github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-20 13:23:51 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Merge branch 'master' into feature/iso15693-standalone

Browse source
This commit is contained in:
Iceman 2021-05-06 00:23:33 +02:00 committed by GitHub
commit d0f2f6622b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
31 changed files with 352 additions and 299 deletions
Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -4,6 +4,7 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
## [unreleased][unreleased] ## [unreleased][unreleased]
- Added `HF_TMUDFORD` standalone mode that reads and emulates ISO15693 UID (@tmudford) - Added `HF_TMUDFORD` standalone mode that reads and emulates ISO15693 UID (@tmudford)
- Changed `hf mf wipe` - now supports enforcing sector 0 / block 0 writes (@iceman1001)
- Added `data asn1` - a command to decode ASN1 byte arrays (@iceman1001) - Added `data asn1` - a command to decode ASN1 byte arrays (@iceman1001)
- Added `hf 15 disableprivacy` - from @g3gg0 fork *WIP* (@iceman1001) - Added `hf 15 disableprivacy` - from @g3gg0 fork *WIP* (@iceman1001)
- Added `lf_ident_json.lua` - script to identify t55xx json dump files (@iceman1001) - Added `lf_ident_json.lua` - script to identify t55xx json dump files (@iceman1001)

4
armsrc/appmain.c
View file

@ -1318,7 +1318,7 @@ static void PacketReceived(PacketCommandNG *packet) {
break; break;
} }
case CMD_HF_ISO14443B_COMMAND: { case CMD_HF_ISO14443B_COMMAND: {
iso14b_raw_cmd_t *payload = (iso14b_raw_cmd_t*)packet->data.asBytes; iso14b_raw_cmd_t *payload = (iso14b_raw_cmd_t *)packet->data.asBytes;
SendRawCommand14443B_Ex(payload); SendRawCommand14443B_Ex(payload);
break; break;
} }
@ -1704,7 +1704,7 @@ static void PacketReceived(PacketCommandNG *packet) {
break; break;
} }
case CMD_HF_ICLASS_CHKKEYS: { case CMD_HF_ICLASS_CHKKEYS: {
iClass_Authentication_fast((iclass_chk_t*)packet->data.asBytes); iClass_Authentication_fast((iclass_chk_t *)packet->data.asBytes);
break; break;
} }
case CMD_HF_ICLASS_DUMP: { case CMD_HF_ICLASS_DUMP: {

8
armsrc/iso14443b.c
View file

@ -445,7 +445,7 @@ static void iso14b_set_timeout(uint32_t timeout_etu) {
// keep track of FWT, also updates the timeout // keep track of FWT, also updates the timeout
static void iso14b_set_fwt(uint8_t fwt) { static void iso14b_set_fwt(uint8_t fwt) {
iso14b_fwt = fwt; iso14b_fwt = fwt;
iso14b_set_timeout( 32 << fwt ); iso14b_set_timeout(32 << fwt);
} }
static void iso14b_set_maxframesize(uint16_t size) { static void iso14b_set_maxframesize(uint16_t size) {
@ -1370,7 +1370,7 @@ static int Get14443bAnswerFromTag(uint8_t *response, uint16_t max_len, uint32_t
break; break;
} }
if (((GetCountSspClkDelta(dma_start_time) ) > timeout) && Demod.state < DEMOD_PHASE_REF_TRAINING) { if (((GetCountSspClkDelta(dma_start_time)) > timeout) && Demod.state < DEMOD_PHASE_REF_TRAINING) {
ret = -1; ret = -1;
break; break;
} }
@ -1570,7 +1570,7 @@ int iso14443b_apdu(uint8_t const *msg, size_t msg_len, bool send_chaining, void
uint32_t fwt_temp = iso14b_fwt * wtxm; uint32_t fwt_temp = iso14b_fwt * wtxm;
// temporarily increase timeout // temporarily increase timeout
iso14b_set_timeout( (32 << fwt_temp)); iso14b_set_timeout((32 << fwt_temp));
// Transmit WTX back // Transmit WTX back
data_bytes[1] = wtxm; data_bytes[1] = wtxm;
@ -2176,7 +2176,7 @@ void SendRawCommand14443B_Ex(iso14b_raw_cmd_t *o) {
// receive buffer // receive buffer
uint8_t buf[PM3_CMD_DATA_SIZE]; uint8_t buf[PM3_CMD_DATA_SIZE];
memset(buf, 0 , sizeof(buf)); memset(buf, 0, sizeof(buf));
if (DBGLEVEL > DBG_DEBUG) { if (DBGLEVEL > DBG_DEBUG) {
Dbprintf("14b raw: param, %04x", o->flags); Dbprintf("14b raw: param, %04x", o->flags);
} }

4
armsrc/iso15693.c
View file

@ -2114,7 +2114,7 @@ void SetTag15693Uid(uint8_t *uid) {
static void init_password_15693_slixl(uint8_t *buffer, uint8_t *pwd, uint8_t *rnd) { static void init_password_15693_slixl(uint8_t *buffer, uint8_t *pwd, uint8_t *rnd) {
memcpy(buffer, pwd, 4); memcpy(buffer, pwd, 4);
if(rnd) { if (rnd) {
buffer[0] ^= rnd[0]; buffer[0] ^= rnd[0];
buffer[1] ^= rnd[1]; buffer[1] ^= rnd[1];
buffer[2] ^= rnd[0]; buffer[2] ^= rnd[0];
@ -2133,7 +2133,7 @@ static bool get_rnd_15693_slixl(uint32_t start_time, uint32_t *eof_time, uint8_t
return false; return false;
} }
if(rnd) { if (rnd) {
memcpy(rnd, &recvbuf[1], 2); memcpy(rnd, &recvbuf[1], 2);
} }
return true; return true;

2
client/src/cmdanalyse.c
View file

@ -1079,7 +1079,7 @@ static int CmdAnalyseFoo(const char *Cmd) {
return PM3_SUCCESS; return PM3_SUCCESS;
} }
static int CmdAnalyseUnits(const char* Cmd) { static int CmdAnalyseUnits(const char *Cmd) {
CLIParserContext *ctx; CLIParserContext *ctx;
CLIParserInit(&ctx, "analyse units", CLIParserInit(&ctx, "analyse units",

2
client/src/cmddata.c
View file

@ -2883,7 +2883,7 @@ static int CmdDataModulationSearch(const char *Cmd) {
return try_detect_modulation(); return try_detect_modulation();
} }
static int CmdAsn1Decoder(const char* Cmd) { static int CmdAsn1Decoder(const char *Cmd) {
CLIParserContext *ctx; CLIParserContext *ctx;
CLIParserInit(&ctx, "data asn1", CLIParserInit(&ctx, "data asn1",

4
client/src/cmdflashmem.c
View file

@ -98,7 +98,7 @@ static int rdv4_sign_write(uint8_t *signature, uint8_t slen) {
clearCommandBuffer(); clearCommandBuffer();
PacketResponseNG resp; PacketResponseNG resp;
SendCommandNG(CMD_FLASHMEM_WRITE, (uint8_t*)&payload, sizeof(payload)); SendCommandNG(CMD_FLASHMEM_WRITE, (uint8_t *)&payload, sizeof(payload));
if (WaitForResponseTimeout(CMD_FLASHMEM_WRITE, &resp, 2000) == false) { if (WaitForResponseTimeout(CMD_FLASHMEM_WRITE, &resp, 2000) == false) {
PrintAndLogEx(WARNING, "timeout while waiting for reply"); PrintAndLogEx(WARNING, "timeout while waiting for reply");
@ -285,7 +285,7 @@ static int CmdFlashMemLoad(const char *Cmd) {
.len = bytes_in_packet, .len = bytes_in_packet,
}; };
memcpy(payload.data, data + bytes_sent, bytes_in_packet); memcpy(payload.data, data + bytes_sent, bytes_in_packet);
SendCommandNG(CMD_FLASHMEM_WRITE, (uint8_t*)&payload, sizeof(payload)); SendCommandNG(CMD_FLASHMEM_WRITE, (uint8_t *)&payload, sizeof(payload));
bytes_remaining -= bytes_in_packet; bytes_remaining -= bytes_in_packet;
bytes_sent += bytes_in_packet; bytes_sent += bytes_in_packet;

48
client/src/cmdhf14b.c
View file

@ -48,7 +48,7 @@ static int switch_off_field_14b(void) {
.rawlen = 0, .rawlen = 0,
}; };
clearCommandBuffer(); clearCommandBuffer();
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)&packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)&packet, sizeof(iso14b_raw_cmd_t));
return PM3_SUCCESS; return PM3_SUCCESS;
} }
@ -354,7 +354,7 @@ static int CmdHF14BCmdRaw(const char *Cmd) {
datalen = (datalen > PM3_CMD_DATA_SIZE) ? PM3_CMD_DATA_SIZE : datalen; datalen = (datalen > PM3_CMD_DATA_SIZE) ? PM3_CMD_DATA_SIZE : datalen;
iso14b_raw_cmd_t *packet = (iso14b_raw_cmd_t*)calloc(1, sizeof(iso14b_raw_cmd_t) + datalen); iso14b_raw_cmd_t *packet = (iso14b_raw_cmd_t *)calloc(1, sizeof(iso14b_raw_cmd_t) + datalen);
if (packet == NULL) { if (packet == NULL) {
PrintAndLogEx(FAILED, "failed to allocate memory"); PrintAndLogEx(FAILED, "failed to allocate memory");
return PM3_EMALLOC; return PM3_EMALLOC;
@ -365,7 +365,7 @@ static int CmdHF14BCmdRaw(const char *Cmd) {
memcpy(packet->raw, data, datalen); memcpy(packet->raw, data, datalen);
clearCommandBuffer(); clearCommandBuffer();
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)packet, sizeof(iso14b_raw_cmd_t) + packet->rawlen); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)packet, sizeof(iso14b_raw_cmd_t) + packet->rawlen);
free(packet); free(packet);
if (read_reply == false) { if (read_reply == false) {
@ -415,7 +415,7 @@ static bool get_14b_UID(iso14b_card_select_t *card) {
PacketResponseNG resp; PacketResponseNG resp;
clearCommandBuffer(); clearCommandBuffer();
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)&packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)&packet, sizeof(iso14b_raw_cmd_t));
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT)) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT)) {
@ -428,7 +428,7 @@ static bool get_14b_UID(iso14b_card_select_t *card) {
// test 14b standard // test 14b standard
packet.flags = (ISO14B_CONNECT | ISO14B_SELECT_STD | ISO14B_DISCONNECT); packet.flags = (ISO14B_CONNECT | ISO14B_SELECT_STD | ISO14B_DISCONNECT);
clearCommandBuffer(); clearCommandBuffer();
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)&packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)&packet, sizeof(iso14b_raw_cmd_t));
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT)) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT)) {
if (resp.oldarg[0] == 0) { if (resp.oldarg[0] == 0) {
@ -762,7 +762,7 @@ static bool HF14B_Std_Info(bool verbose, bool do_aid_search) {
clearCommandBuffer(); clearCommandBuffer();
PacketResponseNG resp; PacketResponseNG resp;
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)&packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)&packet, sizeof(iso14b_raw_cmd_t));
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) {
if (verbose) { if (verbose) {
PrintAndLogEx(WARNING, "timeout while waiting for reply"); PrintAndLogEx(WARNING, "timeout while waiting for reply");
@ -815,7 +815,7 @@ static bool HF14B_ST_Info(bool verbose, bool do_aid_search) {
clearCommandBuffer(); clearCommandBuffer();
PacketResponseNG resp; PacketResponseNG resp;
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)&packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)&packet, sizeof(iso14b_raw_cmd_t));
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) {
if (verbose) { if (verbose) {
PrintAndLogEx(WARNING, "timeout while waiting for reply"); PrintAndLogEx(WARNING, "timeout while waiting for reply");
@ -870,7 +870,7 @@ static bool HF14B_st_reader(bool verbose) {
// SRx get and print general info about SRx chip from UID // SRx get and print general info about SRx chip from UID
clearCommandBuffer(); clearCommandBuffer();
PacketResponseNG resp; PacketResponseNG resp;
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)&packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)&packet, sizeof(iso14b_raw_cmd_t));
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) {
if (verbose) { if (verbose) {
PrintAndLogEx(WARNING, "timeout while waiting for reply"); PrintAndLogEx(WARNING, "timeout while waiting for reply");
@ -912,7 +912,7 @@ static bool HF14B_std_reader(bool verbose) {
// 14b get and print UID only (general info) // 14b get and print UID only (general info)
clearCommandBuffer(); clearCommandBuffer();
PacketResponseNG resp; PacketResponseNG resp;
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)&packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)&packet, sizeof(iso14b_raw_cmd_t));
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) {
if (verbose) { if (verbose) {
PrintAndLogEx(WARNING, "timeout while waiting for reply"); PrintAndLogEx(WARNING, "timeout while waiting for reply");
@ -959,7 +959,7 @@ static bool HF14B_ask_ct_reader(bool verbose) {
// 14b get and print UID only (general info) // 14b get and print UID only (general info)
clearCommandBuffer(); clearCommandBuffer();
PacketResponseNG resp; PacketResponseNG resp;
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)&packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)&packet, sizeof(iso14b_raw_cmd_t));
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) {
if (verbose) PrintAndLogEx(WARNING, "timeout while waiting for reply"); if (verbose) PrintAndLogEx(WARNING, "timeout while waiting for reply");
return false; return false;
@ -991,7 +991,7 @@ static bool HF14B_ask_ct_reader(bool verbose) {
// test for other 14b type tags (mimic another reader - don't have tags to identify) // test for other 14b type tags (mimic another reader - don't have tags to identify)
static bool HF14B_other_reader(bool verbose) { static bool HF14B_other_reader(bool verbose) {
iso14b_raw_cmd_t *packet = (iso14b_raw_cmd_t*)calloc(1, sizeof(iso14b_raw_cmd_t) + 4); iso14b_raw_cmd_t *packet = (iso14b_raw_cmd_t *)calloc(1, sizeof(iso14b_raw_cmd_t) + 4);
if (packet == NULL) { if (packet == NULL) {
PrintAndLogEx(FAILED, "failed to allocate memory"); PrintAndLogEx(FAILED, "failed to allocate memory");
return PM3_EMALLOC; return PM3_EMALLOC;
@ -1005,7 +1005,7 @@ static bool HF14B_other_reader(bool verbose) {
clearCommandBuffer(); clearCommandBuffer();
PacketResponseNG resp; PacketResponseNG resp;
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)packet, sizeof(iso14b_raw_cmd_t) + packet->rawlen); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)packet, sizeof(iso14b_raw_cmd_t) + packet->rawlen);
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) {
if (verbose) { if (verbose) {
PrintAndLogEx(WARNING, "timeout while waiting for reply"); PrintAndLogEx(WARNING, "timeout while waiting for reply");
@ -1035,7 +1035,7 @@ static bool HF14B_other_reader(bool verbose) {
packet->rawlen = 1; packet->rawlen = 1;
packet->raw[0] = ISO14443B_AUTHENTICATE; packet->raw[0] = ISO14443B_AUTHENTICATE;
clearCommandBuffer(); clearCommandBuffer();
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)packet, sizeof(iso14b_raw_cmd_t) + packet->rawlen); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)packet, sizeof(iso14b_raw_cmd_t) + packet->rawlen);
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) {
if (verbose) { if (verbose) {
PrintAndLogEx(WARNING, "timeout while waiting for reply"); PrintAndLogEx(WARNING, "timeout while waiting for reply");
@ -1064,7 +1064,7 @@ static bool HF14B_other_reader(bool verbose) {
packet->raw[0] = ISO14443B_RESET; packet->raw[0] = ISO14443B_RESET;
clearCommandBuffer(); clearCommandBuffer();
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)packet, sizeof(iso14b_raw_cmd_t) + packet->rawlen); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)packet, sizeof(iso14b_raw_cmd_t) + packet->rawlen);
free(packet); free(packet);
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) {
if (verbose) { if (verbose) {
@ -1320,7 +1320,7 @@ static int CmdHF14BDump(const char *Cmd) {
// detect blocksize from card :) // detect blocksize from card :)
PrintAndLogEx(INFO, "reading tag memory from UID " _GREEN_("%s"), sprint_hex_inrow(SwapEndian64(card.uid, card.uidlen, 8), card.uidlen)); PrintAndLogEx(INFO, "reading tag memory from UID " _GREEN_("%s"), sprint_hex_inrow(SwapEndian64(card.uid, card.uidlen, 8), card.uidlen));
iso14b_raw_cmd_t *packet = (iso14b_raw_cmd_t*)calloc(1, sizeof(iso14b_raw_cmd_t) + 2); iso14b_raw_cmd_t *packet = (iso14b_raw_cmd_t *)calloc(1, sizeof(iso14b_raw_cmd_t) + 2);
if (packet == NULL) { if (packet == NULL) {
PrintAndLogEx(FAILED, "failed to allocate memory"); PrintAndLogEx(FAILED, "failed to allocate memory");
return PM3_EMALLOC; return PM3_EMALLOC;
@ -1330,7 +1330,7 @@ static int CmdHF14BDump(const char *Cmd) {
packet->rawlen = 0; packet->rawlen = 0;
clearCommandBuffer(); clearCommandBuffer();
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)packet, sizeof(iso14b_raw_cmd_t));
PacketResponseNG resp; PacketResponseNG resp;
// select // select
@ -1338,7 +1338,7 @@ static int CmdHF14BDump(const char *Cmd) {
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, 2000)) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, 2000)) {
status = resp.oldarg[0]; status = resp.oldarg[0];
if (status < 0) { if (status < 0) {
PrintAndLogEx(FAILED, "failed to select arg0[%" PRId64 "]" , resp.oldarg[0]); PrintAndLogEx(FAILED, "failed to select arg0[%" PRId64 "]", resp.oldarg[0]);
free(packet); free(packet);
return switch_off_field_14b(); return switch_off_field_14b();
} }
@ -1359,7 +1359,7 @@ static int CmdHF14BDump(const char *Cmd) {
packet->raw[1] = blocknum & 0xFF; packet->raw[1] = blocknum & 0xFF;
clearCommandBuffer(); clearCommandBuffer();
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)packet, sizeof(iso14b_raw_cmd_t) + 2); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)packet, sizeof(iso14b_raw_cmd_t) + 2);
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, 2000)) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, 2000)) {
status = resp.oldarg[0]; status = resp.oldarg[0];
@ -1567,19 +1567,19 @@ static int select_card_14443b_4(bool disconnect, iso14b_card_select_t *card) {
}; };
// Anticollision + SELECT STD card // Anticollision + SELECT STD card
PacketResponseNG resp; PacketResponseNG resp;
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)&packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)&packet, sizeof(iso14b_raw_cmd_t));
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) {
PrintAndLogEx(INFO, "Trying 14B Select SRx"); PrintAndLogEx(INFO, "Trying 14B Select SRx");
// Anticollision + SELECT SR card // Anticollision + SELECT SR card
packet.flags = (ISO14B_CONNECT | ISO14B_SELECT_SR); packet.flags = (ISO14B_CONNECT | ISO14B_SELECT_SR);
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)&packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)&packet, sizeof(iso14b_raw_cmd_t));
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) {
PrintAndLogEx(INFO, "Trying 14B Select CTS"); PrintAndLogEx(INFO, "Trying 14B Select CTS");
// Anticollision + SELECT ASK C-Ticket card // Anticollision + SELECT ASK C-Ticket card
packet.flags = (ISO14B_CONNECT | ISO14B_SELECT_CTS); packet.flags = (ISO14B_CONNECT | ISO14B_SELECT_CTS);
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)&packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)&packet, sizeof(iso14b_raw_cmd_t));
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) {
PrintAndLogEx(ERR, "connection timeout"); PrintAndLogEx(ERR, "connection timeout");
switch_off_field_14b(); switch_off_field_14b();
@ -1627,7 +1627,7 @@ static int handle_14b_apdu(bool chainingin, uint8_t *datain, int datainlen,
return selres; return selres;
} }
iso14b_raw_cmd_t *packet = (iso14b_raw_cmd_t*)calloc(1, sizeof(iso14b_raw_cmd_t) + datainlen); iso14b_raw_cmd_t *packet = (iso14b_raw_cmd_t *)calloc(1, sizeof(iso14b_raw_cmd_t) + datainlen);
if (packet == NULL) { if (packet == NULL) {
PrintAndLogEx(FAILED, "APDU: failed to allocate memory"); PrintAndLogEx(FAILED, "APDU: failed to allocate memory");
return PM3_EMALLOC; return PM3_EMALLOC;
@ -1656,9 +1656,9 @@ static int handle_14b_apdu(bool chainingin, uint8_t *datain, int datainlen,
if (datain) { if (datain) {
packet->rawlen = datainlen; packet->rawlen = datainlen;
memcpy(packet->raw, datain, datainlen); memcpy(packet->raw, datain, datainlen);
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)packet, sizeof(iso14b_raw_cmd_t) + packet->rawlen); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)packet, sizeof(iso14b_raw_cmd_t) + packet->rawlen);
} else { } else {
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)packet, sizeof(iso14b_raw_cmd_t));
} }
free(packet); free(packet);
PacketResponseNG resp; PacketResponseNG resp;

2
client/src/cmdhf15.c
View file

@ -2174,7 +2174,7 @@ static int CmdHF15SlixDisable(const char *Cmd) {
return PM3_ESOFT; return PM3_ESOFT;
} }
switch(resp.status) { switch (resp.status) {
case PM3_ETIMEOUT: { case PM3_ETIMEOUT: {
PrintAndLogEx(WARNING, "no tag found"); PrintAndLogEx(WARNING, "no tag found");
break; break;

14
client/src/cmdhfcryptorf.c
View file

@ -42,7 +42,7 @@ static int switch_off_field_cryptorf(void) {
.rawlen = 0, .rawlen = 0,
}; };
clearCommandBuffer(); clearCommandBuffer();
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)&packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)&packet, sizeof(iso14b_raw_cmd_t));
return PM3_SUCCESS; return PM3_SUCCESS;
} }
@ -105,7 +105,7 @@ static bool get_14b_UID(iso14b_card_select_t *card) {
.rawlen = 0, .rawlen = 0,
}; };
clearCommandBuffer(); clearCommandBuffer();
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)&packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)&packet, sizeof(iso14b_raw_cmd_t));
PacketResponseNG resp; PacketResponseNG resp;
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT)) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT)) {
if (resp.oldarg[0] == 0) { if (resp.oldarg[0] == 0) {
@ -130,7 +130,7 @@ static int infoHFCryptoRF(bool verbose) {
}; };
// 14b get and print UID only (general info) // 14b get and print UID only (general info)
clearCommandBuffer(); clearCommandBuffer();
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)&packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)&packet, sizeof(iso14b_raw_cmd_t));
PacketResponseNG resp; PacketResponseNG resp;
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, TIMEOUT) == false) {
if (verbose) { if (verbose) {
@ -197,7 +197,7 @@ int readHFCryptoRF(bool loop, bool verbose) {
.rawlen = 0, .rawlen = 0,
}; };
clearCommandBuffer(); clearCommandBuffer();
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)&packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)&packet, sizeof(iso14b_raw_cmd_t));
PacketResponseNG resp; PacketResponseNG resp;
if (WaitForResponseTimeout(CMD_ACK, &resp, 2000)) { if (WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
@ -300,7 +300,7 @@ static int CmdHFCryptoRFDump(const char *Cmd) {
PrintAndLogEx(INFO, "Reading memory from tag UID " _GREEN_("%s"), sprint_hex(card.uid, card.uidlen)); PrintAndLogEx(INFO, "Reading memory from tag UID " _GREEN_("%s"), sprint_hex(card.uid, card.uidlen));
// select tag // select tag
iso14b_raw_cmd_t *packet = (iso14b_raw_cmd_t*)calloc(1, sizeof(iso14b_raw_cmd_t) + 2); iso14b_raw_cmd_t *packet = (iso14b_raw_cmd_t *)calloc(1, sizeof(iso14b_raw_cmd_t) + 2);
if (packet == NULL) { if (packet == NULL) {
PrintAndLogEx(FAILED, "failed to allocate memory"); PrintAndLogEx(FAILED, "failed to allocate memory");
return PM3_EMALLOC; return PM3_EMALLOC;
@ -310,7 +310,7 @@ static int CmdHFCryptoRFDump(const char *Cmd) {
packet->rawlen = 0; packet->rawlen = 0;
clearCommandBuffer(); clearCommandBuffer();
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)packet, sizeof(iso14b_raw_cmd_t));
PacketResponseNG resp; PacketResponseNG resp;
// select // select
@ -339,7 +339,7 @@ static int CmdHFCryptoRFDump(const char *Cmd) {
packet->raw[1] = blocknum & 0xFF; packet->raw[1] = blocknum & 0xFF;
clearCommandBuffer(); clearCommandBuffer();
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)&packet, sizeof(iso14b_raw_cmd_t) + 2); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)&packet, sizeof(iso14b_raw_cmd_t) + 2);
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, 2000)) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, 2000)) {
status = resp.oldarg[0]; status = resp.oldarg[0];

2
client/src/cmdhfemrtd.c
View file

@ -1035,7 +1035,7 @@ static bool emrtd_connect(bool *use_14b) {
.rawlen = 0, .rawlen = 0,
}; };
clearCommandBuffer(); clearCommandBuffer();
SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t*)&packet, sizeof(iso14b_raw_cmd_t)); SendCommandNG(CMD_HF_ISO14443B_COMMAND, (uint8_t *)&packet, sizeof(iso14b_raw_cmd_t));
if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, 2000) == false) { if (WaitForResponseTimeout(CMD_HF_ISO14443B_COMMAND, &resp, 2000) == false) {
PrintAndLogEx(INFO, "timeout, no eMRTD spotted with 14b, exiting"); PrintAndLogEx(INFO, "timeout, no eMRTD spotted with 14b, exiting");
return false; return false;

6
client/src/cmdhficlass.c
View file

@ -141,7 +141,7 @@ static void iclass_upload_emul(uint8_t *d, uint16_t n, uint16_t *bytes_sent) {
payload->len = bytes_in_packet; payload->len = bytes_in_packet;
memcpy(payload->data, d + *bytes_sent, bytes_in_packet); memcpy(payload->data, d + *bytes_sent, bytes_in_packet);
SendCommandNG(CMD_HF_ICLASS_EML_MEMSET, (uint8_t*)payload, 4 + bytes_in_packet); SendCommandNG(CMD_HF_ICLASS_EML_MEMSET, (uint8_t *)payload, 4 + bytes_in_packet);
free(payload); free(payload);
bytes_remaining -= bytes_in_packet; bytes_remaining -= bytes_in_packet;
@ -3068,7 +3068,7 @@ static int CmdHFiClassCheckKeys(const char *Cmd) {
} }
uint32_t tmp_plen = sizeof(iclass_chk_t) + (4 * curr_chunk_cnt); uint32_t tmp_plen = sizeof(iclass_chk_t) + (4 * curr_chunk_cnt);
iclass_chk_t *packet = calloc(tmp_plen, sizeof(uint8_t) ); iclass_chk_t *packet = calloc(tmp_plen, sizeof(uint8_t));
if (packet == NULL) { if (packet == NULL) {
PrintAndLogEx(WARNING, "failed to allocate memory"); PrintAndLogEx(WARNING, "failed to allocate memory");
break; break;
@ -3079,7 +3079,7 @@ static int CmdHFiClassCheckKeys(const char *Cmd) {
memcpy(packet->items, (pre + chunk_offset), (4 * curr_chunk_cnt)); memcpy(packet->items, (pre + chunk_offset), (4 * curr_chunk_cnt));
clearCommandBuffer(); clearCommandBuffer();
SendCommandNG(CMD_HF_ICLASS_CHKKEYS, (uint8_t*)packet, tmp_plen); SendCommandNG(CMD_HF_ICLASS_CHKKEYS, (uint8_t *)packet, tmp_plen);
free(packet); free(packet);
bool looped = false; bool looped = false;

2
client/src/cmdhflegic.c
View file

@ -902,7 +902,7 @@ static int CmdLegicRestore(const char *Cmd) {
} }
if (shall_obsfuscate) { if (shall_obsfuscate) {
if (legic_xor(data, card.cardsize) == false){ if (legic_xor(data, card.cardsize) == false) {
PrintAndLogEx(FAILED, "Obsfuscate failed, exiting..."); PrintAndLogEx(FAILED, "Obsfuscate failed, exiting...");
PrintAndLogEx(HINT, "Try running command without `--ob` parameter"); PrintAndLogEx(HINT, "Try running command without `--ob` parameter");
free(data); free(data);

49
client/src/cmdhfmf.c
View file

@ -3538,10 +3538,10 @@ void printKeyTableEx(uint8_t sectorscnt, sector_t *e_sector, uint8_t start_secto
_YELLOW_("H") ":Hardnested / " _YELLOW_("H") ":Hardnested / "
_YELLOW_("C") ":statiCnested / " _YELLOW_("C") ":statiCnested / "
_YELLOW_("A") ":keyA " _YELLOW_("A") ":keyA "
")" " )"
); );
} else { } else {
PrintAndLogEx(SUCCESS, "( " _YELLOW_("0") ":Failed / " _YELLOW_("1") ":Success)"); PrintAndLogEx(SUCCESS, "( " _YELLOW_("0") ":Failed / " _YELLOW_("1") ":Success )");
} }
PrintAndLogEx(NORMAL, ""); PrintAndLogEx(NORMAL, "");
} }
@ -5786,23 +5786,28 @@ static int CmdHf14AMfSuperCard(const char *Cmd) {
static int CmdHF14AMfWipe(const char *Cmd) { static int CmdHF14AMfWipe(const char *Cmd) {
CLIParserContext *ctx; CLIParserContext *ctx;
CLIParserInit(&ctx, "hf mf wipe", CLIParserInit(&ctx, "hf mf wipe",
"Wipe card to zeros and default keys/acc. This command taks a key file to wipe card\n" "Wipe card to zeros and default keys/acc. This command takes a key file to wipe card\n"
"New A/B keys FF FF FF FF FF FF\n" "Will use UID from card to generate keyfile name if not specified.\n"
"New acc FF 07 80\n" "New A/B keys..... FF FF FF FF FF FF\n"
"New GDB 69", "New acc rights... FF 07 80\n"
"hf mf wipe" "New GPB.......... 69",
"hf mf wipe --> reads card uid to generate file name\n"
"hf mf wipe --gen2 --> force write to S0, B0 manufacture block\n"
"hf mf wipe -f mykey.bin --> use mykey.bin\n"
); );
void *argtable[] = { void *argtable[] = {
arg_param_begin, arg_param_begin,
arg_str0("f", "file", "<fn>", "key filename"), arg_str0("f", "file", "<fn>", "key filename"),
arg_lit0(NULL, "gen2", "force write to Sector 0, block 0 (GEN2)"),
arg_param_end arg_param_end
}; };
CLIExecWithReturn(ctx, Cmd, argtable, false); CLIExecWithReturn(ctx, Cmd, argtable, true);
int keyfnlen = 0; int keyfnlen = 0;
char keyFilename[FILE_PATH_SIZE] = {0}; char keyFilename[FILE_PATH_SIZE] = {0};
CLIParamStrToBuf(arg_get_str(ctx, 1), (uint8_t *)keyFilename, FILE_PATH_SIZE, &keyfnlen); CLIParamStrToBuf(arg_get_str(ctx, 1), (uint8_t *)keyFilename, FILE_PATH_SIZE, &keyfnlen);
bool gen2 = arg_get_lit(ctx, 2);
CLIParserFree(ctx); CLIParserFree(ctx);
char *fptr; char *fptr;
@ -5826,12 +5831,14 @@ static int CmdHF14AMfWipe(const char *Cmd) {
uint8_t keyB[MIFARE_4K_MAXSECTOR * 6]; uint8_t keyB[MIFARE_4K_MAXSECTOR * 6];
uint8_t num_sectors = 0; uint8_t num_sectors = 0;
uint8_t mf[MFBLOCK_SIZE];
switch (keyslen) { switch (keyslen) {
case (MIFARE_MINI_MAXSECTOR * 2 * 6): { case (MIFARE_MINI_MAXSECTOR * 2 * 6): {
PrintAndLogEx(INFO, "Loaded keys matching MIFARE Classic Mini 320b"); PrintAndLogEx(INFO, "Loaded keys matching MIFARE Classic Mini 320b");
memcpy(keyA, keys, (MIFARE_MINI_MAXSECTOR * 6)); memcpy(keyA, keys, (MIFARE_MINI_MAXSECTOR * 6));
memcpy(keyB, keys + (MIFARE_MINI_MAXSECTOR * 6), (MIFARE_MINI_MAXSECTOR * 6)); memcpy(keyB, keys + (MIFARE_MINI_MAXSECTOR * 6), (MIFARE_MINI_MAXSECTOR * 6));
num_sectors = NumOfSectors('0'); num_sectors = NumOfSectors('0');
memcpy(mf, "\x11\x22\x33\x44\x44\x09\x04\x00\x62\x63\x64\x65\x66\x67\x68\x69", MFBLOCK_SIZE);
break; break;
} }
case (MIFARE_1K_MAXSECTOR * 2 * 6): { case (MIFARE_1K_MAXSECTOR * 2 * 6): {
@ -5839,6 +5846,8 @@ static int CmdHF14AMfWipe(const char *Cmd) {
memcpy(keyA, keys, (MIFARE_1K_MAXSECTOR * 6)); memcpy(keyA, keys, (MIFARE_1K_MAXSECTOR * 6));
memcpy(keyB, keys + (MIFARE_1K_MAXSECTOR * 6), (MIFARE_1K_MAXSECTOR * 6)); memcpy(keyB, keys + (MIFARE_1K_MAXSECTOR * 6), (MIFARE_1K_MAXSECTOR * 6));
num_sectors = NumOfSectors('1'); num_sectors = NumOfSectors('1');
memcpy(mf, "\x11\x22\x33\x44\x44\x08\x04\x00\x62\x63\x64\x65\x66\x67\x68\x69", MFBLOCK_SIZE);
break; break;
} }
case (MIFARE_4K_MAXSECTOR * 2 * 6): { case (MIFARE_4K_MAXSECTOR * 2 * 6): {
@ -5846,6 +5855,7 @@ static int CmdHF14AMfWipe(const char *Cmd) {
memcpy(keyA, keys, (MIFARE_4K_MAXSECTOR * 6)); memcpy(keyA, keys, (MIFARE_4K_MAXSECTOR * 6));
memcpy(keyB, keys + (MIFARE_4K_MAXSECTOR * 6), (MIFARE_4K_MAXSECTOR * 6)); memcpy(keyB, keys + (MIFARE_4K_MAXSECTOR * 6), (MIFARE_4K_MAXSECTOR * 6));
num_sectors = NumOfSectors('4'); num_sectors = NumOfSectors('4');
memcpy(mf, "\x11\x22\x33\x44\x44\x18\x02\x00\x62\x63\x64\x65\x66\x67\x68\x69", MFBLOCK_SIZE);
break; break;
} }
default: { default: {
@ -5854,6 +5864,12 @@ static int CmdHF14AMfWipe(const char *Cmd) {
} }
} }
if (gen2)
PrintAndLogEx(INFO, "Forcing overwrite of sector 0 / block 0 ");
else
PrintAndLogEx(INFO, "Skipping sector 0 / block 0");
PrintAndLogEx(NORMAL, "");
uint8_t zeros[MFBLOCK_SIZE] = {0}; uint8_t zeros[MFBLOCK_SIZE] = {0};
memset(zeros, 0x00, sizeof(zeros)); memset(zeros, 0x00, sizeof(zeros));
uint8_t st[MFBLOCK_SIZE] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x07, 0x80, 0x69, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; uint8_t st[MFBLOCK_SIZE] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x07, 0x80, 0x69, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
@ -5863,6 +5879,11 @@ static int CmdHF14AMfWipe(const char *Cmd) {
for (uint8_t b = 0; b < NumBlocksPerSector(s); b++) { for (uint8_t b = 0; b < NumBlocksPerSector(s); b++) {
// Skipp write to manufacture block if not enforced
if (s == 0 && b == 0 && gen2 == false) {
continue;
}
uint8_t data[26]; uint8_t data[26];
memset(data, 0, sizeof(data)); memset(data, 0, sizeof(data));
if (mfIsSectorTrailer(b)) { if (mfIsSectorTrailer(b)) {
@ -5871,6 +5892,11 @@ static int CmdHF14AMfWipe(const char *Cmd) {
memcpy(data + 10, zeros, sizeof(zeros)); memcpy(data + 10, zeros, sizeof(zeros));
} }
// add correct manufacture block if UID Gen2
if (s == 0 && b == 0 && gen2) {
memcpy(data + 10, mf, sizeof(mf));
}
// try both A/B keys, start with B key first // try both A/B keys, start with B key first
for (int8_t kt = MF_KEY_B; kt > -1; kt--) { for (int8_t kt = MF_KEY_B; kt > -1; kt--) {
@ -5879,16 +5905,16 @@ static int CmdHF14AMfWipe(const char *Cmd) {
else else
memcpy(data, keyB + (s * 6), 6); memcpy(data, keyB + (s * 6), 6);
PrintAndLogEx(INFO, "block %3d: %s", FirstBlockOfSector(s) + b, sprint_hex(data + 10, MFBLOCK_SIZE)); PrintAndLogEx(INFO, "block %3d: %s" NOLF, FirstBlockOfSector(s) + b, sprint_hex(data + 10, MFBLOCK_SIZE));
clearCommandBuffer(); clearCommandBuffer();
SendCommandMIX(CMD_HF_MIFARE_WRITEBL, FirstBlockOfSector(s) + b, kt, 0, data, sizeof(data)); SendCommandMIX(CMD_HF_MIFARE_WRITEBL, FirstBlockOfSector(s) + b, kt, 0, data, sizeof(data));
PacketResponseNG resp; PacketResponseNG resp;
if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) { if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
uint8_t isOK = resp.oldarg[0] & 0xff; uint8_t isOK = resp.oldarg[0] & 0xff;
if (isOK == 0) { if (isOK == 0) {
PrintAndLogEx(FAILED, "isOk: %02x", isOK); PrintAndLogEx(NORMAL, "( " _RED_("fail") " )");
} else { } else {
PrintAndLogEx(NORMAL, "( " _GREEN_("ok") " )");
break; break;
} }
} else { } else {
@ -5898,6 +5924,7 @@ static int CmdHF14AMfWipe(const char *Cmd) {
} }
} }
PrintAndLogEx(NORMAL, "");
PrintAndLogEx(INFO, "Done!"); PrintAndLogEx(INFO, "Done!");
out: out:
free(keys); free(keys);

18
client/src/cmdhfmfdes.c
View file

@ -1160,12 +1160,12 @@ static int mifare_desfire_change_key(uint8_t key_no, uint8_t *new_key, uint8_t n
As such, we should be able to convert the Des to TDes then run the code as TDes As such, we should be able to convert the Des to TDes then run the code as TDes
*/ */
if (new_algo == MFDES_ALGO_DES) { if (new_algo == MFDES_ALGO_DES) {
memcpy(&new_key[8],new_key,8); memcpy(&new_key[8], new_key, 8);
new_algo = MFDES_ALGO_3DES; new_algo = MFDES_ALGO_3DES;
} }
if (old_algo == MFDES_ALGO_DES) { if (old_algo == MFDES_ALGO_DES) {
memcpy(&old_key[8],old_key,8); memcpy(&old_key[8], old_key, 8);
old_algo = MFDES_ALGO_3DES; old_algo = MFDES_ALGO_3DES;
} }
@ -1208,13 +1208,13 @@ static int mifare_desfire_change_key(uint8_t key_no, uint8_t *new_key, uint8_t n
uint8_t new_key_length = 16; uint8_t new_key_length = 16;
switch (new_algo) { switch (new_algo) {
/* /*
// We have converted the DES to 3DES above,so this will never hit // We have converted the DES to 3DES above,so this will never hit
case MFDES_ALGO_DES: case MFDES_ALGO_DES:
memcpy(data + cmdcnt + 1, new_key, new_key_length); memcpy(data + cmdcnt + 1, new_key, new_key_length);
memcpy(data + cmdcnt + 1 + new_key_length, new_key, new_key_length); memcpy(data + cmdcnt + 1 + new_key_length, new_key, new_key_length);
break; break;
*/ */
case MFDES_ALGO_3DES: case MFDES_ALGO_3DES:
case MFDES_ALGO_AES: case MFDES_ALGO_AES:
new_key_length = 16; new_key_length = 16;
@ -1259,7 +1259,7 @@ static int mifare_desfire_change_key(uint8_t key_no, uint8_t *new_key, uint8_t n
// 19 bytes // 19 bytes
//uint8_t csPkt[30] = {0x00}; //uint8_t csPkt[30] = {0x00};
csPkt[0] = 0xC4; csPkt[0] = 0xC4;
memcpy (&csPkt[1],data,18); memcpy(&csPkt[1], data, 18);
desfire_crc32(csPkt, 19, data + 1 + cmdcnt); desfire_crc32(csPkt, 19, data + 1 + cmdcnt);
} else { } else {
@ -1288,7 +1288,7 @@ static int mifare_desfire_change_key(uint8_t key_no, uint8_t *new_key, uint8_t n
apdu.Lc = (uint8_t)cmdcnt + 1; apdu.Lc = (uint8_t)cmdcnt + 1;
// apdu.data = p; // apdu.data = p;
// the above data pointed to from p did not have the key no. at the start, so copy preprocessed data after the key no. // the above data pointed to from p did not have the key no. at the start, so copy preprocessed data after the key no.
memcpy (&data[1], p, cmdcnt); memcpy(&data[1], p, cmdcnt);
apdu.data = data; apdu.data = data;
@ -1319,7 +1319,7 @@ static int mifare_desfire_change_key(uint8_t key_no, uint8_t *new_key, uint8_t n
As such !p is true and the code reports "Error on changing key"; so comment back to user until its fixed. As such !p is true and the code reports "Error on changing key"; so comment back to user until its fixed.
*/ */
if (new_algo == MFDES_ALGO_AES) { if (new_algo == MFDES_ALGO_AES) {
PrintAndLogEx(WARNING,"AES password may have been changed, please check new password with the auth command."); PrintAndLogEx(WARNING, "AES password may have been changed, please check new password with the auth command.");
} }
return PM3_ESOFT; return PM3_ESOFT;
@ -3612,10 +3612,10 @@ static int CmdHF14ADesInfo(const char *Cmd) {
static const char STANDALONE_DESFIRE[] = { 0x75, 0x77, 0x81, 0x02}; static const char STANDALONE_DESFIRE[] = { 0x75, 0x77, 0x81, 0x02};
static const char JCOP_DESFIRE[] = { 0x75, 0xf7, 0xb1, 0x02 }; static const char JCOP_DESFIRE[] = { 0x75, 0xf7, 0xb1, 0x02 };
if (str_startswith((const char*)card.ats + 1, STANDALONE_DESFIRE)) { if (str_startswith((const char *)card.ats + 1, STANDALONE_DESFIRE)) {
PrintAndLogEx(INFO, "Standalone DESFire"); PrintAndLogEx(INFO, "Standalone DESFire");
} }
if (str_startswith((const char*)card.ats + 1, JCOP_DESFIRE)) { if (str_startswith((const char *)card.ats + 1, JCOP_DESFIRE)) {
PrintAndLogEx(INFO, "JCOP DESFire"); PrintAndLogEx(INFO, "JCOP DESFire");
} }
} }

11
client/src/cmdhfmfu.c
View file

@ -154,7 +154,7 @@ static void ul_switch_on_field(void) {
static int ul_send_cmd_raw(uint8_t *cmd, uint8_t cmdlen, uint8_t *response, uint16_t responseLength) { static int ul_send_cmd_raw(uint8_t *cmd, uint8_t cmdlen, uint8_t *response, uint16_t responseLength) {
clearCommandBuffer(); clearCommandBuffer();
SendCommandOLD(CMD_HF_ISO14443A_READER, ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_APPEND_CRC | ISO14A_NO_RATS, cmdlen, 0, cmd, cmdlen); SendCommandMIX(CMD_HF_ISO14443A_READER, ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_APPEND_CRC | ISO14A_NO_RATS, cmdlen, 0, cmd, cmdlen);
PacketResponseNG resp; PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) return -1; if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) return -1;
if (!resp.oldarg[0] && responseLength) return -1; if (!resp.oldarg[0] && responseLength) return -1;
@ -3293,16 +3293,19 @@ static int CmdHF14AMfuOtpTearoff(const char *Cmd) {
lock_on = true; lock_on = true;
if ((phase_begin_clear == -1) && (bitcount32(*(uint32_t *)pre) > bitcount32(*(uint32_t *)post))) uint32_t post32 = bytes_to_num(post, 4);
uint32_t pre32 = bytes_to_num(pre, 4);
if ((phase_begin_clear == -1) && (bitcount32(pre32) > bitcount32(post32)))
phase_begin_clear = current; phase_begin_clear = current;
if ((phase_begin_clear > -1) && (phase_end_clear == -1) && (bitcount32(*(uint32_t *)post) == 0)) if ((phase_begin_clear > -1) && (phase_end_clear == -1) && (bitcount32(post32) == 0))
phase_end_clear = current; phase_end_clear = current;
if ((current == start) && (phase_end_clear > -1)) if ((current == start) && (phase_end_clear > -1))
skip_phase1 = true; skip_phase1 = true;
// new write phase must be atleast 100us later.. // new write phase must be atleast 100us later..
if (((bitcount32(*(uint32_t *)pre) == 0) || (phase_end_clear > -1)) && (phase_begin_newwr == -1) && (bitcount32(*(uint32_t *)post) != 0) && (skip_phase1 || (current > (phase_end_clear + 100)))) if (((bitcount32(pre32) == 0) || (phase_end_clear > -1)) && (phase_begin_newwr == -1) && (bitcount32(post32) != 0) && (skip_phase1 || (current > (phase_end_clear + 100))))
phase_begin_newwr = current; phase_begin_newwr = current;
if ((phase_begin_newwr > -1) && (phase_end_newwr == -1) && (memcmp(post, teardata, sizeof(teardata)) == 0)) if ((phase_begin_newwr > -1) && (phase_end_newwr == -1) && (memcmp(post, teardata, sizeof(teardata)) == 0))

2
client/src/cmdparser.c
View file

@ -329,7 +329,7 @@ void dumpCommandsRecursive(const command_t cmds[], int markdown, bool full_help)
PrintAndLogEx(NORMAL, "|`%s%-*s`|%-*s|`%s`", parent, w_cmd - (int)strlen(parent) - 2, cmds[i].Name, w_off, cmd_offline, cmds[i].Help); PrintAndLogEx(NORMAL, "|`%s%-*s`|%-*s|`%s`", parent, w_cmd - (int)strlen(parent) - 2, cmds[i].Name, w_off, cmd_offline, cmds[i].Help);
else if (full_help) { else if (full_help) {
PrintAndLogEx(NORMAL, "---------------------------------------------------------------------------------------"); PrintAndLogEx(NORMAL, "---------------------------------------------------------------------------------------");
PrintAndLogEx(NORMAL, _RED_("%s%-*s\n") "available offline: %s", parent, w_cmd - (int)strlen(parent), cmds[i].Name, cmds[i].IsAvailable()?_GREEN_("yes"):_RED_("no")); PrintAndLogEx(NORMAL, _RED_("%s%-*s\n") "available offline: %s", parent, w_cmd - (int)strlen(parent), cmds[i].Name, cmds[i].IsAvailable() ? _GREEN_("yes") : _RED_("no"));
cmds[i].Parse("--help"); cmds[i].Parse("--help");
} else { } else {
PrintAndLogEx(NORMAL, "%s%-*s|%-*s|%s", parent, w_cmd - (int)strlen(parent), cmds[i].Name, w_off, cmd_offline, cmds[i].Help); PrintAndLogEx(NORMAL, "%s%-*s|%-*s|%s", parent, w_cmd - (int)strlen(parent), cmds[i].Name, w_off, cmd_offline, cmds[i].Help);

24
client/src/crypto/asn1dump.c
View file

@ -35,6 +35,7 @@ enum asn1_tag_t {
ASN1_TAG_UTC_TIME, ASN1_TAG_UTC_TIME,
ASN1_TAG_STR_TIME, ASN1_TAG_STR_TIME,
ASN1_TAG_OBJECT_ID, ASN1_TAG_OBJECT_ID,
ASN1_TAG_HEX,
}; };
struct asn1_tag { struct asn1_tag {
@ -157,8 +158,11 @@ static void asn1_tag_dump_str_time(const struct tlv *tlv, const struct asn1_tag
} }
static void asn1_tag_dump_string(const struct tlv *tlv, const struct asn1_tag *tag, int level) { static void asn1_tag_dump_string(const struct tlv *tlv, const struct asn1_tag *tag, int level) {
PrintAndLogEx(NORMAL, " value: '" NOLF); PrintAndLogEx(NORMAL, " value: '%s'", sprint_hex(tlv->value, tlv->len));
PrintAndLogEx(NORMAL, "%s'", sprint_hex(tlv->value, tlv->len)); }
static void asn1_tag_dump_hex(const struct tlv *tlv, const struct asn1_tag *tag, int level) {
PrintAndLogEx(NORMAL, " value: '%s'", sprint_hex_inrow(tlv->value, tlv->len));
} }
static void asn1_tag_dump_octet_string(const struct tlv *tlv, const struct asn1_tag *tag, int level, bool *needdump) { static void asn1_tag_dump_octet_string(const struct tlv *tlv, const struct asn1_tag *tag, int level, bool *needdump) {
@ -170,7 +174,7 @@ static void asn1_tag_dump_octet_string(const struct tlv *tlv, const struct asn1_
} }
if (*needdump) { if (*needdump) {
PrintAndLogEx(NORMAL, "'"); PrintAndLogEx(NORMAL, "");
} else { } else {
PrintAndLogEx(NORMAL, " " NOLF); PrintAndLogEx(NORMAL, " " NOLF);
asn1_tag_dump_string(tlv, tag, level); asn1_tag_dump_string(tlv, tag, level);
@ -314,8 +318,15 @@ bool asn1_tag_dump(const struct tlv *tlv, int level, bool *candump) {
const struct asn1_tag *tag = asn1_get_tag(tlv); const struct asn1_tag *tag = asn1_get_tag(tlv);
/*
if ((tlv->tag & 0x20) == 0x20 ) {
} else if ((tlv->tag & 0x80) == 0x80 ) {
} else {
}
*/
PrintAndLogEx(INFO, PrintAndLogEx(INFO,
"%*s-- %2x [%02zx] '"_YELLOW_("%s") "' :" NOLF "%*s-- %2x [%02zx] '"_YELLOW_("%s") "'" NOLF
, (level * 4) , (level * 4)
, " " , " "
, tlv->tag , tlv->tag
@ -326,6 +337,7 @@ bool asn1_tag_dump(const struct tlv *tlv, int level, bool *candump) {
switch (tag->type) { switch (tag->type) {
case ASN1_TAG_GENERIC: case ASN1_TAG_GENERIC:
PrintAndLogEx(NORMAL, ""); PrintAndLogEx(NORMAL, "");
// maybe print number of elements?
break; break;
case ASN1_TAG_STRING: case ASN1_TAG_STRING:
asn1_tag_dump_string(tlv, tag, level); asn1_tag_dump_string(tlv, tag, level);
@ -352,6 +364,10 @@ bool asn1_tag_dump(const struct tlv *tlv, int level, bool *candump) {
asn1_tag_dump_object_id(tlv, tag, level); asn1_tag_dump_object_id(tlv, tag, level);
*candump = false; *candump = false;
break; break;
case ASN1_TAG_HEX:
asn1_tag_dump_hex(tlv, tag, level);
*candump = false;
break;
}; };
return true; return true;

2
client/src/crypto/asn1utils.c
View file

@ -65,7 +65,7 @@ static void asn1_print_cb(void *data, const struct tlv *tlv, int level, bool is_
bool candump = true; bool candump = true;
asn1_tag_dump(tlv, level, &candump); asn1_tag_dump(tlv, level, &candump);
if (is_leaf && candump) { if (is_leaf && candump) {
print_buffer(tlv->value, tlv->len, level); print_buffer(tlv->value, tlv->len, level + 1);
} }
} }

8
client/src/wiegand_formats.c
View file

@ -146,8 +146,8 @@ static bool Pack_indasc27(wiegand_card_t *card, wiegand_message_t *packed, bool
if (card->OEM > 0) return false; // Not used in this format if (card->OEM > 0) return false; // Not used in this format
packed->Length = 27; packed->Length = 27;
set_nonlinear_field(packed, card->FacilityCode, 11, (uint8_t[]) {9,4,6,5,0,7,19,8,10,16,24,12,22}); set_nonlinear_field(packed, card->FacilityCode, 11, (uint8_t[]) {9, 4, 6, 5, 0, 7, 19, 8, 10, 16, 24, 12, 22});
set_nonlinear_field(packed, card->CardNumber, 14, (uint8_t[]) {26,1,3,15,14,17,20,13,25,2,18,21,11,23}); set_nonlinear_field(packed, card->CardNumber, 14, (uint8_t[]) {26, 1, 3, 15, 14, 17, 20, 13, 25, 2, 18, 21, 11, 23});
if (preamble) if (preamble)
return add_HID_header(packed); return add_HID_header(packed);
return true; return true;
@ -158,8 +158,8 @@ static bool Unpack_indasc27(wiegand_message_t *packed, wiegand_card_t *card) {
if (packed->Length != 27) return false; // Wrong length? Stop here. if (packed->Length != 27) return false; // Wrong length? Stop here.
card->FacilityCode = get_nonlinear_field(packed, 11, (uint8_t[]) {9,4,6,5,0,7,19,8,10,16,24,12,22}); card->FacilityCode = get_nonlinear_field(packed, 11, (uint8_t[]) {9, 4, 6, 5, 0, 7, 19, 8, 10, 16, 24, 12, 22});
card->CardNumber = get_nonlinear_field(packed, 14, (uint8_t[]) {26,1,3,15,14,17,20,13,25,2,18,21,11,23}); card->CardNumber = get_nonlinear_field(packed, 14, (uint8_t[]) {26, 1, 3, 15, 14, 17, 20, 13, 25, 2, 18, 21, 11, 23});
return true; return true;
} }

4
doc/commands.md
View file

@ -115,6 +115,7 @@ Check column "offline" for their availability.
|`data zerocrossings `|Y |`Count time between zero-crossings` |`data zerocrossings `|Y |`Count time between zero-crossings`
|`data convertbitstream `|Y |`Convert GraphBuffer's 0/1 values to 127 / -127` |`data convertbitstream `|Y |`Convert GraphBuffer's 0/1 values to 127 / -127`
|`data getbitstream `|Y |`Convert GraphBuffer's >=1 values to 1 and <1 to 0` |`data getbitstream `|Y |`Convert GraphBuffer's >=1 values to 1 and <1 to 0`
|`data asn1 `|Y |`asn1 decoder`
|`data bin2hex `|Y |`Converts binary to hexadecimal` |`data bin2hex `|Y |`Converts binary to hexadecimal`
|`data bitsamples `|N |`Get raw samples as bitstring` |`data bitsamples `|N |`Get raw samples as bitstring`
|`data clear `|Y |`Clears bigbuf on deviceside and graph window` |`data clear `|Y |`Clears bigbuf on deviceside and graph window`
@ -225,6 +226,7 @@ Check column "offline" for their availability.
|`hf 15 restore `|N |`Restore from file to all memory pages of an ISO-15693 tag` |`hf 15 restore `|N |`Restore from file to all memory pages of an ISO-15693 tag`
|`hf 15 samples `|N |`Acquire samples as reader (enables carrier, sends inquiry)` |`hf 15 samples `|N |`Acquire samples as reader (enables carrier, sends inquiry)`
|`hf 15 sim `|N |`Fake an ISO-15693 tag` |`hf 15 sim `|N |`Fake an ISO-15693 tag`
|`hf 15 slixdisable `|N |`Disable privacy mode on SLIX ISO-15693 tag`
|`hf 15 wrbl `|N |`Write a block` |`hf 15 wrbl `|N |`Write a block`
|`hf 15 findafi `|N |`Brute force AFI of an ISO-15693 tag` |`hf 15 findafi `|N |`Brute force AFI of an ISO-15693 tag`
|`hf 15 writeafi `|N |`Writes the AFI on an ISO-15693 tag` |`hf 15 writeafi `|N |`Writes the AFI on an ISO-15693 tag`
@ -807,6 +809,8 @@ Check column "offline" for their availability.
|`lf idteck help `|Y |`This help` |`lf idteck help `|Y |`This help`
|`lf idteck demod `|Y |`demodulate an Idteck tag from the GraphBuffer` |`lf idteck demod `|Y |`demodulate an Idteck tag from the GraphBuffer`
|`lf idteck reader `|N |`attempt to read and extract tag data` |`lf idteck reader `|N |`attempt to read and extract tag data`
|`lf idteck clone `|N |`clone Idteck tag to T55x7 or Q5/T5555`
|`lf idteck sim `|N |`simulate Idteck tag`
### lf indala ### lf indala

2
doc/magic_cards_notes.md
View file

@ -330,6 +330,8 @@ Android compatible
``` ```
hf mf wrbl --blk 0 -k FFFFFFFFFFFF -d 11223344440804006263646566676869 hf mf wrbl --blk 0 -k FFFFFFFFFFFF -d 11223344440804006263646566676869
hf mf wipe --gen2
``` ```
When "soft-bricked" (by writing invalid data in block0), these ones may help: When "soft-bricked" (by writing invalid data in block0), these ones may help: