From c9984985fdebafcf2975437e18dfe8132f52f450 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sat, 14 Jan 2023 22:23:40 +0100 Subject: [PATCH] make miscchecks --- armsrc/Standalone/lf_em4100rsww.c | 2 +- armsrc/Standalone/lf_nedap_sim.c | 2 +- armsrc/iso14443b.c | 18 +- client/luascripts/hf_14a_i2crevive.lua | 2 +- client/luascripts/hf_mf_em_util.lua | 4 +- client/luascripts/hf_mf_uidbruteforce.lua | 4 +- client/luascripts/hf_mf_ultimatecard.lua | 488 +++++++++++----------- client/src/cmdhfepa.c | 4 +- client/src/cmdhfxerox.c | 166 ++++---- doc/commands.json | 2 +- include/protocols.h | 2 +- 11 files changed, 347 insertions(+), 347 deletions(-) diff --git a/armsrc/Standalone/lf_em4100rsww.c b/armsrc/Standalone/lf_em4100rsww.c index 727d188a3..dc202d49a 100644 --- a/armsrc/Standalone/lf_em4100rsww.c +++ b/armsrc/Standalone/lf_em4100rsww.c @@ -11,7 +11,7 @@ // then from shell: // hexdump lf.bin -e '5/1 "%02X" /0 "\n"' // -// To recall only LAST stored ID from flash use lf-last instead of lf file. +// To recall only LAST stored ID from flash use lf-last instead of lf file. // //----------------------------------------------------------------------------- // Modes of operation: diff --git a/armsrc/Standalone/lf_nedap_sim.c b/armsrc/Standalone/lf_nedap_sim.c index dcd093fee..726f13ca8 100644 --- a/armsrc/Standalone/lf_nedap_sim.c +++ b/armsrc/Standalone/lf_nedap_sim.c @@ -27,7 +27,7 @@ #include "BigBuf.h" #include "crc16.h" -#define MODULE_LONG_NAME "LF Nedap simple simulator" +#define MODULE_LONG_NAME "LF Nedap simple simulator" typedef struct _NEDAP_TAG { uint8_t subType; diff --git a/armsrc/iso14443b.c b/armsrc/iso14443b.c index 760736a5a..e4f1e4e93 100644 --- a/armsrc/iso14443b.c +++ b/armsrc/iso14443b.c @@ -1814,17 +1814,17 @@ int iso14443b_select_xrx_card(iso14b_card_select_t *card) { static const uint8_t x_wup2[] = { 0x5D, 0x37, 0x21, 0x71, 0x71 }; uint8_t slot_mark[1]; - uint8_t x_atqb[24] = {0x0}; // ATQB len = 18 + uint8_t x_atqb[24] = {0x0}; // ATQB len = 18 uint32_t start_time = 0; uint32_t eof_time = 0; - iso14b_set_timeout(24); // wait for carrier + iso14b_set_timeout(24); // wait for carrier // wup1 CodeAndTransmit14443bAsReader(x_wup1, sizeof(x_wup1), &start_time, &eof_time, true); - start_time = eof_time + US_TO_SSP(9000); // 9ms before next cmd + start_time = eof_time + US_TO_SSP(9000); // 9ms before next cmd // wup2 CodeAndTransmit14443bAsReader(x_wup2, sizeof(x_wup2), &start_time, &eof_time, true); @@ -1836,7 +1836,7 @@ int iso14443b_select_xrx_card(iso14b_card_select_t *card) { int slot; for (slot = 0; slot < 4; slot++) { - start_time = eof_time + ETU_TO_SSP(30); //(24); // next slot after 24 ETU + start_time = eof_time + ETU_TO_SSP(30); //(24); // next slot after 24 ETU retlen = Get14443bAnswerFromTag(x_atqb, sizeof(x_atqb), iso14b_timeout, &eof_time); @@ -1850,14 +1850,14 @@ int iso14443b_select_xrx_card(iso14b_card_select_t *card) { // tx unframed slot-marker - if (Demod.posCount) { // no rx, but subcarrier burst detected + if (Demod.posCount) { // no rx, but subcarrier burst detected uid |= (uint64_t)slot << uid_pos; - slot_mark[0] = 0xB1 + (slot << 1); // ack slot + slot_mark[0] = 0xB1 + (slot << 1); // ack slot CodeAndTransmit14443bAsReader(slot_mark, sizeof(slot_mark), &start_time, &eof_time, false); break; - } else { // no subcarrier burst - slot_mark[0] = 0xA1 + (slot << 1); // nak slot + } else { // no subcarrier burst + slot_mark[0] = 0xA1 + (slot << 1); // nak slot CodeAndTransmit14443bAsReader(slot_mark, sizeof(slot_mark), &start_time, &eof_time, false); } } @@ -1884,7 +1884,7 @@ int iso14443b_select_xrx_card(iso14b_card_select_t *card) { } // VALIDATE CRC - if (check_crc(CRC_14443_B, x_atqb, 18) == false) { // use fixed len because unstable EOF catch + if (check_crc(CRC_14443_B, x_atqb, 18) == false) { // use fixed len because unstable EOF catch return 3; } diff --git a/client/luascripts/hf_14a_i2crevive.lua b/client/luascripts/hf_14a_i2crevive.lua index 3610979b6..59659bb5c 100644 --- a/client/luascripts/hf_14a_i2crevive.lua +++ b/client/luascripts/hf_14a_i2crevive.lua @@ -62,7 +62,7 @@ function main(args) local i local cmds = {} - --check for params + --check for params for o, a in getopt.getopt(args, 'h') do if o == 'h' then return help() end end diff --git a/client/luascripts/hf_mf_em_util.lua b/client/luascripts/hf_mf_em_util.lua index 69537d7dd..e82bc9d1e 100644 --- a/client/luascripts/hf_mf_em_util.lua +++ b/client/luascripts/hf_mf_em_util.lua @@ -63,8 +63,8 @@ local function card_format(key_a,key_b,ab,user,s70) core.console(cmd) print(cmd) core.clearCommandBuffer() - if s70 == false and k > 15 then - return + if s70 == false and k > 15 then + return end end end diff --git a/client/luascripts/hf_mf_uidbruteforce.lua b/client/luascripts/hf_mf_uidbruteforce.lua index 62872e2a3..4835ba03b 100644 --- a/client/luascripts/hf_mf_uidbruteforce.lua +++ b/client/luascripts/hf_mf_uidbruteforce.lua @@ -109,8 +109,8 @@ local function main(args) command = 'hf 14a sim -t 1 -u ' .. uid_format msg('Bruteforcing Mifare Classic card numbers') elseif mftype == 'mfc4' then - command = 'hf 14a sim -t 8 -u ' .. uid_format - msg('Bruteforcing Mifare Classic 4K card numbers') + command = 'hf 14a sim -t 8 -u ' .. uid_format + msg('Bruteforcing Mifare Classic 4K card numbers') elseif mftype == 'mfu' then command = 'hf 14a sim -t 2 -u ' .. uid_format msg('Bruteforcing Mifare Ultralight card numbers') diff --git a/client/luascripts/hf_mf_ultimatecard.lua b/client/luascripts/hf_mf_ultimatecard.lua index aec47e9d0..42a5e1887 100644 --- a/client/luascripts/hf_mf_ultimatecard.lua +++ b/client/luascripts/hf_mf_ultimatecard.lua @@ -50,17 +50,17 @@ arguments = [[ -c read magic configuration -u UID (8-14 hexsymbols), set UID on tag -t tag type to impersonate - 1 = Mifare Mini S20 4-byte 12 = NTAG 210 - 2 = Mifare Mini S20 7-byte 13 = NTAG 212 - 3 = Mifare 1k S50 4-byte 14 = NTAG 213 - 4 = Mifare 1k S50 7-byte 15 = NTAG 215 - 5 = Mifare 4k S70 4-byte 16 = NTAG 216 - 6 = Mifare 4k S70 7-byte 17 = NTAG I2C 1K - *** 7 = UL - NOT WORKING FULLY 18 = NTAG I2C 2K - *** 8 = UL-C - NOT WORKING FULLY 19 = NTAG I2C 1K PLUS - 9 = UL EV1 48b 20 = NTAG I2C 2K PLUS - 10 = UL EV1 128b 21 = NTAG 213F - *** 11 = UL Plus - NOT WORKING YET 22 = NTAG 216F + 1 = Mifare Mini S20 4-byte 12 = NTAG 210 + 2 = Mifare Mini S20 7-byte 13 = NTAG 212 + 3 = Mifare 1k S50 4-byte 14 = NTAG 213 + 4 = Mifare 1k S50 7-byte 15 = NTAG 215 + 5 = Mifare 4k S70 4-byte 16 = NTAG 216 + 6 = Mifare 4k S70 7-byte 17 = NTAG I2C 1K + *** 7 = UL - NOT WORKING FULLY 18 = NTAG I2C 2K + *** 8 = UL-C - NOT WORKING FULLY 19 = NTAG I2C 1K PLUS + 9 = UL EV1 48b 20 = NTAG I2C 2K PLUS + 10 = UL EV1 128b 21 = NTAG 213F + *** 11 = UL Plus - NOT WORKING YET 22 = NTAG 216F -p NTAG password (8 hexsymbols), set NTAG password on tag. -a NTAG pack ( 4 hexsymbols), set NTAG pack on tag. @@ -178,7 +178,7 @@ local function read_config() if not info then return false, "Can't select card" end -- read Ultimate Magic Card CONFIG if magicconfig == nil then - magicconfig = send("CF".._key.."C6") + magicconfig = send("CF".._key.."C6") else print('No Config') end -- extract data from CONFIG - based on CONFIG in https://github.com/RfidResearchGroup/proxmark3/blob/master/doc/magic_cards_notes.md#gen-4-gtu @@ -196,92 +196,92 @@ local function read_config() else atsstr = (string.sub(ats, 3)) end if ulprotocol == '00' then - cardprotocol = 'MIFARE Classic Protocol' - ultype = 'Disabled' - if uidlength == '00' then - uid = send("CF".._key.."CE00"):sub(1,8) - if atqaf == '00 04' and sak == '09' then cardtype = 'MIFARE Mini S20 4-byte UID' - elseif atqaf == '00 04' and sak == '08' then cardtype = 'MIFARE 1k S50 4-byte UID' - elseif atqaf == '00 02' and sak == '18' then cardtype = 'MIFARE 4k S70 4-byte UID' - end - elseif uidlength == '01' then - uid = send("CF".._key.."CE00"):sub(1,14) - if atqaf == '00 44' and sak == '09' then cardtype = 'MIFARE Mini S20 7-byte UID' - elseif atqaf == '00 44' and sak == '08' then cardtype = 'MIFARE 1k S50 7-byte UID' - elseif atqaf == '00 42' and sak == '18' then cardtype = 'MIFARE 4k S70 7-byte UID' - end - end + cardprotocol = 'MIFARE Classic Protocol' + ultype = 'Disabled' + if uidlength == '00' then + uid = send("CF".._key.."CE00"):sub(1,8) + if atqaf == '00 04' and sak == '09' then cardtype = 'MIFARE Mini S20 4-byte UID' + elseif atqaf == '00 04' and sak == '08' then cardtype = 'MIFARE 1k S50 4-byte UID' + elseif atqaf == '00 02' and sak == '18' then cardtype = 'MIFARE 4k S70 4-byte UID' + end + elseif uidlength == '01' then + uid = send("CF".._key.."CE00"):sub(1,14) + if atqaf == '00 44' and sak == '09' then cardtype = 'MIFARE Mini S20 7-byte UID' + elseif atqaf == '00 44' and sak == '08' then cardtype = 'MIFARE 1k S50 7-byte UID' + elseif atqaf == '00 42' and sak == '18' then cardtype = 'MIFARE 4k S70 7-byte UID' + end + end elseif ulprotocol == '01' then - -- Read Ultralight config only if UL protocol is enabled - cardprotocol = 'MIFARE Ultralight/NTAG' - block0 = send("3000") - uid0 = block0:sub(1,6) - uid = uid0..block0:sub(9,16) - if ulmode == '00' then ultype = 'Ultralight EV1' - elseif ulmode == '01' then ultype = 'NTAG21x' - elseif ulmode == '02' then ultype = 'Ultralight-C' - elseif ulmode == '03' then ultype = 'Ultralight' - end - -- read VERSION - cversion = send('30FA'):sub(1,16) - -- pwdblock must be set since the 30F1 and 30F2 special commands don't work on the ntag21x part of the UMC - if ulmode == '03' then versionstr = 'Ultralight' - elseif ulmode == '02' then versionstr = 'Ultralight-C' - elseif cversion == '0004030101000B03' then versionstr = 'UL EV1 48b' - elseif cversion == '0004030101000E03' then versionstr = 'UL EV1 128b' - elseif cversion == '0004040101000B03' then versionstr = 'NTAG 210' - elseif cversion == '0004040101000E03' then versionstr = 'NTAG 212' - elseif cversion == '0004040201000F03' then versionstr = 'NTAG 213' - elseif cversion == '0004040201001103' then versionstr = 'NTAG 215' - elseif cversion == '0004040201001303' then versionstr = 'NTAG 216' - elseif cversion == '0004040502011303' then versionstr = 'NTAG I2C 1K' - elseif cversion == '0004040502011503' then versionstr = 'NTAG I2C 2K' - elseif cversion == '0004040502021303' then versionstr = 'NTAG I2C 1K PLUS' - elseif cversion == '0004040502021503' then versionstr = 'NTAG I2C 2K PLUS' - elseif cversion == '0004040401000F03' then versionstr = 'NTAG 213F' - elseif cversion == '0004040401001303' then versionstr = 'NTAG 216F' - end - -- read PWD - cpwd = send("30F0"):sub(1,8) - pwd = send("30E5"):sub(1,8) - -- 04 response indicates that blocks has been locked down. - if pwd == '04' then lib14a.disconnect(); return nil, "can't read configuration, "..err_lock end - -- read PACK - cpack = send("30F1"):sub(1,4) - pack = send("30E6"):sub(1,4) - -- read SIGNATURE - signature1 = send('30F2'):sub(1,32) - signature2 = send('30F6'):sub(1,32) - lib14a.disconnect() + -- Read Ultralight config only if UL protocol is enabled + cardprotocol = 'MIFARE Ultralight/NTAG' + block0 = send("3000") + uid0 = block0:sub(1,6) + uid = uid0..block0:sub(9,16) + if ulmode == '00' then ultype = 'Ultralight EV1' + elseif ulmode == '01' then ultype = 'NTAG21x' + elseif ulmode == '02' then ultype = 'Ultralight-C' + elseif ulmode == '03' then ultype = 'Ultralight' + end + -- read VERSION + cversion = send('30FA'):sub(1,16) + -- pwdblock must be set since the 30F1 and 30F2 special commands don't work on the ntag21x part of the UMC + if ulmode == '03' then versionstr = 'Ultralight' + elseif ulmode == '02' then versionstr = 'Ultralight-C' + elseif cversion == '0004030101000B03' then versionstr = 'UL EV1 48b' + elseif cversion == '0004030101000E03' then versionstr = 'UL EV1 128b' + elseif cversion == '0004040101000B03' then versionstr = 'NTAG 210' + elseif cversion == '0004040101000E03' then versionstr = 'NTAG 212' + elseif cversion == '0004040201000F03' then versionstr = 'NTAG 213' + elseif cversion == '0004040201001103' then versionstr = 'NTAG 215' + elseif cversion == '0004040201001303' then versionstr = 'NTAG 216' + elseif cversion == '0004040502011303' then versionstr = 'NTAG I2C 1K' + elseif cversion == '0004040502011503' then versionstr = 'NTAG I2C 2K' + elseif cversion == '0004040502021303' then versionstr = 'NTAG I2C 1K PLUS' + elseif cversion == '0004040502021503' then versionstr = 'NTAG I2C 2K PLUS' + elseif cversion == '0004040401000F03' then versionstr = 'NTAG 213F' + elseif cversion == '0004040401001303' then versionstr = 'NTAG 216F' + end + -- read PWD + cpwd = send("30F0"):sub(1,8) + pwd = send("30E5"):sub(1,8) + -- 04 response indicates that blocks has been locked down. + if pwd == '04' then lib14a.disconnect(); return nil, "can't read configuration, "..err_lock end + -- read PACK + cpack = send("30F1"):sub(1,4) + pack = send("30E6"):sub(1,4) + -- read SIGNATURE + signature1 = send('30F2'):sub(1,32) + signature2 = send('30F6'):sub(1,32) + lib14a.disconnect() end if _print < 1 then - print(string.rep('=', 88)) - print('\t\t\tUltimate Magic Card Configuration') - print(string.rep('=', 88)) - print(' - Raw Config ', string.sub(magicconfig, 1, -9)) - print(' - Card Protocol ', cardprotocol) - print(' - Ultralight Mode ', ultype) - print(' - ULM Backdoor Key ', readpass) - print(' - GTU Mode ', gtustr) - if ulprotocol == '01' then - print(' - Card Type ', versionstr) - else - print(' - Card Type ', cardtype) - end - print(' - UID ', uid) - print(' - ATQA ', atqaf) - print(' - SAK ', sak) - if ulprotocol == '01' then - print('') - print(string.rep('=', 88)) - print('\t\t\tMagic UL/NTAG 21* Configuration') - print(string.rep('=', 88)) - print(' - ATS ', atsstr) - print(' - Password ', '[0xE5] '..pwd, '[0xF0] '..cpwd) - print(' - Pack ', '[0xE6] '..pack, '[0xF1] '..cpack) - print(' - Version ', cversion) - print(' - Signature ', signature1..signature2) - end + print(string.rep('=', 88)) + print('\t\t\tUltimate Magic Card Configuration') + print(string.rep('=', 88)) + print(' - Raw Config ', string.sub(magicconfig, 1, -9)) + print(' - Card Protocol ', cardprotocol) + print(' - Ultralight Mode ', ultype) + print(' - ULM Backdoor Key ', readpass) + print(' - GTU Mode ', gtustr) + if ulprotocol == '01' then + print(' - Card Type ', versionstr) + else + print(' - Card Type ', cardtype) + end + print(' - UID ', uid) + print(' - ATQA ', atqaf) + print(' - SAK ', sak) + if ulprotocol == '01' then + print('') + print(string.rep('=', 88)) + print('\t\t\tMagic UL/NTAG 21* Configuration') + print(string.rep('=', 88)) + print(' - ATS ', atsstr) + print(' - Password ', '[0xE5] '..pwd, '[0xF0] '..cpwd) + print(' - Pack ', '[0xE6] '..pack, '[0xF1] '..cpack) + print(' - Version ', cversion) + print(' - Signature ', signature1..signature2) + end end lib14a.disconnect() return true, 'Ok' @@ -291,41 +291,41 @@ end local function write_uid(useruid) -- read CONFIG if not magicconfig then - _print = 1 - read_config() + _print = 1 + read_config() end local info = connect() if not info then return false, "Can't select card" end -- Writes a MFC UID with GEN4 magic commands. if ulprotocol == '00' then - -- uid string checks - if useruid == nil then return nil, 'empty uid string' end - if #useruid == 0 then return nil, 'empty uid string' end - if (#useruid ~= 8) and (#useruid ~= 14) then return nil, 'UID wrong length. Should be 4 or 7 hex bytes' end - print('Writing new UID ', useruid) - local uidbytes = utils.ConvertHexToBytes(useruid) - local bcc1 = bxor(bxor(bxor(uidbytes[1], uidbytes[2]), uidbytes[3]), uidbytes[4]) - local block0 = string.format('%02X%02X%02X%02X%02X', uidbytes[1], uidbytes[2], uidbytes[3], uidbytes[4], bcc1) - local resp = send('CF'.._key..'CD00'..block0) + -- uid string checks + if useruid == nil then return nil, 'empty uid string' end + if #useruid == 0 then return nil, 'empty uid string' end + if (#useruid ~= 8) and (#useruid ~= 14) then return nil, 'UID wrong length. Should be 4 or 7 hex bytes' end + print('Writing new UID ', useruid) + local uidbytes = utils.ConvertHexToBytes(useruid) + local bcc1 = bxor(bxor(bxor(uidbytes[1], uidbytes[2]), uidbytes[3]), uidbytes[4]) + local block0 = string.format('%02X%02X%02X%02X%02X', uidbytes[1], uidbytes[2], uidbytes[3], uidbytes[4], bcc1) + local resp = send('CF'.._key..'CD00'..block0) -- Writes a MFUL UID with bcc1, bcc2 using NTAG21xx commands. elseif ulprotocol == '01' then - -- uid string checks - if useruid == nil then return nil, 'empty uid string' end - if #useruid == 0 then return nil, 'empty uid string' end - if #useruid ~= 14 then return nil, 'uid wrong length. Should be 7 hex bytes' end - print('Writing new UID ', useruid) - local uidbytes = utils.ConvertHexToBytes(useruid) - local bcc1 = bxor(bxor(bxor(uidbytes[1], uidbytes[2]), uidbytes[3]), 0x88) - local bcc2 = bxor(bxor(bxor(uidbytes[4], uidbytes[5]), uidbytes[6]), uidbytes[7]) - local block0 = string.format('%02X%02X%02X%02X', uidbytes[1], uidbytes[2], uidbytes[3], bcc1) - local block1 = string.format('%02X%02X%02X%02X', uidbytes[4], uidbytes[5], uidbytes[6], uidbytes[7]) - local block2 = string.format('%02X%02X%02X%02X', bcc2, 0x48, 0x00, 0x00) - local resp - resp = send('A200'..block0) - resp = send('A201'..block1) - resp = send('A202'..block2) + -- uid string checks + if useruid == nil then return nil, 'empty uid string' end + if #useruid == 0 then return nil, 'empty uid string' end + if #useruid ~= 14 then return nil, 'uid wrong length. Should be 7 hex bytes' end + print('Writing new UID ', useruid) + local uidbytes = utils.ConvertHexToBytes(useruid) + local bcc1 = bxor(bxor(bxor(uidbytes[1], uidbytes[2]), uidbytes[3]), 0x88) + local bcc2 = bxor(bxor(bxor(uidbytes[4], uidbytes[5]), uidbytes[6]), uidbytes[7]) + local block0 = string.format('%02X%02X%02X%02X', uidbytes[1], uidbytes[2], uidbytes[3], bcc1) + local block1 = string.format('%02X%02X%02X%02X', uidbytes[4], uidbytes[5], uidbytes[6], uidbytes[7]) + local block2 = string.format('%02X%02X%02X%02X', bcc2, 0x48, 0x00, 0x00) + local resp + resp = send('A200'..block0) + resp = send('A201'..block1) + resp = send('A202'..block2) else - print('Incorrect ul') + print('Incorrect ul') end lib14a.disconnect() if resp ~= nil then @@ -339,8 +339,8 @@ end local function write_atqasak(atqasak) -- read CONFIG if not magicconfig then - _print = 1 - read_config() + _print = 1 + read_config() end if atqasak == nil then return nil, 'Empty ATQA/SAK string' end if #atqasak == 0 then return nil, 'Empty ATQA/SAK string' end @@ -350,25 +350,25 @@ end local atqauserf = atqauser2..atqauser1 local sakuser = atqasak:sub(5,6) if sakuser == '04' then - print('Never set SAK bit 3 (e.g. SAK=04), it indicates an extra cascade level is required') - return nil + print('Never set SAK bit 3 (e.g. SAK=04), it indicates an extra cascade level is required') + return nil elseif (sakuser == '20' or sakuser == '28') and atslen == '00' then - print('When SAK equals 20 or 28, ATS must be turned on') - return nil + print('When SAK equals 20 or 28, ATS must be turned on') + return nil elseif atqauser2 == '40' then - print('ATQA of [00 40] will cause the card to not answer.') - return nil + print('ATQA of [00 40] will cause the card to not answer.') + return nil else - local info = connect() - if not info then return false, "Can't select card" end - print('New ATQA: '..atqauser1..' '..atqauser2..' New SAK: '..sakuser) - local resp = send("CF".._key.."35"..atqauserf..sakuser) - lib14a.disconnect() - if resp == nil then - return nil, oops('Failed to write ATQA/SAK') - else - return true, 'Ok' - end + local info = connect() + if not info then return false, "Can't select card" end + print('New ATQA: '..atqauser1..' '..atqauser2..' New SAK: '..sakuser) + local resp = send("CF".._key.."35"..atqauserf..sakuser) + lib14a.disconnect() + if resp == nil then + return nil, oops('Failed to write ATQA/SAK') + else + return true, 'Ok' + end end end --- @@ -376,8 +376,8 @@ end local function write_ntagpwd(ntagpwd) -- read CONFIG if not magicconfig then - _print = 1 - read_config() + _print = 1 + read_config() end if ulprotocol == '00' then return nil, 'Magic Card is not using the Ultralight Protocol' end -- PWD string checks @@ -401,8 +401,8 @@ end local function write_pack(userpack) -- read CONFIG if not magicconfig then - _print = 1 - read_config() + _print = 1 + read_config() end if ulprotocol == 0 then return nil, 'Magic Card is not using the Ultralight Protocol' end -- PACK string checks @@ -426,8 +426,8 @@ local function write_otp(block3) if #block3 ~= 8 then return nil, 'OTP wrong length. Should be 4 hex bytes' end -- read CONFIG if not magicconfig then - _print = 1 - read_config() + _print = 1 + read_config() end if ulprotocol == '00' then return nil, 'Magic Card is not using the Ultralight Protocol' end local info = connect() @@ -450,8 +450,8 @@ local function write_version(data) if #data ~= 16 then return nil, 'version wrong length. Should be 8 hex bytes' end -- read CONFIG if not magicconfig then - _print = 1 - read_config() + _print = 1 + read_config() end if ulprotocol == '00' then return nil, 'Magic Card is not using the Ultralight Protocol' end print('Writing new version', data) @@ -478,8 +478,8 @@ local function write_signature(data) if #data ~= 64 then return nil, 'data wrong length. Should be 32 hex bytes' end -- read CONFIG if not magicconfig then - _print = 1 - read_config() + _print = 1 + read_config() end local info = connect() if not info then return false, "Can't select card" end @@ -508,19 +508,19 @@ local function write_gtu(gtu) local info = connect() if not info then return false, "Can't select card" end if gtu == '00' then - print('Enabling GTU Pre-Write') - send('CF'.._key..'32'..gtu) + print('Enabling GTU Pre-Write') + send('CF'.._key..'32'..gtu) elseif gtu == '01' then - print('Enabling GTU Restore Mode') - send('CF'.._key..'32'..gtu) + print('Enabling GTU Restore Mode') + send('CF'.._key..'32'..gtu) elseif gtu == '02' then - print('Disabled GTU') - send('CF'.._key..'32'..gtu) + print('Disabled GTU') + send('CF'.._key..'32'..gtu) elseif gtu == '03' then - print('Disabled GTU, high speed R/W mode for Ultralight') - send('CF'.._key..'32'..gtu) + print('Disabled GTU, high speed R/W mode for Ultralight') + send('CF'.._key..'32'..gtu) else - print('Failed to set GTU mode') + print('Failed to set GTU mode') end lib14a.disconnect() return true, 'Ok' @@ -536,13 +536,13 @@ local function write_ats(atsuser) local atscardlendecimal = tonumber(atscardlen, 16) local atsf = string.sub(atsuser, 3) if (#atsf / 2) ~= atscardlendecimal then - oops('Given length of ATS ('..atscardlendecimal..') does not match the ATS_length ('..(#atsf / 2)..')') - return true, 'Ok' + oops('Given length of ATS ('..atscardlendecimal..') does not match the ATS_length ('..(#atsf / 2)..')') + return true, 'Ok' else - local info = connect() - if not info then return false, "Can't select card" end - print('Writing '..atscardlendecimal..' ATS bytes of '..atsf) - send("CF".._key.."34"..atsuser) + local info = connect() + if not info then return false, "Can't select card" end + print('Writing '..atscardlendecimal..' ATS bytes of '..atsf) + send("CF".._key.."34"..atsuser) end lib14a.disconnect() return true, 'Ok' @@ -556,11 +556,11 @@ local function write_ulp(ulp) local info = connect() if not info then return false, "Can't select card" end if ulp == '00' then - print('Changing card to Mifare Classic Protocol') - send("CF".._key.."69"..ulp) + print('Changing card to Mifare Classic Protocol') + send("CF".._key.."69"..ulp) elseif ulp == '01' then - print('Changing card to Ultralight Protocol') - send("CF".._key.."69"..ulp) + print('Changing card to Ultralight Protocol') + send("CF".._key.."69"..ulp) else oops('Protocol needs to be either 00 or 01') end @@ -576,17 +576,17 @@ local function write_ulm(ulm) local info = connect() if not info then return false, "Can't select card" end if ulm == '00' then - print('Changing card UL mode to Ultralight EV1') - send("CF".._key.."6A"..ulm) + print('Changing card UL mode to Ultralight EV1') + send("CF".._key.."6A"..ulm) elseif ulm == '01' then - print('Changing card UL mode to NTAG') - send("CF".._key.."6A"..ulm) + print('Changing card UL mode to NTAG') + send("CF".._key.."6A"..ulm) elseif ulm == '02' then - print('Changing card UL mode to Ultralight-C') - send("CF".._key.."6A"..ulm) + print('Changing card UL mode to Ultralight-C') + send("CF".._key.."6A"..ulm) elseif ulm == '03' then - print('Changing card UL mode to Ultralight') - send("CF".._key.."6A"..ulm) + print('Changing card UL mode to Ultralight') + send("CF".._key.."6A"..ulm) else oops('UL mode needs to be either 00, 01, 02, 03') end @@ -603,50 +603,50 @@ local function set_type(tagtype) if tagtype == 1 then print('Setting: Ultimate Magic card to Mifare mini S20 4-byte') connect() - send("CF".._key.."F000000000000002000978009102DABC19101011121314151604000900") - lib14a.disconnect() + send("CF".._key.."F000000000000002000978009102DABC19101011121314151604000900") + lib14a.disconnect() write_uid('04112233') -- Setting Mifare mini S20 7-byte elseif tagtype == 2 then print('Setting: Ultimate Magic card to Mifare mini S20 7-byte') connect() - send("CF".._key.."F000010000000002000978009102DABC19101011121314151644000900") - lib14a.disconnect() + send("CF".._key.."F000010000000002000978009102DABC19101011121314151644000900") + lib14a.disconnect() write_uid('04112233445566') -- Setting Mifare 1k S50 4--byte elseif tagtype == 3 then print('Setting: Ultimate Magic card to Mifare 1k S50 4-byte') connect() - send("CF".._key.."F000000000000002000978009102DABC19101011121314151604000800") - lib14a.disconnect() + send("CF".._key.."F000000000000002000978009102DABC19101011121314151604000800") + lib14a.disconnect() write_uid('04112233') -- Setting Mifare 1k S50 7-byte elseif tagtype == 4 then print('Setting: Ultimate Magic card to Mifare 1k S50 7-byte') connect() - send("CF".._key.."F000010000000002000978009102DABC19101011121314151644000800") - lib14a.disconnect() + send("CF".._key.."F000010000000002000978009102DABC19101011121314151644000800") + lib14a.disconnect() write_uid('04112233445566') -- Setting Mifare 4k S70 4-byte elseif tagtype == 5 then print('Setting: Ultimate Magic card to Mifare 4k S70 4-byte') connect() - send("CF".._key.."F000000000000002000978009102DABC19101011121314151602001800") - lib14a.disconnect() + send("CF".._key.."F000000000000002000978009102DABC19101011121314151602001800") + lib14a.disconnect() write_uid('04112233') -- Setting Mifare 4k S70 7-byte elseif tagtype == 6 then print('Setting: Ultimate Magic card to Mifare 4k S70 7-byte') connect() - send("CF".._key.."F000010000000002000978009102DABC19101011121314151642001800") - lib14a.disconnect() + send("CF".._key.."F000010000000002000978009102DABC19101011121314151642001800") + lib14a.disconnect() write_uid('04112233445566') -- Setting UL elseif tagtype == 7 then print('Setting: Ultimate Magic card to UL') connect() - send("CF".._key.."F0010100000000030A0A78008102DBA0C119402AB5BA4D321A44000003") - lib14a.disconnect() + send("CF".._key.."F0010100000000030A0A78008102DBA0C119402AB5BA4D321A44000003") + lib14a.disconnect() write_uid('04112233445566') write_otp('00000000') -- Setting OTP to default 00 00 00 00 write_version('0000000000000000') -- UL-C does not have a version @@ -654,48 +654,48 @@ local function set_type(tagtype) elseif tagtype == 8 then print('Setting: Ultimate Magic card to UL-C') connect() - send("CF".._key.."F0010100000000030A0A78008102DBA0C119402AB5BA4D321A44000002") - print('Setting default permissions and 3des key') - send('A22A30000000') -- Auth0 page 48/0x30 and above need authentication - send('A22B80000000') -- Auth1 read and write access restricted - send('A22C42524541') -- Default 3des key - send('A22D4B4D4549') - send('A22E46594F55') - send('A22F43414E21') - lib14a.disconnect() + send("CF".._key.."F0010100000000030A0A78008102DBA0C119402AB5BA4D321A44000002") + print('Setting default permissions and 3des key') + send('A22A30000000') -- Auth0 page 48/0x30 and above need authentication + send('A22B80000000') -- Auth1 read and write access restricted + send('A22C42524541') -- Default 3des key + send('A22D4B4D4549') + send('A22E46594F55') + send('A22F43414E21') + lib14a.disconnect() write_uid('04112233445566') write_otp('00000000') -- Setting OTP to default 00 00 00 00 write_version('0000000000000000') -- UL-C does not have a version elseif tagtype == 9 then print('Setting: Ultimate Magic card to UL-EV1 48') - connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000000") + connect() + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000000") -- Setting UL-Ev1 default config bl 16,17 - send('a2E5FFFFFFFF') -- A2F0 block does not align correctly to actual pwd block - send('a2E6FFFFFFFF') -- A2F1 block does not align correctly to actual pack block + send('a2E5FFFFFFFF') -- A2F0 block does not align correctly to actual pwd block + send('a2E6FFFFFFFF') -- A2F1 block does not align correctly to actual pack block send('a210000000FF') send('a21100050000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_otp('00000000') -- Setting OTP to default 00 00 00 00 write_version('0004030101000b03') -- UL-EV1 (48) 00 04 03 01 01 00 0b 03 elseif tagtype == 10 then print('Setting: Ultimate Magic card to UL-EV1 128') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000000") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000000") -- Setting UL-Ev1 default config bl 37,38 - send('a2E5FFFFFFFF') -- A2F0 block does not align correctly to actual pwd block - send('a2E6FFFFFFFF') -- A2F1 block does not align correctly to actual pack block + send('a2E5FFFFFFFF') -- A2F0 block does not align correctly to actual pwd block + send('a2E6FFFFFFFF') -- A2F1 block does not align correctly to actual pack block send('a225000000FF') send('a22600050000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_otp('00000000') -- Setting OTP to default 00 00 00 00 write_version('0004030101000e03') -- UL-EV1 (128) 00 04 03 01 01 00 0e 03 elseif tagtype == 12 then print('Setting: Ultimate Magic card to NTAG 210') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG210 default CC block456 send('a203e1100600') send('a2040300fe00') @@ -703,13 +703,13 @@ local function set_type(tagtype) -- Setting cfg1/cfg2 send('a210000000FF') send('a21100050000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040101000b03') -- NTAG210 00 04 04 01 01 00 0b 03 elseif tagtype == 13 then print('Setting: Ultimate Magic card to NTAG 212') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG212 default CC block456 send('a203e1101000') send('a2040103900a') @@ -717,13 +717,13 @@ local function set_type(tagtype) -- Setting cfg1/cfg2 send('a225000000FF') send('a22600050000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040101000E03') -- NTAG212 00 04 04 01 01 00 0E 03 elseif tagtype == 14 then print('Setting: Ultimate Magic card to NTAG 213') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG213 default CC block456 send('a203e1101200') send('a2040103a00c') @@ -731,13 +731,13 @@ local function set_type(tagtype) -- setting cfg1/cfg2 send('a229000000ff') send('a22a00050000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040201000F03') -- NTAG213 00 04 04 02 01 00 0f 03 elseif tagtype == 15 then print('Setting: Ultimate Magic card to NTAG 215') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG215 default CC block456 send('a203e1103e00') send('a2040300fe00') @@ -745,13 +745,13 @@ local function set_type(tagtype) -- setting cfg1/cfg2 send('a283000000ff') send('a28400050000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040201001103') -- NTAG215 00 04 04 02 01 00 11 03 elseif tagtype == 16 then print('Setting: Ultimate Magic card to NTAG 216') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG216 default CC block456 send('a203e1106d00') send('a2040300fe00') @@ -759,56 +759,56 @@ local function set_type(tagtype) -- setting cfg1/cfg2 send('a2e3000000ff') send('a2e400050000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040201001303') -- NTAG216 00 04 04 02 01 00 13 03 elseif tagtype == 17 then print('Setting: Ultimate Magic card to NTAG I2C 1K') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG I2C 1K default CC block456 send('a203e1106D00') send('a2040300fe00') send('a20500000000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040502011303') -- NTAG_I2C_1K 00 04 04 05 02 01 13 03 elseif tagtype == 18 then print('Setting: Ultimate Magic card to NTAG I2C 2K') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG I2C 2K default CC block456 send('a203e110EA00') send('a2040300fe00') send('a20500000000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040502011503') -- NTAG_I2C_2K 00 04 04 05 02 01 15 03 elseif tagtype == 19 then print('Setting: Ultimate Magic card to NTAG I2C plus 1K') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG I2C 1K default CC block456 send('a203e1106D00') send('a2040300fe00') send('a20500000000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040502021303') -- NTAG_I2C_1K 00 04 04 05 02 02 13 03 elseif tagtype == 20 then print('Setting: Ultimate Magic card to NTAG I2C plus 2K') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG I2C 2K default CC block456 send('a203e1106D00') send('a2040300fe00') send('a20500000000') - write_uid('04112233445566') + write_uid('04112233445566') write_version('0004040502021503') -- NTAG_I2C_2K 00 04 04 05 02 02 15 03 elseif tagtype == 21 then print('Setting: Ultimate Magic card to NTAG 213F') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG213 default CC block456 send('a203e1101200') send('a2040103a00c') @@ -816,13 +816,13 @@ local function set_type(tagtype) -- setting cfg1/cfg2 send('a229000000ff') send('a22a00050000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040401000F03') -- NTAG213F 00 04 04 04 01 00 0f 03 elseif tagtype == 22 then print('Setting: Ultimate Magic card to NTAG 216F') connect() - send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") + send("CF".._key.."F001010000000003000978009102DABC19101011121314151644000001") -- Setting NTAG216 default CC block456 send('a203e1106d00') send('a2040300fe00') @@ -830,11 +830,11 @@ local function set_type(tagtype) -- setting cfg1/cfg2 send('a2e3000000ff') send('a2e400050000') - lib14a.disconnect() - write_uid('04112233445566') + lib14a.disconnect() + write_uid('04112233445566') write_version('0004040401001303') -- NTAG216F 00 04 04 04 01 00 13 03 else - oops('No matching tag types') + oops('No matching tag types') end lib14a.disconnect() if resp == '04' then diff --git a/client/src/cmdhfepa.c b/client/src/cmdhfepa.c index 7ce9a3e97..66ce37d6b 100644 --- a/client/src/cmdhfepa.c +++ b/client/src/cmdhfepa.c @@ -228,7 +228,7 @@ static int CmdHFEPAPACESimulate(const char *Cmd) { CLIExecWithReturn(ctx, Cmd, argtable, false); // bool use_pc = arg_get_lit(ctx, 1); -// uint8_t pwd_type = 0; +// uint8_t pwd_type = 0; int plen = 0; uint8_t pwd[6] = {0}; @@ -273,7 +273,7 @@ static command_t CommandTable[] = { {"help", CmdHelp, AlwaysAvailable, "This help"}, {"cnonces", CmdHFEPACollectPACENonces, IfPm3Iso14443, "Acquire encrypted PACE nonces of specific size"}, {"replay", CmdHFEPAPACEReplay, IfPm3Iso14443, "Perform PACE protocol by replaying given APDUs"}, - {"sim", CmdHFEPAPACESimulate, IfPm3Iso14443, "Simulate PACE protocol"}, + {"sim", CmdHFEPAPACESimulate, IfPm3Iso14443, "Simulate PACE protocol"}, {NULL, NULL, NULL, NULL} }; diff --git a/client/src/cmdhfxerox.c b/client/src/cmdhfxerox.c index 578f797e0..9ba1577da 100644 --- a/client/src/cmdhfxerox.c +++ b/client/src/cmdhfxerox.c @@ -15,77 +15,77 @@ #define TIMEOUT 2000 -#define c2l(c,l) (l = ((unsigned long)(*((c)++))), \ - l |= ((unsigned long)(*((c)++))) << 8L, \ - l |= ((unsigned long)(*((c)++))) << 16L, \ - l |= ((unsigned long)(*((c)++))) << 24L) +#define c2l(c,l) (l = ((unsigned long)(*((c)++))), \ + l |= ((unsigned long)(*((c)++))) << 8L, \ + l |= ((unsigned long)(*((c)++))) << 16L, \ + l |= ((unsigned long)(*((c)++))) << 24L) /* NOTE - c is not incremented as per c2l */ -#define c2ln(c,l1,l2,n) { \ - c += n; \ - l1 = l2 = 0; \ - switch (n) { \ - case 8: l2 = ((unsigned long)(*(--(c)))) << 24L; \ - case 7: l2 |= ((unsigned long)(*(--(c)))) << 16L; \ - case 6: l2 |= ((unsigned long)(*(--(c)))) << 8L; \ - case 5: l2 |= ((unsigned long)(*(--(c)))); \ - case 4: l1 = ((unsigned long)(*(--(c)))) << 24L; \ - case 3: l1 |= ((unsigned long)(*(--(c)))) << 16L; \ - case 2: l1 |= ((unsigned long)(*(--(c)))) << 8L; \ - case 1: l1 |= ((unsigned long)(*(--(c)))); \ - } \ - } +#define c2ln(c,l1,l2,n) { \ + c += n; \ + l1 = l2 = 0; \ + switch (n) { \ + case 8: l2 = ((unsigned long)(*(--(c)))) << 24L; \ + case 7: l2 |= ((unsigned long)(*(--(c)))) << 16L; \ + case 6: l2 |= ((unsigned long)(*(--(c)))) << 8L; \ + case 5: l2 |= ((unsigned long)(*(--(c)))); \ + case 4: l1 = ((unsigned long)(*(--(c)))) << 24L; \ + case 3: l1 |= ((unsigned long)(*(--(c)))) << 16L; \ + case 2: l1 |= ((unsigned long)(*(--(c)))) << 8L; \ + case 1: l1 |= ((unsigned long)(*(--(c)))); \ + } \ + } -#define l2c(l,c) (*((c)++) = (uint8_t)(((l)) & 0xff), \ - *((c)++) = (uint8_t)(((l) >> 8L) & 0xff), \ - *((c)++) = (uint8_t)(((l) >> 16L) & 0xff), \ - *((c)++) = (uint8_t)(((l) >> 24L) & 0xff)) +#define l2c(l,c) (*((c)++) = (uint8_t)(((l)) & 0xff), \ + *((c)++) = (uint8_t)(((l) >> 8L) & 0xff), \ + *((c)++) = (uint8_t)(((l) >> 16L) & 0xff), \ + *((c)++) = (uint8_t)(((l) >> 24L) & 0xff)) /* NOTE - c is not incremented as per l2c */ -#define l2cn(l1,l2,c,n) { \ - c += n; \ - switch (n) { \ - case 8: *(--(c)) = (uint8_t)(((l2) >> 24L) & 0xff); \ - case 7: *(--(c)) = (uint8_t)(((l2) >> 16L) & 0xff); \ - case 6: *(--(c)) = (uint8_t)(((l2) >> 8L) & 0xff); \ - case 5: *(--(c)) = (uint8_t)(((l2)) & 0xff); \ - case 4: *(--(c)) = (uint8_t)(((l1) >> 24L) & 0xff); \ - case 3: *(--(c)) = (uint8_t)(((l1) >> 16L) & 0xff); \ - case 2: *(--(c)) = (uint8_t)(((l1) >> 8L) & 0xff); \ - case 1: *(--(c)) = (uint8_t)(((l1)) & 0xff); \ - } \ - } +#define l2cn(l1,l2,c,n) { \ + c += n; \ + switch (n) { \ + case 8: *(--(c)) = (uint8_t)(((l2) >> 24L) & 0xff); \ + case 7: *(--(c)) = (uint8_t)(((l2) >> 16L) & 0xff); \ + case 6: *(--(c)) = (uint8_t)(((l2) >> 8L) & 0xff); \ + case 5: *(--(c)) = (uint8_t)(((l2)) & 0xff); \ + case 4: *(--(c)) = (uint8_t)(((l1) >> 24L) & 0xff); \ + case 3: *(--(c)) = (uint8_t)(((l1) >> 16L) & 0xff); \ + case 2: *(--(c)) = (uint8_t)(((l1) >> 8L) & 0xff); \ + case 1: *(--(c)) = (uint8_t)(((l1)) & 0xff); \ + } \ + } /* NOTE - c is not incremented as per n2l */ -#define n2ln(c,l1,l2,n) { \ - c += n; \ - l1 = l2 = 0; \ - switch (n) { \ - case 8: l2 = ((unsigned long)(*(--(c)))); \ - case 7: l2 |= ((unsigned long)(*(--(c)))) << 8; \ - case 6: l2 |= ((unsigned long)(*(--(c)))) << 16; \ - case 5: l2 |= ((unsigned long)(*(--(c)))) << 24; \ - case 4: l1 = ((unsigned long)(*(--(c)))); \ - case 3: l1 |= ((unsigned long)(*(--(c)))) << 8; \ - case 2: l1 |= ((unsigned long)(*(--(c)))) << 16; \ - case 1: l1 |= ((unsigned long)(*(--(c)))) << 24; \ - } \ - } +#define n2ln(c,l1,l2,n) { \ + c += n; \ + l1 = l2 = 0; \ + switch (n) { \ + case 8: l2 = ((unsigned long)(*(--(c)))); \ + case 7: l2 |= ((unsigned long)(*(--(c)))) << 8; \ + case 6: l2 |= ((unsigned long)(*(--(c)))) << 16; \ + case 5: l2 |= ((unsigned long)(*(--(c)))) << 24; \ + case 4: l1 = ((unsigned long)(*(--(c)))); \ + case 3: l1 |= ((unsigned long)(*(--(c)))) << 8; \ + case 2: l1 |= ((unsigned long)(*(--(c)))) << 16; \ + case 1: l1 |= ((unsigned long)(*(--(c)))) << 24; \ + } \ + } /* NOTE - c is not incremented as per l2n */ -#define l2nn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c)) = (uint8_t)(((l2)) & 0xff); \ - case 7: *(--(c)) = (uint8_t)(((l2) >> 8) & 0xff); \ - case 6: *(--(c)) = (uint8_t)(((l2) >> 16) & 0xff); \ - case 5: *(--(c)) = (uint8_t)(((l2) >> 24) & 0xff); \ - case 4: *(--(c)) = (uint8_t)(((l1)) & 0xff); \ - case 3: *(--(c)) = (uint8_t)(((l1) >> 8) & 0xff); \ - case 2: *(--(c)) = (uint8_t)(((l1) >> 16) & 0xff); \ - case 1: *(--(c)) = (uint8_t)(((l1) >> 24) & 0xff); \ - } \ - } +#define l2nn(l1,l2,c,n) { \ + c+=n; \ + switch (n) { \ + case 8: *(--(c)) = (uint8_t)(((l2)) & 0xff); \ + case 7: *(--(c)) = (uint8_t)(((l2) >> 8) & 0xff); \ + case 6: *(--(c)) = (uint8_t)(((l2) >> 16) & 0xff); \ + case 5: *(--(c)) = (uint8_t)(((l2) >> 24) & 0xff); \ + case 4: *(--(c)) = (uint8_t)(((l1)) & 0xff); \ + case 3: *(--(c)) = (uint8_t)(((l1) >> 8) & 0xff); \ + case 2: *(--(c)) = (uint8_t)(((l1) >> 16) & 0xff); \ + case 1: *(--(c)) = (uint8_t)(((l1) >> 24) & 0xff); \ + } \ + } #define n2l(c,l) (l = ((unsigned long)(*((c)++))) << 24L, \ l |= ((unsigned long)(*((c)++))) << 16L, \ @@ -98,17 +98,17 @@ *((c)++) = (uint8_t)(((l)) & 0xff)) #define C_RC2(n) \ - t = (x0 + (x1 & ~x3) + (x2 & x3) + *(p0++)) & 0xffff; \ - x0 = (t << 1) | (t >> 15); \ - t = (x1 + (x2 & ~x0) + (x3 & x0) + *(p0++)) & 0xffff; \ - x1 = (t << 2) | (t >> 14); \ - t = (x2 + (x3 & ~x1) + (x0 & x1) + *(p0++)) & 0xffff; \ - x2 = (t << 3) | (t >> 13); \ - t = (x3 + (x0 & ~x2) + (x1 & x2) + *(p0++)) & 0xffff; \ - x3 = (t << 5) | (t >> 11); + t = (x0 + (x1 & ~x3) + (x2 & x3) + *(p0++)) & 0xffff; \ + x0 = (t << 1) | (t >> 15); \ + t = (x1 + (x2 & ~x0) + (x3 & x0) + *(p0++)) & 0xffff; \ + x1 = (t << 2) | (t >> 14); \ + t = (x2 + (x3 & ~x1) + (x0 & x1) + *(p0++)) & 0xffff; \ + x2 = (t << 3) | (t >> 13); \ + t = (x3 + (x0 & ~x2) + (x1 & x2) + *(p0++)) & 0xffff; \ + x3 = (t << 5) | (t >> 11); -#define RC2_ENCRYPT 1 -#define RC2_DECRYPT 0 +#define RC2_ENCRYPT 1 +#define RC2_DECRYPT 0 typedef unsigned int RC2_INT; @@ -533,8 +533,8 @@ static int CmdHFXeroxInfo(const char *Cmd) { packet->flags = (ISO14B_APPEND_CRC | ISO14B_RAW); packet->rawlen = 11; packet->raw[0] = 0x02; - packet->raw[1] = 0x20; // set command: read mem - memcpy(packet->raw + 2, card.uid, 8); // store uid + packet->raw[1] = 0x20; // set command: read mem + memcpy(packet->raw + 2, card.uid, 8); // store uid for (int retry = 0; (retry < 5 && blocknum < sizeof(info_blocks)); retry++) { @@ -623,7 +623,7 @@ static int CmdHFXeroxDump(const char *Cmd) { } iso14b_card_select_t card; - int status = findXerox(&card, false); // remain RF on + int status = findXerox(&card, false); // remain RF on if (status != PM3_SUCCESS) { free(packet); switch_off_field(); @@ -632,20 +632,20 @@ static int CmdHFXeroxDump(const char *Cmd) { PrintAndLogEx(INFO, "Reading memory from tag UID " _GREEN_("%s"), sprint_hex(card.uid, card.uidlen)); - int blocknum = 1; // block 0 all zeros + int blocknum = 1; // block 0 all zeros uint8_t data[256 * 4] = {0}; // set up the read command packet->flags = (ISO14B_APPEND_CRC | ISO14B_RAW); packet->rawlen = 11; packet->raw[0] = 0x02; - memcpy(packet->raw + 2, card.uid, 8); // store uid + memcpy(packet->raw + 2, card.uid, 8); // store uid PrintAndLogEx(INFO, "." NOLF); for (int retry = 0; (retry < 5 && blocknum < 0x100); retry++) { - packet->raw[1] = (blocknum < 12) ? 0x30 : 0x20; // set command: read ext mem or read mem + packet->raw[1] = (blocknum < 12) ? 0x30 : 0x20; // set command: read ext mem or read mem packet->raw[10] = blocknum & 0xFF; PacketResponseNG resp; @@ -657,7 +657,7 @@ static int CmdHFXeroxDump(const char *Cmd) { resp.cmd, resp.length, resp.magic, resp.status, resp.crc, resp.oldarg[0], resp.oldarg[1], resp.oldarg[2], resp.data.asBytes[0], resp.data.asBytes[1], resp.data.asBytes[2], resp.ng ? 't' : 'f'); */ - if (/*resp.status != 0 ||*/ resp.length < 7) { // 14b raw command send data_len instead of status + if (/*resp.status != 0 ||*/ resp.length < 7) { // 14b raw command send data_len instead of status PrintAndLogEx(FAILED, "retrying one more time"); continue; } @@ -722,8 +722,8 @@ static int CmdHFXeroxDump(const char *Cmd) { memcpy(k1, k2, sizeof(k1)); k1[2] = k2[3] ^ data[0x22 * 4 + 0]; - k1[3] = k2[4] ^ data[0x22 * 4 + 1]; // first_key[7]; - k1[5] = k2[1] ^ 0x01; // 01 = crypto method? rfid[23][2] + k1[3] = k2[4] ^ data[0x22 * 4 + 1]; // first_key[7]; + k1[5] = k2[1] ^ 0x01; // 01 = crypto method? rfid[23][2] RC2_set_key(&exp_key, 8, k1, 64); @@ -747,7 +747,7 @@ static int CmdHFXeroxDump(const char *Cmd) { uint16_t cs, csd; // calc checksum - for (b = 0, cs = 0; b < sizeof(decr) - 2; b += 2) cs += decr[b] | (decr[b + 1] << 8); + for (b = 0, cs = 0; b < sizeof(decr) - 2; b += 2) cs += decr[b] | (decr[b + 1] << 8); cs = ~cs; csd = (decr[7] << 8) | decr[6]; @@ -772,7 +772,7 @@ static int CmdHFXeroxDump(const char *Cmd) { PrintAndLogEx(INFO, "---------+--------------+----------"); PrintAndLogEx(NORMAL, ""); - if (0 == filename[0]) { // generate filename from uid + if (0 == filename[0]) { // generate filename from uid /* PrintAndLogEx(INFO, "Using UID as filename"); diff --git a/doc/commands.json b/doc/commands.json index 47f77d21a..e055a70b4 100644 --- a/doc/commands.json +++ b/doc/commands.json @@ -11512,6 +11512,6 @@ "metadata": { "commands_extracted": 727, "extracted_by": "PM3Help2JSON v1.00", - "extracted_on": "2023-01-14T21:16:27" + "extracted_on": "2023-01-14T21:23:30" } } \ No newline at end of file diff --git a/include/protocols.h b/include/protocols.h index 016584098..9de07e4e7 100644 --- a/include/protocols.h +++ b/include/protocols.h @@ -473,7 +473,7 @@ ISO 7816-4 Basic interindustry commands. For command APDU's. // 65 xx #define ISO7816_MEMORY_FULL 0x6501 // Memory failure -#define ISO7816_WRITE_MEMORY_ERR 0x6581 // Write problem / Memory failure / Unknown mode +#define ISO7816_WRITE_MEMORY_ERR 0x6581 // Write problem / Memory failure / Unknown mode // 67 xx #define ISO7816_WRONG_LENGTH 0x6700 // Wrong length