hf legic sim -> text, use NG, report back

2025-08-20 13:23:51 -07:00 · 2020-09-06 21:41:04 +02:00 · 2020-09-06 21:41:04 +02:00 · 718e6d2ce8
commit 718e6d2ce8
parent 9d86185287
4 changed files with 76 additions and 18 deletions
--- a/armsrc/appmain.c
+++ b/armsrc/appmain.c
@ -1065,7 +1065,12 @@ static void PacketReceived(PacketCommandNG *packet) {

 #ifdef WITH_LEGICRF
        case CMD_HF_LEGIC_SIMULATE: {
-            LegicRfSimulate(packet->oldarg[0]);
+			struct p {
+				uint8_t tagtype;
+				bool send_reply;
+			} PACKED;
+			struct p *payload = (struct p *) packet->data.asBytes;
+            LegicRfSimulate(payload->tagtype, payload->send_reply);
            break;
        }
        case CMD_HF_LEGIC_WRITER: {
--- a/armsrc/legicrfsim.c
+++ b/armsrc/legicrfsim.c
@ -15,7 +15,7 @@
 #include "crc.h"                /* legic crc-4 */
 #include "legic_prng.h"         /* legic PRNG impl */
 #include "legic.h"              /* legic_card_select_t struct */
-
+#include "cmd.h"
 #include "proxmark3_arm.h"
 #include "BigBuf.h"
 #include "fpgaloader.h"
@ -295,9 +295,9 @@ static int32_t init_card(uint8_t cardtype, legic_card_select_t *p_card) {
            p_card->cmdsize = 0;
            p_card->addrsize = 0;
            p_card->cardsize = 0;
-            return 2;
+            return PM3_ESOFT;
    }
-    return 0;
+    return PM3_SUCCESS;
 }

 static void init_tag(void) {
@ -455,23 +455,37 @@ static int32_t connected_phase(legic_card_select_t *p_card) {
 // Only this function is public / called from appmain.c
 //-----------------------------------------------------------------------------

-void LegicRfSimulate(uint8_t cardtype) {
+void LegicRfSimulate(uint8_t tagtype, bool send_reply) {
    // configure ARM and FPGA
    init_tag();

+	int res = PM3_SUCCESS;
    // verify command line input
-    if (init_card(cardtype, &card) != 0) {
-        DbpString("[!] Unknown tagtype.");
+    if (init_card(tagtype, &card) != PM3_SUCCESS) {
+        DbpString("Unknown tagtype to simulate");
+		res = PM3_ESOFT;
        goto OUT;
    }

+	uint16_t counter = 0;
    LED_A_ON();
-    DbpString("[=] Starting Legic emulator, press " _YELLOW_("button") " to end");
-    while (!BUTTON_PRESS() && !data_available()) {
+
+    Dbprintf("Legic Prime, simulating uid: %02X%02X%02X%02X", legic_mem[0], legic_mem[1], legic_mem[2], legic_mem[3]);
+	
+    while (BUTTON_PRESS() == false) {
        WDT_HIT();
 		
+		if (counter >= 2000) {
+			 if (data_available()) {
+				 res = PM3_EOPABORTED;
+				 break;
+			 }
+			 counter = 0;
+		}
+		counter++;
+
        // wait for carrier, restart after timeout
-        if (!wait_for(RWD_PULSE, GetCountSspClk() + TAG_BIT_PERIOD)) {
+        if (wait_for(RWD_PULSE, GetCountSspClk() + TAG_BIT_PERIOD) == false) {
            continue;
        }

@ -481,13 +495,25 @@ void LegicRfSimulate(uint8_t cardtype) {
        }

        // conection is established, process commands until one fails
-        while (!connected_phase(&card)) {
+        while (connected_phase(&card) == false) {
            WDT_HIT();
        }
    }

 OUT:
-    DbpString("[=] Sim stopped");
+
+    if (DBGLEVEL >= DBG_ERROR) {
+        Dbprintf("Emulator stopped. Tracing: %d  trace length: %d ", get_tracing(), BigBuf_get_traceLen());
+    }
+
+    if (res == PM3_EOPABORTED)
+        DbpString("aborted by user");
+
    switch_off();
    StopTicks();
+	
+	if (send_reply)
+		reply_ng(CMD_HF_LEGIC_SIMULATE, res, NULL, 0);
+	
+	BigBuf_free_keep_EM();
 }
--- a/armsrc/legicrfsim.h
+++ b/armsrc/legicrfsim.h
@ -1,7 +1,8 @@
 //-----------------------------------------------------------------------------
 // (c) 2009 Henryk Plötz <henryk@ploetzli.ch>
 //     2018 AntiCat
-//
+//     2019 Piwi
+//     2020 Iceman
 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
 // at your option, any later version. See the LICENSE.txt file for the text of
 // the license.
@ -14,6 +15,6 @@

 #include "common.h"

-void LegicRfSimulate(uint8_t cardtype);
+void LegicRfSimulate(uint8_t tagtype, bool send_reply);

 #endif /* __LEGICRFSIM_H */
--- a/client/src/cmdhflegic.c
+++ b/client/src/cmdhflegic.c
@ -145,7 +145,7 @@ static int usage_legic_eload(void) {
    PrintAndLogEx(NORMAL, "      f <filename>    : filename w/o .bin to load");
    PrintAndLogEx(NORMAL, "");
    PrintAndLogEx(NORMAL, "Examples:");
-    PrintAndLogEx(NORMAL, _YELLOW_("      hf legic eload 2 myfile"));
+    PrintAndLogEx(NORMAL, _YELLOW_("      hf legic eload 2 f myfile"));
    return PM3_SUCCESS;
 }
 static int usage_legic_esave(void) {
@ -582,13 +582,39 @@ static int CmdLegicRdbl(const char *Cmd) {
 }

 static int CmdLegicSim(const char *Cmd) {
+
    char cmdp = tolower(param_getchar(Cmd, 0));
    if (strlen(Cmd) == 0 || cmdp == 'h') return usage_legic_sim();

-    uint64_t id = 1;
-    sscanf(Cmd, " %" SCNi64, &id);
+    struct {
+        uint8_t tagtype;
+        bool send_reply;
+    } PACKED payload;
+	
+    payload.send_reply = true;
+    payload.tagtype = param_get8ex(Cmd, 0, 1, 10);
+	if (payload.tagtype > 2 ) {
+		 return usage_legic_sim();
+	}
+	
    clearCommandBuffer();
-    SendCommandMIX(CMD_HF_LEGIC_SIMULATE, id, 0, 0, NULL, 0);
+    SendCommandNG(CMD_HF_LEGIC_SIMULATE, (uint8_t *)&payload, sizeof(payload));
+    PacketResponseNG resp;
+
+    PrintAndLogEx(INFO, "Press pm3-button to abort simulation");
+    bool keypress = kbd_enter_pressed();
+    while (keypress == false) {
+        keypress = kbd_enter_pressed();
+		
+        if (WaitForResponseTimeout(CMD_HF_LEGIC_SIMULATE, &resp, 1500)) {
+			break;
+		}
+
+	}
+	if (keypress)
+        SendCommandNG(CMD_BREAK_LOOP, NULL, 0);
+	   
+    PrintAndLogEx(INFO, "Done");
    return PM3_SUCCESS;
 }