From 618925b15cd5c79834a668eccc1560dbacc1339f Mon Sep 17 00:00:00 2001 From: Artem Gnatyuk Date: Sat, 7 Mar 2020 23:25:24 +0700 Subject: [PATCH 1/7] Final version --- armsrc/Standalone/Makefile.hal | 12 +++++++++++- armsrc/Standalone/Makefile.inc | 14 +++++++++++++- 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/armsrc/Standalone/Makefile.hal b/armsrc/Standalone/Makefile.hal index 2dec4cfde..776ae3f0f 100644 --- a/armsrc/Standalone/Makefile.hal +++ b/armsrc/Standalone/Makefile.hal @@ -41,9 +41,19 @@ define KNOWN_STANDALONE_DEFINITIONS | LF_ICEHID | LF HID collector to flashmem | | (RDV4 only) | | +----------------------------------------------------------+ +| LF_EM4100EMULV1 | Simulate predefined em4100 tags only | +| | | ++----------------------------------------------------------+ +| LF_EM4100EMULV2 | Read/simulate em4100 tags | +| | | ++----------------------------------------------------------+ +| LF_EM4100EMULV3 | Read/simulate em4100 tags & clone it | +| | to T555x tags | ++----------------------------------------------------------+ + endef -STANDALONE_MODES := LF_SAMYRUN LF_ICERUN LF_PROXBRUTE LF_HIDBRUTE LF_ICEHID +STANDALONE_MODES := LF_SAMYRUN LF_ICERUN LF_PROXBRUTE LF_HIDBRUTE LF_ICEHID LF_EM4100EMULV1 LF_EM4100EMULV2 LF_EM4100EMULV3 STANDALONE_MODES += HF_YOUNG HF_MATTYRUN HF_COLIN HF_BOG HF_14ASNIFF STANDALONE_MODES_REQ_SMARTCARD := STANDALONE_MODES_REQ_FLASH := HF_COLIN HF_BOG HF_14ASNIFF LF_ICEHID diff --git a/armsrc/Standalone/Makefile.inc b/armsrc/Standalone/Makefile.inc index d4de0411e..e7ca1bfe0 100644 --- a/armsrc/Standalone/Makefile.inc +++ b/armsrc/Standalone/Makefile.inc @@ -40,4 +40,16 @@ endif # WITH_STANDALONE_LF_ICEHID ifneq (,$(findstring WITH_STANDALONE_LF_ICEHID,$(APP_CFLAGS))) SRC_STANDALONE = lf_icehid.c -endif \ No newline at end of file +endif +# WITH_STANDALONE_LF_EM4100EMULV1 +ifneq (,$(findstring WITH_STANDALONE_LF_EM4100EMULV1,$(APP_CFLAGS))) + SRC_STANDALONE = lf_em4100emulV1.c +endif +# WITH_STANDALONE_LF_EM4100EMULV2 +ifneq (,$(findstring WITH_STANDALONE_LF_EM4100EMULV2,$(APP_CFLAGS))) + SRC_STANDALONE = lf_em4100emulV2.c +endif +# WITH_STANDALONE_LF_EM4100EMULV3 +ifneq (,$(findstring WITH_STANDALONE_LF_EM4100EMULV3,$(APP_CFLAGS))) + SRC_STANDALONE = lf_em4100emulV3.c +endif From 4b07fecd6b8cdea074bea7ed6ec82266ae8049c6 Mon Sep 17 00:00:00 2001 From: Artem Gnatyuk Date: Sun, 8 Mar 2020 00:07:38 +0700 Subject: [PATCH 2/7] Add missed files --- armsrc/Standalone/lf_em4100emulV1.c | 107 +++++++++++++++ armsrc/Standalone/lf_em4100emulV2.c | 171 ++++++++++++++++++++++++ armsrc/Standalone/lf_em4100emulV3.c | 197 ++++++++++++++++++++++++++++ 3 files changed, 475 insertions(+) create mode 100644 armsrc/Standalone/lf_em4100emulV1.c create mode 100644 armsrc/Standalone/lf_em4100emulV2.c create mode 100644 armsrc/Standalone/lf_em4100emulV3.c diff --git a/armsrc/Standalone/lf_em4100emulV1.c b/armsrc/Standalone/lf_em4100emulV1.c new file mode 100644 index 000000000..d132f3650 --- /dev/null +++ b/armsrc/Standalone/lf_em4100emulV1.c @@ -0,0 +1,107 @@ +//----------------------------------------------------------------------------- +// Artyom Gnatyuk, 2020 +// +// This code is licensed to you under the terms of the GNU GPL, version 2 or, +// at your option, any later version. See the LICENSE.txt file for the text of +// the license. +//----------------------------------------------------------------------------- +// LF emul V1 - Very simple mode. Simulate only predefined in low[] IDs +// Short click - change current slot +// Long press - simulate tag ID from current slot +//----------------------------------------------------------------------------- +#include "standalone.h" +#include "proxmark3_arm.h" +#include "appmain.h" +#include "fpgaloader.h" +#include "lfops.h" +#include "util.h" +#include "dbprint.h" +#include "ticks.h" +#include "string.h" +#include "BigBuf.h" + +#define MAX_IND 16 // 4 LEDs - 2^4 combinations +#define CLOCK 64 //for 125kHz + +// low & high - array for storage IDs. Its length must be equal. +// Predefined IDs must be stored in low[]. +// In high[] must be nulls +uint64_t low[] = {0x565A1140BE,0x365A398149,0x5555555555,0xFFFFFFFFFF}; +uint32_t high[] = {0,0,0,0}; +uint8_t *bba,slots_count; +int buflen; + +void ModInfo(void) { + DbpString(" LF EM4100 simulate standalone V1"); +} + +uint64_t ReversQuads(uint64_t bits){ + uint64_t result = 0; + for (int i = 0; i < 16; i++){ + result += ((bits >> (60 - 4 *i)) & 0xf) << (4 * i); + } + return result >> 24; +} + +void FillBuff(uint8_t bit) { + memset (bba + buflen, bit, CLOCK / 2); + buflen += (CLOCK / 2); + memset (bba + buflen, bit^1,CLOCK / 2); + buflen += (CLOCK / 2); +} + +void ConstructEM410xEmulBuf(uint64_t id) { + + int i, j, binary[4], parity[4]; + buflen = 0; + for (i = 0; i < 9; i++) + FillBuff(1); + parity[0] = parity[1] = parity[2] = parity[3] = 0; + for (i = 0; i < 10; i++) { + for (j = 3; j >= 0; j--, id /= 2) + binary[j] = id % 2; + for (j = 0; j < 4; j++) + FillBuff(binary[j]); + FillBuff(binary[0] ^ binary[1] ^ binary[2] ^ binary[3]); + for (j = 0; j < 4; j++) + parity[j] ^= binary[j]; + } + for (j = 0; j < 4; j++) + FillBuff(parity[j]); + FillBuff(0); +} + +void LED_Slot(int i) { + if (slots_count > 4) { + LED(i % MAX_IND, 0); //binary indication for slots_count > 4 + } else { + LED(1 << i,0); //simple indication for slots_count <=4 + } +} + +void RunMod() { + StandAloneMode(); + FpgaDownloadAndGo(FPGA_BITSTREAM_LF); + int selected = 0; + slots_count = sizeof(low)/sizeof(low[0]); + bba = BigBuf_get_addr(); + LED_Slot(selected); + for (;;) { + WDT_HIT(); + if (data_available()) break; + int button_pressed = BUTTON_HELD(1000); + SpinDelay(300); + if (button_pressed == 1) { + SpinUp(100); + SpinOff(10); + LED_Slot(selected); + ConstructEM410xEmulBuf(ReversQuads(low[selected])); + SimulateTagLowFrequency(buflen, 0, true); + LED_Slot(selected); + } else if (button_pressed < 0) { + selected = (selected + 1) % slots_count; + LEDsoff(); + LED_Slot(selected); + } + } +} diff --git a/armsrc/Standalone/lf_em4100emulV2.c b/armsrc/Standalone/lf_em4100emulV2.c new file mode 100644 index 000000000..2b48aeced --- /dev/null +++ b/armsrc/Standalone/lf_em4100emulV2.c @@ -0,0 +1,171 @@ +//----------------------------------------------------------------------------- +// Artyom Gnatyuk, 2020 +// +// This code is licensed to you under the terms of the GNU GPL, version 2 or, +// at your option, any later version. See the LICENSE.txt file for the text of +// the license. +//----------------------------------------------------------------------------- +// LF emul V2 - This mode can simulate tag ID from selected slot and read tag ID +// to selected slot and to flash (only RDV4). Also you can set +// predefined IDs in any slot. +// To recall stored ID from flash execute: +// mem dump o offset l 5 p +// where offset = 5 * selected slot +//----------------------------------------------------------------------------- +#include "standalone.h" +#include "proxmark3_arm.h" +#include "appmain.h" +#include "fpgaloader.h" +#include "lfops.h" +#include "util.h" +#include "dbprint.h" +#include "ticks.h" +#include "string.h" +#include "BigBuf.h" + +#ifdef WITH_FLASH +#include "flashmem.h" +#endif + +#define MAX_IND 16 // 4 LEDs - 2^4 combinations +#define CLOCK 64 //for 125kHz + +// low & high - array for storage IDs. Its length must be equal. +// Predefined IDs must be stored in low[]. +// In high[] must be nulls +uint64_t low[] = {0x565AF781C7,0x540053E4E2,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; +uint32_t high[] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; +uint8_t *bba,slots_count; +int buflen; + +void ModInfo(void) { + DbpString(" LF EM4100 simulate standalone V2"); +} + +uint64_t ReversQuads(uint64_t bits){ + uint64_t result = 0; + for (int i = 0; i < 16; i++){ + result += ((bits >> (60 - 4 *i)) & 0xf) << (4 * i); + } + return result >> 24; +} + +void FillBuff(uint8_t bit) { + memset (bba + buflen, bit, CLOCK / 2); + buflen += (CLOCK / 2); + memset (bba + buflen, bit^1,CLOCK / 2); + buflen += (CLOCK / 2); +} + +void ConstructEM410xEmulBuf(uint64_t id) { + + int i, j, binary[4], parity[4]; + buflen = 0; + for (i = 0; i < 9; i++) + FillBuff(1); + parity[0] = parity[1] = parity[2] = parity[3] = 0; + for (i = 0; i < 10; i++) { + for (j = 3; j >= 0; j--, id /= 2) + binary[j] = id % 2; + for (j = 0; j < 4; j++) + FillBuff(binary[j]); + FillBuff(binary[0] ^ binary[1] ^ binary[2] ^ binary[3]); + for (j = 0; j < 4; j++) + parity[j] ^= binary[j]; + } + for (j = 0; j < 4; j++) + FillBuff(parity[j]); + FillBuff(0); +} + +void LED_Slot(int i) { + if (slots_count > 4) { + LED(i % MAX_IND, 0); //binary indication, usefully for slots_count > 4 + } else { + LED(1 << i,0); //simple indication for slots_count <=4 + } +} + +void FlashLEDs(uint32_t speed, uint8_t times) { + for (int i = 0; i < times * 2; i++) { + LED_A_INV(); + LED_B_INV(); + LED_C_INV(); + LED_D_INV(); + SpinDelay(speed); + } +} + +#ifdef WITH_FLASH +void SaveIDtoFlash (int addr, uint64_t id) { + uint8_t b, *ptr; + for (int i = 0; i < 5; i++) { + b = (uint8_t) (id >> 8 * i & 0xff); + ptr = &b; + Flash_WriteData(addr * 5 + 4 - i,ptr,1); + } +} +#endif + +void RunMod() { + StandAloneMode(); + FpgaDownloadAndGo(FPGA_BITSTREAM_LF); + int selected = 0; + //state 0 - select slot, + // 1 - read tag to selected slot, + // 2 - simulate tag from selected slot + uint8_t state = 0; + slots_count = sizeof(low)/sizeof(low[0]); + bba = BigBuf_get_addr(); + LED_Slot(selected); + for (;;) { + WDT_HIT(); + if (data_available()) break; + int button_pressed = BUTTON_HELD(1000); + SpinDelay(300); + switch (state){ + case 0: + // Select mode + if (button_pressed == 1) { + // Long press - switch to simulate mode + SpinUp(100); + SpinOff(100); + LED_Slot(selected); + state = 2; + } else if (button_pressed < 0) { + // Click - switch to next slot + selected = (selected + 1) % slots_count; + LEDsoff(); + LED_Slot(selected); + } + break; + case 1: + // Read mode. Click - exit to select mode + CmdEM410xdemod(1, &high[selected], &low[selected], 0); + FlashLEDs(100,5); + #ifdef WITH_FLASH + SaveIDtoFlash(selected, low[selected]); + #endif + state = 0; + break; + case 2: + // Simulate mode + if (button_pressed > 0) { + // Long press - switch to read mode + SpinDown(100); + SpinOff(10); + LED_Slot(selected); + state = 1; + } else if (button_pressed < 0) { + // Click - start simulating. Click again to exit from simelate mode + LED_Slot(selected); + ConstructEM410xEmulBuf(ReversQuads(low[selected])); + FlashLEDs(100,5); + SimulateTagLowFrequency(buflen, 0, 1); + LED_Slot(selected); + state = 0; // Switch to select mode + } + break; + } + } +} diff --git a/armsrc/Standalone/lf_em4100emulV3.c b/armsrc/Standalone/lf_em4100emulV3.c new file mode 100644 index 000000000..98247c390 --- /dev/null +++ b/armsrc/Standalone/lf_em4100emulV3.c @@ -0,0 +1,197 @@ +//----------------------------------------------------------------------------- +// Artyom Gnatyuk, 2020 +// +// This code is licensed to you under the terms of the GNU GPL, version 2 or, +// at your option, any later version. See the LICENSE.txt file for the text of +// the license. +//----------------------------------------------------------------------------- +// LF emul V3 - This mode can simulate ID from selected slot, read ID to +// selected slot, write from selected slot to T5555 tag and store +// readed ID to flash (only RDV4). Also you can set predefined IDs +// in any slot. +// To recall stored ID from flash execute: +// mem dump o offset l 5 p +// where offset = 5 * selected slot +//----------------------------------------------------------------------------- +#include "standalone.h" +#include "proxmark3_arm.h" +#include "appmain.h" +#include "fpgaloader.h" +#include "lfops.h" +#include "util.h" +#include "dbprint.h" +#include "ticks.h" +#include "string.h" +#include "BigBuf.h" + +#ifdef WITH_FLASH +#include "flashmem.h" +#endif + +#define MAX_IND 16 // 4 LEDs - 2^4 combinations +#define CLOCK 64 //for 125kHz + +// low & high - array for storage IDs. Its length must be equal. +// Predefined IDs must be stored in low[]. +// In high[] must be nulls +uint64_t low[] = {0x565AF781C7,0x540053E4E2,0x1234567890,0,0,0,0,0,0,0,0,0,0,0,0,0}; +uint32_t high[] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; +uint8_t *bba,slots_count; +int buflen; + +void ModInfo(void) { + DbpString(" LF EM4100 simulate standalone V2"); +} + +uint64_t ReversQuads(uint64_t bits){ + uint64_t result = 0; + for (int i = 0; i < 16; i++){ + result += ((bits >> (60 - 4 *i)) & 0xf) << (4 * i); + } + return result >> 24; +} + +void FillBuff(uint8_t bit) { + memset (bba + buflen, bit, CLOCK / 2); + buflen += (CLOCK / 2); + memset (bba + buflen, bit^1,CLOCK / 2); + buflen += (CLOCK / 2); +} + +void ConstructEM410xEmulBuf(uint64_t id) { + + int i, j, binary[4], parity[4]; + buflen = 0; + for (i = 0; i < 9; i++) + FillBuff(1); + parity[0] = parity[1] = parity[2] = parity[3] = 0; + for (i = 0; i < 10; i++) { + for (j = 3; j >= 0; j--, id /= 2) + binary[j] = id % 2; + for (j = 0; j < 4; j++) + FillBuff(binary[j]); + FillBuff(binary[0] ^ binary[1] ^ binary[2] ^ binary[3]); + for (j = 0; j < 4; j++) + parity[j] ^= binary[j]; + } + for (j = 0; j < 4; j++) + FillBuff(parity[j]); + FillBuff(0); +} + +void LED_Slot(int i) { + if (slots_count > 4) { + LED(i % MAX_IND, 0); //binary indication, usefully for slots_count > 4 + } else { + LED(1 << i,0); //simple indication for slots_count <=4 + } +} + +void FlashLEDs(uint32_t speed, uint8_t times) { + for (int i = 0; i < times * 2; i++) { + LED_A_INV(); + LED_B_INV(); + LED_C_INV(); + LED_D_INV(); + SpinDelay(speed); + } +} + +#ifdef WITH_FLASH +void SaveIDtoFlash (int addr, uint64_t id) { + uint8_t b, *ptr; + for (int i = 0; i < 5; i++) { + b = (uint8_t) (id >> 8 * i & 0xff); + ptr = &b; + Flash_WriteData(addr * 5 + 4 - i,ptr,1); + } +} +#endif + +void RunMod() { + StandAloneMode(); + FpgaDownloadAndGo(FPGA_BITSTREAM_LF); + int selected = 0; + //state 0 - select slot + // 1 - read tag to selected slot, + // 2 - simulate tag from selected slot + // 3 - write to T5555 tag + uint8_t state = 0; + slots_count = sizeof(low)/sizeof(low[0]); + bba = BigBuf_get_addr(); + LED_Slot(selected); + for (;;) { + WDT_HIT(); + if (data_available()) break; + int button_pressed = BUTTON_HELD(1000); + SpinDelay(300); + switch (state){ + case 0: + // Select mode + if (button_pressed == 1) { + // Long press - switch to simulate mode + SpinUp(100); + SpinOff(100); + LED_Slot(selected); + state = 2; + } else if (button_pressed < 0) { + // Click - switch to next slot + selected = (selected + 1) % slots_count; + LEDsoff(); + LED_Slot(selected); + } + break; + case 1: + // Read mode. + if (button_pressed > 0) { + // Long press - switch to read mode + SpinUp(100); + SpinOff(10); + LED_Slot(selected); + state = 3; + } else if (button_pressed < 0) { + // Click - exit to select mode + CmdEM410xdemod(1, &high[selected], &low[selected], 0); + FlashLEDs(100,5); + #ifdef WITH_FLASH + SaveIDtoFlash(selected, low[selected]); + #endif + state = 0; + } + break; + case 2: + // Simulate mode + if (button_pressed > 0) { + // Long press - switch to read mode + SpinDown(100); + SpinOff(10); + LED_Slot(selected); + state = 1; + } else if (button_pressed < 0) { + // Click - start simulating. Click again to exit from simelate mode + LED_Slot(selected); + ConstructEM410xEmulBuf(ReversQuads(low[selected])); + FlashLEDs(100,5); + SimulateTagLowFrequency(buflen, 0, 1); + LED_Slot(selected); + state = 0; // Switch to select mode + } + break; + case 3: + // Write tag mode + if (button_pressed > 0) { + // Long press - switch to select mode + SpinDown(100); + SpinOff(10); + LED_Slot(selected); + state = 0; + } else if (button_pressed < 0) { + // Click - write ID to tag + WriteEM410x(0, (uint32_t) (low[selected] >> 32), (uint32_t) (low[selected] & 0xffffffff)); + LED_Slot(selected); + state = 0; // Switch to select mode + } + break; + } + } +} From a4b8c14e1e559a32cd9c24be49c23a8cdf854c02 Mon Sep 17 00:00:00 2001 From: Artem Gnatyuk Date: Sun, 8 Mar 2020 00:13:13 +0700 Subject: [PATCH 3/7] Fix version number --- armsrc/Standalone/lf_em4100emulV3.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/armsrc/Standalone/lf_em4100emulV3.c b/armsrc/Standalone/lf_em4100emulV3.c index 98247c390..b1bf0d930 100644 --- a/armsrc/Standalone/lf_em4100emulV3.c +++ b/armsrc/Standalone/lf_em4100emulV3.c @@ -40,7 +40,7 @@ uint8_t *bba,slots_count; int buflen; void ModInfo(void) { - DbpString(" LF EM4100 simulate standalone V2"); + DbpString(" LF EM4100 simulate standalone V3"); } uint64_t ReversQuads(uint64_t bits){ From 311f43172f1056fab458e3c35b1bc119b0679477 Mon Sep 17 00:00:00 2001 From: Artem Gnatyuk Date: Sat, 21 Mar 2020 15:48:16 +0700 Subject: [PATCH 4/7] LF_EM4100EMULV1 - renamed to LF_EM4100EMUL. Make more easy control. Short click - switch slot and satrt simulation LF_EM4100EMULV2 - deleted. LF_EM4100EMULV3 - renamed to LF_EM4100RWC --- armsrc/Standalone/Makefile.hal | 19 +- armsrc/Standalone/Makefile.inc | 26 +-- .../{lf_em4100emulV1.c => lf_em4100emul.c} | 31 +-- armsrc/Standalone/lf_em4100emulV3.c | 197 ------------------ .../{lf_em4100emulV2.c => lf_em4100rwc.c} | 8 +- 5 files changed, 26 insertions(+), 255 deletions(-) rename armsrc/Standalone/{lf_em4100emulV1.c => lf_em4100emul.c} (77%) delete mode 100644 armsrc/Standalone/lf_em4100emulV3.c rename armsrc/Standalone/{lf_em4100emulV2.c => lf_em4100rwc.c} (96%) diff --git a/armsrc/Standalone/Makefile.hal b/armsrc/Standalone/Makefile.hal index 776ae3f0f..fd52817db 100644 --- a/armsrc/Standalone/Makefile.hal +++ b/armsrc/Standalone/Makefile.hal @@ -35,28 +35,19 @@ define KNOWN_STANDALONE_DEFINITIONS | HF_BOG | 14a sniff with ULC/ULEV1/NTAG auth | | (RDV4 only) | storing in flashmem - Bogito | +----------------------------------------------------------+ -| HF_14ASNIFF | 14a sniff to flashmem | -| (RDV4 only) | | -+----------------------------------------------------------+ -| LF_ICEHID | LF HID collector to flashmem | -| (RDV4 only) | | -+----------------------------------------------------------+ -| LF_EM4100EMULV1 | Simulate predefined em4100 tags only | +| LF_EM4100EMUL | Simulate predefined em4100 tags only | | | | +----------------------------------------------------------+ -| LF_EM4100EMULV2 | Read/simulate em4100 tags | -| | | -+----------------------------------------------------------+ -| LF_EM4100EMULV3 | Read/simulate em4100 tags & clone it | +| LF_EM4100RWC | Read/simulate em4100 tags & clone it | | | to T555x tags | +----------------------------------------------------------+ endef -STANDALONE_MODES := LF_SAMYRUN LF_ICERUN LF_PROXBRUTE LF_HIDBRUTE LF_ICEHID LF_EM4100EMULV1 LF_EM4100EMULV2 LF_EM4100EMULV3 -STANDALONE_MODES += HF_YOUNG HF_MATTYRUN HF_COLIN HF_BOG HF_14ASNIFF +STANDALONE_MODES := LF_SAMYRUN LF_ICERUN LF_PROXBRUTE LF_HIDBRUTE LF_EM4100EMUL LF_EM4100RWC +STANDALONE_MODES += HF_YOUNG HF_MATTYRUN HF_COLIN HF_BOG STANDALONE_MODES_REQ_SMARTCARD := -STANDALONE_MODES_REQ_FLASH := HF_COLIN HF_BOG HF_14ASNIFF LF_ICEHID +STANDALONE_MODES_REQ_FLASH := HF_COLIN HF_BOG ifneq ($(filter $(STANDALONE),$(STANDALONE_MODES)),) STANDALONE_PLATFORM_DEFS += -DWITH_STANDALONE_$(STANDALONE) ifneq ($(filter $(STANDALONE),$(STANDALONE_MODES_REQ_SMARTCARD)),) diff --git a/armsrc/Standalone/Makefile.inc b/armsrc/Standalone/Makefile.inc index e7ca1bfe0..686cc66f0 100644 --- a/armsrc/Standalone/Makefile.inc +++ b/armsrc/Standalone/Makefile.inc @@ -33,23 +33,11 @@ endif ifneq (,$(findstring WITH_STANDALONE_HF_BOG,$(APP_CFLAGS))) SRC_STANDALONE = hf_bog.c endif -# WITH_STANDALONE_HF_14ASNIFF -ifneq (,$(findstring WITH_STANDALONE_HF_14ASNIFF,$(APP_CFLAGS))) - SRC_STANDALONE = hf_14asniff.c -endif -# WITH_STANDALONE_LF_ICEHID -ifneq (,$(findstring WITH_STANDALONE_LF_ICEHID,$(APP_CFLAGS))) - SRC_STANDALONE = lf_icehid.c -endif -# WITH_STANDALONE_LF_EM4100EMULV1 -ifneq (,$(findstring WITH_STANDALONE_LF_EM4100EMULV1,$(APP_CFLAGS))) - SRC_STANDALONE = lf_em4100emulV1.c -endif -# WITH_STANDALONE_LF_EM4100EMULV2 -ifneq (,$(findstring WITH_STANDALONE_LF_EM4100EMULV2,$(APP_CFLAGS))) - SRC_STANDALONE = lf_em4100emulV2.c -endif -# WITH_STANDALONE_LF_EM4100EMULV3 -ifneq (,$(findstring WITH_STANDALONE_LF_EM4100EMULV3,$(APP_CFLAGS))) - SRC_STANDALONE = lf_em4100emulV3.c +# WITH_STANDALONE_LF_EM4100EMUL +ifneq (,$(findstring WITH_STANDALONE_LF_EM4100EMUL,$(APP_CFLAGS))) + SRC_STANDALONE = lf_em4100emul.c endif +# WITH_STANDALONE_LF_EM4100RWC +ifneq (,$(findstring WITH_STANDALONE_LF_EM4100RWC,$(APP_CFLAGS))) + SRC_STANDALONE = lf_em4100rwc.c +endif \ No newline at end of file diff --git a/armsrc/Standalone/lf_em4100emulV1.c b/armsrc/Standalone/lf_em4100emul.c similarity index 77% rename from armsrc/Standalone/lf_em4100emulV1.c rename to armsrc/Standalone/lf_em4100emul.c index d132f3650..907445912 100644 --- a/armsrc/Standalone/lf_em4100emulV1.c +++ b/armsrc/Standalone/lf_em4100emul.c @@ -5,9 +5,8 @@ // at your option, any later version. See the LICENSE.txt file for the text of // the license. //----------------------------------------------------------------------------- -// LF emul V1 - Very simple mode. Simulate only predefined in low[] IDs -// Short click - change current slot -// Long press - simulate tag ID from current slot +// LF emul - Very simple mode. Simulate only predefined in low[] IDs +// Short click - select next slot and start simulation //----------------------------------------------------------------------------- #include "standalone.h" #include "proxmark3_arm.h" @@ -32,7 +31,7 @@ uint8_t *bba,slots_count; int buflen; void ModInfo(void) { - DbpString(" LF EM4100 simulate standalone V1"); + DbpString(" LF EM4100 simulator standalone mode"); } uint64_t ReversQuads(uint64_t bits){ @@ -72,6 +71,7 @@ void ConstructEM410xEmulBuf(uint64_t id) { } void LED_Slot(int i) { + LEDsoff(); if (slots_count > 4) { LED(i % MAX_IND, 0); //binary indication for slots_count > 4 } else { @@ -82,26 +82,17 @@ void LED_Slot(int i) { void RunMod() { StandAloneMode(); FpgaDownloadAndGo(FPGA_BITSTREAM_LF); - int selected = 0; + int selected = 0; //selected slot after start slots_count = sizeof(low)/sizeof(low[0]); bba = BigBuf_get_addr(); - LED_Slot(selected); for (;;) { WDT_HIT(); if (data_available()) break; - int button_pressed = BUTTON_HELD(1000); - SpinDelay(300); - if (button_pressed == 1) { - SpinUp(100); - SpinOff(10); - LED_Slot(selected); - ConstructEM410xEmulBuf(ReversQuads(low[selected])); - SimulateTagLowFrequency(buflen, 0, true); - LED_Slot(selected); - } else if (button_pressed < 0) { - selected = (selected + 1) % slots_count; - LEDsoff(); - LED_Slot(selected); - } + SpinDelay(100); + SpinUp(100); + LED_Slot(selected); + ConstructEM410xEmulBuf(ReversQuads(low[selected])); + SimulateTagLowFrequency(buflen, 0, true); + selected = (selected + 1) % slots_count; } } diff --git a/armsrc/Standalone/lf_em4100emulV3.c b/armsrc/Standalone/lf_em4100emulV3.c deleted file mode 100644 index b1bf0d930..000000000 --- a/armsrc/Standalone/lf_em4100emulV3.c +++ /dev/null @@ -1,197 +0,0 @@ -//----------------------------------------------------------------------------- -// Artyom Gnatyuk, 2020 -// -// This code is licensed to you under the terms of the GNU GPL, version 2 or, -// at your option, any later version. See the LICENSE.txt file for the text of -// the license. -//----------------------------------------------------------------------------- -// LF emul V3 - This mode can simulate ID from selected slot, read ID to -// selected slot, write from selected slot to T5555 tag and store -// readed ID to flash (only RDV4). Also you can set predefined IDs -// in any slot. -// To recall stored ID from flash execute: -// mem dump o offset l 5 p -// where offset = 5 * selected slot -//----------------------------------------------------------------------------- -#include "standalone.h" -#include "proxmark3_arm.h" -#include "appmain.h" -#include "fpgaloader.h" -#include "lfops.h" -#include "util.h" -#include "dbprint.h" -#include "ticks.h" -#include "string.h" -#include "BigBuf.h" - -#ifdef WITH_FLASH -#include "flashmem.h" -#endif - -#define MAX_IND 16 // 4 LEDs - 2^4 combinations -#define CLOCK 64 //for 125kHz - -// low & high - array for storage IDs. Its length must be equal. -// Predefined IDs must be stored in low[]. -// In high[] must be nulls -uint64_t low[] = {0x565AF781C7,0x540053E4E2,0x1234567890,0,0,0,0,0,0,0,0,0,0,0,0,0}; -uint32_t high[] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; -uint8_t *bba,slots_count; -int buflen; - -void ModInfo(void) { - DbpString(" LF EM4100 simulate standalone V3"); -} - -uint64_t ReversQuads(uint64_t bits){ - uint64_t result = 0; - for (int i = 0; i < 16; i++){ - result += ((bits >> (60 - 4 *i)) & 0xf) << (4 * i); - } - return result >> 24; -} - -void FillBuff(uint8_t bit) { - memset (bba + buflen, bit, CLOCK / 2); - buflen += (CLOCK / 2); - memset (bba + buflen, bit^1,CLOCK / 2); - buflen += (CLOCK / 2); -} - -void ConstructEM410xEmulBuf(uint64_t id) { - - int i, j, binary[4], parity[4]; - buflen = 0; - for (i = 0; i < 9; i++) - FillBuff(1); - parity[0] = parity[1] = parity[2] = parity[3] = 0; - for (i = 0; i < 10; i++) { - for (j = 3; j >= 0; j--, id /= 2) - binary[j] = id % 2; - for (j = 0; j < 4; j++) - FillBuff(binary[j]); - FillBuff(binary[0] ^ binary[1] ^ binary[2] ^ binary[3]); - for (j = 0; j < 4; j++) - parity[j] ^= binary[j]; - } - for (j = 0; j < 4; j++) - FillBuff(parity[j]); - FillBuff(0); -} - -void LED_Slot(int i) { - if (slots_count > 4) { - LED(i % MAX_IND, 0); //binary indication, usefully for slots_count > 4 - } else { - LED(1 << i,0); //simple indication for slots_count <=4 - } -} - -void FlashLEDs(uint32_t speed, uint8_t times) { - for (int i = 0; i < times * 2; i++) { - LED_A_INV(); - LED_B_INV(); - LED_C_INV(); - LED_D_INV(); - SpinDelay(speed); - } -} - -#ifdef WITH_FLASH -void SaveIDtoFlash (int addr, uint64_t id) { - uint8_t b, *ptr; - for (int i = 0; i < 5; i++) { - b = (uint8_t) (id >> 8 * i & 0xff); - ptr = &b; - Flash_WriteData(addr * 5 + 4 - i,ptr,1); - } -} -#endif - -void RunMod() { - StandAloneMode(); - FpgaDownloadAndGo(FPGA_BITSTREAM_LF); - int selected = 0; - //state 0 - select slot - // 1 - read tag to selected slot, - // 2 - simulate tag from selected slot - // 3 - write to T5555 tag - uint8_t state = 0; - slots_count = sizeof(low)/sizeof(low[0]); - bba = BigBuf_get_addr(); - LED_Slot(selected); - for (;;) { - WDT_HIT(); - if (data_available()) break; - int button_pressed = BUTTON_HELD(1000); - SpinDelay(300); - switch (state){ - case 0: - // Select mode - if (button_pressed == 1) { - // Long press - switch to simulate mode - SpinUp(100); - SpinOff(100); - LED_Slot(selected); - state = 2; - } else if (button_pressed < 0) { - // Click - switch to next slot - selected = (selected + 1) % slots_count; - LEDsoff(); - LED_Slot(selected); - } - break; - case 1: - // Read mode. - if (button_pressed > 0) { - // Long press - switch to read mode - SpinUp(100); - SpinOff(10); - LED_Slot(selected); - state = 3; - } else if (button_pressed < 0) { - // Click - exit to select mode - CmdEM410xdemod(1, &high[selected], &low[selected], 0); - FlashLEDs(100,5); - #ifdef WITH_FLASH - SaveIDtoFlash(selected, low[selected]); - #endif - state = 0; - } - break; - case 2: - // Simulate mode - if (button_pressed > 0) { - // Long press - switch to read mode - SpinDown(100); - SpinOff(10); - LED_Slot(selected); - state = 1; - } else if (button_pressed < 0) { - // Click - start simulating. Click again to exit from simelate mode - LED_Slot(selected); - ConstructEM410xEmulBuf(ReversQuads(low[selected])); - FlashLEDs(100,5); - SimulateTagLowFrequency(buflen, 0, 1); - LED_Slot(selected); - state = 0; // Switch to select mode - } - break; - case 3: - // Write tag mode - if (button_pressed > 0) { - // Long press - switch to select mode - SpinDown(100); - SpinOff(10); - LED_Slot(selected); - state = 0; - } else if (button_pressed < 0) { - // Click - write ID to tag - WriteEM410x(0, (uint32_t) (low[selected] >> 32), (uint32_t) (low[selected] & 0xffffffff)); - LED_Slot(selected); - state = 0; // Switch to select mode - } - break; - } - } -} diff --git a/armsrc/Standalone/lf_em4100emulV2.c b/armsrc/Standalone/lf_em4100rwc.c similarity index 96% rename from armsrc/Standalone/lf_em4100emulV2.c rename to armsrc/Standalone/lf_em4100rwc.c index 2b48aeced..a336112ba 100644 --- a/armsrc/Standalone/lf_em4100emulV2.c +++ b/armsrc/Standalone/lf_em4100rwc.c @@ -5,7 +5,7 @@ // at your option, any later version. See the LICENSE.txt file for the text of // the license. //----------------------------------------------------------------------------- -// LF emul V2 - This mode can simulate tag ID from selected slot and read tag ID +// LF rwc - This mode can simulate tag ID from selected slot and read tag ID // to selected slot and to flash (only RDV4). Also you can set // predefined IDs in any slot. // To recall stored ID from flash execute: @@ -39,7 +39,7 @@ uint8_t *bba,slots_count; int buflen; void ModInfo(void) { - DbpString(" LF EM4100 simulate standalone V2"); + DbpString(" LF EM4100 read/write/clone standalone mode"); } uint64_t ReversQuads(uint64_t bits){ @@ -79,6 +79,7 @@ void ConstructEM410xEmulBuf(uint64_t id) { } void LED_Slot(int i) { + LEDsoff(); if (slots_count > 4) { LED(i % MAX_IND, 0); //binary indication, usefully for slots_count > 4 } else { @@ -130,12 +131,10 @@ void RunMod() { // Long press - switch to simulate mode SpinUp(100); SpinOff(100); - LED_Slot(selected); state = 2; } else if (button_pressed < 0) { // Click - switch to next slot selected = (selected + 1) % slots_count; - LEDsoff(); LED_Slot(selected); } break; @@ -153,7 +152,6 @@ void RunMod() { if (button_pressed > 0) { // Long press - switch to read mode SpinDown(100); - SpinOff(10); LED_Slot(selected); state = 1; } else if (button_pressed < 0) { From 097595cdefdef75b0e266cda45360aaa9ba3aceb Mon Sep 17 00:00:00 2001 From: Artem Gnatyuk Date: Sat, 21 Mar 2020 21:27:57 +0700 Subject: [PATCH 5/7] [RDV4] Readed IDs store to file in spiffs --- armsrc/Standalone/lf_em4100rwc.c | 75 +++++++++++++++++++++++--------- 1 file changed, 54 insertions(+), 21 deletions(-) diff --git a/armsrc/Standalone/lf_em4100rwc.c b/armsrc/Standalone/lf_em4100rwc.c index a336112ba..08ab76cc1 100644 --- a/armsrc/Standalone/lf_em4100rwc.c +++ b/armsrc/Standalone/lf_em4100rwc.c @@ -5,12 +5,16 @@ // at your option, any later version. See the LICENSE.txt file for the text of // the license. //----------------------------------------------------------------------------- -// LF rwc - This mode can simulate tag ID from selected slot and read tag ID -// to selected slot and to flash (only RDV4). Also you can set -// predefined IDs in any slot. +// LF rwc - This mode can simulate ID from selected slot, read ID to +// selected slot, write from selected slot to T5555 tag and store +// readed ID to flash (only RDV4). Also you can set predefined IDs +// in any slot. // To recall stored ID from flash execute: -// mem dump o offset l 5 p -// where offset = 5 * selected slot +// mem spifss dump o emdump p +// or: +// mem spifss dump o emdump f emdump +// then from shell: +// hexdump emdump -e '5/1 "%02X" /0 "\n"' //----------------------------------------------------------------------------- #include "standalone.h" #include "proxmark3_arm.h" @@ -22,6 +26,7 @@ #include "ticks.h" #include "string.h" #include "BigBuf.h" +#include "spiffs.h" #ifdef WITH_FLASH #include "flashmem.h" @@ -33,13 +38,13 @@ // low & high - array for storage IDs. Its length must be equal. // Predefined IDs must be stored in low[]. // In high[] must be nulls -uint64_t low[] = {0x565AF781C7,0x540053E4E2,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; +uint64_t low[] = {0x565AF781C7,0x540053E4E2,0x1234567890,0,0,0,0,0,0,0,0,0,0,0,0,0}; uint32_t high[] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; uint8_t *bba,slots_count; int buflen; void ModInfo(void) { - DbpString(" LF EM4100 read/write/clone standalone mode"); + DbpString(" LF EM4100 simulate standalone V2"); } uint64_t ReversQuads(uint64_t bits){ @@ -99,11 +104,16 @@ void FlashLEDs(uint32_t speed, uint8_t times) { #ifdef WITH_FLASH void SaveIDtoFlash (int addr, uint64_t id) { - uint8_t b, *ptr; + uint8_t bt[5]; + char *filename = "emdump"; + rdv40_spiffs_mount(); for (int i = 0; i < 5; i++) { - b = (uint8_t) (id >> 8 * i & 0xff); - ptr = &b; - Flash_WriteData(addr * 5 + 4 - i,ptr,1); + bt[4-i] = (uint8_t) (id >> 8 * i & 0xff); + } + if (exists_in_spiffs(filename) == false){ + rdv40_spiffs_write(filename, &bt[0], 5, RDV40_SPIFFS_SAFETY_NORMAL); + } else { + rdv40_spiffs_append(filename, &bt[0], 5, RDV40_SPIFFS_SAFETY_NORMAL); } } #endif @@ -112,9 +122,10 @@ void RunMod() { StandAloneMode(); FpgaDownloadAndGo(FPGA_BITSTREAM_LF); int selected = 0; - //state 0 - select slot, + //state 0 - select slot // 1 - read tag to selected slot, // 2 - simulate tag from selected slot + // 3 - write to T5555 tag uint8_t state = 0; slots_count = sizeof(low)/sizeof(low[0]); bba = BigBuf_get_addr(); @@ -130,7 +141,7 @@ void RunMod() { if (button_pressed == 1) { // Long press - switch to simulate mode SpinUp(100); - SpinOff(100); + LED_Slot(selected); state = 2; } else if (button_pressed < 0) { // Click - switch to next slot @@ -139,13 +150,21 @@ void RunMod() { } break; case 1: - // Read mode. Click - exit to select mode - CmdEM410xdemod(1, &high[selected], &low[selected], 0); - FlashLEDs(100,5); - #ifdef WITH_FLASH - SaveIDtoFlash(selected, low[selected]); - #endif - state = 0; + // Read mode. + if (button_pressed > 0) { + // Long press - switch to read mode + SpinUp(100); + LED_Slot(selected); + state = 3; + } else if (button_pressed < 0) { + // Click - exit to select mode + CmdEM410xdemod(1, &high[selected], &low[selected], 0); + FlashLEDs(100,5); + #ifdef WITH_FLASH + SaveIDtoFlash(selected, low[selected]); + #endif + state = 0; + } break; case 2: // Simulate mode @@ -155,7 +174,7 @@ void RunMod() { LED_Slot(selected); state = 1; } else if (button_pressed < 0) { - // Click - start simulating. Click again to exit from simelate mode + // Click - start simulating. Click again to exit from simulate mode LED_Slot(selected); ConstructEM410xEmulBuf(ReversQuads(low[selected])); FlashLEDs(100,5); @@ -164,6 +183,20 @@ void RunMod() { state = 0; // Switch to select mode } break; + case 3: + // Write tag mode + if (button_pressed > 0) { + // Long press - switch to select mode + SpinDown(100); + LED_Slot(selected); + state = 0; + } else if (button_pressed < 0) { + // Click - write ID to tag + WriteEM410x(0, (uint32_t) (low[selected] >> 32), (uint32_t) (low[selected] & 0xffffffff)); + LED_Slot(selected); + state = 0; // Switch to select mode + } + break; } } } From c36d86bc010a50537d6e0a6b265ea1ee09c07c43 Mon Sep 17 00:00:00 2001 From: Artem Gnatyuk Date: Sat, 21 Mar 2020 21:39:30 +0700 Subject: [PATCH 6/7] Make style --- armsrc/Standalone/lf_em4100emul.c | 76 +++++----- armsrc/Standalone/lf_em4100rwc.c | 236 +++++++++++++++--------------- 2 files changed, 156 insertions(+), 156 deletions(-) diff --git a/armsrc/Standalone/lf_em4100emul.c b/armsrc/Standalone/lf_em4100emul.c index 907445912..f3939f923 100644 --- a/armsrc/Standalone/lf_em4100emul.c +++ b/armsrc/Standalone/lf_em4100emul.c @@ -23,36 +23,36 @@ #define CLOCK 64 //for 125kHz // low & high - array for storage IDs. Its length must be equal. -// Predefined IDs must be stored in low[]. +// Predefined IDs must be stored in low[]. // In high[] must be nulls -uint64_t low[] = {0x565A1140BE,0x365A398149,0x5555555555,0xFFFFFFFFFF}; -uint32_t high[] = {0,0,0,0}; -uint8_t *bba,slots_count; +uint64_t low[] = {0x565A1140BE, 0x365A398149, 0x5555555555, 0xFFFFFFFFFF}; +uint32_t high[] = {0, 0, 0, 0}; +uint8_t *bba, slots_count; int buflen; void ModInfo(void) { DbpString(" LF EM4100 simulator standalone mode"); } -uint64_t ReversQuads(uint64_t bits){ - uint64_t result = 0; - for (int i = 0; i < 16; i++){ - result += ((bits >> (60 - 4 *i)) & 0xf) << (4 * i); - } - return result >> 24; +uint64_t ReversQuads(uint64_t bits) { + uint64_t result = 0; + for (int i = 0; i < 16; i++) { + result += ((bits >> (60 - 4 * i)) & 0xf) << (4 * i); + } + return result >> 24; } void FillBuff(uint8_t bit) { - memset (bba + buflen, bit, CLOCK / 2); - buflen += (CLOCK / 2); - memset (bba + buflen, bit^1,CLOCK / 2); - buflen += (CLOCK / 2); + memset(bba + buflen, bit, CLOCK / 2); + buflen += (CLOCK / 2); + memset(bba + buflen, bit ^ 1, CLOCK / 2); + buflen += (CLOCK / 2); } void ConstructEM410xEmulBuf(uint64_t id) { - + int i, j, binary[4], parity[4]; - buflen = 0; + buflen = 0; for (i = 0; i < 9; i++) FillBuff(1); parity[0] = parity[1] = parity[2] = parity[3] = 0; @@ -60,39 +60,39 @@ void ConstructEM410xEmulBuf(uint64_t id) { for (j = 3; j >= 0; j--, id /= 2) binary[j] = id % 2; for (j = 0; j < 4; j++) - FillBuff(binary[j]); + FillBuff(binary[j]); FillBuff(binary[0] ^ binary[1] ^ binary[2] ^ binary[3]); for (j = 0; j < 4; j++) - parity[j] ^= binary[j]; + parity[j] ^= binary[j]; } - for (j = 0; j < 4; j++) - FillBuff(parity[j]); + for (j = 0; j < 4; j++) + FillBuff(parity[j]); FillBuff(0); } void LED_Slot(int i) { - LEDsoff(); - if (slots_count > 4) { - LED(i % MAX_IND, 0); //binary indication for slots_count > 4 - } else { - LED(1 << i,0); //simple indication for slots_count <=4 - } + LEDsoff(); + if (slots_count > 4) { + LED(i % MAX_IND, 0); //binary indication for slots_count > 4 + } else { + LED(1 << i, 0); //simple indication for slots_count <=4 + } } void RunMod() { StandAloneMode(); FpgaDownloadAndGo(FPGA_BITSTREAM_LF); - int selected = 0; //selected slot after start - slots_count = sizeof(low)/sizeof(low[0]); - bba = BigBuf_get_addr(); - for (;;) { - WDT_HIT(); + int selected = 0; //selected slot after start + slots_count = sizeof(low) / sizeof(low[0]); + bba = BigBuf_get_addr(); + for (;;) { + WDT_HIT(); if (data_available()) break; - SpinDelay(100); - SpinUp(100); - LED_Slot(selected); - ConstructEM410xEmulBuf(ReversQuads(low[selected])); - SimulateTagLowFrequency(buflen, 0, true); - selected = (selected + 1) % slots_count; - } + SpinDelay(100); + SpinUp(100); + LED_Slot(selected); + ConstructEM410xEmulBuf(ReversQuads(low[selected])); + SimulateTagLowFrequency(buflen, 0, true); + selected = (selected + 1) % slots_count; + } } diff --git a/armsrc/Standalone/lf_em4100rwc.c b/armsrc/Standalone/lf_em4100rwc.c index 08ab76cc1..b7394db69 100644 --- a/armsrc/Standalone/lf_em4100rwc.c +++ b/armsrc/Standalone/lf_em4100rwc.c @@ -5,10 +5,10 @@ // at your option, any later version. See the LICENSE.txt file for the text of // the license. //----------------------------------------------------------------------------- -// LF rwc - This mode can simulate ID from selected slot, read ID to -// selected slot, write from selected slot to T5555 tag and store +// LF rwc - This mode can simulate ID from selected slot, read ID to +// selected slot, write from selected slot to T5555 tag and store // readed ID to flash (only RDV4). Also you can set predefined IDs -// in any slot. +// in any slot. // To recall stored ID from flash execute: // mem spifss dump o emdump p // or: @@ -36,36 +36,36 @@ #define CLOCK 64 //for 125kHz // low & high - array for storage IDs. Its length must be equal. -// Predefined IDs must be stored in low[]. +// Predefined IDs must be stored in low[]. // In high[] must be nulls -uint64_t low[] = {0x565AF781C7,0x540053E4E2,0x1234567890,0,0,0,0,0,0,0,0,0,0,0,0,0}; -uint32_t high[] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; -uint8_t *bba,slots_count; +uint64_t low[] = {0x565AF781C7, 0x540053E4E2, 0x1234567890, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +uint32_t high[] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +uint8_t *bba, slots_count; int buflen; void ModInfo(void) { DbpString(" LF EM4100 simulate standalone V2"); } -uint64_t ReversQuads(uint64_t bits){ - uint64_t result = 0; - for (int i = 0; i < 16; i++){ - result += ((bits >> (60 - 4 *i)) & 0xf) << (4 * i); - } - return result >> 24; +uint64_t ReversQuads(uint64_t bits) { + uint64_t result = 0; + for (int i = 0; i < 16; i++) { + result += ((bits >> (60 - 4 * i)) & 0xf) << (4 * i); + } + return result >> 24; } void FillBuff(uint8_t bit) { - memset (bba + buflen, bit, CLOCK / 2); - buflen += (CLOCK / 2); - memset (bba + buflen, bit^1,CLOCK / 2); - buflen += (CLOCK / 2); + memset(bba + buflen, bit, CLOCK / 2); + buflen += (CLOCK / 2); + memset(bba + buflen, bit ^ 1, CLOCK / 2); + buflen += (CLOCK / 2); } void ConstructEM410xEmulBuf(uint64_t id) { - + int i, j, binary[4], parity[4]; - buflen = 0; + buflen = 0; for (i = 0; i < 9; i++) FillBuff(1); parity[0] = parity[1] = parity[2] = parity[3] = 0; @@ -73,23 +73,23 @@ void ConstructEM410xEmulBuf(uint64_t id) { for (j = 3; j >= 0; j--, id /= 2) binary[j] = id % 2; for (j = 0; j < 4; j++) - FillBuff(binary[j]); + FillBuff(binary[j]); FillBuff(binary[0] ^ binary[1] ^ binary[2] ^ binary[3]); for (j = 0; j < 4; j++) - parity[j] ^= binary[j]; + parity[j] ^= binary[j]; } - for (j = 0; j < 4; j++) - FillBuff(parity[j]); + for (j = 0; j < 4; j++) + FillBuff(parity[j]); FillBuff(0); } void LED_Slot(int i) { - LEDsoff(); - if (slots_count > 4) { - LED(i % MAX_IND, 0); //binary indication, usefully for slots_count > 4 - } else { - LED(1 << i,0); //simple indication for slots_count <=4 - } + LEDsoff(); + if (slots_count > 4) { + LED(i % MAX_IND, 0); //binary indication, usefully for slots_count > 4 + } else { + LED(1 << i, 0); //simple indication for slots_count <=4 + } } void FlashLEDs(uint32_t speed, uint8_t times) { @@ -103,100 +103,100 @@ void FlashLEDs(uint32_t speed, uint8_t times) { } #ifdef WITH_FLASH -void SaveIDtoFlash (int addr, uint64_t id) { - uint8_t bt[5]; - char *filename = "emdump"; - rdv40_spiffs_mount(); - for (int i = 0; i < 5; i++) { - bt[4-i] = (uint8_t) (id >> 8 * i & 0xff); - } - if (exists_in_spiffs(filename) == false){ - rdv40_spiffs_write(filename, &bt[0], 5, RDV40_SPIFFS_SAFETY_NORMAL); - } else { - rdv40_spiffs_append(filename, &bt[0], 5, RDV40_SPIFFS_SAFETY_NORMAL); - } +void SaveIDtoFlash(int addr, uint64_t id) { + uint8_t bt[5]; + char *filename = "emdump"; + rdv40_spiffs_mount(); + for (int i = 0; i < 5; i++) { + bt[4 - i] = (uint8_t)(id >> 8 * i & 0xff); + } + if (exists_in_spiffs(filename) == false) { + rdv40_spiffs_write(filename, &bt[0], 5, RDV40_SPIFFS_SAFETY_NORMAL); + } else { + rdv40_spiffs_append(filename, &bt[0], 5, RDV40_SPIFFS_SAFETY_NORMAL); + } } #endif void RunMod() { StandAloneMode(); FpgaDownloadAndGo(FPGA_BITSTREAM_LF); - int selected = 0; - //state 0 - select slot - // 1 - read tag to selected slot, - // 2 - simulate tag from selected slot - // 3 - write to T5555 tag - uint8_t state = 0; - slots_count = sizeof(low)/sizeof(low[0]); - bba = BigBuf_get_addr(); - LED_Slot(selected); - for (;;) { - WDT_HIT(); + int selected = 0; + //state 0 - select slot + // 1 - read tag to selected slot, + // 2 - simulate tag from selected slot + // 3 - write to T5555 tag + uint8_t state = 0; + slots_count = sizeof(low) / sizeof(low[0]); + bba = BigBuf_get_addr(); + LED_Slot(selected); + for (;;) { + WDT_HIT(); if (data_available()) break; - int button_pressed = BUTTON_HELD(1000); - SpinDelay(300); - switch (state){ - case 0: - // Select mode - if (button_pressed == 1) { - // Long press - switch to simulate mode - SpinUp(100); - LED_Slot(selected); - state = 2; - } else if (button_pressed < 0) { - // Click - switch to next slot - selected = (selected + 1) % slots_count; - LED_Slot(selected); - } - break; - case 1: - // Read mode. - if (button_pressed > 0) { - // Long press - switch to read mode - SpinUp(100); - LED_Slot(selected); - state = 3; - } else if (button_pressed < 0) { - // Click - exit to select mode - CmdEM410xdemod(1, &high[selected], &low[selected], 0); - FlashLEDs(100,5); - #ifdef WITH_FLASH - SaveIDtoFlash(selected, low[selected]); - #endif - state = 0; - } - break; - case 2: - // Simulate mode - if (button_pressed > 0) { - // Long press - switch to read mode - SpinDown(100); - LED_Slot(selected); - state = 1; - } else if (button_pressed < 0) { - // Click - start simulating. Click again to exit from simulate mode - LED_Slot(selected); - ConstructEM410xEmulBuf(ReversQuads(low[selected])); - FlashLEDs(100,5); - SimulateTagLowFrequency(buflen, 0, 1); - LED_Slot(selected); - state = 0; // Switch to select mode - } - break; - case 3: - // Write tag mode - if (button_pressed > 0) { - // Long press - switch to select mode - SpinDown(100); - LED_Slot(selected); - state = 0; - } else if (button_pressed < 0) { - // Click - write ID to tag - WriteEM410x(0, (uint32_t) (low[selected] >> 32), (uint32_t) (low[selected] & 0xffffffff)); - LED_Slot(selected); - state = 0; // Switch to select mode - } - break; - } - } + int button_pressed = BUTTON_HELD(1000); + SpinDelay(300); + switch (state) { + case 0: + // Select mode + if (button_pressed == 1) { + // Long press - switch to simulate mode + SpinUp(100); + LED_Slot(selected); + state = 2; + } else if (button_pressed < 0) { + // Click - switch to next slot + selected = (selected + 1) % slots_count; + LED_Slot(selected); + } + break; + case 1: + // Read mode. + if (button_pressed > 0) { + // Long press - switch to read mode + SpinUp(100); + LED_Slot(selected); + state = 3; + } else if (button_pressed < 0) { + // Click - exit to select mode + CmdEM410xdemod(1, &high[selected], &low[selected], 0); + FlashLEDs(100, 5); +#ifdef WITH_FLASH + SaveIDtoFlash(selected, low[selected]); +#endif + state = 0; + } + break; + case 2: + // Simulate mode + if (button_pressed > 0) { + // Long press - switch to read mode + SpinDown(100); + LED_Slot(selected); + state = 1; + } else if (button_pressed < 0) { + // Click - start simulating. Click again to exit from simulate mode + LED_Slot(selected); + ConstructEM410xEmulBuf(ReversQuads(low[selected])); + FlashLEDs(100, 5); + SimulateTagLowFrequency(buflen, 0, 1); + LED_Slot(selected); + state = 0; // Switch to select mode + } + break; + case 3: + // Write tag mode + if (button_pressed > 0) { + // Long press - switch to select mode + SpinDown(100); + LED_Slot(selected); + state = 0; + } else if (button_pressed < 0) { + // Click - write ID to tag + WriteEM410x(0, (uint32_t)(low[selected] >> 32), (uint32_t)(low[selected] & 0xffffffff)); + LED_Slot(selected); + state = 0; // Switch to select mode + } + break; + } + } } From 0abba96eb6605c90682eb4290a2aaa3617e82ebc Mon Sep 17 00:00:00 2001 From: Artem Gnatyuk Date: Sun, 22 Mar 2020 00:03:16 +0700 Subject: [PATCH 7/7] Add my modes after merging. --- armsrc/Standalone/Makefile.hal | 13 +++++++++---- armsrc/Standalone/Makefile.inc | 8 ++++++++ armsrc/Standalone/lf_em4100rwc.c | 2 +- 3 files changed, 18 insertions(+), 5 deletions(-) diff --git a/armsrc/Standalone/Makefile.hal b/armsrc/Standalone/Makefile.hal index fd52817db..5c2352aaf 100644 --- a/armsrc/Standalone/Makefile.hal +++ b/armsrc/Standalone/Makefile.hal @@ -35,19 +35,24 @@ define KNOWN_STANDALONE_DEFINITIONS | HF_BOG | 14a sniff with ULC/ULEV1/NTAG auth | | (RDV4 only) | storing in flashmem - Bogito | +----------------------------------------------------------+ +| HF_14ASNIFF | 14a sniff to flashmem | +| (RDV4 only) | | ++----------------------------------------------------------+ +| LF_ICEHID | LF HID collector to flashmem | +| (RDV4 only) | | ++----------------------------------------------------------+ | LF_EM4100EMUL | Simulate predefined em4100 tags only | | | | +----------------------------------------------------------+ | LF_EM4100RWC | Read/simulate em4100 tags & clone it | | | to T555x tags | +----------------------------------------------------------+ - endef -STANDALONE_MODES := LF_SAMYRUN LF_ICERUN LF_PROXBRUTE LF_HIDBRUTE LF_EM4100EMUL LF_EM4100RWC -STANDALONE_MODES += HF_YOUNG HF_MATTYRUN HF_COLIN HF_BOG +STANDALONE_MODES := LF_SAMYRUN LF_ICERUN LF_PROXBRUTE LF_HIDBRUTE LF_ICEHID LF_EM4100EMUL LF_EM4100RWC +STANDALONE_MODES += HF_YOUNG HF_MATTYRUN HF_COLIN HF_BOG HF_14ASNIFF STANDALONE_MODES_REQ_SMARTCARD := -STANDALONE_MODES_REQ_FLASH := HF_COLIN HF_BOG +STANDALONE_MODES_REQ_FLASH := HF_COLIN HF_BOG HF_14ASNIFF LF_ICEHID ifneq ($(filter $(STANDALONE),$(STANDALONE_MODES)),) STANDALONE_PLATFORM_DEFS += -DWITH_STANDALONE_$(STANDALONE) ifneq ($(filter $(STANDALONE),$(STANDALONE_MODES_REQ_SMARTCARD)),) diff --git a/armsrc/Standalone/Makefile.inc b/armsrc/Standalone/Makefile.inc index 686cc66f0..e5a3304a8 100644 --- a/armsrc/Standalone/Makefile.inc +++ b/armsrc/Standalone/Makefile.inc @@ -33,6 +33,14 @@ endif ifneq (,$(findstring WITH_STANDALONE_HF_BOG,$(APP_CFLAGS))) SRC_STANDALONE = hf_bog.c endif +# WITH_STANDALONE_HF_14ASNIFF +ifneq (,$(findstring WITH_STANDALONE_HF_14ASNIFF,$(APP_CFLAGS))) + SRC_STANDALONE = hf_14asniff.c +endif +# WITH_STANDALONE_LF_ICEHID +ifneq (,$(findstring WITH_STANDALONE_LF_ICEHID,$(APP_CFLAGS))) + SRC_STANDALONE = lf_icehid.c +endif # WITH_STANDALONE_LF_EM4100EMUL ifneq (,$(findstring WITH_STANDALONE_LF_EM4100EMUL,$(APP_CFLAGS))) SRC_STANDALONE = lf_em4100emul.c diff --git a/armsrc/Standalone/lf_em4100rwc.c b/armsrc/Standalone/lf_em4100rwc.c index b7394db69..a2414a6fa 100644 --- a/armsrc/Standalone/lf_em4100rwc.c +++ b/armsrc/Standalone/lf_em4100rwc.c @@ -44,7 +44,7 @@ uint8_t *bba, slots_count; int buflen; void ModInfo(void) { - DbpString(" LF EM4100 simulate standalone V2"); + DbpString(" LF EM4100 read/write/clone mode"); } uint64_t ReversQuads(uint64_t bits) {