mirror of
https://github.com/RfidResearchGroup/proxmark3.git
synced 2025-08-20 13:23:51 -07:00
chg: 'lf io watch' - uses NG and reports back to client
This commit is contained in:
iceman1001
parent
b0c5ade65a
commit
ba6bc0ecef
6 changed files with 43 additions and 27 deletions
|
|
@ -818,9 +818,10 @@ static void PacketReceived(PacketCommandNG *packet) {
|
|||
CopyHIDtoT55x7(packet->oldarg[0], packet->oldarg[1], packet->oldarg[2], packet->data.asBytes[0]);
|
||||
break;
|
||||
}
|
||||
case CMD_LF_IO_DEMOD: {
|
||||
case CMD_LF_IO_WATCH: {
|
||||
uint32_t high, low;
|
||||
CmdIOdemodFSK(0, &high, &low, 1);
|
||||
int res = lf_io_watch(0, &high, &low);
|
||||
reply_ng(CMD_LF_IO_WATCH, res, NULL, 0);
|
||||
break;
|
||||
}
|
||||
case CMD_LF_EM410X_DEMOD: {
|
||||
|
|
|
|||
|
|
@ -1467,29 +1467,41 @@ void CmdEM410xdemod(int findone, uint32_t *high, uint64_t *low, int ledcontrol)
|
|||
if (ledcontrol) LED_A_OFF();
|
||||
}
|
||||
|
||||
void CmdIOdemodFSK(int findone, uint32_t *high, uint32_t *low, int ledcontrol) {
|
||||
|
||||
uint8_t *dest = BigBuf_get_addr();
|
||||
int lf_io_watch(int findone, uint32_t *high, uint32_t *low) {
|
||||
|
||||
int dummyIdx = 0;
|
||||
uint32_t code = 0, code2 = 0;
|
||||
uint8_t version = 0, facilitycode = 0, crc = 0;
|
||||
uint16_t number = 0, calccrc = 0;
|
||||
|
||||
size_t size = BigBuf_max_traceLen();
|
||||
size_t size = 12000;
|
||||
uint8_t *dest = BigBuf_malloc(size);
|
||||
|
||||
BigBuf_Clear_keep_EM();
|
||||
|
||||
// Configure to go in 125kHz listen mode
|
||||
LFSetupFPGAForADC(LF_DIVISOR_125, true);
|
||||
|
||||
while (!BUTTON_PRESS() && !data_available()) {
|
||||
int res = PM3_SUCCESS;
|
||||
uint16_t interval = 0;
|
||||
while (BUTTON_PRESS() == false) {
|
||||
|
||||
WDT_HIT();
|
||||
if (ledcontrol) LED_A_ON();
|
||||
|
||||
// cancel w usb command.
|
||||
if (interval == 2000) {
|
||||
if (data_available()) {
|
||||
res = PM3_EOPABORTED;
|
||||
break;
|
||||
}
|
||||
interval = 0;
|
||||
} else {
|
||||
interval++;
|
||||
}
|
||||
|
||||
DoAcquisition_default(-1, false);
|
||||
|
||||
size = MIN(12000, BigBuf_max_traceLen());
|
||||
size = 12000;
|
||||
|
||||
//fskdemod and get start index
|
||||
int idx = detectIOProx(dest, &size, &dummyIdx);
|
||||
|
|
@ -1530,17 +1542,17 @@ void CmdIOdemodFSK(int findone, uint32_t *high, uint32_t *low, int ledcontrol) {
|
|||
number = (bytebits_to_byte(dest + idx + 36, 8) << 8) | (bytebits_to_byte(dest + idx + 45, 8)); //36,9
|
||||
|
||||
crc = bytebits_to_byte(dest + idx + 54, 8);
|
||||
for (uint8_t i = 1; i < 6; ++i)
|
||||
for (uint8_t i = 1; i < 6; ++i) {
|
||||
calccrc += bytebits_to_byte(dest + idx + 9 * i, 8);
|
||||
}
|
||||
calccrc &= 0xff;
|
||||
calccrc = 0xff - calccrc;
|
||||
|
||||
const char *crcStr = (crc == calccrc) ? "ok" : "!crc";
|
||||
const char *crcStr = (crc == calccrc) ? _GREEN_("ok") : _RED_("fail");
|
||||
|
||||
Dbprintf("IO Prox XSF(%02d)%02x:%05d (%08x%08x) [%02x %s]", version, facilitycode, number, code, code2, crc, crcStr);
|
||||
Dbprintf("IO Prox XSF(%02d)%02x:%05d (%08x%08x) (%s)", version, facilitycode, number, code, code2, crcStr);
|
||||
// if we're only looking for one tag
|
||||
if (findone) {
|
||||
if (ledcontrol) LED_A_OFF();
|
||||
*high = code;
|
||||
*low = code2;
|
||||
break;
|
||||
|
|
@ -1550,10 +1562,8 @@ void CmdIOdemodFSK(int findone, uint32_t *high, uint32_t *low, int ledcontrol) {
|
|||
number = 0;
|
||||
calccrc = 0;
|
||||
}
|
||||
|
||||
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
|
||||
DbpString("IOProx fsk demod stopped");
|
||||
if (ledcontrol) LED_A_OFF();
|
||||
return res;
|
||||
}
|
||||
|
||||
/*------------------------------
|
||||
|
|
@ -2006,12 +2016,12 @@ void T55xx_ChkPwds(uint8_t flags) {
|
|||
|
||||
DbpString("[+] T55XX Check pwds using flashmemory starting");
|
||||
|
||||
uint8_t ret = 0;
|
||||
// First get baseline and setup LF mode.
|
||||
// tends to mess up BigBuf
|
||||
uint8_t *buf = BigBuf_get_addr();
|
||||
uint32_t b1, baseline = 0;
|
||||
uint8_t downlink_mode = (flags >> 3) & 0x03;
|
||||
uint8_t *buf = BigBuf_get_addr();
|
||||
uint8_t ret = 0;
|
||||
uint8_t downlink_mode = (flags >> 3) & 0x03;
|
||||
uint32_t b1, baseline = 0;
|
||||
|
||||
// collect baseline for failed attempt
|
||||
uint8_t x = 32;
|
||||
|
|
|
|||
|
|
@ -38,7 +38,8 @@ void CmdNRZsimTAG(uint8_t invert, uint8_t separator, uint8_t clk, uint16_t size,
|
|||
void CmdHIDdemodFSK(int findone, uint32_t *high, uint32_t *low, int ledcontrol);
|
||||
void CmdAWIDdemodFSK(int findone, uint32_t *high, uint32_t *low, int ledcontrol); // Realtime demodulation mode for AWID26
|
||||
void CmdEM410xdemod(int findone, uint32_t *high, uint64_t *low, int ledcontrol);
|
||||
void CmdIOdemodFSK(int findone, uint32_t *high, uint32_t *low, int ledcontrol);
|
||||
int lf_io_watch(int findone, uint32_t *high, uint32_t *low);
|
||||
|
||||
void CopyHIDtoT55x7(uint32_t hi2, uint32_t hi, uint32_t lo, uint8_t longFMT); // Clone an HID card to T5557/T5567
|
||||
void CopyVikingtoT55xx(uint8_t *blocks, uint8_t Q5);
|
||||
void WriteEM410x(uint32_t card, uint32_t id_hi, uint32_t id_lo);
|
||||
|
|
|
|||
|
|
@ -132,6 +132,8 @@ void initSampleBufferEx(uint32_t *sample_size, bool use_malloc) {
|
|||
} else {
|
||||
if (*sample_size == 0) {
|
||||
*sample_size = BigBuf_max_traceLen();
|
||||
} else {
|
||||
*sample_size = MIN(*sample_size, BigBuf_max_traceLen());
|
||||
}
|
||||
data.buffer = BigBuf_get_addr();
|
||||
}
|
||||
|
|
@ -256,11 +258,11 @@ uint32_t DoAcquisition(uint8_t decimation, uint8_t bits_per_sample, bool avg, in
|
|||
uint32_t cancel_counter = 0;
|
||||
int16_t checked = 0;
|
||||
|
||||
while (!BUTTON_PRESS()) {
|
||||
while (BUTTON_PRESS() == false) {
|
||||
|
||||
// only every 1000th times, in order to save time when collecting samples.
|
||||
// interruptible only when logging not yet triggered
|
||||
if ((checked == 1000) && (trigger_threshold > 0)) {
|
||||
if ((checked == 2000) && (trigger_threshold > 0)) {
|
||||
if (data_available()) {
|
||||
checked = -1;
|
||||
break;
|
||||
|
|
@ -273,7 +275,6 @@ uint32_t DoAcquisition(uint8_t decimation, uint8_t bits_per_sample, bool avg, in
|
|||
WDT_HIT();
|
||||
|
||||
if (AT91C_BASE_SSC->SSC_SR & AT91C_SSC_TXRDY) {
|
||||
// AT91C_BASE_SSC->SSC_THR = 0x43;
|
||||
LED_D_ON();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -79,8 +79,11 @@ static int CmdIOProxWatch(const char *Cmd) {
|
|||
uint8_t ctmp = tolower(param_getchar(Cmd, 0));
|
||||
if (ctmp == 'h') return usage_lf_io_watch();
|
||||
clearCommandBuffer();
|
||||
SendCommandNG(CMD_LF_IO_DEMOD, NULL, 0);
|
||||
return PM3_SUCCESS;
|
||||
SendCommandNG(CMD_LF_IO_WATCH, NULL, 0);
|
||||
PacketResponseNG resp;
|
||||
WaitForResponse(CMD_LF_IO_WATCH, &resp);
|
||||
PrintAndLogEx(INFO, "Done");
|
||||
return resp.status;
|
||||
}
|
||||
|
||||
//by marshmellow
|
||||
|
|
|
|||
|
|
@ -399,7 +399,7 @@ typedef struct {
|
|||
#define CMD_LF_PCF7931_WRITE 0x0223
|
||||
#define CMD_LF_EM4X_READWORD 0x0218
|
||||
#define CMD_LF_EM4X_WRITEWORD 0x0219
|
||||
#define CMD_LF_IO_DEMOD 0x021A
|
||||
#define CMD_LF_IO_WATCH 0x021A
|
||||
#define CMD_LF_EM410X_DEMOD 0x021C
|
||||
// Sampling configuration for LF reader/sniffer
|
||||
#define CMD_LF_SAMPLING_SET_CONFIG 0x021D
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue