github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-20 13:23:51 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

style

Browse source
This commit is contained in:
iceman1001 2024-11-02 15:13:40 +01:00
commit b3285cce8a
12 changed files with 4333 additions and 4455 deletions
Download patch file Download diff file Expand all files Collapse all files

72
armsrc/iclass.c
View file

@ -2222,19 +2222,19 @@ void iClass_Recover(iclass_recover_req_t *msg) {
picopass_hdr_t hdr = {0}; picopass_hdr_t hdr = {0};
bool res = false; bool res = false;
while(!card_select || !card_auth){ while (!card_select || !card_auth) {
Iso15693InitReader(); //has to be at the top as it starts tracing Iso15693InitReader(); //has to be at the top as it starts tracing
if(!msg->debug){ if (!msg->debug) {
set_tracing(false); //disable tracing to prevent crashes - set to true for debugging set_tracing(false); //disable tracing to prevent crashes - set to true for debugging
}else{ } else {
if (loops == 1){ if (loops == 1) {
clear_trace(); //if we're debugging better to clear the trace but do it only on the first loop clear_trace(); //if we're debugging better to clear the trace but do it only on the first loop
} }
} }
if(msg->test){ if (msg->test) {
Dbprintf(_YELLOW_("*Cycled Reader*") " ----------------- TEST Index - Loops: "_YELLOW_("%3d / %3d") " --------------*",loops,msg->loop); Dbprintf(_YELLOW_("*Cycled Reader*") " ----------------- TEST Index - Loops: "_YELLOW_("%3d / %3d") " --------------*", loops, msg->loop);
}else{ } else {
Dbprintf(_YELLOW_("*Cycled Reader*") " ----------------- Index: "_RED_("%3d")" Loops: "_YELLOW_("%3d / %3d") " --------------*",index,loops,msg->loop); Dbprintf(_YELLOW_("*Cycled Reader*") " ----------------- Index: "_RED_("%3d")" Loops: "_YELLOW_("%3d / %3d") " --------------*", index, loops, msg->loop);
} }
//Step0 Card Select Routine //Step0 Card Select Routine
eof_time = 0; //reset eof time eof_time = 0; //reset eof time
@ -2247,22 +2247,22 @@ void iClass_Recover(iclass_recover_req_t *msg) {
} }
//Step1 Authenticate with AA1 using trace //Step1 Authenticate with AA1 using trace
if(card_select){ if (card_select) {
memcpy(original_mac, msg->req.key, 8); memcpy(original_mac, msg->req.key, 8);
start_time = eof_time + DELAY_ICLASS_VICC_TO_VCD_READER; start_time = eof_time + DELAY_ICLASS_VICC_TO_VCD_READER;
res = authenticate_iclass_tag(&msg->req, &hdr, &start_time, &eof_time, mac1); res = authenticate_iclass_tag(&msg->req, &hdr, &start_time, &eof_time, mac1);
if (res == false) { if (res == false) {
DbpString(_RED_("Unable to authenticate on AA1 using macs! Retrying...")); DbpString(_RED_("Unable to authenticate on AA1 using macs! Retrying..."));
}else { } else {
DbpString(_GREEN_("AA1 authentication with macs successful!")); DbpString(_GREEN_("AA1 authentication with macs successful!"));
card_auth = true; card_auth = true;
} }
} }
if(!card_auth || !card_select){ if (!card_auth || !card_select) {
reinit_tentatives++; reinit_tentatives++;
switch_off(); switch_off();
} }
if(reinit_tentatives == 5){ if (reinit_tentatives == 5) {
DbpString(_RED_("Unable to select or authenticate with card multiple times! Stopping.")); DbpString(_RED_("Unable to select or authenticate with card multiple times! Stopping."));
goto out; goto out;
} }
@ -2274,26 +2274,26 @@ void iClass_Recover(iclass_recover_req_t *msg) {
AddCrc(cmd_read + 1, 1); AddCrc(cmd_read + 1, 1);
int priv_esc_tries = 0; int priv_esc_tries = 0;
bool priv_esc = false; bool priv_esc = false;
while(!priv_esc){ while (!priv_esc) {
//The privilege escalation is done with a readcheck and not just a normal read! //The privilege escalation is done with a readcheck and not just a normal read!
iclass_send_as_reader(read_check_cc, sizeof(read_check_cc), &start_time, &eof_time, shallow_mod); iclass_send_as_reader(read_check_cc, sizeof(read_check_cc), &start_time, &eof_time, shallow_mod);
// expect a 8-byte response here // expect a 8-byte response here
res2 = GetIso15693AnswerFromTag(resp, sizeof(resp), ICLASS_READER_TIMEOUT_OTHERS, &eof_time, false, true, &resp_len); res2 = GetIso15693AnswerFromTag(resp, sizeof(resp), ICLASS_READER_TIMEOUT_OTHERS, &eof_time, false, true, &resp_len);
if (res2 != PM3_SUCCESS || resp_len != 8){ if (res2 != PM3_SUCCESS || resp_len != 8) {
DbpString(_YELLOW_("Privilege Escalation -> ")_RED_("Read failed! Trying again...")); DbpString(_YELLOW_("Privilege Escalation -> ")_RED_("Read failed! Trying again..."));
priv_esc_tries++; priv_esc_tries++;
}else{ } else {
DbpString(_YELLOW_("Privilege Escalation -> ")_GREEN_("Response OK!")); DbpString(_YELLOW_("Privilege Escalation -> ")_GREEN_("Response OK!"));
priv_esc = true; priv_esc = true;
} }
if(priv_esc_tries == 5){ if (priv_esc_tries == 5) {
DbpString(_RED_("Unable to complete privilege escalation! Stopping.")); DbpString(_RED_("Unable to complete privilege escalation! Stopping."));
goto out; goto out;
} }
} }
generate_single_key_block_inverted(zero_key, index, genkeyblock); generate_single_key_block_inverted(zero_key, index, genkeyblock);
if(msg->test){ if (msg->test) {
memcpy(genkeyblock, zero_key, PICOPASS_BLOCK_SIZE); memcpy(genkeyblock, zero_key, PICOPASS_BLOCK_SIZE);
} }
@ -2307,39 +2307,39 @@ void iClass_Recover(iclass_recover_req_t *msg) {
bool use_mac = true; bool use_mac = true;
bool written = false; bool written = false;
bool write_error = false; bool write_error = false;
while(written == false && write_error == false){ while (written == false && write_error == false) {
//Step5 Perform Write //Step5 Perform Write
if (iclass_writeblock_ext(blockno, genkeyblock, mac2, use_mac, shallow_mod)) { if (iclass_writeblock_ext(blockno, genkeyblock, mac2, use_mac, shallow_mod)) {
DbpString("Wrote key: "); DbpString("Wrote key: ");
Dbhexdump(8, genkeyblock, false); Dbhexdump(8, genkeyblock, false);
} }
//Reset cypher state //Reset cypher state
iclass_send_as_reader(read_check_cc2, sizeof(read_check_cc2), &start_time, &eof_time, shallow_mod); iclass_send_as_reader(read_check_cc2, sizeof(read_check_cc2), &start_time, &eof_time, shallow_mod);
res2 = GetIso15693AnswerFromTag(resp, sizeof(resp), ICLASS_READER_TIMEOUT_OTHERS, &eof_time, false, true, &resp_len); res2 = GetIso15693AnswerFromTag(resp, sizeof(resp), ICLASS_READER_TIMEOUT_OTHERS, &eof_time, false, true, &resp_len);
//try to authenticate with the original mac to verify the write happened //try to authenticate with the original mac to verify the write happened
memcpy(msg->req.key, original_mac, 8); memcpy(msg->req.key, original_mac, 8);
res = authenticate_iclass_tag(&msg->req, &hdr, &start_time, &eof_time, mac1); res = authenticate_iclass_tag(&msg->req, &hdr, &start_time, &eof_time, mac1);
if(msg->test){ if (msg->test) {
if (res != true) { if (res != true) {
DbpString(_RED_("*** CARD EPURSE IS SILENT! RISK OF BRICKING! DO NOT EXECUTE KEY UPDATES! SCAN IT ON READER FOR EPURSE UPDATE, COLLECT NEW TRACES AND TRY AGAIN! ***")); DbpString(_RED_("*** CARD EPURSE IS SILENT! RISK OF BRICKING! DO NOT EXECUTE KEY UPDATES! SCAN IT ON READER FOR EPURSE UPDATE, COLLECT NEW TRACES AND TRY AGAIN! ***"));
goto out; goto out;
}else{ } else {
DbpString(_GREEN_("*** CARD EPURSE IS LOUD! OK TO ATTEMPT KEY RETRIEVAL! RUN AGAIN WITH -notest ***")); DbpString(_GREEN_("*** CARD EPURSE IS LOUD! OK TO ATTEMPT KEY RETRIEVAL! RUN AGAIN WITH -notest ***"));
completed = true; completed = true;
goto out; goto out;
} }
}else{ } else {
if (res != true) { if (res != true) {
DbpString("Write Operation : "_GREEN_("VERIFIED! Card Key Updated!")); DbpString("Write Operation : "_GREEN_("VERIFIED! Card Key Updated!"));
written = true; written = true;
}else{ } else {
DbpString("Write Operation : "_RED_("FAILED! Card Key is the Original. Retrying...")); DbpString("Write Operation : "_RED_("FAILED! Card Key is the Original. Retrying..."));
write_error = true; write_error = true;
} }
} }
} }
if(!write_error){ if (!write_error) {
//Step6 Perform 8 authentication attempts + 1 to verify if we found the weak key //Step6 Perform 8 authentication attempts + 1 to verify if we found the weak key
for (int i = 0; i < 8 ; ++i) { for (int i = 0; i < 8 ; ++i) {
iclass_send_as_reader(read_check_cc2, sizeof(read_check_cc2), &start_time, &eof_time, shallow_mod); iclass_send_as_reader(read_check_cc2, sizeof(read_check_cc2), &start_time, &eof_time, shallow_mod);
@ -2359,7 +2359,7 @@ void iClass_Recover(iclass_recover_req_t *msg) {
//regardless of bits being found, restore the original key and verify it //regardless of bits being found, restore the original key and verify it
bool reverted = false; bool reverted = false;
uint8_t revert_retries = 0; uint8_t revert_retries = 0;
while(!reverted){ while (!reverted) {
//Regain privilege escalation with a readcheck //Regain privilege escalation with a readcheck
iclass_send_as_reader(read_check_cc, sizeof(read_check_cc), &start_time, &eof_time, shallow_mod); iclass_send_as_reader(read_check_cc, sizeof(read_check_cc), &start_time, &eof_time, shallow_mod);
res2 = GetIso15693AnswerFromTag(resp, sizeof(resp), ICLASS_READER_TIMEOUT_OTHERS, &eof_time, false, true, &resp_len); res2 = GetIso15693AnswerFromTag(resp, sizeof(resp), ICLASS_READER_TIMEOUT_OTHERS, &eof_time, false, true, &resp_len);
@ -2381,27 +2381,27 @@ void iClass_Recover(iclass_recover_req_t *msg) {
if (res == true) { if (res == true) {
DbpString("Restore of Original Key "_GREEN_("VERIFIED! Card is usable again.")); DbpString("Restore of Original Key "_GREEN_("VERIFIED! Card is usable again."));
reverted = true; reverted = true;
if (recovered){ if (recovered) {
goto restore; goto restore;
} }
}else{ } else {
DbpString("Restore of Original Key "_RED_("VERIFICATION FAILED! Trying again...")); DbpString("Restore of Original Key "_RED_("VERIFICATION FAILED! Trying again..."));
} }
revert_retries++; revert_retries++;
if(revert_retries >= 7){ //must always be an odd number! if (revert_retries >= 7) { //must always be an odd number!
Dbprintf(_RED_("Attempted to restore original key for %3d times and failed. Stopping. Card is likely unusable."), revert_retries); Dbprintf(_RED_("Attempted to restore original key for %3d times and failed. Stopping. Card is likely unusable."), revert_retries);
goto out; goto out;
} }
} }
} }
if(loops >= msg->loop){ if (loops >= msg->loop) {
completed = true; completed = true;
goto out; goto out;
} }
if(!write_error){ //if there was a write error, re-run the loop for the same key index if (!write_error) { //if there was a write error, re-run the loop for the same key index
loops++; loops++;
index++; index++;
} }
@ -2413,7 +2413,7 @@ restore:
;//empty statement for compilation ;//empty statement for compilation
uint8_t partialkey[PICOPASS_BLOCK_SIZE] = {0}; uint8_t partialkey[PICOPASS_BLOCK_SIZE] = {0};
for(int i = 0; i < PICOPASS_BLOCK_SIZE; i++){ for (int i = 0; i < PICOPASS_BLOCK_SIZE; i++) {
partialkey[i] = genkeyblock[i] ^ bits_found; partialkey[i] = genkeyblock[i] ^ bits_found;
} }
@ -2429,9 +2429,9 @@ restore:
out: out:
switch_off(); switch_off();
if(completed){ if (completed) {
reply_ng(CMD_HF_ICLASS_RECOVER, PM3_EINVARG, NULL, 0); reply_ng(CMD_HF_ICLASS_RECOVER, PM3_EINVARG, NULL, 0);
}else{ } else {
reply_ng(CMD_HF_ICLASS_RECOVER, PM3_ESOFT, NULL, 0); reply_ng(CMD_HF_ICLASS_RECOVER, PM3_ESOFT, NULL, 0);
} }

2
armsrc/iso14443a.c
View file

@ -2440,7 +2440,7 @@ bool GetIso14443aAnswerFromTag_Thinfilm(uint8_t *receivedResponse, uint16_t rec_
if (GetTickCountDelta(receive_timer) > timeout + 100) { if (GetTickCountDelta(receive_timer) > timeout + 100) {
break; break;
} }
} }
*received_len = Demod.len; *received_len = Demod.len;

92
client/luascripts/hf_mf_uscuid_prog.lua
View file

@ -22,13 +22,13 @@ This script does *NOT* claim full compatibility with the ICs listed below:
* UFUID * UFUID
* PFUID* * PFUID*
Why? Why?
Unfortunately, these are cut down versions. Unfortunately, these are cut down versions.
Checks show that they only acknowledge bytes 0-1, 7, 8, and 15 of the configuration. Checks show that they only acknowledge bytes 0-1, 7, 8, and 15 of the configuration.
* WARNING: The config commands are inversed. Nothing will work. * WARNING: The config commands are inversed. Nothing will work.
Ready to start? Ready to start?
Set the first 2 bytes of your config to 7AFF and use -t 4. Set the first 2 bytes of your config to 7AFF and use -t 4.
@ -41,7 +41,7 @@ example = [[
2. script run hf_mf_uscuid_prog -t 4 -u A72B571 2. script run hf_mf_uscuid_prog -t 4 -u A72B571
-- Read sector 0 -- Read sector 0
3. script run hf_mf_uscuid_prog -S 0 3. script run hf_mf_uscuid_prog -S 0
]] ]]
usage = [[ usage = [[
script run hf_mf_uscuid_uid_prog [-h] [-u <uid>] [-t] [-3] [-s <signature>] [-w 1] [-R -B <blk>] [-S -E <sec>] [-g -c -b -2 -7 -d -a -n -r <0/1>] script run hf_mf_uscuid_uid_prog [-h] [-u <uid>] [-t] [-3] [-s <signature>] [-w 1] [-R -B <blk>] [-S -E <sec>] [-g -c -b -2 -7 -d -a -n -r <0/1>]
@ -61,9 +61,9 @@ arguments = [[
-S Read sector -S Read sector
[ConfigStar] [ConfigStar]
Unmarked data will not be edited. Unmarked data will not be edited.
How to use: How to use:
To ENABLE an option, pass "1" To ENABLE an option, pass "1"
To DISABLE an option, pass "0" To DISABLE an option, pass "0"
@ -142,10 +142,10 @@ local function sendCmds(cmds)
end end
local function wakeupmagic(writetype) local function wakeupmagic(writetype)
if writetype == "2" then if writetype == "2" then
sendCmds(wupc2()) sendCmds(wupc2())
elseif writetype == "4" then elseif writetype == "4" then
sendCmds(wupc()) sendCmds(wupc())
end end
end end
@ -158,13 +158,13 @@ local function calculate_block0(useruid)
local length = #useruid // 2; local length = #useruid // 2;
-- bcc -- bcc
for i = 3, length, 1 do for i = 3, length, 1 do
bcc = bxor(bcc, uidbytes[i]) bcc = bxor(bcc, uidbytes[i])
end end
-- block0 -- block0
local block0 = "" local block0 = ""
for i = 1, length, 1 do for i = 1, length, 1 do
block0 = block0..string.format('%02X', uidbytes[i]) block0 = block0..string.format('%02X', uidbytes[i])
end end
@ -238,7 +238,7 @@ local function writeconf(configbuffer)
end end
else oops("Tag did not ACK `E100` command!") else oops("Tag did not ACK `E100` command!")
lib14a.disconnect() lib14a.disconnect()
return 1 return 1
end end
end end
-- End config functions -- End config functions
@ -299,8 +299,8 @@ function main(args)
if o == 'r' then if a == "1" then sigsec = true elseif a == "0" then sigsec= false end end if o == 'r' then if a == "1" then sigsec = true elseif a == "0" then sigsec= false end end
end end
if gen1 ~= nil or gen1com~= nil or keyblock~= nil or cuid~= nil or cl2mode~= nil or shadowmode~= nil or magicauth~= nil or statenc~= nil or sigsec~= nil then if gen1 ~= nil or gen1com~= nil or keyblock~= nil or cuid~= nil or cl2mode~= nil or shadowmode~= nil or magicauth~= nil or statenc~= nil or sigsec~= nil then
configwrite = true configwrite = true
end end
if targetbblk then if tonumber(targetbblk) > 63 then oops("Block is above 63") return 1 end end if targetbblk then if tonumber(targetbblk) > 63 then oops("Block is above 63") return 1 end end
@ -327,7 +327,7 @@ function main(args)
oops("DANGER! Tag did not ACK wipe command. The field has NOT been reset.") oops("DANGER! Tag did not ACK wipe command. The field has NOT been reset.")
print("[ ] If you think the wipe succeeded, immediately do this:") print("[ ] If you think the wipe succeeded, immediately do this:")
print("hf 14a raw -kc E100; hf 14a raw -c 7AFF0000000000000000000000000008") print("hf 14a raw -kc E100; hf 14a raw -c 7AFF0000000000000000000000000008")
return 1 return 1
end end
writeconf(utils.ConvertHexToBytes("7AFF0000000000000000005A00000008")) writeconf(utils.ConvertHexToBytes("7AFF0000000000000000005A00000008"))
@ -359,40 +359,40 @@ function main(args)
print("") print("")
if targetblk or targetsec then if targetblk or targetsec then
if targetblk then if targetblk then
data = sendRaw("30"..string.format("%02x", targetblk), false) data = sendRaw("30"..string.format("%02x", targetblk), false)
end end
if targetblk then if targetblk then
-- floor division... -- floor division...
SectorHeader(targetblk // 4) SectorHeader(targetblk // 4)
else else
SectorHeader(targetsec) SectorHeader(targetsec)
end end
if targetblk then if targetblk then
BlockParser(data, targetblk) BlockParser(data, targetblk)
else else
for i=0, 3 do for i=0, 3 do
BlockParser(sendRaw("30"..string.format("%02x", targetsec * 4 + i), true), targetsec * 4 + i) BlockParser(sendRaw("30"..string.format("%02x", targetsec * 4 + i), true), targetsec * 4 + i)
end end
end end
elseif targetbblk or targetbsec then elseif targetbblk or targetbsec then
if targetbblk then if targetbblk then
data = sendRaw("38"..string.format("%02x", targetbblk), false) data = sendRaw("38"..string.format("%02x", targetbblk), false)
end end
if targetbblk then if targetbblk then
-- floor division -- floor division
SectorHeader(targetbblk // 4) SectorHeader(targetbblk // 4)
else else
SectorHeader(targetbsec) SectorHeader(targetbsec)
end end
if targetbblk then if targetbblk then
BlockParser(data, targetbblk) BlockParser(data, targetbblk)
else else
for i =0, 3 do for i =0, 3 do
BlockParser(sendRaw("38"..string.format("%02x", targetbsec * 4 + i), true), targetbsec * 4 + i) BlockParser(sendRaw("38"..string.format("%02x", targetbsec * 4 + i), true), targetbsec * 4 + i)
end end
@ -428,8 +428,8 @@ function main(args)
if string.len(uid) == 14 then if string.len(uid) == 14 then
wakeupmagic(writetype) wakeupmagic(writetype)
if f3perso == true then if f3perso == true then
print("[?] WARNING: F3 perso write is set, but 7 byte UID is passed. Ignoring -3 argument") print("[?] WARNING: F3 perso write is set, but 7 byte UID is passed. Ignoring -3 argument")
end end
local configdata = readconf() local configdata = readconf()
@ -445,7 +445,7 @@ function main(args)
if sendRaw("A800", true) ~= "0A" then if sendRaw("A800", true) ~= "0A" then
oops("Tag did not ACK `A800` command!") oops("Tag did not ACK `A800` command!")
lib14a.disconnect() lib14a.disconnect()
return 1 return 1
end end
print("[?] WARNING: nUID should be updated with this value:") print("[?] WARNING: nUID should be updated with this value:")
@ -455,18 +455,18 @@ function main(args)
if sendRaw(payload, true) ~= "0A" then if sendRaw(payload, true) ~= "0A" then
oops("Tag did not ACK data to write!") oops("Tag did not ACK data to write!")
lib14a.disconnect() lib14a.disconnect()
return 1 return 1
end end
print(cl.yellow.."[-]".. cl.reset .." Updating real block 0") print(cl.yellow.."[-]".. cl.reset .." Updating real block 0")
if sendRaw("A000", true) ~= "0A" then if sendRaw("A000", true) ~= "0A" then
oops("Tag did not ACK `A000` command!") oops("Tag did not ACK `A000` command!")
lib14a.disconnect() lib14a.disconnect()
return 1 return 1
end end
if sendRaw(cltwo_block0(uid), false) ~="0A" then if sendRaw(cltwo_block0(uid), false) ~="0A" then
oops("Tag did not ACK data to write!") oops("Tag did not ACK data to write!")
end end
-- Now, let's work with 4 byte UIDs. -- Now, let's work with 4 byte UIDs.
@ -478,7 +478,7 @@ function main(args)
if configdata[10] == 0x69 or f3perso == true then -- If we have Perso: F3, then write backdoor blk 1 if configdata[10] == 0x69 or f3perso == true then -- If we have Perso: F3, then write backdoor blk 1
if f3perso == true then if f3perso == true then
print ("[?] WARNING: F3 flag enabled. Updating UID used for F3 perso") print ("[?] WARNING: F3 flag enabled. Updating UID used for F3 perso")
end end
if sendRaw("A801", true) ~= "0A" then if sendRaw("A801", true) ~= "0A" then
@ -499,11 +499,11 @@ function main(args)
if sendRaw("A000", true) ~= "0A" then if sendRaw("A000", true) ~= "0A" then
oops("Tag did not ACK `A000` command!") oops("Tag did not ACK `A000` command!")
lib14a.disconnect() lib14a.disconnect()
return 1 return 1
end end
end end
if sendRaw(payload, false) ~= "0A" then if sendRaw(payload, false) ~= "0A" then
oops("Tag did not ACK data to write!") oops("Tag did not ACK data to write!")
end end
end end
@ -522,7 +522,7 @@ function main(args)
if sendRaw("A805", true) ~= "0A" then if sendRaw("A805", true) ~= "0A" then
oops("Tag did not ACK `A805` command!") oops("Tag did not ACK `A805` command!")
lib14a.disconnect() lib14a.disconnect()
return 1 return 1
end end
if sendRaw(string.sub(signature,1,32), true) ~= "0A" then if sendRaw(string.sub(signature,1,32), true) ~= "0A" then
@ -556,8 +556,8 @@ function main(args)
if ans ~="yes" then if ans ~="yes" then
lib14a.disconnect() lib14a.disconnect()
return 1 return 1
else else
print(cl.red.."[/]"..cl.reset.." Brace yourself.") print(cl.red.."[/]"..cl.reset.." Brace yourself.")
end end
end end

2
client/src/cmddata.c
View file

@ -3171,7 +3171,7 @@ static int CmdNumCon(const char *Cmd) {
pn = (hlen * 4) - slen + 1; pn = (hlen * 4) - slen + 1;
} }
} }
PrintAndLogEx(SUCCESS, "%s%.*s%s",radix[i].desc, pn, pad, s); PrintAndLogEx(SUCCESS, "%s%.*s%s", radix[i].desc, pn, pad, s);
} }
} }

2
client/src/cmdhf14b.c
View file

@ -1437,7 +1437,7 @@ bool HF14B_picopass_reader(bool verbose, bool info) {
return false; return false;
} }
memcpy(card, resp.data.asBytes, sizeof(picopass_hdr_t)); memcpy(card, resp.data.asBytes, sizeof(picopass_hdr_t));
if(info){ if (info) {
PrintAndLogEx(NORMAL, ""); PrintAndLogEx(NORMAL, "");
PrintAndLogEx(SUCCESS, "iCLASS / Picopass CSN: " _GREEN_("%s"), sprint_hex(card->csn, sizeof(card->csn))); PrintAndLogEx(SUCCESS, "iCLASS / Picopass CSN: " _GREEN_("%s"), sprint_hex(card->csn, sizeof(card->csn)));
} }

10
client/src/cmdhfgallagher.c
View file

@ -1311,7 +1311,7 @@ static int CmdGallagherDecode(const char *cmd) {
return PM3_SUCCESS; return PM3_SUCCESS;
} }
static int CmdGallagherEncode (const char *cmd) { static int CmdGallagherEncode(const char *cmd) {
CLIParserContext *ctx; CLIParserContext *ctx;
CLIParserInit(&ctx, "hf gallagher encode", CLIParserInit(&ctx, "hf gallagher encode",
"Encode a Gallagher credential block\n" "Encode a Gallagher credential block\n"
@ -1335,7 +1335,7 @@ static int CmdGallagherEncode (const char *cmd) {
uint64_t issue_level = arg_get_u64(ctx, 4); // uint4 uint64_t issue_level = arg_get_u64(ctx, 4); // uint4
CLIParserFree(ctx); CLIParserFree(ctx);
GallagherCredentials_t creds = { GallagherCredentials_t creds = {
.region_code = region_code, .region_code = region_code,
.facility_code = facility_code, .facility_code = facility_code,
@ -1345,15 +1345,15 @@ static int CmdGallagherEncode (const char *cmd) {
uint8_t contents[16] = {0}; uint8_t contents[16] = {0};
gallagher_encode_creds(contents, &creds); gallagher_encode_creds(contents, &creds);
for (int i = 0; i < 8; i++) { for (int i = 0; i < 8; i++) {
contents[i + 8] = contents[i] ^ 0xFF; contents[i + 8] = contents[i] ^ 0xFF;
} }
PrintAndLogEx(SUCCESS, "Raw: " _YELLOW_("%s"), sprint_hex_inrow(contents, ARRAYLEN(contents)/2)); PrintAndLogEx(SUCCESS, "Raw: " _YELLOW_("%s"), sprint_hex_inrow(contents, ARRAYLEN(contents) / 2));
PrintAndLogEx(SUCCESS, "Bitwise: " _YELLOW_("%s"), sprint_hex_inrow(contents, ARRAYLEN(contents))); PrintAndLogEx(SUCCESS, "Bitwise: " _YELLOW_("%s"), sprint_hex_inrow(contents, ARRAYLEN(contents)));
return PM3_SUCCESS; return PM3_SUCCESS;
} }

14
client/src/cmdhficlass.c
View file

@ -2712,7 +2712,7 @@ static int CmdHFiClassRestore(const char *Cmd) {
} }
static int iclass_read_block_ex(uint8_t *KEY, uint8_t blockno, uint8_t keyType, bool elite, bool rawkey, bool replay, bool verbose, static int iclass_read_block_ex(uint8_t *KEY, uint8_t blockno, uint8_t keyType, bool elite, bool rawkey, bool replay, bool verbose,
bool auth, bool shallow_mod, uint8_t *out, bool print) { bool auth, bool shallow_mod, uint8_t *out, bool print) {
iclass_auth_req_t payload = { iclass_auth_req_t payload = {
.use_raw = rawkey, .use_raw = rawkey,
@ -2762,7 +2762,7 @@ static int iclass_read_block_ex(uint8_t *KEY, uint8_t blockno, uint8_t keyType,
} }
static int iclass_read_block(uint8_t *KEY, uint8_t blockno, uint8_t keyType, bool elite, bool rawkey, bool replay, bool verbose, static int iclass_read_block(uint8_t *KEY, uint8_t blockno, uint8_t keyType, bool elite, bool rawkey, bool replay, bool verbose,
bool auth, bool shallow_mod, uint8_t *out) { bool auth, bool shallow_mod, uint8_t *out) {
return iclass_read_block_ex(KEY, blockno, keyType, elite, rawkey, replay, verbose, auth, shallow_mod, out, true); return iclass_read_block_ex(KEY, blockno, keyType, elite, rawkey, replay, verbose, auth, shallow_mod, out, true);
} }
@ -3714,10 +3714,10 @@ static int CmdHFiClassCheckKeys(const char *Cmd) {
if ((strlen(filename) == 0) && (use_vb6kdf == false)) { if ((strlen(filename) == 0) && (use_vb6kdf == false)) {
if (use_elite) { if (use_elite) {
PrintAndLogEx(INFO,"Using default elite dictionary"); PrintAndLogEx(INFO, "Using default elite dictionary");
snprintf(filename, sizeof(filename), ICLASS_DEFAULT_KEY_ELITE_DIC); snprintf(filename, sizeof(filename), ICLASS_DEFAULT_KEY_ELITE_DIC);
} else { } else {
PrintAndLogEx(INFO,"Using default dictionary"); PrintAndLogEx(INFO, "Using default dictionary");
snprintf(filename, sizeof(filename), ICLASS_DEFAULT_KEY_DIC); snprintf(filename, sizeof(filename), ICLASS_DEFAULT_KEY_DIC);
} }
} }
@ -5297,7 +5297,7 @@ int info_iclass(bool shallow_mod) {
iclass_card_select_resp_t *r = (iclass_card_select_resp_t *)resp.data.asBytes; iclass_card_select_resp_t *r = (iclass_card_select_resp_t *)resp.data.asBytes;
uint8_t *p_response = (uint8_t*)&r->header.hdr; uint8_t *p_response = (uint8_t *)&r->header.hdr;
// no tag found or button pressed // no tag found or button pressed
if (r->status == FLAG_ICLASS_NULL || resp.status == PM3_ERFTRANS) { if (r->status == FLAG_ICLASS_NULL || resp.status == PM3_ERFTRANS) {
return PM3_EOPABORTED; return PM3_EOPABORTED;
@ -5382,9 +5382,9 @@ int info_iclass(bool shallow_mod) {
uint8_t cardtype = get_mem_config(hdr); uint8_t cardtype = get_mem_config(hdr);
PrintAndLogEx(SUCCESS, " Card type.... " _GREEN_("%s"), card_types[cardtype]); PrintAndLogEx(SUCCESS, " Card type.... " _GREEN_("%s"), card_types[cardtype]);
if(HF14B_picopass_reader(false, false)){ if (HF14B_picopass_reader(false, false)) {
PrintAndLogEx(SUCCESS, " Card chip.... "_YELLOW_("Old Silicon (14b support)")); PrintAndLogEx(SUCCESS, " Card chip.... "_YELLOW_("Old Silicon (14b support)"));
}else{ } else {
PrintAndLogEx(SUCCESS, " Card chip.... "_YELLOW_("NEW Silicon (No 14b support)")); PrintAndLogEx(SUCCESS, " Card chip.... "_YELLOW_("NEW Silicon (No 14b support)"));
} }
if (legacy) { if (legacy) {

6
client/src/cmdlf.c
View file

@ -1127,7 +1127,7 @@ int CmdLFfskSim(const char *Cmd) {
bool separator = arg_get_lit(ctx, 4); bool separator = arg_get_lit(ctx, 4);
char raw[65] = {0}; char raw[65] = {0};
int raw_len = sizeof(raw) - 1; // CLIGetStrWithReturn does not guarantee string to be null-terminated int raw_len = sizeof(raw) - 1; // CLIGetStrWithReturn does not guarantee string to be null-terminated
CLIGetStrWithReturn(ctx, 5, (uint8_t *)raw, &raw_len); CLIGetStrWithReturn(ctx, 5, (uint8_t *)raw, &raw_len);
bool verbose = arg_get_lit(ctx, 6); bool verbose = arg_get_lit(ctx, 6);
@ -1238,7 +1238,7 @@ int CmdLFaskSim(const char *Cmd) {
bool separator = arg_get_lit(ctx, 6); bool separator = arg_get_lit(ctx, 6);
char raw[65] = {0}; char raw[65] = {0};
int raw_len = sizeof(raw) - 1; // CLIGetStrWithReturn does not guarantee string to be null-terminated int raw_len = sizeof(raw) - 1; // CLIGetStrWithReturn does not guarantee string to be null-terminated
CLIGetStrWithReturn(ctx, 7, (uint8_t *)raw, &raw_len); CLIGetStrWithReturn(ctx, 7, (uint8_t *)raw, &raw_len);
bool verbose = arg_get_lit(ctx, 8); bool verbose = arg_get_lit(ctx, 8);
@ -1352,7 +1352,7 @@ int CmdLFpskSim(const char *Cmd) {
uint8_t carrier = arg_get_u32_def(ctx, 6, 2); uint8_t carrier = arg_get_u32_def(ctx, 6, 2);
char raw[65] = {0}; char raw[65] = {0};
int raw_len = sizeof(raw) - 1; // CLIGetStrWithReturn does not guarantee string to be null-terminated int raw_len = sizeof(raw) - 1; // CLIGetStrWithReturn does not guarantee string to be null-terminated
CLIGetStrWithReturn(ctx, 7, (uint8_t *)raw, &raw_len); CLIGetStrWithReturn(ctx, 7, (uint8_t *)raw, &raw_len);
bool verbose = arg_get_lit(ctx, 8); bool verbose = arg_get_lit(ctx, 8);

4
client/src/cmdlfhid.c
View file

@ -376,10 +376,10 @@ static int CmdHIDClone(const char *Cmd) {
bool q5 = arg_get_lit(ctx, 7); bool q5 = arg_get_lit(ctx, 7);
bool em = arg_get_lit(ctx, 8); bool em = arg_get_lit(ctx, 8);
// t5577 can do 6 blocks with 32bits == 192 bits, HID is manchester encoded and doubles in length. // t5577 can do 6 blocks with 32bits == 192 bits, HID is manchester encoded and doubles in length.
// With parity, manchester and preamble we have about 3 blocks to play with. Ie: 96 bits // With parity, manchester and preamble we have about 3 blocks to play with. Ie: 96 bits
uint8_t bin[97] = {0}; uint8_t bin[97] = {0};
int bin_len = sizeof(bin) - 1; // CLIGetStrWithReturn does not guarantee string to be null-terminated int bin_len = sizeof(bin) - 1; // CLIGetStrWithReturn does not guarantee string to be null-terminated
CLIGetStrWithReturn(ctx, 9, bin, &bin_len); CLIGetStrWithReturn(ctx, 9, bin, &bin_len);
CLIParserFree(ctx); CLIParserFree(ctx);

3662
client/src/pm3_luawrap.c
View file

File diff suppressed because it is too large Load diff

4916
client/src/pm3_pywrap.c
View file

File diff suppressed because it is too large Load diff

6
doc/commands.json
View file

@ -8526,7 +8526,7 @@
"lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W11000 -> probing for Hitag 2/S", "lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W11000 -> probing for Hitag 2/S",
"lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W11010 -> probing for Hitag S", "lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W11010 -> probing for Hitag S",
"lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W11000 -s 2000 -@ -> probing for Hitag 2/S, oscilloscope style", "lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W11000 -s 2000 -@ -> probing for Hitag 2/S, oscilloscope style",
"lf cmdread -d 48 -z 112 -o 176 -e W3000 -e S240 -e E336 -c W0S00000010000E -> probing for Hitag \u00e6(micro)" "lf cmdread -d 48 -z 112 -o 176 -e W3000 -e S240 -e E336 -c W0S00000010000E -> probing for Hitag \u00b5(micro)"
], ],
"offline": false, "offline": false,
"options": [ "options": [
@ -9762,7 +9762,7 @@
"-1, --ht1 Card type Hitag 1", "-1, --ht1 Card type Hitag 1",
"-2, --ht2 Card type Hitag 2", "-2, --ht2 Card type Hitag 2",
"-s, --hts Card type Hitag S", "-s, --hts Card type Hitag S",
"-m, --htm Card type Hitag \u00ce\u00bc" "-m, --htm Card type Hitag \u03bc"
], ],
"usage": "lf hitag eload [-h12sm] -f <fn>" "usage": "lf hitag eload [-h12sm] -f <fn>"
}, },
@ -13005,6 +13005,6 @@
"metadata": { "metadata": {
"commands_extracted": 749, "commands_extracted": 749,
"extracted_by": "PM3Help2JSON v1.00", "extracted_by": "PM3Help2JSON v1.00",
"extracted_on": "2024-11-02T12:57:51" "extracted_on": "2024-11-02T14:09:48"
} }
} }