diff --git a/client/src/cipurse/cipursecore.c b/client/src/cipurse/cipursecore.c index 231a2b1b4..d1b514ee7 100644 --- a/client/src/cipurse/cipursecore.c +++ b/client/src/cipurse/cipursecore.c @@ -378,7 +378,7 @@ void CIPURSEPrintDGI(uint8_t *dgi, size_t dgilen) { PrintAndLogEx(WARNING, "DGI too small. Length: %zu", dgilen); return; } - + uint8_t len = dgi[2]; if (len + 3 != dgilen) { PrintAndLogEx(ERR, "DGI size does not match with record size. Length of record: %zu, DGI size: %d", dgilen, len); @@ -446,10 +446,14 @@ static void CIPURSEPrintKeyAttribDGI(uint8_t *attr) { const char *CIPURSEGetSMR(uint8_t smr) { switch (smr) { - case 0x00: return "plain"; - case 0x01: return "mac"; - case 0x02: return "enc"; - default: return "unknown"; + case 0x00: + return "plain"; + case 0x01: + return "mac"; + case 0x02: + return "enc"; + default: + return "unknown"; } return "unknown"; } @@ -481,35 +485,35 @@ void CIPURSEPrintART(uint8_t *artrec, size_t artlen) { } void CIPURSEPrintEFFileAttr(uint8_t *attr, size_t len) { - CIPURSEPrintFileDescriptor(attr[0]); + CIPURSEPrintFileDescriptor(attr[0]); - if (attr[1] == 0) - PrintAndLogEx(INFO, "SFI.... not assigned"); - else - PrintAndLogEx(INFO, "SFI.... 0x%02x", attr[1]); + if (attr[1] == 0) + PrintAndLogEx(INFO, "SFI.... not assigned"); + else + PrintAndLogEx(INFO, "SFI.... 0x%02x", attr[1]); - PrintAndLogEx(INFO, "File ID... 0x%02x%02x", attr[2], attr[3]); + PrintAndLogEx(INFO, "File ID... 0x%02x%02x", attr[2], attr[3]); - if (attr[0] == 0x01 || attr[0] == 0x11) - PrintAndLogEx(INFO, "File size... %d", (attr[4] << 8) + attr[5]); - else - PrintAndLogEx(INFO, "Record num " _YELLOW_("%d") " record size " _YELLOW_("%d"), attr[4], attr[5]); + if (attr[0] == 0x01 || attr[0] == 0x11) + PrintAndLogEx(INFO, "File size... %d", (attr[4] << 8) + attr[5]); + else + PrintAndLogEx(INFO, "Record num " _YELLOW_("%d") " record size " _YELLOW_("%d"), attr[4], attr[5]); - PrintAndLogEx(INFO, "Keys assigned... %d", attr[6]); + PrintAndLogEx(INFO, "Keys assigned... %d", attr[6]); - if (len >= 9) { - PrintAndLogEx(INFO, "SMR entries... %02x%02x", attr[7], attr[8]); - CIPURSEPrintSMR(&attr[7]); - } - - if (len >= 10) { - PrintAndLogEx(INFO, "ART... %s", sprint_hex(&attr[9], len - 9)); - CIPURSEPrintART(&attr[9], len - 9); - - if (attr[6] + 1 != len - 9) { - PrintAndLogEx(WARNING, "ART length is wrong"); - } + if (len >= 9) { + PrintAndLogEx(INFO, "SMR entries... %02x%02x", attr[7], attr[8]); + CIPURSEPrintSMR(&attr[7]); + } + + if (len >= 10) { + PrintAndLogEx(INFO, "ART... %s", sprint_hex(&attr[9], len - 9)); + CIPURSEPrintART(&attr[9], len - 9); + + if (attr[6] + 1 != len - 9) { + PrintAndLogEx(WARNING, "ART length is wrong"); } + } } void CIPURSEPrintFileAttrEx(uint8_t *attr, size_t len, bool isDGI) { @@ -559,7 +563,7 @@ void CIPURSEPrintFileAttrEx(uint8_t *attr, size_t len, bool isDGI) { PrintAndLogEx(INFO, "Keys assigned... %d", keynum); int idx = 7; - if ( keynum > 0) { + if (keynum > 0) { if (len >= idx + 2) { PrintAndLogEx(INFO, "SMR entries... %02x%02x", attr[idx], attr[idx + 1]); CIPURSEPrintSMR(&attr[idx]); @@ -620,7 +624,7 @@ void CIPURSEPrintFileUpdateAttr(uint8_t *attr, size_t len) { PrintAndLogEx(INFO, "Keys assigned... %d", keynum); size_t idx = 1; - if ( keynum > 0) { + if (keynum > 0) { if (len >= idx + 2) { PrintAndLogEx(INFO, "SMR entries... %02x%02x", attr[idx], attr[idx + 1]); CIPURSEPrintSMR(&attr[idx]); diff --git a/client/src/cmdhfcipurse.c b/client/src/cmdhfcipurse.c index aa7c1b1c9..1e4a89c31 100644 --- a/client/src/cmdhfcipurse.c +++ b/client/src/cmdhfcipurse.c @@ -187,9 +187,9 @@ static int CmdHFCipurseInfo(const char *Cmd) { return PM3_SUCCESS; } -static int CLIParseCommandParametersEx(CLIParserContext *ctx, size_t keyid, size_t aidid, size_t fidid, size_t chfidid, size_t sreqid, size_t srespid, - uint8_t *key, uint8_t *aid, size_t *aidlen, bool *useaid, uint16_t *fid, bool *usefid, uint16_t *chfid, bool *usechfid, - CipurseChannelSecurityLevel *sreq, CipurseChannelSecurityLevel *sresp) { +static int CLIParseCommandParametersEx(CLIParserContext *ctx, size_t keyid, size_t aidid, size_t fidid, size_t chfidid, size_t sreqid, size_t srespid, + uint8_t *key, uint8_t *aid, size_t *aidlen, bool *useaid, uint16_t *fid, bool *usefid, uint16_t *chfid, bool *usechfid, + CipurseChannelSecurityLevel *sreq, CipurseChannelSecurityLevel *sresp) { uint8_t hdata[250] = {0}; int hdatalen = sizeof(hdata); if (keyid) { @@ -224,7 +224,7 @@ static int CLIParseCommandParametersEx(CLIParserContext *ctx, size_t keyid, size *useaid = true; } else { memcpy(aid, defaultAID, defaultAIDLength); - *aidlen = defaultAIDLength; + *aidlen = defaultAIDLength; } } @@ -312,16 +312,16 @@ static int CLIParseCommandParametersEx(CLIParserContext *ctx, size_t keyid, size return PM3_SUCCESS; } -static int CLIParseCommandParameters(CLIParserContext *ctx, size_t keyid, size_t aidid, size_t fidid, size_t sreqid, size_t srespid, - uint8_t *key, uint8_t *aid, size_t *aidlen, bool *useaid, uint16_t *fid, bool *usefid, - CipurseChannelSecurityLevel *sreq, CipurseChannelSecurityLevel *sresp) { - return CLIParseCommandParametersEx(ctx, keyid, aidid, fidid, 0, sreqid, srespid, - key, aid, aidlen, useaid, fid, usefid, NULL, NULL, sreq, sresp); +static int CLIParseCommandParameters(CLIParserContext *ctx, size_t keyid, size_t aidid, size_t fidid, size_t sreqid, size_t srespid, + uint8_t *key, uint8_t *aid, size_t *aidlen, bool *useaid, uint16_t *fid, bool *usefid, + CipurseChannelSecurityLevel *sreq, CipurseChannelSecurityLevel *sresp) { + return CLIParseCommandParametersEx(ctx, keyid, aidid, fidid, 0, sreqid, srespid, + key, aid, aidlen, useaid, fid, usefid, NULL, NULL, sreq, sresp); } -static int SelectCommandEx(bool selectDefaultFile, bool useAID, uint8_t *aid, size_t aidLen, bool useFID, uint16_t fileId, - bool selChildFile, uint16_t childFileId, bool verbose, - uint8_t *buf, size_t bufSize, size_t *len, uint16_t *sw) { +static int SelectCommandEx(bool selectDefaultFile, bool useAID, uint8_t *aid, size_t aidLen, bool useFID, uint16_t fileId, + bool selChildFile, uint16_t childFileId, bool verbose, + uint8_t *buf, size_t bufSize, size_t *len, uint16_t *sw) { int res = 0; if (verbose && selChildFile) PrintAndLogEx(INFO, "Select top level application/file"); @@ -381,7 +381,7 @@ static int SelectCommandEx(bool selectDefaultFile, bool useAID, uint8_t *aid, si } static int SelectCommand(bool selectDefaultFile, bool useAID, uint8_t *aid, size_t aidLen, bool useFID, uint16_t fileId, bool verbose, - uint8_t *buf, size_t bufSize, size_t *len, uint16_t *sw) { + uint8_t *buf, size_t bufSize, size_t *len, uint16_t *sw) { return SelectCommandEx(selectDefaultFile, useAID, aid, aidLen, useFID, fileId, false, 0, verbose, buf, bufSize, len, sw); } @@ -852,9 +852,9 @@ static int CmdHFCipurseReadFileAttr(const char *Cmd) { if (!noAuth) PrintAndLogEx(INFO, "Key id " _YELLOW_("%d") " key " _YELLOW_("%s") - , keyId - , sprint_hex(key, CIPURSE_AES_KEY_LENGTH) - ); + , keyId + , sprint_hex(key, CIPURSE_AES_KEY_LENGTH) + ); } if (noAuth == false) { @@ -989,9 +989,9 @@ static int CmdHFCipurseWriteFileAttr(const char *Cmd) { if (!noAuth) PrintAndLogEx(INFO, "Key id " _YELLOW_("%d") " key " _YELLOW_("%s") - , keyId - , sprint_hex(key, CIPURSE_AES_KEY_LENGTH) - ); + , keyId + , sprint_hex(key, CIPURSE_AES_KEY_LENGTH) + ); } if (noAuth == false) { @@ -1085,9 +1085,9 @@ static int CmdHFCipurseFormatAll(const char *Cmd) { PrintAndLogEx(WARNING, _YELLOW_("FORMAT erases all the data at this card!!!")); if (!noauth) PrintAndLogEx(INFO, "key id " _YELLOW_("%d") " key " _YELLOW_("%s") - , keyId - , sprint_hex(key, CIPURSE_AES_KEY_LENGTH) - ); + , keyId + , sprint_hex(key, CIPURSE_AES_KEY_LENGTH) + ); } if (!noauth) { @@ -1121,7 +1121,7 @@ static int CmdHFCipurseCreateDGI(const char *Cmd) { "Create application/file/key by provide appropriate DGI. If no key is supplied, default key of 737373...7373 will be used", "hf cipurse create -d 9200123F00200008000062098407A0000005070100 -> create PTSE file with FID 0x2000 and space for 8 AIDs\n" "hf cipurse create -d 92002438613F010A050200004040FF021009021009621084054144204631D407A0000005070100A00F28" - "73737373737373737373737373737373015FD67B000102030405060708090A0B0C0D0E0F01C6A13B -> create default file with FID 3F01 and 2 keys\n" + "73737373737373737373737373737373015FD67B000102030405060708090A0B0C0D0E0F01C6A13B -> create default file with FID 3F01 and 2 keys\n" "hf cipurse create --aid 4144204631 -d 92010C010001020030020000FFFFFF -> create 0x0102 binary data EF under application 4144204631\n"); void *argtable[] = { @@ -1208,9 +1208,9 @@ static int CmdHFCipurseCreateDGI(const char *Cmd) { if (verbose) { if (!noauth) PrintAndLogEx(INFO, "key id " _YELLOW_("%d") " key " _YELLOW_("%s") - , keyId - , sprint_hex(key, CIPURSE_AES_KEY_LENGTH) - ); + , keyId + , sprint_hex(key, CIPURSE_AES_KEY_LENGTH) + ); } if (!noauth) { @@ -1228,8 +1228,8 @@ static int CmdHFCipurseCreateDGI(const char *Cmd) { res = CIPURSECreateFile(hdata, hdatalen, buf, sizeof(buf), &len, &sw); if (res != 0 || sw != 0x9000) { - PrintAndLogEx(ERR, "Create file command " _RED_("ERROR") ". Card returns:\n 0x%04x - %s", sw, - GetSpecificAPDUCodeDesc(SelectAPDUCodeDescriptions, ARRAYLEN(SelectAPDUCodeDescriptions), sw)); + PrintAndLogEx(ERR, "Create file command " _RED_("ERROR") ". Card returns:\n 0x%04x - %s", sw, + GetSpecificAPDUCodeDesc(SelectAPDUCodeDescriptions, ARRAYLEN(SelectAPDUCodeDescriptions), sw)); DropField(); return PM3_ESOFT; } @@ -1282,7 +1282,7 @@ static int CmdHFCipurseDeleteFile(const char *Cmd) { CipurseChannelSecurityLevel sreq = CPSMACed; CipurseChannelSecurityLevel sresp = CPSMACed; uint8_t key[CIPURSE_AES_KEY_LENGTH] = {0}; - + uint8_t aid[16] = {0}; size_t aidLen = 0; bool useAID = false; @@ -1314,9 +1314,9 @@ static int CmdHFCipurseDeleteFile(const char *Cmd) { if (!noauth) PrintAndLogEx(INFO, "key id " _YELLOW_("%d") " key " _YELLOW_("%s") - , keyId - , sprint_hex(key, CIPURSE_AES_KEY_LENGTH) - ); + , keyId + , sprint_hex(key, CIPURSE_AES_KEY_LENGTH) + ); } uint8_t buf[APDU_RES_LEN] = {0}; @@ -1331,7 +1331,7 @@ static int CmdHFCipurseDeleteFile(const char *Cmd) { return PM3_ESOFT; } } else { - res = CIPURSESelectMFEx(true, true, buf, sizeof(buf), &len, &sw); + res = CIPURSESelectMFEx(true, true, buf, sizeof(buf), &len, &sw); if (res != 0 || sw != 0x9000) { PrintAndLogEx(ERR, "Cipurse masterfile select " _RED_("error") ". Card returns 0x%04x", sw); DropField(); @@ -1355,8 +1355,8 @@ static int CmdHFCipurseDeleteFile(const char *Cmd) { if (useChildFID) { res = CIPURSEDeleteFile(childFileId, buf, sizeof(buf), &len, &sw); if (res != 0 || sw != 0x9000) { - PrintAndLogEx(ERR, "Delete child file " _CYAN_("%04x ") _RED_("ERROR") ". Card returns:\n 0x%04x - %s", childFileId, sw, - GetSpecificAPDUCodeDesc(DeleteAPDUCodeDescriptions, ARRAYLEN(DeleteAPDUCodeDescriptions), sw)); + PrintAndLogEx(ERR, "Delete child file " _CYAN_("%04x ") _RED_("ERROR") ". Card returns:\n 0x%04x - %s", childFileId, sw, + GetSpecificAPDUCodeDesc(DeleteAPDUCodeDescriptions, ARRAYLEN(DeleteAPDUCodeDescriptions), sw)); DropField(); return PM3_ESOFT; } @@ -1364,8 +1364,8 @@ static int CmdHFCipurseDeleteFile(const char *Cmd) { } else if (useFID) { res = CIPURSEDeleteFile(fileId, buf, sizeof(buf), &len, &sw); if (res != 0 || sw != 0x9000) { - PrintAndLogEx(ERR, "Delete file " _CYAN_("%04x ") _RED_("ERROR") ". Card returns:\n 0x%04x - %s", fileId, sw, - GetSpecificAPDUCodeDesc(DeleteAPDUCodeDescriptions, ARRAYLEN(DeleteAPDUCodeDescriptions), sw)); + PrintAndLogEx(ERR, "Delete file " _CYAN_("%04x ") _RED_("ERROR") ". Card returns:\n 0x%04x - %s", fileId, sw, + GetSpecificAPDUCodeDesc(DeleteAPDUCodeDescriptions, ARRAYLEN(DeleteAPDUCodeDescriptions), sw)); DropField(); return PM3_ESOFT; } @@ -1373,10 +1373,10 @@ static int CmdHFCipurseDeleteFile(const char *Cmd) { } else { res = CIPURSEDeleteFileAID(aid, aidLen, buf, sizeof(buf), &len, &sw); if (res != 0 || sw != 0x9000) { - PrintAndLogEx(ERR, "Delete application " _CYAN_("%s ") _RED_("ERROR") ". Card returns:\n 0x%04x - %s", - sprint_hex_inrow(aid, aidLen), - sw, - GetSpecificAPDUCodeDesc(DeleteAPDUCodeDescriptions, ARRAYLEN(DeleteAPDUCodeDescriptions), sw)); + PrintAndLogEx(ERR, "Delete application " _CYAN_("%s ") _RED_("ERROR") ". Card returns:\n 0x%04x - %s", + sprint_hex_inrow(aid, aidLen), + sw, + GetSpecificAPDUCodeDesc(DeleteAPDUCodeDescriptions, ARRAYLEN(DeleteAPDUCodeDescriptions), sw)); DropField(); return PM3_ESOFT; } @@ -1464,14 +1464,13 @@ static int CmdHFCipurseDefault(const char *Cmd) { CLIParserFree(ctx); - PrintAndLogEx(INFO, "------------------- " _CYAN_("Default parameters") " -------------------"); PrintAndLogEx(INFO, "Key ID : %d", defaultKeyId); PrintAndLogEx(INFO, "Key : %s", sprint_hex(defaultKey, sizeof(defaultKey))); PrintAndLogEx(INFO, "AID : %s", sprint_hex(defaultAID, defaultAIDLength)); PrintAndLogEx(INFO, "File ID: 0x%04x", defaultFileId); - + return PM3_SUCCESS; } diff --git a/client/src/emv/emv_tags.c b/client/src/emv/emv_tags.c index 7c80aa94f..0d5ddbc31 100644 --- a/client/src/emv/emv_tags.c +++ b/client/src/emv/emv_tags.c @@ -467,7 +467,7 @@ static void emv_tag_dump_bitmask(const struct tlv *tlv, const struct emv_tag *ta unsigned char val = tlv->value[byte - 1]; PrintAndLogEx(INFO, "%*s" NOLF, (level * 4), " "); PrintAndLogEx(NORMAL, " Byte %u (%02x)", byte, val); - + for (bit = 8; bit > 0; bit--, val <<= 1) { if (val & 0x80) { PrintAndLogEx(INFO, "%*s" NOLF, (level * 4), " "); @@ -491,7 +491,7 @@ static void emv_tag_dump_dol(const struct tlv *tlv, const struct emv_tag *tag, i const struct emv_tag *doltag; if (!tlv_parse_tl(&buf, &left, &doltlv)) { - PrintAndLogEx(INFO, "%*sInvalid Tag-Len" , (level * 4), " "); + PrintAndLogEx(INFO, "%*sInvalid Tag-Len", (level * 4), " "); continue; } @@ -557,7 +557,7 @@ static uint32_t emv_get_binary(const unsigned char *S) { // https://github.com/binaryfoo/emv-bertlv/blob/master/src/main/resources/fields/visa-cvr.txt static void emv_tag_dump_cvr(const struct tlv *tlv, const struct emv_tag *tag, int level) { if (tlv == NULL || tlv->len < 1) { - PrintAndLogEx(INFO, "%*s INVALID length!" , (level * 4), " "); + PrintAndLogEx(INFO, "%*s INVALID length!", (level * 4), " "); return; } diff --git a/doc/commands.json b/doc/commands.json index dac618bd0..e0f1f245b 100644 --- a/doc/commands.json +++ b/doc/commands.json @@ -1693,7 +1693,10 @@ "command": "hf cipurse aread", "description": "read file attributes by file id with key id and key. if no key is supplied, default key of 737373...7373 will be used", "notes": [ - "hf cipurse aread --fid 2ff7 -> authenticate with keyid 1, read file attributes with id 2ff7", + "hf cipurse aread --fid 2ff7 -> select mf, authenticate with keyid 1, read file attributes with id 2ff7", + "hf cipurse aread --mfd -> read file attributes for master file (mf)", + "hf cipurse aread --chfid 0102 -> read file 0102 attributes in the default application", + "hf cipurse aread --aid 4144204632 --chfid 0102 -> read file 0102 attributes in the 4144204632 application", "hf cipurse aread -n 2 -k 65656565656565656565656565656565 --fid 2ff7 -> authenticate keyid 2, read file attributes" ], "offline": false, @@ -1703,14 +1706,15 @@ "-v, --verbose show technical data", "-n key id", "-k, --key auth key", + "--mfd show info about master file", + "--aid select application id (aid)", "--fid file id", + "--chfid child file id (ef under application/master file)", "--noauth read file attributes without authentication", "--sreq communication reader-picc security level", - "--sresp communication picc-reader security level", - "--sel-adf show info about adf itself", - "--sel-mf show info about master file" + "--sresp communication picc-reader security level" ], - "usage": "hf cipurse aread [-hav] [-n ] [-k ] [--fid ] [--noauth] [--sreq ] [--sresp ] [--sel-adf] [--sel-mf]" + "usage": "hf cipurse aread [-hav] [-n ] [-k ] [--mfd] [--aid ] [--fid ] [--chfid ] [--noauth] [--sreq ] [--sresp ]" }, "hf cipurse auth": { "command": "hf cipurse auth", @@ -1724,33 +1728,22 @@ "-h, --help this help", "-a, --apdu show apdu requests and responses", "-v, --verbose show technical data", + "--aid application id (aid)", + "--fid top file/application id (fid)", + "--mfd select masterfile by empty id", "-n key id", "-k, --key auth key" ], - "usage": "hf cipurse auth [-hav] [-n ] [-k ]" + "usage": "hf cipurse auth [-hav] [--aid ] [--fid ] [--mfd] [-n ] [-k ]" }, - "hf cipurse default": { - "command": "hf cipurse default", - "description": "set default parameters for access to cipurse card", + "hf cipurse awrite": { + "command": "hf cipurse awrite", + "description": "write file attributes by file id with key id and key. if no key is supplied, default key of 737373...7373 will be used", "notes": [ - "hf cipurse default -n 1 -k 65656565656565656565656565656565 --fid 2ff7 -> set key, key id and file id" - ], - "offline": false, - "options": [ - "-h, --help this help", - "--clear resets to defaults", - "-n key id", - "-k, --key authentication key", - "--fid file id" - ], - "usage": "hf cipurse default [-h] [--clear] [-n ] [-k ] [--fid ]" - }, - "hf cipurse delete": { - "command": "hf cipurse delete", - "description": "read file by file id with key id and key. if no key is supplied, default key of 737373...7373 will be used", - "notes": [ - "hf cipurse delete --fid 2ff7 -> authenticate with keyid 1, delete file with id 2ff7", - "hf cipurse delete -n 2 -k 65656565656565656565656565656565 --fid 2ff7 -> authenticate keyid 2 and delete file" + "hf cipurse awrite --fid 2ff7 -d 080000c1c1c1c1c1c1c1c1c1 -> write default file attributes with id 2ff7", + "hf cipurse awrite --mfd -d 080000ffffffffffffffffff86023232 --commit -> write file attributes for master file (mf)", + "hf cipurse awrite --chfid 0102 -d 020000ffffff -> write file 0102 attributes in the default application to full access", + "hf cipurse awrite --chfid 0102 -d 02000040ffff -> write file 0102 attributes in the default application to full access with keys 1 and 2" ], "offline": false, "options": [ @@ -1759,11 +1752,109 @@ "-v, --verbose show technical data", "-n key id", "-k, --key auth key", + "--mfd show info about master file", + "--aid select application id (aid)", "--fid file id", + "--chfid child file id (ef under application/master file)", + "--noauth read file attributes without authentication", "--sreq communication reader-picc security level", - "--sresp communication picc-reader security level" + "--sresp communication picc-reader security level", + "-d, --data file attributes", + "--commit need commit after write" ], - "usage": "hf cipurse delete [-hav] [-n ] [-k ] [--fid ] [--sreq ] [--sresp ]" + "usage": "hf cipurse awrite [-hav] [-n ] [-k ] [--mfd] [--aid ] [--fid ] [--chfid ] [--noauth] [--sreq ] [--sresp ] [-d ] [--commit]" + }, + "hf cipurse create": { + "command": "hf cipurse create", + "description": "create application/file/key by provide appropriate dgi. if no key is supplied, default key of 737373...7373 will be used", + "notes": [ + "hf cipurse create -d 9200123f00200008000062098407a0000005070100 -> create ptse file with fid 0x2000 and space for 8 aids", + "hf cipurse create -d 92002438613f010a050200004040ff021009021009621084054144204631d407a0000005070100a00f2873737373737373737373737373737373015fd67b000102030405060708090a0b0c0d0e0f01c6a13b -> create default file with fid 3f01 and 2 keys", + "hf cipurse create --aid 4144204631 -d 92010c010001020030020000ffffff -> create 0x0102 binary data ef under application 4144204631" + ], + "offline": false, + "options": [ + "-h, --help this help", + "-a, --apdu show apdu requests and responses", + "-v, --verbose show technical data", + "-n key id", + "-k, --key auth key", + "--aid application id (aid)", + "--fid file id (fid)", + "--mfd select masterfile by empty id", + "-d, --data data with dgi for create", + "--sreq communication reader-picc security level", + "--sresp communication picc-reader security level", + "--no-auth execute without authentication", + "--commit need commit after create" + ], + "usage": "hf cipurse create [-hav] [-n ] [-k ] [--aid ] [--fid ] [--mfd] [-d ] [--sreq ] [--sresp ] [--no-auth] [--commit]" + }, + "hf cipurse default": { + "command": "hf cipurse default", + "description": "set default parameters for access to cipurse card", + "notes": [ + "hf cipurse default --reset -> reset parameters to default", + "hf cipurse default -n 1 -k 65656565656565656565656565656565 --fid 2ff7 -> set key, key id and file id", + "hf cipurse default --aid 4144204632 -> set default application id" + ], + "offline": false, + "options": [ + "-h, --help this help", + "--clear resets to defaults", + "-n key id", + "-k, --key authentication key", + "--aid application id (aid)", + "--fid file id" + ], + "usage": "hf cipurse default [-h] [--clear] [-n ] [-k ] [--aid ] [--fid ]" + }, + "hf cipurse delete": { + "command": "hf cipurse delete", + "description": "delete file by file id with key id and key. if no key is supplied, default key of 737373...7373 will be used", + "notes": [ + "hf cipurse delete --fid 2ff7 -> authenticate with keyid 1, delete file with id 2ff7 at top level", + "hf cipurse delete -n 2 -k 65656565656565656565656565656565 --fid 2ff7 -> authenticate keyid 2 and delete file", + "hf cipurse delete --aid a0000005070100 --no-auth -> delete ptse file with aid a0000005070100 without authentication", + "hf cipurse delete --aid 4144204631 --chfid 0102 -> delete ef with fid 0x0102 under default application" + ], + "offline": false, + "options": [ + "-h, --help this help", + "-a, --apdu show apdu requests and responses", + "-v, --verbose show technical data", + "-n key id", + "-k, --key auth key", + "--fid file/application id under mf for delete", + "--aid application id (aid) for delete", + "--chfid child file id (ef under application/master file)", + "--sreq communication reader-picc security level", + "--sresp communication picc-reader security level", + "--no-auth execute without authentication", + "--commit commit" + ], + "usage": "hf cipurse delete [-hav] [-n ] [-k ] [--fid ] [--aid ] [--chfid ] [--sreq ] [--sresp ] [--no-auth] [--commit]" + }, + "hf cipurse formatall": { + "command": "hf cipurse formatall", + "description": "format card. erases all the data at the card level!", + "notes": [ + "hf cipurse formatall -> format card with default key", + "hf cipurse formatall -n 2 -k 65656565656565656565656565656565 -> format card with keyid 2", + "hf cipurse formatall --no-auth -> format card without authentication. works for card in perso state" + ], + "offline": false, + "options": [ + "-h, --help this help", + "-a, --apdu show apdu requests and responses", + "-v, --verbose show technical data", + "-n key id", + "-k, --key auth key", + "--sreq communication reader-picc security level", + "--sresp communication picc-reader security level", + "--no-auth execute without authentication" + ], + "usage": "hf cipurse formatall [-hav] [-n ] [-k ] [--sreq ] [--sresp ] [--no-auth]" }, "hf cipurse help": { "command": "hf cipurse help", @@ -1779,10 +1870,11 @@ }, "hf cipurse read": { "command": "hf cipurse read", - "description": "read file by file id with key id and key. if no key is supplied, default key of 737373...7373 will be used", + "description": "read file in the application by file id with key id and key. if no key is supplied, default key of 737373...7373 will be used", "notes": [ "hf cipurse read --fid 2ff7 -> authenticate with keyid 1, read file with id 2ff7", - "hf cipurse read -n 2 -k 65656565656565656565656565656565 --fid 2ff7 -> authenticate keyid 2 and read file" + "hf cipurse read -n 2 -k 65656565656565656565656565656565 --fid 2ff7 -> authenticate keyid 2 and read file", + "hf cipurse read --aid 4144204631 --fid 0102 -> read file with id 0102 from application 4144204631" ], "offline": false, "options": [ @@ -1791,13 +1883,36 @@ "-v, --verbose show technical data", "-n key id", "-k, --key auth key", + "--aid application id (aid)", "--fid file id", "-o, --offset offset for reading data from file", "--noauth read file without authentication", "--sreq communication reader-picc security level", "--sresp communication picc-reader security level" ], - "usage": "hf cipurse read [-hav] [-n ] [-k ] [--fid ] [-o ] [--noauth] [--sreq ] [--sresp ]" + "usage": "hf cipurse read [-hav] [-n ] [-k ] [--aid ] [--fid ] [-o ] [--noauth] [--sreq ] [--sresp ]" + }, + "hf cipurse select": { + "command": "hf cipurse select", + "description": "select application or file", + "notes": [ + "hf cipurse select --aid a0000005070100 -> select ptse application by aid", + "hf cipurse select --fid 3f00 -> select master file by fid 3f00", + "hf cipurse select --fid 2ff7 -> select attribute file by fid 2ff7", + "hf cipurse select --mfd -vt -> select default file by empty fid and show response data in plain and tlv decoded format" + ], + "offline": false, + "options": [ + "-h, --help this help", + "-a, --apdu show apdu requests and responses", + "-v, --verbose show technical data", + "-t, --tlv tlv decode returned data", + "--aid application id (aid)", + "--fid top level file (or application) id (fid)", + "--mfd select masterfile by empty id", + "--chfid child file id (ef under application/master file)" + ], + "usage": "hf cipurse select [-havt] [--aid ] [--fid ] [--mfd] [--chfid ]" }, "hf cipurse test": { "command": "hf cipurse test", @@ -1816,10 +1931,12 @@ }, "hf cipurse write": { "command": "hf cipurse write", - "description": "write file by file id with key id and key. if no key is supplied, default key of 737373...7373 will be used", + "description": "write file in the application by file id with key id and key. if no key is supplied, default key of 737373...7373 will be used", "notes": [ - "hf cipurse write --fid 2ff7 -> authenticate with keyid 1, write file with id 2ff7", - "hf cipurse write -n 2 -k 65656565656565656565656565656565 --fid 2ff7 -> authenticate keyid 2 and write file" + "hf cipurse write --fid 2ff7 -d aabb -> authenticate with keyid 1, write file with id 2ff7", + "hf cipurse write -n 2 -k 65656565656565656565656565656565 --fid 2ff7 -d aabb -> authenticate keyid 2 and write file", + "hf cipurse write --aid 4144204631 --fid 0102 -d aabb -> write file with id 0102 in the 4144204631 application", + "hf cipurse write --fid 0102 -d aabb --commit -> write file with id 0102 and perform commit after write" ], "offline": false, "options": [ @@ -1828,14 +1945,16 @@ "-v, --verbose show technical data", "-n key id", "-k, --key auth key", + "--aid application id (aid)", "--fid file id", "-o, --offset offset for reading data from file", "--noauth read file without authentication", "--sreq communication reader-picc security level", "--sresp communication picc-reader security level", - "-d, --data hex data to write to new file" + "-d, --data hex data to write to new file", + "--commit need commit after write" ], - "usage": "hf cipurse write [-hav] [-n ] [-k ] [--fid ] [-o ] [--noauth] [--sreq ] [--sresp ] [-d ]" + "usage": "hf cipurse write [-hav] [-n ] [-k ] [--aid ] [--fid ] [-o ] [--noauth] [--sreq ] [--sresp ] [-d ] [--commit]" }, "hf emrtd help": { "command": "hf emrtd help", @@ -4130,19 +4249,19 @@ "-h, --help this help", "-a, --apdu show apdu requests and responses", "-v, --verbose show technical data", - "-n, --keyno key number", - "-t, --algo crypt algo: des, 2tdea, 3tdea, aes", - "-k, --key key for authenticate (hex 8(des), 16(2tdea or aes) or 24(3tdea) bytes)", - "-f, --kdf key derivation function (kdf): none, an10922, gallagher", - "-i, --kdfi kdf input (hex 1-31 bytes)", - "-m, --cmode communicaton mode: plain/mac/encrypt", - "-c, --ccset communicaton command set: native/niso/iso", - "-s, --schann secure channel: d40/ev1/ev2/lrp", - "--aid application id of application for some parameters (3 hex bytes, big endian)", - "--appisoid application iso id (iso df id) (2 hex bytes, big endian).", + "-n, --keyno key number", + "-t, --algo crypt algo: des, 2tdea, 3tdea, aes", + "-k, --key key for authenticate (hex 8(des), 16(2tdea or aes) or 24(3tdea) bytes)", + "-f, --kdf key derivation function (kdf): none, an10922, gallagher", + "-i, --kdfi kdf input (hex 1-31 bytes)", + "-m, --cmode communicaton mode: plain/mac/encrypt", + "-c, --ccset communicaton command set: native/niso/iso", + "-s, --schann secure channel: d40/ev1/ev2/lrp", + "--aid application id of application for some parameters (3 hex bytes, big endian)", + "--appisoid application iso id (iso df id) (2 hex bytes, big endian).", "--save saves channels parameters to defaults if authentication succeeds" ], - "usage": "hf mfdes auth [-hav] [-n ] [-t ] [-k ] [-f ] [-i ] [-m ] [-c ] [-s ] [--aid ] [--appisoid ] [--save]" + "usage": "hf mfdes auth [-hav] [-n ] [-t ] [-k ] [-f ] [-i ] [-m ] [-c ] [-s ] [--aid ] [--appisoid ] [--save]" }, "hf mfdes bruteaid": { "command": "hf mfdes bruteaid", @@ -8328,6 +8447,7 @@ "description": "clone a farpointe/pyramid tag to a t55x7, q5/t5555 or em4305/4469 tag. the facility-code is 8-bit and the card number is 16-bit. larger values are truncated. currently only works on 26bit", "notes": [ "lf pyramid clone --fc 123 --cn 11223", + "lf pyramid clone --raw 0001010101010101010440013223921c", "lf pyramid clone --fc 123 --cn 11223 --q5 -> encode for q5/t5555 tag", "lf pyramid clone --fc 123 --cn 11223 --em -> encode for em4305/4469" ], @@ -8337,9 +8457,10 @@ "--fc 8-bit value facility code", "--cn 16-bit value card number", "--q5 optional - specify writing to q5/t5555 tag", - "--em optional - specify writing to em4305/4469 tag" + "--em optional - specify writing to em4305/4469 tag", + "-r, --raw raw hex data. 16 bytes" ], - "usage": "lf pyramid clone [-h] --fc --cn [--q5] [--em]" + "usage": "lf pyramid clone [-h] [--fc ] [--cn ] [--q5] [--em] [-r ]" }, "lf pyramid help": { "command": "lf pyramid help", @@ -8370,15 +8491,17 @@ "command": "lf pyramid sim", "description": "enables simulation of farpointe/pyramid card with specified card number. simulation runs until the button is pressed or another usb command is issued. the facility-code is 8-bit and the card number is 16-bit. larger values are truncated. currently work only on 26bit", "notes": [ - "lf pyramid sim --fc 123 --cn 1337" + "lf pyramid sim --fc 123 --cn 1337", + "lf pyramid clone --raw 0001010101010101010440013223921c" ], "offline": false, "options": [ "-h, --help this help", "--fc 8-bit value facility code", - "--cn 16-bit value card number" + "--cn 16-bit value card number", + "-r, --raw raw hex data. 16 bytes" ], - "usage": "lf pyramid sim [-h] --fc --cn " + "usage": "lf pyramid sim [-h] [--fc ] [--cn ] [-r ]" }, "lf read": { "command": "lf read", @@ -9980,7 +10103,21 @@ }, "trace help": { "command": "trace help", - "description": "help this help list list protocol data in trace buffer load load trace from file save save trace buffer to file --------------------------------------------------------------------------------------- trace list available offline: yes annotate trace buffer with selected protocol data you can load a trace from file (see `trace load -h`) or it be downloaded from device by default", + "description": "help this help extract extract authentication challenges found in trace list list protocol data in trace buffer load load trace from file save save trace buffer to file --------------------------------------------------------------------------------------- trace extract available offline: yes extracts protocol authentication challenges from trace buffer", + "notes": [ + "trace extract", + "trace extract -1" + ], + "offline": true, + "options": [ + "-h, --help this help", + "-1, --buffer use data from trace buffer" + ], + "usage": "trace extract [-h1]" + }, + "trace list": { + "command": "trace list", + "description": "annotate trace buffer with selected protocol data you can load a trace from file (see `trace load -h`) or it be downloaded from device by default", "notes": [ "trace list -t raw -> just show raw data without annotations", "", @@ -10206,8 +10343,8 @@ } }, "metadata": { - "commands_extracted": 598, + "commands_extracted": 603, "extracted_by": "PM3Help2JSON v1.00", - "extracted_on": "2022-01-23T19:02:27" + "extracted_on": "2022-02-04T13:37:03" } } \ No newline at end of file diff --git a/doc/commands.md b/doc/commands.md index 1c1743051..0890285ad 100644 --- a/doc/commands.md +++ b/doc/commands.md @@ -243,10 +243,14 @@ Check column "offline" for their availability. |------- |------- |----------- |`hf cipurse help `|Y |`This help.` |`hf cipurse info `|N |`Get info about CIPURSE tag` +|`hf cipurse select `|N |`Select CIPURSE application or file` |`hf cipurse auth `|N |`Authenticate CIPURSE tag` |`hf cipurse read `|N |`Read binary file` |`hf cipurse write `|N |`Write binary file` |`hf cipurse aread `|N |`Read file attributes` +|`hf cipurse awrite `|N |`Write file attributes` +|`hf cipurse formatall `|N |`Erase all the data from chip` +|`hf cipurse create `|N |`Create file, application, key via DGI record` |`hf cipurse delete `|N |`Delete file` |`hf cipurse default `|N |`Set default key and file id for all the other commands` |`hf cipurse test `|Y |`Tests` @@ -1287,6 +1291,7 @@ Check column "offline" for their availability. |command |offline |description |------- |------- |----------- |`trace help `|Y |`This help` +|`trace extract `|Y |`Extract authentication challenges found in trace` |`trace list `|Y |`List protocol data in trace buffer` |`trace load `|Y |`Load trace from file` |`trace save `|Y |`Save trace buffer to file`