #define MFDES_GET_FREE_MEMORY 0x6E
#define MFDES_GET_DF_NAMES 0x6D #define MFDES_GET_DF_NAMES 0x6D
#define MFDES_GET_FILE_IDS 0x6F #define MFDES_GET_FILE_IDS 0x6F
#define MFDES_ABORT_TRANSACTION 0xA7 #define MFDES_ABORT_TRANSACTION 0xA7
#define MFDES_AUTHENTICATION_FRAME 0xAF
#define MFDES_ADDITIONAL_FRAME 0xAF #define MFDES_ADDITIONAL_FRAME 0xAF
#define MFDES_ADDITIONAL_FRAME_RESP 0x91AF
#define MFDES_SUCCESS_FRAME_RESP 0x9100
#define MFDES_EAUTH_RESP 0x91AE
#define MFDES_ENO_SUCH_KEY_RESP 0x9140
#define MFDES_READ_RECORDS 0xBB #define MFDES_READ_RECORDS 0xBB
#define MFDES_READ_DATA 0xBD #define MFDES_READ_DATA 0xBD
#define MFDES_CREATE_CYCLIC_RECORD_FILE 0xC0 #define MFDES_CREATE_CYCLIC_RECORD_FILE 0xC0
#define MFDES_CREATE_LINEAR_RECORD_FILE 0xC1 #define MFDES_CREATE_LINEAR_RECORD_FILE 0xC1
#define MFDES_CHANGE_KEY 0xC4 #define MFDES_CHANGE_KEY 0xC4
@ -397,15 +382,41 @@ ISO 7816-4 Basic interindustry commands. For command APDU's.
#define MFDES_CREATE_BACKUP_DATA_FILE 0xCB #define MFDES_CREATE_BACKUP_DATA_FILE 0xCB
#define MFDES_CREATE_VALUE_FILE 0xCC #define MFDES_CREATE_VALUE_FILE 0xCC
#define MFDES_CREATE_STD_DATA_FILE 0xCD #define MFDES_CREATE_STD_DATA_FILE 0xCD
#define MFDES_CLEAR_RECORD_FILE 0xEB
#define MFDES_DELETE_APPLICATION 0xDA #define MFDES_DELETE_APPLICATION 0xDA
#define MFDES_DEBIT 0xDC
#define MFDES_DELETE_FILE 0xDF #define MFDES_DELETE_FILE 0xDF
#define MFDES_CLEAR_RECORD_FILE 0xEB
#define MFDES_GET_FILE_SETTINGS 0xF5 #define MFDES_GET_FILE_SETTINGS 0xF5
#define MFDES_FORMAT_PICC 0xFC #define MFDES_FORMAT_PICC 0xFC
// MIFARE DESFire status & error codes:
#define MFDES_S_OPERATION_OK 0x00
#define MFDES_S_NO_CHANGES 0x0C
#define MFDES_S_SIGNATURE 0x90
#define MFDES_S_ADDITIONAL_FRAME 0xAF
#define MFDES_E_OUT_OF_EEPROM 0x0E
#define MFDES_E_ILLEGAL_COMMAND_CODE 0x1C
#define MFDES_E_INTEGRITY_ERROR 0x1E
#define MFDES_E_NO_SUCH_KEY 0x40
#define MFDES_E_LENGTH 0x7E
#define MFDES_E_PERMISSION_DENIED 0x9D
#define MFDES_E_PARAMETER_ERROR 0x9E
#define MFDES_E_APPLICATION_NOT_FOUND 0xA0
#define MFDES_E_APPL_INTEGRITY 0xA1
#define MFDES_E_AUTHENTIFICATION_ERROR 0xAE
#define MFDES_E_BOUNDARY 0xBE
#define MFDES_E_PICC_INTEGRITY 0xC1
#define MFDES_E_COMMAND_ABORTED 0xCA
#define MFDES_E_PICC_DISABLED 0xCD
#define MFDES_E_COUNT 0xCE
#define MFDES_E_DUPLICATE 0xDE
#define MFDES_E_EEPROM 0xEE
#define MFDES_E_FILE_NOT_FOUND 0xF0
#define MFDES_E_FILE_INTEGRITY 0xF1
// LEGIC Commands // LEGIC Commands
#define LEGIC_MIM_22 0x0D #define LEGIC_MIM_22 0x0D
#define LEGIC_MIM_256 0x1D #define LEGIC_MIM_256 0x1D