github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-07-05 12:36:04 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

fixed output for hf iclass trbl to not have tear off debug message and its more compact now

Browse source
This commit is contained in:
iceman1001 2025-05-23 10:52:09 +02:00
parent 4f2b35872d
commit c716467a7e
5 changed files with 67 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file.
This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...
## [unreleased][unreleased]
- Changed `hw tearoff` - the device side message is now debug log controlled (@iceman1001)
- Changed `pm3.sh` - Serial ports enumeration on Proxspace3.xx / MINGW environments, now using powershell.exe since wmic is deprecated (@iceman1001)
- Fixed and updated `hf iclass trbl` to correctly use the credit key when passed and show partial tearoff results (@antiklesys)
- Fixed `hf iclass legbrute` was not correctly parsin the index value

2
armsrc/appmain.c
View file

@ -104,7 +104,7 @@ int tearoff_hook(void) {
SpinDelayUsPrecision(g_tearoff_delay_us);
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
g_tearoff_enabled = false;
Dbprintf(_YELLOW_("Tear-off triggered!"));
if (g_dbglevel >= DBG_ERROR) Dbprintf(_YELLOW_("Tear-off triggered!"));
return PM3_ETEAROFF;
} else {
return PM3_SUCCESS; // SUCCESS = the hook didn't do anything

80
client/src/cmdhficlass.c
View file

@ -3004,7 +3004,7 @@ static int CmdHFiClass_TearBlock(const char *Cmd) {
int tearoff_start = arg_get_int_def(ctx, 12, 5000);
int tearoff_increment = arg_get_int_def(ctx, 13, 10);
int tearoff_end = arg_get_int_def(ctx, 14, tearoff_start+tearoff_increment+500);
int tearoff_end = arg_get_int_def(ctx, 14, tearoff_start + tearoff_increment + 500);
if (tearoff_end <= tearoff_start) {
PrintAndLogEx(ERR, "Tearoff end delay must be bigger than the start delay.");
@ -3038,10 +3038,9 @@ static int CmdHFiClass_TearBlock(const char *Cmd) {
keyType = 0x18; //credit key
}
//perform initial read here, repeat if failed or 00s
uint8_t data_read_orig[8] = {0};
uint8_t ff_data[8] = {0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff};
uint8_t ff_data[8] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
bool first_read = false;
bool reread = false;
bool erase_phase = false;
@ -3059,11 +3058,26 @@ static int CmdHFiClass_TearBlock(const char *Cmd) {
reread = false;
}
// turn off Device side debug messages
uint8_t dbg_curr = DBG_NONE;
if (getDeviceDebugLevel(&dbg_curr) != PM3_SUCCESS) {
return PM3_EFAILED;
}
if (setDeviceDebugLevel(DBG_NONE, false) != PM3_SUCCESS) {
return PM3_EFAILED;
}
PrintAndLogEx(INFO, "Starting tear off against block %u / 0x%02x", blockno, blockno);
PrintAndLogEx(INFO, "");
PrintAndLogEx(INFO, "Press " _GREEN_("<Enter>") " to abort");
while (tearoff_start <= tearoff_end && read_ok == false) {
if (kbd_enter_pressed()) {
PrintAndLogEx(WARNING, "\naborted via keyboard.");
return PM3_EOPABORTED;
isok = PM3_EOPABORTED;
goto out;
}
// set tear off trigger
@ -3073,15 +3087,17 @@ static int CmdHFiClass_TearBlock(const char *Cmd) {
.on = true,
.off = false
};
int res = handle_tearoff(&params, verbose);
if (res != PM3_SUCCESS) {
PrintAndLogEx(WARNING, "Failed to configure tear off");
return PM3_ESOFT;
isok = PM3_ESOFT;
goto out;
}
// write
// don't check the return value. As a tear-off occurred, the write failed.
PrintAndLogEx(INFO, "Tear off delay: "_YELLOW_("%d")"/"_YELLOW_("%d")" us", tearoff_start,tearoff_end);
PrintAndLogEx(INFO, "Tear off delay: "_YELLOW_("%d")" / "_YELLOW_("%d")" us", tearoff_start, tearoff_end);
iclass_write_block(blockno, data, mac, key, use_credit_key, elite, rawkey, use_replay, verbose, auth, shallow_mod);
//read the data back
@ -3089,11 +3105,15 @@ static int CmdHFiClass_TearBlock(const char *Cmd) {
first_read = false;
reread = false;
bool decrease = false;
while (first_read == false) {
if (kbd_enter_pressed()) {
PrintAndLogEx(WARNING, "\naborted via keyboard.");
return PM3_EOPABORTED;
isok = PM3_EOPABORTED;
goto out;
}
res = iclass_read_block_ex(key, blockno, keyType, elite, rawkey, use_replay, verbose, auth, shallow_mod, data_read, false);
if (res == PM3_SUCCESS && !reread) {
if (memcmp(data_read, zeros, 8) == 0) {
@ -3109,46 +3129,60 @@ static int CmdHFiClass_TearBlock(const char *Cmd) {
decrease = true;
}
}
if (decrease && tearoff_start > 0) { //if there was an error reading repeat the tearoff with the same delay
tearoff_start -= tearoff_increment;
}
bool tear_success = true;
bool expected_values = true;
if(memcmp(data_read, data, 8) != 0) {
if (memcmp(data_read, data, 8) != 0) {
tear_success = false;
}
if ((tear_success == false) && (memcmp(data_read, zeros, 8) != 0) && (memcmp(data_read, data_read_orig, 8) != 0)) { //tearoff succeeded (partially)
expected_values = false;
if(memcmp(data_read, ff_data, 8) == 0 && memcmp(data_read_orig, ff_data, 8) != 0) {
if (memcmp(data_read, ff_data, 8) == 0 && memcmp(data_read_orig, ff_data, 8) != 0) {
erase_phase = true;
PrintAndLogEx(SUCCESS, _BLUE_("Erase phase hit: ALL ONES"));
PrintAndLogEx(INFO, "Original: %s", sprint_hex(data_read_orig, sizeof(data_read)));
PrintAndLogEx(INFO, "Read: "_BLUE_("%s"), sprint_hex(data_read, sizeof(data_read)));
}else{
PrintAndLogEx(INFO, "Original: %s", sprint_hex_inrow(data_read_orig, sizeof(data_read)));
PrintAndLogEx(INFO, "Read: "_BLUE_("%s"), sprint_hex_inrow(data_read, sizeof(data_read)));
} else {
if (erase_phase) {
PrintAndLogEx(SUCCESS, _MAGENTA_("Tearing! Write Phase (post erase)"));
PrintAndLogEx(INFO, "Original: %s", sprint_hex(data_read_orig, sizeof(data_read)));
PrintAndLogEx(INFO, "Read: "_CYAN_("%s"), sprint_hex(data_read, sizeof(data_read)));
}else{
PrintAndLogEx(INFO, "Original: %s", sprint_hex_inrow(data_read_orig, sizeof(data_read)));
PrintAndLogEx(INFO, "Read: "_CYAN_("%s"), sprint_hex_inrow(data_read, sizeof(data_read)));
} else {
PrintAndLogEx(SUCCESS, _CYAN_("Tearing!(unknown phase)!"));
PrintAndLogEx(INFO, "Original: %s", sprint_hex(data_read_orig, sizeof(data_read)));
PrintAndLogEx(INFO, "Read: "_CYAN_("%s"), sprint_hex(data_read, sizeof(data_read)));
PrintAndLogEx(INFO, "Original: %s", sprint_hex_inrow(data_read_orig, sizeof(data_read)));
PrintAndLogEx(INFO, "Read: "_CYAN_("%s"), sprint_hex_inrow(data_read, sizeof(data_read)));
}
}
}else { //tearoff did not succeed
PrintAndLogEx(INFO, "Read: %s", sprint_hex(data_read, sizeof(data_read)));
PrintAndLogEx(INFO, "Expected: %s", sprint_hex(data, sizeof(data)));
} else { //tearoff did not succeed
PrintAndLogEx(INFO, "Read: %s", sprint_hex_inrow(data_read, sizeof(data_read)));
PrintAndLogEx(INFO, "Expected: %s", sprint_hex_inrow(data, sizeof(data)));
}
if (tear_success) { //tearoff succeeded with expected values
read_ok = true;
tear_success = true;
if(expected_values) {
if (expected_values) {
PrintAndLogEx(SUCCESS, _GREEN_("Expected values!"));
}
PrintAndLogEx(INFO, "Read: "_GREEN_("%s"), sprint_hex(data_read, sizeof(data_read)));
PrintAndLogEx(INFO, "Read: "_GREEN_("%s"), sprint_hex_inrow(data_read, sizeof(data_read)));
}
tearoff_start += tearoff_increment;
PrintAndLogEx(INFO, "---------------");
PrintAndLogEx(INFO, "--------------------------");
}
out:
if (setDeviceDebugLevel(verbose ? MAX(dbg_curr, DBG_INFO) : DBG_NONE, false) != PM3_SUCCESS) {
return PM3_EFAILED;
}
PrintAndLogEx(NORMAL, "");
return isok;

10
doc/commands.json
View file

@ -3738,11 +3738,11 @@
"--nr replay of NR/MAC",
"-v, --verbose verbose output",
"--shallow use shallow (ASK) reader modulation instead of OOK",
"--tdb <dec> tearoff delay start (in us) must be between 1 and 43000 (43ms). Precision is about 1/3us.",
"--incr <dec> tearoff delay increment (in us) - default 10.",
"--tde <dec> tearoff delay end (in us) must be a higher value than the start delay."
"--s <dec> tearoff delay start (in us) must be between 1 and 43000 (43ms). Precision is about 1/3us.",
"--i <dec> tearoff delay increment (in us) - default 10.",
"--e <dec> tearoff delay end (in us) must be a higher value than the start delay."
],
"usage": "hf iclass trbl [-hv] [-k <hex>] [--ki <dec>] --blk <dec> -d <hex> [-m <hex>] [--credit] [--elite] [--raw] [--nr] [--shallow] --tdb <dec> [--incr <dec>] [--tde <dec>]"
"usage": "hf iclass trbl [-hv] [-k <hex>] [--ki <dec>] --blk <dec> -d <hex> [-m <hex>] [--credit] [--elite] [--raw] [--nr] [--shallow] --s <dec> [--i <dec>] [--e <dec>]"
},
"hf iclass unhash": {
"command": "hf iclass unhash",
@ -13352,6 +13352,6 @@
"metadata": {
"commands_extracted": 767,
"extracted_by": "PM3Help2JSON v1.00",
"extracted_on": "2025-05-19T11:17:19"
"extracted_on": "2025-05-23T08:30:58"
}
}

6
pm3
View file

@ -142,9 +142,9 @@ function get_pm3_list_Windows {
#prevent soft bricking when using pm3-flash-all on an outdated bootloader
if [ $(basename -- "$0") = "pm3-flash-all" ]; then
line=$($PSHEXE -command "Get-CimInstance -ClassName Win32_serialport | Where-Object {\$_.DeviceID -eq '$_comport'} | Select -expandproperty PNPDeviceID" 2>/dev/null);
if [[ ! $line =~ ^"USB\VID_9AC4&PID_4B8F\ICEMAN" ]]; then
echo -e "\033[0;31m[!] Using pm3-flash-all on an oudated bootloader, use pm3-flash-bootrom first!"
exit 1
@ -169,7 +169,7 @@ function get_pm3_list_Windows {
#white BT dongle SERIAL PORTS (COM)
if $FINDBTDONGLE; then
for DEV in $($PSHEXE -command "Get-CimInstance -ClassName Win32_serialport | Where-Object PNPDeviceID -like '*VID_10C4&PID_EA60*' | Select -expandproperty DeviceID" 2>/dev/null); do
PM3LIST+=("$DEV")
if [ ${#PM3LIST[*]} -ge "$N" ]; then