add: 'hf 14 antifuzz' - the outline for the new functionality which fuzzes the anticollision phase ISO 14443a.

2025-08-21 05:43:48 -07:00 · 2018-02-28 13:21:47 +01:00 · 2018-02-28 13:21:47 +01:00 · 802994d30a
commit 802994d30a
parent 184ab1aeab
8 changed files with 133 additions and 11 deletions
--- a/client/cmdhf14a.c
+++ b/client/cmdhf14a.c
@ -177,6 +177,11 @@ int usage_hf_14a_apdu(void) {
 	PrintAndLogEx(NORMAL, "       -t    executes TLV decoder if it possible. TODO!!!!");
 	return 0;
 }
+int usage_hf_14a_antifuzz(void) {
+	PrintAndLogEx(NORMAL, "Usage: hf 14a antifuzz [4|7|10]");
+	PrintAndLogEx(NORMAL, "       <len>    determine which anticollision phase the command will target.");
+	return 0;
+}

 int CmdHF14AList(const char *Cmd) {
 	//PrintAndLogEx(NORMAL, "Deprecated command, use 'hf list 14a' instead");
@ -1001,16 +1006,30 @@ static int waitCmd(uint8_t iSelect) {
 	return 0;
 }

+int CmdHF14AAntiFuzz(const char *cmd) {
+	
+	if (strlen(cmd) < 1) return usage_hf_14a_antifuzz();
+
+	//	read param length
+	uint8_t arg0 = 4;
+	
+	UsbCommand c = {CMD_ANTIFUZZ_ISO_14443a, {arg0, 0, 0}};	
+	clearCommandBuffer();
+    SendCommand(&c);	
+	return 0;
+}
+
 static command_t CommandTable[] = {
-  {"help",   CmdHelp,              1, "This help"},
-  {"list",   CmdHF14AList,         0, "[Deprecated] List ISO 14443-a history"},
-  {"info",   CmdHF14AInfo,         0, "Tag information"},
-  {"reader", CmdHF14AReader,       0, "Act like an ISO14443-a reader"},
-  {"cuids",  CmdHF14ACUIDs,        0, "<n> Collect n>0 ISO14443-a UIDs in one go"},
-  {"sim",    CmdHF14ASim,          0, "<UID> -- Simulate ISO 14443-a tag"},
-  {"sniff",  CmdHF14ASniff,        0, "sniff ISO 14443-a traffic"},
-  {"apdu",   CmdHF14AAPDU,         0, "Send ISO 14443-4 APDU to tag"},
-  {"raw",    CmdHF14ACmdRaw,       0, "Send raw hex data to tag"},
+  {"help",		CmdHelp,              1, "This help"},
+  {"list",		CmdHF14AList,         0, "[Deprecated] List ISO 14443-a history"},
+  {"info",		CmdHF14AInfo,         0, "Tag information"},
+  {"reader",	CmdHF14AReader,       0, "Act like an ISO14443-a reader"},
+  {"cuids",		CmdHF14ACUIDs,        0, "<n> Collect n>0 ISO14443-a UIDs in one go"},
+  {"sim",		CmdHF14ASim,          0, "<UID> -- Simulate ISO 14443-a tag"},
+  {"sniff",		CmdHF14ASniff,        0, "sniff ISO 14443-a traffic"},
+  {"apdu",		CmdHF14AAPDU,         0, "Send ISO 14443-4 APDU to tag"},
+  {"raw",		CmdHF14ACmdRaw,       0, "Send raw hex data to tag"},
+  {"antifuzz",	CmdHF14AAntiFuzz,     0, "Fuzzing the anticollision phase.  Warning! Readers may react strange"},
  {NULL, NULL, 0, NULL}
 };

--- a/client/cmdhf14a.h
+++ b/client/cmdhf14a.h
@ -48,6 +48,7 @@ extern int CmdHF14ASim(const char *Cmd);
 extern int CmdHF14ASniff(const char *Cmd);
 extern int CmdHF14ACmdRaw(const char *Cmd);
 extern int CmdHF14ACUIDs(const char *Cmd);
+extern int CmdHF14AAntiFuzz(const char *cmd);

 extern char* getTagInfo(uint8_t uid);
 extern int ExchangeAPDU14a(uint8_t *datain, int datainlen, bool activateField, bool leaveSignalON, uint8_t *dataout, int maxdataoutlen, int *dataoutlen);									
@ -55,4 +56,5 @@ extern int ExchangeAPDU14a(uint8_t *datain, int datainlen, bool activateField, b
 extern int usage_hf_14a_sim(void);
 extern int usage_hf_14a_sniff(void);
 extern int usage_hf_14a_raw(void);
+extern int usage_hf_14a_antifuzz(void);
 #endif
--- a/client/hid-flasher/usb_cmd.h
+++ b/client/hid-flasher/usb_cmd.h
@ -130,6 +130,7 @@ typedef struct {
 #define CMD_WR_HITAG_S													  0x0375
 #define CMD_EMU_HITAG_S													  0x0376

+#define CMD_ANTIFUZZ_ISO_14443a											  0x0380
 #define CMD_SIMULATE_TAG_ISO_14443B                                       0x0381
 #define CMD_SNOOP_ISO_14443B                                              0x0382
 #define CMD_SNOOP_ISO_14443a                                              0x0383