From cfc83323212a506e56b6ac0f8aca214a5677a449 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Sun, 25 Apr 2021 10:55:39 +0200 Subject: [PATCH] text --- CHANGELOG.md | 1 + client/src/cmdlfem4x05.h | 1 + client/src/cmdlfidteck.c | 75 +++++++++++++++++++++++++++++++++++-- client/src/cmdlfio.c | 3 +- client/src/cmdlfjablotron.c | 3 +- client/src/cmdlft55xx.c | 2 +- client/src/cmdlft55xx.h | 1 + 7 files changed, 79 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0764ec252..d6fb5596f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file. This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... ## [unreleased][unreleased] + - Added `lf idteck clone` - now supports creating using raw values (@iceman1001) - Changed calypso scripts to work with NG (@iceman1001) - Changed HF 14b - fixed timings on device side (@iceman1001) - Changed `hf 14b raw` - now uses NG (@iceman1001) diff --git a/client/src/cmdlfem4x05.h b/client/src/cmdlfem4x05.h index cdcff7896..1254c341b 100644 --- a/client/src/cmdlfem4x05.h +++ b/client/src/cmdlfem4x05.h @@ -44,6 +44,7 @@ #define EM4305_MOTOROLA_CONFIG_BLOCK (EM4x05_SET_BITRATE(32) | EM4x05_MODULATION_PSK1 | EM4x05_PSK_RF_2 | EM4x05_SET_NUM_BLOCKS(2) ) // PSK1, data rate 32, 2 data blocks #define EM4305_NEXWATCH_CONFIG_BLOCK (EM4x05_SET_BITRATE(64) | EM4x05_MODULATION_PSK1 | EM4x05_PSK_RF_2 | EM4x05_SET_NUM_BLOCKS(3) ) // PSK1 data rate 16, psk carrier FC * 2, 3 data blocks #define EM4305_KERI_CONFIG_BLOCK (EM4x05_SET_BITRATE(64) | EM4x05_MODULATION_PSK1 | EM4x05_PSK_RF_2 | EM4x05_SET_NUM_BLOCKS(2) ) // PSK1, 2 data blocks +#define EM4305_IDTECK_CONFIG_BLOCK (EM4x05_SET_BITRATE(32) | EM4x05_MODULATION_PSK1 | EM4x05_PSK_RF_2 | EM4x05_SET_NUM_BLOCKS(2) ) // PSK1, 2 data blocks #define EM4305_JABLOTRON_CONFIG_BLOCK (EM4x05_SET_BITRATE(64) | EM4x05_MODULATION_BIPHASE | EM4x05_SET_NUM_BLOCKS(2) ) // Biphase, data rate 64, 2 data blocks #define EM4305_GUARDPROXII_CONFIG_BLOCK (EM4x05_SET_BITRATE(64) | EM4x05_MODULATION_BIPHASE | EM4x05_SET_NUM_BLOCKS(3) ) // Biphase, data rate 64, Direct modulation, 3 data blocks diff --git a/client/src/cmdlfidteck.c b/client/src/cmdlfidteck.c index 9a1eb0c93..ffd66006b 100644 --- a/client/src/cmdlfidteck.c +++ b/client/src/cmdlfidteck.c @@ -13,15 +13,17 @@ #include #include #include "common.h" -#include "cmdparser.h" // command_t +#include "cmdparser.h" // command_t #include "comms.h" #include "ui.h" #include "cmddata.h" #include "cmdlf.h" #include "lfdemod.h" -#include "commonutil.h" // num_to_bytes +#include "commonutil.h" // num_to_bytes #include "cliparser.h" -#include "cmdlfem4x05.h" // EM defines +#include "cmdlfem4x05.h" // EM defines +#include "protocols.h" // T55x7 defines +#include "cmdlft55xx.h" // verifywrite static int CmdHelp(const char *Cmd); @@ -101,6 +103,71 @@ static int CmdIdteckDemod(const char *Cmd) { return demodIdteck(true); } +static int CmdIdteckClone(const char *Cmd) { + CLIParserContext *ctx; + CLIParserInit(&ctx, "lf idteck clone", + "clone a Idteck tag to T55x7 or Q5/T5555 tag\n" + "Tag must be on the antenna when issuing this command.", + "lf idteck clone --raw 4944544B351FBE4B" + ); + void *argtable[] = { + arg_param_begin, + arg_strx0("r", "raw", "", "raw bytes"), + arg_lit0(NULL, "q5", "optional - specify writing to Q5/T5555 tag"), + arg_lit0(NULL, "em", "optional - specify writing to EM4305/4469 tag"), + arg_param_end + }; + CLIExecWithReturn(ctx, Cmd, argtable, false); + + int raw_len = 0; + uint8_t raw[8] = {0}; + CLIGetHexWithReturn(ctx, 1, raw, &raw_len); + + bool q5 = arg_get_lit(ctx, 2); + bool em = arg_get_lit(ctx, 3); + CLIParserFree(ctx); + + if (q5 && em) { + PrintAndLogEx(FAILED, "Can't specify both Q5 and EM4305 at the same time"); + return PM3_EINVARG; + } + + uint32_t blocks[3] = {T55x7_MODULATION_PSK1 | T55x7_BITRATE_RF_32 | 2 << T55x7_MAXBLOCK_SHIFT, 0, 0}; + char cardtype[16] = {"T55x7"}; + + // Q5 + if (q5) { + blocks[0] = T5555_FIXED | T55x7_MODULATION_PSK1 | T5555_SET_BITRATE(32) | 2 << T5555_MAXBLOCK_SHIFT; + snprintf(cardtype, sizeof(cardtype), "Q5/T5555"); + } + + if (em) { + blocks[0] = EM4305_IDTECK_CONFIG_BLOCK; + snprintf(cardtype, sizeof(cardtype), "EM4305/4469"); + } + + for (uint8_t i = 1; i < ARRAYLEN(blocks); i++) { + blocks[i] = bytes_to_num(raw + ((i - 1) * 4), sizeof(uint32_t)); + } + + // config for Indala 64 format (RF/32;PSK1 with RF/2;Maxblock=2) + PrintAndLogEx(INFO, "Preparing to clone Idteck to " _YELLOW_("%s") " raw " _GREEN_("%s") + , cardtype + , sprint_hex_inrow(raw, raw_len) + ); + print_blocks(blocks, ARRAYLEN(blocks)); + + int res; + if (em) { + res = em4x05_clone_tag(blocks, ARRAYLEN(blocks), 0, false); + } else { + res = clone_t55xx_tag(blocks, ARRAYLEN(blocks)); + } + PrintAndLogEx(SUCCESS, "Done"); + PrintAndLogEx(HINT, "Hint: try " _YELLOW_("`lf idteck reader`") " to verify"); + return res; +} + static int CmdIdteckReader(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "lf idteck reader", @@ -133,6 +200,7 @@ static command_t CommandTable[] = { {"help", CmdHelp, AlwaysAvailable, "This help"}, {"demod", CmdIdteckDemod, AlwaysAvailable, "demodulate an Idteck tag from the GraphBuffer"}, {"reader", CmdIdteckReader, IfPm3Lf, "attempt to read and extract tag data"}, + {"clone", CmdIdteckClone, IfPm3Lf, "clone ioProx tag to T55x7 or Q5/T5555"}, {NULL, NULL, NULL, NULL} }; @@ -148,7 +216,6 @@ int CmdLFIdteck(const char *Cmd) { } // Find IDTEC PSK1, RF Preamble == 0x4944544B, Demodsize 64bits -// by iceman int detectIdteck(uint8_t *dest, size_t *size) { //make sure buffer has data if (*size < 64 * 2) return -1; diff --git a/client/src/cmdlfio.c b/client/src/cmdlfio.c index 3752522ad..b32fee7f1 100644 --- a/client/src/cmdlfio.c +++ b/client/src/cmdlfio.c @@ -256,7 +256,8 @@ static int CmdIOProxClone(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "lf io clone", - "Enables simulation of ioProx card with specified facility-code and card number.\n" + "clone a ioProx card with specified facility-code and card number\n" + "to a T55x7, Q5/T5555 or EM4305/4469 tag.\n" "Tag must be on the antenna when issuing this command.", "lf io clone --vn 1 --fc 101 --cn 1337" ); diff --git a/client/src/cmdlfjablotron.c b/client/src/cmdlfjablotron.c index d432f1f30..f7db7169e 100644 --- a/client/src/cmdlfjablotron.c +++ b/client/src/cmdlfjablotron.c @@ -152,7 +152,8 @@ static int CmdJablotronClone(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "lf jablotron clone", - "clone a Jablotron tag to a T55x7, Q5/T5555 or EM4305/4469 tag.", + "clone a Jablotron tag to a T55x7, Q5/T5555 or EM4305/4469 tag.\n" + "Tag must be on the antenna when issuing this command.", "lf jablotron clone --cn 01b669\n" "lf jablotron clone --q5 --cn 01b669 -> encode for Q5/T5555 tag\n" "lf jablotron clone --em --cn 01b669 -> encode for EM4305/4469" diff --git a/client/src/cmdlft55xx.c b/client/src/cmdlft55xx.c index 06c4e2e34..d0df0dc58 100644 --- a/client/src/cmdlft55xx.c +++ b/client/src/cmdlft55xx.c @@ -1945,7 +1945,7 @@ static void printT5x7KnownBlock0(uint32_t b0) { snprintf(s + strlen(s), sizeof(s) - strlen(s), "Pyramid "); break; case T55X7_INDALA_64_CONFIG_BLOCK: - snprintf(s + strlen(s), sizeof(s) - strlen(s), "Indala 64, Motorola"); + snprintf(s + strlen(s), sizeof(s) - strlen(s), "Indala 64, Motorola, Idteck"); break; case T55X7_INDALA_224_CONFIG_BLOCK: snprintf(s + strlen(s), sizeof(s) - strlen(s), "Indala 224 "); diff --git a/client/src/cmdlft55xx.h b/client/src/cmdlft55xx.h index d9061d039..ea24d895f 100644 --- a/client/src/cmdlft55xx.h +++ b/client/src/cmdlft55xx.h @@ -52,6 +52,7 @@ #define T55X7_MOTOROLA_CONFIG_BLOCK 0x00081040 // PSK1, data rate 32, 2 data blocks #define T55X7_NEXWATCH_CONFIG_BLOCK 0x00081060 // PSK1 data rate 16, psk carrier FC * 2, 3 data blocks #define T55X7_KERI_CONFIG_BLOCK 0x603E1040 // PSK1, 2 data blocks +#define T55X7_IDTECK_CONFIG_BLOCK 0x00081040 // PSK1, data rate 32, 2 data blocks #define T55X7_JABLOTRON_CONFIG_BLOCK 0x00158040 // Biphase, data rate 64, 2 data blocks #define T55X7_GUARDPROXII_CONFIG_BLOCK 0x00150060 // Biphase, data rate 64, Direct modulation, 3 data blocks