github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-22 06:13:51 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'master' into fix_lf_bps

Browse source 
Signed-off-by: Self Not Found <wh201906@yandex.com>
This commit is contained in:
Self Not Found 2023-01-30 07:54:11 +08:00 committed by GitHub
commit d81974e89c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
14 changed files with 490 additions and 439 deletions
Download patch file Download diff file Expand all files Collapse all files

16
CHANGELOG.md
View file

@ -3,6 +3,15 @@ All notable changes to this project will be documented in this file.
This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...
## [unreleased][unreleased] ## [unreleased][unreleased]
- Fixed the lf sampling when bits_per_sample is less than 8 (@wh201906)
## [Nitride.4.16191][2023-01-29]
- Changed `build_all_firmwares.sh` to fit GENERIC 256kb firmware images (@doegox)
- Fixed some coverity fixes (@iceman1001)
- Fixed `make accessrights` on Fedora (@mooey5775)
- Fixed `hf mfu info` - can now identify the 50 pF version of NTAG 210u(micro) (@mjacksn)
- Added `hf 15` sub-commands for controlling EAS, AFI, privacy mode, and the setting of passwords on SLIX tags (@mjacksn)
- Added new magic gen4 cards command in docs (@McEloff) - Added new magic gen4 cards command in docs (@McEloff)
- Added `hf tesla info` - intital information command to read TESLA cards (@iceman1001) - Added `hf tesla info` - intital information command to read TESLA cards (@iceman1001)
- Changed `hf emrtd info` - looking for lower case .bin extensions (@iceman1001) - Changed `hf emrtd info` - looking for lower case .bin extensions (@iceman1001)
@ -41,10 +50,7 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
- Fixed `pm3` shell script now automatically detects WSL2 with USBIPD serial ports (@iceman1001) - Fixed `pm3` shell script now automatically detects WSL2 with USBIPD serial ports (@iceman1001)
- Fixed `trace list -c` - annotation of CRC bytes now is colored or squared if no ansi colors is supported (@iceman1001) - Fixed `trace list -c` - annotation of CRC bytes now is colored or squared if no ansi colors is supported (@iceman1001)
- Fixed `trace list -t mf` - now also finds UID if anticollision is partial captured, to be used for mfkey (@iceman1001) - Fixed `trace list -t mf` - now also finds UID if anticollision is partial captured, to be used for mfkey (@iceman1001)
- Fixed `make accessrights` on Fedora (@mooey5775)
- Fixed the lf sampling when bits_per_sample is less than 8 (@wh201906)
- Fixed `hf mfu info` - can now identify the 50 pF version of NTAG 210u(micro) (@mjacksn)
- Added `hf 15` sub-commands for controlling EAS, AFI, privacy mode, and the setting of passwords on SLIX tags (@mjacksn)
## [Radium.4.15864][2022-10-29] ## [Radium.4.15864][2022-10-29]
- Changed `lf indala sim` - now accepts fc / cn (@iceman1001) - Changed `lf indala sim` - now accepts fc / cn (@iceman1001)
@ -1373,4 +1379,4 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
- iClass functionality: full simulation of iclass tags, so tags can be simulated with data (not only CSN). Not yet support for write/update, but readers do not seem to enforce update. (@holiman). - iClass functionality: full simulation of iclass tags, so tags can be simulated with data (not only CSN). Not yet support for write/update, but readers do not seem to enforce update. (@holiman).
- iClass decryption. Proxmark can now decrypt data on an iclass tag, but requires you to have the HID decryption key locally on your computer, as this is not bundled with the sourcecode. - iClass decryption. Proxmark can now decrypt data on an iclass tag, but requires you to have the HID decryption key locally on your computer, as this is not bundled with the sourcecode.
- `hf 15 info` can detect NTAG 5 tags - `hf 15 info` can detect NTAG 5 tags
- `hf 15 info` include an EAS status check on more of the icode tags which support EAS (SLI, SLIX, SLIX-L, and SLIX-S) - `hf 15 info` include an EAS status check on more of the icode tags which support EAS (SLI, SLIX, SLIX-L, and SLIX-S)

16
armsrc/appmain.c
View file

@ -455,7 +455,7 @@ static void SendCapabilities(void) {
#ifdef RDV4 #ifdef RDV4
capabilities.is_rdv4 = true; capabilities.is_rdv4 = true;
#else #else
capabilities.is_rdv4 = false; capabilities.is_rdv4 = false;
#endif #endif
@ -1296,7 +1296,7 @@ static void PacketReceived(PacketCommandNG *packet) {
case CMD_HF_ISO15693_SLIX_DISABLE_EAS: { case CMD_HF_ISO15693_SLIX_DISABLE_EAS: {
struct p { struct p {
uint8_t pwd[4]; uint8_t pwd[4];
bool usepwd; bool usepwd;
} PACKED; } PACKED;
struct p *payload = (struct p *) packet->data.asBytes; struct p *payload = (struct p *) packet->data.asBytes;
DisableEAS_AFISlixIso15693(payload->pwd, payload->usepwd); DisableEAS_AFISlixIso15693(payload->pwd, payload->usepwd);
@ -1305,7 +1305,7 @@ static void PacketReceived(PacketCommandNG *packet) {
case CMD_HF_ISO15693_SLIX_ENABLE_EAS: { case CMD_HF_ISO15693_SLIX_ENABLE_EAS: {
struct p { struct p {
uint8_t pwd[4]; uint8_t pwd[4];
bool usepwd; bool usepwd;
} PACKED; } PACKED;
struct p *payload = (struct p *) packet->data.asBytes; struct p *payload = (struct p *) packet->data.asBytes;
EnableEAS_AFISlixIso15693(payload->pwd, payload->usepwd); EnableEAS_AFISlixIso15693(payload->pwd, payload->usepwd);
@ -1333,7 +1333,7 @@ static void PacketReceived(PacketCommandNG *packet) {
struct p { struct p {
uint8_t pwd[4]; uint8_t pwd[4];
} PACKED; } PACKED;
struct p* payload = (struct p*)packet->data.asBytes; struct p *payload = (struct p *)packet->data.asBytes;
EnablePrivacySlixIso15693(payload->pwd); EnablePrivacySlixIso15693(payload->pwd);
break; break;
} }
@ -1341,7 +1341,7 @@ static void PacketReceived(PacketCommandNG *packet) {
struct p { struct p {
uint8_t pwd[4]; uint8_t pwd[4];
} PACKED; } PACKED;
struct p* payload = (struct p*)packet->data.asBytes; struct p *payload = (struct p *)packet->data.asBytes;
PassProtectAFISlixIso15693(payload->pwd); PassProtectAFISlixIso15693(payload->pwd);
break; break;
} }
@ -1353,7 +1353,7 @@ static void PacketReceived(PacketCommandNG *packet) {
bool use_uid; bool use_uid;
uint8_t afi; uint8_t afi;
} PACKED; } PACKED;
struct p* payload = (struct p*)packet->data.asBytes; struct p *payload = (struct p *)packet->data.asBytes;
WriteAFIIso15693(payload->pwd, payload->use_pwd, payload->uid, payload->use_uid, payload->afi); WriteAFIIso15693(payload->pwd, payload->use_pwd, payload->uid, payload->use_uid, payload->afi);
break; break;
} }
@ -1361,11 +1361,11 @@ static void PacketReceived(PacketCommandNG *packet) {
struct p { struct p {
uint8_t pwd[4]; uint8_t pwd[4];
} PACKED; } PACKED;
struct p* payload = (struct p*)packet->data.asBytes; struct p *payload = (struct p *)packet->data.asBytes;
PassProtextEASSlixIso15693(payload->pwd); PassProtextEASSlixIso15693(payload->pwd);
break; break;
} }
#endif #endif
#ifdef WITH_LEGICRF #ifdef WITH_LEGICRF

290
armsrc/iso15693.c
View file

@ -177,31 +177,30 @@ static void CodeIso15693AsReaderEOF(void) {
} }
static int get_uid_slix(uint32_t start_time, uint32_t* eof_time, uint8_t* uid) { static int get_uid_slix(uint32_t start_time, uint32_t *eof_time, uint8_t *uid) {
uint8_t *answer = BigBuf_malloc(ISO15693_MAX_RESPONSE_LENGTH); uint8_t *answer = BigBuf_malloc(ISO15693_MAX_RESPONSE_LENGTH);
memset(answer, 0x00, ISO15693_MAX_RESPONSE_LENGTH); memset(answer, 0x00, ISO15693_MAX_RESPONSE_LENGTH);
start_time = *eof_time + DELAY_ISO15693_VICC_TO_VCD_READER; start_time = *eof_time + DELAY_ISO15693_VICC_TO_VCD_READER;
uint8_t cmd[5] = {0}; uint8_t cmd[5] = {0};
BuildIdentifyRequest(cmd); BuildIdentifyRequest(cmd);
uint16_t recvlen = 0; uint16_t recvlen = 0;
SendDataTag(cmd, sizeof(cmd), false, true, answer, ISO15693_MAX_RESPONSE_LENGTH, start_time, ISO15693_READER_TIMEOUT, eof_time, &recvlen); SendDataTag(cmd, sizeof(cmd), false, true, answer, ISO15693_MAX_RESPONSE_LENGTH, start_time, ISO15693_READER_TIMEOUT, eof_time, &recvlen);
if(recvlen != 12) if (recvlen != 12) {
{ return PM3_ETIMEOUT;
return PM3_ETIMEOUT;
} }
uid[0] = answer[2]; uid[0] = answer[2];
uid[1] = answer[3]; uid[1] = answer[3];
uid[2] = answer[4]; uid[2] = answer[4];
uid[3] = answer[5]; uid[3] = answer[5];
uid[4] = answer[6]; uid[4] = answer[6];
uid[5] = answer[7]; uid[5] = answer[7];
uid[6] = answer[8]; uid[6] = answer[8];
uid[7] = answer[9]; uid[7] = answer[9];
BigBuf_free(); BigBuf_free();
return PM3_SUCCESS; return PM3_SUCCESS;
@ -2701,7 +2700,7 @@ static bool get_rnd_15693_Slix(uint32_t start_time, uint32_t *eof_time, uint8_t
return true; return true;
} }
static uint32_t disable_privacy_15693_Slix(uint32_t start_time, uint32_t* eof_time, uint8_t pass_id, uint8_t* password) { static uint32_t disable_privacy_15693_Slix(uint32_t start_time, uint32_t *eof_time, uint8_t pass_id, uint8_t *password) {
uint8_t rnd[2]; uint8_t rnd[2];
if (get_rnd_15693_Slix(start_time, eof_time, rnd) == false) { if (get_rnd_15693_Slix(start_time, eof_time, rnd) == false) {
@ -2723,26 +2722,26 @@ static uint32_t disable_privacy_15693_Slix(uint32_t start_time, uint32_t* eof_ti
return PM3_SUCCESS; return PM3_SUCCESS;
} }
static uint32_t set_pass_15693_Slix(uint32_t start_time, uint32_t* eof_time, uint8_t pass_id, uint8_t* password, uint8_t* uid) { static uint32_t set_pass_15693_Slix(uint32_t start_time, uint32_t *eof_time, uint8_t pass_id, uint8_t *password, uint8_t *uid) {
uint8_t rnd[2]; uint8_t rnd[2];
if (get_rnd_15693_Slix(start_time, eof_time, rnd) == false) { if (get_rnd_15693_Slix(start_time, eof_time, rnd) == false) {
return PM3_ETIMEOUT; return PM3_ETIMEOUT;
} }
// 0x04, == NXP from manufacture id list. // 0x04, == NXP from manufacture id list.
uint8_t c[] = { (ISO15_REQ_DATARATE_HIGH | ISO15_REQ_ADDRESS), ISO15693_SET_PASSWORD, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, pass_id, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; uint8_t c[] = { (ISO15_REQ_DATARATE_HIGH | ISO15_REQ_ADDRESS), ISO15693_SET_PASSWORD, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, pass_id, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
init_password_15693_Slix(&c[12], password, rnd); init_password_15693_Slix(&c[12], password, rnd);
memcpy(&c[3], uid, 8); memcpy(&c[3], uid, 8);
AddCrc15(c, 16); AddCrc15(c, 16);
start_time = *eof_time + DELAY_ISO15693_VICC_TO_VCD_READER; start_time = *eof_time + DELAY_ISO15693_VICC_TO_VCD_READER;
uint8_t recvbuf[ISO15693_MAX_RESPONSE_LENGTH]; uint8_t recvbuf[ISO15693_MAX_RESPONSE_LENGTH];
uint16_t recvlen = 0; uint16_t recvlen = 0;
int res = SendDataTag(c, sizeof(c), false, true, recvbuf, sizeof(recvbuf), start_time, ISO15693_READER_TIMEOUT_WRITE, eof_time, &recvlen); int res = SendDataTag(c, sizeof(c), false, true, recvbuf, sizeof(recvbuf), start_time, ISO15693_READER_TIMEOUT_WRITE, eof_time, &recvlen);
if (res != PM3_SUCCESS && recvlen != 3) { if (res != PM3_SUCCESS && recvlen != 3) {
return PM3_EWRONGANSWER; return PM3_EWRONGANSWER;
@ -2750,7 +2749,7 @@ static uint32_t set_pass_15693_Slix(uint32_t start_time, uint32_t* eof_time, uin
return PM3_SUCCESS; return PM3_SUCCESS;
} }
static uint32_t set_privacy_15693_Slix(uint32_t start_time, uint32_t* eof_time, uint8_t* password) { static uint32_t set_privacy_15693_Slix(uint32_t start_time, uint32_t *eof_time, uint8_t *password) {
uint8_t rnd[2]; uint8_t rnd[2];
if (get_rnd_15693_Slix(start_time, eof_time, rnd) == false) { if (get_rnd_15693_Slix(start_time, eof_time, rnd) == false) {
return PM3_ETIMEOUT; return PM3_ETIMEOUT;
@ -2771,28 +2770,26 @@ static uint32_t set_privacy_15693_Slix(uint32_t start_time, uint32_t* eof_time,
return PM3_SUCCESS; return PM3_SUCCESS;
} }
static uint32_t disable_eas_15693_Slix(uint32_t start_time, uint32_t* eof_time, uint8_t* password, bool usepwd) { static uint32_t disable_eas_15693_Slix(uint32_t start_time, uint32_t *eof_time, uint8_t *password, bool usepwd) {
uint8_t uid[8]; uint8_t uid[8];
get_uid_slix(start_time, eof_time, uid); get_uid_slix(start_time, eof_time, uid);
uint8_t rnd[2]; uint8_t rnd[2];
if (get_rnd_15693_Slix(start_time, eof_time, rnd) == false) { if (get_rnd_15693_Slix(start_time, eof_time, rnd) == false) {
return PM3_ETIMEOUT; return PM3_ETIMEOUT;
} }
if(usepwd) if (usepwd) {
{
int res_setpass = set_pass_15693_Slix(start_time, eof_time, 0x10, password, uid);
int res_setpass = set_pass_15693_Slix(start_time, eof_time, 0x10, password, uid);
if (res_setpass != PM3_SUCCESS) {
if(res_setpass != PM3_SUCCESS) return PM3_EWRONGANSWER;
{ }
return PM3_EWRONGANSWER; }
}
} // 0x04, == NXP from manufacture id list.
// 0x04, == NXP from manufacture id list.
uint8_t c[] = { ISO15_REQ_DATARATE_HIGH, 0xA3, 0x04, 0x00, 0x00}; uint8_t c[] = { ISO15_REQ_DATARATE_HIGH, 0xA3, 0x04, 0x00, 0x00};
AddCrc15(c, 3); AddCrc15(c, 3);
@ -2807,24 +2804,22 @@ static uint32_t disable_eas_15693_Slix(uint32_t start_time, uint32_t* eof_time,
} }
static uint32_t enable_eas_15693_Slix(uint32_t start_time, uint32_t* eof_time, uint8_t* password, bool usepwd) { static uint32_t enable_eas_15693_Slix(uint32_t start_time, uint32_t *eof_time, uint8_t *password, bool usepwd) {
uint8_t uid[8]; uint8_t uid[8];
get_uid_slix(start_time, eof_time, uid); get_uid_slix(start_time, eof_time, uid);
uint8_t rnd[2]; uint8_t rnd[2];
if (get_rnd_15693_Slix(start_time, eof_time, rnd) == false) { if (get_rnd_15693_Slix(start_time, eof_time, rnd) == false) {
return PM3_ETIMEOUT; return PM3_ETIMEOUT;
} }
if(usepwd) if (usepwd) {
{ int res_setpass = set_pass_15693_Slix(start_time, eof_time, 0x10, password, uid);
int res_setpass = set_pass_15693_Slix(start_time, eof_time, 0x10, password, uid);
if (res_setpass != PM3_SUCCESS) {
if(res_setpass != PM3_SUCCESS) return PM3_EWRONGANSWER;
{ }
return PM3_EWRONGANSWER;
}
} }
// 0x04, == NXP from manufacture id list. // 0x04, == NXP from manufacture id list.
uint8_t c[] = { ISO15_REQ_DATARATE_HIGH, 0xA2, 0x04, 0x00, 0x00}; uint8_t c[] = { ISO15_REQ_DATARATE_HIGH, 0xA2, 0x04, 0x00, 0x00};
@ -2841,106 +2836,100 @@ static uint32_t enable_eas_15693_Slix(uint32_t start_time, uint32_t* eof_time, u
return PM3_SUCCESS; return PM3_SUCCESS;
} }
static uint32_t write_password_15693_Slix(uint32_t start_time, uint32_t *eof_time, uint8_t pwd_id, uint8_t *password, uint8_t* uid) { static uint32_t write_password_15693_Slix(uint32_t start_time, uint32_t *eof_time, uint8_t pwd_id, uint8_t *password, uint8_t *uid) {
uint8_t new_pwd_cmd[] = { (ISO15_REQ_DATARATE_HIGH | ISO15_REQ_ADDRESS), ISO15693_WRITE_PASSWORD, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, pwd_id, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; uint8_t new_pwd_cmd[] = { (ISO15_REQ_DATARATE_HIGH | ISO15_REQ_ADDRESS), ISO15693_WRITE_PASSWORD, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, pwd_id, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
memcpy(&new_pwd_cmd[3], uid, 8); memcpy(&new_pwd_cmd[3], uid, 8);
memcpy(&new_pwd_cmd[12], password, 4); memcpy(&new_pwd_cmd[12], password, 4);
AddCrc15(new_pwd_cmd, 16); AddCrc15(new_pwd_cmd, 16);
start_time = *eof_time + DELAY_ISO15693_VICC_TO_VCD_READER; start_time = *eof_time + DELAY_ISO15693_VICC_TO_VCD_READER;
uint8_t recvbuf[ISO15693_MAX_RESPONSE_LENGTH]; uint8_t recvbuf[ISO15693_MAX_RESPONSE_LENGTH];
uint16_t recvlen = 0; uint16_t recvlen = 0;
int res_wrp = SendDataTag(new_pwd_cmd, sizeof(new_pwd_cmd), false, true, recvbuf, sizeof(recvbuf), start_time, ISO15693_READER_TIMEOUT_WRITE, eof_time, &recvlen); int res_wrp = SendDataTag(new_pwd_cmd, sizeof(new_pwd_cmd), false, true, recvbuf, sizeof(recvbuf), start_time, ISO15693_READER_TIMEOUT_WRITE, eof_time, &recvlen);
if (res_wrp != PM3_SUCCESS && recvlen != 3) { if (res_wrp != PM3_SUCCESS && recvlen != 3) {
return PM3_EWRONGANSWER; return PM3_EWRONGANSWER;
} }
return PM3_SUCCESS; return PM3_SUCCESS;
} }
static uint32_t pass_protect_EASAFI_15693_Slix(uint32_t start_time, uint32_t *eof_time, bool set_option_flag, uint8_t* password) {
uint8_t flags;
if(set_option_flag)
flags = ISO15_REQ_DATARATE_HIGH | ISO15_REQ_OPTION;
else
flags = ISO15_REQ_DATARATE_HIGH;
uint8_t uid[8];
get_uid_slix(start_time, eof_time, uid);
uint8_t rnd[2]; static uint32_t pass_protect_EASAFI_15693_Slix(uint32_t start_time, uint32_t *eof_time, bool set_option_flag, uint8_t *password) {
if (get_rnd_15693_Slix(start_time, eof_time, rnd) == false) {
return PM3_ETIMEOUT;
}
int res_setpass = set_pass_15693_Slix(start_time, eof_time, 0x10, password, uid);
if(res_setpass != PM3_SUCCESS)
{
return PM3_EWRONGANSWER;
}
uint8_t new_pass_protect_cmd[] = { flags, ISO15693_PASSWORD_PROTECT_EAS, 0x04, 0x00, 0x00}; uint8_t flags;
AddCrc15(new_pass_protect_cmd, 3);
start_time = *eof_time + DELAY_ISO15693_VICC_TO_VCD_READER;
uint8_t recvbuf[ISO15693_MAX_RESPONSE_LENGTH];
uint16_t recvlen = 0;
int res = SendDataTag(new_pass_protect_cmd, sizeof(new_pass_protect_cmd), false, true, recvbuf, sizeof(recvbuf), start_time, ISO15693_READER_TIMEOUT_WRITE, eof_time, &recvlen); if (set_option_flag)
if (res != PM3_SUCCESS && recvlen != 3) { flags = ISO15_REQ_DATARATE_HIGH | ISO15_REQ_OPTION;
return PM3_EWRONGANSWER; else
} flags = ISO15_REQ_DATARATE_HIGH;
return PM3_SUCCESS;
uint8_t uid[8];
get_uid_slix(start_time, eof_time, uid);
uint8_t rnd[2];
if (get_rnd_15693_Slix(start_time, eof_time, rnd) == false) {
return PM3_ETIMEOUT;
}
int res_setpass = set_pass_15693_Slix(start_time, eof_time, 0x10, password, uid);
if (res_setpass != PM3_SUCCESS) {
return PM3_EWRONGANSWER;
}
uint8_t new_pass_protect_cmd[] = { flags, ISO15693_PASSWORD_PROTECT_EAS, 0x04, 0x00, 0x00};
AddCrc15(new_pass_protect_cmd, 3);
start_time = *eof_time + DELAY_ISO15693_VICC_TO_VCD_READER;
uint8_t recvbuf[ISO15693_MAX_RESPONSE_LENGTH];
uint16_t recvlen = 0;
int res = SendDataTag(new_pass_protect_cmd, sizeof(new_pass_protect_cmd), false, true, recvbuf, sizeof(recvbuf), start_time, ISO15693_READER_TIMEOUT_WRITE, eof_time, &recvlen);
if (res != PM3_SUCCESS && recvlen != 3) {
return PM3_EWRONGANSWER;
}
return PM3_SUCCESS;
} }
static uint32_t write_afi_15693(uint32_t start_time, uint32_t *eof_time, uint8_t *password, bool usepwd, uint8_t *uid, bool use_uid, uint8_t afi) static uint32_t write_afi_15693(uint32_t start_time, uint32_t *eof_time, uint8_t *password, bool usepwd, uint8_t *uid, bool use_uid, uint8_t afi) {
{
if(!use_uid)
{
int res_getuid = get_uid_slix(start_time, eof_time, uid);
if(res_getuid != PM3_SUCCESS)
{
return res_getuid;
}
}
if(usepwd)
{
int res_setpass = set_pass_15693_Slix(start_time, eof_time, 0x10, password, uid);
if(res_setpass != PM3_SUCCESS)
{
return PM3_EWRONGANSWER;
}
}
uint8_t cmd[] = { ISO15_REQ_DATARATE_HIGH | ISO15_REQ_ADDRESS, ISO15693_WRITE_AFI, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
memcpy(&cmd[2], uid, 8);
cmd[10] = afi;
AddCrc15(cmd, 11);
start_time = *eof_time + DELAY_ISO15693_VICC_TO_VCD_READER;
uint8_t recvbuf[ISO15693_MAX_RESPONSE_LENGTH];
uint16_t recvlen = 0;
int res = SendDataTag(cmd, sizeof(cmd), false, true, recvbuf, sizeof(recvbuf), start_time, ISO15693_READER_TIMEOUT_WRITE, eof_time, &recvlen); if (!use_uid) {
if (res != PM3_SUCCESS || recvlen != 3) { int res_getuid = get_uid_slix(start_time, eof_time, uid);
return PM3_EWRONGANSWER;
}
return PM3_SUCCESS; if (res_getuid != PM3_SUCCESS) {
return res_getuid;
}
}
if (usepwd) {
int res_setpass = set_pass_15693_Slix(start_time, eof_time, 0x10, password, uid);
if (res_setpass != PM3_SUCCESS) {
return PM3_EWRONGANSWER;
}
}
uint8_t cmd[] = { ISO15_REQ_DATARATE_HIGH | ISO15_REQ_ADDRESS, ISO15693_WRITE_AFI, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
memcpy(&cmd[2], uid, 8);
cmd[10] = afi;
AddCrc15(cmd, 11);
start_time = *eof_time + DELAY_ISO15693_VICC_TO_VCD_READER;
uint8_t recvbuf[ISO15693_MAX_RESPONSE_LENGTH];
uint16_t recvlen = 0;
int res = SendDataTag(cmd, sizeof(cmd), false, true, recvbuf, sizeof(recvbuf), start_time, ISO15693_READER_TIMEOUT_WRITE, eof_time, &recvlen);
if (res != PM3_SUCCESS || recvlen != 3) {
return PM3_EWRONGANSWER;
}
return PM3_SUCCESS;
} }
/* /*
@ -3013,29 +3002,28 @@ static uint32_t destroy_15693_Slix(uint32_t start_time, uint32_t *eof_time, uint
*/ */
void WritePasswordSlixIso15693(uint8_t *old_password, uint8_t *new_password, uint8_t pwd_id) { void WritePasswordSlixIso15693(uint8_t *old_password, uint8_t *new_password, uint8_t pwd_id) {
LED_D_ON(); LED_D_ON();
Iso15693InitReader(); Iso15693InitReader();
StartCountSspClk(); StartCountSspClk();
uint32_t start_time = 0, eof_time = 0; uint32_t start_time = 0, eof_time = 0;
int res = PM3_EFAILED; int res = PM3_EFAILED;
uint8_t uid[8]; uint8_t uid[8];
get_uid_slix(start_time, &eof_time, uid); get_uid_slix(start_time, &eof_time, uid);
res = set_pass_15693_Slix(start_time, &eof_time, pwd_id, old_password, uid);
if (res != PM3_SUCCESS) {
reply_ng(CMD_HF_ISO15693_SLIX_WRITE_PWD, res, NULL, 0);
switch_off();
return;
}
res = write_password_15693_Slix(start_time, &eof_time, pwd_id, new_password, uid);
res = set_pass_15693_Slix(start_time, &eof_time, pwd_id, old_password, uid);
if(res != PM3_SUCCESS)
{
reply_ng(CMD_HF_ISO15693_SLIX_WRITE_PWD, res, NULL, 0); reply_ng(CMD_HF_ISO15693_SLIX_WRITE_PWD, res, NULL, 0);
switch_off();
return;
}
res = write_password_15693_Slix(start_time, &eof_time, pwd_id, new_password, uid); switch_off();
reply_ng(CMD_HF_ISO15693_SLIX_WRITE_PWD, res, NULL, 0);
switch_off();
} }
void DisablePrivacySlixIso15693(uint8_t *password) { void DisablePrivacySlixIso15693(uint8_t *password) {
@ -3053,7 +3041,7 @@ void DisablePrivacySlixIso15693(uint8_t *password) {
switch_off(); switch_off();
} }
void EnablePrivacySlixIso15693(uint8_t* password) { void EnablePrivacySlixIso15693(uint8_t *password) {
LED_D_ON(); LED_D_ON();
Iso15693InitReader(); Iso15693InitReader();
StartCountSspClk(); StartCountSspClk();
@ -3080,9 +3068,9 @@ void DisableEAS_AFISlixIso15693(uint8_t *password, bool usepwd) {
// 0x08 Destroy SLIX-L // 0x08 Destroy SLIX-L
// 0x10 EAS/AFI // 0x10 EAS/AFI
int res = disable_eas_15693_Slix(start_time, &eof_time, password, usepwd); int res = disable_eas_15693_Slix(start_time, &eof_time, password, usepwd);
reply_ng(CMD_HF_ISO15693_SLIX_DISABLE_EAS, res, NULL, 0); reply_ng(CMD_HF_ISO15693_SLIX_DISABLE_EAS, res, NULL, 0);
switch_off(); switch_off();
} }
@ -3130,4 +3118,4 @@ void WriteAFIIso15693(uint8_t *password, bool use_pwd, uint8_t *uid, bool use_ui
//int res = PM3_SUCCESS; //int res = PM3_SUCCESS;
reply_ng(CMD_HF_ISO15693_WRITE_AFI, res, NULL, 0); reply_ng(CMD_HF_ISO15693_WRITE_AFI, res, NULL, 0);
switch_off(); switch_off();
} }

2
armsrc/iso15693.h
View file

@ -64,7 +64,7 @@ void SetTag15693Uid(const uint8_t *uid);
void WritePasswordSlixIso15693(uint8_t *old_password, uint8_t *new_password, uint8_t pwd_id); void WritePasswordSlixIso15693(uint8_t *old_password, uint8_t *new_password, uint8_t pwd_id);
void DisablePrivacySlixIso15693(uint8_t *password); void DisablePrivacySlixIso15693(uint8_t *password);
void EnablePrivacySlixIso15693(uint8_t* password); void EnablePrivacySlixIso15693(uint8_t *password);
void DisableEAS_AFISlixIso15693(uint8_t *password, bool usepwd); void DisableEAS_AFISlixIso15693(uint8_t *password, bool usepwd);
void EnableEAS_AFISlixIso15693(uint8_t *password, bool usepwd); void EnableEAS_AFISlixIso15693(uint8_t *password, bool usepwd);
void PassProtextEASSlixIso15693(uint8_t *password); void PassProtextEASSlixIso15693(uint8_t *password);

4
client/src/cmdflashmem.c
View file

@ -641,6 +641,10 @@ static int CmdFlashMemInfo(const char *Cmd) {
// Verify (public key) // Verify (public key)
bool is_verified = (mbedtls_rsa_pkcs1_verify(rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 20, sha_hash, from_device) == 0); bool is_verified = (mbedtls_rsa_pkcs1_verify(rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 20, sha_hash, from_device) == 0);
if (got_private == false) {
mbedtls_rsa_free(rsa);
}
mbedtls_pk_free(&pkctx); mbedtls_pk_free(&pkctx);
PrintAndLogEx(NORMAL, ""); PrintAndLogEx(NORMAL, "");

6
client/src/cmdhf14a.c
View file

@ -1460,8 +1460,9 @@ static int CmdHF14AChaining(const char *Cmd) {
CLIParserContext *ctx; CLIParserContext *ctx;
CLIParserInit(&ctx, "hf 14a chaining", CLIParserInit(&ctx, "hf 14a chaining",
"Enable/Disable ISO14443a input chaining. Maximum input length goes from ATS.", "Enable/Disable ISO14443a input chaining. Maximum input length goes from ATS.",
"hf 14a chaining -> show chaining enable/disable state\n"
"hf 14a chaining --off -> disable chaining\n" "hf 14a chaining --off -> disable chaining\n"
"hf 14a chaining -> show chaining enable/disable state\n"); );
void *argtable[] = { void *argtable[] = {
arg_param_begin, arg_param_begin,
@ -1473,6 +1474,7 @@ static int CmdHF14AChaining(const char *Cmd) {
bool on = arg_get_lit(ctx, 1); bool on = arg_get_lit(ctx, 1);
bool off = arg_get_lit(ctx, 2); bool off = arg_get_lit(ctx, 2);
CLIParserFree(ctx);
if ((on + off) > 1) { if ((on + off) > 1) {
PrintAndLogEx(INFO, "Select only one option"); PrintAndLogEx(INFO, "Select only one option");
@ -1485,8 +1487,6 @@ static int CmdHF14AChaining(const char *Cmd) {
if (off) if (off)
Set_apdu_in_framing(false); Set_apdu_in_framing(false);
CLIParserFree(ctx);
PrintAndLogEx(INFO, "\nISO 14443-4 input chaining %s.\n", g_apdu_in_framing_enable ? "enabled" : "disabled"); PrintAndLogEx(INFO, "\nISO 14443-4 input chaining %s.\n", g_apdu_in_framing_enable ? "enabled" : "disabled");
return PM3_SUCCESS; return PM3_SUCCESS;
} }

463
client/src/cmdhf15.c
View file

@ -698,7 +698,7 @@ static int NxpCheckSig(uint8_t *uid) {
PacketResponseNG resp; PacketResponseNG resp;
uint16_t reqlen = 0; uint16_t reqlen = 0;
uint8_t req[PM3_CMD_DATA_SIZE] = {0}; uint8_t req[PM3_CMD_DATA_SIZE] = {0};
// Check if we can also read the signature // Check if we can also read the signature
req[reqlen++] |= ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | ISO15_REQ_NONINVENTORY | ISO15_REQ_ADDRESS; req[reqlen++] |= ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | ISO15_REQ_NONINVENTORY | ISO15_REQ_ADDRESS;
req[reqlen++] = ISO15693_READ_SIGNATURE; req[reqlen++] = ISO15693_READ_SIGNATURE;
@ -736,7 +736,7 @@ static int NxpCheckSig(uint8_t *uid) {
memcpy(signature, recv + 1, 32); memcpy(signature, recv + 1, 32);
nxp_15693_print_signature(uid, signature); nxp_15693_print_signature(uid, signature);
return PM3_SUCCESS; return PM3_SUCCESS;
} }
@ -1363,7 +1363,7 @@ static int CmdHF15WriteAfi(const char *Cmd) {
argtable[4] = arg_param_end; argtable[4] = arg_param_end;
CLIExecWithReturn(ctx, Cmd, argtable, true); CLIExecWithReturn(ctx, Cmd, argtable, true);
struct { struct {
uint8_t pwd[4]; uint8_t pwd[4];
bool use_pwd; bool use_pwd;
@ -1376,21 +1376,20 @@ static int CmdHF15WriteAfi(const char *Cmd) {
CLIGetHexWithReturn(ctx, 1, payload.uid, &uidlen); CLIGetHexWithReturn(ctx, 1, payload.uid, &uidlen);
payload.afi = arg_get_int_def(ctx, 2, 0); payload.afi = arg_get_int_def(ctx, 2, 0);
int pwdlen; int pwdlen;
CLIGetHexWithReturn(ctx, 3, payload.pwd, &pwdlen); CLIGetHexWithReturn(ctx, 3, payload.pwd, &pwdlen);
CLIParserFree(ctx); CLIParserFree(ctx);
if(pwdlen == 4) payload.use_pwd = false;
{ if (pwdlen == 4) {
payload.use_pwd = true; payload.use_pwd = true;
} }
if(uidlen == 8) payload.use_uid = false;
{ if (uidlen == 8) {
payload.use_uid = true; payload.use_uid = true;
} }
// sanity checks // sanity checks
@ -1398,11 +1397,10 @@ static int CmdHF15WriteAfi(const char *Cmd) {
PrintAndLogEx(WARNING, "uid must be 8 hex bytes if provided"); PrintAndLogEx(WARNING, "uid must be 8 hex bytes if provided");
return PM3_EINVARG; return PM3_EINVARG;
} }
if(pwdlen > 0 && pwdlen != 4) if (pwdlen > 0 && pwdlen != 4) {
{
PrintAndLogEx(WARNING, "password must be 4 hex bytes if provided"); PrintAndLogEx(WARNING, "password must be 4 hex bytes if provided");
return PM3_ESOFT; return PM3_ESOFT;
} }
PacketResponseNG resp; PacketResponseNG resp;
@ -1420,11 +1418,11 @@ static int CmdHF15WriteAfi(const char *Cmd) {
break; break;
} }
case PM3_EWRONGANSWER: { case PM3_EWRONGANSWER: {
PrintAndLogEx(WARNING, "error writing AFI"); PrintAndLogEx(WARNING, "error writing AFI");
break; break;
} }
case PM3_SUCCESS: { case PM3_SUCCESS: {
PrintAndLogEx(SUCCESS, "Wrote AFI 0x%02X", payload.afi); PrintAndLogEx(SUCCESS, "Wrote AFI 0x%02X", payload.afi);
break; break;
} }
} }
@ -2385,29 +2383,24 @@ static int CmdHF15SlixEASEnable(const char *Cmd) {
bool usepwd; bool usepwd;
} PACKED payload; } PACKED payload;
int pwdlen = 0; int pwdlen = 0;
int ret_pwdparse = CLIParamHexToBuf(arg_get_str(ctx, 1), payload.pwd, 4, &pwdlen); int ret_pwdparse = CLIParamHexToBuf(arg_get_str(ctx, 1), payload.pwd, 4, &pwdlen);
if((pwdlen > 0 && pwdlen != 4) || ret_pwdparse != 0) if ((pwdlen > 0 && pwdlen != 4) || ret_pwdparse != 0) {
{
PrintAndLogEx(WARNING, "password must be 4 hex bytes if provided"); PrintAndLogEx(WARNING, "password must be 4 hex bytes if provided");
return PM3_ESOFT; CLIParserFree(ctx);
return PM3_ESOFT;
} }
//CLIGetHexWithReturn(ctx, 1, payload.pwd, &pwdlen);
CLIParserFree(ctx); CLIParserFree(ctx);
if (pwdlen > 0) {
if(pwdlen > 0 ) PrintAndLogEx(INFO, "Trying to enable EAS mode using password " _GREEN_("%s")
{ , sprint_hex_inrow(payload.pwd, sizeof(payload.pwd))
PrintAndLogEx(INFO, "Trying to enable EAS mode using password " _GREEN_("%s") );
, sprint_hex_inrow(payload.pwd, sizeof(payload.pwd)) payload.usepwd = true;
); } else {
payload.usepwd = true; PrintAndLogEx(INFO, "Trying to enable EAS mode without using a password");
} payload.usepwd = false;
else
{
PrintAndLogEx(INFO, "Trying to enable EAS mode without using a password");
payload.usepwd = false;
} }
@ -2426,13 +2419,10 @@ static int CmdHF15SlixEASEnable(const char *Cmd) {
break; break;
} }
case PM3_EWRONGANSWER: { case PM3_EWRONGANSWER: {
if(pwdlen > 0 ) if (pwdlen > 0) {
{ PrintAndLogEx(WARNING, "the password provided was not accepted");
PrintAndLogEx(WARNING, "the password provided was not accepted"); } else {
} PrintAndLogEx(WARNING, "either a password is required or EAS mode is locked");
else
{
PrintAndLogEx(WARNING, "either a password is required or EAS mode is locked");
} }
break; break;
} }
@ -2451,41 +2441,36 @@ static int CmdHF15SlixEASDisable(const char *Cmd) {
"Disable EAS mode on SLIX ISO-15693 tag", "Disable EAS mode on SLIX ISO-15693 tag",
"hf 15 slixeasdisable -p 0F0F0F0F"); "hf 15 slixeasdisable -p 0F0F0F0F");
void *argtable[] = { void *argtable[] = {
arg_param_begin, arg_param_begin,
arg_str0("p", "pwd", "<hex>", "optional password, 8 hex bytes"), arg_str0("p", "pwd", "<hex>", "optional password, 8 hex bytes"),
arg_param_end arg_param_end
}; };
CLIExecWithReturn(ctx, Cmd, argtable, true); CLIExecWithReturn(ctx, Cmd, argtable, true);
struct { struct {
uint8_t pwd[4]; uint8_t pwd[4];
bool usepwd; bool usepwd;
} PACKED payload; } PACKED payload;
int pwdlen = 0; int pwdlen = 0;
int ret_pwdparse = CLIParamHexToBuf(arg_get_str(ctx, 1), payload.pwd, 4, &pwdlen); int ret_pwdparse = CLIParamHexToBuf(arg_get_str(ctx, 1), payload.pwd, 4, &pwdlen);
if((pwdlen > 0 && pwdlen != 4) || ret_pwdparse != 0)
{
PrintAndLogEx(WARNING, "password must be 4 hex bytes if provided");
return PM3_ESOFT;
}
//CLIGetHexWithReturn(ctx, 1, payload.pwd, &pwdlen);
CLIParserFree(ctx); CLIParserFree(ctx);
if ((pwdlen > 0 && pwdlen != 4) || ret_pwdparse != 0) {
if(pwdlen > 0 ) PrintAndLogEx(WARNING, "password must be 4 hex bytes if provided");
{ return PM3_ESOFT;
PrintAndLogEx(INFO, "Trying to disable EAS mode using password " _GREEN_("%s")
, sprint_hex_inrow(payload.pwd, sizeof(payload.pwd))
);
payload.usepwd = true;
} }
else
{ if (pwdlen > 0) {
PrintAndLogEx(INFO, "Trying to enable EAS mode without using a password"); PrintAndLogEx(INFO, "Trying to disable EAS mode using password " _GREEN_("%s")
payload.usepwd = false; , sprint_hex_inrow(payload.pwd, sizeof(payload.pwd))
);
payload.usepwd = true;
} else {
PrintAndLogEx(INFO, "Trying to enable EAS mode without using a password");
payload.usepwd = false;
} }
PacketResponseNG resp; PacketResponseNG resp;
@ -2503,13 +2488,10 @@ static int CmdHF15SlixEASDisable(const char *Cmd) {
break; break;
} }
case PM3_EWRONGANSWER: { case PM3_EWRONGANSWER: {
if(pwdlen > 0 ) if (pwdlen > 0) {
{ PrintAndLogEx(WARNING, "the password provided was not accepted");
PrintAndLogEx(WARNING, "the password provided was not accepted"); } else {
} PrintAndLogEx(WARNING, "either a password is required or EAS mode is locked");
else
{
PrintAndLogEx(WARNING, "either a password is required or EAS mode is locked");
} }
break; break;
} }
@ -2571,14 +2553,14 @@ static int CmdHF15SlixDisable(const char *Cmd) {
return resp.status; return resp.status;
} }
static int CmdHF15SlixEnable(const char* Cmd) { static int CmdHF15SlixEnable(const char *Cmd) {
CLIParserContext* ctx; CLIParserContext *ctx;
CLIParserInit(&ctx, "hf 15 slixprivacyenable", CLIParserInit(&ctx, "hf 15 slixprivacyenable",
"Enable privacy mode on SLIX ISO-15693 tag", "Enable privacy mode on SLIX ISO-15693 tag",
"hf 15 slixenable -p 0F0F0F0F"); "hf 15 slixenable -p 0F0F0F0F");
void* argtable[] = { void *argtable[] = {
arg_param_begin, arg_param_begin,
arg_str1("p", "pwd", "<hex>", "password, 8 hex bytes"), arg_str1("p", "pwd", "<hex>", "password, 8 hex bytes"),
arg_param_end arg_param_end
@ -2592,12 +2574,12 @@ static int CmdHF15SlixEnable(const char* Cmd) {
CLIParserFree(ctx); CLIParserFree(ctx);
PrintAndLogEx(INFO, "Trying to enable privacy mode using password " _GREEN_("%s") PrintAndLogEx(INFO, "Trying to enable privacy mode using password " _GREEN_("%s")
, sprint_hex_inrow(payload.pwd, sizeof(payload.pwd)) , sprint_hex_inrow(payload.pwd, sizeof(payload.pwd))
); );
PacketResponseNG resp; PacketResponseNG resp;
clearCommandBuffer(); clearCommandBuffer();
SendCommandNG(CMD_HF_ISO15693_SLIX_ENABLE_PRIVACY, (uint8_t*)&payload, sizeof(payload)); SendCommandNG(CMD_HF_ISO15693_SLIX_ENABLE_PRIVACY, (uint8_t *)&payload, sizeof(payload));
if (WaitForResponseTimeout(CMD_HF_ISO15693_SLIX_ENABLE_PRIVACY, &resp, 2000) == false) { if (WaitForResponseTimeout(CMD_HF_ISO15693_SLIX_ENABLE_PRIVACY, &resp, 2000) == false) {
PrintAndLogEx(WARNING, "timeout while waiting for reply"); PrintAndLogEx(WARNING, "timeout while waiting for reply");
DropField(); DropField();
@ -2605,18 +2587,18 @@ static int CmdHF15SlixEnable(const char* Cmd) {
} }
switch (resp.status) { switch (resp.status) {
case PM3_ETIMEOUT: { case PM3_ETIMEOUT: {
PrintAndLogEx(WARNING, "no tag found"); PrintAndLogEx(WARNING, "no tag found");
break; break;
} }
case PM3_EWRONGANSWER: { case PM3_EWRONGANSWER: {
PrintAndLogEx(WARNING, "password was not accepted"); PrintAndLogEx(WARNING, "password was not accepted");
break; break;
} }
case PM3_SUCCESS: { case PM3_SUCCESS: {
PrintAndLogEx(SUCCESS, "privacy mode is now enabled ( " _GREEN_("ok") " ) "); PrintAndLogEx(SUCCESS, "privacy mode is now enabled ( " _GREEN_("ok") " ) ");
break; break;
} }
} }
return resp.status; return resp.status;
} }
@ -2624,83 +2606,69 @@ static int CmdHF15SlixEnable(const char* Cmd) {
static int CmdHF15SlixWritePassword(const char *Cmd) { static int CmdHF15SlixWritePassword(const char *Cmd) {
CLIParserContext *ctx; CLIParserContext *ctx;
CLIParserInit(&ctx, "hf 15 slixwritepwd", CLIParserInit(&ctx, "hf 15 slixwritepwd",
"Write a password on a SLIX family ISO-15693 tag", "Write a password on a SLIX family ISO-15693 tag.n"
"Some tags do not support all different password types.",
"hf 15 slixwritepwd -t READ -o 00000000 -n 12131415"); "hf 15 slixwritepwd -t READ -o 00000000 -n 12131415");
void *argtable[] = { void *argtable[] = {
arg_param_begin, arg_param_begin,
arg_str1("t", "type", "<read|write|privacy|destroy|easafi>", "which password field to write to (some tags do not support all password types)"), arg_str1("t", "type", "<read|write|privacy|destroy|easafi>", "which password field to write to"),
arg_str0("o", "old", "<hex>", "old password (if present), 8 hex bytes"), arg_str0("o", "old", "<hex>", "old password (if present), 8 hex bytes"),
arg_str1("n", "new", "<hex>", "new password, 8 hex bytes"), arg_str1("n", "new", "<hex>", "new password, 8 hex bytes"),
arg_param_end arg_param_end
}; };
CLIExecWithReturn(ctx, Cmd, argtable, false); CLIExecWithReturn(ctx, Cmd, argtable, false);
struct { struct {
uint8_t old_pwd[4]; uint8_t old_pwd[4];
uint8_t new_pwd[4]; uint8_t new_pwd[4];
uint8_t pwd_id; uint8_t pwd_id;
} PACKED payload; } PACKED payload;
int pwdlen = 0; int pwdlen = 0;
CLIGetHexWithReturn(ctx, 2, payload.old_pwd, &pwdlen); CLIGetHexWithReturn(ctx, 2, payload.old_pwd, &pwdlen);
if(pwdlen > 0 && pwdlen != 4) if (pwdlen > 0 && pwdlen != 4) {
{
PrintAndLogEx(WARNING, "old password must be 4 hex bytes if provided"); PrintAndLogEx(WARNING, "old password must be 4 hex bytes if provided");
return PM3_ESOFT; CLIParserFree(ctx);
return PM3_ESOFT;
} }
CLIGetHexWithReturn(ctx, 3, payload.new_pwd, &pwdlen); CLIGetHexWithReturn(ctx, 3, payload.new_pwd, &pwdlen);
if(pwdlen != 4) if (pwdlen != 4) {
{
PrintAndLogEx(WARNING, "new password must be 4 hex bytes"); PrintAndLogEx(WARNING, "new password must be 4 hex bytes");
return PM3_ESOFT; CLIParserFree(ctx);
return PM3_ESOFT;
} }
int vlen = 0; int vlen = 0;
char value[10]; char value[10];
CLIParamStrToBuf(arg_get_str(ctx, 1), (uint8_t *)value, sizeof(value), &vlen); CLIParamStrToBuf(arg_get_str(ctx, 1), (uint8_t *)value, sizeof(value), &vlen);
CLIParserFree(ctx);
if (vlen > 0) { if (vlen > 0) {
if (strcmp(value, "read") == 0) if (strcmp(value, "read") == 0) {
{
PrintAndLogEx(SUCCESS, "Selected read pass"); PrintAndLogEx(SUCCESS, "Selected read pass");
payload.pwd_id = 0x01; payload.pwd_id = 0x01;
} } else if (strcmp(value, "write") == 0) {
else if (strcmp(value, "write") == 0)
{
PrintAndLogEx(SUCCESS, "Selected write pass"); PrintAndLogEx(SUCCESS, "Selected write pass");
payload.pwd_id = 0x02; payload.pwd_id = 0x02;
} } else if (strcmp(value, "privacy") == 0) {
else if (strcmp(value, "privacy") == 0)
{
PrintAndLogEx(SUCCESS, "Selected privacy pass"); PrintAndLogEx(SUCCESS, "Selected privacy pass");
payload.pwd_id = 0x04; payload.pwd_id = 0x04;
} } else if (strcmp(value, "destroy") == 0) {
else if (strcmp(value, "destroy") == 0)
{
PrintAndLogEx(SUCCESS, "Selected destroy pass"); PrintAndLogEx(SUCCESS, "Selected destroy pass");
payload.pwd_id = 0x08; payload.pwd_id = 0x08;
} } else if (strcmp(value, "easafi") == 0) {
else if (strcmp(value, "easafi") == 0)
{
PrintAndLogEx(SUCCESS, "Selected easafi pass"); PrintAndLogEx(SUCCESS, "Selected easafi pass");
payload.pwd_id = 0x10; payload.pwd_id = 0x10;
} } else {
else
{
PrintAndLogEx(ERR, "t argument must be 'read', 'write', 'privacy', 'destroy', or 'easafi'"); PrintAndLogEx(ERR, "t argument must be 'read', 'write', 'privacy', 'destroy', or 'easafi'");
return PM3_EINVARG; return PM3_EINVARG;
} }
} }
CLIParserFree(ctx);
PrintAndLogEx(INFO, "Trying to write " _YELLOW_("%s") " as " _YELLOW_("%s") " password" PrintAndLogEx(INFO, "Trying to write " _YELLOW_("%s") " as " _YELLOW_("%s") " password"
, sprint_hex_inrow(payload.new_pwd, sizeof(payload.new_pwd)), value); , sprint_hex_inrow(payload.new_pwd, sizeof(payload.new_pwd)), value);
@ -2732,135 +2700,134 @@ static int CmdHF15SlixWritePassword(const char *Cmd) {
} }
static int CmdHF15AFIPassProtect(const char *Cmd) { static int CmdHF15AFIPassProtect(const char *Cmd) {
CLIParserContext *ctx;
CLIParserInit(&ctx, "hf 15 passprotectafi",
"Password protect AFI. Cannot be undone.",
"hf 15 passprotectafi -p 00000000 -c");
void *argtable[] = { CLIParserContext *ctx;
CLIParserInit(&ctx, "hf 15 passprotectafi",
"This command enables the password protect of AFI.\n"
"*** OBS! This action can not be undone! ***",
"hf 15 passprotectafi -p 00000000 --force");
void *argtable[] = {
arg_param_begin, arg_param_begin,
arg_str1("p", "password", "<hex>", "EAS/AFI password, 8 hex bytes"), arg_str1("p", "pwd", "<hex>", "EAS/AFI password, 8 hex bytes"),
arg_lit0("c", "confirm", "confirm the execution of this irreversible command"), arg_lit0(NULL, "force", "Force execution of command (irreversible) "),
arg_param_end arg_param_end
}; };
CLIExecWithReturn(ctx, Cmd, argtable, true);
struct {
uint8_t pwd[4];
} PACKED payload;
int pwdlen = 0;
CLIGetHexWithReturn(ctx, 1, payload.pwd, &pwdlen);
bool confirmation = arg_get_lit(ctx, 2);
if(pwdlen != 4)
{
PrintAndLogEx(WARNING, "password must be 4 hex bytes");
return PM3_ESOFT;
}
if(confirmation == 0)
{
PrintAndLogEx(WARNING, "This irreversible command must be confirmed with the -c flag");
return PM3_ESOFT;
}
PrintAndLogEx(INFO, "Trying to enable AFI password protection");
PacketResponseNG resp;
clearCommandBuffer();
SendCommandNG(CMD_HF_ISO15693_SLIX_PASS_PROTECT_AFI, (uint8_t*)&payload, sizeof(payload));
if (WaitForResponseTimeout(CMD_HF_ISO15693_SLIX_PASS_PROTECT_AFI, &resp, 2000) == false) {
PrintAndLogEx(WARNING, "timeout while waiting for reply");
DropField();
return PM3_ESOFT;
}
switch (resp.status) { CLIExecWithReturn(ctx, Cmd, argtable, true);
case PM3_ETIMEOUT: {
PrintAndLogEx(WARNING, "no tag found"); struct {
break; uint8_t pwd[4];
} } PACKED payload;
case PM3_EWRONGANSWER: { int pwdlen = 0;
PrintAndLogEx(WARNING, "error enabling AFI password protection");
break; CLIGetHexWithReturn(ctx, 1, payload.pwd, &pwdlen);
}
case PM3_SUCCESS: { bool force = arg_get_lit(ctx, 2);
PrintAndLogEx(SUCCESS, "AFI password protected ( " _GREEN_("ok") " ) "); CLIParserFree(ctx);
break;
} if (pwdlen != 4) {
} PrintAndLogEx(WARNING, "password must be 4 hex bytes");
return resp.status; return PM3_ESOFT;
}
if (force == false) {
PrintAndLogEx(WARNING, "Use `--force` flag to override. OBS! Irreversable command");
return PM3_ESOFT;
}
PrintAndLogEx(INFO, "Trying to enable AFI password protection...");
PacketResponseNG resp;
clearCommandBuffer();
SendCommandNG(CMD_HF_ISO15693_SLIX_PASS_PROTECT_AFI, (uint8_t *)&payload, sizeof(payload));
if (WaitForResponseTimeout(CMD_HF_ISO15693_SLIX_PASS_PROTECT_AFI, &resp, 2000) == false) {
PrintAndLogEx(WARNING, "timeout while waiting for reply");
DropField();
return PM3_ESOFT;
}
switch (resp.status) {
case PM3_ETIMEOUT: {
PrintAndLogEx(WARNING, "no tag found");
break;
}
case PM3_EWRONGANSWER: {
PrintAndLogEx(WARNING, "error enabling AFI password protection");
break;
}
case PM3_SUCCESS: {
PrintAndLogEx(SUCCESS, "AFI password protected ( " _GREEN_("ok") " ) ");
break;
}
}
return resp.status;
} }
static int CmdHF15EASPassProtect(const char *Cmd) { static int CmdHF15EASPassProtect(const char *Cmd) {
CLIParserContext *ctx; CLIParserContext *ctx;
CLIParserInit(&ctx, "hf 15 passprotecteas", CLIParserInit(&ctx, "hf 15 passprotecteas",
"Password protect EAS. Cannot be undone.", "This command enables the password protect of EAS.\n"
"hf 15 passprotecteas -p 00000000 -c"); "*** OBS! This action can not be undone! ***",
"hf 15 passprotecteas -p 00000000 --force");
void *argtable[] = {
void *argtable[] = {
arg_param_begin, arg_param_begin,
arg_str1("p", "password", "<hex>", "EAS/AFI password, 8 hex bytes"), arg_str1("p", "pwd", "<hex>", "EAS/AFI password, 8 hex bytes"),
arg_lit0("c", "confirm", "confirm the execution of this irreversible command"), arg_lit0(NULL, "force", "Force execution of command (irreversible) "),
arg_param_end arg_param_end
}; };
CLIExecWithReturn(ctx, Cmd, argtable, true); CLIExecWithReturn(ctx, Cmd, argtable, true);
struct {
uint8_t pwd[4];
} PACKED payload;
int pwdlen = 0;
CLIGetHexWithReturn(ctx, 1, payload.pwd, &pwdlen);
bool confirmation = arg_get_lit(ctx, 2);
if(pwdlen != 4)
{
PrintAndLogEx(WARNING, "password must be 4 hex bytes");
return PM3_ESOFT;
}
if(confirmation == 0)
{
PrintAndLogEx(WARNING, "This irreversible command must be confirmed with the -c flag");
return PM3_ESOFT;
}
PrintAndLogEx(INFO, "Trying to enable EAS password protection");
PacketResponseNG resp;
clearCommandBuffer();
SendCommandNG(CMD_HF_ISO15693_SLIX_PASS_PROTECT_EAS, (uint8_t*)&payload, sizeof(payload));
if (WaitForResponseTimeout(CMD_HF_ISO15693_SLIX_PASS_PROTECT_EAS, &resp, 2000) == false) {
PrintAndLogEx(WARNING, "timeout while waiting for reply");
DropField();
return PM3_ESOFT;
}
switch (resp.status) { struct {
case PM3_ETIMEOUT: { uint8_t pwd[4];
PrintAndLogEx(WARNING, "no tag found"); } PACKED payload;
break; int pwdlen = 0;
}
case PM3_EWRONGANSWER: { CLIGetHexWithReturn(ctx, 1, payload.pwd, &pwdlen);
PrintAndLogEx(WARNING, "error enabling EAS password protection");
break; bool force = arg_get_lit(ctx, 2);
} CLIParserFree(ctx);
case PM3_SUCCESS: {
PrintAndLogEx(SUCCESS, "EAS password protected ( " _GREEN_("ok") " ) "); if (pwdlen != 4) {
break; PrintAndLogEx(WARNING, "password must be 4 hex bytes");
} return PM3_ESOFT;
} }
return resp.status;
if (force == false) {
PrintAndLogEx(WARNING, "Use `--force` flag to override. OBS! Irreversable command");
return PM3_ESOFT;
}
PrintAndLogEx(INFO, "Trying to enable EAS password protection...");
PacketResponseNG resp;
clearCommandBuffer();
SendCommandNG(CMD_HF_ISO15693_SLIX_PASS_PROTECT_EAS, (uint8_t *)&payload, sizeof(payload));
if (WaitForResponseTimeout(CMD_HF_ISO15693_SLIX_PASS_PROTECT_EAS, &resp, 2000) == false) {
PrintAndLogEx(WARNING, "timeout while waiting for reply");
DropField();
return PM3_ESOFT;
}
switch (resp.status) {
case PM3_ETIMEOUT: {
PrintAndLogEx(WARNING, "no tag found");
break;
}
case PM3_EWRONGANSWER: {
PrintAndLogEx(WARNING, "error enabling EAS password protection");
break;
}
case PM3_SUCCESS: {
PrintAndLogEx(SUCCESS, "EAS password protected ( " _GREEN_("ok") " ) ");
break;
}
}
return resp.status;
} }
static command_t CommandTable[] = { static command_t CommandTable[] = {

2
client/src/cmdhw.c
View file

@ -1301,7 +1301,7 @@ void pm3_version(bool verbose, bool oneliner) {
if (IfPm3Flash()) { if (IfPm3Flash()) {
PrintAndLogEx(NORMAL, " external flash............ %s", _GREEN_("present")); PrintAndLogEx(NORMAL, " external flash............ %s", _GREEN_("present"));
} }
if (IfPm3FpcUsartHost()) { if (IfPm3FpcUsartHost()) {
PrintAndLogEx(NORMAL, " FPC USART for BT add-on... %s", _GREEN_("present")); PrintAndLogEx(NORMAL, " FPC USART for BT add-on... %s", _GREEN_("present"));
} }

6
client/src/pm3line_vocabulory.h
View file

@ -181,9 +181,9 @@ const static vocabulory_t vocabulory[] = {
{ 0, "hf 15 slixeasdisable" }, { 0, "hf 15 slixeasdisable" },
{ 0, "hf 15 slixeasenable" }, { 0, "hf 15 slixeasenable" },
{ 0, "hf 15 slixprivacydisable" }, { 0, "hf 15 slixprivacydisable" },
{ 0, "hf 15 slixprivacyenable" }, { 0, "hf 15 slixprivacyenable" },
{ 0, "hf 15 passprotectafi" }, { 0, "hf 15 passprotectafi" },
{ 0, "hf 15 passprotecteas" }, { 0, "hf 15 passprotecteas" },
{ 0, "hf 15 wrbl" }, { 0, "hf 15 wrbl" },
{ 0, "hf 15 findafi" }, { 0, "hf 15 findafi" },
{ 0, "hf 15 writeafi" }, { 0, "hf 15 writeafi" },

2
client/src/preferences.c
View file

@ -152,7 +152,7 @@ int preferences_save(void) {
} }
uint8_t dummyData = 0x00; uint8_t dummyData = 0x00;
size_t dummyDL = 0x00; size_t dummyDL = 0x01;
if (saveFileJSON(fn, jsfCustom, &dummyData, dummyDL, &preferences_save_callback) != PM3_SUCCESS) if (saveFileJSON(fn, jsfCustom, &dummyData, dummyDL, &preferences_save_callback) != PM3_SUCCESS)
PrintAndLogEx(ERR, "Error saving preferences to \"%s\"", fn); PrintAndLogEx(ERR, "Error saving preferences to \"%s\"", fn);

2
client/src/proxmark3.c
View file

@ -41,7 +41,7 @@ static int mainret = PM3_ESOFT;
#ifndef LIBPM3 #ifndef LIBPM3
#define BANNERMSG1 "" #define BANNERMSG1 ""
#define BANNERMSG2 " [ :snowflake: ]" #define BANNERMSG2 " [ :coffee: ]"
#define BANNERMSG3 "" #define BANNERMSG3 ""
typedef enum LogoMode { UTF8, ANSI, ASCII } LogoMode; typedef enum LogoMode { UTF8, ANSI, ASCII } LogoMode;

109
doc/commands.json
View file

@ -1101,8 +1101,8 @@
"command": "hf 14a chaining", "command": "hf 14a chaining",
"description": "Enable/Disable ISO14443a input chaining. Maximum input length goes from ATS.", "description": "Enable/Disable ISO14443a input chaining. Maximum input length goes from ATS.",
"notes": [ "notes": [
"hf 14a chaining --off -> disable chaining", "hf 14a chaining -> show chaining enable/disable state",
"hf 14a chaining -> show chaining enable/disable state" "hf 14a chaining --off -> disable chaining"
], ],
"offline": false, "offline": false,
"options": [ "options": [
@ -1656,6 +1656,34 @@
], ],
"usage": "hf 15 list [-h1crux] [--frame] [-f <fn>]" "usage": "hf 15 list [-h1crux] [--frame] [-f <fn>]"
}, },
"hf 15 passprotectafi": {
"command": "hf 15 passprotectafi",
"description": "This command enables the password protect of AFI. *** OBS! This action can not be undone! ***",
"notes": [
"hf 15 passprotectafi -p 00000000 --force"
],
"offline": false,
"options": [
"-h, --help This help",
"-p, --pwd <hex> EAS/AFI password, 8 hex bytes",
"--force Force execution of command (irreversible)"
],
"usage": "hf 15 passprotectafi [-h] -p <hex> [--force]"
},
"hf 15 passprotecteas": {
"command": "hf 15 passprotecteas",
"description": "This command enables the password protect of EAS. *** OBS! This action can not be undone! ***",
"notes": [
"hf 15 passprotecteas -p 00000000 --force"
],
"offline": false,
"options": [
"-h, --help This help",
"-p, --pwd <hex> EAS/AFI password, 8 hex bytes",
"--force Force execution of command (irreversible)"
],
"usage": "hf 15 passprotecteas [-h] -p <hex> [--force]"
},
"hf 15 raw": { "hf 15 raw": {
"command": "hf 15 raw", "command": "hf 15 raw",
"description": "Sends raw bytes over ISO-15693 to card", "description": "Sends raw bytes over ISO-15693 to card",
@ -1776,8 +1804,34 @@
], ],
"usage": "hf 15 sim [-h] -u <8b hex> [-b <dec>]" "usage": "hf 15 sim [-h] -u <8b hex> [-b <dec>]"
}, },
"hf 15 slixdisable": { "hf 15 slixeasdisable": {
"command": "hf 15 slixdisable", "command": "hf 15 slixeasdisable",
"description": "Disable EAS mode on SLIX ISO-15693 tag",
"notes": [
"hf 15 slixeasdisable -p 0F0F0F0F"
],
"offline": false,
"options": [
"-h, --help This help",
"-p, --pwd <hex> optional password, 8 hex bytes"
],
"usage": "hf 15 slixeasdisable [-h] [-p <hex>]"
},
"hf 15 slixeasenable": {
"command": "hf 15 slixeasenable",
"description": "Enable EAS mode on SLIX ISO-15693 tag",
"notes": [
"hf 15 slixeasenable -p 0F0F0F0F"
],
"offline": false,
"options": [
"-h, --help This help",
"-p, --pwd <hex> optional password, 8 hex bytes"
],
"usage": "hf 15 slixeasenable [-h] [-p <hex>]"
},
"hf 15 slixprivacydisable": {
"command": "hf 15 slixprivacydisable",
"description": "Disable privacy mode on SLIX ISO-15693 tag", "description": "Disable privacy mode on SLIX ISO-15693 tag",
"notes": [ "notes": [
"hf 15 slixdisable -p 0F0F0F0F" "hf 15 slixdisable -p 0F0F0F0F"
@ -1787,7 +1841,35 @@
"-h, --help This help", "-h, --help This help",
"-p, --pwd <hex> password, 8 hex bytes" "-p, --pwd <hex> password, 8 hex bytes"
], ],
"usage": "hf 15 slixdisable [-h] -p <hex>" "usage": "hf 15 slixprivacydisable [-h] -p <hex>"
},
"hf 15 slixprivacyenable": {
"command": "hf 15 slixprivacyenable",
"description": "Enable privacy mode on SLIX ISO-15693 tag",
"notes": [
"hf 15 slixenable -p 0F0F0F0F"
],
"offline": false,
"options": [
"-h, --help This help",
"-p, --pwd <hex> password, 8 hex bytes"
],
"usage": "hf 15 slixprivacyenable [-h] -p <hex>"
},
"hf 15 slixwritepwd": {
"command": "hf 15 slixwritepwd",
"description": "Write a password on a SLIX family ISO-15693 tag",
"notes": [
"hf 15 slixwritepwd -t READ -o 00000000 -n 12131415"
],
"offline": false,
"options": [
"-h, --help This help",
"-t, --type <read|write|privacy|destroy|easafi> which password field to write to (some tags do not support all password types)",
"-o, --old <hex> old password (if present), 8 hex bytes",
"-n, --new <hex> new password, 8 hex bytes"
],
"usage": "hf 15 slixwritepwd [-h] -t <read|write|privacy|destroy|easafi> [-o <hex>] -n <hex>"
}, },
"hf 15 sniff": { "hf 15 sniff": {
"command": "hf 15 sniff", "command": "hf 15 sniff",
@ -1827,19 +1909,16 @@
"description": "Write AFI on card", "description": "Write AFI on card",
"notes": [ "notes": [
"hf 15 writeafi -* --afi 12", "hf 15 writeafi -* --afi 12",
"hf 15 writeafi -u E011223344556677 --afi 12" "hf 15 writeafi -u E011223344556677 --afi 12 -p 0F0F0F0F"
], ],
"offline": false, "offline": false,
"options": [ "options": [
"-h, --help This help", "-h, --help This help",
"-u, --uid <hex> full UID, 8 bytes", "-u, --uid <hex> full UID, 8 bytes",
"--ua unaddressed mode", "--afi <dec> AFI number (0-255)",
"-* scan for tag", "-p, --pwd <hex> optional AFI/EAS password"
"-2 use slower '1 out of 256' mode",
"-o, --opt set OPTION Flag (needed for TI)",
"--afi <dec> AFI number (0-255)"
], ],
"usage": "hf 15 writeafi [-h*2o] [-u <hex>] [--ua] --afi <dec>" "usage": "hf 15 writeafi [-h] [-u <hex>] --afi <dec> [-p <hex>]"
}, },
"hf 15 writedsfid": { "hf 15 writedsfid": {
"command": "hf 15 writedsfid", "command": "hf 15 writedsfid",
@ -11408,7 +11487,7 @@
}, },
"script help": { "script help": {
"command": "script help", "command": "script help",
"description": "This is a feature to run Lua/Cmd/Python scripts. You can place scripts within the luascripts/cmdscripts/pyscripts folders. --------------------------------------------------------------------------------------- script list available offline: yes", "description": "This is a feature to run Lua/Cmd scripts. You can place scripts within the luascripts/cmdscripts folders. --------------------------------------------------------------------------------------- script list available offline: yes",
"notes": [], "notes": [],
"offline": true, "offline": true,
"options": [], "options": [],
@ -11803,8 +11882,8 @@
} }
}, },
"metadata": { "metadata": {
"commands_extracted": 742, "commands_extracted": 748,
"extracted_by": "PM3Help2JSON v1.00", "extracted_by": "PM3Help2JSON v1.00",
"extracted_on": "2023-01-27T01:57:37" "extracted_on": "2023-01-29T17:39:28"
} }
} }

8
doc/commands.md
View file

@ -236,7 +236,13 @@ Check column "offline" for their availability.
|`hf 15 esave `|N |`Save emulator memory into image file` |`hf 15 esave `|N |`Save emulator memory into image file`
|`hf 15 eview `|N |`View emulator memory` |`hf 15 eview `|N |`View emulator memory`
|`hf 15 sim `|N |`Fake an ISO-15693 tag` |`hf 15 sim `|N |`Fake an ISO-15693 tag`
|`hf 15 slixdisable `|N |`Disable privacy mode on SLIX ISO-15693 tag` |`hf 15 slixwritepwd `|N |`Writes a password on a SLIX ISO-15693 tag`
|`hf 15 slixeasdisable `|N |`Disable EAS mode on SLIX ISO-15693 tag`
|`hf 15 slixeasenable `|N |`Enable EAS mode on SLIX ISO-15693 tag`
|`hf 15 slixprivacydisable`|N |`Disable privacy mode on SLIX ISO-15693 tag`
|`hf 15 slixprivacyenable`|N |`Enable privacy mode on SLIX ISO-15693 tag`
|`hf 15 passprotectafi `|N |`Password protect AFI - Cannot be undone`
|`hf 15 passprotecteas `|N |`Password protect EAS - Cannot be undone`
|`hf 15 wrbl `|N |`Write a block` |`hf 15 wrbl `|N |`Write a block`
|`hf 15 findafi `|N |`Brute force AFI of an ISO-15693 tag` |`hf 15 findafi `|N |`Brute force AFI of an ISO-15693 tag`
|`hf 15 writeafi `|N |`Writes the AFI on an ISO-15693 tag` |`hf 15 writeafi `|N |`Writes the AFI on an ISO-15693 tag`

3
tools/build_all_firmwares.sh
View file

@ -22,7 +22,8 @@ echo "Destination: ${DEST:=firmware}"
echo "Produce stats?: ${STATS:=false}" echo "Produce stats?: ${STATS:=false}"
# Which parts to skip for the 256kb version? # Which parts to skip for the 256kb version?
SKIPS256="SKIP_HITAG=1 SKIP_LEGICRF=1 SKIP_FELICA=1 SKIP_EM4x50=1 SKIP_ISO14443b=1" SKIPS256="SKIP_HITAG=1 SKIP_LEGICRF=1 SKIP_FELICA=1 SKIP_EM4x50=1 SKIP_ISO14443b=1 SKIP_NFCBARCODE=1 SKIP_ZX8211=1"
make $MKFLAGS bootrom || exit 1 make $MKFLAGS bootrom || exit 1
chmod 644 bootrom/obj/bootrom.elf chmod 644 bootrom/obj/bootrom.elf