From 50a1c63470536d96d59403f81711b341f5bf77f5 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Thu, 4 Jan 2024 19:49:59 +0100 Subject: [PATCH] improved the SEOS annotation, also added a trace file to look at --- client/src/cmdhflist.c | 37 ++++++++++++++++++++--- client/src/cmdhfseos.c | 2 +- traces/hf_seos_sniff_fc60_cn640001.trace | Bin 0 -> 1374 bytes 3 files changed, 34 insertions(+), 5 deletions(-) create mode 100644 traces/hf_seos_sniff_fc60_cn640001.trace diff --git a/client/src/cmdhflist.c b/client/src/cmdhflist.c index aaecb3e52..2765363fd 100644 --- a/client/src/cmdhflist.c +++ b/client/src/cmdhflist.c @@ -1685,10 +1685,39 @@ void annotateSeos(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize) { // it's basically a ISO14443a tag, so try annotation from there if (applyIso14443a(exp, size, cmd, cmdsize, false) != PM3_SUCCESS) { -// switch (cmd[0]) { -// default: -// break; -// }; + int pos = 0; + switch (cmd[0]) { + case 2: + case 3: + pos = 2; + break; + case 0: + pos = 1; + break; + default: + pos = 2; + break; + } + + if (memcmp(cmd + pos, "\x00\xa4\x04\x00\x0a", 5) == 0) { + snprintf(exp, size, "SELECT AID"); + } + + if (memcmp(cmd + pos, "\x80\xA5\x04\x00", 4) == 0) { + snprintf(exp, size, "SELECT ADF / OID"); + } + + if (memcmp(cmd + pos, "\x00\x87\x00\x01\x04\x7c\x02\x81\x00", 9) == 0) { + snprintf(exp, size, "GET CHALLENGE"); + } + + if (memcmp(cmd + pos, "\x00\x87\x00\x01\x2c", 5) == 0) { + snprintf(exp, size, "MUTUAL AUTHENTICATION"); + } + + if (memcmp(cmd + pos, "\x0c\xcb\x3f\xff", 4) == 0) { + snprintf(exp, size, "GET DATA"); + } // apply ISO7816 annotations? // if (annotateIso7816(exp, size, cmd, cmdsize) == 0) { diff --git a/client/src/cmdhfseos.c b/client/src/cmdhfseos.c index 896157be4..4ab7c1b15 100644 --- a/client/src/cmdhfseos.c +++ b/client/src/cmdhfseos.c @@ -112,7 +112,7 @@ static int CmdHfSeosInfo(const char *Cmd) { } static int CmdHfSeosList(const char *Cmd) { - return CmdTraceListAlias(Cmd, "hf seos", "7816"); + return CmdTraceListAlias(Cmd, "hf seos", "seos -c"); } static command_t CommandTable[] = { diff --git a/traces/hf_seos_sniff_fc60_cn640001.trace b/traces/hf_seos_sniff_fc60_cn640001.trace new file mode 100644 index 0000000000000000000000000000000000000000..78c6d60560e31fc57849615d5708fbf728b166c7 GIT binary patch literal 1374 zcma*leK6a17y$6+8$n(q*2G)SXwI(dyi}yI)>&0*s$<2xg;5o%^kOYH)}dMZ)0C89 zzt(ju$C`=I;po`PtS{Ov4CifbqT5uwW?k)uT)iKQc{$zfdi&>l&-b3^x$pCQ?^CdJ z3)FfD0^ww2>qex zMVuo%`7{l&Y{^iN^v}KS)>R1IMMpr_!&u8nJgplY$rwaXW1M8D;L}m_E<;Q|^+SwM z>^d!1B}Pjk+vN59>*mu=*Y{ku2NB7v2694T5e*FSYj)n0;V7W(_n|a0V1M|F&Bgg$U=7zAb}Y&N@Rtm zTOa^Gj0&9uf%vpxQgegLjWVX}Qdf7avymOfjfSEtWMNRR@nz z!fS=a^Mj(LVYZ0;!=Lr}q<|jA;qCxbiG$HSPqM@9{lZ0`d{NK|D20JxrjM(nkXh?TJ*zi8x zW^4Ubd-^Uc&_CrritrS>&z6;3X{y^TI4Er$At}GBr*iZBj3lQbhuRc4G-mm}SJ%|t zjcG^NNPx3+qZ@U&ubO3&vK<|h?au}8E`)s2| zvE2DVaO*>iJO0rX%2AXGLzo)P;Js&yU&`Iz+9rPV1wo>xUO%Lrs}5ZIhyiG)i#@Z+y;jdwaGacIXJ>En9Y$n_Cb+ zQa+u>*lFBh_EFxXvA^oDRbx@A?9 z(&kI*lm&DZT^wH_*4mt<%;3;K_ic^3z)Qfidl!&wJ53HtOA)3