diff --git a/client/cmdlfawid.c b/client/cmdlfawid.c index dcbcc0f7e..d27eb0287 100644 --- a/client/cmdlfawid.c +++ b/client/cmdlfawid.c @@ -191,10 +191,17 @@ static int CmdAWIDWatch(const char *Cmd) { //print full AWID Prox ID and some bit format details if found static int CmdAWIDDemod(const char *Cmd) { (void)Cmd; // Cmd is not used so far - uint8_t bits[MAX_GRAPH_TRACE_LEN] = {0}; + + uint8_t *bits = calloc(MAX_GRAPH_TRACE_LEN, sizeof(uint8_t)); + if (bits == NULL) { + PrintAndLogEx(DEBUG, "DEBUG: Error - AWID failed to allocate memory"); + return PM3_EMALLOC; + } + size_t size = getFromGraphBuf(bits); if (size == 0) { PrintAndLogEx(DEBUG, "DEBUG: Error - AWID not enough samples"); + free(bits); return PM3_ENODATA; } //get binary from fsk wave @@ -215,6 +222,7 @@ static int CmdAWIDDemod(const char *Cmd) { else PrintAndLogEx(DEBUG, "DEBUG: Error - AWID error demoding fsk %d", idx); + free(bits); return PM3_ESOFT; } @@ -243,6 +251,7 @@ static int CmdAWIDDemod(const char *Cmd) { size = removeParity(bits, idx + 8, 4, 1, 88); if (size != 66) { PrintAndLogEx(DEBUG, "DEBUG: Error - AWID at parity check-tag size does not match AWID format"); + free(bits); return PM3_ESOFT; } // ok valid card found! @@ -312,6 +321,7 @@ static int CmdAWIDDemod(const char *Cmd) { } break; } + free(bits); PrintAndLogEx(DEBUG, "DEBUG: AWID idx: %d, Len: %d Printing Demod Buffer:", idx, size); if (g_debugMode) diff --git a/client/cmdlfem4x.c b/client/cmdlfem4x.c index 92df808d1..e7ace4113 100644 --- a/client/cmdlfem4x.c +++ b/client/cmdlfem4x.c @@ -850,7 +850,6 @@ int EM4x50Read(const char *Cmd, bool verbose) { // set clock if (clk == 0) { DetectASKClock(bits, size, &clk, 0); - PrintAndLogEx(INFO, " ICE CLOCK %d", clk); if (clk == 0) { if (verbose || g_debugMode) PrintAndLogEx(ERR, "Error: EM4x50 - didn't find a clock"); return PM3_ESOFT; @@ -1139,6 +1138,20 @@ static bool detectASK_BI() { } return true; } +static bool detectNRZ() { + int ans = NRZrawDemod("0 0 1", false); + if (ans != PM3_SUCCESS) { + PrintAndLogEx(DEBUG, "DEBUG: Error - EM: NRZ normal demod failed"); + + ans = NRZrawDemod("0 1 1", false); + if (ans != PM3_SUCCESS) { + PrintAndLogEx(DEBUG, "DEBUG: Error - EM: NRZ inverted demod failed"); + return false; + } + } + + return true; +} // param: idx - start index in demoded data. static int setDemodBufferEM(uint32_t *word, size_t idx) { @@ -1161,7 +1174,7 @@ static int setDemodBufferEM(uint32_t *word, size_t idx) { return PM3_SUCCESS; } -// FSK, PSK, ASK/MANCHESTER, ASK/BIPHASE, ASK/DIPHASE +// FSK, PSK, ASK/MANCHESTER, ASK/BIPHASE, ASK/DIPHASE, NRZ // should cover 90% of known used configs // the rest will need to be manually demoded for now... static int demodEM4x05resp(uint32_t *word) { @@ -1173,6 +1186,9 @@ static int demodEM4x05resp(uint32_t *word) { if (detectASK_BI() && doPreambleSearch(&idx)) return setDemodBufferEM(word, idx); + if (detectNRZ() && doPreambleSearch(&idx)) + return setDemodBufferEM(word, idx); + if (detectFSK() && doPreambleSearch(&idx)) return setDemodBufferEM(word, idx); @@ -1214,6 +1230,13 @@ static int EM4x05ReadWord_ext(uint8_t addr, uint32_t pwd, bool usePwd, uint32_t return demodEM4x05resp(word); } +static int CmdEM4x05Demod(const char *Cmd) { +// uint8_t ctmp = tolower(param_getchar(Cmd, 0)); + // if (ctmp == 'h') return usage_lf_em4x05_demod(); + uint32_t word = 0; + return demodEM4x05resp(&word); +} + static int CmdEM4x05Dump(const char *Cmd) { uint8_t addr = 0; uint32_t pwd = 0; @@ -1223,7 +1246,7 @@ static int CmdEM4x05Dump(const char *Cmd) { uint32_t data[16]; char preferredName[FILE_PATH_SIZE] = {0}; char optchk[10]; - + while (param_getchar(Cmd, cmdp) != 0x00) { switch (tolower(param_getchar(Cmd, cmdp))) { case 'h': return usage_lf_em4x05_dump(); @@ -1235,7 +1258,7 @@ static int CmdEM4x05Dump(const char *Cmd) { cmdp+=2; break; } // if not a single 'f' dont break and flow onto default as should be password - + default : // for backwards-compatibility options should be > 'f' else assume its the hex password` // for now use default input of 1 as invalid (unlikely 1 will be a valid password...) pwd = param_get32ex(Cmd, cmdp, 1, 16); @@ -1248,20 +1271,20 @@ static int CmdEM4x05Dump(const char *Cmd) { int success = PM3_SUCCESS; int status; uint32_t lock_bits = 0x00; // no blocks locked - + uint32_t word = 0; PrintAndLogEx(NORMAL, "Addr | data | ascii |lck| info"); PrintAndLogEx(NORMAL, "-----+----------+-------+---+-----"); - + // To flag any blocks locked we need to read blocks 14 and 15 first // dont swap endin until we get block lock flags. status = EM4x05ReadWord_ext(14, pwd, usePwd, &word); if (status != PM3_SUCCESS) success = PM3_ESOFT; // If any error ensure fail is set so not to save invalid data - if (word != 0x00) + if (word != 0x00) lock_bits = word; data[14] = word; - + status = EM4x05ReadWord_ext(15, pwd, usePwd, &word); if (status != PM3_SUCCESS) success = PM3_ESOFT; // If any error ensure fail is set so not to save invalid data @@ -1270,7 +1293,7 @@ static int CmdEM4x05Dump(const char *Cmd) { data[15] = word; // Now read blocks 0 - 13 as we have 14 and 15 - for (; addr < 14; addr++) { + for (; addr < 14; addr++) { if (addr == 2) { if (usePwd) { @@ -1634,10 +1657,13 @@ static command_t CommandTable[] = { {"410x_watch", CmdEM410xWatch, IfPm3Lf, "watches for EM410x 125/134 kHz tags (option 'h' for 134)"}, {"410x_spoof", CmdEM410xWatchnSpoof, IfPm3Lf, "watches for EM410x 125/134 kHz tags, and replays them. (option 'h' for 134)" }, {"410x_write", CmdEM410xWrite, IfPm3Lf, "write EM410x UID to T5555(Q5) or T55x7 tag"}, + + {"4x05_demod", CmdEM4x05Demod, AlwaysAvailable, "demodulate a EM4x05/EM4x69 tag from the GraphBuffer"}, {"4x05_dump", CmdEM4x05Dump, IfPm3Lf, "dump EM4x05/EM4x69 tag"}, {"4x05_info", CmdEM4x05Info, IfPm3Lf, "tag information EM4x05/EM4x69"}, {"4x05_read", CmdEM4x05Read, IfPm3Lf, "read word data from EM4x05/EM4x69"}, {"4x05_write", CmdEM4x05Write, IfPm3Lf, "write word data to EM4x05/EM4x69"}, + {"4x50_demod", CmdEM4x50Demod, AlwaysAvailable, "demodulate a EM4x50 tag from the GraphBuffer"}, {"4x50_dump", CmdEM4x50Dump, IfPm3Lf, "dump EM4x50 tag"}, {"4x50_read", CmdEM4x50Read, IfPm3Lf, "read word data from EM4x50"}, diff --git a/client/graph.c b/client/graph.c index fc0ceab2d..7031da5e2 100644 --- a/client/graph.c +++ b/client/graph.c @@ -8,13 +8,14 @@ // Graph utilities //----------------------------------------------------------------------------- #include "graph.h" - +#include #include #include "ui.h" #include "util.h" //param_get32ex #include "lfdemod.h" #include "cmddata.h" //for g_debugmode + int GraphBuffer[MAX_GRAPH_TRACE_LEN]; size_t GraphTraceLen; int s_Buff[MAX_GRAPH_TRACE_LEN]; @@ -101,6 +102,7 @@ bool HasGraphData(void) { } return true; } + bool isGraphBitstream(void) { // convert to bitstream if necessary for (int i = 0; i < GraphTraceLen; i++) { @@ -110,9 +112,11 @@ bool isGraphBitstream(void) { } return true; } + void convertGraphFromBitstream() { convertGraphFromBitstreamEx(1, 0); } + void convertGraphFromBitstreamEx(int hi, int low) { for (int i = 0; i < GraphTraceLen; i++) { if (GraphBuffer[i] == hi) @@ -122,29 +126,42 @@ void convertGraphFromBitstreamEx(int hi, int low) { else GraphBuffer[i] = 0; } - uint8_t bits[GraphTraceLen]; - memset(bits, 0, sizeof(bits)); + + uint8_t *bits = calloc(GraphTraceLen, sizeof(uint8_t)); + if (bits == NULL) { + PrintAndLogEx(DEBUG, "ERR: convertGraphFromBitstreamEx, failed to allocate memory"); + return; + } + size_t size = getFromGraphBuf(bits); // set signal properties low/high/mean/amplitude and is_noise detection computeSignalProperties(bits, size); + free(bits); RepaintGraphWindow(); } // Get or auto-detect ask clock rate int GetAskClock(const char *str, bool printAns) { if (getSignalProperties()->isnoise) - return false; + return -1; int clock1 = param_get32ex(str, 0, 0, 10); if (clock1 > 0) return clock1; // Auto-detect clock - uint8_t bits[MAX_GRAPH_TRACE_LEN] = {0}; + + uint8_t *bits = calloc(MAX_GRAPH_TRACE_LEN, sizeof(uint8_t)); + if (bits == NULL) { + PrintAndLogEx(WARNING, "Failed to allocate memory"); + return -1; + } + size_t size = getFromGraphBuf(bits); if (size == 0) { PrintAndLogEx(WARNING, "Failed to copy from graphbuffer"); + free(bits); return -1; } @@ -162,20 +179,29 @@ int GetAskClock(const char *str, bool printAns) { if (printAns || g_debugMode) PrintAndLogEx(SUCCESS, "Auto-detected clock rate: %d, Best Starting Position: %d", clock1, idx); + free(bits); return clock1; } uint8_t GetPskCarrier(const char *str, bool printAns) { if (getSignalProperties()->isnoise) - return false; + return -1; uint8_t carrier = 0; - uint8_t bits[MAX_GRAPH_TRACE_LEN] = {0}; + + uint8_t *bits = calloc(MAX_GRAPH_TRACE_LEN, sizeof(uint8_t)); + if (bits == NULL) { + PrintAndLogEx(WARNING, "Failed to allocate memory"); + return -1; + } + size_t size = getFromGraphBuf(bits); if (size == 0) { PrintAndLogEx(WARNING, "Failed to copy from graphbuffer"); - return 0; + free(bits); + return -1; } + uint16_t fc = countFC(bits, size, false); carrier = fc & 0xFF; if (carrier != 2 && carrier != 4 && carrier != 8) return 0; @@ -183,6 +209,8 @@ uint8_t GetPskCarrier(const char *str, bool printAns) { // Only print this message if we're not looping something if (printAns) PrintAndLogEx(SUCCESS, "Auto-detected PSK carrier rate: %d", carrier); + + free(bits); return carrier; } @@ -196,20 +224,28 @@ int GetPskClock(const char *str, bool printAns) { return clock1; // Auto-detect clock - uint8_t grph[MAX_GRAPH_TRACE_LEN] = {0}; - size_t size = getFromGraphBuf(grph); - if (size == 0) { - PrintAndLogEx(WARNING, "Failed to copy from graphbuffer"); + uint8_t *bits = calloc(MAX_GRAPH_TRACE_LEN, sizeof(uint8_t)); + if (bits == NULL) { + PrintAndLogEx(WARNING, "Failed to allocate memory"); return -1; } + + size_t size = getFromGraphBuf(bits); + if (size == 0) { + PrintAndLogEx(WARNING, "Failed to copy from graphbuffer"); + free(bits); + return -1; + } + size_t firstPhaseShiftLoc = 0; uint8_t curPhase = 0, fc = 0; - clock1 = DetectPSKClock(grph, size, 0, &firstPhaseShiftLoc, &curPhase, &fc); + clock1 = DetectPSKClock(bits, size, 0, &firstPhaseShiftLoc, &curPhase, &fc); setClockGrid(clock1, firstPhaseShiftLoc); // Only print this message if we're not looping something if (printAns) PrintAndLogEx(SUCCESS, "Auto-detected clock rate: %d", clock1); + free(bits); return clock1; } @@ -223,21 +259,30 @@ int GetNrzClock(const char *str, bool printAns) { return clock1; // Auto-detect clock - uint8_t grph[MAX_GRAPH_TRACE_LEN] = {0}; - size_t size = getFromGraphBuf(grph); - if (size == 0) { - PrintAndLogEx(WARNING, "Failed to copy from graphbuffer"); + uint8_t *bits = calloc(MAX_GRAPH_TRACE_LEN, sizeof(uint8_t)); + if (bits == NULL) { + PrintAndLogEx(WARNING, "Failed to allocate memory"); return -1; } + + size_t size = getFromGraphBuf(bits); + if (size == 0) { + PrintAndLogEx(WARNING, "Failed to copy from graphbuffer"); + free(bits); + return -1; + } + size_t clkStartIdx = 0; - clock1 = DetectNRZClock(grph, size, 0, &clkStartIdx); + clock1 = DetectNRZClock(bits, size, 0, &clkStartIdx); setClockGrid(clock1, clkStartIdx); // Only print this message if we're not looping something if (printAns) PrintAndLogEx(SUCCESS, "Auto-detected clock rate: %d", clock1); + free(bits); return clock1; } + //by marshmellow //attempt to detect the field clock and bit clock for FSK int GetFskClock(const char *str, bool printAns) { @@ -249,12 +294,13 @@ int GetFskClock(const char *str, bool printAns) { uint8_t fc1 = 0, fc2 = 0, rf1 = 0; int firstClockEdge = 0; - if (!fskClocks(&fc1, &fc2, &rf1, &firstClockEdge)) + if (fskClocks(&fc1, &fc2, &rf1, &firstClockEdge) == false) return 0; if ((fc1 == 10 && fc2 == 8) || (fc1 == 8 && fc2 == 5)) { if (printAns) PrintAndLogEx(SUCCESS, "Detected Field Clocks: FC/%d, FC/%d - Bit Clock: RF/%d", fc1, fc2, rf1); + setClockGrid(rf1, firstClockEdge); return rf1; } @@ -263,27 +309,41 @@ int GetFskClock(const char *str, bool printAns) { PrintAndLogEx(DEBUG, "Detected Field Clocks: FC/%d, FC/%d - Bit Clock: RF/%d", fc1, fc2, rf1); return 0; } + bool fskClocks(uint8_t *fc1, uint8_t *fc2, uint8_t *rf1, int *firstClockEdge) { if (getSignalProperties()->isnoise) return false; - uint8_t bits[MAX_GRAPH_TRACE_LEN] = {0}; - size_t size = getFromGraphBuf(bits); - if (size == 0) + uint8_t *bits = calloc(MAX_GRAPH_TRACE_LEN, sizeof(uint8_t)); + if (bits == NULL) { + PrintAndLogEx(WARNING, "Failed to allocate memory"); return false; + } + + size_t size = getFromGraphBuf(bits); + if (size == 0) { + PrintAndLogEx(WARNING, "Failed to copy from graphbuffer"); + free(bits); + return false; + } uint16_t ans = countFC(bits, size, true); if (ans == 0) { PrintAndLogEx(DEBUG, "DEBUG: No data found"); + free(bits); return false; } *fc1 = (ans >> 8) & 0xFF; *fc2 = ans & 0xFF; *rf1 = detectFSKClk(bits, size, *fc1, *fc2, firstClockEdge); + + free(bits); + if (*rf1 == 0) { PrintAndLogEx(DEBUG, "DEBUG: Clock detect error"); + return false; } return true;