From c716467a7ebf4d59836b661a4fc26bdecbabb0a3 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 23 May 2025 10:52:09 +0200 Subject: [PATCH] fixed output for `hf iclass trbl` to not have tear off debug message and its more compact now --- CHANGELOG.md | 1 + armsrc/appmain.c | 2 +- client/src/cmdhficlass.c | 80 ++++++++++++++++++++++++++++------------ doc/commands.json | 10 ++--- pm3 | 6 +-- 5 files changed, 67 insertions(+), 32 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1eb4b7276..8a5985436 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file. This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... ## [unreleased][unreleased] +- Changed `hw tearoff` - the device side message is now debug log controlled (@iceman1001) - Changed `pm3.sh` - Serial ports enumeration on Proxspace3.xx / MINGW environments, now using powershell.exe since wmic is deprecated (@iceman1001) - Fixed and updated `hf iclass trbl` to correctly use the credit key when passed and show partial tearoff results (@antiklesys) - Fixed `hf iclass legbrute` was not correctly parsin the index value diff --git a/armsrc/appmain.c b/armsrc/appmain.c index 0929f80c5..30ac348a6 100644 --- a/armsrc/appmain.c +++ b/armsrc/appmain.c @@ -104,7 +104,7 @@ int tearoff_hook(void) { SpinDelayUsPrecision(g_tearoff_delay_us); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); g_tearoff_enabled = false; - Dbprintf(_YELLOW_("Tear-off triggered!")); + if (g_dbglevel >= DBG_ERROR) Dbprintf(_YELLOW_("Tear-off triggered!")); return PM3_ETEAROFF; } else { return PM3_SUCCESS; // SUCCESS = the hook didn't do anything diff --git a/client/src/cmdhficlass.c b/client/src/cmdhficlass.c index 42d516077..d1c620a9d 100644 --- a/client/src/cmdhficlass.c +++ b/client/src/cmdhficlass.c @@ -3004,7 +3004,7 @@ static int CmdHFiClass_TearBlock(const char *Cmd) { int tearoff_start = arg_get_int_def(ctx, 12, 5000); int tearoff_increment = arg_get_int_def(ctx, 13, 10); - int tearoff_end = arg_get_int_def(ctx, 14, tearoff_start+tearoff_increment+500); + int tearoff_end = arg_get_int_def(ctx, 14, tearoff_start + tearoff_increment + 500); if (tearoff_end <= tearoff_start) { PrintAndLogEx(ERR, "Tearoff end delay must be bigger than the start delay."); @@ -3038,10 +3038,9 @@ static int CmdHFiClass_TearBlock(const char *Cmd) { keyType = 0x18; //credit key } - //perform initial read here, repeat if failed or 00s uint8_t data_read_orig[8] = {0}; - uint8_t ff_data[8] = {0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff}; + uint8_t ff_data[8] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; bool first_read = false; bool reread = false; bool erase_phase = false; @@ -3059,11 +3058,26 @@ static int CmdHFiClass_TearBlock(const char *Cmd) { reread = false; } + // turn off Device side debug messages + uint8_t dbg_curr = DBG_NONE; + if (getDeviceDebugLevel(&dbg_curr) != PM3_SUCCESS) { + return PM3_EFAILED; + } + + if (setDeviceDebugLevel(DBG_NONE, false) != PM3_SUCCESS) { + return PM3_EFAILED; + } + + PrintAndLogEx(INFO, "Starting tear off against block %u / 0x%02x", blockno, blockno); + PrintAndLogEx(INFO, ""); PrintAndLogEx(INFO, "Press " _GREEN_("") " to abort"); + while (tearoff_start <= tearoff_end && read_ok == false) { + if (kbd_enter_pressed()) { PrintAndLogEx(WARNING, "\naborted via keyboard."); - return PM3_EOPABORTED; + isok = PM3_EOPABORTED; + goto out; } // set tear off trigger @@ -3073,15 +3087,17 @@ static int CmdHFiClass_TearBlock(const char *Cmd) { .on = true, .off = false }; + int res = handle_tearoff(¶ms, verbose); if (res != PM3_SUCCESS) { PrintAndLogEx(WARNING, "Failed to configure tear off"); - return PM3_ESOFT; + isok = PM3_ESOFT; + goto out; } // write // don't check the return value. As a tear-off occurred, the write failed. - PrintAndLogEx(INFO, "Tear off delay: "_YELLOW_("%d")"/"_YELLOW_("%d")" us", tearoff_start,tearoff_end); + PrintAndLogEx(INFO, "Tear off delay: "_YELLOW_("%d")" / "_YELLOW_("%d")" us", tearoff_start, tearoff_end); iclass_write_block(blockno, data, mac, key, use_credit_key, elite, rawkey, use_replay, verbose, auth, shallow_mod); //read the data back @@ -3089,11 +3105,15 @@ static int CmdHFiClass_TearBlock(const char *Cmd) { first_read = false; reread = false; bool decrease = false; + while (first_read == false) { + if (kbd_enter_pressed()) { PrintAndLogEx(WARNING, "\naborted via keyboard."); - return PM3_EOPABORTED; + isok = PM3_EOPABORTED; + goto out; } + res = iclass_read_block_ex(key, blockno, keyType, elite, rawkey, use_replay, verbose, auth, shallow_mod, data_read, false); if (res == PM3_SUCCESS && !reread) { if (memcmp(data_read, zeros, 8) == 0) { @@ -3109,46 +3129,60 @@ static int CmdHFiClass_TearBlock(const char *Cmd) { decrease = true; } } + if (decrease && tearoff_start > 0) { //if there was an error reading repeat the tearoff with the same delay tearoff_start -= tearoff_increment; } + bool tear_success = true; bool expected_values = true; - if(memcmp(data_read, data, 8) != 0) { + + if (memcmp(data_read, data, 8) != 0) { tear_success = false; } + if ((tear_success == false) && (memcmp(data_read, zeros, 8) != 0) && (memcmp(data_read, data_read_orig, 8) != 0)) { //tearoff succeeded (partially) + expected_values = false; - if(memcmp(data_read, ff_data, 8) == 0 && memcmp(data_read_orig, ff_data, 8) != 0) { + + if (memcmp(data_read, ff_data, 8) == 0 && memcmp(data_read_orig, ff_data, 8) != 0) { erase_phase = true; PrintAndLogEx(SUCCESS, _BLUE_("Erase phase hit: ALL ONES")); - PrintAndLogEx(INFO, "Original: %s", sprint_hex(data_read_orig, sizeof(data_read))); - PrintAndLogEx(INFO, "Read: "_BLUE_("%s"), sprint_hex(data_read, sizeof(data_read))); - }else{ + PrintAndLogEx(INFO, "Original: %s", sprint_hex_inrow(data_read_orig, sizeof(data_read))); + PrintAndLogEx(INFO, "Read: "_BLUE_("%s"), sprint_hex_inrow(data_read, sizeof(data_read))); + } else { + if (erase_phase) { PrintAndLogEx(SUCCESS, _MAGENTA_("Tearing! Write Phase (post erase)")); - PrintAndLogEx(INFO, "Original: %s", sprint_hex(data_read_orig, sizeof(data_read))); - PrintAndLogEx(INFO, "Read: "_CYAN_("%s"), sprint_hex(data_read, sizeof(data_read))); - }else{ + PrintAndLogEx(INFO, "Original: %s", sprint_hex_inrow(data_read_orig, sizeof(data_read))); + PrintAndLogEx(INFO, "Read: "_CYAN_("%s"), sprint_hex_inrow(data_read, sizeof(data_read))); + } else { PrintAndLogEx(SUCCESS, _CYAN_("Tearing!(unknown phase)!")); - PrintAndLogEx(INFO, "Original: %s", sprint_hex(data_read_orig, sizeof(data_read))); - PrintAndLogEx(INFO, "Read: "_CYAN_("%s"), sprint_hex(data_read, sizeof(data_read))); + PrintAndLogEx(INFO, "Original: %s", sprint_hex_inrow(data_read_orig, sizeof(data_read))); + PrintAndLogEx(INFO, "Read: "_CYAN_("%s"), sprint_hex_inrow(data_read, sizeof(data_read))); } } - }else { //tearoff did not succeed - PrintAndLogEx(INFO, "Read: %s", sprint_hex(data_read, sizeof(data_read))); - PrintAndLogEx(INFO, "Expected: %s", sprint_hex(data, sizeof(data))); + + } else { //tearoff did not succeed + PrintAndLogEx(INFO, "Read: %s", sprint_hex_inrow(data_read, sizeof(data_read))); + PrintAndLogEx(INFO, "Expected: %s", sprint_hex_inrow(data, sizeof(data))); } + if (tear_success) { //tearoff succeeded with expected values read_ok = true; tear_success = true; - if(expected_values) { + if (expected_values) { PrintAndLogEx(SUCCESS, _GREEN_("Expected values!")); } - PrintAndLogEx(INFO, "Read: "_GREEN_("%s"), sprint_hex(data_read, sizeof(data_read))); + PrintAndLogEx(INFO, "Read: "_GREEN_("%s"), sprint_hex_inrow(data_read, sizeof(data_read))); } tearoff_start += tearoff_increment; - PrintAndLogEx(INFO, "---------------"); + PrintAndLogEx(INFO, "--------------------------"); + } + +out: + if (setDeviceDebugLevel(verbose ? MAX(dbg_curr, DBG_INFO) : DBG_NONE, false) != PM3_SUCCESS) { + return PM3_EFAILED; } PrintAndLogEx(NORMAL, ""); return isok; diff --git a/doc/commands.json b/doc/commands.json index 4c173f86a..264bc4140 100644 --- a/doc/commands.json +++ b/doc/commands.json @@ -3738,11 +3738,11 @@ "--nr replay of NR/MAC", "-v, --verbose verbose output", "--shallow use shallow (ASK) reader modulation instead of OOK", - "--tdb tearoff delay start (in us) must be between 1 and 43000 (43ms). Precision is about 1/3us.", - "--incr tearoff delay increment (in us) - default 10.", - "--tde tearoff delay end (in us) must be a higher value than the start delay." + "--s tearoff delay start (in us) must be between 1 and 43000 (43ms). Precision is about 1/3us.", + "--i tearoff delay increment (in us) - default 10.", + "--e tearoff delay end (in us) must be a higher value than the start delay." ], - "usage": "hf iclass trbl [-hv] [-k ] [--ki ] --blk -d [-m ] [--credit] [--elite] [--raw] [--nr] [--shallow] --tdb [--incr ] [--tde ]" + "usage": "hf iclass trbl [-hv] [-k ] [--ki ] --blk -d [-m ] [--credit] [--elite] [--raw] [--nr] [--shallow] --s [--i ] [--e ]" }, "hf iclass unhash": { "command": "hf iclass unhash", @@ -13352,6 +13352,6 @@ "metadata": { "commands_extracted": 767, "extracted_by": "PM3Help2JSON v1.00", - "extracted_on": "2025-05-19T11:17:19" + "extracted_on": "2025-05-23T08:30:58" } } diff --git a/pm3 b/pm3 index ae87617b6..5122fe536 100755 --- a/pm3 +++ b/pm3 @@ -142,9 +142,9 @@ function get_pm3_list_Windows { #prevent soft bricking when using pm3-flash-all on an outdated bootloader if [ $(basename -- "$0") = "pm3-flash-all" ]; then - + line=$($PSHEXE -command "Get-CimInstance -ClassName Win32_serialport | Where-Object {\$_.DeviceID -eq '$_comport'} | Select -expandproperty PNPDeviceID" 2>/dev/null); - + if [[ ! $line =~ ^"USB\VID_9AC4&PID_4B8F\ICEMAN" ]]; then echo -e "\033[0;31m[!] Using pm3-flash-all on an oudated bootloader, use pm3-flash-bootrom first!" exit 1 @@ -169,7 +169,7 @@ function get_pm3_list_Windows { #white BT dongle SERIAL PORTS (COM) if $FINDBTDONGLE; then - + for DEV in $($PSHEXE -command "Get-CimInstance -ClassName Win32_serialport | Where-Object PNPDeviceID -like '*VID_10C4&PID_EA60*' | Select -expandproperty DeviceID" 2>/dev/null); do PM3LIST+=("$DEV") if [ ${#PM3LIST[*]} -ge "$N" ]; then