diff --git a/armsrc/Standalone/hf_colin.c b/armsrc/Standalone/hf_colin.c index aef09f1ca..93c92f92a 100644 --- a/armsrc/Standalone/hf_colin.c +++ b/armsrc/Standalone/hf_colin.c @@ -81,19 +81,19 @@ */ -static uint8_t cjuid[10]; -static uint32_t cjcuid; -static iso14a_card_select_t p_card; -static int currline; -static int currfline; -static int curlline; +static uint8_t colin_cjuid[10]; +static uint32_t colin_cjcuid; +static iso14a_card_select_t colin_p_card; +static int colin_currline; +static int colin_currfline; +static int colin_curlline; // TODO : Implement fast read of KEYS like in RFIdea // also http://ext.delaat.net/rp/2015-2016/p04/report.pdf // Colin's VIGIKPWN sniff/simulate/clone repeat routine for HF Mifare -static const uint8_t is_hex[] = { +static const uint8_t colin_is_hex[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 0, 0, 0, 0, 0, 0, 0, 11, 12, 13, 14, 15, 16, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, @@ -112,8 +112,8 @@ static uint64_t hex2i(const char *s) { s += 2; else if (*s == 'x') s++; - while (is_hex[(uint8_t)*s]) - val = (val << 4) | (is_hex[(uint8_t) * (s++)] - 1); + while (colin_is_hex[(uint8_t)*s]) + val = (val << 4) | (colin_is_hex[(uint8_t) * (s++)] - 1); return val; } @@ -162,7 +162,7 @@ static void scan_keys(const char *str, int len, uint64_t *user_data) { } } -static MFC1KSchema_t Schemas[MAX_SCHEMAS]; +static MFC1KSchema_t colin_Schemas[MAX_SCHEMAS]; /*MFC1KSchema_t Noralsy = { .name = "Noralsy", @@ -196,7 +196,7 @@ MFC1KSchema_t InfiHexact = {.name = "Infineon/Hexact", 0x8829da9daf76, 0x8829da9daf76, 0x8829da9daf76, 0x8829da9daf76}}; */ -static int total_schemas = 0; +static int colin_total_schemas = 0; static void add_schema(MFC1KSchema_t *p, MFC1KSchema_t a, int *schemas_counter) { if (*schemas_counter < MAX_SCHEMAS) { @@ -216,18 +216,18 @@ static void delete_schema(MFC1KSchema_t *p, int *schemas_counter, int index) { } */ static void cjSetCursFRight(void) { - vtsend_cursor_position(NULL, 98, (currfline)); - currfline++; + vtsend_cursor_position(NULL, 98, (colin_currfline)); + colin_currfline++; } static void cjSetCursRight(void) { - vtsend_cursor_position(NULL, 59, (currline)); - currline++; + vtsend_cursor_position(NULL, 59, (colin_currline)); + colin_currline++; } static void cjSetCursLeft(void) { - vtsend_cursor_position(NULL, 0, (curlline)); - curlline++; + vtsend_cursor_position(NULL, 0, (colin_curlline)); + colin_curlline++; } static void cjTabulize(void) { DbprintfEx(FLAG_RAWPRINT, "\t\t\t"); } @@ -261,7 +261,7 @@ static void add_schemas_from_json_in_spiffs(char *filename) { &tmpscheme.keysA, scan_keys, &tmpscheme.keysB); memcpy(tmpscheme.name, tmpname, 32); tmpscheme.trigger = hex2i(tmptrigger); - add_schema(Schemas, tmpscheme, &total_schemas); + add_schema(colin_Schemas, tmpscheme, &colin_total_schemas); DbprintfEx(FLAG_NEWLINE, "Schema loaded : %s", tmpname); cjSetCursLeft(); } @@ -335,16 +335,16 @@ void RunMod(void) { // turn off all debugging. g_dbglevel = DBG_NONE; - // add_schema(Schemas, Noralsy, &total_schemas); - // add_schema(Schemas, InfiHexact, &total_schemas); + // add_schema(colin_Schemas, Noralsy, &colin_total_schemas); + // add_schema(colin_Schemas, InfiHexact, &colin_total_schemas); // add_schema_from_json_in_spiffs((char *)HFCOLIN_URMETCAPTIVE_JSON); - // add_schema(Schemas, UrmetCaptive, &total_schemas); + // add_schema(colin_Schemas, UrmetCaptive, &colin_total_schemas); - currline = 20; - curlline = 20; - currfline = 24; - memset(cjuid, 0, sizeof(cjuid)); - cjcuid = 0; + colin_currline = 20; + colin_curlline = 20; + colin_currfline = 24; + memset(colin_cjuid, 0, sizeof(colin_cjuid)); + colin_cjcuid = 0; uint8_t sectorsCnt = (MF1KSZ / MF1KSZSIZE); uint64_t key64; // Defines current key uint8_t *keyBlock; // Where the keys will be held in memory. @@ -466,9 +466,9 @@ void RunMod(void) { DbprintfEx(FLAG_NEWLINE, "%s%s%s", _XCYAN_, sub_banner, _XWHITE_); DbprintfEx(FLAG_NEWLINE, "%s>>%s C.J.B's MifareFastPwn Started\r\n", _XRED_, _XWHITE_); - currline = 20; - curlline = 20; - currfline = 24; + colin_currline = 20; + colin_curlline = 20; + colin_currfline = 24; cjSetCursLeft(); add_schemas_from_json_in_spiffs((char *)HFCOLIN_SCHEMAS_JSON); @@ -485,7 +485,7 @@ failtag: SpinOff(50); LED_A_ON(); - while (!iso14443a_select_card(cjuid, &p_card, &cjcuid, true, 0, true)) { + while (!iso14443a_select_card(colin_cjuid, &colin_p_card, &colin_cjcuid, true, 0, true)) { WDT_HIT(); if (BUTTON_HELD(10) == BUTTON_HOLD) { WDT_HIT(); @@ -507,9 +507,9 @@ failtag: DbprintfEx(FLAG_NEWLINE, "\t\t\t `---> Breaking keys ---->"); cjSetCursRight(); - DbprintfEx(FLAG_NEWLINE, "\t%sGOT TAG :%s %08x%s", _XRED_, _XCYAN_, cjcuid, _XWHITE_); + DbprintfEx(FLAG_NEWLINE, "\t%sGOT TAG :%s %08x%s", _XRED_, _XCYAN_, colin_cjcuid, _XWHITE_); - if (cjcuid == 0) { + if (colin_cjcuid == 0) { cjSetCursLeft(); DbprintfEx(FLAG_NEWLINE, "%s>>%s BUG: 0000_CJCUID! Retrying...", _XRED_, _XWHITE_); SpinErr(LED_A, 100, 8); @@ -580,8 +580,8 @@ failtag: DbprintfEx(FLAG_NEWLINE, "SEC: %02x ; KEY : %012" PRIx64 " ; TYP: %i", sec, key64, type); /*reply_old(CMD_CJB_INFORM_CLIENT_KEY, 12, sec, type, tosendkey, 12);*/ - for (int i = 0; i < total_schemas; i++) { - if (key64 == Schemas[i].trigger) { + for (int i = 0; i < colin_total_schemas; i++) { + if (key64 == colin_Schemas[i].trigger) { cjSetCursLeft(); DbprintfEx(FLAG_NEWLINE, "%s>>>>>>>>>>>>!*STOP*!<<<<<<<<<<<<<<%s", _XRED_, _XWHITE_); @@ -590,7 +590,7 @@ failtag: DbprintfEx(FLAG_NEWLINE, " .TAG SEEMS %sDETERMINISTIC%s. ", _XGREEN_, _XWHITE_); cjSetCursLeft(); - DbprintfEx(FLAG_NEWLINE, "%sDetected: %s %s%s", _XORANGE_, _XCYAN_, Schemas[i].name, _XWHITE_); + DbprintfEx(FLAG_NEWLINE, "%sDetected: %s %s%s", _XORANGE_, _XCYAN_, colin_Schemas[i].name, _XWHITE_); cjSetCursLeft(); DbprintfEx(FLAG_NEWLINE, "...%s[%sKey_derivation_schemeTest%s]%s...", _XYELLOW_, _XGREEN_, @@ -601,7 +601,7 @@ failtag: uint16_t t = 0; for (uint16_t s = 0; s < sectorsCnt; s++) { - num_to_bytes(Schemas[i].keysA[s], 6, foundKey[t][s]); + num_to_bytes(colin_Schemas[i].keysA[s], 6, foundKey[t][s]); sprintf(tosendkey, "%02x%02x%02x%02x%02x%02x", foundKey[t][s][0], foundKey[t][s][1], foundKey[t][s][2], foundKey[t][s][3], foundKey[t][s][4], foundKey[t][s][5]); cjSetCursRight(); @@ -609,7 +609,7 @@ failtag: } t = 1; for (uint16_t s = 0; s < sectorsCnt; s++) { - num_to_bytes(Schemas[i].keysB[s], 6, foundKey[t][s]); + num_to_bytes(colin_Schemas[i].keysB[s], 6, foundKey[t][s]); sprintf(tosendkey, "%02x%02x%02x%02x%02x%02x", foundKey[t][s][0], foundKey[t][s][1], foundKey[t][s][2], foundKey[t][s][3], foundKey[t][s][4], foundKey[t][s][5]); cjSetCursRight(); @@ -684,7 +684,7 @@ failtag: cjSetCursLeft(); cjSetCursLeft(); - WriteTagToFlash(cjcuid, 1024); + WriteTagToFlash(colin_cjcuid, 1024); readysim: cjSetCursLeft(); @@ -711,7 +711,7 @@ readysim: /* uint16_t flags = 0; - switch (p_card.uidlen) { + switch (colin_p_card.uidlen) { case 10: flags = FLAG_10B_UID_IN_DATA; break; @@ -739,7 +739,7 @@ readysim: DbprintfEx(FLAG_NEWLINE, "\n\n\n\n\n\n\n\nn\n\nn\n\n\nflags: %d (0x%02x)", flags, flags); cjSetCursLeft(); SpinOff(1000); - Mifare1ksim(flags, 0, cjuid, 0, 0); + Mifare1ksim(flags, 0, colin_cjuid, 0, 0); LED_C_OFF(); SpinOff(50); vtsend_cursor_position_restore(NULL); @@ -795,25 +795,25 @@ int e_MifareECardLoad(uint32_t numofsectors, uint8_t keytype) { bool isOK = true; - if (!iso14443a_select_card(cjuid, &p_card, &cjcuid, true, 0, true)) { + if (!iso14443a_select_card(colin_cjuid, &colin_p_card, &colin_cjcuid, true, 0, true)) { isOK = false; } for (uint8_t s = 0; isOK && s < numSectors; s++) { uint64_t ui64Key = emlGetKey(s, keyType); if (s == 0) { - if (isOK && mifare_classic_auth(pcs, cjcuid, FirstBlockOfSector(s), keyType, ui64Key, AUTH_FIRST)) { + if (isOK && mifare_classic_auth(pcs, colin_cjcuid, FirstBlockOfSector(s), keyType, ui64Key, AUTH_FIRST)) { break; } } else { - if (isOK && mifare_classic_auth(pcs, cjcuid, FirstBlockOfSector(s), keyType, ui64Key, AUTH_NESTED)) { + if (isOK && mifare_classic_auth(pcs, colin_cjcuid, FirstBlockOfSector(s), keyType, ui64Key, AUTH_NESTED)) { isOK = false; break; } } for (uint8_t blockNo = 0; isOK && blockNo < NumBlocksPerSector(s); blockNo++) { - if (isOK && mifare_classic_readblock(pcs, cjcuid, FirstBlockOfSector(s) + blockNo, dataoutbuf)) { + if (isOK && mifare_classic_readblock(pcs, colin_cjcuid, FirstBlockOfSector(s) + blockNo, dataoutbuf)) { isOK = false; break; }; @@ -830,7 +830,7 @@ int e_MifareECardLoad(uint32_t numofsectors, uint8_t keytype) { } } - int res = mifare_classic_halt(pcs, cjcuid); + int res = mifare_classic_halt(pcs, colin_cjcuid); (void)res; crypto1_deinit(pcs); @@ -854,15 +854,15 @@ int cjat91_saMifareChkKeys(uint8_t blockNo, uint8_t keyType, bool clearTrace, for (uint8_t i = 0; i < keyCount; i++) { /* no need for anticollision. just verify tag is still here */ - // if (!iso14443a_fast_select_card(cjuid, 0)) { - if (!iso14443a_select_card(cjuid, &p_card, &cjcuid, true, 0, true)) { + // if (!iso14443a_fast_select_card(colin_cjuid, 0)) { + if (!iso14443a_select_card(colin_cjuid, &colin_p_card, &colin_cjcuid, true, 0, true)) { cjSetCursLeft(); DbprintfEx(FLAG_NEWLINE, "%sFATAL%s : E_MF_LOSTTAG", _XRED_, _XWHITE_); break; } uint64_t ui64Key = bytes_to_num(datain + i * 6, 6); - if (mifare_classic_auth(pcs, cjcuid, blockNo, keyType, ui64Key, AUTH_FIRST)) { + if (mifare_classic_auth(pcs, colin_cjcuid, blockNo, keyType, ui64Key, AUTH_FIRST)) { uint8_t dummy_answer = 0; ReaderTransmit(&dummy_answer, 1, NULL); // wait for the card to become ready again @@ -908,8 +908,8 @@ void saMifareMakeTag(void) { if (saMifareCSetBlock(0, flags & 0xFE, blockNum, mblock)) { cjSetCursFRight(); - if (currfline > 53) { - currfline = 54; + if (colin_currfline > 53) { + colin_currfline = 54; } DbprintfEx(FLAG_NEWLINE, "Block :%02x %sOK%s", blockNum, _XGREEN_, _XWHITE_); continue; @@ -973,12 +973,12 @@ int saMifareCSetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *data // get UID from chip if (workFlags & 0x01) { - if (!iso14443a_select_card(cjuid, &p_card, &cjcuid, true, 0, true)) { + if (!iso14443a_select_card(colin_cjuid, &colin_p_card, &colin_cjcuid, true, 0, true)) { DbprintfEx(FLAG_NEWLINE, "Can't select card"); break; }; - if (mifare_classic_halt(NULL, cjcuid)) { + if (mifare_classic_halt(NULL, colin_cjcuid)) { DbprintfEx(FLAG_NEWLINE, "Halt error"); break; }; @@ -998,7 +998,7 @@ int saMifareCSetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *data break; }; - if (mifare_classic_halt(NULL, cjcuid)) { + if (mifare_classic_halt(NULL, colin_cjcuid)) { DbprintfEx(FLAG_NEWLINE, "Halt error"); break; }; @@ -1035,7 +1035,7 @@ int saMifareCSetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *data }; if (workFlags & 0x04) { - if (mifare_classic_halt(NULL, cjcuid)) { + if (mifare_classic_halt(NULL, colin_cjcuid)) { cjSetCursFRight(); DbprintfEx(FLAG_NEWLINE, "Halt error"); diff --git a/armsrc/Standalone/hf_mattyrun.c b/armsrc/Standalone/hf_mattyrun.c index d0d7d9c79..dc32b4946 100644 --- a/armsrc/Standalone/hf_mattyrun.c +++ b/armsrc/Standalone/hf_mattyrun.c @@ -12,7 +12,7 @@ ### What I did: I've personally recoded the image of the ARM in order to automate the attack and simulation on Mifare cards. I've moved some of the -implementation on the client side to the ARM such as *chk*, *ecfill*, *sim* +implementation on the client side to the ARM such as *chk*, *mattyrun_ecfill*, *sim* and *clone* commands. ### What it does now: @@ -49,16 +49,16 @@ on a blank card. #include "mifaresim.h" // mifare1ksim #include "mifareutil.h" -static uint8_t uid[10]; -static uint32_t cuid; -static iso14a_card_select_t p_card; +static uint8_t mattyrun_uid[10]; +static uint32_t mattyrun_cuid; +static iso14a_card_select_t mattyrun_p_card; // Pseudo-configuration block. -static bool printKeys = false; // Prints keys +static bool mattyrun_printKeys = false; // Prints keys //static bool transferToEml = true; // Transfer keys to emulator memory -static bool ecfill = true; // Fill emulator memory with cards content. +static bool mattyrun_ecfill = true; // Fill emulator memory with cards content. //static bool simulation = true; // Simulates an exact copy of the target tag -static bool fillFromEmulator = false; // Dump emulator memory. +static bool mattyrun_fillFromEmulator = false; // Dump emulator memory. //----------------------------------------------------------------------------- // Matt's StandAlone mod. @@ -96,12 +96,12 @@ static int saMifareCSetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_ while (true) { // get UID from chip if (workFlags & 0x01) { - if (!iso14443a_select_card(uid, &p_card, &cuid, true, 0, true)) { + if (!iso14443a_select_card(mattyrun_uid, &mattyrun_p_card, &mattyrun_cuid, true, 0, true)) { DbprintfEx(FLAG_NEWLINE, "Can't select card"); break; }; - if (mifare_classic_halt(NULL, cuid)) { + if (mifare_classic_halt(NULL, mattyrun_cuid)) { DbprintfEx(FLAG_NEWLINE, "Halt error"); break; }; @@ -121,7 +121,7 @@ static int saMifareCSetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_ break; }; - if (mifare_classic_halt(NULL, cuid)) { + if (mifare_classic_halt(NULL, mattyrun_cuid)) { DbprintfEx(FLAG_NEWLINE, "Halt error"); break; }; @@ -157,7 +157,7 @@ static int saMifareCSetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_ }; if (workFlags & 0x04) { - if (mifare_classic_halt(NULL, cuid)) { + if (mifare_classic_halt(NULL, mattyrun_cuid)) { DbprintfEx(FLAG_NEWLINE, "Halt error"); break; }; @@ -192,13 +192,13 @@ static int saMifareChkKeys(uint8_t blockNo, uint8_t keyType, bool clearTrace, /* no need for anticollision. just verify tag is still here */ // if (!iso14443a_fast_select_card(cjuid, 0)) { - if (!iso14443a_select_card(uid, &p_card, &cuid, true, 0, true)) { + if (!iso14443a_select_card(mattyrun_uid, &mattyrun_p_card, &mattyrun_cuid, true, 0, true)) { DbprintfEx(FLAG_NEWLINE, "FATAL : E_MF_LOSTTAG"); break; } uint64_t ui64Key = bytes_to_num(datain + i * 6, 6); - if (mifare_classic_auth(pcs, cuid, blockNo, keyType, ui64Key, AUTH_FIRST)) { + if (mifare_classic_auth(pcs, mattyrun_cuid, blockNo, keyType, ui64Key, AUTH_FIRST)) { uint8_t dummy_answer = 0; ReaderTransmit(&dummy_answer, 1, NULL); // wait for the card to become ready again @@ -237,7 +237,7 @@ static int saMifareECardLoad(uint32_t numofsectors, uint8_t keytype) { int retval = PM3_SUCCESS; - if (!iso14443a_select_card(uid, &p_card, &cuid, true, 0, true)) { + if (!iso14443a_select_card(mattyrun_uid, &mattyrun_p_card, &mattyrun_cuid, true, 0, true)) { retval = PM3_ESOFT; DbprintfEx(FLAG_RAWPRINT, "Can't select card"); goto out; @@ -246,12 +246,12 @@ static int saMifareECardLoad(uint32_t numofsectors, uint8_t keytype) { for (uint8_t s = 0; s < numSectors; s++) { uint64_t ui64Key = emlGetKey(s, keyType); if (s == 0) { - if (mifare_classic_auth(pcs, cuid, FirstBlockOfSector(s), keyType, ui64Key, AUTH_FIRST)) { + if (mifare_classic_auth(pcs, mattyrun_cuid, FirstBlockOfSector(s), keyType, ui64Key, AUTH_FIRST)) { retval = PM3_ESOFT; break; } } else { - if (mifare_classic_auth(pcs, cuid, FirstBlockOfSector(s), keyType, ui64Key, AUTH_NESTED)) { + if (mifare_classic_auth(pcs, mattyrun_cuid, FirstBlockOfSector(s), keyType, ui64Key, AUTH_NESTED)) { retval = PM3_ESOFT; break; } @@ -259,7 +259,7 @@ static int saMifareECardLoad(uint32_t numofsectors, uint8_t keytype) { // failure to read one block, skips to next sector. for (uint8_t blockNo = 0; blockNo < NumBlocksPerSector(s); blockNo++) { - if (mifare_classic_readblock(pcs, cuid, FirstBlockOfSector(s) + blockNo, dataoutbuf)) { + if (mifare_classic_readblock(pcs, mattyrun_cuid, FirstBlockOfSector(s) + blockNo, dataoutbuf)) { retval = PM3_ESOFT; break; }; @@ -275,7 +275,7 @@ static int saMifareECardLoad(uint32_t numofsectors, uint8_t keytype) { } } - int res = mifare_classic_halt(pcs, cuid); + int res = mifare_classic_halt(pcs, mattyrun_cuid); (void)res; out: @@ -400,7 +400,7 @@ void RunMod(void) { } // Pretty print of the keys to be checked. - if (printKeys) { + if (mattyrun_printKeys) { Dbprintf("[+] Printing mf keys"); for (uint8_t keycnt = 0; keycnt < mfKeysCnt; keycnt++) Dbprintf("[-] chk mf key[%2d] %02x%02x%02x%02x%02x%02x", keycnt, @@ -503,7 +503,7 @@ void RunMod(void) { Dbprintf("\t [✓] Found keys have been transferred to the emulator memory."); - if (ecfill) { + if (mattyrun_ecfill) { int filled; Dbprintf("\tFilling in with key A."); @@ -530,12 +530,12 @@ void RunMod(void) { uint16_t simflags = FLAG_UID_IN_EMUL | FLAG_MF_1K; SpinOff(1000); - Mifare1ksim(simflags, 0, uid, 0, 0); + Mifare1ksim(simflags, 0, mattyrun_uid, 0, 0); LED_B_OFF(); Dbprintf("\t [✓] Simulation ended"); // Needs further testing. - if (fillFromEmulator) { + if (mattyrun_fillFromEmulator) { uint8_t retry = 5; Dbprintf("\t Trying to dump into blank card."); int flags = 0; diff --git a/armsrc/Standalone/lf_em4100emul.c b/armsrc/Standalone/lf_em4100emul.c index b77f5e2e1..8412b4a50 100644 --- a/armsrc/Standalone/lf_em4100emul.c +++ b/armsrc/Standalone/lf_em4100emul.c @@ -23,11 +23,10 @@ #define MAX_IND 16 // 4 LEDs - 2^4 combinations #define LF_CLOCK 64 // for 125kHz -// low & high - array for storage IDs. Its length must be equal. -// Predefined IDs must be stored in low[]. -static uint64_t low[] = {0x565A1140BE, 0x365A398149, 0x5555555555, 0xFFFFFFFFFF}; -static uint8_t slots_count; -static int buflen; +// Predefined IDs must be stored in em4100emul_low[]. +static uint64_t em4100emul_low[] = {0x565A1140BE, 0x365A398149, 0x5555555555, 0xFFFFFFFFFF}; +static uint8_t em4100emul_slots_count; +static int em4100emul_buflen; void ModInfo(void) { DbpString(" LF EM4100 simulator standalone mode"); @@ -43,10 +42,10 @@ static uint64_t rev_quads(uint64_t bits) { static void fill_buff(uint8_t bit) { uint8_t *bba = BigBuf_get_addr(); - memset(bba + buflen, bit, LF_CLOCK / 2); - buflen += (LF_CLOCK / 2); - memset(bba + buflen, bit ^ 1, LF_CLOCK / 2); - buflen += (LF_CLOCK / 2); + memset(bba + em4100emul_buflen, bit, LF_CLOCK / 2); + em4100emul_buflen += (LF_CLOCK / 2); + memset(bba + em4100emul_buflen, bit ^ 1, LF_CLOCK / 2); + em4100emul_buflen += (LF_CLOCK / 2); } static void construct_EM410x_emul(uint64_t id) { @@ -54,7 +53,7 @@ static void construct_EM410x_emul(uint64_t id) { int i, j; int binary[4] = {0, 0, 0, 0}; int parity[4] = {0, 0, 0, 0}; - buflen = 0; + em4100emul_buflen = 0; for (i = 0; i < 9; i++) fill_buff(1); @@ -79,10 +78,10 @@ static void construct_EM410x_emul(uint64_t id) { static void LED_Slot(int i) { LEDsoff(); - if (slots_count > 4) { - LED(i % MAX_IND, 0); //binary indication for slots_count > 4 + if (em4100emul_slots_count > 4) { + LED(i % MAX_IND, 0); //binary indication for em4100emul_slots_count > 4 } else { - LED(1 << i, 0); //simple indication for slots_count <=4 + LED(1 << i, 0); //simple indication for em4100emul_slots_count <=4 } } @@ -92,7 +91,7 @@ void RunMod(void) { Dbprintf("[=] >> LF EM4100 simulator started <<"); int selected = 0; //selected slot after start - slots_count = ARRAYLEN(low); + em4100emul_slots_count = ARRAYLEN(em4100emul_low); for (;;) { WDT_HIT(); if (data_available()) break; @@ -100,8 +99,8 @@ void RunMod(void) { SpinDelay(100); SpinUp(100); LED_Slot(selected); - construct_EM410x_emul(rev_quads(low[selected])); - SimulateTagLowFrequency(buflen, 0, true); - selected = (selected + 1) % slots_count; + construct_EM410x_emul(rev_quads(em4100emul_low[selected])); + SimulateTagLowFrequency(em4100emul_buflen, 0, true); + selected = (selected + 1) % em4100emul_slots_count; } } diff --git a/armsrc/Standalone/lf_em4100rswb.c b/armsrc/Standalone/lf_em4100rswb.c index 5cb77be89..6f6b5e223 100644 --- a/armsrc/Standalone/lf_em4100rswb.c +++ b/armsrc/Standalone/lf_em4100rswb.c @@ -68,15 +68,15 @@ // Predefined bruteforce speed // avg: 1s, 1.2s, 1.5s, 2s -static int bruteforceSpeedCurrent = 1; -static int bruteforceSpeed[] = {10, 12, 14, 16}; +static int em4100rswb_bruteforceSpeedCurrent = 1; +static int em4100rswb_bruteforceSpeed[] = {10, 12, 14, 16}; -// low & high - array for storage IDs. Its length must be equal. -// Predefined IDs must be stored in low[]. -// In high[] must be nulls -static uint64_t low[] = {0, 0, 0, 0}; -static uint32_t high[] = {0, 0, 0, 0}; -static int buflen; +// em4100rswb_low & em4100rswb_high - array for storage IDs. Its length must be equal. +// Predefined IDs must be stored in em4100rswb_low[]. +// In em4100rswb_high[] must be nulls +static uint64_t em4100rswb_low[] = {0, 0, 0, 0}; +static uint32_t em4100rswb_high[] = {0, 0, 0, 0}; +static int em4100rswb_buflen; void ModInfo(void) { DbpString(" LF EM4100 read/sim/write/brute mode"); @@ -92,17 +92,17 @@ static uint64_t rev_quads(uint64_t bits) { static void fill_buff(uint8_t bit) { uint8_t *bba = BigBuf_get_addr(); - memset(bba + buflen, bit, LF_CLOCK / 2); - buflen += (LF_CLOCK / 2); - memset(bba + buflen, bit ^ 1, LF_CLOCK / 2); - buflen += (LF_CLOCK / 2); + memset(bba + em4100rswb_buflen, bit, LF_CLOCK / 2); + em4100rswb_buflen += (LF_CLOCK / 2); + memset(bba + em4100rswb_buflen, bit ^ 1, LF_CLOCK / 2); + em4100rswb_buflen += (LF_CLOCK / 2); } static void construct_EM410x_emul(uint64_t id) { int i, j; int binary[4] = {0, 0, 0, 0}; int parity[4] = {0, 0, 0, 0}; - buflen = 0; + em4100rswb_buflen = 0; for (i = 0; i < 9; i++) fill_buff(1); @@ -227,7 +227,7 @@ static int BruteEMTag(uint64_t originalCard, int slot) { uint64_t currentCard = PackEmID(originalCard, cardnum); Dbprintf("[=] >> Simulating card id %"PRIx64" <<", currentCard); construct_EM410x_emul(rev_quads(currentCard)); - SimulateTagLowFrequencyEx(buflen, 0, 1, bruteforceSpeed[bruteforceSpeedCurrent] * 10000); + SimulateTagLowFrequencyEx(em4100rswb_buflen, 0, 1, em4100rswb_bruteforceSpeed[em4100rswb_bruteforceSpeedCurrent] * 10000); int button_pressed = BUTTON_CLICKED(1000); if (button_pressed == BUTTON_SINGLE_CLICK) { @@ -236,17 +236,17 @@ static int BruteEMTag(uint64_t originalCard, int slot) { } else if (button_pressed == BUTTON_DOUBLE_CLICK) { FlashLEDs(100, 10); Dbprintf("[=] >> Saving bruteforced card to current slot <<"); - low[slot] = currentCard; + em4100rswb_low[slot] = currentCard; #ifdef WITH_FLASH - SaveIDtoFlash(slot, low[slot]); + SaveIDtoFlash(slot, em4100rswb_low[slot]); #endif return LF_RWSB_BRUTE_SAVED; } else if (button_pressed == BUTTON_HOLD) { FlashLEDs(100, 1); WAIT_BUTTON_RELEASED(); - bruteforceSpeedCurrent = (bruteforceSpeedCurrent + 1) % speed_count; - FlashLEDs(100, bruteforceSpeedCurrent + 1); - Dbprintf("[=] >> Setting speed to %d (%d) <<", bruteforceSpeedCurrent, bruteforceSpeed[bruteforceSpeedCurrent]); + em4100rswb_bruteforceSpeedCurrent = (em4100rswb_bruteforceSpeedCurrent + 1) % speed_count; + FlashLEDs(100, em4100rswb_bruteforceSpeedCurrent + 1); + Dbprintf("[=] >> Setting speed to %d (%d) <<", em4100rswb_bruteforceSpeedCurrent, em4100rswb_bruteforceSpeed[em4100rswb_bruteforceSpeedCurrent]); } } return LF_RWSB_BRUTE_STOPED; @@ -260,27 +260,27 @@ static int ExecuteMode(int mode, int slot) { //default first mode is simulate case LF_RWSB_MODE_READ: Dbprintf("[=] >> Read mode started <<"); - lf_em410x_watch(1, &high[slot], &low[slot], true); + lf_em410x_watch(1, &em4100rswb_high[slot], &em4100rswb_low[slot], true); LED_Update(mode, slot); Dbprintf("[=] >> Tag found. Saving. <<"); FlashLEDs(100, 5); - PrintFcAndCardNum(low[slot]); + PrintFcAndCardNum(em4100rswb_low[slot]); #ifdef WITH_FLASH - SaveIDtoFlash(slot, low[slot]); + SaveIDtoFlash(slot, em4100rswb_low[slot]); #endif return LF_RWSB_UNKNOWN_RESULT; case LF_RWSB_MODE_SIM: Dbprintf("[=] >> Sim mode started <<"); - construct_EM410x_emul(rev_quads(low[slot])); - SimulateTagLowFrequency(buflen, 0, true); + construct_EM410x_emul(rev_quads(em4100rswb_low[slot])); + SimulateTagLowFrequency(em4100rswb_buflen, 0, true); return LF_RWSB_UNKNOWN_RESULT; case LF_RWSB_MODE_WRITE: Dbprintf("[!!] >> Write mode started <<"); - copy_em410x_to_t55xx(LF_RWSB_T55XX_TYPE, LF_CLOCK, (uint32_t)(low[slot] >> 32), (uint32_t)(low[slot] & 0xffffffff), true); + copy_em410x_to_t55xx(LF_RWSB_T55XX_TYPE, LF_CLOCK, (uint32_t)(em4100rswb_low[slot] >> 32), (uint32_t)(em4100rswb_low[slot] & 0xffffffff), true); return LF_RWSB_UNKNOWN_RESULT; case LF_RWSB_MODE_BRUTE: Dbprintf("[=] >> Bruteforce mode started <<"); - return BruteEMTag(low[slot], slot); + return BruteEMTag(em4100rswb_low[slot], slot); } return LF_RWSB_UNKNOWN_RESULT; } diff --git a/armsrc/Standalone/lf_em4100rwc.c b/armsrc/Standalone/lf_em4100rwc.c index 92648622f..fdcd0b7c6 100644 --- a/armsrc/Standalone/lf_em4100rwc.c +++ b/armsrc/Standalone/lf_em4100rwc.c @@ -36,13 +36,13 @@ #define MAX_IND 16 // 4 LEDs - 2^4 combinations #define LF_CLOCK 64 // for 125kHz -// low & high - array for storage IDs. Its length must be equal. -// Predefined IDs must be stored in low[]. -// In high[] must be nulls -static uint64_t low[] = {0x565AF781C7, 0x540053E4E2, 0x1234567890, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; -static uint32_t high[] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; -static uint8_t slots_count; -static int buflen; +// em4100rwc_low & em4100rwc_high - array for storage IDs. Its length must be equal. +// Predefined IDs must be stored in em4100rwc_low[]. +// In em4100rwc_high[] must be nulls +static uint64_t em4100rwc_low[] = {0x565AF781C7, 0x540053E4E2, 0x1234567890, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +static uint32_t em4100rwc_high[] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +static uint8_t em4100rwc_slots_count; +static int em4100rwc_buflen; void ModInfo(void) { DbpString(" LF EM4100 read/write/clone mode"); @@ -58,10 +58,10 @@ static uint64_t rev_quads(uint64_t bits) { static void fill_buff(uint8_t bit) { uint8_t *bba = BigBuf_get_addr(); - memset(bba + buflen, bit, LF_CLOCK / 2); - buflen += (LF_CLOCK / 2); - memset(bba + buflen, bit ^ 1, LF_CLOCK / 2); - buflen += (LF_CLOCK / 2); + memset(bba + em4100rwc_buflen, bit, LF_CLOCK / 2); + em4100rwc_buflen += (LF_CLOCK / 2); + memset(bba + em4100rwc_buflen, bit ^ 1, LF_CLOCK / 2); + em4100rwc_buflen += (LF_CLOCK / 2); } static void construct_EM410x_emul(uint64_t id) { @@ -69,7 +69,7 @@ static void construct_EM410x_emul(uint64_t id) { int i, j; int binary[4] = {0, 0, 0, 0}; int parity[4] = {0, 0, 0, 0}; - buflen = 0; + em4100rwc_buflen = 0; for (i = 0; i < 9; i++) fill_buff(1); @@ -94,10 +94,10 @@ static void construct_EM410x_emul(uint64_t id) { static void led_slot(int i) { LEDsoff(); - if (slots_count > 4) { - LED(i % MAX_IND, 0); //binary indication, usefully for slots_count > 4 + if (em4100rwc_slots_count > 4) { + LED(i % MAX_IND, 0); //binary indication, usefully for em4100rwc_slots_count > 4 } else { - LED(1 << i, 0); //simple indication for slots_count <=4 + LED(1 << i, 0); //simple indication for em4100rwc_slots_count <=4 } } @@ -138,7 +138,7 @@ void RunMod(void) { // 2 - simulate tag from selected slot // 3 - write to T5555 tag uint8_t state = 0; - slots_count = ARRAYLEN(low); + em4100rwc_slots_count = ARRAYLEN(em4100rwc_low); led_slot(selected); for (;;) { @@ -159,7 +159,7 @@ void RunMod(void) { state = 2; } else if (button_pressed == BUTTON_SINGLE_CLICK) { // Click - switch to next slot - selected = (selected + 1) % slots_count; + selected = (selected + 1) % em4100rwc_slots_count; led_slot(selected); } break; @@ -172,10 +172,10 @@ void RunMod(void) { state = 3; } else if (button_pressed == BUTTON_SINGLE_CLICK) { // Click - exit to select mode - lf_em410x_watch(1, &high[selected], &low[selected], true); + lf_em410x_watch(1, &em4100rwc_high[selected], &em4100rwc_low[selected], true); flash_leds(100, 5); #ifdef WITH_FLASH - SaveIDtoFlash(selected, low[selected]); + SaveIDtoFlash(selected, em4100rwc_low[selected]); #endif state = 0; } @@ -191,10 +191,10 @@ void RunMod(void) { // Click - start simulating. Click again to exit from simulate mode led_slot(selected); - construct_EM410x_emul(rev_quads(low[selected])); + construct_EM410x_emul(rev_quads(em4100rwc_low[selected])); flash_leds(100, 5); - SimulateTagLowFrequency(buflen, 0, true); + SimulateTagLowFrequency(em4100rwc_buflen, 0, true); led_slot(selected); state = 0; // Switch to select mode } @@ -208,7 +208,7 @@ void RunMod(void) { state = 0; } else if (button_pressed == BUTTON_SINGLE_CLICK) { // Click - write ID to tag - copy_em410x_to_t55xx(0, LF_CLOCK, (uint32_t)(low[selected] >> 32), (uint32_t)(low[selected] & 0xffffffff), true); + copy_em410x_to_t55xx(0, LF_CLOCK, (uint32_t)(em4100rwc_low[selected] >> 32), (uint32_t)(em4100rwc_low[selected] & 0xffffffff), true); led_slot(selected); state = 0; // Switch to select mode } diff --git a/armsrc/Standalone/readme.md b/armsrc/Standalone/readme.md index 69880f1a3..dee415ffa 100644 --- a/armsrc/Standalone/readme.md +++ b/armsrc/Standalone/readme.md @@ -5,8 +5,9 @@ This contains functionality for different StandAlone modes. The fullimage will b If you want to implement a new standalone mode, you need to implement the methods provided in `standalone.h`. Have a look at the skeleton standalone mode, in the file `lf_skeleton.c`. -As it is now, you can only have one standalone mode installed at the time. +As it is now, you can only have one standalone mode installed at the time unless you use the dankarmulti mode (see `dankarmulti.c` on how to use it). +To avoid clashes between standalone modes, protect all your static variables with a specific namespace. See how it is done in the existing standalone modes. ## Implementing a standalone mode We suggest you keep your standalone code inside the `armsrc/Standalone` folder. And that you name your files according to your standalone mode name.