github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-19 21:03:48 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

CHG: rename the HF MFU * commands.

Browse source 
ADD: added a HF MFU INFO  commmand, where you can see some tag info. Used to be in the readcard command.
FIX: minor code clean up for ultralight & desfire commands in armsrc/mifarecmd.c, armsrc/mifaredesfire.c, armsrc/mifareutil.c
CHG: Lowered the default MF_DBGLEVEL, it set to MF_DBG_ERROR.
CHG: lowered a testing value for timeout in cmdhf14a.c
This commit is contained in:
iceman1001 2015-01-06 17:43:31 +01:00
commit e3ab50cafb
7 changed files with 212 additions and 231 deletions
Download patch file Download diff file Expand all files Collapse all files

246
armsrc/mifarecmd.c
View file

@ -90,8 +90,8 @@ void MifareReadBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
void MifareUC_Auth1(uint8_t arg0, uint8_t *datain){ void MifareUC_Auth1(uint8_t arg0, uint8_t *datain){
// variables // variables
byte_t isOK = 0; byte_t isOK = 0;
byte_t dataoutbuf[16]; byte_t dataoutbuf[16] = {0x00};
uint8_t uid[10]; uint8_t uid[10] = {0x00};
uint32_t cuid; uint32_t cuid;
// clear trace // clear trace
@ -116,18 +116,15 @@ void MifareUC_Auth1(uint8_t arg0, uint8_t *datain){
LED_B_ON(); LED_B_ON();
cmd_send(CMD_ACK,isOK,cuid,0,dataoutbuf,11); cmd_send(CMD_ACK,isOK,cuid,0,dataoutbuf,11);
LED_B_OFF();
// Thats it...
LEDsoff(); LEDsoff();
} }
void MifareUC_Auth2(uint32_t arg0, uint8_t *datain){ void MifareUC_Auth2(uint32_t arg0, uint8_t *datain){
// params
uint32_t cuid = arg0; uint32_t cuid = arg0;
uint8_t key[16]={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}; uint8_t key[16] = {0x00};
// variables
byte_t isOK = 0; byte_t isOK = 0;
byte_t dataoutbuf[16]; byte_t dataoutbuf[16] = {0x00};
memcpy(key, datain, 16); memcpy(key, datain, 16);
@ -138,11 +135,11 @@ void MifareUC_Auth2(uint32_t arg0, uint8_t *datain){
if(mifare_ultra_auth2(cuid, key, dataoutbuf)){ if(mifare_ultra_auth2(cuid, key, dataoutbuf)){
if (MF_DBGLEVEL >= 1) Dbprintf("Authentication part2: Fail..."); if (MF_DBGLEVEL >= 1) Dbprintf("Authentication part2: Fail...");
} }
isOK=1; isOK = 1;
if (MF_DBGLEVEL >= 2) DbpString("AUTH 2 FINISHED"); if (MF_DBGLEVEL >= 2) DbpString("AUTH 2 FINISHED");
LED_B_ON(); LED_B_ON();
cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,11); cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,11);
LED_B_OFF(); LED_B_OFF();
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
@ -156,8 +153,8 @@ void MifareUReadBlock(uint8_t arg0,uint8_t *datain)
// variables // variables
byte_t isOK = 0; byte_t isOK = 0;
byte_t dataoutbuf[16]; byte_t dataoutbuf[16] = {0x00};
uint8_t uid[10]; uint8_t uid[10] = {0x00};
uint32_t cuid; uint32_t cuid;
// clear trace // clear trace
@ -269,57 +266,62 @@ void MifareUReadCard(uint8_t arg0, int arg1, uint8_t *datain)
{ {
// params // params
uint8_t sectorNo = arg0; uint8_t sectorNo = arg0;
int Pages=arg1; int Pages = arg1;
int count_Pages=0; int count_Pages = 0;
// variables byte_t dataoutbuf[176] = {0x00};;
byte_t isOK = 0; uint8_t uid[10] = {0x00};
byte_t dataoutbuf[176];
uint8_t uid[10];
uint32_t cuid; uint32_t cuid;
// clear trace
iso14a_clear_trace(); iso14a_clear_trace();
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
LED_A_ON(); LED_A_ON();
LED_B_OFF(); LED_B_OFF();
LED_C_OFF(); LED_C_OFF();
Dbprintf("Pages %d",Pages);
while (true) {
if(!iso14443a_select_card(uid, NULL, &cuid)) {
if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");
break;
};
for(int sec=0;sec<Pages;sec++){
if(mifare_ultra_readblock(cuid, sectorNo * 4 + sec, dataoutbuf + 4 * sec)) {
if (MF_DBGLEVEL >= 1) Dbprintf("Read block %d error",sec);
break;
}else{
count_Pages++;
};
}
if(mifare_ultra_halt(cuid)) {
if (MF_DBGLEVEL >= 1) Dbprintf("Halt error");
break;
};
isOK = 1; if (MF_DBGLEVEL >= MF_DBG_ALL)
break; Dbprintf("Pages %d",Pages);
}
Dbprintf("Pages read %d",count_Pages);
if (MF_DBGLEVEL >= 2) DbpString("READ CARD FINISHED");
LED_B_ON(); if (!iso14443a_select_card(uid, NULL, &cuid)) {
if (Pages==16) cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,64); if (MF_DBGLEVEL >= MF_DBG_ERROR)
if (Pages==44 && count_Pages==16) cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,64); Dbprintf("Can't select card");
if (Pages==44 && count_Pages>16) cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,176); OnError();
LED_B_OFF(); return;
}
for (int i = 0; i < Pages; i++){
if (mifare_ultra_readblock(cuid, sectorNo * 4 + i, dataoutbuf + 4 * i)) {
if (MF_DBGLEVEL >= MF_DBG_ERROR)
Dbprintf("Read block %d error",i);
OnError();
return;
} else {
count_Pages++;
}
}
if (mifare_ultra_halt(cuid)) {
if (MF_DBGLEVEL >= MF_DBG_ERROR)
Dbprintf("Halt error");
OnError();
return;
}
if (MF_DBGLEVEL >= MF_DBG_ALL) {
Dbprintf("Pages read %d",count_Pages);
DbpString("Read card finished");
}
int len = 16*4; //64 bytes
// Read a UL-C
if (Pages == 44 && count_Pages > 16)
len = 176;
cmd_send(CMD_ACK, 1, 0, 0, dataoutbuf, len);
// Thats it...
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
LEDsoff(); LEDsoff();
} }
@ -397,76 +399,65 @@ void MifareWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
void MifareUWriteBlock(uint8_t arg0, uint8_t *datain) void MifareUWriteBlock(uint8_t arg0, uint8_t *datain)
{ {
// params // params
uint8_t blockNo = arg0; uint8_t blockNo = arg0;
byte_t blockdata[16]; byte_t blockdata[16] = {0x00};
memset(blockdata,'\0',16); memcpy(blockdata, datain, 16);
memcpy(blockdata, datain,16);
// variables // variables
byte_t isOK = 0; byte_t isOK = 0;
uint8_t uid[10]; uint8_t uid[10] = {0x00};
uint32_t cuid; uint32_t cuid;
// clear trace iso14a_clear_trace();
iso14a_clear_trace(); iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); LED_A_ON();
LED_B_OFF();
LED_C_OFF();
LED_A_ON(); while (true) {
LED_B_OFF(); if(!iso14443a_select_card(uid, NULL, &cuid)) {
LED_C_OFF(); if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");
break;
};
while (true) { if(mifare_ultra_writeblock(cuid, blockNo, blockdata)) {
if(!iso14443a_select_card(uid, NULL, &cuid)) { if (MF_DBGLEVEL >= 1) Dbprintf("Write block error");
if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); break;
break; };
};
if(mifare_ultra_writeblock(cuid, blockNo, blockdata)) { if(mifare_ultra_halt(cuid)) {
if (MF_DBGLEVEL >= 1) Dbprintf("Write block error"); if (MF_DBGLEVEL >= 1) Dbprintf("Halt error");
break; break;
}; };
if(mifare_ultra_halt(cuid)) { isOK = 1;
if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); break;
break; }
};
isOK = 1; if (MF_DBGLEVEL >= 2) DbpString("WRITE BLOCK FINISHED");
break;
}
if (MF_DBGLEVEL >= 2) DbpString("WRITE BLOCK FINISHED"); cmd_send(CMD_ACK,isOK,0,0,0,0);
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
LED_B_ON(); LEDsoff();
cmd_send(CMD_ACK,isOK,0,0,0,0);
LED_B_OFF();
// Thats it...
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
LEDsoff();
// iso14a_set_tracing(TRUE);
} }
void MifareUWriteBlock_Special(uint8_t arg0, uint8_t *datain) void MifareUWriteBlock_Special(uint8_t arg0, uint8_t *datain)
{ {
// params // params
uint8_t blockNo = arg0; uint8_t blockNo = arg0;
byte_t blockdata[4]; byte_t blockdata[4] = {0x00};
memcpy(blockdata, datain,4); memcpy(blockdata, datain,4);
// variables // variables
byte_t isOK = 0; byte_t isOK = 0;
uint8_t uid[10]; uint8_t uid[10] = {0x00};
uint32_t cuid; uint32_t cuid;
// clear trace
iso14a_clear_trace(); iso14a_clear_trace();
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
LED_A_ON(); LED_A_ON();
@ -495,11 +486,7 @@ void MifareUWriteBlock_Special(uint8_t arg0, uint8_t *datain)
if (MF_DBGLEVEL >= 2) DbpString("WRITE BLOCK FINISHED"); if (MF_DBGLEVEL >= 2) DbpString("WRITE BLOCK FINISHED");
LED_B_ON();
cmd_send(CMD_ACK,isOK,0,0,0,0); cmd_send(CMD_ACK,isOK,0,0,0,0);
LED_B_OFF();
// Thats it...
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
LEDsoff(); LEDsoff();
} }
@ -1152,71 +1139,54 @@ void MifareCIdent(){
void Mifare_DES_Auth1(uint8_t arg0, uint8_t *datain){ void Mifare_DES_Auth1(uint8_t arg0, uint8_t *datain){
// variables // variables
byte_t isOK = 0; byte_t isOK = 0;
byte_t dataoutbuf[16]; byte_t dataout[11] = {0x00};
uint8_t uid[10]; uint8_t uid[10] = {0x00};
uint32_t cuid; uint32_t cuid;
// clear trace
iso14a_clear_trace(); iso14a_clear_trace();
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
LED_A_ON();
LED_B_OFF();
LED_C_OFF();
if(!iso14443a_select_card(uid, NULL, &cuid)) { if(!iso14443a_select_card(uid, NULL, &cuid)) {
if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card, something went wrong before auth"); if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card, something went wrong before auth");
}; };
if(mifare_desfire_des_auth1(cuid, dataoutbuf)){ if(mifare_desfire_des_auth1(cuid, dataout)){
if (MF_DBGLEVEL >= 1) Dbprintf("Authentication part1: Fail."); if (MF_DBGLEVEL >= 1)
Dbprintf("Authentication part1: Fail.");
} }
isOK=1; isOK = 1;
if (MF_DBGLEVEL >= 2) DbpString("AUTH 1 FINISHED"); if (MF_DBGLEVEL >= 2) DbpString("AUTH 1 FINISHED");
LED_B_ON(); cmd_send(CMD_ACK,isOK,cuid,0,dataout, sizeof(dataout));
cmd_send(CMD_ACK,isOK,cuid,0,dataoutbuf,11);
LED_B_OFF();
// Thats it...
//FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
LEDsoff();
} }
void Mifare_DES_Auth2(uint32_t arg0, uint8_t *datain){ void Mifare_DES_Auth2(uint32_t arg0, uint8_t *datain){
// params
uint32_t cuid = arg0; uint32_t cuid = arg0;
uint8_t key[16]={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}; uint8_t key[16] = {0x00};
// variables
byte_t isOK = 0; byte_t isOK = 0;
byte_t dataoutbuf[16]; byte_t dataout[12] = {0x00};
memcpy(key, datain, 16); memcpy(key, datain, 16);
// clear trace
//iso14a_clear_trace();
//iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
LED_A_ON(); LED_A_ON();
LED_B_OFF(); LED_B_OFF();
LED_C_OFF(); LED_C_OFF();
// Dbprintf("Sending %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", isOK = mifare_desfire_des_auth2(cuid, key, dataout);
// key[0],key[1],key[2],key[3],key[4],key[5],key[6],key[7],key[8],
// key[9],key[10],key[11],key[12],key[13],key[14],key[15]);
if(mifare_desfire_des_auth2(cuid, key, dataoutbuf)){ if(isOK){
if (MF_DBGLEVEL >= 1) Dbprintf("Authentication part2: Fail..."); if (MF_DBGLEVEL >= 2)
DbpString("AUTH 2 FINISHED");
cmd_send(CMD_ACK,isOK,0,0,dataout,sizeof(dataout));
}
else {
if (MF_DBGLEVEL >= 2)
Dbprintf("Authentication part2: Failed");
OnError();
} }
isOK=1;
if (MF_DBGLEVEL >= 2) DbpString("AUTH 2 FINISHED");
LED_B_ON();
cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,12);
LED_B_OFF();
// Thats it...
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
LEDsoff(); LEDsoff();
} }

24
armsrc/mifaredesfire.c
View file

@ -19,12 +19,8 @@ static uint8_t deselect_cmd[] = {0xc2,0xe0,0xb4};
bool InitDesfireCard(){ bool InitDesfireCard(){
// Make sure it is off. byte_t cardbuf[USB_CMD_DATA_SIZE] = {0x00};
// FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
// SpinDelay(300);
byte_t cardbuf[USB_CMD_DATA_SIZE];
memset(cardbuf,0,sizeof(cardbuf));
iso14a_card_select_t *card = (iso14a_card_select_t*)cardbuf; iso14a_card_select_t *card = (iso14a_card_select_t*)cardbuf;
iso14a_set_tracing(TRUE); iso14a_set_tracing(TRUE);
@ -99,13 +95,9 @@ void MifareSendCommand(uint8_t arg0, uint8_t arg1, uint8_t *datain){
void MifareDesfireGetInformation(){ void MifareDesfireGetInformation(){
int len = 0; int len = 0;
uint8_t resp[USB_CMD_DATA_SIZE]; uint8_t resp[USB_CMD_DATA_SIZE] = {0x00};
uint8_t dataout[USB_CMD_DATA_SIZE]; uint8_t dataout[USB_CMD_DATA_SIZE] = {0x00};
byte_t cardbuf[USB_CMD_DATA_SIZE]; byte_t cardbuf[USB_CMD_DATA_SIZE] = {0x00};
memset(resp,0,sizeof(resp));
memset(dataout,0, sizeof(dataout));
memset(cardbuf,0,sizeof(cardbuf));
/* /*
1 = PCB 1 1 = PCB 1
@ -191,7 +183,6 @@ void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain
//uint8_t new_key_data8[8] = { 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77}; //uint8_t new_key_data8[8] = { 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77};
//uint8_t new_key_data16[16] = { 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,0x99,0xAA,0xBB,0xCC,0xDD,0xEE,0xFF}; //uint8_t new_key_data16[16] = { 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,0x99,0xAA,0xBB,0xCC,0xDD,0xEE,0xFF};
//uint8_t* bigbuffer = get_bigbufptr_recvrespbuf();
uint8_t resp[256] = {0x00}; uint8_t resp[256] = {0x00};
uint8_t IV[16] = {0x00}; uint8_t IV[16] = {0x00};
@ -219,7 +210,7 @@ void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain
case 1:{ case 1:{
if (algo == 1) { if (algo == 1) {
uint8_t keybytes[8]; uint8_t keybytes[8] = {0x00};
uint8_t RndA[8] = {0x00}; uint8_t RndA[8] = {0x00};
uint8_t RndB[8] = {0x00}; uint8_t RndB[8] = {0x00};
@ -268,7 +259,6 @@ void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain
for (int x = 0; x < 8; x++) { for (int x = 0; x < 8; x++) {
decRndB[x] = decRndB[x] ^ encRndA[x]; decRndB[x] = decRndB[x] ^ encRndA[x];
} }
des_dec(&encRndB, &decRndB, key->data); des_dec(&encRndB, &decRndB, key->data);
@ -366,14 +356,14 @@ void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain
case 3:{ case 3:{
//defaultkey //defaultkey
uint8_t keybytes[16]; uint8_t keybytes[16] = {0x00};
if (datain[1] == 0xff){ if (datain[1] == 0xff){
memcpy(keybytes,PICC_MASTER_KEY16,16); memcpy(keybytes,PICC_MASTER_KEY16,16);
} else{ } else{
memcpy(keybytes, datain+1, datalen); memcpy(keybytes, datain+1, datalen);
} }
struct desfire_key defaultkey = {0}; struct desfire_key defaultkey = {0x00};
desfirekey_t key = &defaultkey; desfirekey_t key = &defaultkey;
Desfire_aes_key_new( keybytes, key); Desfire_aes_key_new( keybytes, key);

13
armsrc/mifareutil.c
View file

@ -19,7 +19,7 @@
#include "crapto1.h" #include "crapto1.h"
#include "mifareutil.h" #include "mifareutil.h"
int MF_DBGLEVEL = MF_DBG_ALL; int MF_DBGLEVEL = MF_DBG_ERROR;
// memory management // memory management
uint8_t* get_bigbufptr_recvrespbuf(void) { uint8_t* get_bigbufptr_recvrespbuf(void) {
@ -638,7 +638,7 @@ int mifare_sendcmd_special(struct Crypto1State *pcs, uint8_t crypted, uint8_t cm
int len = ReaderReceive(answer, answer_parity); int len = ReaderReceive(answer, answer_parity);
if(!len) { if(!len) {
if (MF_DBGLEVEL >= 1) Dbprintf("Authentication failed. Card timeout."); if (MF_DBGLEVEL >= 1) Dbprintf("Authentication failed. Card timeout.");
return 2; return 1;
} }
return len; return len;
} }
@ -654,7 +654,7 @@ int mifare_sendcmd_special2(struct Crypto1State *pcs, uint8_t crypted, uint8_t c
int len = ReaderReceive(answer, answer_parity); int len = ReaderReceive(answer, answer_parity);
if(!len){ if(!len){
if (MF_DBGLEVEL >= 1) Dbprintf("Authentication failed. Card timeout."); if (MF_DBGLEVEL >= 1) Dbprintf("Authentication failed. Card timeout.");
return 2; return 1;
} }
return len; return len;
} }
@ -662,7 +662,7 @@ int mifare_sendcmd_special2(struct Crypto1State *pcs, uint8_t crypted, uint8_t c
int mifare_desfire_des_auth1(uint32_t uid, uint8_t *blockData){ int mifare_desfire_des_auth1(uint32_t uid, uint8_t *blockData){
// variables // variables
int len; int len;
// load key, keynumber // load key, keynumber
uint8_t data[2]={0x0a, 0x00}; uint8_t data[2]={0x0a, 0x00};
uint8_t* receivedAnswer = get_bigbufptr_recvrespbuf(); uint8_t* receivedAnswer = get_bigbufptr_recvrespbuf();
uint8_t *receivedAnswerPar = receivedAnswer + MAX_FRAME_SIZE; uint8_t *receivedAnswerPar = receivedAnswer + MAX_FRAME_SIZE;
@ -688,7 +688,8 @@ int mifare_desfire_des_auth1(uint32_t uid, uint8_t *blockData){
int mifare_desfire_des_auth2(uint32_t uid, uint8_t *key, uint8_t *blockData){ int mifare_desfire_des_auth2(uint32_t uid, uint8_t *key, uint8_t *blockData){
// variables // variables
int len; int len;
uint8_t data[17]={0xaf,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}; uint8_t data[17] = {0x00};
data[0] = 0xAF;
memcpy(data+1,key,16); memcpy(data+1,key,16);
uint8_t* receivedAnswer = get_bigbufptr_recvrespbuf(); uint8_t* receivedAnswer = get_bigbufptr_recvrespbuf();
@ -697,7 +698,7 @@ int mifare_desfire_des_auth2(uint32_t uid, uint8_t *key, uint8_t *blockData){
// command MIFARE_CLASSIC_READBLOCK // command MIFARE_CLASSIC_READBLOCK
len = mifare_sendcmd_special2(NULL, 1, 0x03, data, receivedAnswer, receivedAnswerPar ,NULL); len = mifare_sendcmd_special2(NULL, 1, 0x03, data, receivedAnswer, receivedAnswerPar ,NULL);
if ((receivedAnswer[0] == 0x03)&&(receivedAnswer[1] == 0xae)) { if ((receivedAnswer[0] == 0x03) && (receivedAnswer[1] == 0xae)) {
if (MF_DBGLEVEL >= 1) Dbprintf("Auth Error: %02x %02x", receivedAnswer[0], receivedAnswer[1]); if (MF_DBGLEVEL >= 1) Dbprintf("Auth Error: %02x %02x", receivedAnswer[0], receivedAnswer[1]);
return 1; return 1;
} }

2
client/cmdhf14a.c
View file

@ -649,7 +649,7 @@ static void waitCmd(uint8_t iSelect)
UsbCommand resp; UsbCommand resp;
char *hexout; char *hexout;
if (WaitForResponseTimeout(CMD_ACK,&resp,10000)) { if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
recv = resp.d.asBytes; recv = resp.d.asBytes;
uint8_t iLen = iSelect ? resp.arg[1] : resp.arg[0]; uint8_t iLen = iSelect ? resp.arg[1] : resp.arg[0];
PrintAndLog("received %i octets",iLen); PrintAndLog("received %i octets",iLen);

9
client/cmdhfmf.c
View file

@ -1983,9 +1983,6 @@ static command_t CommandTable[] =
{"help", CmdHelp, 1, "This help"}, {"help", CmdHelp, 1, "This help"},
{"dbg", CmdHF14AMfDbg, 0, "Set default debug mode"}, {"dbg", CmdHF14AMfDbg, 0, "Set default debug mode"},
{"rdbl", CmdHF14AMfRdBl, 0, "Read MIFARE classic block"}, {"rdbl", CmdHF14AMfRdBl, 0, "Read MIFARE classic block"},
//{"urdbl", CmdHF14AMfURdBl, 0, "Read MIFARE Ultralight block"},
//{"urdcard", CmdHF14AMfURdCard, 0,"Read MIFARE Ultralight Card"},
//{"uwrbl", CmdHF14AMfUWrBl, 0,"Write MIFARE Ultralight block"},
{"rdsc", CmdHF14AMfRdSc, 0, "Read MIFARE classic sector"}, {"rdsc", CmdHF14AMfRdSc, 0, "Read MIFARE classic sector"},
{"dump", CmdHF14AMfDump, 0, "Dump MIFARE classic tag to binary file"}, {"dump", CmdHF14AMfDump, 0, "Dump MIFARE classic tag to binary file"},
{"restore", CmdHF14AMfRestore, 0, "Restore MIFARE classic binary file to BLANK tag"}, {"restore", CmdHF14AMfRestore, 0, "Restore MIFARE classic binary file to BLANK tag"},
@ -2003,9 +2000,9 @@ static command_t CommandTable[] =
{"ecfill", CmdHF14AMfECFill, 0, "Fill simulator memory with help of keys from simulator"}, {"ecfill", CmdHF14AMfECFill, 0, "Fill simulator memory with help of keys from simulator"},
{"ekeyprn", CmdHF14AMfEKeyPrn, 0, "Print keys from simulator memory"}, {"ekeyprn", CmdHF14AMfEKeyPrn, 0, "Print keys from simulator memory"},
{"csetuid", CmdHF14AMfCSetUID, 0, "Set UID for magic Chinese card"}, {"csetuid", CmdHF14AMfCSetUID, 0, "Set UID for magic Chinese card"},
{"csetblk", CmdHF14AMfCSetBlk, 0, "Write block into magic Chinese card"}, {"csetblk", CmdHF14AMfCSetBlk, 0, "Write block - Magic Chinese card"},
{"cgetblk", CmdHF14AMfCGetBlk, 0, "Read block from magic Chinese card"}, {"cgetblk", CmdHF14AMfCGetBlk, 0, "Read block - Magic Chinese card"},
{"cgetsc", CmdHF14AMfCGetSc, 0, "Read sector from magic Chinese card"}, {"cgetsc", CmdHF14AMfCGetSc, 0, "Read sector - Magic Chinese card"},
{"cload", CmdHF14AMfCLoad, 0, "Load dump into magic Chinese card"}, {"cload", CmdHF14AMfCLoad, 0, "Load dump into magic Chinese card"},
{"csave", CmdHF14AMfCSave, 0, "Save dump from magic Chinese card into file or emulator"}, {"csave", CmdHF14AMfCSave, 0, "Save dump from magic Chinese card into file or emulator"},
{NULL, NULL, 0, NULL} {NULL, NULL, 0, NULL}

121
client/cmdhfmfu.c
View file

@ -20,6 +20,57 @@ uint8_t key5_ones_data[16] = { 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01
static int CmdHelp(const char *Cmd); static int CmdHelp(const char *Cmd);
int CmdHF14AMfUInfo(const char *Cmd){
uint8_t datatemp[7] = {0x00};
uint8_t isOK = 0;
uint8_t *data = NULL;
UsbCommand c = {CMD_MIFAREU_READCARD, {0, 4}};
SendCommand(&c);
UsbCommand resp;
if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
isOK = resp.arg[0] & 0xff;
data = resp.d.asBytes;
if (!isOK) {
PrintAndLog("Error reading from tag");
return -1;
}
} else {
PrintAndLog("Command execute timed out");
return -1;
}
// UID
memcpy( datatemp, data,3);
memcpy( datatemp+3, data+4, 4);
PrintAndLog(" UID :%s ", sprint_hex(datatemp, 7));
// BBC
// CT (cascade tag byte) 0x88 xor SN0 xor SN1 xor SN2
int crc0 = 0x88 ^ data[0] ^ data[1] ^data[2];
if ( data[3] == crc0 )
PrintAndLog(" BCC0 :%02x - Ok", data[3]);
else
PrintAndLog(" BCC0 :%02x - crc should be %02x", data[3], crc0);
int crc1 = data[4] ^ data[5] ^ data[6] ^data[7];
if ( data[8] == crc1 )
PrintAndLog(" BCC1 :%02x - Ok", data[8]);
else
PrintAndLog(" BCC1 :%02x - crc should be %02x", data[8], crc1 );
PrintAndLog(" Internal :%s ", sprint_hex(data + 9, 1));
memcpy(datatemp, data+10, 2);
PrintAndLog(" Lock :%s - %s", sprint_hex(datatemp, 2),printBits( 2, &datatemp) );
PrintAndLog(" OneTimePad :%s ", sprint_hex(data + 3*4, 4));
PrintAndLog("");
return 0;
}
// //
// Mifare Ultralight Write Single Block // Mifare Ultralight Write Single Block
// //
@ -172,19 +223,18 @@ int CmdHF14AMfURdBl(const char *Cmd){
int CmdHF14AMfURdCard(const char *Cmd){ int CmdHF14AMfURdCard(const char *Cmd){
int i; int i;
uint8_t BlockNo = 0; uint8_t BlockNo = 0;
int pages=16; int pages = 16;
uint8_t *lockbytes_t=NULL; uint8_t *lockbytes_t = NULL;
uint8_t lockbytes[2]={0x00}; uint8_t lockbytes[2] = {0x00};
bool bit[16]={0x00}; bool bit[16] = {0x00};
bool dump=false; bool dump = false;
uint8_t datatemp[7]= {0x00}; uint8_t datatemp[7] = {0x00};
uint8_t isOK = 0; uint8_t isOK = 0;
uint8_t * data = NULL; uint8_t * data = NULL;
FILE *fout = NULL; FILE *fout = NULL;
if (strchr(Cmd,'x') != 0){ if (strchr(Cmd,'x') != 0){
dump=true; dump = true;
if ((fout = fopen("dump_ultralight_data.bin","wb")) == NULL) { if ((fout = fopen("dump_ultralight_data.bin","wb")) == NULL) {
PrintAndLog("Could not create file name dumpdata.bin"); PrintAndLog("Could not create file name dumpdata.bin");
return 1; return 1;
@ -202,36 +252,6 @@ int CmdHF14AMfURdCard(const char *Cmd){
PrintAndLog("isOk:%02x", isOK); PrintAndLog("isOk:%02x", isOK);
if (isOK) { if (isOK) {
// UID
memcpy( datatemp, data,3);
memcpy( datatemp+3, data+4, 4);
PrintAndLog(" UID :%s ", sprint_hex(datatemp, 7));
// BBC
// CT (cascade tag byte) 0x88 xor SN0 xor SN1 xor SN2
int crc0 = 0x88 ^ data[0] ^ data[1] ^data[2];
if ( data[3] == crc0 ) {
PrintAndLog(" BCC0 :%02x - Ok", data[3]);
}
else{
PrintAndLog(" BCC0 :%02x - crc should be %02x", data[3], crc0);
}
int crc1 = data[4] ^ data[5] ^ data[6] ^data[7];
if ( data[8] == crc1 ){
PrintAndLog(" BCC1 :%02x - Ok", data[8]);
}
else{
PrintAndLog(" BCC1 :%02x - crc should be %02x", data[8], crc1 );
}
PrintAndLog(" Internal :%s ", sprint_hex(data + 9, 1));
memcpy(datatemp, data+10, 2);
PrintAndLog(" Lock :%s - %s", sprint_hex(datatemp, 2),printBits( 2, &datatemp) );
PrintAndLog(" OneTimePad :%s ", sprint_hex(data + 3*4, 4));
PrintAndLog("");
for (i = 0; i < pages; i++) { for (i = 0; i < pages; i++) {
switch(i){ switch(i){
case 2: case 2:
@ -320,7 +340,7 @@ int CmdHF14AMfURdCard(const char *Cmd){
} }
} }
} else { } else {
PrintAndLog("Command1 execute timeout"); PrintAndLog("Command execute timeout");
} }
if (dump) fclose(fout); if (dump) fclose(fout);
return 0; return 0;
@ -1131,17 +1151,18 @@ int CmdHF14AMfUCWrBl(const char *Cmd){
//------------------------------------ //------------------------------------
static command_t CommandTable[] = static command_t CommandTable[] =
{ {
{"help", CmdHelp, 1,"This help"}, {"help", CmdHelp, 1,"This help"},
{"dbg", CmdHF14AMfDbg, 0,"Set default debug mode"}, {"dbg", CmdHF14AMfDbg, 0,"Set default debug mode"},
{"urdbl", CmdHF14AMfURdBl, 0,"Read MIFARE Ultralight block"}, {"info", CmdHF14AMfUInfo, 0,"Taginfo"},
{"urdcard", CmdHF14AMfURdCard, 0,"Read MIFARE Ultralight Card"}, {"rdbl", CmdHF14AMfURdBl, 0,"Read block - MIFARE Ultralight"},
{"udump", CmdHF14AMfUDump, 0,"Dump MIFARE Ultralight tag to binary file"}, {"rdcard", CmdHF14AMfURdCard, 0,"Read card - MIFARE Ultralight"},
{"uwrbl", CmdHF14AMfUWrBl, 0,"Write MIFARE Ultralight block"}, {"dump", CmdHF14AMfUDump, 0,"Dump MIFARE Ultralight tag to binary file"},
{"ucrdbl", CmdHF14AMfUCRdBl, 0,"Read MIFARE Ultralight C block"}, {"wrbl", CmdHF14AMfUWrBl, 0,"Write block - MIFARE Ultralight"},
{"ucrdcard",CmdHF14AMfUCRdCard, 0,"Read MIFARE Ultralight C Card"}, {"crdbl", CmdHF14AMfUCRdBl, 0,"Read block - MIFARE Ultralight C"},
{"ucdump", CmdHF14AMfUCDump, 0,"Dump MIFARE Ultralight C tag to binary file"}, {"crdcard", CmdHF14AMfUCRdCard, 0,"Read card - MIFARE Ultralight C"},
{"ucwrbl", CmdHF14AMfUCWrBl, 0,"Write MIFARE Ultralight C block"}, {"cdump", CmdHF14AMfUCDump, 0,"Dump MIFARE Ultralight C tag to binary file"},
{"auth", CmdHF14AMfucAuth, 0,"Ultralight C Authentication"}, {"cwrbl", CmdHF14AMfUCWrBl, 0,"Write MIFARE Ultralight C block"},
{"cauth", CmdHF14AMfucAuth, 0,"try a Ultralight C Authentication"},
{NULL, NULL, 0, NULL} {NULL, NULL, 0, NULL}
}; };

2
client/cmdhfmfu.h
View file

@ -1,5 +1,6 @@
#include "cmdhfmf.h" #include "cmdhfmf.h"
//standard ultralight //standard ultralight
int CmdHF14AMfUWrBl(const char *Cmd); int CmdHF14AMfUWrBl(const char *Cmd);
int CmdHF14AMfURdBl(const char *Cmd); int CmdHF14AMfURdBl(const char *Cmd);
@ -14,3 +15,4 @@ void rol (uint8_t *data, const size_t len);
//general stuff //general stuff
int CmdHFMFUltra(const char *Cmd); int CmdHFMFUltra(const char *Cmd);
int CmdHF14AMfUInfo(const char *Cmd)