github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-14 02:27:26 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Semi-Automated SendCommand -> SendCommandOLD

Browse source
This commit is contained in:
Philippe Teuwen 2019-04-19 17:03:39 +02:00
commit c4766b2649
41 changed files with 543 additions and 957 deletions
Download patch file Download diff file Expand all files Collapse all files

2
armsrc/Standalone/hf_young.c
View file

@ -135,7 +135,7 @@ void RunMod() {
SendCommandOLD(CMD_MIFARE_CSETBLOCK, params & (0xFE | (uid == NULL ? 0:1)), blockNo, 0, data, 16);
Block read is similar:
PacketCommandOLD c = {CMD_MIFARE_CGETBLOCK, {params, blockNo, 0}};
SendCommandOLD(CMD_MIFARE_CGETBLOCK, params, blockNo, 0,...};
We need to imitate that call with blockNo 0 to set a uid.
The get and set commands are handled in this file:

4
client/cmdanalyse.c
View file

@ -512,10 +512,8 @@ static int CmdAnalyseA(const char *Cmd) {
if (errors || cmdp == 0) return usage_analyse_a();
PacketCommandOLD c = {CMD_FPC_SEND, {0, 0, 0}, {{0}}};
memcpy(c.d.asBytes, data, USB_CMD_DATA_SIZE);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_FPC_SEND, 0, 0, 0, data, USB_CMD_DATA_SIZE);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2500)) {

6
client/cmddata.c
View file

@ -874,9 +874,8 @@ static int CmdBuffClear(const char *Cmd) {
char cmdp = tolower(param_getchar(Cmd, 0));
if (cmdp == 'h') return usage_data_buffclear();
PacketCommandOLD c = {CMD_BUFF_CLEAR, {0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_BUFF_CLEAR, 0, 0, 0, NULL, 0);
ClearGraph(true);
return 0;
}
@ -1529,9 +1528,8 @@ int CmdTuneSamples(const char *Cmd) {
int timeout = 0;
PrintAndLogEx(INFO, "\nMeasuring antenna characteristics, please wait...");
PacketCommandOLD c = {CMD_MEASURE_ANTENNA_TUNING, {0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MEASURE_ANTENNA_TUNING, 0, 0, 0, NULL, 0);
PacketResponseNG resp;
while (!WaitForResponseTimeout(CMD_MEASURED_ANTENNA_TUNING, &resp, 2000)) {
timeout++;

6
client/cmdhf.c
View file

@ -84,9 +84,8 @@ int CmdHFSearch(const char *Cmd) {
int CmdHFTune(const char *Cmd) {
(void)Cmd; // Cmd is not used so far
PrintAndLogEx(SUCCESS, "Measuring HF antenna, press button to exit");
PacketCommandOLD c = {CMD_MEASURE_ANTENNA_TUNING_HF, {0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MEASURE_ANTENNA_TUNING_HF, 0, 0, 0, NULL, 0);
return 0;
}
@ -97,9 +96,8 @@ int CmdHFSniff(const char *Cmd) {
int skippairs = param_get32ex(Cmd, 0, 0, 10);
int skiptriggers = param_get32ex(Cmd, 1, 0, 10);
PacketCommandOLD c = {CMD_HF_SNIFFER, {skippairs, skiptriggers, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_HF_SNIFFER, skippairs, skiptriggers, 0, NULL, 0);
return 0;
}

91
client/cmdhf14a.c
View file

@ -228,8 +228,7 @@ static int CmdHF14AList(const char *Cmd) {
}
int Hf14443_4aGetCardData(iso14a_card_select_t *card) {
PacketCommandOLD c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT, 0, 0}, {{0}}};
SendCommand(&c);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_CONNECT, 0, 0, NULL, 0);
PacketResponseNG resp;
WaitForResponse(CMD_ACK, &resp);
@ -298,9 +297,8 @@ static int CmdHF14AReader(const char *Cmd) {
if (!disconnectAfter)
cm |= ISO14A_NO_DISCONNECT;
PacketCommandOLD c = {CMD_READER_ISO_14443a, {cm, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READER_ISO_14443a, cm, 0, 0, NULL, 0);
if (ISO14A_CONNECT & cm) {
PacketResponseNG resp;
@ -385,8 +383,7 @@ static int CmdHF14ACUIDs(const char *Cmd) {
}
// execute anticollision procedure
PacketCommandOLD c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_RATS, 0, 0}, {{0}}};
SendCommand(&c);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_CONNECT | ISO14A_NO_RATS, 0, 0, NULL, 0);
PacketResponseNG resp;
WaitForResponse(CMD_ACK, &resp);
@ -483,10 +480,8 @@ int CmdHF14ASim(const char *Cmd) {
if (useUIDfromEML)
flags |= FLAG_UID_IN_EMUL;
PacketCommandOLD c = {CMD_SIMULATE_TAG_ISO_14443a, { tagtype, flags, 0 }, {{0}}};
memcpy(c.d.asBytes, uid, uidlen >> 1);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SIMULATE_TAG_ISO_14443a, tagtype, flags, 0 , uid, uidlen >> 1);
PacketResponseNG resp;
PrintAndLogEx(SUCCESS, "press pm3-button to abort simulation");
@ -512,9 +507,8 @@ int CmdHF14ASniff(const char *Cmd) {
if (ctmp == 'c') param |= 0x01;
if (ctmp == 'r') param |= 0x02;
}
PacketCommandOLD c = {CMD_SNIFF_ISO_14443a, {param, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SNIFF_ISO_14443a, param, 0, 0, NULL, 0);
return 0;
}
@ -528,8 +522,7 @@ int ExchangeRAW14a(uint8_t *datain, int datainlen, bool activateField, bool leav
PacketResponseNG resp;
// Anticollision + SELECT card
PacketCommandOLD ca = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0}, {{0}}};
SendCommand(&ca);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
PrintAndLogEx(ERR, "Proxmark3 connection timeout.");
return 1;
@ -548,10 +541,8 @@ int ExchangeRAW14a(uint8_t *datain, int datainlen, bool activateField, bool leav
if (resp.oldarg[0] == 2) { // 0: couldn't read, 1: OK, with ATS, 2: OK, no ATS, 3: proprietary Anticollision
// get ATS
PacketCommandOLD cr = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_APPEND_CRC | ISO14A_NO_DISCONNECT, 2, 0}, {{0}}};
uint8_t rats[] = { 0xE0, 0x80 }; // FSDI=8 (FSD=256), CID=0
memcpy(cr.d.asBytes, rats, 2);
SendCommand(&cr);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_RAW | ISO14A_APPEND_CRC | ISO14A_NO_DISCONNECT, 2, 0, rats, 2);
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
PrintAndLogEx(ERR, "Proxmark3 connection timeout.");
return 1;
@ -567,12 +558,10 @@ int ExchangeRAW14a(uint8_t *datain, int datainlen, bool activateField, bool leav
if (leaveSignalON)
cmdc |= ISO14A_NO_DISCONNECT;
PacketCommandOLD c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_APPEND_CRC | cmdc, (datainlen & 0xFFFF) + 2, 0}, {{0}}};
uint8_t header[] = { 0x0a | responseNum, 0x00};
uint8_t data[USB_CMD_DATA_SIZE] = { 0x0a | responseNum, 0x00};
responseNum ^= 1;
memcpy(c.d.asBytes, header, 2);
memcpy(&c.d.asBytes[2], datain, datainlen);
SendCommand(&c);
memcpy(&data[2], datain, datainlen & 0xFFFF);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_RAW | ISO14A_APPEND_CRC | cmdc, (datainlen & 0xFFFF) + 2, 0, data, (datainlen & 0xFFFF) + 2);
uint8_t *recv;
PacketResponseNG resp;
@ -595,8 +584,8 @@ int ExchangeRAW14a(uint8_t *datain, int datainlen, bool activateField, bool leav
return 2;
}
if (recv[0] != header[0]) {
PrintAndLogEx(ERR, "iso14443-4 framing error. Card send %2x must be %2x", dataout[0], header[0]);
if (recv[0] != data[0]) {
PrintAndLogEx(ERR, "iso14443-4 framing error. Card send %2x must be %2x", dataout[0], data[0]);
return 2;
}
@ -627,8 +616,7 @@ static int SelectCard14443_4(bool disconnect, iso14a_card_select_t *card) {
DropField();
// Anticollision + SELECT card
PacketCommandOLD ca = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0}, {{0}}};
SendCommand(&ca);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
PrintAndLogEx(ERR, "Proxmark3 connection timeout.");
return 1;
@ -647,10 +635,8 @@ static int SelectCard14443_4(bool disconnect, iso14a_card_select_t *card) {
if (resp.oldarg[0] == 2) { // 0: couldn't read, 1: OK, with ATS, 2: OK, no ATS, 3: proprietary Anticollision
// get ATS
PacketCommandOLD cr = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_APPEND_CRC | ISO14A_NO_DISCONNECT, 2, 0}, {{0}}};
uint8_t rats[] = { 0xE0, 0x80 }; // FSDI=8 (FSD=256), CID=0
memcpy(cr.d.asBytes, rats, 2);
SendCommand(&cr);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_RAW | ISO14A_APPEND_CRC | ISO14A_NO_DISCONNECT, sizeof(rats), 0, rats, sizeof(rats));
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
PrintAndLogEx(ERR, "Proxmark3 connection timeout.");
return 1;
@ -704,12 +690,10 @@ static int CmdExchangeAPDU(bool chainingin, uint8_t *datain, int datainlen, bool
// https://stackoverflow.com/questions/32994936/safe-max-java-card-apdu-data-command-and-respond-size
// here length USB_CMD_DATA_SIZE=512
// timeout must be authomatically set by "get ATS"
PacketCommandOLD c = {CMD_READER_ISO_14443a, {ISO14A_APDU | ISO14A_NO_DISCONNECT | cmdc, (datainlen & 0xFFFF), 0}, {{0}}};
if (datain)
memcpy(c.d.asBytes, datain, datainlen);
SendCommand(&c);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_APDU | ISO14A_NO_DISCONNECT | cmdc, (datainlen & 0xFFFF), 0, datain, datainlen & 0xFFFF);
else
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_APDU | ISO14A_NO_DISCONNECT | cmdc, 0, 0, NULL, 0);
uint8_t *recv;
PacketResponseNG resp;
@ -891,7 +875,6 @@ static int CmdHF14AAPDU(const char *Cmd) {
}
static int CmdHF14ACmdRaw(const char *Cmd) {
PacketCommandOLD c = {CMD_READER_ISO_14443a, {0, 0, 0}, {{0}}};
bool reply = 1;
bool crc = false;
bool power = false;
@ -996,45 +979,44 @@ static int CmdHF14ACmdRaw(const char *Cmd) {
data[datalen++] = second;
}
uint16_t flags = 0;
if (active || active_select) {
c.arg[0] |= ISO14A_CONNECT;
flags |= ISO14A_CONNECT;
if (active)
c.arg[0] |= ISO14A_NO_SELECT;
flags |= ISO14A_NO_SELECT;
}
uint32_t argtimeout = 0;
if (bTimeout) {
#define MAX_TIMEOUT 40542464 // = (2^32-1) * (8*16) / 13560000Hz * 1000ms/s
c.arg[0] |= ISO14A_SET_TIMEOUT;
flags |= ISO14A_SET_TIMEOUT;
if (timeout > MAX_TIMEOUT) {
timeout = MAX_TIMEOUT;
PrintAndLogEx(NORMAL, "Set timeout to 40542 seconds (11.26 hours). The max we can wait for response");
}
c.arg[2] = 13560000 / 1000 / (8 * 16) * timeout; // timeout in ETUs (time to transfer 1 bit, approx. 9.4 us)
argtimeout = 13560000 / 1000 / (8 * 16) * timeout; // timeout in ETUs (time to transfer 1 bit, approx. 9.4 us)
}
if (power) {
c.arg[0] |= ISO14A_NO_DISCONNECT;
flags |= ISO14A_NO_DISCONNECT;
}
if (datalen > 0) {
c.arg[0] |= ISO14A_RAW;
flags |= ISO14A_RAW;
}
if (topazmode) {
c.arg[0] |= ISO14A_TOPAZMODE;
flags |= ISO14A_TOPAZMODE;
}
if (no_rats) {
c.arg[0] |= ISO14A_NO_RATS;
flags |= ISO14A_NO_RATS;
}
// Max buffer is USB_CMD_DATA_SIZE
datalen = (datalen > USB_CMD_DATA_SIZE) ? USB_CMD_DATA_SIZE : datalen;
c.arg[1] = (datalen & 0xFFFF) | ((uint32_t)(numbits << 16));
memcpy(c.d.asBytes, data, datalen);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READER_ISO_14443a, flags, (datalen & 0xFFFF) | ((uint32_t)(numbits << 16)), argtimeout, data, datalen & 0xFFFF);
if (reply) {
int res = 0;
@ -1096,9 +1078,8 @@ static int CmdHF14AAntiFuzz(const char *Cmd) {
arg0 = FLAG_10B_UID_IN_DATA;
CLIParserFree();
PacketCommandOLD c = {CMD_ANTIFUZZ_ISO_14443a, {arg0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ANTIFUZZ_ISO_14443a, arg0, 0, 0, NULL, 0);
return 0;
}
@ -1160,9 +1141,8 @@ int CmdHF14A(const char *Cmd) {
}
int infoHF14A(bool verbose, bool do_nack_test) {
PacketCommandOLD c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0, NULL, 0);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2500)) {
if (verbose) PrintAndLogEx(WARNING, "iso14443a card select failed");
@ -1213,11 +1193,8 @@ int infoHF14A(bool verbose, bool do_nack_test) {
PrintAndLogEx(NORMAL, "TYPE: Possible AZTEK (iso14443a compliant)");
// reconnect for further tests
c.arg[0] = ISO14A_CONNECT | ISO14A_NO_DISCONNECT;
c.arg[1] = 0;
c.arg[2] = 0;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0, NULL, 0);
WaitForResponse(CMD_ACK, &resp);
memcpy(&card, (iso14a_card_select_t *)resp.data.asBytes, sizeof(iso14a_card_select_t));
@ -1286,12 +1263,8 @@ int infoHF14A(bool verbose, bool do_nack_test) {
// try to request ATS even if tag claims not to support it
if (select_status == 2) {
uint8_t rats[] = { 0xE0, 0x80 }; // FSDI=8 (FSD=256), CID=0
c.arg[0] = ISO14A_RAW | ISO14A_APPEND_CRC | ISO14A_NO_DISCONNECT;
c.arg[1] = 2;
c.arg[2] = 0;
memcpy(c.d.asBytes, rats, 2);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_RAW | ISO14A_APPEND_CRC | ISO14A_NO_DISCONNECT, 2, 0, rats, sizeof(rats));
WaitForResponse(CMD_ACK, &resp);
memcpy(card.ats, resp.data.asBytes, resp.oldarg[0]);

64
client/cmdhf14b.c
View file

@ -108,16 +108,14 @@ static int usage_hf_14b_dump(void) {
/*
static void switch_on_field_14b(void) {
PacketCommandOLD c = {CMD_ISO_14443B_COMMAND, {ISO14B_CONNECT, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_14443B_COMMAND, ISO14B_CONNECT, 0, 0, NULL, 0);
}
*/
static int switch_off_field_14b(void) {
PacketCommandOLD c = {CMD_ISO_14443B_COMMAND, {ISO14B_DISCONNECT, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_14443B_COMMAND, ISO14B_DISCONNECT, 0, 0, NULL, 0);
return 0;
}
@ -171,9 +169,8 @@ static int CmdHF14BSim(const char *Cmd) {
pupi = param_get32ex(Cmd, 1, 0, 16);
}
PacketCommandOLD c = {CMD_SIMULATE_TAG_ISO_14443B, {pupi, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SIMULATE_TAG_ISO_14443B, pupi, 0, 0, NULL, 0);
return 0;
}
@ -182,9 +179,8 @@ static int CmdHF14BSniff(const char *Cmd) {
char cmdp = tolower(param_getchar(Cmd, 0));
if (cmdp == 'h') return usage_hf_14b_sniff();
PacketCommandOLD c = {CMD_SNIFF_ISO_14443B, {0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SNIFF_ISO_14443B, 0, 0, 0, NULL, 0);
return 0;
}
@ -277,10 +273,8 @@ static int CmdHF14BCmdRaw(const char *Cmd) {
// Max buffer is USB_CMD_DATA_SIZE
datalen = (datalen > USB_CMD_DATA_SIZE) ? USB_CMD_DATA_SIZE : datalen;
PacketCommandOLD c = {CMD_ISO_14443B_COMMAND, {flags, datalen, time_wait}, {{0}}};
memcpy(c.d.asBytes, data, datalen);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_14443B_COMMAND, flags, datalen, time_wait, data, datalen);
if (!reply) return 1;
@ -302,13 +296,12 @@ static bool get_14b_UID(iso14b_card_select_t *card) {
int8_t retry = 3;
PacketResponseNG resp;
PacketCommandOLD c = {CMD_ISO_14443B_COMMAND, {ISO14B_CONNECT | ISO14B_SELECT_SR | ISO14B_DISCONNECT, 0, 0}, {{0}}};
// test for 14b SR
while (retry--) {
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_14443B_COMMAND, ISO14B_CONNECT | ISO14B_SELECT_SR | ISO14B_DISCONNECT, 0, 0, NULL, 0);
if (WaitForResponseTimeout(CMD_ACK, &resp, TIMEOUT)) {
uint8_t status = resp.oldarg[0];
@ -320,13 +313,11 @@ static bool get_14b_UID(iso14b_card_select_t *card) {
} // retry
// test 14b standard
c.arg[0] = ISO14B_CONNECT | ISO14B_SELECT_STD | ISO14B_DISCONNECT;
retry = 3;
while (retry--) {
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_14443B_COMMAND, ISO14B_CONNECT | ISO14B_SELECT_STD | ISO14B_DISCONNECT, 0, 0, NULL, 0);
if (WaitForResponseTimeout(CMD_ACK, &resp, TIMEOUT)) {
uint8_t status = resp.oldarg[0];
@ -509,9 +500,8 @@ static bool HF14B_Std_Info(bool verbose) {
bool isSuccess = false;
// 14b get and print UID only (general info)
PacketCommandOLD c = {CMD_ISO_14443B_COMMAND, {ISO14B_CONNECT | ISO14B_SELECT_STD | ISO14B_DISCONNECT, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_14443B_COMMAND, ISO14B_CONNECT | ISO14B_SELECT_STD | ISO14B_DISCONNECT, 0, 0, NULL, 0);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, TIMEOUT)) {
@ -550,9 +540,8 @@ static bool HF14B_Std_Info(bool verbose) {
// SRx get and print full info (needs more info...)
static bool HF14B_ST_Info(bool verbose) {
PacketCommandOLD c = {CMD_ISO_14443B_COMMAND, {ISO14B_CONNECT | ISO14B_SELECT_SR | ISO14B_DISCONNECT, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_14443B_COMMAND, ISO14B_CONNECT | ISO14B_SELECT_SR | ISO14B_DISCONNECT, 0, 0, NULL, 0);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, TIMEOUT)) {
@ -607,9 +596,8 @@ static bool HF14B_ST_Reader(bool verbose) {
bool isSuccess = false;
// SRx get and print general info about SRx chip from UID
PacketCommandOLD c = {CMD_ISO_14443B_COMMAND, {ISO14B_CONNECT | ISO14B_SELECT_SR | ISO14B_DISCONNECT, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_14443B_COMMAND, ISO14B_CONNECT | ISO14B_SELECT_SR | ISO14B_DISCONNECT, 0, 0, NULL, 0);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, TIMEOUT)) {
if (verbose) PrintAndLogEx(WARNING, "command execution timeout");
@ -647,9 +635,8 @@ static bool HF14B_Std_Reader(bool verbose) {
bool isSuccess = false;
// 14b get and print UID only (general info)
PacketCommandOLD c = {CMD_ISO_14443B_COMMAND, {ISO14B_CONNECT | ISO14B_SELECT_STD | ISO14B_DISCONNECT, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_14443B_COMMAND, ISO14B_CONNECT | ISO14B_SELECT_STD | ISO14B_DISCONNECT, 0, 0, NULL, 0);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, TIMEOUT)) {
@ -692,11 +679,8 @@ static bool HF14B_Other_Reader() {
// // 14b get and print UID only (general info)
// uint32_t flags = ISO14B_CONNECT | ISO14B_SELECT_STD | ISO14B_RAW | ISO14B_APPEND_CRC;
// PacketCommandOLD c = {CMD_ISO_14443B_COMMAND, {flags, datalen, 0}, {{0}}};
// memcpy(c.d.asBytes, data, datalen);
// clearCommandBuffer();
// SendCommand(&c);
// SendCommandOLD(CMD_ISO_14443B_COMMAND, flags, datalen, 0, data, datalen);
// PacketResponseNG resp;
// WaitForResponse(CMD_ACK,&resp);
@ -708,10 +692,9 @@ static bool HF14B_Other_Reader() {
// return true;
// }
// c.arg1 = 1;
// c.d.asBytes[0] = ISO14443B_AUTHENTICATE;
// data[0] = ISO14443B_AUTHENTICATE;
// clearCommandBuffer();
// SendCommand(&c);
// SendCommandOLD(CMD_ISO_14443B_COMMAND, flags, 1, 0, data, 1);
// PacketResponseNG resp;
// WaitForResponse(CMD_ACK, &resp);
@ -723,10 +706,9 @@ static bool HF14B_Other_Reader() {
// return true;
// }
// c.arg1 = 1;
// c.d.asBytes[0] = ISO14443B_RESET;
// data[0] = ISO14443B_RESET;
// clearCommandBuffer();
// SendCommand(&c);
// SendCommandOLD(CMD_ISO_14443B_COMMAND, flags, 1, 0, data, 1);
// PacketResponseNG resp;
// WaitForResponse(CMD_ACK, &resp);
@ -762,9 +744,8 @@ static int CmdHF14BReadSri(const char *Cmd) {
uint8_t tagtype = param_get8(Cmd, 0);
uint8_t blocks = (tagtype == 1) ? 0x7F : 0x0F;
PacketCommandOLD c = {CMD_READ_SRI_TAG, {blocks, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READ_SRI_TAG, blocks, 0, 0, NULL, 0);
return 0;
}
// New command to write a SRI512/SRIX4K tag.
@ -902,9 +883,8 @@ static int CmdHF14BDump(const char *Cmd) {
uint8_t *recv = NULL;
PacketResponseNG resp;
PacketCommandOLD c = {CMD_ISO_14443B_COMMAND, { ISO14B_CONNECT | ISO14B_SELECT_SR, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_14443B_COMMAND, ISO14B_CONNECT | ISO14B_SELECT_SR, 0, 0, NULL, 0);
//select
if (WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
@ -914,18 +894,14 @@ static int CmdHF14BDump(const char *Cmd) {
}
}
c.arg[0] = ISO14B_APPEND_CRC | ISO14B_RAW;
c.arg[1] = 2;
uint8_t *req = c.d.asBytes;
req[0] = ISO14443B_READ_BLK;
uint8_t req[2] = {ISO14443B_READ_BLK};
for (int retry = 0; retry < 5; retry++) {
req[1] = blocknum;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_14443B_COMMAND, ISO14B_APPEND_CRC | ISO14B_RAW, 2, 0, req, sizeof(req));
if (WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {

134
client/cmdhf15.c
View file

@ -199,14 +199,12 @@ const productName uidmapping[] = {
static int getUID(uint8_t *buf) {
PacketResponseNG resp;
PacketCommandOLD c = {CMD_ISO_15693_COMMAND, {0, 1, 1}, {{0}}}; // len,speed,recv?
uint8_t data[5];
data[0] = ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | ISO15_REQ_INVENTORY | ISO15_REQINV_SLOT1;
data[1] = ISO15_CMD_INVENTORY;
data[2] = 0; // mask length
c.d.asBytes[0] = ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | ISO15_REQ_INVENTORY | ISO15_REQINV_SLOT1;
c.d.asBytes[1] = ISO15_CMD_INVENTORY;
c.d.asBytes[2] = 0; // mask length
AddCrc15(c.d.asBytes, 3);
c.arg[0] = 5; // len
AddCrc15(data, 3);
uint8_t retry;
@ -214,7 +212,7 @@ static int getUID(uint8_t *buf) {
for (retry = 0; retry < 3; retry++) {
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_15693_COMMAND, sizeof(data), 1, 1, data, sizeof(data));
if (WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
@ -418,17 +416,16 @@ static int usage_15_readmulti(void) {
* Parameters:
* **cmd command line
*/
static int prepareHF15Cmd(char **cmd, PacketCommandOLD *c, uint8_t iso15cmd) {
static int prepareHF15Cmd(char **cmd, uint16_t *reqlen, uint8_t *arg1, uint8_t *req, uint8_t iso15cmd) { // reqlen arg0
int temp;
uint8_t *req = c->d.asBytes;
uint8_t uid[8] = {0x00};
uint32_t reqlen = 0;
uint32_t tmpreqlen = 0;
// strip
while (**cmd == ' ' || **cmd == '\t')(*cmd)++;
if (strstr(*cmd, "-2") == *cmd) {
c->arg[1] = 0; // use 1of256
*arg1 = 0; // use 1of256
(*cmd) += 2;
}
@ -436,7 +433,7 @@ static int prepareHF15Cmd(char **cmd, PacketCommandOLD *c, uint8_t iso15cmd) {
while (**cmd == ' ' || **cmd == '\t')(*cmd)++;
if (strstr(*cmd, "-o") == *cmd) {
req[reqlen] = ISO15_REQ_OPTION;
req[tmpreqlen] = ISO15_REQ_OPTION;
(*cmd) += 2;
}
@ -451,25 +448,25 @@ static int prepareHF15Cmd(char **cmd, PacketCommandOLD *c, uint8_t iso15cmd) {
case 'u':
case 'U':
// unaddressed mode may not be supported by all vendors
req[reqlen++] |= ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | ISO15_REQ_NONINVENTORY;
req[reqlen++] = iso15cmd;
req[tmpreqlen++] |= ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | ISO15_REQ_NONINVENTORY;
req[tmpreqlen++] = iso15cmd;
break;
case '*':
// we scan for the UID ourself
req[reqlen++] |= ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | ISO15_REQ_NONINVENTORY | ISO15_REQ_ADDRESS;
req[reqlen++] = iso15cmd;
req[tmpreqlen++] |= ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | ISO15_REQ_NONINVENTORY | ISO15_REQ_ADDRESS;
req[tmpreqlen++] = iso15cmd;
if (!getUID(uid)) {
PrintAndLogEx(WARNING, "No tag found");
return 0;
}
memcpy(&req[reqlen], uid, sizeof(uid));
memcpy(&req[tmpreqlen], uid, sizeof(uid));
PrintAndLogEx(NORMAL, "Detected UID %s", sprintUID(NULL, uid));
reqlen += sizeof(uid);
tmpreqlen += sizeof(uid);
break;
default:
req[reqlen++] |= ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | ISO15_REQ_NONINVENTORY | ISO15_REQ_ADDRESS;
req[reqlen++] = iso15cmd;
req[tmpreqlen++] |= ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | ISO15_REQ_NONINVENTORY | ISO15_REQ_ADDRESS;
req[tmpreqlen++] = iso15cmd;
// parse UID
for (int i = 0; i < 8 && (*cmd)[i * 2] && (*cmd)[i * 2 + 1]; i++) {
@ -478,8 +475,8 @@ static int prepareHF15Cmd(char **cmd, PacketCommandOLD *c, uint8_t iso15cmd) {
}
PrintAndLogEx(NORMAL, "Using UID %s", sprintUID(NULL, uid));
memcpy(&req[reqlen], uid, sizeof(uid));
reqlen += sizeof(uid);
memcpy(&req[tmpreqlen], uid, sizeof(uid));
tmpreqlen += sizeof(uid);
break;
}
// skip to next space
@ -487,7 +484,7 @@ static int prepareHF15Cmd(char **cmd, PacketCommandOLD *c, uint8_t iso15cmd) {
// skip over the space
while (**cmd == ' ' || **cmd == '\t')(*cmd)++;
c->arg[0] = reqlen;
*reqlen = tmpreqlen;
return 1;
}
@ -577,9 +574,8 @@ static int CmdHF15Samples(const char *Cmd) {
char cmdp = tolower(param_getchar(Cmd, 0));
if (cmdp == 'h') return usage_15_samples();
PacketCommandOLD c = {CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_15693, {0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_15693, 0, 0, 0, NULL, 0);
getSamples(0, false);
return 0;
@ -596,23 +592,24 @@ static int CmdHF15Info(const char *Cmd) {
PacketResponseNG resp;
uint8_t *recv;
PacketCommandOLD c = {CMD_ISO_15693_COMMAND, {0, 1, 1}, {{0}}}; // len,speed,recv?
uint8_t *req = c.d.asBytes;
uint8_t req[USB_CMD_DATA_SIZE];
uint16_t reqlen;
uint8_t arg1 = 1;
char cmdbuf[100] = {0};
char *cmd = cmdbuf;
strncpy(cmd, Cmd, sizeof(cmdbuf) - 1);
if (!prepareHF15Cmd(&cmd, &c, ISO15_CMD_SYSINFO))
if (!prepareHF15Cmd(&cmd, &reqlen, &arg1, req, ISO15_CMD_SYSINFO))
return 0;
AddCrc15(req, c.arg[0]);
c.arg[0] += 2;
AddCrc15(req, reqlen);
reqlen += 2;
//PrintAndLogEx(NORMAL, "cmd %s", sprint_hex(c.d.asBytes, reqlen) );
//PrintAndLogEx(NORMAL, "cmd %s", sprint_hex(req, reqlen) );
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_15693_COMMAND, reqlen, arg1, 1, req, reqlen);
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
PrintAndLogEx(WARNING, "iso15693 card select failed");
@ -674,9 +671,8 @@ static int CmdHF15Record(const char *Cmd) {
char cmdp = tolower(param_getchar(Cmd, 0));
if (cmdp == 'h') return usage_15_record();
PacketCommandOLD c = {CMD_RECORD_RAW_ADC_SAMPLES_ISO_15693, {0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_RECORD_RAW_ADC_SAMPLES_ISO_15693, 0, 0, 0, NULL, 0);
return 0;
}
@ -702,10 +698,8 @@ static int CmdHF15Sim(const char *Cmd) {
PrintAndLogEx(SUCCESS, "Starting simulating UID %s", sprint_hex(uid, sizeof(uid)));
PacketCommandOLD c = {CMD_SIMTAG_ISO_15693, {0, 0, 0}, {{0}}};
memcpy(c.d.asBytes, uid, 8);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SIMTAG_ISO_15693, 0, 0, 0, uid, 8);
return 0;
}
@ -718,9 +712,8 @@ static int CmdHF15Afi(const char *Cmd) {
PrintAndLogEx(SUCCESS, "press pm3-button to cancel");
PacketCommandOLD c = {CMD_ISO_15693_FIND_AFI, {strtol(Cmd, NULL, 0), 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_15693_FIND_AFI, strtol(Cmd, NULL, 0), 0, 0, NULL, 0);
return 0;
}
@ -784,8 +777,7 @@ static int CmdHF15Dump(const char *Cmd) {
memset(data, 0, sizeof(data));
PacketResponseNG resp;
PacketCommandOLD c = {CMD_ISO_15693_COMMAND, {0, 1, 1}, {{0}}}; // len,speed,recv?
uint8_t *req = c.d.asBytes;
uint8_t req[13];
req[0] = ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | ISO15_REQ_NONINVENTORY | ISO15_REQ_ADDRESS;
req[1] = ISO15_CMD_READ;
@ -796,10 +788,9 @@ static int CmdHF15Dump(const char *Cmd) {
req[10] = blocknum;
AddCrc15(req, 11);
c.arg[0] = 13;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_15693_COMMAND, sizeof(req), 1, 1, req, sizeof(req));
if (WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
@ -860,7 +851,6 @@ static int CmdHF15Raw(const char *Cmd) {
if (strlen(Cmd) < 3 || cmdp == 'h' || cmdp == 'H') return usage_15_raw();
PacketResponseNG resp;
PacketCommandOLD c = {CMD_ISO_15693_COMMAND, {0, 1, 1}, {{0}}}; // len,speed,recv?
int reply = 1, fast = 1, i = 0;
bool crc = false;
char buf[5] = "";
@ -916,13 +906,8 @@ static int CmdHF15Raw(const char *Cmd) {
datalen += 2;
}
c.arg[0] = datalen;
c.arg[1] = fast;
c.arg[2] = reply;
memcpy(c.d.asBytes, data, datalen);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_15693_COMMAND, datalen, fast, reply, data, datalen);
if (reply) {
if (WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
@ -947,22 +932,20 @@ static int CmdHF15Readmulti(const char *Cmd) {
PacketResponseNG resp;
uint8_t *recv;
PacketCommandOLD c = {CMD_ISO_15693_COMMAND, {0, 1, 1}, {{0}}}; // len,speed,recv?
uint8_t *req = c.d.asBytes;
int reqlen = 0;
uint8_t req[USB_CMD_DATA_SIZE];
uint16_t reqlen = 0;
uint8_t arg1 = 1;
uint8_t pagenum, pagecount;
char cmdbuf[100] = {0};
char *cmd = cmdbuf;
strncpy(cmd, Cmd, sizeof(cmdbuf) - 1);
if (!prepareHF15Cmd(&cmd, &c, ISO15_CMD_READMULTI))
if (!prepareHF15Cmd(&cmd, &reqlen, &arg1, req, ISO15_CMD_READMULTI))
return 0;
// add OPTION flag, in order to get lock-info
req[0] |= ISO15_REQ_OPTION;
reqlen = c.arg[0];
// decimal
pagenum = param_get8ex(cmd, 0, 0, 10);
pagecount = param_get8ex(cmd, 1, 0, 10);
@ -976,10 +959,10 @@ static int CmdHF15Readmulti(const char *Cmd) {
req[reqlen++] = pagenum;
req[reqlen++] = pagecount;
AddCrc15(req, reqlen);
c.arg[0] = reqlen + 2;
reqlen += 2;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_15693_COMMAND, reqlen, arg1, 1, req, reqlen);
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
PrintAndLogEx(FAILED, "iso15693 card select failed");
@ -1031,35 +1014,33 @@ static int CmdHF15Read(const char *Cmd) {
PacketResponseNG resp;
uint8_t *recv;
// PacketCommandOLD arg: len, speed, recv?
// arg: len, speed, recv?
// arg0 (datalen, cmd len? .arg0 == crc?)
// arg1 (speed == 0 == 1 of 256, == 1 == 1 of 4 )
// arg2 (recv == 1 == expect a response)
PacketCommandOLD c = {CMD_ISO_15693_COMMAND, {0, 1, 1}, {{0}}};
uint8_t *req = c.d.asBytes;
int reqlen = 0, blocknum;
uint8_t req[USB_CMD_DATA_SIZE];
uint16_t reqlen = 0;
uint8_t arg1 = 1;
int blocknum;
char cmdbuf[100] = {0};
char *cmd = cmdbuf;
strncpy(cmd, Cmd, sizeof(cmdbuf) - 1);
if (!prepareHF15Cmd(&cmd, &c, ISO15_CMD_READ))
if (!prepareHF15Cmd(&cmd, &reqlen, &arg1, req, ISO15_CMD_READ))
return 0;
// add OPTION flag, in order to get lock-info
req[0] |= ISO15_REQ_OPTION;
reqlen = c.arg[0];
blocknum = strtol(cmd, NULL, 0);
req[reqlen++] = (uint8_t)blocknum;
AddCrc15(req, reqlen);
c.arg[0] = reqlen + 2;
reqlen += 2;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_15693_COMMAND, reqlen, arg1, 1, req, reqlen);
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
PrintAndLogEx(NORMAL, "iso15693 card select failed");
@ -1104,20 +1085,19 @@ static int CmdHF15Write(const char *Cmd) {
PacketResponseNG resp;
uint8_t *recv;
PacketCommandOLD c = {CMD_ISO_15693_COMMAND, {0, 1, 1}, {{0}}}; // len,speed,recv?
uint8_t *req = c.d.asBytes;
int reqlen = 0, pagenum, temp;
uint8_t req[USB_CMD_DATA_SIZE];
uint16_t reqlen = 0;
uint8_t arg1 = 1;
int pagenum, temp;
char cmdbuf[100] = {0};
char *cmd = cmdbuf;
char *cmd2;
strncpy(cmd, Cmd, sizeof(cmdbuf) - 1);
if (!prepareHF15Cmd(&cmd, &c, ISO15_CMD_WRITE))
if (!prepareHF15Cmd(&cmd, &reqlen, &arg1, req, ISO15_CMD_WRITE))
return 0;
reqlen = c.arg[0];
// *cmd -> page num ; *cmd2 -> data
cmd2 = cmd;
while (*cmd2 != ' ' && *cmd2 != '\t' && *cmd2) cmd2++;
@ -1138,12 +1118,12 @@ static int CmdHF15Write(const char *Cmd) {
cmd2 += 2;
}
AddCrc15(req, reqlen);
c.arg[0] = reqlen + 2;
reqlen += 2;
PrintAndLogEx(NORMAL, "iso15693 writing to page %02d (0x%02X) | data ", pagenum, pagenum);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ISO_15693_COMMAND, reqlen, arg1, 1, req, reqlen);
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
PrintAndLogEx(FAILED, "iso15693 card timeout, data may be written anyway");

31
client/cmdhfepa.c
View file

@ -31,9 +31,8 @@ static int CmdHFEPACollectPACENonces(const char *Cmd) {
// repeat n times
for (uint32_t i = 0; i < n; i++) {
// execute PACE
PacketCommandOLD c = {CMD_EPA_PACE_COLLECT_NONCE, {(int)m, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_EPA_PACE_COLLECT_NONCE, (int)m, 0, 0, NULL, 0);
PacketResponseNG resp;
WaitForResponse(CMD_ACK, &resp);
@ -109,28 +108,23 @@ static int CmdHFEPAPACEReplay(const char *Cmd) {
}
// transfer the APDUs to the Proxmark
PacketCommandOLD usb_cmd;
usb_cmd.cmd = CMD_EPA_PACE_REPLAY;
uint8_t data[USB_CMD_DATA_SIZE];
for (int i = 0; i < sizeof(apdu_lengths); i++) {
// APDU number
usb_cmd.arg[0] = i + 1;
// transfer the APDU in several parts if necessary
for (int j = 0; j * sizeof(usb_cmd.d.asBytes) < apdu_lengths[i]; j++) {
// offset into the APDU
usb_cmd.arg[1] = j * sizeof(usb_cmd.d.asBytes);
for (int j = 0; j * sizeof(data) < apdu_lengths[i]; j++) {
// amount of data in this packet
int packet_length = apdu_lengths[i] - (j * sizeof(usb_cmd.d.asBytes));
if (packet_length > sizeof(usb_cmd.d.asBytes)) {
packet_length = sizeof(usb_cmd.d.asBytes);
int packet_length = apdu_lengths[i] - (j * sizeof(data));
if (packet_length > sizeof(data)) {
packet_length = sizeof(data);
}
usb_cmd.arg[2] = packet_length;
memcpy(usb_cmd.d.asBytes, // + (j * sizeof(usb_cmd.d.asBytes)),
apdus[i] + (j * sizeof(usb_cmd.d.asBytes)),
memcpy(data, // + (j * sizeof(data)),
apdus[i] + (j * sizeof(data)),
packet_length);
clearCommandBuffer();
SendCommand(&usb_cmd);
// arg0: APDU number
// arg1: offset into the APDU
SendCommandOLD(CMD_EPA_PACE_REPLAY, i + 1, j * sizeof(data), packet_length, data, packet_length);
WaitForResponse(CMD_ACK, &resp);
if (resp.oldarg[0] != 0) {
PrintAndLogEx(WARNING, "Transfer of APDU #%d Part %d failed!", i, j);
@ -140,9 +134,8 @@ static int CmdHFEPAPACEReplay(const char *Cmd) {
}
// now perform the replay
usb_cmd.arg[0] = 0;
clearCommandBuffer();
SendCommand(&usb_cmd);
SendCommandOLD(CMD_EPA_PACE_REPLAY, 0, 0, 0, NULL, 0);
WaitForResponse(CMD_ACK, &resp);
if (resp.oldarg[0] != 0) {
PrintAndLogEx(NORMAL, "\nPACE replay failed in step %u!", (uint32_t)resp.oldarg[0]);

34
client/cmdhffelica.c
View file

@ -128,10 +128,8 @@ static int CmdHFFelicaSim(const char *Cmd) {
//Validations
if (errors || cmdp == 0) return usage_hf_felica_sim();
PacketCommandOLD c = {CMD_FELICA_SIMULATE_TAG, { tagtype, flags, 0 }, {{0}}};
memcpy(c.d.asBytes, uid, uidlen >> 1);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_FELICA_SIMULATE_TAG, tagtype, flags, 0 , uid, uidlen >> 1);
PacketResponseNG resp;
if (verbose)
@ -174,9 +172,8 @@ static int CmdHFFelicaSniff(const char *Cmd) {
//Validations
if (errors || cmdp == 0) return usage_hf_felica_sniff();
PacketCommandOLD c = {CMD_FELICA_SNIFF, {samples2skip, triggers2skip, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_FELICA_SNIFF, samples2skip, triggers2skip, 0, NULL, 0);
return 0;
}
@ -188,9 +185,8 @@ static int CmdHFFelicaSimLite(const char *Cmd) {
if (!uid)
return usage_hf_felica_simlite();
PacketCommandOLD c = {CMD_FELICA_LITE_SIM, {uid, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_FELICA_LITE_SIM, uid, 0, 0, NULL, 0);
return 0;
}
@ -352,9 +348,8 @@ static int CmdHFFelicaDumpLite(const char *Cmd) {
PrintAndLogEx(SUCCESS, "FeliCa lite - dump started");
PrintAndLogEx(SUCCESS, "press pm3-button to cancel");
PacketCommandOLD c = {CMD_FELICA_LITE_DUMP, {0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_FELICA_LITE_DUMP, 0, 0, 0, NULL, 0);
PacketResponseNG resp;
uint8_t timeout = 0;
@ -426,7 +421,6 @@ static void waitCmdFelica(uint8_t iSelect) {
}
static int CmdHFFelicaCmdRaw(const char *Cmd) {
PacketCommandOLD c = {CMD_FELICA_COMMAND, {0, 0, 0}, {{0}}};
bool reply = 1;
bool crc = false;
bool power = false;
@ -509,28 +503,26 @@ static int CmdHFFelicaCmdRaw(const char *Cmd) {
data[datalen++] = b2;
}
uint8_t flags = 0;
if (active || active_select) {
c.arg[0] |= FELICA_CONNECT;
flags |= FELICA_CONNECT;
if (active)
c.arg[0] |= FELICA_NO_SELECT;
flags |= FELICA_NO_SELECT;
}
if (power) {
c.arg[0] |= FELICA_NO_DISCONNECT;
flags |= FELICA_NO_DISCONNECT;
}
if (datalen > 0) {
c.arg[0] |= FELICA_RAW;
flags |= FELICA_RAW;
}
// Max buffer is USB_CMD_DATA_SIZE
datalen = (datalen > USB_CMD_DATA_SIZE) ? USB_CMD_DATA_SIZE : datalen;
c.arg[1] = (datalen & 0xFFFF) | (uint32_t)(numbits << 16);
memcpy(c.d.asBytes, data, datalen);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_FELICA_COMMAND, flags, (datalen & 0xFFFF) | (uint32_t)(numbits << 16), 0, data, datalen);
if (reply) {
if (active_select)
@ -567,14 +559,12 @@ int CmdHFFelica(const char *Cmd) {
int readFelicaUid(bool verbose) {
//PacketCommandOLD cDisconnect = {CMD_FELICA_COMMAND, {0,0,0}, {{0}}};
PacketCommandOLD c = {CMD_FELICA_COMMAND, {FELICA_CONNECT, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_FELICA_COMMAND, FELICA_CONNECT, 0, 0, NULL, 0);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2500)) {
if (verbose) PrintAndLogEx(WARNING, "FeliCa card select failed");
//SendCommand(&cDisconnect);
//SendCommandOLD(CMD_FELICA_COMMAND, 0, 0, 0, NULL, 0);
return 0;
}

78
client/cmdhficlass.c
View file

@ -281,8 +281,7 @@ static int CmdHFiClassList(const char *Cmd) {
static int CmdHFiClassSniff(const char *Cmd) {
char cmdp = tolower(param_getchar(Cmd, 0));
if (cmdp == 'h') return usage_hf_iclass_sniff();
PacketCommandOLD c = {CMD_SNIFF_ICLASS, {0, 0, 0}, {{0}}};
SendCommand(&c);
SendCommandOLD(CMD_SNIFF_ICLASS, 0, 0, 0, NULL, 0);
return 0;
}
@ -380,11 +379,9 @@ static int CmdHFiClassSim(const char *Cmd) {
case 2: {
PrintAndLogEx(INFO, "Starting iCLASS sim 2 attack (elite mode)");
PrintAndLogEx(INFO, "press keyboard to cancel");
PacketCommandOLD c = {CMD_SIMULATE_TAG_ICLASS, {simType, NUM_CSNS}, {{0}}};
PacketResponseNG resp;
memcpy(c.d.asBytes, csns, 8 * NUM_CSNS);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SIMULATE_TAG_ICLASS, simType, NUM_CSNS, 0, csns, 8 * NUM_CSNS);
while (!WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
tries++;
@ -433,11 +430,9 @@ static int CmdHFiClassSim(const char *Cmd) {
// reader in key roll mode, when it has two keys it alternates when trying to verify.
PrintAndLogEx(INFO, "Starting iCLASS sim 4 attack (elite mode, reader in key roll mode)");
PrintAndLogEx(INFO, "press keyboard to cancel");
PacketCommandOLD c = {CMD_SIMULATE_TAG_ICLASS, {simType, NUM_CSNS}, {{0}}};
PacketResponseNG resp;
memcpy(c.d.asBytes, csns, 8 * NUM_CSNS);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SIMULATE_TAG_ICLASS, simType, NUM_CSNS, 0, csns, 8 * NUM_CSNS);
while (!WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
tries++;
@ -501,10 +496,8 @@ static int CmdHFiClassSim(const char *Cmd) {
case 1:
case 3:
default: {
PacketCommandOLD c = {CMD_SIMULATE_TAG_ICLASS, {simType, numberOfCSNs}, {{0}}};
memcpy(c.d.asBytes, CSN, 8);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SIMULATE_TAG_ICLASS, simType, numberOfCSNs, 0, CSN, 8);
break;
}
}
@ -531,19 +524,15 @@ static int CmdHFiClassReader_Replay(const char *Cmd) {
return 1;
}
PacketCommandOLD c = {CMD_READER_ICLASS_REPLAY, {readerType}, {{0}}};
memcpy(c.d.asBytes, MAC, 4);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READER_ICLASS_REPLAY, readerType, 0, 0, MAC, 4);
return 0;
}
/*
static int iclassEmlSetMem(uint8_t *data, int blockNum, int blocksCount) {
PacketCommandOLD c = {CMD_MIFARE_EML_MEMSET, {blockNum, blocksCount, 0}, {{0}}};
memcpy(c.d.asBytes, data, blocksCount * 16);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_EML_MEMSET, blockNum, blocksCount, 0, data, blocksCount * 16);
return 0;
}
*/
@ -603,10 +592,8 @@ static int CmdHFiClassELoad(const char *Cmd) {
while (bytes_remaining > 0) {
uint32_t bytes_in_packet = MIN(USB_CMD_DATA_SIZE, bytes_remaining);
PacketCommandOLD c = {CMD_ICLASS_EML_MEMSET, {bytes_sent, bytes_in_packet, 0}, {{0}}};
memcpy(c.d.asBytes, dump + bytes_sent, bytes_in_packet);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ICLASS_EML_MEMSET, bytes_sent, bytes_in_packet, 0, dump + bytes_sent, bytes_in_packet);
bytes_remaining -= bytes_in_packet;
bytes_sent += bytes_in_packet;
}
@ -768,14 +755,13 @@ static void Calc_wb_mac(uint8_t blockno, uint8_t *data, uint8_t *div_key, uint8_
static bool select_only(uint8_t *CSN, uint8_t *CCNR, bool use_credit_key, bool verbose) {
PacketResponseNG resp;
PacketCommandOLD c = {CMD_READER_ICLASS, {0}, {{0}}};
c.arg[0] = FLAG_ICLASS_READER_ONLY_ONCE | FLAG_ICLASS_READER_CC | FLAG_ICLASS_READER_ONE_TRY;
uint8_t flags = FLAG_ICLASS_READER_ONLY_ONCE | FLAG_ICLASS_READER_CC | FLAG_ICLASS_READER_ONE_TRY;
if (use_credit_key)
c.arg[0] |= FLAG_ICLASS_READER_CEDITKEY;
flags |= FLAG_ICLASS_READER_CEDITKEY;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READER_ICLASS, flags, 0, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, 4000)) {
PrintAndLogEx(WARNING, "command execute timeout");
return false;
@ -819,10 +805,8 @@ static bool select_and_auth(uint8_t *KEY, uint8_t *MAC, uint8_t *div_key, bool u
doMAC(CCNR, div_key, MAC);
PacketResponseNG resp;
PacketCommandOLD d = {CMD_ICLASS_AUTHENTICATION, {0, 0, 0}, {{0}}};
memcpy(d.d.asBytes, MAC, 4);
clearCommandBuffer();
SendCommand(&d);
SendCommandOLD(CMD_ICLASS_AUTHENTICATION, 0, 0, 0, MAC, 4);
if (!WaitForResponseTimeout(CMD_ACK, &resp, 4000)) {
if (verbose) PrintAndLogEx(FAILED, "auth command execute timeout");
return false;
@ -939,12 +923,11 @@ static int CmdHFiClassReader_Dump(const char *Cmd) {
FLAG_ICLASS_READER_ONE_TRY;
//get config and first 3 blocks
PacketCommandOLD c = {CMD_READER_ICLASS, {flags, 0, 0}, {{0}}};
PacketResponseNG resp;
uint8_t tag_data[255 * 8];
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READER_ICLASS, flags, 0, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
PrintAndLogEx(WARNING, "command execute timeout");
DropField();
@ -981,9 +964,8 @@ static int CmdHFiClassReader_Dump(const char *Cmd) {
}
// begin dump
PacketCommandOLD w = {CMD_ICLASS_DUMP, {blockno, numblks - blockno + 1}, {{0}}};
clearCommandBuffer();
SendCommand(&w);
SendCommandOLD(CMD_ICLASS_DUMP, blockno, numblks - blockno + 1, 0, NULL, 0);
while (true) {
printf(".");
fflush(stdout);
@ -1038,10 +1020,8 @@ static int CmdHFiClassReader_Dump(const char *Cmd) {
// do we still need to read more block? (aa2 enabled?)
if (maxBlk > blockno + numblks + 1) {
// setup dump and start
w.arg[0] = blockno + blocksRead;
w.arg[1] = maxBlk - (blockno + blocksRead);
clearCommandBuffer();
SendCommand(&w);
SendCommandOLD(CMD_ICLASS_DUMP, blockno + blocksRead, maxBlk - (blockno + blocksRead), 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
PrintAndLogEx(WARNING, "command execute timeout 2");
return 0;
@ -1100,12 +1080,12 @@ static int WriteBlock(uint8_t blockno, uint8_t *bldata, uint8_t *KEY, bool use_c
PacketResponseNG resp;
Calc_wb_mac(blockno, bldata, div_key, MAC);
PacketCommandOLD w = {CMD_ICLASS_WRITEBLOCK, {blockno}, {{0}}};
memcpy(w.d.asBytes, bldata, 8);
memcpy(w.d.asBytes + 8, MAC, 4);
uint8_t data[12];
memcpy(data, bldata, 8);
memcpy(data + 8, MAC, 4);
clearCommandBuffer();
SendCommand(&w);
SendCommandOLD(CMD_ICLASS_WRITEBLOCK, blockno, 0, 0, data, sizeof(data));
if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
if (verbose) PrintAndLogEx(WARNING, "Write Command execute timeout");
return 0;
@ -1321,8 +1301,8 @@ static int CmdHFiClassCloneTag(const char *Cmd) {
return 0;
}
PacketCommandOLD w = {CMD_ICLASS_CLONE, {startblock, endblock}, {{0}}};
uint8_t *ptr;
uint8_t data[(endblock - startblock) * 12];
// calculate all mac for every the block we will write
for (i = startblock; i <= endblock; i++) {
Calc_wb_mac(i, tag_data[i - startblock].d, div_key, MAC);
@ -1330,13 +1310,13 @@ static int CmdHFiClassCloneTag(const char *Cmd) {
// memcpy(pointer,tag_data[i - 6],8) 8 bytes
// memcpy(pointer + 8,mac,sizoof(mac) 4 bytes;
// next one
ptr = w.d.asBytes + (i - startblock) * 12;
ptr = data + (i - startblock) * 12;
memcpy(ptr, &(tag_data[i - startblock].d[0]), 8);
memcpy(ptr + 8, MAC, 4);
}
uint8_t p[12];
for (i = 0; i <= endblock - startblock; i++) {
memcpy(p, w.d.asBytes + (i * 12), 12);
memcpy(p, data + (i * 12), 12);
PrintAndLogEx(NORMAL, "Block |%02x|", i + startblock);
PrintAndLogEx(NORMAL, " %02x%02x%02x%02x%02x%02x%02x%02x |", p[0], p[1], p[2], p[3], p[4], p[5], p[6], p[7]);
PrintAndLogEx(NORMAL, " MAC |%02x%02x%02x%02x|\n", p[8], p[9], p[10], p[11]);
@ -1344,7 +1324,7 @@ static int CmdHFiClassCloneTag(const char *Cmd) {
PacketResponseNG resp;
clearCommandBuffer();
SendCommand(&w);
SendCommandOLD(CMD_ICLASS_CLONE, startblock, endblock, 0, data, (endblock - startblock) * 12);
if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
PrintAndLogEx(WARNING, "command execute timeout");
return 0;
@ -1368,9 +1348,8 @@ static int ReadBlock(uint8_t *KEY, uint8_t blockno, uint8_t keyType, bool elite,
}
PacketResponseNG resp;
PacketCommandOLD c = {CMD_ICLASS_READBLOCK, {blockno}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ICLASS_READBLOCK, blockno, 0, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
PrintAndLogEx(WARNING, "Command execute timeout");
return 0;
@ -1977,16 +1956,14 @@ static int CmdHFiClassCheckKeys(const char *Cmd) {
if (keys == keycnt - i)
lastChunk = true;
PacketCommandOLD c = {CMD_ICLASS_CHECK_KEYS, { (lastChunk << 8), keys, 0}, {{0}}};
uint32_t flags = lastChunk << 8;
// bit 16
// - 1 indicates credit key
// - 0 indicates debit key (default)
c.arg[0] |= (use_credit_key << 16);
flags |= (use_credit_key << 16);
memcpy(c.d.asBytes, pre + i, 4 * keys);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ICLASS_CHECK_KEYS, flags, keys, 0, pre + i, 4 * keys);
PacketResponseNG resp;
while (!WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
@ -2464,13 +2441,12 @@ int readIclass(bool loop, bool verbose) {
FLAG_ICLASS_READER_CONF | FLAG_ICLASS_READER_ONLY_ONCE |
FLAG_ICLASS_READER_ONE_TRY;
PacketCommandOLD c = {CMD_READER_ICLASS, {flags, 0, 0}, {{0}}};
// loop in client not device - else on windows have a communication error
PacketResponseNG resp;
while (!ukbhit()) {
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READER_ICLASS, flags, 0, 0, NULL, 0);
if (WaitForResponseTimeout(CMD_ACK, &resp, 4500)) {
uint8_t readStatus = resp.oldarg[0] & 0xff;
uint8_t *data = resp.data.asBytes;

37
client/cmdhflegic.c
View file

@ -524,10 +524,10 @@ static int CmdLegicRfSim(const char *Cmd) {
char cmdp = tolower(param_getchar(Cmd, 0));
if (strlen(Cmd) == 0 || cmdp == 'h') return usage_legic_sim();
PacketCommandOLD c = {CMD_SIMULATE_TAG_LEGIC_RF, {1}, {{0}}};
sscanf(Cmd, " %" SCNi64, &c.arg[0]);
uint64_t id = 1;
sscanf(Cmd, " %" SCNi64, &id);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SIMULATE_TAG_LEGIC_RF, id, 0, 0, NULL, 0);
return 0;
}
@ -642,11 +642,9 @@ static int CmdLegicRfWrite(const char *Cmd) {
PrintAndLogEx(SUCCESS, "Writing to tag");
PacketCommandOLD c = {CMD_WRITER_LEGIC_RF, {offset, len, IV}, {{0}}};
memcpy(c.d.asBytes, data, len);
PacketResponseNG resp;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_WRITER_LEGIC_RF, offset, len, IV, data, len);
uint8_t timeout = 0;
@ -756,9 +754,8 @@ int legic_read_mem(uint32_t offset, uint32_t len, uint32_t iv, uint8_t *out, uin
legic_chk_iv(&iv);
PacketCommandOLD c = {CMD_READER_LEGIC_RF, {offset, len, iv}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READER_LEGIC_RF, offset, len, iv, NULL, 0);
PacketResponseNG resp;
uint8_t timeout = 0;
@ -810,9 +807,8 @@ int legic_get_type(legic_card_select_t *card) {
if (card == NULL) return 1;
PacketCommandOLD c = {CMD_LEGIC_INFO, {0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_LEGIC_INFO, 0, 0, 0, NULL, 0);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500))
return 2;
@ -837,15 +833,11 @@ void legic_chk_iv(uint32_t *iv) {
}
void legic_seteml(uint8_t *src, uint32_t offset, uint32_t numofbytes) {
PacketCommandOLD c = {CMD_LEGIC_ESET, {0, 0, 0}, {{0}}};
for (size_t i = offset; i < numofbytes; i += USB_CMD_DATA_SIZE) {
size_t len = MIN((numofbytes - i), USB_CMD_DATA_SIZE);
c.arg[0] = i; // offset
c.arg[1] = len; // number of bytes
memcpy(c.d.asBytes, src + i, len);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_LEGIC_ESET, i, len, 0, src + i, len);
}
}
@ -900,9 +892,8 @@ static int CmdLegicDump(const char *Cmd) {
legic_print_type(dumplen, 0);
PrintAndLogEx(SUCCESS, "Reading tag memory %d b...", dumplen);
PacketCommandOLD c = {CMD_READER_LEGIC_RF, {0x00, dumplen, 0x55}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READER_LEGIC_RF, 0x00, dumplen, 0x55, NULL, 0);
PacketResponseNG resp;
uint8_t timeout = 0;
@ -1049,16 +1040,12 @@ static int CmdLegicRestore(const char *Cmd) {
PrintAndLogEx(SUCCESS, "Restoring to card");
// transfer to device
PacketCommandOLD c = {CMD_WRITER_LEGIC_RF, {0, 0, 0x55}, {{0}}};
PacketResponseNG resp;
for (size_t i = 7; i < numofbytes; i += USB_CMD_DATA_SIZE) {
size_t len = MIN((numofbytes - i), USB_CMD_DATA_SIZE);
c.arg[0] = i; // offset
c.arg[1] = len; // number of bytes
memcpy(c.d.asBytes, data + i, len);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_WRITER_LEGIC_RF, i, len, 0x55, data + i, len);
uint8_t timeout = 0;
while (!WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
@ -1242,18 +1229,14 @@ static int CmdLegicWipe(const char *Cmd) {
PrintAndLogEx(SUCCESS, "Erasing");
// transfer to device
PacketCommandOLD c = {CMD_WRITER_LEGIC_RF, {0, 0, 0x55}, {{0}}};
PacketResponseNG resp;
for (size_t i = 7; i < card.cardsize; i += USB_CMD_DATA_SIZE) {
printf(".");
fflush(stdout);
size_t len = MIN((card.cardsize - i), USB_CMD_DATA_SIZE);
c.arg[0] = i; // offset
c.arg[1] = len; // number of bytes
memcpy(c.d.asBytes, data + i, len);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_WRITER_LEGIC_RF, i, len, 0x55, data + i, len);
uint8_t timeout = 0;
while (!WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {

81
client/cmdhfmf.c
View file

@ -411,9 +411,8 @@ static int usage_hf14_nack(void) {
}
static int GetHFMF14AUID(uint8_t *uid, int *uidlen) {
PacketCommandOLD c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_CONNECT, 0, 0, NULL, 0);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2500)) {
PrintAndLogEx(WARNING, "iso14443a card select failed");
@ -522,11 +521,11 @@ static int CmdHF14AMfWrBl(const char *Cmd) {
PrintAndLogEx(NORMAL, "--block no:%d, key type:%c, key:%s", blockNo, keyType ? 'B' : 'A', sprint_hex(key, 6));
PrintAndLogEx(NORMAL, "--data: %s", sprint_hex(bldata, 16));
PacketCommandOLD c = {CMD_MIFARE_WRITEBL, {blockNo, keyType, 0}, {{0}}};
memcpy(c.d.asBytes, key, 6);
memcpy(c.d.asBytes + 10, bldata, 16);
uint8_t data[26];
memcpy(data, key, 6);
memcpy(data + 10, bldata, 16);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_WRITEBL, blockNo, keyType, 0, data, sizeof(data));
PacketResponseNG resp;
if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
@ -568,10 +567,8 @@ static int CmdHF14AMfRdBl(const char *Cmd) {
}
PrintAndLogEx(NORMAL, "--block no:%d, key type:%c, key:%s ", blockNo, keyType ? 'B' : 'A', sprint_hex(key, 6));
PacketCommandOLD c = {CMD_MIFARE_READBL, {blockNo, keyType, 0}, {{0}}};
memcpy(c.d.asBytes, key, 6);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_READBL, blockNo, keyType, 0, key, 6);
PacketResponseNG resp;
if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
@ -638,10 +635,8 @@ static int CmdHF14AMfRdSc(const char *Cmd) {
}
PrintAndLogEx(NORMAL, "--sector no:%d key type:%c key:%s ", sectorNo, keyType ? 'B' : 'A', sprint_hex(key, 6));
PacketCommandOLD c = {CMD_MIFARE_READSC, {sectorNo, keyType, 0}, {{0}}};
memcpy(c.d.asBytes, key, 6);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_READSC, sectorNo, keyType, 0, key, 6);
PrintAndLogEx(NORMAL, "");
PacketResponseNG resp;
@ -803,10 +798,8 @@ static int CmdHF14AMfDump(const char *Cmd) {
for (sectorNo = 0; sectorNo < numSectors; sectorNo++) {
for (tries = 0; tries < MIFARE_SECTOR_RETRY; tries++) {
PacketCommandOLD c = {CMD_MIFARE_READBL, {FirstBlockOfSector(sectorNo) + NumBlocksPerSector(sectorNo) - 1, 0, 0}, {{0}}};
memcpy(c.d.asBytes, keyA[sectorNo], 6);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_READBL, FirstBlockOfSector(sectorNo) + NumBlocksPerSector(sectorNo) - 1, 0, 0, keyA[sectorNo], 6);
if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
uint8_t isOK = resp.oldarg[0] & 0xff;
@ -840,27 +833,21 @@ static int CmdHF14AMfDump(const char *Cmd) {
for (tries = 0; tries < MIFARE_SECTOR_RETRY; tries++) {
if (blockNo == NumBlocksPerSector(sectorNo) - 1) { // sector trailer. At least the Access Conditions can always be read with key A.
PacketCommandOLD c = {CMD_MIFARE_READBL, {FirstBlockOfSector(sectorNo) + blockNo, 0, 0}, {{0}}};
memcpy(c.d.asBytes, keyA[sectorNo], 6);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_READBL, FirstBlockOfSector(sectorNo) + blockNo, 0, 0, keyA[sectorNo], 6);
received = WaitForResponseTimeout(CMD_ACK, &resp, 1500);
} else { // data block. Check if it can be read with key A or key B
uint8_t data_area = (sectorNo < 32) ? blockNo : blockNo / 5;
if ((rights[sectorNo][data_area] == 0x03) || (rights[sectorNo][data_area] == 0x05)) { // only key B would work
PacketCommandOLD c = {CMD_MIFARE_READBL, {FirstBlockOfSector(sectorNo) + blockNo, 1, 0}, {{0}}};
memcpy(c.d.asBytes, keyB[sectorNo], 6);
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_READBL, FirstBlockOfSector(sectorNo) + blockNo, 1, 0, keyB[sectorNo], 6);
received = WaitForResponseTimeout(CMD_ACK, &resp, 1500);
} else if (rights[sectorNo][data_area] == 0x07) { // no key would work
isOK = false;
PrintAndLogEx(WARNING, "access rights do not allow reading of sector %2d block %3d", sectorNo, blockNo);
tries = MIFARE_SECTOR_RETRY;
} else { // key A would work
PacketCommandOLD c = {CMD_MIFARE_READBL, {FirstBlockOfSector(sectorNo) + blockNo, 0, 0}, {{0}}};
memcpy(c.d.asBytes, keyA[sectorNo], 6);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_READBL, FirstBlockOfSector(sectorNo) + blockNo, 0, 0, keyA[sectorNo], 6);
received = WaitForResponseTimeout(CMD_ACK, &resp, 1500);
}
}
@ -1019,8 +1006,8 @@ static int CmdHF14AMfRestore(const char *Cmd) {
for (sectorNo = 0; sectorNo < numSectors; sectorNo++) {
for (blockNo = 0; blockNo < NumBlocksPerSector(sectorNo); blockNo++) {
PacketCommandOLD c = {CMD_MIFARE_WRITEBL, {FirstBlockOfSector(sectorNo) + blockNo, keyType, 0}, {{0}}};
memcpy(c.d.asBytes, key, 6);
uint8_t data[26];
memcpy(data, key, 6);
bytes_read = fread(bldata, 1, 16, fdump);
if (bytes_read != 16) {
PrintAndLogEx(WARNING, "File reading error " _YELLOW_("%s"), dataFilename);
@ -1046,9 +1033,9 @@ static int CmdHF14AMfRestore(const char *Cmd) {
PrintAndLogEx(NORMAL, "Writing to block %3d: %s", FirstBlockOfSector(sectorNo) + blockNo, sprint_hex(bldata, 16));
memcpy(c.d.asBytes + 10, bldata, 16);
memcpy(data + 10, bldata, 16);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_WRITEBL, FirstBlockOfSector(sectorNo) + blockNo, keyType, 0, data, sizeof(data));
PacketResponseNG resp;
if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
@ -1251,10 +1238,10 @@ static int CmdHF14AMfNested(const char *Cmd) {
PrintAndLogEx(SUCCESS, "reading block %d", sectrail);
PacketCommandOLD c = {CMD_MIFARE_READBL, {sectrail, 0, 0}, {{0}}};
num_to_bytes(e_sector[i].Key[0], 6, c.d.asBytes); // KEY A
uint8_t txdata[6];
num_to_bytes(e_sector[i].Key[0], 6, txdata); // KEY A
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_READBL, sectrail, 0, 0, txdata, sizeof(txdata));
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) continue;
@ -1997,10 +1984,10 @@ static int CmdHF14AMfChk(const char *Cmd) {
PrintAndLogEx(NORMAL, "Reading block %d", sectrail);
PacketCommandOLD c = {CMD_MIFARE_READBL, {sectrail, 0, 0}, {{0}}};
num_to_bytes(e_sector[i].Key[0], 6, c.d.asBytes); // KEY A
uint8_t txdata[6];
num_to_bytes(e_sector[i].Key[0], 6, txdata); // KEY A
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_READBL, sectrail, 0, 0, txdata, sizeof(txdata));
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) continue;
@ -2231,10 +2218,8 @@ static int CmdHF14AMfSim(const char *Cmd) {
, flags
, flags);
PacketCommandOLD c = {CMD_SIMULATE_MIFARE_CARD, {flags, exitAfterNReads, 0}, {{0}}};
memcpy(c.d.asBytes, uid, sizeof(uid));
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SIMULATE_MIFARE_CARD, flags, exitAfterNReads, 0, uid, sizeof(uid));
PacketResponseNG resp;
if (flags & FLAG_INTERACTIVE) {
@ -2291,9 +2276,8 @@ static int CmdHF14AMfSniff(const char *Cmd) {
PrintAndLogEx(NORMAL, "Press the key on pc keyboard to abort the client.\n");
PrintAndLogEx(NORMAL, "-------------------------------------------------------------------------\n");
PacketCommandOLD c = {CMD_MIFARE_SNIFFER, {0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_SNIFFER, 0, 0, 0, NULL, 0);
PacketResponseNG resp;
@ -2422,8 +2406,7 @@ int CmdHF14AMfDbg(const char *Cmd) {
uint8_t dbgMode = param_get8ex(Cmd, 0, 0, 10);
if (dbgMode > 4) return usage_hf14_dbg();
PacketCommandOLD c = {CMD_MIFARE_SET_DBGMODE, {dbgMode, 0, 0}, {{0}}};
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_SET_DBGMODE, dbgMode, 0, 0, NULL, 0);
return 0;
}
@ -2508,9 +2491,8 @@ static int CmdHF14AMfEClear(const char *Cmd) {
char c = tolower(param_getchar(Cmd, 0));
if (c == 'h') return usage_hf14_eclr();
PacketCommandOLD cmd = {CMD_MIFARE_EML_MEMCLR, {0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&cmd);
SendCommandOLD(CMD_MIFARE_EML_MEMCLR, 0, 0, 0, NULL, 0);
return 0;
}
@ -2693,9 +2675,8 @@ static int CmdHF14AMfECFill(const char *Cmd) {
numSectors = NumOfSectors(c);
PrintAndLogEx(NORMAL, "--params: numSectors: %d, keyType: %c\n", numSectors, (keyType == 0) ? 'A' : 'B');
PacketCommandOLD cmd = {CMD_MIFARE_EML_CARDLOAD, {numSectors, keyType, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&cmd);
SendCommandOLD(CMD_MIFARE_EML_CARDLOAD, numSectors, keyType, 0, NULL, 0);
return 0;
}
@ -3155,10 +3136,8 @@ static int CmdHf14AMfSetMod(const char *Cmd) {
return 1;
}
PacketCommandOLD c = {CMD_MIFARE_SETMOD, {mod, 0, 0}, {{0}}};
memcpy(c.d.asBytes, key, 6);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_SETMOD, mod, 0, 0, key, 6);
PacketResponseNG resp;
if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
@ -3256,9 +3235,8 @@ static int CmdHF14AMfice(const char *Cmd) {
flags = 0;
flags |= initialize ? 0x0001 : 0;
flags |= slow ? 0x0002 : 0;
PacketCommandOLD c = {CMD_MIFARE_ACQUIRE_NONCES, {blockNo + keyType * 0x100, trgBlockNo + trgKeyType * 0x100, flags}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_ACQUIRE_NONCES, blockNo + keyType * 0x100, trgBlockNo + trgKeyType * 0x100, flags, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, 3000)) goto out;
if (resp.oldarg[0]) goto out;
@ -3289,9 +3267,8 @@ out:
fclose(fnonces);
}
PacketCommandOLD c = {CMD_MIFARE_ACQUIRE_NONCES, {blockNo + keyType * 0x100, trgBlockNo + trgKeyType * 0x100, 4}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_ACQUIRE_NONCES, blockNo + keyType * 0x100, trgBlockNo + trgKeyType * 0x100, 4, NULL, 0);
return 0;
}

141
client/cmdhfmfdes.c
View file

@ -9,9 +9,6 @@
//-----------------------------------------------------------------------------
#include "cmdhfmfdes.h"
uint8_t CMDPOS = 0;
uint8_t LENPOS = 1;
uint8_t key_zero_data[16] = { 0x00 };
uint8_t key_ones_data[16] = { 0x01 };
uint8_t key_defa_data[16] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f };
@ -51,10 +48,10 @@ static int CmdHF14ADesWb(const char *Cmd) {
PrintAndLogEx(NORMAL, "--block no:%02x key type:%02x key:%s", blockNo, keyType, sprint_hex(key, 6));
PrintAndLogEx(NORMAL, "--data: %s", sprint_hex(bldata, 16));
PacketCommandOLD c = {CMD_MIFARE_WRITEBL, {blockNo, keyType, 0}, {{0}}};
memcpy(c.d.asBytes, key, 6);
memcpy(c.d.asBytes + 10, bldata, 16);
SendCommand(&c);
uint8_t data[26];
memcpy(data, key, 6);
memcpy(data + 10, bldata, 16);
SendCommandOLD(CMD_MIFARE_WRITEBL, blockNo, keyType, 0, data, sizeof(data));
PacketResponseNG resp;
if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
@ -93,9 +90,7 @@ static int CmdHF14ADesRb(const char *Cmd) {
}
PrintAndLogEx(NORMAL, "--block no:%02x key type:%02x key:%s ", blockNo, keyType, sprint_hex(key, 6));
PacketCommandOLD c = {CMD_MIFARE_READBL, {blockNo, keyType, 0}, {{0}}};
memcpy(c.d.asBytes, key, 6);
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_READBL, blockNo, keyType, 0, key, 6);
PacketResponseNG resp;
if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
@ -116,8 +111,7 @@ static int CmdHF14ADesRb(const char *Cmd) {
static int CmdHF14ADesInfo(const char *Cmd) {
(void)Cmd; // Cmd is not used so far
PacketCommandOLD c = {CMD_MIFARE_DESFIRE_INFO, {0, 0, 0}, {{0}}};
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_DESFIRE_INFO, 0, 0, 0, NULL, 0);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
@ -168,11 +162,8 @@ static int CmdHF14ADesInfo(const char *Cmd) {
getKeySettings(NULL);
// Free memory on card
c.cmd = CMD_MIFARE_DESFIRE;
c.arg[0] = (INIT | DISCONNECT);
c.arg[1] = 0x01;
c.d.asBytes[0] = GET_FREE_MEMORY;
SendCommand(&c);
uint8_t data[1] = {GET_FREE_MEMORY};
SendCommandOLD(CMD_MIFARE_DESFIRE, (INIT | DISCONNECT), 0x01, 0, data, sizeof(data));
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500))
return 0;
@ -255,8 +246,6 @@ void getKeySettings(uint8_t *aid) {
char messStr[512] = {0x00};
const char *str = messStr;
uint8_t isOK = 0;
uint32_t options;
PacketCommandOLD c = {CMD_MIFARE_DESFIRE, {0, 0, 0}, {{0}}};
PacketResponseNG resp;
//memset(messStr, 0x00, 512);
@ -264,10 +253,10 @@ void getKeySettings(uint8_t *aid) {
if (aid == NULL) {
PrintAndLogEx(NORMAL, " CMK - PICC, Card Master Key settings ");
PrintAndLogEx(NORMAL, "");
c.arg[CMDPOS] = (INIT | DISCONNECT);
c.arg[LENPOS] = 0x01;
c.d.asBytes[0] = GET_KEY_SETTINGS; // 0x45
SendCommand(&c);
{
uint8_t data[1] = {GET_KEY_SETTINGS}; // 0x45
SendCommandOLD(CMD_MIFARE_DESFIRE, INIT | DISCONNECT, sizeof(data), 0, data, sizeof(data));
}
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000)) {return;}
isOK = resp.oldarg[0] & 0xff;
if (!isOK) {
@ -283,11 +272,10 @@ void getKeySettings(uint8_t *aid) {
PrintAndLogEx(NORMAL, " [0x02] Directory list access with CMK : %s", str);
str = (resp.data.asBytes[3] & (1 << 0)) ? "YES" : "NO";
PrintAndLogEx(NORMAL, " [0x01] CMK is changeable : %s", str);
c.arg[LENPOS] = 0x02; //LEN
c.d.asBytes[0] = GET_KEY_VERSION; //0x64
c.d.asBytes[1] = 0x00;
SendCommand(&c);
{
uint8_t data[2] = {GET_KEY_VERSION, 0}; // 0x64
SendCommandOLD(CMD_MIFARE_DESFIRE, INIT | DISCONNECT, sizeof(data), 0, data, sizeof(data));
}
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000)) { return; }
isOK = resp.oldarg[0] & 0xff;
if (!isOK) {
@ -299,22 +287,26 @@ void getKeySettings(uint8_t *aid) {
PrintAndLogEx(NORMAL, " Master key Version : %d (0x%02x)", resp.data.asBytes[3], resp.data.asBytes[3]);
PrintAndLogEx(NORMAL, " ----------------------------------------------------------");
c.arg[LENPOS] = 0x02; //LEN
c.d.asBytes[0] = AUTHENTICATE; //0x0A
c.d.asBytes[1] = 0x00; // KEY 0
SendCommand(&c);
{
uint8_t data[2] = {AUTHENTICATE, 0}; // 0x0A, KEY 0
SendCommandOLD(CMD_MIFARE_DESFIRE, INIT | DISCONNECT, sizeof(data), 0, data, sizeof(data));
}
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000)) {return;}
isOK = resp.data.asBytes[2] & 0xff;
PrintAndLogEx(NORMAL, " [0x0A] Authenticate : %s", (isOK == 0xAE) ? "NO" : "YES");
c.d.asBytes[0] = AUTHENTICATE_ISO; //0x1A
SendCommand(&c);
{
uint8_t data[2] = {AUTHENTICATE_ISO, 0}; // 0x1A, KEY 0
SendCommandOLD(CMD_MIFARE_DESFIRE, INIT | DISCONNECT, sizeof(data), 0, data, sizeof(data));
}
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000)) {return;}
isOK = resp.data.asBytes[2] & 0xff;
PrintAndLogEx(NORMAL, " [0x1A] Authenticate ISO : %s", (isOK == 0xAE) ? "NO" : "YES");
c.d.asBytes[0] = AUTHENTICATE_AES; //0xAA
SendCommand(&c);
{
uint8_t data[2] = {AUTHENTICATE_AES, 0}; // 0xAA, KEY 0
SendCommandOLD(CMD_MIFARE_DESFIRE, INIT | DISCONNECT, sizeof(data), 0, data, sizeof(data));
}
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000)) {return;}
isOK = resp.data.asBytes[2] & 0xff;
PrintAndLogEx(NORMAL, " [0xAA] Authenticate AES : %s", (isOK == 0xAE) ? "NO" : "YES");
@ -325,12 +317,11 @@ void getKeySettings(uint8_t *aid) {
PrintAndLogEx(NORMAL, " AMK - Application Master Key settings");
// SELECT AID
c.arg[0] = (INIT | CLEARTRACE);
c.arg[LENPOS] = 0x04;
c.d.asBytes[0] = SELECT_APPLICATION; // 0x5a
memcpy(c.d.asBytes + 1, aid, 3);
SendCommand(&c);
{
uint8_t data[4] = {SELECT_APPLICATION}; // 0x5a
memcpy(data + 1, aid, 3);
SendCommandOLD(CMD_MIFARE_DESFIRE, INIT | CLEARTRACE, sizeof(data), 0, data, sizeof(data));
}
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
PrintAndLogEx(WARNING, " Timed-out");
return;
@ -342,11 +333,10 @@ void getKeySettings(uint8_t *aid) {
}
// KEY SETTINGS
options = NONE;
c.arg[0] = options;
c.arg[LENPOS] = 0x01;
c.d.asBytes[0] = GET_KEY_SETTINGS; // 0x45
SendCommand(&c);
{
uint8_t data[1] = {GET_KEY_SETTINGS}; // 0x45
SendCommandOLD(CMD_MIFARE_DESFIRE, NONE, sizeof(data), 0, data, sizeof(data));
}
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
return;
}
@ -385,11 +375,10 @@ void getKeySettings(uint8_t *aid) {
}
// KEY VERSION - AMK
c.arg[0] = NONE;
c.arg[LENPOS] = 0x02;
c.d.asBytes[0] = GET_KEY_VERSION; //0x64
c.d.asBytes[1] = 0x00;
SendCommand(&c);
{
uint8_t data[2] = {GET_KEY_VERSION, 0}; // 0x64
SendCommandOLD(CMD_MIFARE_DESFIRE, NONE, sizeof(data), 0, data, sizeof(data));
}
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
PrintAndLogEx(WARNING, " Timed-out");
return;
@ -425,12 +414,10 @@ static int CmdHF14ADesEnumApplications(const char *Cmd) {
uint8_t isOK = 0x00;
uint8_t aid[3];
uint32_t options = (INIT | DISCONNECT);
PacketCommandOLD c = {CMD_MIFARE_DESFIRE, {options, 0x01 }, {{0}}};
c.d.asBytes[0] = GET_APPLICATION_IDS; //0x6a
SendCommand(&c);
{
uint8_t data[1] = {GET_APPLICATION_IDS}; //0x6a
SendCommandOLD(CMD_MIFARE_DESFIRE, INIT | DISCONNECT, sizeof(data), 0, data, sizeof(data));
}
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
@ -461,13 +448,11 @@ static int CmdHF14ADesEnumApplications(const char *Cmd) {
getKeySettings(aid);
// Select Application
c.arg[CMDPOS] = INIT;
c.arg[LENPOS] = 0x04;
c.d.asBytes[0] = SELECT_APPLICATION; // 0x5a
c.d.asBytes[1] = resp.data.asBytes[i];
c.d.asBytes[2] = resp.data.asBytes[i + 1];
c.d.asBytes[3] = resp.data.asBytes[i + 2];
SendCommand(&c);
{
uint8_t data[4] = {SELECT_APPLICATION}; // 0x5a
memcpy(data + 1, &resp.data.asBytes[i], 3);
SendCommandOLD(CMD_MIFARE_DESFIRE, INIT, sizeof(data), 0, data, sizeof(data));
}
if (!WaitForResponseTimeout(CMD_ACK, &respAid, 1500)) {
PrintAndLogEx(WARNING, " Timed-out");
@ -480,10 +465,10 @@ static int CmdHF14ADesEnumApplications(const char *Cmd) {
}
// Get File IDs
c.arg[CMDPOS] = NONE;
c.arg[LENPOS] = 0x01;
c.d.asBytes[0] = GET_FILE_IDS; // 0x6f
SendCommand(&c);
{
uint8_t data[1] = {GET_FILE_IDS}; // 0x6f
SendCommandOLD(CMD_MIFARE_DESFIRE, NONE, sizeof(data), 0, data, sizeof(data));
}
if (!WaitForResponseTimeout(CMD_ACK, &respFiles, 1500)) {
PrintAndLogEx(WARNING, " Timed-out");
@ -501,10 +486,10 @@ static int CmdHF14ADesEnumApplications(const char *Cmd) {
}
// Get ISO File IDs
c.arg[CMDPOS] = DISCONNECT;
c.arg[LENPOS] = 0x01;
c.d.asBytes[0] = GET_ISOFILE_IDS; // 0x61
SendCommand(&c);
{
uint8_t data[1] = {GET_ISOFILE_IDS}; // 0x61
SendCommandOLD(CMD_MIFARE_DESFIRE, DISCONNECT, sizeof(data), 0, data, sizeof(data));
}
if (!WaitForResponseTimeout(CMD_ACK, &respFiles, 1500)) {
PrintAndLogEx(WARNING, " Timed-out");
@ -610,13 +595,11 @@ static int CmdHF14ADesAuth(const char *Cmd) {
PrintAndLogEx(WARNING, "Key must include %d HEX symbols", keylength);
return 1;
}
// algo, nyckell<6C>ngd,
PacketCommandOLD c = {CMD_MIFARE_DESFIRE_AUTH1, { cmdAuthMode, cmdAuthAlgo, cmdKeyNo }, {{0}}};
c.d.asBytes[0] = keylength;
memcpy(c.d.asBytes + 1, key, keylength);
// algo, keylength,
uint8_t data[25] = {keylength}; // max length: 1 + 24 (3k3DES)
memcpy(data + 1, key, keylength);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_DESFIRE_AUTH1, cmdAuthMode, cmdAuthAlgo, cmdKeyNo, data, keylength+1);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 3000)) {

14
client/cmdhfmfdesfire.c
View file

@ -58,8 +58,7 @@ static int CmdHF14AMfDESAuth(const char *Cmd) {
//DES_set_key((DES_cblock *)key2,&ks2);
//Auth1
PacketCommandOLD c = {CMD_MIFARE_DES_AUTH1, {blockNo}};
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_DES_AUTH1, blockNo, 0, 0, NULL, 0);
PacketResponseNG resp;
if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
uint8_t isOK = resp.oldarg[0] & 0xff;
@ -94,11 +93,9 @@ static int CmdHF14AMfDESAuth(const char *Cmd) {
PrintAndLogEx(NORMAL, "b2:%s", sprint_hex(b2, 8));
//Auth2
PacketCommandOLD d = {CMD_MIFARE_DES_AUTH2, {cuid}};
memcpy(reply, b1, 8);
memcpy(reply + 8, b2, 8);
memcpy(d.d.asBytes, reply, 16);
SendCommand(&d);
SendCommandOLD(CMD_MIFARE_DES_AUTH2, cuid, 0, 0, reply, sizeof(reply));
PacketResponseNG respb;
if (WaitForResponseTimeout(CMD_ACK, &respb, 1500)) {
@ -158,8 +155,7 @@ static int CmdHF14AMfAESAuth(const char *Cmd) {
AES_set_decrypt_key(key, 128, &key_d);
//Auth1
PacketCommandOLD c = {CMD_MIFARE_DES_AUTH1, {blockNo}};
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_DES_AUTH1, blockNo, 0, 0, NULL, 0);
PacketResponseNG resp;
if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
uint8_t isOK = resp.oldarg[0] & 0xff;
@ -201,11 +197,9 @@ static int CmdHF14AMfAESAuth(const char *Cmd) {
PrintAndLogEx(NORMAL, "b2:%s", sprint_hex(b2, 16));
//Auth2
PacketCommandOLD d = {CMD_MIFARE_DES_AUTH2, {cuid}};
memcpy(reply, b1, 16);
memcpy(reply + 16, b2, 16);
memcpy(d.d.asBytes, reply, 32);
SendCommand(&d);
SendCommandOLD(CMD_MIFARE_DES_AUTH2, cuid, 0, 0, reply, sizeof(reply));
PacketResponseNG respb;
if (WaitForResponseTimeout(CMD_ACK, &respb, 1500)) {

9
client/cmdhfmfhard.c
View file

@ -1383,20 +1383,17 @@ static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_
flags |= initialize ? 0x0001 : 0;
flags |= slow ? 0x0002 : 0;
flags |= field_off ? 0x0004 : 0;
PacketCommandOLD c = {CMD_MIFARE_ACQUIRE_ENCRYPTED_NONCES, {blockNo + keyType * 0x100, trgBlockNo + trgKeyType * 0x100, flags}, {{0}}};
memcpy(c.d.asBytes, key, 6);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFARE_ACQUIRE_ENCRYPTED_NONCES, blockNo + keyType * 0x100, trgBlockNo + trgKeyType * 0x100, flags, key, 6);
if (field_off) break;
if (initialize) {
if (!WaitForResponseTimeout(CMD_ACK, &resp, 3000)) {
//strange second call (iceman)
PacketCommandOLD c1 = {CMD_MIFARE_ACQUIRE_ENCRYPTED_NONCES, {blockNo + keyType * 0x100, trgBlockNo + trgKeyType * 0x100, 4}, {{0}}};
clearCommandBuffer();
SendCommand(&c1);
SendCommandOLD(CMD_MIFARE_ACQUIRE_ENCRYPTED_NONCES, blockNo + keyType * 0x100, trgBlockNo + trgKeyType * 0x100, 4, NULL, 0);
return 1;
}
if (resp.oldarg[0]) return resp.oldarg[0]; // error during nested_hard
@ -1469,7 +1466,7 @@ static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_
}
if (acquisition_completed) {
field_off = true; // switch off field with next SendCommand and then finish
field_off = true; // switch off field with next SendCommandOLD and then finish
}
if (!initialize) {

3
client/cmdhfmfp.c
View file

@ -42,8 +42,7 @@ static int CmdHFMFPInfo(const char *cmd) {
infoHF14A(false, false);
// Mifare Plus info
PacketCommandOLD c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0}, {{0}}};
SendCommand(&c);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0, NULL, 0);
PacketResponseNG resp;
WaitForResponse(CMD_ACK, &resp);

172
client/cmdhfmfu.c
View file

@ -458,16 +458,13 @@ static char *getUlev1CardSizeStr(uint8_t fsize) {
}
static void ul_switch_on_field(void) {
PacketCommandOLD c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_DISCONNECT | ISO14A_NO_RATS, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_CONNECT | ISO14A_NO_DISCONNECT | ISO14A_NO_RATS, 0, 0, NULL, 0);
}
static int ul_send_cmd_raw(uint8_t *cmd, uint8_t cmdlen, uint8_t *response, uint16_t responseLength) {
PacketCommandOLD c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_APPEND_CRC | ISO14A_NO_RATS, cmdlen, 0}, {{0}}};
memcpy(c.d.asBytes, cmd, cmdlen);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_APPEND_CRC | ISO14A_NO_RATS, cmdlen, 0, cmd, cmdlen);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) return -1;
if (!resp.oldarg[0] && responseLength) return -1;
@ -533,10 +530,8 @@ static int ulc_requestAuthentication(uint8_t *nonce, uint16_t nonceLength) {
static int ulc_authentication(uint8_t *key, bool switch_off_field) {
PacketCommandOLD c = {CMD_MIFAREUC_AUTH, {switch_off_field}, {{0}}};
memcpy(c.d.asBytes, key, 16);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFAREUC_AUTH, switch_off_field, 0, 0, key, 16);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) return 0;
if (resp.oldarg[0] == 1) return 1;
@ -621,12 +616,9 @@ static int ul_fudan_check(void) {
if (!ul_select(&card))
return UL_ERROR;
PacketCommandOLD c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_NO_RATS, 4, 0}, {{0}}};
uint8_t cmd[4] = {0x30, 0x00, 0x02, 0xa7}; //wrong crc on purpose should be 0xa8
memcpy(c.d.asBytes, cmd, 4);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READER_ISO_14443a,ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_NO_RATS, 4, 0, cmd, sizeof(cmd));
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) return UL_ERROR;
if (resp.oldarg[0] != 1) return UL_ERROR;
@ -1475,19 +1467,22 @@ static int CmdHF14AMfUWrBl(const char *Cmd) {
PrintAndLogEx(NORMAL, "Block: %0d (0x%02X) [ %s]", blockNo, blockNo, sprint_hex(blockdata, 4));
//Send write Block
PacketCommandOLD c = {CMD_MIFAREU_WRITEBL, {blockNo}, {{0}}};
memcpy(c.d.asBytes, blockdata, 4);
uint8_t cmddata[20];
memcpy(cmddata, blockdata, 4);
uint8_t datalen = 4;
uint8_t keytype = 0;
if (hasAuthKey) {
c.arg[1] = 1;
memcpy(c.d.asBytes + 4, authKeyPtr, 16);
keytype = 1;
memcpy(cmddata + datalen, authKeyPtr, 16);
datalen += 16;
} else if (hasPwdKey) {
c.arg[1] = 2;
memcpy(c.d.asBytes + 4, authKeyPtr, 4);
keytype = 2;
memcpy(cmddata + datalen, authKeyPtr, 4);
datalen += 4;
}
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFAREU_WRITEBL, blockNo, keytype, 0, cmddata, datalen);
PacketResponseNG resp;
if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
uint8_t isOK = resp.oldarg[0] & 0xff;
@ -1581,17 +1576,18 @@ static int CmdHF14AMfURdBl(const char *Cmd) {
if (swapEndian && hasPwdKey) authKeyPtr = SwapEndian64(authenticationkey, 4, 4);
//Read Block
PacketCommandOLD c = {CMD_MIFAREU_READBL, {blockNo}, {{0}}};
uint8_t keytype = 0;
uint8_t datalen = 0;
if (hasAuthKey) {
c.arg[1] = 1;
memcpy(c.d.asBytes, authKeyPtr, 16);
keytype = 1;
datalen = 16;
} else if (hasPwdKey) {
c.arg[1] = 2;
memcpy(c.d.asBytes, authKeyPtr, 4);
keytype = 2;
datalen = 4;
}
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFAREU_READBL, blockNo, keytype, 0, authKeyPtr, datalen);
PacketResponseNG resp;
if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
uint8_t isOK = resp.oldarg[0] & 0xff;
@ -1846,18 +1842,17 @@ static int CmdHF14AMfUDump(const char *Cmd) {
}
ul_print_type(tagtype, 0);
PrintAndLogEx(SUCCESS, "Reading tag memory...");
PacketCommandOLD c = {CMD_MIFAREU_READCARD, {startPage, pages}, {{0}}};
uint8_t keytype = 0;
if (hasAuthKey) {
if (tagtype & UL_C)
c.arg[2] = 1; //UL_C auth
keytype = 1; //UL_C auth
else
c.arg[2] = 2; //UL_EV1/NTAG auth
memcpy(c.d.asBytes, authKeyPtr, dataLen);
keytype = 2; //UL_EV1/NTAG auth
}
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFAREU_READCARD, startPage, pages, keytype, authKeyPtr, dataLen);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2500)) {
PrintAndLogEx(WARNING, "Command execute time-out");
@ -2010,7 +2005,6 @@ static int CmdHF14AMfURestore(const char *Cmd) {
bool read_key = false;
size_t filelen = 0;
FILE *f;
PacketCommandOLD c = {CMD_MIFAREU_WRITEBL, {0, 0, 0}, {{0}}};
memset(authkey, 0x00, sizeof(authkey));
@ -2114,10 +2108,12 @@ static int CmdHF14AMfURestore(const char *Cmd) {
p_authkey = SwapEndian64(authkey, keylen, 4);
}
uint8_t data[20] = {0};
uint8_t keytype = 0;
// set key - only once
if (hasKey) {
c.arg[1] = (keylen == 16) ? 1 : 2;
memcpy(c.d.asBytes + 4, p_authkey, keylen);
keytype = (keylen == 16) ? 1 : 2;
memcpy(data + 4, p_authkey, keylen);
}
// write version, signature, pack
@ -2130,54 +2126,51 @@ static int CmdHF14AMfURestore(const char *Cmd) {
#define MFU_NTAG_SPECIAL_SIGNATURE 0xF2
// pwd
if (hasKey || read_key) {
c.arg[0] = MFU_NTAG_SPECIAL_PWD;
if (read_key) {
// try reading key from dump and use.
memcpy(c.d.asBytes, mem->data + (bytes_read - 48 - 8), 4);
memcpy(data, mem->data + (bytes_read - 48 - 8), 4);
} else {
memcpy(c.d.asBytes, p_authkey, 4);
memcpy(data, p_authkey, 4);
}
PrintAndLogEx(NORMAL, "special PWD block written 0x%X - %s\n", MFU_NTAG_SPECIAL_PWD, sprint_hex(c.d.asBytes, 4));
PrintAndLogEx(NORMAL, "special PWD block written 0x%X - %s\n", MFU_NTAG_SPECIAL_PWD, sprint_hex(data, 4));
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFAREU_WRITEBL, MFU_NTAG_SPECIAL_PWD, keytype, 0, data, sizeof(data));
wait4response(MFU_NTAG_SPECIAL_PWD);
// copy the new key
c.arg[1] = 2;
memcpy(authkey, c.d.asBytes, 4);
memcpy(c.d.asBytes + 4, authkey, 4);
keytype = 2;
memcpy(authkey, data, 4);
memcpy(data + 4, authkey, 4);
}
// pack
c.arg[0] = MFU_NTAG_SPECIAL_PACK;
c.d.asBytes[0] = mem->pack[0];
c.d.asBytes[1] = mem->pack[1];
c.d.asBytes[2] = 0;
c.d.asBytes[3] = 0;
PrintAndLogEx(NORMAL, "special PACK block written 0x%X - %s\n", MFU_NTAG_SPECIAL_PACK, sprint_hex(c.d.asBytes, 4));
data[0] = mem->pack[0];
data[1] = mem->pack[1];
data[2] = 0;
data[3] = 0;
PrintAndLogEx(NORMAL, "special PACK block written 0x%X - %s\n", MFU_NTAG_SPECIAL_PACK, sprint_hex(data, 4));
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFAREU_WRITEBL, MFU_NTAG_SPECIAL_PACK, keytype, 0, data, sizeof(data));
wait4response(MFU_NTAG_SPECIAL_PACK);
// Signature
for (uint8_t s = MFU_NTAG_SPECIAL_SIGNATURE, i = 0; s < MFU_NTAG_SPECIAL_SIGNATURE + 8; s++, i += 4) {
c.arg[0] = s;
memcpy(c.d.asBytes, mem->signature + i, 4);
PrintAndLogEx(NORMAL, "special SIG block written 0x%X - %s\n", s, sprint_hex(c.d.asBytes, 4));
memcpy(data, mem->signature + i, 4);
PrintAndLogEx(NORMAL, "special SIG block written 0x%X - %s\n", s, sprint_hex(data, 4));
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFAREU_WRITEBL, s, keytype, 0, data, sizeof(data));
wait4response(s);
}
// Version
for (uint8_t s = MFU_NTAG_SPECIAL_VERSION, i = 0; s < MFU_NTAG_SPECIAL_VERSION + 2; s++, i += 4) {
c.arg[0] = s;
memcpy(c.d.asBytes, mem->version + i, 4);
PrintAndLogEx(NORMAL, "special VERSION block written 0x%X - %s\n", s, sprint_hex(c.d.asBytes, 4));
memcpy(data, mem->version + i, 4);
PrintAndLogEx(NORMAL, "special VERSION block written 0x%X - %s\n", s, sprint_hex(data, 4));
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFAREU_WRITEBL, s, keytype, 0, data, sizeof(data));
wait4response(s);
}
}
@ -2189,10 +2182,9 @@ static int CmdHF14AMfURestore(const char *Cmd) {
for (uint8_t b = 4; b < pages - 5; b++) {
//Send write Block
c.arg[0] = b;
memcpy(c.d.asBytes, mem->data + (b * 4), 4);
memcpy(data, mem->data + (b * 4), 4);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFAREU_WRITEBL, b, keytype, 0, data, sizeof(data));
wait4response(b);
printf(".");
fflush(stdout);
@ -2204,18 +2196,17 @@ static int CmdHF14AMfURestore(const char *Cmd) {
PrintAndLogEx(INFO, "Restoring configuration blocks.\n");
PrintAndLogEx(NORMAL, "authentication with keytype[%x] %s\n", (uint8_t)(c.arg[1] & 0xff), sprint_hex(p_authkey, 4));
PrintAndLogEx(NORMAL, "authentication with keytype[%x] %s\n", (uint8_t)(keytype & 0xff), sprint_hex(p_authkey, 4));
// otp, uid, lock, cfg1, cfg0, dynlockbits
uint8_t blocks[] = {3, 0, 1, 2, pages - 5, pages - 4, pages - 3};
for (uint8_t i = 0; i < sizeof(blocks); i++) {
uint8_t b = blocks[i];
c.arg[0] = b;
memcpy(c.d.asBytes, mem->data + (b * 4), 4);
memcpy(data, mem->data + (b * 4), 4);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFAREU_WRITEBL, b, keytype, 0, data, sizeof(data));
wait4response(b);
PrintAndLogEx(NORMAL, "special block written %u - %s\n", b, sprint_hex(c.d.asBytes, 4));
PrintAndLogEx(NORMAL, "special block written %u - %s\n", b, sprint_hex(data, 4));
}
}
@ -2387,10 +2378,8 @@ static int CmdHF14AMfUCSetPwd(const char *Cmd) {
return 1;
}
PacketCommandOLD c = {CMD_MIFAREUC_SETPWD, {0, 0, 0}, {{0}}};
memcpy(c.d.asBytes, pwd, 16);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFAREUC_SETPWD, 0, 0, 0, pwd, 16);
PacketResponseNG resp;
if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
@ -2412,7 +2401,6 @@ static int CmdHF14AMfUCSetPwd(const char *Cmd) {
//
static int CmdHF14AMfUCSetUid(const char *Cmd) {
PacketCommandOLD c = {CMD_MIFAREU_READBL, {0, 0, 0}, {{0}}};
PacketResponseNG resp;
uint8_t uid[7] = {0x00};
char cmdp = tolower(param_getchar(Cmd, 0));
@ -2425,9 +2413,8 @@ static int CmdHF14AMfUCSetUid(const char *Cmd) {
}
// read block2.
c.arg[0] = 2;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFAREU_READBL, 2, 0, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
PrintAndLogEx(WARNING, "Command execute timeout");
return 2;
@ -2438,40 +2425,37 @@ static int CmdHF14AMfUCSetUid(const char *Cmd) {
memcpy(resp.data.asBytes, oldblock2, 4);
// block 0.
c.cmd = CMD_MIFAREU_WRITEBL;
c.arg[0] = 0;
c.d.asBytes[0] = uid[0];
c.d.asBytes[1] = uid[1];
c.d.asBytes[2] = uid[2];
c.d.asBytes[3] = 0x88 ^ uid[0] ^ uid[1] ^ uid[2];
uint8_t data[4];
data[0] = uid[0];
data[1] = uid[1];
data[2] = uid[2];
data[3] = 0x88 ^ uid[0] ^ uid[1] ^ uid[2];
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFAREU_WRITEBL, 0, 0, 0, data, sizeof(data));
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
PrintAndLogEx(WARNING, "Command execute timeout");
return 3;
}
// block 1.
c.arg[0] = 1;
c.d.asBytes[0] = uid[3];
c.d.asBytes[1] = uid[4];
c.d.asBytes[2] = uid[5];
c.d.asBytes[3] = uid[6];
data[0] = uid[3];
data[1] = uid[4];
data[2] = uid[5];
data[3] = uid[6];
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFAREU_WRITEBL, 1, 0, 0, data, sizeof(data));
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
PrintAndLogEx(WARNING, "Command execute timeout");
return 4;
}
// block 2.
c.arg[0] = 2;
c.d.asBytes[0] = uid[3] ^ uid[4] ^ uid[5] ^ uid[6];
c.d.asBytes[1] = oldblock2[1];
c.d.asBytes[2] = oldblock2[2];
c.d.asBytes[3] = oldblock2[3];
data[0] = uid[3] ^ uid[4] ^ uid[5] ^ uid[6];
data[1] = oldblock2[1];
data[2] = oldblock2[2];
data[3] = oldblock2[3];
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MIFAREU_WRITEBL, 2, 0, 0, data, sizeof(data));
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
PrintAndLogEx(WARNING, "Command execute timeout");
return 5;
@ -2487,9 +2471,8 @@ static int CmdHF14AMfUGenDiverseKeys(const char *Cmd) {
if (cmdp == 'r') {
// read uid from tag
PacketCommandOLD c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_RATS, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_CONNECT | ISO14A_NO_RATS, 0, 0, NULL, 0);
PacketResponseNG resp;
WaitForResponse(CMD_ACK, &resp);
iso14a_card_select_t card;
@ -2602,9 +2585,8 @@ static int CmdHF14AMfUPwdGen(const char *Cmd) {
if (cmdp == 'r') {
// read uid from tag
PacketCommandOLD c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_RATS, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_CONNECT | ISO14A_NO_RATS, 0, 0, NULL, 0);
PacketResponseNG resp;
WaitForResponse(CMD_ACK, &resp);
iso14a_card_select_t card;

10
client/cmdhftopaz.c
View file

@ -31,20 +31,16 @@ static struct {
} topaz_tag;
static void topaz_switch_on_field(void) {
PacketCommandOLD c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_SELECT | ISO14A_NO_DISCONNECT | ISO14A_TOPAZMODE | ISO14A_NO_RATS, 0, 0}, {{0}}};
SendCommand(&c);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_CONNECT | ISO14A_NO_SELECT | ISO14A_NO_DISCONNECT | ISO14A_TOPAZMODE | ISO14A_NO_RATS, 0, 0, NULL, 0);
}
static void topaz_switch_off_field(void) {
PacketCommandOLD c = {CMD_READER_ISO_14443a, {0, 0, 0}, {{0}}};
SendCommand(&c);
SendCommandOLD(CMD_READER_ISO_14443a, 0, 0, 0, NULL, 0);
}
// send a raw topaz command, returns the length of the response (0 in case of error)
static int topaz_send_cmd_raw(uint8_t *cmd, uint8_t len, uint8_t *response) {
PacketCommandOLD c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_TOPAZMODE | ISO14A_NO_RATS, len, 0}, {{0}}};
memcpy(c.d.asBytes, cmd, len);
SendCommand(&c);
SendCommandOLD(CMD_READER_ISO_14443a, ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_TOPAZMODE | ISO14A_NO_RATS, len, 0, cmd, len);
PacketResponseNG resp;
WaitForResponse(CMD_ACK, &resp);

65
client/cmdlf.c
View file

@ -144,28 +144,33 @@ static int usage_lf_find(void) {
/* send a LF command before reading */
int CmdLFCommandRead(const char *Cmd) {
PacketCommandOLD c = {CMD_MOD_THEN_ACQUIRE_RAW_ADC_SAMPLES_125K, {0, 0, 0}, {{0}}};
bool errors = false;
uint32_t arg0 = 0;
uint32_t arg1 = 0;
uint32_t arg2 = 0;
uint8_t data[USB_CMD_DATA_SIZE];
uint16_t datalen = 0;
uint8_t cmdp = 0;
while (param_getchar(Cmd, cmdp) != 0x00 && !errors) {
switch (tolower(param_getchar(Cmd, cmdp))) {
case 'h':
return usage_lf_cmdread();
case 'c':
param_getstr(Cmd, cmdp + 1, (char *)&c.d.asBytes, sizeof(c.d.asBytes));
datalen = param_getstr(Cmd, cmdp + 1, (char *)&data, sizeof(data));
cmdp += 2;
break;
case 'd':
c.arg[0] = param_get32ex(Cmd, cmdp + 1, 0, 10);
arg0 = param_get32ex(Cmd, cmdp + 1, 0, 10);
cmdp += 2;
break;
case 'z':
c.arg[1] = param_get32ex(Cmd, cmdp + 1, 0, 10) & 0xFFFF;
arg1 = param_get32ex(Cmd, cmdp + 1, 0, 10) & 0xFFFF;
cmdp += 2;
break;
case 'o':
c.arg[2] = param_get32ex(Cmd, cmdp + 1, 0, 10) & 0xFFFF;
arg2 = param_get32ex(Cmd, cmdp + 1, 0, 10) & 0xFFFF;
cmdp += 2;
break;
default:
@ -179,7 +184,7 @@ int CmdLFCommandRead(const char *Cmd) {
if (errors || cmdp == 0) return usage_lf_cmdread();
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_MOD_THEN_ACQUIRE_RAW_ADC_SAMPLES_125K, arg0, arg1, arg2, data, datalen);
WaitForResponse(CMD_ACK, NULL);
getSamples(0, true);
@ -322,18 +327,15 @@ int CmdLFSetConfig(const char *Cmd) {
sample_config config = { decimation, bps, averaging, divisor, trigger_threshold };
PacketCommandOLD c = {CMD_SET_LF_SAMPLING_CONFIG, {0, 0, 0}, {{0}}};
memcpy(c.d.asBytes, &config, sizeof(sample_config));
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SET_LF_SAMPLING_CONFIG, 0, 0, 0, &config, sizeof(sample_config));
return 0;
}
bool lf_read(bool silent, uint32_t samples) {
if (IsOffline()) return false;
PacketCommandOLD c = {CMD_ACQUIRE_RAW_ADC_SAMPLES_125K, {silent, samples, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ACQUIRE_RAW_ADC_SAMPLES_125K, silent, samples, 0, NULL, 0);
PacketResponseNG resp;
if (g_lf_threshold_set) {
@ -387,9 +389,8 @@ int CmdLFSniff(const char *Cmd) {
uint8_t cmdp = tolower(param_getchar(Cmd, 0));
if (cmdp == 'h') return usage_lf_sniff();
PacketCommandOLD c = {CMD_LF_SNIFF_RAW_ADC_SAMPLES, {0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_LF_SNIFF_RAW_ADC_SAMPLES, 0, 0, 0, NULL, 0);
WaitForResponse(CMD_ACK, NULL);
getSamples(0, false);
return 0;
@ -420,13 +421,8 @@ int CmdLFSim(const char *Cmd) {
//can send only 512 bits at a time (1 byte sent per bit...)
for (uint16_t i = 0; i < GraphTraceLen; i += USB_CMD_DATA_SIZE) {
PacketCommandOLD c = {CMD_UPLOAD_SIM_SAMPLES_125K, {i, FPGA_LF, 0}, {{0}}};
for (uint16_t j = 0; j < USB_CMD_DATA_SIZE; j++)
c.d.asBytes[j] = GraphBuffer[i + j];
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_UPLOAD_SIM_SAMPLES_125K, i, FPGA_LF, 0, &GraphBuffer[i], USB_CMD_DATA_SIZE);
WaitForResponse(CMD_ACK, NULL);
printf(".");
fflush(stdout);
@ -434,9 +430,8 @@ int CmdLFSim(const char *Cmd) {
PrintAndLogEx(NORMAL, "Simulating");
PacketCommandOLD c = {CMD_SIMULATE_TAG_125K, {GraphTraceLen, gap, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SIMULATE_TAG_125K, GraphTraceLen, gap, 0, NULL, 0);
return 0;
}
@ -515,19 +510,13 @@ int CmdLFfskSim(const char *Cmd) {
if (fcHigh == 0) fcHigh = 10;
if (fcLow == 0) fcLow = 8;
uint16_t arg1, arg2;
arg1 = fcHigh << 8 | fcLow;
arg2 = (separator << 8) | clk;
size_t size = DemodBufferLen;
if (size > USB_CMD_DATA_SIZE) {
PrintAndLogEx(NORMAL, "DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
size = USB_CMD_DATA_SIZE;
}
PacketCommandOLD c = {CMD_FSK_SIM_TAG, {arg1, arg2, size}, {{0}}};
memcpy(c.d.asBytes, DemodBuffer, size);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_FSK_SIM_TAG, fcHigh << 8 | fcLow, (separator << 8) | clk, size, DemodBuffer, size);
setClockGrid(clk, 0);
return 0;
@ -607,22 +596,14 @@ int CmdLFaskSim(const char *Cmd) {
if (encoding == 0) clk /= 2; //askraw needs to double the clock speed
size_t size = DemodBufferLen;
if (size > USB_CMD_DATA_SIZE) {
PrintAndLogEx(NORMAL, "DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
size = USB_CMD_DATA_SIZE;
}
PrintAndLogEx(NORMAL, "preparing to sim ask data: %d bits", size);
uint16_t arg1, arg2;
arg1 = clk << 8 | encoding;
arg2 = invert << 8 | separator;
PacketCommandOLD c = {CMD_ASK_SIM_TAG, {arg1, arg2, size}, {{0}}};
memcpy(c.d.asBytes, DemodBuffer, size);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ASK_SIM_TAG, clk << 8 | encoding, invert << 8 | separator, size, DemodBuffer, size);
return 0;
}
@ -718,19 +699,14 @@ int CmdLFpskSim(const char *Cmd) {
PrintAndLogEx(NORMAL, "Sorry, PSK3 not yet available");
}
}
uint16_t arg1, arg2;
arg1 = clk << 8 | carrier;
arg2 = invert;
size_t size = DemodBufferLen;
if (size > USB_CMD_DATA_SIZE) {
PrintAndLogEx(NORMAL, "DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
size = USB_CMD_DATA_SIZE;
}
PacketCommandOLD c = {CMD_PSK_SIM_TAG, {arg1, arg2, size}, {{0}}};
PrintAndLogEx(DEBUG, "DEBUG: Sending DemodBuffer Length: %d", size);
memcpy(c.d.asBytes, DemodBuffer, size);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_PSK_SIM_TAG, clk << 8 | carrier, invert, size, DemodBuffer, size);
return 0;
}
@ -739,8 +715,7 @@ int CmdLFSimBidir(const char *Cmd) {
// Set ADC to twice the carrier for a slight supersampling
// HACK: not implemented in ARMSRC.
PrintAndLogEx(INFO, "Not implemented yet.");
PacketCommandOLD c = {CMD_LF_SIMULATE_BIDIR, {47, 384, 0}, {{0}}};
SendCommand(&c);
SendCommandOLD(CMD_LF_SIMULATE_BIDIR, 47, 384, 0, NULL, 0);
return 0;
}

30
client/cmdlfawid.c
View file

@ -87,10 +87,9 @@ static int usage_lf_awid_brute(void) {
}
static bool sendPing(void) {
PacketCommandOLD ping = {CMD_PING, {1, 2, 3}, {{0}}};
SendCommand(&ping);
SendCommand(&ping);
SendCommand(&ping);
SendCommandOLD(CMD_PING, 1, 2, 3, NULL, 0);
SendCommandOLD(CMD_PING, 1, 2, 3, NULL, 0);
SendCommandOLD(CMD_PING, 1, 2, 3, NULL, 0);
clearCommandBuffer();
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000))
@ -109,13 +108,9 @@ static bool sendTry(uint8_t fmtlen, uint32_t fc, uint32_t cn, uint32_t delay, ui
}
uint8_t clk = 50, high = 10, low = 8, invert = 1;
uint64_t arg1 = (high << 8) + low;
uint64_t arg2 = (invert << 8) + clk;
PacketCommandOLD c = {CMD_FSK_SIM_TAG, {arg1, arg2, bs_len}, {{0}}};
memcpy(c.d.asBytes, bits, bs_len);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_FSK_SIM_TAG, (high << 8) + low, (invert << 8) + clk, bs_len, bits, bs_len);
msleep(delay);
sendPing();
@ -171,9 +166,8 @@ static int CmdAWIDRead_device(const char *Cmd) {
if (Cmd[0] == 'h' || Cmd[0] == 'H') return usage_lf_awid_read();
uint8_t findone = (Cmd[0] == '1') ? 1 : 0;
PacketCommandOLD c = {CMD_AWID_DEMOD_FSK, {findone, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_AWID_DEMOD_FSK, findone, 0, 0, NULL, 0);
return 0;
}
*/
@ -321,8 +315,7 @@ static int CmdAWIDSim(const char *Cmd) {
uint32_t fc = 0, cn = 0;
uint8_t fmtlen = 0;
uint8_t bits[96];
size_t size = sizeof(bits);
memset(bits, 0x00, size);
memset(bits, 0x00, sizeof(bits));
char cmdp = param_getchar(Cmd, 0);
if (strlen(Cmd) == 0 || cmdp == 'h' || cmdp == 'H') return usage_lf_awid_sim();
@ -343,17 +336,13 @@ static int CmdAWIDSim(const char *Cmd) {
}
uint8_t clk = 50, high = 10, low = 8, invert = 1;
uint64_t arg1 = (high << 8) + low;
uint64_t arg2 = (invert << 8) + clk;
// AWID uses: FSK2a fcHigh: 10, fcLow: 8, clk: 50, invert: 1
// arg1 --- fcHigh<<8 + fcLow
// arg2 --- Inversion and clk setting
// 96 --- Bitstream length: 96-bits == 12 bytes
PacketCommandOLD c = {CMD_FSK_SIM_TAG, {arg1, arg2, size}, {{0}}};
memcpy(c.d.asBytes, bits, size);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_FSK_SIM_TAG, (high << 8) + low, (invert << 8) + clk, sizeof(bits), bits, sizeof(bits));
return 0;
}
@ -393,13 +382,10 @@ static int CmdAWIDClone(const char *Cmd) {
print_blocks(blocks, 4);
PacketResponseNG resp;
PacketCommandOLD c = {CMD_T55XX_WRITE_BLOCK, {0, 0, 0}, {{0}}};
for (uint8_t i = 0; i < 4; i++) {
c.arg[0] = blocks[i];
c.arg[1] = i;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_T55XX_WRITE_BLOCK, blocks[i], i, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, T55XX_WRITE_TIMEOUT)) {
PrintAndLogEx(WARNING, "Error occurred, device did not respond during write operation.");
return -1;

3
client/cmdlfcotag.c
View file

@ -74,9 +74,8 @@ static int CmdCOTAGRead(const char *Cmd) {
uint32_t rawsignal = 1;
sscanf(Cmd, "%u", &rawsignal);
PacketCommandOLD c = {CMD_COTAG, {rawsignal, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_COTAG, rawsignal, 0, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, NULL, 7000)) {
PrintAndLogEx(WARNING, "command execution time out");
return -1;

12
client/cmdlfem4x.c
View file

@ -389,8 +389,7 @@ int AskEm410xDemod(const char *Cmd, uint32_t *hi, uint64_t *lo, bool verbose) {
static int CmdEM410xRead_device(const char *Cmd) {
char cmdp = tolower(param_getchar(Cmd, 0));
uint8_t findone = (cmdp == '1') ? 1 : 0;
PacketCommandOLD c = {CMD_EM410X_DEMOD, {findone, 0, 0}, {{0}}};
SendCommand(&c);
SendCommandOLD(CMD_EM410X_DEMOD, findone, 0, 0, NULL, 0);
return 0;
}
*/
@ -648,8 +647,7 @@ static int CmdEM410xWrite(const char *Cmd) {
return 0;
}
PacketCommandOLD c = {CMD_EM410X_WRITE_TAG, {card, (uint32_t)(id >> 32), (uint32_t)id}, {{0}}};
SendCommand(&c);
SendCommandOLD(CMD_EM410X_WRITE_TAG, card, (uint32_t)(id >> 32), (uint32_t)id, NULL, 0);
return 0;
}
@ -1127,9 +1125,8 @@ static bool demodEM4x05resp(uint32_t *word) {
//////////////// 4205 / 4305 commands
static int EM4x05ReadWord_ext(uint8_t addr, uint32_t pwd, bool usePwd, uint32_t *word) {
PacketCommandOLD c = {CMD_EM4X_READ_WORD, {addr, pwd, usePwd}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_EM4X_READ_WORD, addr, pwd, usePwd, NULL, 0);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2500)) {
PrintAndLogEx(DEBUG, "timeout while waiting for reply.");
@ -1230,9 +1227,8 @@ static int CmdEM4x05Write(const char *Cmd) {
uint16_t flag = (addr << 8) | (usePwd);
PacketCommandOLD c = {CMD_EM4X_WRITE_WORD, {flag, data, pwd}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_EM4X_WRITE_WORD, flag, data, pwd, NULL, 0);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
PrintAndLogEx(WARNING, "Error occurred, device did not respond during write operation.");

16
client/cmdlffdx.c
View file

@ -282,13 +282,10 @@ static int CmdFdxClone(const char *Cmd) {
print_blocks(blocks, 5);
PacketResponseNG resp;
PacketCommandOLD c = {CMD_T55XX_WRITE_BLOCK, {0, 0, 0}, {{0}}};
for (int i = 4; i >= 0; --i) {
c.arg[0] = blocks[i];
c.arg[1] = i;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_T55XX_WRITE_BLOCK, blocks[i], i, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, T55XX_WRITE_TIMEOUT)) {
PrintAndLogEx(WARNING, "Error occurred, device did not respond during write operation.");
return -1;
@ -311,19 +308,14 @@ static int CmdFdxSim(const char *Cmd) {
// 32, no STT, BIPHASE INVERTED == diphase
uint8_t clk = 32, encoding = 2, separator = 0, invert = 1;
uint16_t arg1, arg2;
size_t size = 128;
arg1 = clk << 8 | encoding;
arg2 = invert << 8 | separator;
PrintAndLogEx(SUCCESS, "Simulating FDX-B animal ID: %04u-%"PRIu64, countryid, animalid);
PacketCommandOLD c = {CMD_ASK_SIM_TAG, {arg1, arg2, size}, {{0}}};
uint8_t data[128];
//getFDXBits(uint64_t national_id, uint16_t country, uint8_t isanimal, uint8_t isextended, uint32_t extended, uint8_t *bits)
getFDXBits(animalid, countryid, 1, 0, 0, c.d.asBytes);
getFDXBits(animalid, countryid, 1, 0, 0, data);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ASK_SIM_TAG, clk << 8 | encoding, invert << 8 | separator, sizeof(data), data, sizeof(data));
return 0;
}

16
client/cmdlfguard.c
View file

@ -172,13 +172,10 @@ static int CmdGuardClone(const char *Cmd) {
print_blocks(blocks, 4);
PacketResponseNG resp;
PacketCommandOLD c = {CMD_T55XX_WRITE_BLOCK, {0, 0, 0}, {{0}}};
for (i = 0; i < 4; ++i) {
c.arg[0] = blocks[i];
c.arg[1] = i;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_T55XX_WRITE_BLOCK, blocks[i], i, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, T55XX_WRITE_TIMEOUT)) {
PrintAndLogEx(WARNING, "Error occurred, device did not respond during write operation.");
return -1;
@ -199,8 +196,7 @@ static int CmdGuardSim(const char *Cmd) {
if (sscanf(Cmd, "%u %u %u", &fmtlen, &fc, &cn) != 3) return usage_lf_guard_sim();
uint8_t bs[96];
size_t size = sizeof(bs);
memset(bs, 0x00, size);
memset(bs, 0x00, sizeof(bs));
fmtlen &= 0x7F;
facilitycode = (fc & 0x000000FF);
@ -213,14 +209,8 @@ static int CmdGuardSim(const char *Cmd) {
PrintAndLogEx(SUCCESS, "Simulating Guardall - Facility Code: %u, CardNumber: %u", facilitycode, cardnumber);
uint64_t arg1, arg2;
arg1 = (clock1 << 8) | encoding;
arg2 = (invert << 8) | separator;
PacketCommandOLD c = {CMD_ASK_SIM_TAG, {arg1, arg2, size}, {{0}}};
memcpy(c.d.asBytes, bs, size);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ASK_SIM_TAG, (clock1 << 8) | encoding, (invert << 8) | separator, sizeof(bs), bs, sizeof(bs));
return 0;
}

30
client/cmdlfhid.c
View file

@ -93,10 +93,9 @@ static int usage_lf_hid_brute(void) {
// sending three times. Didn't seem to break the previous sim?
static bool sendPing(void) {
PacketCommandOLD ping = {CMD_PING, {1, 2, 3}, {{0}}};
SendCommand(&ping);
SendCommand(&ping);
SendCommand(&ping);
SendCommandOLD(CMD_PING, 1, 2, 3, NULL, 0);
SendCommandOLD(CMD_PING, 1, 2, 3, NULL, 0);
SendCommandOLD(CMD_PING, 1, 2, 3, NULL, 0);
clearCommandBuffer();
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000))
@ -111,11 +110,8 @@ static bool sendTry(uint8_t fmtlen, uint32_t fc, uint32_t cn, uint32_t delay, ui
calcWiegand(fmtlen, fc, cn, bits, 0);
uint64_t arg1 = bytebits_to_byte(bits, 32);
uint64_t arg2 = bytebits_to_byte(bits + 32, 32);
PacketCommandOLD c = {CMD_HID_SIM_TAG, {arg1, arg2, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_HID_SIM_TAG, bytebits_to_byte(bits, 32), bytebits_to_byte(bits + 32, 32), 0, NULL, 0);
msleep(delay);
sendPing();
@ -242,9 +238,8 @@ static int CmdHIDRead_device(const char *Cmd) {
if (Cmd[0] == 'h' || Cmd[0] == 'H') return usage_lf_hid_read();
uint8_t findone = (Cmd[0] == '1') ? 1 : 0;
PacketCommandOLD c = {CMD_HID_DEMOD_FSK, {findone, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_HID_DEMOD_FSK, findone, 0, 0, NULL, 0);
return 0;
}
*/
@ -263,9 +258,8 @@ static int CmdHIDSim(const char *Cmd) {
PrintAndLogEx(SUCCESS, "Simulating HID tag with ID %x%08x", hi, lo);
PrintAndLogEx(SUCCESS, "Press pm3-button to abort simulation");
PacketCommandOLD c = {CMD_HID_SIM_TAG, {hi, lo, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_HID_SIM_TAG, hi, lo, 0, NULL, 0);
return 0;
}
@ -273,11 +267,10 @@ static int CmdHIDClone(const char *Cmd) {
uint32_t hi2 = 0, hi = 0, lo = 0;
uint32_t n = 0, i = 0;
PacketCommandOLD c = {CMD_HID_CLONE_TAG, {0, 0, 0}, {{0}}};
uint8_t ctmp = param_getchar(Cmd, 0);
if (strlen(Cmd) == 0 || ctmp == 'H' || ctmp == 'h') return usage_lf_hid_clone();
uint8_t longid[1] = {0};
if (strchr(Cmd, 'l') != 0) {
while (sscanf(&Cmd[i++], "%1x", &n) == 1) {
hi2 = (hi2 << 4) | (hi >> 28);
@ -287,7 +280,7 @@ static int CmdHIDClone(const char *Cmd) {
PrintAndLogEx(INFO, "Preparing to clone HID tag with long ID %x%08x%08x", hi2, hi, lo);
c.d.asBytes[0] = 1;
longid[0] = 1;
} else {
while (sscanf(&Cmd[i++], "%1x", &n) == 1) {
hi = (hi << 4) | (lo >> 28);
@ -295,15 +288,10 @@ static int CmdHIDClone(const char *Cmd) {
}
PrintAndLogEx(INFO, "Preparing to clone HID tag with ID %x%08x", hi, lo);
hi2 = 0;
c.d.asBytes[0] = 0;
}
c.arg[0] = hi2;
c.arg[1] = hi;
c.arg[2] = lo;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_HID_CLONE_TAG, hi2, hi, lo, longid, sizeof(longid));
return 0;
}

77
client/cmdlfhitag.c
View file

@ -260,9 +260,8 @@ static int CmdLFHitagSniff(const char *Cmd) {
char ctmp = tolower(param_getchar(Cmd, 0));
if (ctmp == 'h') return usage_hitag_sniff();
PacketCommandOLD c = {CMD_SNIFF_HITAG, {0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SNIFF_HITAG, 0, 0, 0, NULL, 0);
return 0;
}
@ -277,8 +276,7 @@ static int CmdLFHitagSim(const char *Cmd) {
int res = 0;
char filename[FILE_PATH_SIZE] = { 0x00 };
PacketCommandOLD c = {CMD_SIMULATE_HITAG, {0, 0, 0}, {{0}}};
uint16_t cmd = CMD_SIMULATE_HITAG;
while (param_getchar(Cmd, cmdp) != 0x00 && !errors) {
switch (tolower(param_getchar(Cmd, cmdp))) {
case 'h':
@ -289,7 +287,7 @@ static int CmdLFHitagSim(const char *Cmd) {
cmdp++;
break;
case 's':
c.cmd = CMD_SIMULATE_HITAG_S;
cmd = CMD_SIMULATE_HITAG_S;
maxdatalen = 4 * 64;
cmdp++;
break;
@ -337,12 +335,12 @@ static int CmdLFHitagSim(const char *Cmd) {
return usage_hitag_sim();
}
c.arg[0] = (uint32_t)tag_mem_supplied;
if (tag_mem_supplied) {
memcpy(c.d.asBytes, data, datalen);
}
clearCommandBuffer();
SendCommand(&c);
if (tag_mem_supplied) {
SendCommandOLD(cmd, 1, 0, 0, data, datalen);
} else {
SendCommandOLD(cmd, 0, 0, 0, NULL, 0);
}
free(data);
return 0;
@ -458,9 +456,8 @@ static void printHitagConfiguration(uint8_t config) {
static bool getHitagUid(uint32_t *uid) {
PacketCommandOLD c = {CMD_READER_HITAG, {RHT2F_UID_ONLY, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READER_HITAG, RHT2F_UID_ONLY, 0, 0, NULL, 0);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2500)) {
PrintAndLogEx(WARNING, "timeout while waiting for reply.");
@ -513,33 +510,33 @@ static int CmdLFHitagInfo(const char *Cmd) {
//
static int CmdLFHitagReader(const char *Cmd) {
PacketCommandOLD c = {CMD_READER_HITAG, {0, 0, 0}, {{0}}};
hitag_data *htd = (hitag_data *)c.d.asBytes;
uint16_t cmd = CMD_READER_HITAG;
hitag_data htd;
hitag_function htf = param_get32ex(Cmd, 0, 0, 10);
switch (htf) {
case RHTSF_CHALLENGE: {
c.cmd = CMD_READ_HITAG_S;
num_to_bytes(param_get32ex(Cmd, 1, 0, 16), 4, htd->auth.NrAr);
num_to_bytes(param_get32ex(Cmd, 2, 0, 16), 4, htd->auth.NrAr + 4);
cmd = CMD_READ_HITAG_S;
num_to_bytes(param_get32ex(Cmd, 1, 0, 16), 4, htd.auth.NrAr);
num_to_bytes(param_get32ex(Cmd, 2, 0, 16), 4, htd.auth.NrAr + 4);
break;
}
case RHTSF_KEY: {
c.cmd = CMD_READ_HITAG_S;
num_to_bytes(param_get64ex(Cmd, 1, 0, 16), 6, htd->crypto.key);
cmd = CMD_READ_HITAG_S;
num_to_bytes(param_get64ex(Cmd, 1, 0, 16), 6, htd.crypto.key);
break;
}
case RHT2F_PASSWORD: {
num_to_bytes(param_get32ex(Cmd, 1, 0, 16), 4, htd->pwd.password);
num_to_bytes(param_get32ex(Cmd, 1, 0, 16), 4, htd.pwd.password);
break;
}
case RHT2F_AUTHENTICATE: {
num_to_bytes(param_get32ex(Cmd, 1, 0, 16), 4, htd->auth.NrAr);
num_to_bytes(param_get32ex(Cmd, 2, 0, 16), 4, htd->auth.NrAr + 4);
num_to_bytes(param_get32ex(Cmd, 1, 0, 16), 4, htd.auth.NrAr);
num_to_bytes(param_get32ex(Cmd, 2, 0, 16), 4, htd.auth.NrAr + 4);
break;
}
case RHT2F_CRYPTO: {
num_to_bytes(param_get64ex(Cmd, 1, 0, 16), 6, htd->crypto.key);
num_to_bytes(param_get64ex(Cmd, 1, 0, 16), 6, htd.crypto.key);
break;
}
case RHT2F_TEST_AUTH_ATTEMPTS: {
@ -556,9 +553,8 @@ static int CmdLFHitagReader(const char *Cmd) {
return usage_hitag_reader();
}
c.arg[0] = htf;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(cmd, htf, 0, 0, &htd, sizeof(htd));
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 4000)) {
PrintAndLogEx(WARNING, "timeout while waiting for reply.");
@ -595,7 +591,6 @@ static int CmdLFHitagReader(const char *Cmd) {
static int CmdLFHitagCheckChallenges(const char *Cmd) {
PacketCommandOLD c = { CMD_TEST_HITAGS_TRACES, {0, 0, 0}, {{0}}};
char filename[FILE_PATH_SIZE] = { 0x00 };
size_t datalen = 0;
int res = 0;
@ -610,14 +605,13 @@ static int CmdLFHitagCheckChallenges(const char *Cmd) {
free(data);
return usage_hitag_checkchallenges();
case 'f':
//file with all the challenges to try
param_getstr(Cmd, cmdp + 1, filename, sizeof(filename));
res = loadFile(filename, "cc", data, 8 * 60, &datalen);
if (res > 0) {
errors = true;
break;
}
memcpy(c.d.asBytes, data, datalen);
file_given = true;
cmdp += 2;
break;
@ -634,32 +628,33 @@ static int CmdLFHitagCheckChallenges(const char *Cmd) {
return usage_hitag_checkchallenges();
}
//file with all the challenges to try
c.arg[0] = (uint32_t)file_given;
clearCommandBuffer();
SendCommand(&c);
if (file_given)
SendCommandOLD(CMD_TEST_HITAGS_TRACES, 1, 0, 0, data, datalen);
else
SendCommandOLD(CMD_TEST_HITAGS_TRACES, 0, 0, 0, NULL, 0);
free(data);
return 0;
}
static int CmdLFHitagWriter(const char *Cmd) {
PacketCommandOLD c = { CMD_WR_HITAG_S, {0, 0, 0}, {{0}}};
hitag_data *htd = (hitag_data *)c.d.asBytes;
hitag_data htd;
hitag_function htf = param_get32ex(Cmd, 0, 0, 10);
uint32_t arg2 = 0;
switch (htf) {
case WHTSF_CHALLENGE: {
num_to_bytes(param_get64ex(Cmd, 1, 0, 16), 8, htd->auth.NrAr);
c.arg[2] = param_get32ex(Cmd, 2, 0, 10);
num_to_bytes(param_get32ex(Cmd, 3, 0, 16), 4, htd->auth.data);
num_to_bytes(param_get64ex(Cmd, 1, 0, 16), 8, htd.auth.NrAr);
arg2 = param_get32ex(Cmd, 2, 0, 10);
num_to_bytes(param_get32ex(Cmd, 3, 0, 16), 4, htd.auth.data);
break;
}
case WHTSF_KEY:
case WHT2F_CRYPTO: {
num_to_bytes(param_get64ex(Cmd, 1, 0, 16), 6, htd->crypto.key);
c.arg[2] = param_get32ex(Cmd, 2, 0, 10);
num_to_bytes(param_get32ex(Cmd, 3, 0, 16), 4, htd->crypto.data);
num_to_bytes(param_get64ex(Cmd, 1, 0, 16), 6, htd.crypto.key);
arg2 = param_get32ex(Cmd, 2, 0, 10);
num_to_bytes(param_get32ex(Cmd, 3, 0, 16), 4, htd.crypto.data);
break;
}
case RHTSF_CHALLENGE:
@ -672,10 +667,8 @@ static int CmdLFHitagWriter(const char *Cmd) {
return usage_hitag_writer();
}
c.arg[0] = htf;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_WR_HITAG_S, htf, 0, arg2, &htd, sizeof(htd));
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 4000)) {
PrintAndLogEx(WARNING, "timeout while waiting for reply.");

40
client/cmdlfindala.c
View file

@ -373,8 +373,7 @@ static int CmdIndalaSim(const char *Cmd) {
if (strlen(Cmd) == 0 || cmdp == 'h') return usage_lf_indala_sim();
uint8_t bits[224];
size_t size = sizeof(bits);
memset(bits, 0x00, size);
memset(bits, 0x00, sizeof(bits));
// uid
uint8_t hexuid[100];
@ -394,9 +393,6 @@ static int CmdIndalaSim(const char *Cmd) {
// indala PSK
uint8_t clk = 32, carrier = 2, invert = 0;
uint16_t arg1, arg2;
arg1 = clk << 8 | carrier;
arg2 = invert;
// It has to send either 64bits (8bytes) or 224bits (28bytes). Zero padding needed if not.
// lf simpsk 1 c 32 r 2 d 0102030405060708
@ -404,10 +400,8 @@ static int CmdIndalaSim(const char *Cmd) {
PrintAndLogEx(SUCCESS, "Simulating Indala UID: %s", sprint_hex(hexuid, len));
PrintAndLogEx(SUCCESS, "Press pm3-button to abort simulation or run another command");
PacketCommandOLD c = {CMD_PSK_SIM_TAG, {arg1, arg2, size}, {{0}}};
memcpy(c.d.asBytes, bits, size);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_PSK_SIM_TAG, clk << 8 | carrier, invert, sizeof(bits), bits, sizeof(bits));
return 0;
}
@ -438,27 +432,27 @@ static int CmdIndalaClone(const char *Cmd) {
CLIGetHexWithReturn(2, data, &datalen);
CLIParserFree();
PacketCommandOLD c = {0, {0, 0, 0}, {{0}}};
if (isLongUid) {
PrintAndLogEx(INFO, "Preparing to clone Indala 224bit tag with RawID %s", sprint_hex(data, datalen));
c.cmd = CMD_INDALA_CLONE_TAG_L;
c.d.asDwords[0] = bytes_to_num(data, 4);
c.d.asDwords[1] = bytes_to_num(data + 4, 4);
c.d.asDwords[2] = bytes_to_num(data + 8, 4);
c.d.asDwords[3] = bytes_to_num(data + 12, 4);
c.d.asDwords[4] = bytes_to_num(data + 16, 4);
c.d.asDwords[5] = bytes_to_num(data + 20, 4);
c.d.asDwords[6] = bytes_to_num(data + 24, 4);
uint32_t datawords[7] = {0};
datawords[0] = bytes_to_num(data, 4);
datawords[1] = bytes_to_num(data + 4, 4);
datawords[2] = bytes_to_num(data + 8, 4);
datawords[3] = bytes_to_num(data + 12, 4);
datawords[4] = bytes_to_num(data + 16, 4);
datawords[5] = bytes_to_num(data + 20, 4);
datawords[6] = bytes_to_num(data + 24, 4);
clearCommandBuffer();
SendCommandOLD(CMD_INDALA_CLONE_TAG_L, 0, 0, 0, datawords, sizeof(datawords));
} else {
PrintAndLogEx(INFO, "Preparing to clone Indala 64bit tag with RawID %s", sprint_hex(data, datalen));
c.cmd = CMD_INDALA_CLONE_TAG;
c.d.asDwords[0] = bytes_to_num(data, 4);
c.d.asDwords[1] = bytes_to_num(data + 4, 4);
uint32_t datawords[2] = {0};
datawords[0] = bytes_to_num(data, 4);
datawords[1] = bytes_to_num(data + 4, 4);
clearCommandBuffer();
SendCommandOLD(CMD_INDALA_CLONE_TAG, 0, 0, 0, datawords, sizeof(datawords));
}
clearCommandBuffer();
SendCommand(&c);
return 0;
}

17
client/cmdlfio.c
View file

@ -66,9 +66,8 @@ static int usage_lf_io_clone(void) {
static int CmdIOProxRead_device(const char *Cmd) {
if (Cmd[0] == 'h' || Cmd[0] == 'H') return usage_lf_io_read();
int findone = (Cmd[0] == '1') ? 1 : 0;
PacketCommandOLD c = {CMD_IO_DEMOD_FSK, {findone, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_IO_DEMOD_FSK, findone, 0, 0, NULL, 0);
return 0;
}
*/
@ -181,8 +180,7 @@ static int CmdIOProxSim(const char *Cmd) {
uint16_t cn = 0;
uint8_t version = 0, fc = 0;
uint8_t bits[64];
size_t size = sizeof(bits);
memset(bits, 0x00, size);
memset(bits, 0x00, sizeof(bits));
char cmdp = tolower(param_getchar(Cmd, 0));
if (strlen(Cmd) == 0 || cmdp == 'h') return usage_lf_io_sim();
@ -200,9 +198,6 @@ static int CmdIOProxSim(const char *Cmd) {
// clock 64, FSK2a fcHIGH 10 | fcLOW 8
uint8_t clk = 64, invert = 1, high = 10, low = 8;
uint16_t arg1, arg2;
arg1 = high << 8 | low;
arg2 = invert << 8 | clk;
PrintAndLogEx(SUCCESS, "Simulating IOProx version: %u FC: %u; CN: %u\n", version, fc, cn);
PrintAndLogEx(SUCCESS, "Press pm3-button to abort simulation or run another command");
@ -215,10 +210,8 @@ static int CmdIOProxSim(const char *Cmd) {
// arg1 --- fcHigh<<8 + fcLow
// arg2 --- Invert and clk setting
// size --- 64 bits == 8 bytes
PacketCommandOLD c = {CMD_FSK_SIM_TAG, {arg1, arg2, size}, {{0}}};
memcpy(c.d.asBytes, bits, size);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_FSK_SIM_TAG, high << 8 | low, invert << 8 | clk, sizeof(bits), bits, sizeof(bits));
return 0;
}
@ -258,10 +251,8 @@ static int CmdIOProxClone(const char *Cmd) {
PrintAndLogEx(INFO, "Preparing to clone IOProx to T55x7 with Version: %u FC: %u, CN: %u", version, fc, cn);
print_blocks(blocks, 3);
//PacketCommandOLD c = {CMD_T55XX_WRITE_BLOCK, {0,0,0}, {{0}}};
PacketCommandOLD c = {CMD_IO_CLONE_TAG, {blocks[1], blocks[2], 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_IO_CLONE_TAG, blocks[1], blocks[2], 0, NULL, 0);
return 0;
}

16
client/cmdlfjablotron.c
View file

@ -156,13 +156,10 @@ static int CmdJablotronClone(const char *Cmd) {
print_blocks(blocks, 3);
PacketResponseNG resp;
PacketCommandOLD c = {CMD_T55XX_WRITE_BLOCK, {0, 0, 0}, {{0}}};
for (uint8_t i = 0; i < 3; i++) {
c.arg[0] = blocks[i];
c.arg[1] = i;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_T55XX_WRITE_BLOCK, blocks[i], i, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, T55XX_WRITE_TIMEOUT)) {
PrintAndLogEx(WARNING, "Error occurred, device did not respond during write operation.");
return -1;
@ -186,17 +183,12 @@ static int CmdJablotronSim(const char *Cmd) {
}
uint8_t clk = 64, encoding = 2, separator = 0, invert = 1;
uint16_t arg1, arg2;
size_t size = 64;
arg1 = clk << 8 | encoding;
arg2 = invert << 8 | separator;
PrintAndLogEx(SUCCESS, "Simulating Jablotron - FullCode: %"PRIx64, fullcode);
PacketCommandOLD c = {CMD_ASK_SIM_TAG, {arg1, arg2, size}, {{0}}};
getJablotronBits(fullcode, c.d.asBytes);
uint8_t data[64];
getJablotronBits(fullcode, data);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ASK_SIM_TAG, clk << 8 | encoding, invert << 8 | separator, sizeof(data), data, sizeof(data));
return 0;
}

14
client/cmdlfkeri.c
View file

@ -147,14 +147,10 @@ static int CmdKeriClone(const char *Cmd) {
PacketResponseNG resp;
PacketCommandOLD c = {CMD_T55XX_WRITE_BLOCK, {0, 0, 0}, {{0}}};
for (uint8_t i = 0; i < 3; i++) {
c.arg[0] = blocks[i];
c.arg[1] = i;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_T55XX_WRITE_BLOCK, blocks[i], i, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, T55XX_WRITE_TIMEOUT)) {
PrintAndLogEx(WARNING, "Error occurred, device did not respond during write operation.");
return -1;
@ -182,17 +178,11 @@ static int CmdKeriSim(const char *Cmd) {
}
uint8_t clk = 32, carrier = 2, invert = 0;
uint16_t arg1, arg2;
size_t size = 64;
arg1 = clk << 8 | carrier;
arg2 = invert;
PrintAndLogEx(SUCCESS, "Simulating KERI - Internal Id: %u", internalid);
PacketCommandOLD c = {CMD_PSK_SIM_TAG, {arg1, arg2, size}, {{0}}};
memcpy(c.d.asBytes, bits, size);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_PSK_SIM_TAG, clk << 8 | carrier, invert, sizeof(bits), bits, sizeof(bits));
return 0;
}

15
client/cmdlfnedap.c
View file

@ -203,13 +203,10 @@ static int CmdLFNedapClone(const char *Cmd) {
print_blocks(blocks, 5);
PacketResponseNG resp;
PacketCommandOLD c = {CMD_T55XX_WRITE_BLOCK, {0,0,0}, {{0}}};
for (uint8_t i = 0; i<5; ++i ) {
c.arg[0] = blocks[i];
c.arg[1] = i;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_T55XX_WRITE_BLOCK, blocks[i], i, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, T55XX_WRITE_TIMEOUT)){
PrintAndLogEx(WARNING, "Error occurred, device did not respond during write operation.");
return -1;
@ -231,14 +228,10 @@ static int CmdLFNedapSim(const char *Cmd) {
cardnumber = (cn & 0x00FFFFFF);
uint8_t bs[128];
size_t size = sizeof(bs);
memset(bs, 0x00, size);
memset(bs, 0x00, sizeof(bs));
// NEDAP, Biphase = 2, clock 64, inverted, (DIPhase == inverted BIphase
uint8_t clk = 64, encoding = 2, separator = 0, invert = 1;
uint16_t arg1, arg2;
arg1 = clk << 8 | encoding;
arg2 = invert << 8 | separator;
if (!getNedapBits(cardnumber, bs)) {
PrintAndLogEx(WARNING, "Error with tag bitstream generation.");
@ -248,10 +241,8 @@ static int CmdLFNedapSim(const char *Cmd) {
PrintAndLogEx(SUCCESS, "bin %s", sprint_bin_break(bs, 128, 32));
PrintAndLogEx(SUCCESS, "Simulating Nedap - CardNumber: %u", cardnumber);
PacketCommandOLD c = {CMD_ASK_SIM_TAG, {arg1, arg2, size}, {{0}}};
memcpy(c.d.asBytes, bs, size);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ASK_SIM_TAG, clk << 8 | encoding, invert << 8 | separator, sizeof(bs), bs, sizeof(bs));
return 0;
}

18
client/cmdlfnoralsy.c
View file

@ -155,13 +155,10 @@ static int CmdNoralsyClone(const char *Cmd) {
print_blocks(blocks, 4);
PacketResponseNG resp;
PacketCommandOLD c = {CMD_T55XX_WRITE_BLOCK, {0, 0, 0}, {{0}}};
for (uint8_t i = 0; i < 4; i++) {
c.arg[0] = blocks[i];
c.arg[1] = i;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_T55XX_WRITE_BLOCK, blocks[i], i, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, T55XX_WRITE_TIMEOUT)) {
PrintAndLogEx(WARNING, "Error occurred, device did not respond during write operation.");
return -1;
@ -173,8 +170,7 @@ static int CmdNoralsyClone(const char *Cmd) {
static int CmdNoralsySim(const char *Cmd) {
uint8_t bits[96];
uint8_t *bs = bits;
memset(bs, 0, sizeof(bits));
memset(bits, 0, sizeof(bits));
uint16_t year = 0;
uint32_t id = 0;
@ -186,22 +182,16 @@ static int CmdNoralsySim(const char *Cmd) {
year = param_get32ex(Cmd, 1, 2000, 10);
uint8_t clk = 32, encoding = 1, separator = 1, invert = 0;
uint16_t arg1, arg2;
size_t size = 96;
arg1 = clk << 8 | encoding;
arg2 = invert << 8 | separator;
if (!getnoralsyBits(id, year, bs)) {
if (!getnoralsyBits(id, year, bits)) {
PrintAndLogEx(WARNING, "Error with tag bitstream generation.");
return 1;
}
PrintAndLogEx(SUCCESS, "Simulating Noralsy - CardId: %u", id);
PacketCommandOLD c = {CMD_ASK_SIM_TAG, {arg1, arg2, size}, {{0}}};
memcpy(c.d.asBytes, bs, size);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ASK_SIM_TAG, clk << 8 | encoding, invert << 8 | separator, sizeof(bits), bits, sizeof(bits));
return 0;
}

10
client/cmdlfparadox.c
View file

@ -117,14 +117,10 @@ static int CmdParadoxSim(const char *Cmd) {
uint32_t facilitycode = 0, cardnumber = 0, fc = 0, cn = 0;
uint8_t bs[96];
size_t size = sizeof(bs);
memset(bs, 0x00, size);
memset(bs, 0x00, sizeof(bs));
// Paradox uses: fcHigh: 10, fcLow: 8, clk: 50, invert: 1 FSK2a
uint8_t clk = 50, invert = 1, high = 10, low = 8;
uint16_t arg1, arg2;
arg1 = high << 8 | low;
arg2 = invert << 8 | clk;
if (sscanf(Cmd, "%u %u", &fc, &cn) != 2) return usage_lf_paradox_sim();
@ -138,10 +134,8 @@ static int CmdParadoxSim(const char *Cmd) {
PrintAndLogEx(NORMAL, "Simulating Paradox - Facility Code: %u, CardNumber: %u", facilitycode, cardnumber);
PacketCommandOLD c = {CMD_FSK_SIM_TAG, {arg1, arg2, size}, {{0}}};
memcpy(c.d.asBytes, bs, size);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_FSK_SIM_TAG, high << 8 | low, invert << 8 | clk, sizeof(bs), bs, sizeof(bs));
PrintAndLogEx(NORMAL, "UNFINISHED");
return 0;

15
client/cmdlfpcf7931.c
View file

@ -100,9 +100,8 @@ static int CmdLFPCF7931Read(const char *Cmd) {
if (ctmp == 'H' || ctmp == 'h') return usage_pcf7931_read();
PacketResponseNG resp;
PacketCommandOLD c = {CMD_PCF7931_READ, {0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_PCF7931_READ, 0, 0, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2500)) {
PrintAndLogEx(WARNING, "command execution time out");
return 1;
@ -145,14 +144,14 @@ static int CmdLFPCF7931Write(const char *Cmd) {
PrintAndLogEx(NORMAL, " pos: %d", bytepos);
PrintAndLogEx(NORMAL, " data: 0x%02X", data);
PacketCommandOLD c = {CMD_PCF7931_WRITE, { block, bytepos, data}, {{0}}};
memcpy(c.d.asDwords, configPcf.Pwd, sizeof(configPcf.Pwd));
c.d.asDwords[7] = (configPcf.OffsetWidth + 128);
c.d.asDwords[8] = (configPcf.OffsetPosition + 128);
c.d.asDwords[9] = configPcf.InitDelay;
uint32_t buf[10]; // TODO sparse struct, 7 *bytes* then words at offset 4*7!
memcpy(buf, configPcf.Pwd, sizeof(configPcf.Pwd));
buf[7] = (configPcf.OffsetWidth + 128);
buf[8] = (configPcf.OffsetPosition + 128);
buf[9] = configPcf.InitDelay;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_PCF7931_WRITE, block, bytepos, data, buf, sizeof(buf));
//no ack?
return 0;
}

16
client/cmdlfpresco.c
View file

@ -121,13 +121,10 @@ static int CmdPrescoClone(const char *Cmd) {
print_blocks(blocks, 5);
PacketResponseNG resp;
PacketCommandOLD c = {CMD_T55XX_WRITE_BLOCK, {0, 0, 0}, {{0}}};
for (uint8_t i = 0; i < 5; i++) {
c.arg[0] = blocks[i];
c.arg[1] = i;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_T55XX_WRITE_BLOCK, blocks[i], i, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, T55XX_WRITE_TIMEOUT)) {
PrintAndLogEx(WARNING, "Error occurred, device did not respond during write operation.");
return -1;
@ -145,17 +142,12 @@ static int CmdPrescoSim(const char *Cmd) {
if (getWiegandFromPresco(Cmd, &sitecode, &usercode, &fullcode, &Q5) == -1) return usage_lf_presco_sim();
uint8_t clk = 32, encoding = 1, separator = 1, invert = 0;
uint16_t arg1, arg2;
size_t size = 128;
arg1 = clk << 8 | encoding;
arg2 = invert << 8 | separator;
PrintAndLogEx(SUCCESS, "Simulating Presco - SiteCode: %u, UserCode: %u, FullCode: %08X", sitecode, usercode, fullcode);
PacketCommandOLD c = {CMD_ASK_SIM_TAG, {arg1, arg2, size}, {{0}}};
getPrescoBits(fullcode, c.d.asBytes);
clearCommandBuffer();
SendCommand(&c);
uint8_t data[128];
getPrescoBits(fullcode, data);
SendCommandOLD(CMD_ASK_SIM_TAG, clk << 8 | encoding, invert << 8 | separator, sizeof(data), data, sizeof(data));
return 0;
}

15
client/cmdlfpyramid.c
View file

@ -233,13 +233,10 @@ static int CmdPyramidClone(const char *Cmd) {
print_blocks(blocks, 5);
PacketResponseNG resp;
PacketCommandOLD c = {CMD_T55XX_WRITE_BLOCK, {0, 0, 0}, {{0}}};
for (uint8_t i = 0; i < 5; ++i) {
c.arg[0] = blocks[i];
c.arg[1] = i;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_T55XX_WRITE_BLOCK, blocks[i], i, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, T55XX_WRITE_TIMEOUT)) {
PrintAndLogEx(WARNING, "Error occurred, device did not respond during write operation.");
return -1;
@ -256,14 +253,10 @@ static int CmdPyramidSim(const char *Cmd) {
uint32_t facilitycode = 0, cardnumber = 0, fc = 0, cn = 0;
uint8_t bs[128];
size_t size = sizeof(bs);
memset(bs, 0x00, size);
memset(bs, 0x00, sizeof(bs));
// Pyramid uses: fcHigh: 10, fcLow: 8, clk: 50, invert: 0
uint8_t clk = 50, invert = 0, high = 10, low = 8;
uint16_t arg1, arg2;
arg1 = high << 8 | low;
arg2 = invert << 8 | clk;
if (sscanf(Cmd, "%u %u", &fc, &cn) != 2) return usage_lf_pyramid_sim();
@ -277,10 +270,8 @@ static int CmdPyramidSim(const char *Cmd) {
PrintAndLogEx(SUCCESS, "Simulating Farpointe/Pyramid - Facility Code: %u, CardNumber: %u", facilitycode, cardnumber);
PacketCommandOLD c = {CMD_FSK_SIM_TAG, {arg1, arg2, size}, {{0}}};
memcpy(c.d.asBytes, bs, size);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_FSK_SIM_TAG, high << 8 | low, invert << 8 | clk, sizeof(bs), bs, sizeof(bs));
return 0;
}

29
client/cmdlft55xx.c
View file

@ -1018,9 +1018,8 @@ static int CmdT55xxWakeUp(const char *Cmd) {
}
if (errors) return usage_t55xx_wakup();
PacketCommandOLD c = {CMD_T55XX_WAKEUP, {password, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_T55XX_WAKEUP, password, 0, 0, NULL, 0);
PrintAndLogEx(SUCCESS, "Wake up command sent. Try read now");
return 0;
}
@ -1074,24 +1073,25 @@ static int CmdT55xxWriteBlock(const char *Cmd) {
return 0;
}
PacketCommandOLD c = {CMD_T55XX_WRITE_BLOCK, {data, block, 0}, {{0}}};
PacketResponseNG resp;
c.d.asBytes[0] = (page1) ? 0x2 : 0;
c.d.asBytes[0] |= (testMode) ? 0x4 : 0;
uint8_t flags[1] = {0};
flags[0] = (page1) ? 0x2 : 0;
flags[0] |= (testMode) ? 0x4 : 0;
char pwdStr[16] = {0};
snprintf(pwdStr, sizeof(pwdStr), "pwd: 0x%08X", password);
PrintAndLogEx(INFO, "Writing page %d block: %02d data: 0x%08X %s", page1, block, data, (usepwd) ? pwdStr : "");
uint64_t arg_pwd = 0;
//Password mode
if (usepwd) {
c.arg[2] = password;
c.d.asBytes[0] |= 0x1;
arg_pwd = password;
flags[0] |= 0x1;
}
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_T55XX_WRITE_BLOCK, data, block, arg_pwd, flags, sizeof(flags));
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
PrintAndLogEx(WARNING, "Error occurred, device did not ACK write operation. (May be due to old firmware)");
return 0;
@ -1515,9 +1515,8 @@ bool AquireData(uint8_t page, uint8_t block, bool pwdmode, uint32_t password) {
// arg1: which block to read
// arg2: password
uint8_t arg0 = (page << 1 | (pwdmode));
PacketCommandOLD c = {CMD_T55XX_READ_BLOCK, {arg0, block, password}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_T55XX_READ_BLOCK, arg0, block, password, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, NULL, 2500)) {
PrintAndLogEx(WARNING, "command execution time out");
return false;
@ -1775,9 +1774,8 @@ static void t55x7_create_config_block(int tagtype) {
static int CmdResetRead(const char *Cmd) {
(void)Cmd; // Cmd is not used so far
PacketCommandOLD c = {CMD_T55XX_RESET_READ, {0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_T55XX_RESET_READ, 0, 0, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, NULL, 2500)) {
PrintAndLogEx(WARNING, "command execution time out");
return 0;
@ -1856,9 +1854,8 @@ static int CmdT55xxChkPwds(const char *Cmd) {
uint64_t t1 = msclock();
if (cmdp == 'm') {
PacketCommandOLD c = {CMD_T55XX_CHKPWDS, {0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_T55XX_CHKPWDS, 0, 0, 0, NULL, 0);
PacketResponseNG resp;
while (!WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
@ -2299,10 +2296,8 @@ static int CmdT55xxSetDeviceConfig(const char *Cmd) {
t55xx_config conf = { startgap * 8, writegap * 8, write0 * 8, write1 * 8, readgap * 8 };
PacketCommandOLD c = {CMD_SET_LF_T55XX_CONFIG, {shall_persist, 0, 0}, {{0}}};
memcpy(c.d.asBytes, &conf, sizeof(t55xx_config));
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SET_LF_T55XX_CONFIG, shall_persist, 0, 0, &conf, sizeof(t55xx_config));
return 0;
}

11
client/cmdlfti.c
View file

@ -275,27 +275,26 @@ out:
// read a TI tag and return its ID
static int CmdTIRead(const char *Cmd) {
(void)Cmd; // Cmd is not used so far
PacketCommandOLD c = {CMD_READ_TI_TYPE};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_READ_TI_TYPE, 0, 0, 0, NULL, 0);
return 0;
}
// write new data to a r/w TI tag
static int CmdTIWrite(const char *Cmd) {
int res = 0;
PacketCommandOLD c = {CMD_WRITE_TI_TYPE};
res = sscanf(Cmd, "%012" SCNx64 " %012" SCNx64 " %012" SCNx64 "", &c.arg[0], &c.arg[1], &c.arg[2]);
uint64_t arg0, arg1, arg2;
res = sscanf(Cmd, "%012" SCNx64 " %012" SCNx64 " %012" SCNx64 "", &arg0, &arg1, &arg2);
if (res == 2)
c.arg[2] = 0;
arg2 = 0;
if (res < 2) {
PrintAndLogEx(WARNING, "Please specify the data as two hex strings, optionally the CRC as a third");
return 1;
}
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_WRITE_TI_TYPE, arg0, arg1, arg2, NULL, 0);
return 0;
}

14
client/cmdlfviking.c
View file

@ -88,9 +88,8 @@ static int CmdVikingClone(const char *Cmd) {
PrintAndLogEx(INFO, "Preparing to clone Viking tag - ID: %08X, Raw: %08X%08X", id, (uint32_t)(rawID >> 32), (uint32_t)(rawID & 0xFFFFFFFF));
PacketCommandOLD c = {CMD_VIKING_CLONE_TAG, {rawID >> 32, rawID & 0xFFFFFFFF, Q5}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_VIKING_CLONE_TAG, rawID >> 32, rawID & 0xFFFFFFFF, Q5, NULL, 0);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, T55XX_WRITE_TIMEOUT)) {
PrintAndLogEx(WARNING, "Error occurred, device did not respond during write operation.");
@ -112,17 +111,12 @@ static int CmdVikingSim(const char *Cmd) {
rawID = getVikingBits(id);
uint16_t arg1, arg2;
size_t size = 64;
arg1 = clk << 8 | encoding;
arg2 = invert << 8 | separator;
PrintAndLogEx(SUCCESS, "Simulating Viking - ID: %08X, Raw: %08X%08X", id, (uint32_t)(rawID >> 32), (uint32_t)(rawID & 0xFFFFFFFF));
PacketCommandOLD c = {CMD_ASK_SIM_TAG, {arg1, arg2, size}, {{0}}};
num_to_bytebits(rawID, size, c.d.asBytes);
uint8_t data[64];
num_to_bytebits(rawID, sizeof(data), data);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ASK_SIM_TAG, clk << 8 | encoding, invert << 8 | separator, sizeof(data), data, sizeof(data));
return 0;
}

16
client/cmdlfvisa2000.c
View file

@ -167,13 +167,10 @@ static int CmdVisa2kClone(const char *Cmd) {
print_blocks(blocks, 4);
PacketResponseNG resp;
PacketCommandOLD c = {CMD_T55XX_WRITE_BLOCK, {0, 0, 0}, {{0}}};
for (uint8_t i = 0; i < 4; i++) {
c.arg[0] = blocks[i];
c.arg[1] = i;
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_T55XX_WRITE_BLOCK, blocks[i], i, 0, NULL, 0);
if (!WaitForResponseTimeout(CMD_ACK, &resp, T55XX_WRITE_TIMEOUT)) {
PrintAndLogEx(WARNING, "Error occurred, device did not respond during write operation.");
return -1;
@ -191,22 +188,17 @@ static int CmdVisa2kSim(const char *Cmd) {
id = param_get32ex(Cmd, 0, 0, 10);
uint8_t clk = 64, encoding = 1, separator = 1, invert = 0;
uint16_t arg1, arg2;
size_t size = 96;
arg1 = clk << 8 | encoding;
arg2 = invert << 8 | separator;
PrintAndLogEx(SUCCESS, "Simulating Visa2000 - CardId: %u", id);
PacketCommandOLD c = {CMD_ASK_SIM_TAG, {arg1, arg2, size}, {{0}}};
uint32_t blocks[3] = { BL0CK1, id, (visa_parity(id) << 4) | visa_chksum(id) };
uint8_t data[96];
for (int i = 0; i < 3; ++i)
num_to_bytebits(blocks[i], 32, c.d.asBytes + i * 32);
num_to_bytebits(blocks[i], 32, data + i * 32);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_ASK_SIM_TAG, clk << 8 | encoding, invert << 8 | separator, sizeof(data), data, sizeof(data));
return 0;
}

88
client/cmdsmartcard.c
View file

@ -347,10 +347,8 @@ static int smart_responseEx(uint8_t *data, bool silent) {
int len = data[datalen - 1];
if (!silent) PrintAndLogEx(INFO, "Requesting 0x%02X bytes response", len);
uint8_t getstatus[] = {0x00, ISO7816_GET_RESPONSE, 0x00, 0x00, len};
PacketCommandOLD cStatus = {CMD_SMART_RAW, {SC_RAW, sizeof(getstatus), 0}, {{0}}};
memcpy(cStatus.d.asBytes, getstatus, sizeof(getstatus));
clearCommandBuffer();
SendCommand(&cStatus);
SendCommandOLD(CMD_SMART_RAW, SC_RAW, sizeof(getstatus), 0, getstatus, sizeof(getstatus));
datalen = smart_wait(data, silent);
@ -452,26 +450,22 @@ static int CmdSmartRaw(const char *Cmd) {
//Validations
if (errors || cmdp == 0) return usage_sm_raw();
// arg0 = RFU flags
// arg1 = length
PacketCommandOLD c = {CMD_SMART_RAW, {0, hexlen, 0}, {{0}}};
uint8_t flags = 0;
if (active || active_select) {
c.arg[0] |= SC_CONNECT;
flags |= SC_CONNECT;
if (active_select)
c.arg[0] |= SC_SELECT;
flags |= SC_SELECT;
}
if (hexlen > 0) {
if (useT0)
c.arg[0] |= SC_RAW_T0;
flags |= SC_RAW_T0;
else
c.arg[0] |= SC_RAW;
flags |= SC_RAW;
}
memcpy(c.d.asBytes, data, hexlen);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SMART_RAW, flags, hexlen, 0, data, hexlen);
// reading response from smart card
if (reply) {
@ -489,9 +483,8 @@ static int CmdSmartRaw(const char *Cmd) {
if (buf[0] == 0x6C) {
data[4] = buf[1];
memcpy(c.d.asBytes, data, sizeof(data));
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SMART_RAW, 0, hexlen, 0, data, hexlen);
len = smart_response(buf);
data[4] = 0;
@ -652,13 +645,8 @@ static int CmdSmartUpgrade(const char *Cmd) {
while (bytes_remaining > 0) {
uint32_t bytes_in_packet = MIN(USB_CMD_DATA_SIZE, bytes_remaining);
PacketCommandOLD c = {CMD_SMART_UPLOAD, {index + bytes_sent, bytes_in_packet, 0}, {{0}}};
// Fill usb bytes with 0xFF
memset(c.d.asBytes, 0xFF, USB_CMD_DATA_SIZE);
memcpy(c.d.asBytes, dump + bytes_sent, bytes_in_packet);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SMART_UPLOAD, index + bytes_sent, bytes_in_packet, 0, dump + bytes_sent, bytes_in_packet);
if (!WaitForResponseTimeout(CMD_ACK, NULL, 2000)) {
PrintAndLogEx(WARNING, "timeout while waiting for reply.");
free(dump);
@ -675,9 +663,8 @@ static int CmdSmartUpgrade(const char *Cmd) {
PrintAndLogEx(SUCCESS, "Sim module firmware updating, don\'t turn off your PM3!");
// trigger the firmware upgrade
PacketCommandOLD c = {CMD_SMART_UPGRADE, {firmware_size, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SMART_UPGRADE, firmware_size, 0, 0, NULL, 0);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2500)) {
PrintAndLogEx(WARNING, "timeout while waiting for reply.");
@ -714,9 +701,8 @@ static int CmdSmartInfo(const char *Cmd) {
//Validations
if (errors) return usage_sm_info();
PacketCommandOLD c = {CMD_SMART_ATR, {0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SMART_ATR, 0, 0, 0, NULL, 0);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2500)) {
if (!silent) PrintAndLogEx(WARNING, "smart card select failed");
@ -789,9 +775,8 @@ static int CmdSmartReader(const char *Cmd) {
//Validations
if (errors) return usage_sm_reader();
PacketCommandOLD c = {CMD_SMART_ATR, {0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SMART_ATR, 0, 0, 0, NULL, 0);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2500)) {
if (!silent) PrintAndLogEx(WARNING, "smart card select failed");
@ -835,9 +820,8 @@ static int CmdSmartSetClock(const char *Cmd) {
//Validations
if (errors || cmdp == 0) return usage_sm_setclock();
PacketCommandOLD c = {CMD_SMART_SETCLOCK, {clock1, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SMART_SETCLOCK, clock1, 0, 0, NULL, 0);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2500)) {
PrintAndLogEx(WARNING, "smart card select failed");
@ -887,13 +871,10 @@ static void smart_brute_prim() {
PrintAndLogEx(INFO, "Reading primitives");
PacketCommandOLD c = {CMD_SMART_RAW, {SC_RAW_T0, 5, 0}, {{0}}};
for (int i = 0; i < sizeof(get_card_data); i += 5) {
memcpy(c.d.asBytes, get_card_data + i, 5);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SMART_RAW, SC_RAW_T0, 5, 0, get_card_data + i, 5);
int len = smart_responseEx(buf, true);
@ -917,8 +898,6 @@ static int smart_brute_sfi(bool decodeTLV) {
int len;
// READ RECORD
uint8_t READ_RECORD[] = {0x00, 0xB2, 0x00, 0x00, 0x00};
PacketCommandOLD c = {CMD_SMART_RAW, {SC_RAW_T0, sizeof(READ_RECORD), 0}, {{0}}};
PrintAndLogEx(INFO, "Start SFI brute forcing");
for (uint8_t sfi = 1; sfi <= 31; sfi++) {
@ -939,18 +918,16 @@ static int smart_brute_sfi(bool decodeTLV) {
READ_RECORD[2] = rec;
READ_RECORD[3] = (sfi << 3) | 4;
memcpy(c.d.asBytes, READ_RECORD, sizeof(READ_RECORD));
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SMART_RAW, SC_RAW_T0, sizeof(READ_RECORD), 0, READ_RECORD, sizeof(READ_RECORD));
len = smart_responseEx(buf, true);
if (buf[0] == 0x6C) {
READ_RECORD[4] = buf[1];
memcpy(c.d.asBytes, READ_RECORD, sizeof(READ_RECORD));
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SMART_RAW, SC_RAW_T0, sizeof(READ_RECORD), 0, READ_RECORD, sizeof(READ_RECORD));
len = smart_responseEx(buf, true);
READ_RECORD[4] = 0;
@ -984,10 +961,8 @@ static void smart_brute_options(bool decodeTLV) {
uint8_t GET_PROCESSING_OPTIONS[] = {0x80, 0xA8, 0x00, 0x00, 0x02, 0x83, 0x00, 0x00};
// Get processing options command
PacketCommandOLD c = {CMD_SMART_RAW, {SC_RAW_T0, sizeof(GET_PROCESSING_OPTIONS), 0}, {{0}}};
memcpy(c.d.asBytes, GET_PROCESSING_OPTIONS, sizeof(GET_PROCESSING_OPTIONS));
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SMART_RAW, SC_RAW_T0, sizeof(GET_PROCESSING_OPTIONS), 0, GET_PROCESSING_OPTIONS, sizeof(GET_PROCESSING_OPTIONS));
int len = smart_responseEx(buf, true);
if (len > 4) {
@ -1040,9 +1015,6 @@ static int CmdSmartBruteforceSFI(const char *Cmd) {
// uint8_t UNBLOCK_PIN[] = {0x84, 0x24, 0x00, 0x00, 0x00};
// uint8_t VERIFY[] = {0x00, 0x20, 0x00, 0x80};
// Select AID command
PacketCommandOLD cAid = {CMD_SMART_RAW, {SC_RAW_T0, 0, 0}, {{0}}};
PrintAndLogEx(INFO, "Importing AID list");
json_t *root = NULL;
smart_loadjson("aidlist", "json", &root);
@ -1092,14 +1064,13 @@ static int CmdSmartBruteforceSFI(const char *Cmd) {
snprintf(caid, 8 + 2 + aidlen + 1, SELECT, aidlen >> 1, aid);
int hexlen = 0;
int res = param_gethex_to_eol(caid, 0, cAid.d.asBytes, sizeof(cAid.d.asBytes), &hexlen);
uint8_t cmddata[USB_CMD_DATA_SIZE];
int res = param_gethex_to_eol(caid, 0, cmddata, sizeof(cmddata), &hexlen);
if (res)
continue;
cAid.arg[1] = hexlen;
clearCommandBuffer();
SendCommand(&cAid);
SendCommandOLD(CMD_SMART_RAW, SC_RAW_T0, hexlen, 0, cmddata, hexlen);
int len = smart_responseEx(buf, true);
if (len < 3)
@ -1177,13 +1148,12 @@ int ExchangeAPDUSC(uint8_t *datain, int datainlen, bool activateCard, bool leave
PrintAndLogEx(DEBUG, "APDU SC");
PacketCommandOLD c = {CMD_SMART_RAW, {SC_RAW_T0, datainlen, 0}, {{0}}};
uint8_t flags = SC_RAW_T0;
if (activateCard) {
c.arg[0] |= SC_SELECT | SC_CONNECT;
flags |= SC_SELECT | SC_CONNECT;
}
memcpy(c.d.asBytes, datain, datainlen);
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SMART_RAW, flags, datainlen, 0, datain, datainlen);
int len = smart_responseEx(dataout, true);
@ -1193,14 +1163,15 @@ int ExchangeAPDUSC(uint8_t *datain, int datainlen, bool activateCard, bool leave
// retry
if (len > 1 && dataout[len - 2] == 0x6c && datainlen > 4) {
PacketCommandOLD c2 = {CMD_SMART_RAW, {SC_RAW_T0, datainlen, 0}, {{0}}};
memcpy(c2.d.asBytes, datain, 5);
uint8_t data [5];
memcpy(data, datain, 5);
// transfer length via T=0
c2.d.asBytes[4] = dataout[len - 1];
data[4] = dataout[len - 1];
clearCommandBuffer();
SendCommand(&c2);
// something fishy: we have only 5 bytes but we put datainlen in arg1?
SendCommandOLD(CMD_SMART_RAW, SC_RAW_T0, datainlen, 0, data, sizeof(data));
len = smart_responseEx(dataout, true);
}
@ -1213,9 +1184,8 @@ bool smart_select(bool silent, smart_card_atr_t *atr) {
if (atr)
memset(atr, 0, sizeof(smart_card_atr_t));
PacketCommandOLD c = {CMD_SMART_ATR, {0, 0, 0}, {{0}}};
clearCommandBuffer();
SendCommand(&c);
SendCommandOLD(CMD_SMART_ATR, 0, 0, 0, NULL, 0);
PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 2500)) {
if (!silent) PrintAndLogEx(WARNING, "smart card select failed");