github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-21 13:53:55 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

style

Browse source
This commit is contained in:
iceman1001 2024-02-03 16:05:58 +01:00
commit 7c6d60e7ef
15 changed files with 321 additions and 208 deletions
Download patch file Download diff file Expand all files Collapse all files

24
armsrc/iso14443b.c
View file

@ -722,16 +722,16 @@ static void TransmitFor14443b_AsTag(const uint8_t *response, uint16_t len) {
//-----------------------------------------------------------------------------
void SimulateIso14443bTag(const uint8_t *pupi) {
/*
// the only commands we understand is WUPB, AFI=0, Select All, N=1:
static const uint8_t cmdWUPB[] = { ISO14443B_REQB, 0x00, 0x08, 0x39, 0x73 };
// ... and REQB, AFI=0, Normal Request, N=1:
static const uint8_t cmdREQB[] = { ISO14443B_REQB, 0x00, 0x00, 0x71, 0xFF };
// ... and HLTB
static const uint8_t cmdHLTB[] = { 0x50, 0xff, 0xff, 0xff, 0xff };
// ... and ATTRIB
static const uint8_t cmdATTRIB[] = { ISO14443B_ATTRIB, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
*/
/*
// the only commands we understand is WUPB, AFI=0, Select All, N=1:
static const uint8_t cmdWUPB[] = { ISO14443B_REQB, 0x00, 0x08, 0x39, 0x73 };
// ... and REQB, AFI=0, Normal Request, N=1:
static const uint8_t cmdREQB[] = { ISO14443B_REQB, 0x00, 0x00, 0x71, 0xFF };
// ... and HLTB
static const uint8_t cmdHLTB[] = { 0x50, 0xff, 0xff, 0xff, 0xff };
// ... and ATTRIB
static const uint8_t cmdATTRIB[] = { ISO14443B_ATTRIB, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
*/
LED_A_ON();
// setup device.
@ -824,8 +824,8 @@ void SimulateIso14443bTag(const uint8_t *pupi) {
// REQ or WUP request in ANY state
// WUP in HALTED state
if (len == 5) {
if ( ((receivedCmd[0] == ISO14443B_REQB) && ((receivedCmd[2] & 0x08) == 0x08) && (cardSTATE == SIM_HALTED)) ||
(receivedCmd[0] == ISO14443B_REQB)) {
if (((receivedCmd[0] == ISO14443B_REQB) && ((receivedCmd[2] & 0x08) == 0x08) && (cardSTATE == SIM_HALTED)) ||
(receivedCmd[0] == ISO14443B_REQB)) {
LogTrace(receivedCmd, len, 0, 0, NULL, true);
cardSTATE = SIM_SELECTING;

2
client/src/cmdhf.c
View file

@ -121,7 +121,7 @@ int CmdHFSearch(const char *Cmd) {
// ICT
if (IfPm3Iso14443a()) {
int sel_state = infoHF14A(false, false, false);
int sel_state = infoHF14A(false, false, false);
if (sel_state > 0) {
PrintAndLogEx(SUCCESS, "\nValid " _GREEN_("ISO 14443-A tag") " found\n");
success[ISO_14443A] = true;

22
client/src/cmdhf14a.c
View file

@ -453,7 +453,7 @@ int Hf14443_4aGetCardData(iso14a_card_select_t *card) {
PrintAndLogEx(SUCCESS, " UID: " _GREEN_("%s") " ( random )", sprint_hex(card->uid, card->uidlen));
} else {
PrintAndLogEx(SUCCESS, " UID: " _GREEN_("%s"), sprint_hex(card->uid, card->uidlen));
}
}
PrintAndLogEx(SUCCESS, "ATQA: %02X %02X", card->atqa[1], card->atqa[0]);
PrintAndLogEx(SUCCESS, " SAK: %02X [%" PRIu64 "]", card->sak, resp.oldarg[0]);
if (card->ats_len < 3) { // a valid ATS consists of at least the length byte (TL) and 2 CRC bytes
@ -2575,32 +2575,32 @@ int infoHF14A(bool verbose, bool do_nack_test, bool do_aid_search) {
}
if (isMifareClassic &&
(((isMagic & MAGIC_FLAG_GEN_1A) == MAGIC_FLAG_GEN_1A) || ((isMagic & MAGIC_FLAG_GEN_1B) == MAGIC_FLAG_GEN_1B))
) {
(((isMagic & MAGIC_FLAG_GEN_1A) == MAGIC_FLAG_GEN_1A) || ((isMagic & MAGIC_FLAG_GEN_1B) == MAGIC_FLAG_GEN_1B))
) {
PrintAndLogEx(HINT, "Hint: use `" _YELLOW_("hf mf c*") "` commands when interacting");
}
if (isMifareClassic &&
((isMagic & MAGIC_FLAG_GEN_2) == MAGIC_FLAG_GEN_2)
) {
((isMagic & MAGIC_FLAG_GEN_2) == MAGIC_FLAG_GEN_2)
) {
PrintAndLogEx(HINT, "Hint: Use normal `" _YELLOW_("hf mf") "` commands when interacting");
}
if (isMifareClassic &&
((isMagic & MAGIC_FLAG_GEN_3) == MAGIC_FLAG_GEN_3)
) {
((isMagic & MAGIC_FLAG_GEN_3) == MAGIC_FLAG_GEN_3)
) {
PrintAndLogEx(HINT, "Hint: Use `" _YELLOW_("hf mf gen3*") "` commands when interacting");
}
if (isMifareClassic &&
((isMagic & MAGIC_FLAG_GEN_4GTU) == MAGIC_FLAG_GEN_4GTU)
) {
((isMagic & MAGIC_FLAG_GEN_4GTU) == MAGIC_FLAG_GEN_4GTU)
) {
PrintAndLogEx(HINT, "Hint: Use `" _YELLOW_("hf mf g*") "` commands when interacting");
}
if (isMifareClassic &&
((isMagic & MAGIC_FLAG_GDM_AUTH) == MAGIC_FLAG_GDM_AUTH)
) {
((isMagic & MAGIC_FLAG_GDM_AUTH) == MAGIC_FLAG_GDM_AUTH)
) {
PrintAndLogEx(HINT, "Hint: Use `" _YELLOW_("hf mf gdm*") "` commands when interacting");
}

150
client/src/cmdhfict.c
View file

@ -87,12 +87,12 @@ static int derive_app_key(uint8_t *uid, uint8_t *app_key) {
return PM3_EINVARG;
}
/*
c = b'\x88' + uid
ch, cl = c[0:4], c[4:8]
payload = (ch + cl + cl + ch) * 2
AES.new(ICT_DESFIRE_MASTER_APPKEY, AES.MODE_CBC, iv=b'\0'*16).decrypt(payload)[16:]
*/
/*
c = b'\x88' + uid
ch, cl = c[0:4], c[4:8]
payload = (ch + cl + cl + ch) * 2
AES.new(ICT_DESFIRE_MASTER_APPKEY, AES.MODE_CBC, iv=b'\0'*16).decrypt(payload)[16:]
*/
uint8_t input[] = {0x88, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
memcpy(input + 1, uid, 7);
@ -105,16 +105,16 @@ static int derive_app_key(uint8_t *uid, uint8_t *app_key) {
uint8_t iv[16] = {0};
mbedtls_aes_context aes;
mbedtls_aes_init(&aes);
mbedtls_aes_init(&aes);
if (mbedtls_aes_setkey_enc(&aes, key, 128)) {
return PM3_ESOFT;
return PM3_ESOFT;
}
uint8_t output[8];
if (mbedtls_aes_crypt_cbc(&aes, MBEDTLS_AES_DECRYPT, sizeof(input), iv, input, output)) {
return PM3_ESOFT;
}
mbedtls_aes_free(&aes);
mbedtls_aes_free(&aes);
memcpy(app_key, output, sizeof(output));
return PM3_SUCCESS;
}
@ -133,21 +133,21 @@ static int diversify_mifare_key(uint8_t *uid, uint8_t *app_key) {
num_to_bytes(big, 4, input + 4);
uint8_t key[AES_KEY_LEN];
memset(key, 0 , sizeof(key));
memset(key, 0, sizeof(key));
// memcpy(key, ICT_DESFIRE_FILEKEY, AES_KEY_LEN);
uint8_t iv[16] = {0};
mbedtls_aes_context aes;
mbedtls_aes_init(&aes);
mbedtls_aes_init(&aes);
if (mbedtls_aes_setkey_enc(&aes, key, 128)) {
return PM3_ESOFT;
return PM3_ESOFT;
}
uint8_t output[8];
if (mbedtls_aes_crypt_cbc(&aes, MBEDTLS_AES_DECRYPT, sizeof(input), iv, input, output)) {
return PM3_ESOFT;
}
mbedtls_aes_free(&aes);
mbedtls_aes_free(&aes);
memcpy(app_key, output, sizeof(output));
return PM3_SUCCESS;
}
@ -165,16 +165,16 @@ static int decrypt_card_sector(uint8_t *uid, uint8_t *sector_data, uint8_t len,
uint8_t iv[16] = {0};
mbedtls_aes_context aes;
mbedtls_aes_init(&aes);
mbedtls_aes_init(&aes);
if (mbedtls_aes_setkey_enc(&aes, key, 128)) {
return PM3_ESOFT;
return PM3_ESOFT;
}
uint8_t output[len];
if (mbedtls_aes_crypt_cbc(&aes, MBEDTLS_AES_DECRYPT, sizeof(input), iv, input, output)) {
return PM3_ESOFT;
}
mbedtls_aes_free(&aes);
mbedtls_aes_free(&aes);
memcpy(plain, output, sizeof(output));
return PM3_SUCCESS;
@ -184,11 +184,11 @@ static int derive_mifare_key(uint8_t *uid, const uint8_t *base_key, uint8_t *app
if (uid == NULL || base_key == NULL || app_key == NULL) {
return PM3_EINVARG;
}
uint8_t diverse[MIFARE_KEY_SIZE];
diversify_mifare_key(uid, diverse);
for (uint8_t i=0; i < MIFARE_KEY_SIZE; i++) {
for (uint8_t i = 0; i < MIFARE_KEY_SIZE; i++) {
app_key[i] = base_key[i] ^ diverse[i];
}
@ -204,10 +204,10 @@ static int derive_mifare_key_b(uint8_t *uid, uint8_t *app_key) {
}
static int decrypt_card_file(uint8_t *card_file, uint8_t len, uint8_t *plain) {
if (card_file == NULL || plain == NULL) {
if (card_file == NULL || plain == NULL) {
return PM3_EINVARG;
}
uint8_t input[ICT_FILE_SIZE];
memcpy(input, card_file, len);
@ -216,11 +216,11 @@ static int decrypt_card_file(uint8_t *card_file, uint8_t len, uint8_t *plain) {
uint8_t iv[16] = {0};
mbedtls_aes_context aes;
mbedtls_aes_init(&aes);
mbedtls_aes_init(&aes);
if (mbedtls_aes_setkey_enc(&aes, key, 128)) {
return PM3_ESOFT;
}
uint8_t output[ICT_FILE_SIZE];
if (mbedtls_aes_crypt_cbc(&aes, MBEDTLS_AES_DECRYPT, ICT_FILE_SIZE, iv, input, output)) {
return PM3_ESOFT;
@ -248,16 +248,16 @@ static int encrypt_card_file(uint8_t *card_file, uint8_t len, bool padding, uint
uint8_t iv[16] = {0};
mbedtls_aes_context aes;
mbedtls_aes_init(&aes);
mbedtls_aes_init(&aes);
if (mbedtls_aes_setkey_enc(&aes, key, 128)) {
return PM3_ESOFT;
return PM3_ESOFT;
}
uint8_t output[ICT_FILE_SIZE];
if (mbedtls_aes_crypt_cbc(&aes, MBEDTLS_AES_ENCRYPT, ICT_FILE_SIZE, iv, input, output)) {
return PM3_ESOFT;
}
mbedtls_aes_free(&aes);
mbedtls_aes_free(&aes);
memcpy(enc, output, sizeof(output));
return PM3_SUCCESS;
}
@ -266,56 +266,56 @@ static void itc_decode_card_blob(uint8_t *data, uint8_t card_type) {
if (data == NULL) {
return;
}
/*
uint8_t block[16];
if (card_type == ICT_CT_NFC)
memcpy(block, data+16, sizeof(block));
else
memcpy(block, data, sizeof(block));
/*
uint8_t block[16];
if (card_type == ICT_CT_NFC)
memcpy(block, data+16, sizeof(block));
else
memcpy(block, data, sizeof(block));
uint8_t bit_count = data[8];
uint8_t bit_count = data[8];
uint8_t wiegand[32];
uint8_t wiegand[32];
if (card_type == ICT_CT_DESFIRE || card_type == ICT_CT_NFC) {
memcpy(wiegand, data + 11, 32-11);
}
if (card_type == ICT_CT_DESFIRE || card_type == ICT_CT_NFC) {
memcpy(wiegand, data + 11, 32-11);
}
if (card_type == ICT_CT_CLASSIC) {
memcpy(wiegand, data + 9, 32-9);
}
if (card_type == ICT_CT_CLASSIC) {
memcpy(wiegand, data + 9, 32-9);
}
if (bit_count == 26) {
fc, cn = decode_wiegand_26(wiegand_payload)
ct = "Wiegand 26-bit"
}
if (bit_count == 34) {
fc, cn = decode_wiegand_34(wiegand_payload)
ct = "Wiegand 34-bit"
}else {
return f"Unknown format (bitlength={bit_count})", None, None
}
if (bit_count == 26) {
fc, cn = decode_wiegand_26(wiegand_payload)
ct = "Wiegand 26-bit"
}
if (bit_count == 34) {
fc, cn = decode_wiegand_34(wiegand_payload)
ct = "Wiegand 34-bit"
}else {
return f"Unknown format (bitlength={bit_count})", None, None
}
return ct, fc, cn
*/
return ct, fc, cn
*/
}
static void itc_encode_card_blob(uint8_t facility_code, uint16_t card_number, uint8_t bit_count) {
/*
// encode wiegand ..
uint8_t wiegand[] = {0,0,0,0,0};
if (bit_count == 26) {
// wiegand_data = encode_wiegand_26(facility_code, card_number)
}
if (bit_count == 34) {
// wiegand_data = encode_wiegand_34(facility_code, card_number)
}
/*
// encode wiegand ..
uint8_t wiegand[] = {0,0,0,0,0};
if (bit_count == 26) {
// wiegand_data = encode_wiegand_26(facility_code, card_number)
}
if (bit_count == 34) {
// wiegand_data = encode_wiegand_34(facility_code, card_number)
}
// card binary blog
uint8_t blob[] = {
'@', 'I', 'C', 'T', 0x00, 0x80, 0x00, 0x00, bit_count, 0x00, bit_count
};
// return b'@ICT' + bytes([0,128,0,0,bit_count, 0, bit_count]) + wiegand_data
*/
// card binary blog
uint8_t blob[] = {
'@', 'I', 'C', 'T', 0x00, 0x80, 0x00, 0x00, bit_count, 0x00, bit_count
};
// return b'@ICT' + bytes([0,128,0,0,bit_count, 0, bit_count]) + wiegand_data
*/
}
static int ict_select(void) {
@ -463,13 +463,13 @@ static int CmdHfIctRead(const char *Cmd) {
return PM3_SUCCESS;
}
static int CmdHfIctCredential(const char * Cmd) {
static int CmdHfIctCredential(const char *Cmd) {
CLIParserContext *ctx;
CLIParserInit(&ctx, "hf ict credential",
"Read ICT sector from tag and decode",
"hf ict credential\n"
);
"Read ICT sector from tag and decode",
"hf ict credential\n"
);
void *argtable[] = {
arg_param_begin,
arg_lit0("v", "verbose", "verbose output"),
@ -487,7 +487,7 @@ static int CmdHfIctCredential(const char * Cmd) {
}
// diversified key A?
int res = mfReadSector(ICT_MIFARE_SECTOR, MF_KEY_A, ICT_MIFARE_A_KEY, data);
int res = mfReadSector(ICT_MIFARE_SECTOR, MF_KEY_A, ICT_MIFARE_A_KEY, data);
if (res != PM3_SUCCESS) {
free(data);
return res;

14
client/src/cmdhfmfp.c
View file

@ -391,10 +391,10 @@ static int CmdHFMFPInfo(const char *Cmd) {
// Plus answers 0x0B, 0x09, 0x06
// 6D00 is "INS code not supported" in APDU
if (
data[0] != 0x0B &&
data[0] != 0x09 &&
data[0] != 0x1C &&
data[0] != 0x67 &&
data[0] != 0x0B &&
data[0] != 0x09 &&
data[0] != 0x1C &&
data[0] != 0x67 &&
data[0] != 0x6D &&
data[0] != 0x6E) {
@ -403,7 +403,7 @@ static int CmdHFMFPInfo(const char *Cmd) {
}
if ((memcmp(data, "\x67\x00", 2) == 0) || // wrong length
(memcmp(data, "\x1C\x83\x0C", 3) == 0) // desfire answers
(memcmp(data, "\x1C\x83\x0C", 3) == 0) // desfire answers
) {
PrintAndLogEx(INFO, " result.... " _RED_("MIFARE DESFire"));
PrintAndLogEx(HINT, "Hint: Try " _YELLOW_("`hf mfdes info`"));
@ -418,8 +418,8 @@ static int CmdHFMFPInfo(const char *Cmd) {
PrintAndLogEx(INFO, " result.... " _GREEN_("MIFARE Plus SL0/SL3"));
}
if ((datalen > 1) &&
(data[0] == 0x09)) {
if ((datalen > 1) &&
(data[0] == 0x09)) {
SLmode = 0;
}
}

18
client/src/cmdhfmfu.c
View file

@ -482,8 +482,8 @@ static int ul_fudan_check(void) {
return MFU_TT_UL_ERROR;
}
return (resp.data.asBytes[0] == 0)
? MFU_TT_FUDAN_UL : MFU_TT_UL; //if response == 0x00 then Fudan, else Genuine NXP
return (resp.data.asBytes[0] == 0)
? MFU_TT_FUDAN_UL : MFU_TT_UL; //if response == 0x00 then Fudan, else Genuine NXP
}
static int ul_print_default(uint8_t *data, uint8_t *real_uid) {
@ -790,10 +790,10 @@ static int ulc_print_configuration(uint8_t *data) {
bool validAuth = (data[8] >= 0x03 && data[8] < 0x30);
if (validAuth)
PrintAndLogEx(INFO, "42 / 0x2A | Auth0, %s Page " _YELLOW_("%d") "/" _YELLOW_("0x%02X") " and above need authentication"
, sprint_hex(data + 8, 4)
, data[8]
, data[8]
);
, sprint_hex(data + 8, 4)
, data[8]
, data[8]
);
else {
if (data[8] == 0) {
PrintAndLogEx(INFO, "42 / 0x2A | %s Auth0 default", sprint_hex(data + 8, 4));
@ -804,9 +804,9 @@ static int ulc_print_configuration(uint8_t *data) {
}
}
PrintAndLogEx(INFO, "43 / 0x2B | %s Auth1 %s",
sprint_hex(data + 12, 4),
(data[12] & 1) ? "write access restricted" : _RED_("R/W access restricted")
);
sprint_hex(data + 12, 4),
(data[12] & 1) ? "write access restricted" : _RED_("R/W access restricted")
);
return PM3_SUCCESS;
}

2
client/src/cmdlfem4x05.c
View file

@ -76,7 +76,7 @@ static em_tech_type_t em_get_card_type(uint32_t config) {
}
static void em4x05_print_type(em_tech_type_t ct) {
switch(ct) {
switch (ct) {
case EM_4469: {
PrintAndLogEx(INFO, "Identified... " _GREEN_("EM 4469"));
break;

8
client/src/cmdlfem4x50.c
View file

@ -813,7 +813,7 @@ static int CmdEM4x50Dump(const char *Cmd) {
arg_param_begin,
arg_str0("f", "file", "<fn>", "specify dump filename"),
arg_str0("p", "pwd", "<hex>", "password, 4 hex bytes, lsb"),
arg_lit0(NULL, "ns", "no save to file"),
arg_lit0(NULL, "ns", "no save to file"),
arg_param_end
};
@ -1293,9 +1293,9 @@ static int CmdEM4x50View(const char *Cmd) {
CLIParserContext *ctx;
CLIParserInit(&ctx, "lf em 4x50 view",
"Print a EM4x50 dump file\n",
"lf em 4x50 view -f lf-4x50-01020304-dump.json"
);
"Print a EM4x50 dump file\n",
"lf em 4x50 view -f lf-4x50-01020304-dump.json"
);
void *argtable[] = {
arg_param_begin,
arg_str0("f", "file", "<fn>", "specify a filename for dump file"),

28
client/src/cmdlfhitag.c
View file

@ -243,7 +243,7 @@ static void print_hitag2_configuration(uint32_t uid, uint8_t config) {
uint8_t bits[8 + 1] = {0};
num_to_bytebits(config, 8, bits);
const char *bs = sprint_bytebits_bin(bits, 8);
//configuration byte
PrintAndLogEx(SUCCESS, "");
PrintAndLogEx(SUCCESS, "Config byte... 0x%02X", config);
@ -284,7 +284,7 @@ static void print_hitag2_configuration(uint32_t uid, uint8_t config) {
}
const char* annotation[] = {
const char *annotation[] = {
"UID", "Pwd", "Key/Pwd", "Config",
"User", "User", "User", "User",
"User", "User", "User", "User"
@ -317,7 +317,7 @@ static void print_hitag2_blocks(uint8_t *d, uint16_t n) {
}
break;
case 2:
if (config & 0x80) {
if (config & 0x80) {
if (config & 0x8) {
sprintf(lckstr, "%s", _RED_("L "));
} else {
@ -357,13 +357,13 @@ static void print_hitag2_blocks(uint8_t *d, uint16_t n) {
}
PrintAndLogEx(INFO, "%3d/0x%02X | %s| %s | %s | %s"
, i
, i
, sprint_hex(d + (i * HITAG_BLOCK_SIZE), HITAG_BLOCK_SIZE)
, sprint_ascii(d + (i * HITAG_BLOCK_SIZE), HITAG_BLOCK_SIZE)
, lckstr
, annotation[i]
);
, i
, i
, sprint_hex(d + (i * HITAG_BLOCK_SIZE), HITAG_BLOCK_SIZE)
, sprint_ascii(d + (i * HITAG_BLOCK_SIZE), HITAG_BLOCK_SIZE)
, lckstr
, annotation[i]
);
}
PrintAndLogEx(INFO, "---------+-------------+-------+-----+---------");
PrintAndLogEx(INFO, " L = Locked, "_GREEN_("RW") " = Read Write, R = Read Only");
@ -474,7 +474,7 @@ static int CmdLFHitagInfo(const char *Cmd) {
// read block3, get configuration byte.
// common configurations.
print_hitag2_configuration( uid, 0x06 );
print_hitag2_configuration(uid, 0x06);
// print_hitag2_configuration( uid, 0x0E );
// print_hitag2_configuration( uid, 0x02 );
// print_hitag2_configuration( uid, 0x00 );
@ -1061,7 +1061,7 @@ static int CmdLFHitag2Dump(const char *Cmd) {
uint8_t *data = resp.data.asBytes;
// block3, 1 byte
uint32_t uid = bytes_to_num(data, HITAG_UID_SIZE);
uint32_t uid = bytes_to_num(data, HITAG_UID_SIZE);
print_hitag2_configuration(uid, data[HITAG_BLOCK_SIZE * 3]);
print_hitag2_blocks(data, HITAG2_MAX_BYTE_SIZE);
print_hitag2_paxton(data);
@ -1134,7 +1134,7 @@ static int CmdLFHitagEload(const char *Cmd) {
CLIParserInit(&ctx, "lf hitag eload",
"Loads hitag tag dump into emulator memory on device",
"lf hitag eload -2 -f lf-hitag-11223344-dump.bin\n"
);
);
void *argtable[] = {
arg_param_begin,
arg_str1("f", "file", "<fn>", "Specify dump filename"),
@ -1209,7 +1209,7 @@ static int CmdLFHitagEview(const char *Cmd) {
);
void *argtable[] = {
arg_param_begin,
arg_lit0("v", "verbose", "Verbose output"),
arg_lit0("v", "verbose", "Verbose output"),
arg_param_end
};
CLIExecWithReturn(ctx, Cmd, argtable, true);

12
client/src/mifare/desfirecore.c
View file

@ -531,9 +531,9 @@ static int DESFIRESendRaw(bool activate_field, uint8_t *data, size_t datalen, ui
memmove(&result[0], &result[1], *result_len);
if (rcode != MFDES_S_OPERATION_OK &&
rcode != MFDES_S_SIGNATURE &&
rcode != MFDES_S_ADDITIONAL_FRAME &&
rcode != MFDES_S_NO_CHANGES) {
rcode != MFDES_S_SIGNATURE &&
rcode != MFDES_S_ADDITIONAL_FRAME &&
rcode != MFDES_S_NO_CHANGES) {
if (GetAPDULogging()) {
PrintAndLogEx(ERR, "Command (%02x) ERROR: 0x%02x", data[0], rcode);
@ -621,7 +621,7 @@ static int DesfireExchangeNative(bool activate_field, DesfireContext_t *ctx, uin
if (enable_chaining == false) {
if (rcode == MFDES_S_OPERATION_OK ||
rcode == MFDES_ADDITIONAL_FRAME) {
rcode == MFDES_ADDITIONAL_FRAME) {
if (resplen) {
*resplen = pos;
@ -656,7 +656,7 @@ static int DesfireExchangeNative(bool activate_field, DesfireContext_t *ctx, uin
}
pos += buflen;
if (rcode != MFDES_ADDITIONAL_FRAME)
if (rcode != MFDES_ADDITIONAL_FRAME)
break;
}
@ -741,7 +741,7 @@ static int DesfireExchangeISONative(bool activate_field, DesfireContext_t *ctx,
pos += buflen;
if (enable_chaining == false) {
if (sw == DESFIRE_GET_ISO_STATUS(MFDES_S_OPERATION_OK) ||
sw == DESFIRE_GET_ISO_STATUS(MFDES_ADDITIONAL_FRAME)) {
sw == DESFIRE_GET_ISO_STATUS(MFDES_ADDITIONAL_FRAME)) {
if (resplen) {
*resplen = pos;

4
client/src/mifare/mifare4.c
View file

@ -368,7 +368,7 @@ static int intExchangeRAW14aPlus(uint8_t *datain, int datainlen, bool activateFi
}
int res = ExchangeRAW14a(datain, datainlen, activateField, leaveSignalON, dataout, maxdataoutlen, dataoutlen, false);
if (g_verbose_mode) {
PrintAndLogEx(INFO, "<<< %s", sprint_hex(dataout, *dataoutlen));
}
@ -437,7 +437,7 @@ int MFPWriteBlock(mf4Session_t *mf4session, bool plain, bool nomacres, uint8_t b
if (nomacres) {
cmdb = cmdb ^ 0x01; // If we do not want MAC in reply, remove 0x01
}
if (plain) {
cmdb = cmdb ^ 0x02; // If we do not need an encrypted transmission, add 0x02
}

2
client/src/mifare/mifarehost.c
View file

@ -1390,7 +1390,7 @@ int detect_classic_static_encrypted_nonce(uint8_t block_no, uint8_t key_type, ui
}
// try to see if card responses to "Chinese magic backdoor" commands.
// returns flag
// returns flag
uint16_t detect_mf_magic(bool is_mfc, uint8_t key_type, uint64_t key) {
PacketResponseNG resp;

33
client/src/pm3line_vocabulary.h
View file

@ -261,17 +261,6 @@ const static vocabulary_t vocabulary[] = {
{ 0, "hf gallagher delete" },
{ 1, "hf gallagher diversifykey" },
{ 1, "hf gallagher decode" },
{ 1, "hf ksx6924 help" },
{ 0, "hf ksx6924 select" },
{ 0, "hf ksx6924 info" },
{ 0, "hf ksx6924 balance" },
{ 0, "hf ksx6924 init" },
{ 0, "hf ksx6924 prec" },
{ 1, "hf jooki help" },
{ 0, "hf jooki clone" },
{ 1, "hf jooki decode" },
{ 1, "hf jooki encode" },
{ 0, "hf jooki sim" },
{ 1, "hf iclass help" },
{ 1, "hf iclass list" },
{ 0, "hf iclass dump" },
@ -299,6 +288,22 @@ const static vocabulary_t vocabulary[] = {
{ 1, "hf iclass managekeys" },
{ 1, "hf iclass permutekey" },
{ 0, "hf iclass sam" },
{ 1, "hf ict help" },
{ 0, "hf ict credential" },
{ 0, "hf ict info" },
{ 1, "hf ict list" },
{ 1, "hf ict reader" },
{ 1, "hf jooki help" },
{ 0, "hf jooki clone" },
{ 1, "hf jooki decode" },
{ 1, "hf jooki encode" },
{ 0, "hf jooki sim" },
{ 1, "hf ksx6924 help" },
{ 0, "hf ksx6924 select" },
{ 0, "hf ksx6924 info" },
{ 0, "hf ksx6924 balance" },
{ 0, "hf ksx6924 init" },
{ 0, "hf ksx6924 prec" },
{ 1, "hf legic help" },
{ 0, "hf legic dump" },
{ 0, "hf legic info" },
@ -529,6 +534,7 @@ const static vocabulary_t vocabulary[] = {
{ 0, "hw readmem" },
{ 0, "hw reset" },
{ 0, "hw setlfdivisor" },
{ 0, "hw sethfthresh" },
{ 0, "hw setmux" },
{ 0, "hw standalone" },
{ 0, "hw status" },
@ -595,9 +601,10 @@ const static vocabulary_t vocabulary[] = {
{ 0, "lf em 4x50 rdbl" },
{ 0, "lf em 4x50 reader" },
{ 0, "lf em 4x50 restore" },
{ 1, "lf em 4x50 view" },
{ 0, "lf em 4x50 wipe" },
{ 0, "lf em 4x50 wrbl" },
{ 0, "lf em 4x50 wrpwd" },
{ 0, "lf em 4x50 wipe" },
{ 0, "lf em 4x50 eload" },
{ 0, "lf em 4x50 esave" },
{ 0, "lf em 4x50 eview" },
@ -637,11 +644,13 @@ const static vocabulary_t vocabulary[] = {
{ 0, "lf hitag info" },
{ 0, "lf hitag dump" },
{ 0, "lf hitag read" },
{ 1, "lf hitag view" },
{ 0, "lf hitag wrbl" },
{ 0, "lf hitag sniff" },
{ 0, "lf hitag cc" },
{ 0, "lf hitag ta" },
{ 0, "lf hitag eload" },
{ 0, "lf hitag eview" },
{ 0, "lf hitag sim" },
{ 1, "lf idteck help" },
{ 1, "lf idteck demod" },

114
doc/commands.json
View file

@ -3056,7 +3056,7 @@
},
"hf help": {
"command": "hf help",
"description": "-------- ----------------------- High Frequency ----------------------- 14a { ISO14443A RFIDs... } 14b { ISO14443B RFIDs... } 15 { ISO15693 RFIDs... } cipurse { Cipurse transport Cards... } epa { German Identification Card... } emrtd { Machine Readable Travel Document... } felica { ISO18092 / FeliCa RFIDs... } fido { FIDO and FIDO2 authenticators... } fudan { Fudan RFIDs... } gallagher { Gallagher DESFire RFIDs... } ksx6924 { KS X 6924 (T-Money, Snapper+) RFIDs } jooki { Jooki RFIDs... } iclass { ICLASS RFIDs... } legic { LEGIC RFIDs... } lto { LTO Cartridge Memory RFIDs... } mf { MIFARE RFIDs... } mfp { MIFARE Plus RFIDs... } mfu { MIFARE Ultralight RFIDs... } mfdes { MIFARE Desfire RFIDs... } ntag424 { NXP NTAG 4242 DNA RFIDs... } seos { SEOS RFIDs... } st25ta { ST25TA RFIDs... } tesla { TESLA Cards... } texkom { Texkom RFIDs... } thinfilm { Thinfilm RFIDs... } topaz { TOPAZ (NFC Type 1) RFIDs... } vas { Apple Value Added Service } waveshare { Waveshare NFC ePaper... } xerox { Fuji/Xerox cartridge RFIDs... } ----------- --------------------- General --------------------- help This help list List protocol data in trace buffer search Search for known HF tags --------------------------------------------------------------------------------------- hf list available offline: yes Alias of `trace list -t raw` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol",
"description": "-------- ----------------------- High Frequency ----------------------- 14a { ISO14443A RFIDs... } 14b { ISO14443B RFIDs... } 15 { ISO15693 RFIDs... } cipurse { Cipurse transport Cards... } epa { German Identification Card... } emrtd { Machine Readable Travel Document... } felica { ISO18092 / FeliCa RFIDs... } fido { FIDO and FIDO2 authenticators... } fudan { Fudan RFIDs... } gallagher { Gallagher DESFire RFIDs... } iclass { ICLASS RFIDs... } ict { ICT MFC/DESfire RFIDs... } jooki { Jooki RFIDs... } ksx6924 { KS X 6924 (T-Money, Snapper+) RFIDs } legic { LEGIC RFIDs... } lto { LTO Cartridge Memory RFIDs... } mf { MIFARE RFIDs... } mfp { MIFARE Plus RFIDs... } mfu { MIFARE Ultralight RFIDs... } mfdes { MIFARE Desfire RFIDs... } ntag424 { NXP NTAG 4242 DNA RFIDs... } seos { SEOS RFIDs... } st25ta { ST25TA RFIDs... } tesla { TESLA Cards... } texkom { Texkom RFIDs... } thinfilm { Thinfilm RFIDs... } topaz { TOPAZ (NFC Type 1) RFIDs... } vas { Apple Value Added Service } waveshare { Waveshare NFC ePaper... } xerox { Fuji/Xerox cartridge RFIDs... } ----------- --------------------- General --------------------- help This help list List protocol data in trace buffer search Search for known HF tags --------------------------------------------------------------------------------------- hf list available offline: yes Alias of `trace list -t raw` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol",
"notes": [
"hf list --frame -> show frame delay times",
"hf list -1 -> use trace buffer"
@ -3564,6 +3564,52 @@
],
"usage": "hf iclass wrbl [-hv] [-k <hex>] [--ki <dec>] --blk <dec> -d <hex> [-m <hex>] [--credit] [--elite] [--raw] [--nr] [--shallow]"
},
"hf ict help": {
"command": "hf ict help",
"description": "help This help list List ICT history reader Act like an IS14443-a reader --------------------------------------------------------------------------------------- hf ict credential available offline: no Read ICT sector from tag and decode",
"notes": [
"hf ict credential"
],
"offline": true,
"options": [
"-h, --help This help",
"-v, --verbose verbose output"
],
"usage": "hf ict credential [-hv]"
},
"hf ict info": {
"command": "hf ict info",
"description": "Get info from ICT encoded credential tags (MIFARE Classic / DESfire)",
"notes": [
"hf ict info"
],
"offline": false,
"options": [
"-h, --help This help"
],
"usage": "hf ict info [-h]"
},
"hf ict list": {
"command": "hf ict list",
"description": "Alias of `trace list -t 14a -c` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol",
"notes": [
"hf ict list --frame -> show frame delay times",
"hf ict list -1 -> use trace buffer"
],
"offline": true,
"options": [
"-h, --help This help",
"-1, --buffer use data from trace buffer",
"--frame show frame delay times",
"-c mark CRC bytes",
"-r show relative times (gap and duration)",
"-u display times in microseconds instead of clock cycles",
"-x show hexdump to convert to pcap(ng)",
"or to import into Wireshark using encapsulation type \"ISO 14443\"",
"-f, --file <fn> filename of dictionary"
],
"usage": "hf ict list [-h1crux] [--frame] [-f <fn>]"
},
"hf jooki decode": {
"command": "hf jooki decode",
"description": "Decode a base64-encode Jooki token in NDEF URI format",
@ -8177,9 +8223,9 @@
"command": "lf cmdread",
"description": "Modulate LF reader field to send command before read. All periods in microseconds. - use `lf config` to set parameters",
"notes": [
"lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W00110 -> probing for Hitag 1/S",
"lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W11000 -> probing for Hitag 2",
"lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W11000 -s 2000 -@ -> probing for Hitag 2, oscilloscope style",
"lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W00110 -> probing for Hitag1/S",
"lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W11000 -> probing for Hitag2",
"lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W11000 -s 2000 -@ -> probing for Hitag2, oscilloscope style",
"lf cmdread -d 48 -z 112 -o 176 -e W3000 -e S240 -e E336 -c W0S00000010000E -> probing for Hitag (us)"
],
"offline": false,
@ -8523,7 +8569,7 @@
},
"lf em 4x05 view": {
"command": "lf em 4x05 view",
"description": "Print a EM4205/4305/4369/4469 dump file (bin/eml/json) note: We don't track if password is known in current dump file formats. All zeros password block might be filler data",
"description": "Print a EM4205/4305/4369/4469 dump file note: We don't track if password is known in current dump file formats. All zeros password block might be filler data",
"notes": [
"lf em 4x05 view -f lf-4x05-01020304-dump.json"
],
@ -8599,9 +8645,10 @@
"options": [
"-h, --help This help",
"-f, --file <fn> specify dump filename",
"-p, --pwd <hex> password, 4 hex bytes, lsb"
"-p, --pwd <hex> password, 4 hex bytes, lsb",
"--ns no save to file"
],
"usage": "lf em 4x50 dump [-h] [-f <fn>] [-p <hex>]"
"usage": "lf em 4x50 dump [-h] [-f <fn>] [-p <hex>] [--ns]"
},
"lf em 4x50 eload": {
"command": "lf em 4x50 eload",
@ -8644,7 +8691,7 @@
},
"lf em 4x50 help": {
"command": "lf em 4x50 help",
"description": "help This help ----------- --------------------- operations --------------------- ----------- --------------------- simulation --------------------- --------------------------------------------------------------------------------------- lf em 4x50 brute available offline: no Tries to bruteforce the password of a EM4x50 card. Function can be stopped by pressing pm3 button.",
"description": "help This help ----------- --------------------- operations --------------------- view Display content from tag dump file ----------- --------------------- simulation --------------------- --------------------------------------------------------------------------------------- lf em 4x50 brute available offline: no Tries to bruteforce the password of a EM4x50 card. Function can be stopped by pressing pm3 button.",
"notes": [
"lf em 4x50 brute --mode range --begin 12330000 --end 12340000 -> tries pwds from 0x12330000 to 0x12340000",
"lf em 4x50 brute --mode charset --digits --uppercase -> tries all combinations of ASCII codes for digits and uppercase letters",
@ -8751,6 +8798,19 @@
],
"usage": "lf em 4x50 sim [-h] [-p <hex>]"
},
"lf em 4x50 view": {
"command": "lf em 4x50 view",
"description": "Print a EM4x50 dump file",
"notes": [
"lf em 4x50 view -f lf-4x50-01020304-dump.json"
],
"offline": true,
"options": [
"-h, --help This help",
"-f, --file <fn> specify a filename for dump file"
],
"usage": "lf em 4x50 view [-h] [-f <fn>]"
},
"lf em 4x50 wipe": {
"command": "lf em 4x50 wipe",
"description": "Wipes EM4x50 tag by filling it with zeros, including the new password Must give a password.",
@ -9285,9 +9345,10 @@
"--nrar <hex> nonce / answer reader, 8 hex bytes",
"--crypto crypto mode",
"-k, --key <hex> key, 4 or 6 hex bytes",
"-f, --file <fn> specify file name"
"-f, --file <fn> specify file name",
"--ns no save to file"
],
"usage": "lf hitag dump [-h] [--pwd] [--nrar <hex>] [--crypto] [-k <hex>] [-f <fn>]"
"usage": "lf hitag dump [-h] [--pwd] [--nrar <hex>] [--crypto] [-k <hex>] [-f <fn>] [--ns]"
},
"lf hitag eload": {
"command": "lf hitag eload",
@ -9306,9 +9367,22 @@
],
"usage": "lf hitag eload [-h12sm] -f <fn>"
},
"lf hitag eview": {
"command": "lf hitag eview",
"description": "It displays emulator memory",
"notes": [
"lf hitag eview"
],
"offline": false,
"options": [
"-h, --help This help",
"-v, --verbose Verbose output"
],
"usage": "lf hitag eview [-hv]"
},
"lf hitag help": {
"command": "lf hitag help",
"description": "help This help list List Hitag trace history --------------------------------------------------------------------------------------- lf hitag list available offline: yes Alias of `trace list -t hitag2` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol",
"description": "help This help list List Hitag trace history view Display content from tag dump file --------------------------------------------------------------------------------------- lf hitag list available offline: yes Alias of `trace list -t hitag2` with selected protocol data to annotate trace buffer You can load a trace from file (see `trace load -h`) or it be downloaded from device by default It accepts all other arguments of `trace list`. Note that some might not be relevant for this specific protocol",
"notes": [
"lf hitag list --frame -> show frame delay times",
"lf hitag list -1 -> use trace buffer"
@ -9402,6 +9476,20 @@
],
"usage": "lf hitag sniff [-h]"
},
"lf hitag view": {
"command": "lf hitag view",
"description": "Print a HITAG dump file (bin/eml/json)",
"notes": [
"lf hitag view -f lf-hitag-01020304-dump.bin"
],
"offline": true,
"options": [
"-h, --help This help",
"-f, --file <fn> Specify a filename for dump file",
"-v, --verbose Verbose output"
],
"usage": "lf hitag view [-hv] -f <fn>"
},
"lf hitag wrbl": {
"command": "lf hitag wrbl",
"description": "Write a page in Hitag memory Crypto mode key format: ISK high + ISK low",
@ -12401,8 +12489,8 @@
}
},
"metadata": {
"commands_extracted": 714,
"commands_extracted": 721,
"extracted_by": "PM3Help2JSON v1.00",
"extracted_on": "2024-01-28T10:16:20"
"extracted_on": "2024-02-03T15:03:29"
}
}

96
doc/commands.md
View file

@ -246,8 +246,8 @@ Check column "offline" for their availability.
|`hf 15 wipe `|N |`Wipe card to zeros`
|`hf 15 wrbl `|N |`Write a block`
|`hf 15 sim `|N |`Fake an ISO-15693 tag`
|`hf 15 eload `|N |`Load image file into emulator to be used by 'sim' command`
|`hf 15 esave `|N |`Save emulator memory into image file`
|`hf 15 eload `|N |`Upload file into emulator memory`
|`hf 15 esave `|N |`Save emulator memory to file`
|`hf 15 eview `|N |`View emulator memory`
|`hf 15 slixwritepwd `|N |`Writes a password on a SLIX ISO-15693 tag`
|`hf 15 slixeasdisable `|N |`Disable EAS mode on SLIX ISO-15693 tag`
@ -378,33 +378,6 @@ Check column "offline" for their availability.
|`hf gallagher decode `|Y |`Decode Gallagher credential block`
### hf ksx6924
{ KS X 6924 (T-Money, Snapper+) RFIDs }
|command |offline |description
|------- |------- |-----------
|`hf ksx6924 help `|Y |`This help`
|`hf ksx6924 select `|N |`Select application, and leave field up`
|`hf ksx6924 info `|N |`Get info about a KS X 6924 (T-Money, Snapper+) transit card`
|`hf ksx6924 balance `|N |`Get current purse balance`
|`hf ksx6924 init `|N |`Perform transaction initialization with Mpda`
|`hf ksx6924 prec `|N |`Send proprietary get record command (CLA=90, INS=4C)`
### hf jooki
{ Jooki RFIDs... }
|command |offline |description
|------- |------- |-----------
|`hf jooki help `|Y |`This help`
|`hf jooki clone `|N |`Write a Jooki token`
|`hf jooki decode `|Y |`Decode Jooki token`
|`hf jooki encode `|Y |`Encode Jooki token`
|`hf jooki sim `|N |`Simulate Jooki token`
### hf iclass
{ ICLASS RFIDs... }
@ -426,7 +399,7 @@ Check column "offline" for their availability.
|`hf iclass loclass `|Y |`Use loclass to perform bruteforce reader attack`
|`hf iclass lookup `|Y |`Uses authentication trace to check for key in dictionary file`
|`hf iclass sim `|N |`Simulate iCLASS tag`
|`hf iclass eload `|N |`Load Picopass / iCLASS dump file into emulator memory`
|`hf iclass eload `|N |`Upload file into emulator memory`
|`hf iclass esave `|N |`Save emulator memory to file`
|`hf iclass esetblk `|N |`Set emulator memory block data`
|`hf iclass eview `|N |`View emulator memory`
@ -440,6 +413,46 @@ Check column "offline" for their availability.
|`hf iclass sam `|N |`SAM tests`
### hf ict
{ ICT MFC/DESfire RFIDs... }
|command |offline |description
|------- |------- |-----------
|`hf ict help `|Y |`This help`
|`hf ict credential `|N |`Read ICT credential and decode`
|`hf ict info `|N |`Tag information`
|`hf ict list `|Y |`List ICT history`
|`hf ict reader `|Y |`Act like an IS14443-a reader`
### hf jooki
{ Jooki RFIDs... }
|command |offline |description
|------- |------- |-----------
|`hf jooki help `|Y |`This help`
|`hf jooki clone `|N |`Write a Jooki token`
|`hf jooki decode `|Y |`Decode Jooki token`
|`hf jooki encode `|Y |`Encode Jooki token`
|`hf jooki sim `|N |`Simulate Jooki token`
### hf ksx6924
{ KS X 6924 (T-Money, Snapper+) RFIDs }
|command |offline |description
|------- |------- |-----------
|`hf ksx6924 help `|Y |`This help`
|`hf ksx6924 select `|N |`Select application, and leave field up`
|`hf ksx6924 info `|N |`Get info about a KS X 6924 (T-Money, Snapper+) transit card`
|`hf ksx6924 balance `|N |`Get current purse balance`
|`hf ksx6924 init `|N |`Perform transaction initialization with Mpda`
|`hf ksx6924 prec `|N |`Send proprietary get record command (CLA=90, INS=4C)`
### hf legic
{ LEGIC RFIDs... }
@ -456,8 +469,8 @@ Check column "offline" for their availability.
|`hf legic wipe `|N |`Wipe a LEGIC Prime tag`
|`hf legic wrbl `|N |`Write data to a LEGIC Prime tag`
|`hf legic sim `|N |`Start tag simulator`
|`hf legic eload `|N |`Load binary dump to emulator memory`
|`hf legic esave `|N |`Save emulator memory to binary file`
|`hf legic eload `|N |`Upload file into emulator memory`
|`hf legic esave `|N |`Save emulator memory to file`
|`hf legic eview `|N |`View emulator memory`
|`hf legic einfo `|N |`Display deobfuscated and decoded emulator memory`
|`hf legic crc `|Y |`Calculate Legic CRC over given bytes`
@ -519,8 +532,8 @@ Check column "offline" for their availability.
|`hf mf egetblk `|N |`Get emulator memory block`
|`hf mf egetsc `|N |`Get emulator memory sector`
|`hf mf ekeyprn `|N |`Print keys from emulator memory`
|`hf mf eload `|N |`Load from file emul dump`
|`hf mf esave `|N |`Save to file emul dump`
|`hf mf eload `|N |`Upload file into emulator memory`
|`hf mf esave `|N |`Save emulator memory to file`
|`hf mf esetblk `|N |`Set emulator memory block`
|`hf mf eview `|N |`View emulator memory`
|`hf mf cgetblk `|N |`Read block from card`
@ -597,8 +610,8 @@ Check column "offline" for their availability.
|`hf mfu view `|Y |`Display content from tag dump file`
|`hf mfu wrbl `|N |`Write block`
|`hf mfu tamper `|N |`Configure the tamper feature on an NTAG 213TT`
|`hf mfu eload `|N |`Load Ultralight dump file into emulator memory`
|`hf mfu esave `|N |`Save Ultralight dump file from emulator memory`
|`hf mfu eload `|N |`Upload file into emulator memory`
|`hf mfu esave `|N |`Save emulator memory to file`
|`hf mfu eview `|N |`View emulator memory`
|`hf mfu sim `|N |`Simulate MIFARE Ultralight from emulator memory`
|`hf mfu setpwd `|N |`Set 3DES key - Ultralight-C`
@ -935,12 +948,13 @@ Check column "offline" for their availability.
|`lf em 4x50 rdbl `|N |`Read EM4x50 word data`
|`lf em 4x50 reader `|N |`Show standard read mode data`
|`lf em 4x50 restore `|N |`Restore EM4x50 dump to tag`
|`lf em 4x50 view `|Y |`Display content from tag dump file`
|`lf em 4x50 wipe `|N |`Wipe EM4x50 tag`
|`lf em 4x50 wrbl `|N |`Write EM4x50 word data`
|`lf em 4x50 wrpwd `|N |`Change EM4x50 password`
|`lf em 4x50 wipe `|N |`Wipe EM4x50 tag`
|`lf em 4x50 eload `|N |`Upload EM4x50 dump to emulator memory`
|`lf em 4x50 eload `|N |`Upload file into emulator memory`
|`lf em 4x50 esave `|N |`Save emulator memory to file`
|`lf em 4x50 eview `|N |`View EM4x50 content in emulator memory`
|`lf em 4x50 eview `|N |`View emulator memory`
|`lf em 4x50 sim `|N |`Simulate EM4x50 tag`
@ -1025,11 +1039,13 @@ Check column "offline" for their availability.
|`lf hitag info `|N |`Hitag 2 tag information`
|`lf hitag dump `|N |`Dump Hitag 2 tag`
|`lf hitag read `|N |`Read Hitag memory`
|`lf hitag view `|Y |`Display content from tag dump file`
|`lf hitag wrbl `|N |`Write a block (page) in Hitag memory`
|`lf hitag sniff `|N |`Eavesdrop Hitag communication`
|`lf hitag cc `|N |`Hitag S: test all provided challenges`
|`lf hitag ta `|N |`Hitag 2: test all recorded authentications`
|`lf hitag eload `|N |`Load Hitag dump file into emulator memory`
|`lf hitag eload `|N |`Upload file into emulator memory`
|`lf hitag eview `|N |`View emulator memory`
|`lf hitag sim `|N |`Simulate Hitag transponder`