From 683954316a29375b99108cd042745f429831aef8 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Mon, 22 Jun 2020 13:24:33 +0200 Subject: [PATCH] chg: 'lf em 410x_watch' - now uses NG and on deviceside only --- armsrc/Standalone/lf_em4100rswb.c | 2 +- armsrc/Standalone/lf_em4100rwc.c | 2 +- armsrc/appmain.c | 5 +- armsrc/lfops.c | 43 +++++++++++------ armsrc/lfops.h | 2 +- client/src/cmdlfem4x.c | 79 ++++++++++++++----------------- include/pm3_cmd.h | 2 +- 7 files changed, 71 insertions(+), 64 deletions(-) diff --git a/armsrc/Standalone/lf_em4100rswb.c b/armsrc/Standalone/lf_em4100rswb.c index ac470ce29..b1a246e28 100644 --- a/armsrc/Standalone/lf_em4100rswb.c +++ b/armsrc/Standalone/lf_em4100rswb.c @@ -256,7 +256,7 @@ static int ExecuteMode(int mode, int slot) { //default first mode is simulate case LF_RWSB_MODE_READ: Dbprintf("[=] >> Read mode started <<"); - CmdEM410xdemod(1, &high[slot], &low[slot], 0); + CmdEM410xdemod(1, &high[slot], &low[slot]); LED_Update(mode, slot); Dbprintf("[=] >> Tag found. Saving. <<"); FlashLEDs(100, 5); diff --git a/armsrc/Standalone/lf_em4100rwc.c b/armsrc/Standalone/lf_em4100rwc.c index f69820513..0ae7e7444 100644 --- a/armsrc/Standalone/lf_em4100rwc.c +++ b/armsrc/Standalone/lf_em4100rwc.c @@ -161,7 +161,7 @@ void RunMod(void) { state = 3; } else if (button_pressed == BUTTON_SINGLE_CLICK) { // Click - exit to select mode - CmdEM410xdemod(1, &high[selected], &low[selected], 0); + CmdEM410xdemod(1, &high[selected], &low[selected]); FlashLEDs(100, 5); #ifdef WITH_FLASH SaveIDtoFlash(selected, low[selected]); diff --git a/armsrc/appmain.c b/armsrc/appmain.c index 162783489..daab76e78 100644 --- a/armsrc/appmain.c +++ b/armsrc/appmain.c @@ -824,10 +824,11 @@ static void PacketReceived(PacketCommandNG *packet) { reply_ng(CMD_LF_IO_WATCH, res, NULL, 0); break; } - case CMD_LF_EM410X_DEMOD: { + case CMD_LF_EM410X_WATCH: { uint32_t high; uint64_t low; - CmdEM410xdemod(packet->oldarg[0], &high, &low, 1); + int res = lf_em410x_watch(0, &high, &low); + reply_ng(CMD_LF_EM410X_WATCH, res, NULL, 0); break; } case CMD_LF_EM410X_WRITE: { diff --git a/armsrc/lfops.c b/armsrc/lfops.c index 3f8d8bafc..3a20bf335 100644 --- a/armsrc/lfops.c +++ b/armsrc/lfops.c @@ -1405,22 +1405,35 @@ void CmdAWIDdemodFSK(int findone, uint32_t *high, uint32_t *low, int ledcontrol) if (ledcontrol) LED_A_OFF(); } -void CmdEM410xdemod(int findone, uint32_t *high, uint64_t *low, int ledcontrol) { - uint8_t *dest = BigBuf_get_addr(); +int lf_em410x_watch(int findone, uint32_t *high, uint64_t *low) { size_t size, idx = 0; int clk = 0, invert = 0, maxErr = 20; uint32_t hi = 0; uint64_t lo = 0; + uint8_t *dest = BigBuf_get_addr(); + clear_trace(); + set_tracing(false); BigBuf_Clear_keep_EM(); LFSetupFPGAForADC(LF_DIVISOR_125, true); - while (!BUTTON_PRESS() && !data_available()) { - + int res = PM3_SUCCESS; + uint16_t interval = 0; + while (BUTTON_PRESS() == false) { WDT_HIT(); - if (ledcontrol) LED_A_ON(); + + // cancel w usb command. + if (interval == 2000) { + if (data_available()) { + res = PM3_EOPABORTED; + break; + } + interval = 0; + } else { + interval++; + } DoAcquisition_default(-1, false); @@ -1428,10 +1441,10 @@ void CmdEM410xdemod(int findone, uint32_t *high, uint64_t *low, int ledcontrol) //askdemod and manchester decode int errCnt = askdemod(dest, &size, &clk, &invert, maxErr, 0, 1); - WDT_HIT(); - if (errCnt > 50) continue; + WDT_HIT(); + errCnt = Em410xDecode(dest, &size, &idx, &hi, &lo); if (errCnt == 1) { if (size == 128) { @@ -1452,7 +1465,6 @@ void CmdEM410xdemod(int findone, uint32_t *high, uint64_t *low, int ledcontrol) } if (findone) { - if (ledcontrol) LED_A_OFF(); *high = hi; *low = lo; break; @@ -1463,8 +1475,9 @@ void CmdEM410xdemod(int findone, uint32_t *high, uint64_t *low, int ledcontrol) } FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); - DbpString("EM man/ask demod stopped"); - if (ledcontrol) LED_A_OFF(); + BigBuf_free(); + LEDsoff(); + return res; } int lf_io_watch(int findone, uint32_t *high, uint32_t *low) { @@ -1474,10 +1487,10 @@ int lf_io_watch(int findone, uint32_t *high, uint32_t *low) { uint8_t version = 0, facilitycode = 0, crc = 0; uint16_t number = 0, calccrc = 0; - size_t size = 12000; - uint8_t *dest = BigBuf_malloc(size); - + uint8_t *dest = BigBuf_get_addr(); BigBuf_Clear_keep_EM(); + clear_trace(); + set_tracing(false); // Configure to go in 125kHz listen mode LFSetupFPGAForADC(LF_DIVISOR_125, true); @@ -1501,7 +1514,7 @@ int lf_io_watch(int findone, uint32_t *high, uint32_t *low) { DoAcquisition_default(-1, false); - size = 12000; + size_t size = MIN(12000, BigBuf_max_traceLen()); //fskdemod and get start index int idx = detectIOProx(dest, &size, &dummyIdx); @@ -1563,6 +1576,8 @@ int lf_io_watch(int findone, uint32_t *high, uint32_t *low) { calccrc = 0; } FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + BigBuf_free(); + LEDsoff(); return res; } diff --git a/armsrc/lfops.h b/armsrc/lfops.h index 4bc04bf8c..f7a0230c8 100644 --- a/armsrc/lfops.h +++ b/armsrc/lfops.h @@ -37,7 +37,7 @@ void CmdNRZsimTAG(uint8_t invert, uint8_t separator, uint8_t clk, uint16_t size, void CmdHIDdemodFSK(int findone, uint32_t *high, uint32_t *low, int ledcontrol); void CmdAWIDdemodFSK(int findone, uint32_t *high, uint32_t *low, int ledcontrol); // Realtime demodulation mode for AWID26 -void CmdEM410xdemod(int findone, uint32_t *high, uint64_t *low, int ledcontrol); +int lf_em410x_watch(int findone, uint32_t *high, uint64_t *low); int lf_io_watch(int findone, uint32_t *high, uint32_t *low); void CopyHIDtoT55x7(uint32_t hi2, uint32_t hi, uint32_t lo, uint8_t longFMT); // Clone an HID card to T5557/T5567 diff --git a/client/src/cmdlfem4x.c b/client/src/cmdlfem4x.c index 40caf367b..baea5aa5d 100644 --- a/client/src/cmdlfem4x.c +++ b/client/src/cmdlfem4x.c @@ -44,13 +44,24 @@ static int usage_lf_em410x_demod(void) { PrintAndLogEx(NORMAL, " maxerror - set maximum allowed errors, default = 100."); PrintAndLogEx(NORMAL, ""); PrintAndLogEx(NORMAL, "Examples:"); - PrintAndLogEx(NORMAL, " lf em 410x_demod = demod an EM410x Tag ID from GraphBuffer"); - PrintAndLogEx(NORMAL, " lf em 410x_demod 32 = demod an EM410x Tag ID from GraphBuffer using a clock of RF/32"); - PrintAndLogEx(NORMAL, " lf em 410x_demod 32 1 = demod an EM410x Tag ID from GraphBuffer using a clock of RF/32 and inverting data"); - PrintAndLogEx(NORMAL, " lf em 410x_demod 1 = demod an EM410x Tag ID from GraphBuffer while inverting data"); - PrintAndLogEx(NORMAL, " lf em 410x_demod 64 1 0 = demod an EM410x Tag ID from GraphBuffer using a clock of RF/64 and inverting data and allowing 0 demod errors"); + PrintAndLogEx(NORMAL, _YELLOW_(" lf em 410x_demod") " = demod an EM410x Tag ID from GraphBuffer"); + PrintAndLogEx(NORMAL, _YELLOW_(" lf em 410x_demod 32") " = demod an EM410x Tag ID from GraphBuffer using a clock of RF/32"); + PrintAndLogEx(NORMAL, _YELLOW_(" lf em 410x_demod 32 1") " = demod an EM410x Tag ID from GraphBuffer using a clock of RF/32 and inverting data"); + PrintAndLogEx(NORMAL, _YELLOW_(" lf em 410x_demod 1") " = demod an EM410x Tag ID from GraphBuffer while inverting data"); + PrintAndLogEx(NORMAL, _YELLOW_(" lf em 410x_demod 64 1 0") " = demod an EM410x Tag ID from GraphBuffer using a clock of RF/64 and inverting data and allowing 0 demod errors"); return PM3_SUCCESS; } +static int usage_lf_em410x_watch(void) { + PrintAndLogEx(NORMAL, "Enables IOProx compatible reader mode printing details of scanned tags."); + PrintAndLogEx(NORMAL, "By default, values are printed and logged until the button is pressed or another USB command is issued."); + PrintAndLogEx(NORMAL, ""); + PrintAndLogEx(NORMAL, "Usage: lf em 410x_watch"); + PrintAndLogEx(NORMAL, ""); + PrintAndLogEx(NORMAL, "Examples:"); + PrintAndLogEx(NORMAL, _YELLOW_(" lf em 410x_watch")); + return PM3_SUCCESS; +} + static int usage_lf_em410x_write(void) { PrintAndLogEx(NORMAL, "Writes EM410x ID to a T55x7 / T5555 (Q5) tag"); PrintAndLogEx(NORMAL, ""); @@ -61,7 +72,7 @@ static int usage_lf_em410x_write(void) { PrintAndLogEx(NORMAL, " - 0|1 T5555 (Q5) / T55x7"); PrintAndLogEx(NORMAL, " - 16|32|40|64, optional, set R/F clock rate, defaults to 64"); PrintAndLogEx(NORMAL, "Examples:"); - PrintAndLogEx(NORMAL, " lf em 410x_write 0F0368568B 1 = write ID to t55x7 card"); + PrintAndLogEx(NORMAL, _YELLOW_(" lf em 410x_write 0F0368568B 1") " = write ID to t55x7 card"); return PM3_SUCCESS; } static int usage_lf_em410x_ws(void) { @@ -71,7 +82,7 @@ static int usage_lf_em410x_ws(void) { PrintAndLogEx(NORMAL, "Options:"); PrintAndLogEx(NORMAL, " h - this help"); PrintAndLogEx(NORMAL, "Examples:"); - PrintAndLogEx(NORMAL, " lf em 410x_spoof"); + PrintAndLogEx(NORMAL, _YELLOW_(" lf em 410x_spoof")); return PM3_SUCCESS; } static int usage_lf_em410x_sim(void) { @@ -83,8 +94,8 @@ static int usage_lf_em410x_sim(void) { PrintAndLogEx(NORMAL, " uid - uid (10 HEX symbols)"); PrintAndLogEx(NORMAL, " clock - clock (32|64) (optional)"); PrintAndLogEx(NORMAL, "Examples:"); - PrintAndLogEx(NORMAL, " lf em 410x_sim 0F0368568B"); - PrintAndLogEx(NORMAL, " lf em 410x_sim 0F0368568B 32"); + PrintAndLogEx(NORMAL, _YELLOW_(" lf em 410x_sim 0F0368568B")); + PrintAndLogEx(NORMAL, _YELLOW_(" lf em 410x_sim 0F0368568B 32")); return PM3_SUCCESS; } static int usage_lf_em410x_brute(void) { @@ -97,10 +108,10 @@ static int usage_lf_em410x_brute(void) { PrintAndLogEx(NORMAL, " d (2000) - pause delay in milliseconds between UIDs simulation, default 1000 ms (optional)"); PrintAndLogEx(NORMAL, " c (32) - clock (32|64), default 64 (optional)"); PrintAndLogEx(NORMAL, "Examples:"); - PrintAndLogEx(NORMAL, " lf em 410x_brute ids.txt"); - PrintAndLogEx(NORMAL, " lf em 410x_brute ids.txt c 32"); - PrintAndLogEx(NORMAL, " lf em 410x_brute ids.txt d 3000"); - PrintAndLogEx(NORMAL, " lf em 410x_brute ids.txt d 3000 c 32"); + PrintAndLogEx(NORMAL, _YELLOW_(" lf em 410x_brute ids.txt")); + PrintAndLogEx(NORMAL, _YELLOW_(" lf em 410x_brute ids.txt c 32")); + PrintAndLogEx(NORMAL, _YELLOW_( " lf em 410x_brute ids.txt d 3000")); + PrintAndLogEx(NORMAL, _YELLOW_(" lf em 410x_brute ids.txt d 3000 c 32")); return PM3_SUCCESS; } @@ -439,16 +450,20 @@ int AskEm410xDemod(const char *Cmd, uint32_t *hi, uint64_t *lo, bool verbose) { return PM3_ESOFT; return AskEm410xDecode(verbose, hi, lo); } -/* + // this read loops on device side. // uses the demod in lfops.c -static int CmdEM410xRead_device(const char *Cmd) { - char cmdp = tolower(param_getchar(Cmd, 0)); - uint8_t findone = (cmdp == '1') ? 1 : 0; - SendCommandMIX(CMD_LF_EM410X_DEMOD, findone, 0, 0, NULL, 0); - return PM3_SUCCESS; +static int CmdEM410xWatch(const char *Cmd) { + uint8_t ctmp = tolower(param_getchar(Cmd, 0)); + if (ctmp == 'h') return usage_lf_em410x_watch(); + clearCommandBuffer(); + SendCommandNG(CMD_LF_EM410X_WATCH, NULL, 0); + PacketResponseNG resp; + WaitForResponse(CMD_LF_EM410X_WATCH, &resp); + PrintAndLogEx(INFO, "Done"); + return resp.status; } -*/ + //by marshmellow //takes 3 arguments - clock, invert and maxErr as integers //attempts to demodulate ask while decoding manchester @@ -608,30 +623,6 @@ static int CmdEM410xBrute(const char *Cmd) { return PM3_SUCCESS; } -/* Function is equivalent of lf read + data samples + em410xread - * looped until an EM410x tag is detected - * - * Why is CmdSamples("16000")? - * TBD: Auto-grow sample size based on detected sample rate. IE: If the - * rate gets lower, then grow the number of samples - * Changed by martin, 4000 x 4 = 16000, - * see http://www.proxmark.org/forum/viewtopic.php?pid=7235#p7235 - * - * EDIT -- capture enough to get 2 complete preambles at the slowest data rate known to be used (rf/64) (64*64*2+9 = 8201) marshmellow -*/ -static int CmdEM410xWatch(const char *Cmd) { - (void)Cmd; // Cmd is not used so far - do { - if (kbd_enter_pressed()) { - PrintAndLogEx(WARNING, "\naborted via keyboard!\n"); - break; - } - lf_read(false, 12288); - - } while (CmdEM410xRead("") != PM3_SUCCESS); - return PM3_SUCCESS; -} - //currently only supports manchester modulations static int CmdEM410xWatchnSpoof(const char *Cmd) { diff --git a/include/pm3_cmd.h b/include/pm3_cmd.h index daa05d8fe..1fbc97e22 100644 --- a/include/pm3_cmd.h +++ b/include/pm3_cmd.h @@ -400,7 +400,7 @@ typedef struct { #define CMD_LF_EM4X_READWORD 0x0218 #define CMD_LF_EM4X_WRITEWORD 0x0219 #define CMD_LF_IO_WATCH 0x021A -#define CMD_LF_EM410X_DEMOD 0x021C +#define CMD_LF_EM410X_WATCH 0x021C // Sampling configuration for LF reader/sniffer #define CMD_LF_SAMPLING_SET_CONFIG 0x021D #define CMD_LF_FSK_SIMULATE 0x021E