github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-19 21:03:48 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

FIX: tnp3sim, now can insert keys if the dumpfile is blank. Like the ,,,lander dumps...

Browse source
This commit is contained in:
iceman1001 2015-10-19 22:39:08 +02:00
commit a826cb0df1
2 changed files with 51 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

22
client/scripts/tnp3dump.lua
View file

@ -38,9 +38,7 @@ local numSectors = 16
--- ---
-- A debug printout-function -- A debug printout-function
function dbg(args) function dbg(args)
if not DEBUG then if not DEBUG then return end
return
end
if type(args) == "table" then if type(args) == "table" then
local i = 1 local i = 1
@ -56,6 +54,7 @@ end
-- This is only meant to be used when errors occur -- This is only meant to be used when errors occur
function oops(err) function oops(err)
print("ERROR: ",err) print("ERROR: ",err)
return nil,err
end end
--- ---
-- Usage help -- Usage help
@ -166,6 +165,8 @@ local function main(args)
local block0, err = waitCmd() local block0, err = waitCmd()
if err then return oops(err) end if err then return oops(err) end
core.clearCommandBuffer()
-- Read block 1 -- Read block 1
cmd = Command:new{cmd = cmds.CMD_MIFARE_READBL, arg1 = 1,arg2 = 0,arg3 = 0, data = keyA} cmd = Command:new{cmd = cmds.CMD_MIFARE_READBL, arg1 = 1,arg2 = 0,arg3 = 0, data = keyA}
err = core.SendCommand(cmd:getBytes()) err = core.SendCommand(cmd:getBytes())
@ -173,6 +174,8 @@ local function main(args)
local block1, err = waitCmd() local block1, err = waitCmd()
if err then return oops(err) end if err then return oops(err) end
core.clearCommandBuffer()
local tmpHash = block0..block1..'%02x'..RANDOM local tmpHash = block0..block1..'%02x'..RANDOM
local key local key
@ -180,9 +183,6 @@ local function main(args)
local blockNo local blockNo
local blocks = {} local blocks = {}
print('Reading card data')
core.clearCommandBuffer()
-- main loop -- main loop
io.write('Reading blocks > ') io.write('Reading blocks > ')
for blockNo = 0, numBlocks-1, 1 do for blockNo = 0, numBlocks-1, 1 do
@ -192,6 +192,8 @@ local function main(args)
break break
end end
core.clearCommandBuffer()
pos = (math.floor( blockNo / 4 ) * 12)+1 pos = (math.floor( blockNo / 4 ) * 12)+1
key = akeys:sub(pos, pos + 11 ) key = akeys:sub(pos, pos + 11 )
cmd = Command:new{cmd = cmds.CMD_MIFARE_READBL, arg1 = blockNo ,arg2 = 0,arg3 = 0, data = key} cmd = Command:new{cmd = cmds.CMD_MIFARE_READBL, arg1 = blockNo ,arg2 = 0,arg3 = 0, data = key}
@ -214,8 +216,8 @@ local function main(args)
local baseStr = utils.ConvertHexToAscii(tmpHash:format(blockNo)) local baseStr = utils.ConvertHexToAscii(tmpHash:format(blockNo))
local key = md5.sumhexa(baseStr) local key = md5.sumhexa(baseStr)
local aestest = core.aes128_decrypt(key, blockdata) local aestest = core.aes128_decrypt(key, blockdata)
local hex = utils.ConvertAsciiToBytes(aestest) local hex = ConvertAsciiToHex(aestest)
hex = utils.ConvertBytesToHex(hex)
blocks[blockNo+1] = ('%02d :: %s'):format(blockNo,hex) blocks[blockNo+1] = ('%02d :: %s'):format(blockNo,hex)
io.write(blockNo..',') io.write(blockNo..',')
end end
@ -235,9 +237,7 @@ local function main(args)
for _,s in pairs(blocks) do for _,s in pairs(blocks) do
local slice = s:sub(8,#s) local slice = s:sub(8,#s)
local str = utils.ConvertBytesToAscii( local str = utils.ConvertHexToAscii(slice)
utils.ConvertHexToBytes(slice)
)
emldata = emldata..slice..'\n' emldata = emldata..slice..'\n'
for c in (str):gmatch('.') do for c in (str):gmatch('.') do
bindata[#bindata+1] = c bindata[#bindata+1] = c

60
client/scripts/tnp3sim.lua
View file

@ -5,6 +5,7 @@ local lib14a = require('read14a')
local utils = require('utils') local utils = require('utils')
local md5 = require('md5') local md5 = require('md5')
local toys = require('default_toys') local toys = require('default_toys')
local pre = require('precalc')
example =[[ example =[[
1. script run tnp3sim 1. script run tnp3sim
@ -27,7 +28,7 @@ Arguments:
]] ]]
local TIMEOUT = 2000 -- Shouldn't take longer than 2 seconds local TIMEOUT = 2000 -- Shouldn't take longer than 2 seconds
local DEBUG = false -- the debug flag local DEBUG = true -- the debug flag
local RANDOM = '20436F707972696768742028432920323031302041637469766973696F6E2E20416C6C205269676874732052657365727665642E20' local RANDOM = '20436F707972696768742028432920323031302041637469766973696F6E2E20416C6C205269676874732052657365727665642E20'
local band = bit32.band local band = bit32.band
@ -42,9 +43,7 @@ local format = string.format
--- ---
-- A debug printout-function -- A debug printout-function
function dbg(args) function dbg(args)
if not DEBUG then if not DEBUG then return end
return
end
if type(args) == "table" then if type(args) == "table" then
local i = 1 local i = 1
@ -107,6 +106,14 @@ local function GetCheckSum(blocks, dataarea, chksumtype)
return utils.SwapEndianness(crc,16) return utils.SwapEndianness(crc,16)
end end
local function SetAllCheckSum(blocks)
print('Updating all checksums')
SetCheckSum(blocks, 3)
SetCheckSum(blocks, 2)
SetCheckSum(blocks, 1)
SetCheckSum(blocks, 0)
end
local function SetCheckSum(blocks, chksumtype) local function SetCheckSum(blocks, chksumtype)
if blocks == nil then return nil, 'Argument \"blocks\" nil' end if blocks == nil then return nil, 'Argument \"blocks\" nil' end
@ -154,6 +161,7 @@ function CalcCheckSum(blocks, dataarea, chksumtype)
end end
local function ValidateCheckSums(blocks) local function ValidateCheckSums(blocks)
print(' Validating checksums')
local isOk, crc, calc local isOk, crc, calc
-- Checksum Type 0 -- Checksum Type 0
@ -199,9 +207,17 @@ local function ValidateCheckSums(blocks)
io.write( ('TYPE 3 area 2: %04x = %04x -- %s\n'):format(crc,calc,isOk)) io.write( ('TYPE 3 area 2: %04x = %04x -- %s\n'):format(crc,calc,isOk))
end end
local function LoadEmulator(blocks)
local cmd local function AddKey(keys, blockNo, data)
local blockdata local pos = (math.floor( blockNo / 4 ) * 12)+1
local key = keys:sub(pos, pos + 11 )
return key..data:sub(13)
end
local function LoadEmulator(uid, blocks)
print('Sending dumpdata to emulator memory')
local keys = pre.GetAll(uid)
local cmd, blockdata
for _,b in pairs(blocks) do for _,b in pairs(blocks) do
blockdata = b blockdata = b
@ -212,14 +228,16 @@ local function LoadEmulator(blocks)
local baseStr = utils.ConvertHexToAscii(base) local baseStr = utils.ConvertHexToAscii(base)
local key = md5.sumhexa(baseStr) local key = md5.sumhexa(baseStr)
local enc = core.aes128_encrypt(key, blockdata) local enc = core.aes128_encrypt(key, blockdata)
local hex = utils.ConvertAsciiToBytes(enc) blockdata = utils.ConvertAsciiToHex(enc)
hex = utils.ConvertBytesToHex(hex)
blockdata = hex
io.write( _..',') io.write( _..',')
end end
else
-- add keys if not existing..
if ( blockdata:sub(1,12) == '000000000000' ) then
blockdata = AddKey(keys, _, blockdata)
end
end end
core.clearCommandBuffer()
cmd = Command:new{cmd = cmds.CMD_MIFARE_EML_MEMSET, arg1 = _ ,arg2 = 1,arg3 = 16, data = blockdata} cmd = Command:new{cmd = cmds.CMD_MIFARE_EML_MEMSET, arg1 = _ ,arg2 = 1,arg3 = 16, data = blockdata}
local err = core.SendCommand(cmd:getBytes()) local err = core.SendCommand(cmd:getBytes())
if err then return err end if err then return err end
@ -357,10 +375,7 @@ local function main(args)
blockindex = blockindex + 1 blockindex = blockindex + 1
end end
if DEBUG then if DEBUG then ValidateCheckSums(blocks) end
print(' Validating checksums')
ValidateCheckSums(blocks)
end
-- --
print( string.rep('--',20) ) print( string.rep('--',20) )
@ -419,7 +434,7 @@ local function main(args)
local level = blocks[13]:sub(27,28) local level = blocks[13]:sub(27,28)
print(('LEVEL : %d'):format( tonumber(level,16))) print(('LEVEL : %d'):format( tonumber(level,16)))
--hälsa: 667 029b
--local health = blocks[]:sub(); --local health = blocks[]:sub();
--print(('Health : %d'):format( tonumber(health,16)) --print(('Health : %d'):format( tonumber(health,16))
@ -457,20 +472,15 @@ local function main(args)
--print (blocks[13]) --print (blocks[13])
-- Update Checksums -- Update Checksums
print('Updating all checksums') SetAllCheckSum(blocks)
SetCheckSum(blocks, 3)
SetCheckSum(blocks, 2)
SetCheckSum(blocks, 1)
SetCheckSum(blocks, 0)
print('Validating all checksums') -- Validate Checksums
ValidateCheckSums(blocks) ValidateCheckSums(blocks)
end end
--Load dumpdata to emulator memory --Load dumpdata to emulator memory
if DEBUG then if DEBUG then
print('Sending dumpdata to emulator memory') err = LoadEmulator(uid, blocks)
err = LoadEmulator(blocks)
if err then return oops(err) end if err then return oops(err) end
core.clearCommandBuffer() core.clearCommandBuffer()
print('The simulation is now prepared.\n --> run \"hf mf sim u '..uid..'\" <--') print('The simulation is now prepared.\n --> run \"hf mf sim u '..uid..'\" <--')