From a4edfd1b7c13562abc56a9631516b3e4b4f3eb73 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Tue, 10 Sep 2024 19:50:12 +0200 Subject: [PATCH] identify a magic ntag 215, new model, thanks @KCSEC (@iceman1001). -v param is for verbose mode --- CHANGELOG.md | 1 + client/src/cmdhfmfu.c | 7 +++++-- client/src/emv/cmdemv.c | 4 ++-- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7f7e32d37..38ce91b77 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file. This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... ## [unreleased][unreleased] +- Added detection of a magic NTAG 215 (@iceman1001) ## [Backdoor.4.18994][2024-09-10] - Changed flashing messages to be less scary (@iceman1001) diff --git a/client/src/cmdhfmfu.c b/client/src/cmdhfmfu.c index ede2f5d85..364b12e9d 100644 --- a/client/src/cmdhfmfu.c +++ b/client/src/cmdhfmfu.c @@ -2166,9 +2166,11 @@ uint64_t GetHF14AMfU_Type(void) { NT2L1001G0DUx 0004040102000B03 NT2H1001G0DUx 0004040202000B03 NT2H1311TTDUx 0004040203000F03 - Micron UL 0034210101000E03 - Feiju NTAG 0053040201000F03 MF0AES2001DUD 0004030104000F03 + + Micron UL 0034210101000E03 + Feiju NTAG 0053040201000F03 + Feiju NTAG 215 0005340201001103 */ if (memcmp(version, "\x00\x04\x03\x01\x01\x00\x0B", 7) == 0) { tagtype = MFU_TT_UL_EV1_48; break; } @@ -2186,6 +2188,7 @@ uint64_t GetHF14AMfU_Type(void) { else if (memcmp(version, "\x00\x53\x04\x02\x01\x00\x0F", 7) == 0) { tagtype = MFU_TT_NTAG_213; break; } // Shanghai Feiju Microelectronics Co. Ltd. China (Xiaomi Air Purifier filter) else if (memcmp(version, "\x00\x04\x04\x02\x01\x01\x0F", 7) == 0) { tagtype = MFU_TT_NTAG_213_C; break; } else if (memcmp(version, "\x00\x04\x04\x02\x01\x00\x11", 7) == 0) { tagtype = MFU_TT_NTAG_215; break; } + else if (memcmp(version, "\x00\x05\x34\x02\x01\x00\x11", 7) == 0) { tagtype = MFU_TT_NTAG_215; break; } // Shanghai Feiju Microelectronics Co. Ltd. China else if (memcmp(version, "\x00\x04\x04\x02\x01\x00\x13", 7) == 0) { tagtype = MFU_TT_NTAG_216; break; } else if (memcmp(version, "\x00\x04\x04\x04\x01\x00\x0F", 7) == 0) { tagtype = MFU_TT_NTAG_213_F; break; } else if (memcmp(version, "\x00\x04\x04\x04\x01\x00\x13", 7) == 0) { tagtype = MFU_TT_NTAG_216_F; break; } diff --git a/client/src/emv/cmdemv.c b/client/src/emv/cmdemv.c index 32d73ccb1..cac12083d 100644 --- a/client/src/emv/cmdemv.c +++ b/client/src/emv/cmdemv.c @@ -1352,7 +1352,7 @@ static int CmdEMVExec(const char *Cmd) { arg_lit0("j", "jload", "Load transaction parameters from `emv_defparams.json` file"), arg_lit0(NULL, "force", "Force search AID. Search AID instead of execute PPSE"), arg_rem("By default:", "Transaction type - MSD"), - arg_lit0("v", "qvsdc", "Transaction type - qVSDC or M/Chip"), + arg_lit0(NULL, "qvsdc", "Transaction type - qVSDC or M/Chip"), arg_lit0("c", "qvsdccda", "Transaction type - qVSDC or M/Chip plus CDA (SDAD generation)"), arg_lit0("x", "vsdc", "Transaction type - VSDC. For test only. Not a standard behavior"), arg_lit0("g", "acgpo", "VISA. generate AC from GPO"), @@ -2001,7 +2001,7 @@ static int CmdEMVScan(const char *Cmd) { arg_lit0("e", "extract", "Extract TLV elements and fill Application Data"), arg_lit0("j", "jload", "Load transaction parameters from `emv_defparams.json` file"), arg_rem("By default:", "Transaction type - MSD"), - arg_lit0("v", "qvsdc", "Transaction type - qVSDC or M/Chip"), + arg_lit0(NULL, "qvsdc", "Transaction type - qVSDC or M/Chip"), arg_lit0("c", "qvsdccda", "Transaction type - qVSDC or M/Chip plus CDA (SDAD generation)"), arg_lit0("x", "vsdc", "Transaction type - VSDC. For test only. Not a standard behavior"), arg_lit0("g", "acgpo", "VISA. generate AC from GPO"),