From d668da08bfb421720d81a51ee95aa97c3dd1a86b Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Fri, 10 Jan 2025 09:21:29 +0100 Subject: [PATCH 01/11] Fix 'hf mf ginfo': allow offline parsing and fix parsing when ATS len!=16 --- client/src/cmdhfmf.c | 32 ++++++++++++++++++++------------ 1 file changed, 20 insertions(+), 12 deletions(-) diff --git a/client/src/cmdhfmf.c b/client/src/cmdhfmf.c index 5a0724c8d..8c8208235 100644 --- a/client/src/cmdhfmf.c +++ b/client/src/cmdhfmf.c @@ -7942,11 +7942,11 @@ static int parse_gtu_cfg(uint8_t *d, size_t n) { uint8_t atslen = d[7]; if (atslen == 0) { - PrintAndLogEx(INFO, ".............. ATS length %u bytes ( %s )", atslen, _YELLOW_("zero")); + PrintAndLogEx(INFO, "..............%02X ATS length %u bytes ( %s )", d[7], atslen, _YELLOW_("zero")); } else if (atslen <= 16) { - PrintAndLogEx(INFO, ".............. ATS length %u bytes ( %s )", atslen, _GREEN_("ok")); + PrintAndLogEx(INFO, "..............%02X ATS length %u bytes ( %s )", d[7], atslen, _GREEN_("ok")); } else { - PrintAndLogEx(INFO, ".............. ATS length %u bytes ( %s )", atslen, _RED_("fail")); + PrintAndLogEx(INFO, "..............%02X ATS length %u bytes ( %s )", d[7], atslen, _RED_("fail")); atslen = 0; } @@ -7955,7 +7955,7 @@ static int parse_gtu_cfg(uint8_t *d, size_t n) { // ATS seems to have 16 bytes reserved PrintAndLogEx(INFO, _CYAN_("Config 2 - ATS")); PrintAndLogEx(INFO, "%s", sprint_hex_inrow(d + 8, 16)); - if (atslen <= 16) { + if ((atslen > 0) && (atslen <= 16)) { PrintAndLogEx(INFO, "%s.............. ATS ( %d bytes )", sprint_hex_inrow(&d[8], d[7]), d[7]); PrintAndLogEx(INFO, "..................%s Reserved for ATS", sprint_hex_inrow(d + 8 + d[7], 16 - d[7])); } else { @@ -8044,15 +8044,23 @@ static int CmdHF14AGen4Info(const char *cmd) { size_t resplen = 0; int res = 0; - if (dlen != 32) { - res = mfG4GetConfig(pwd, resp, &resplen, verbose); - if (res != PM3_SUCCESS || resplen == 0) { - if (res == PM3_ETIMEOUT) - PrintAndLogEx(ERR, "No card in the field or card command timeout."); - else - PrintAndLogEx(ERR, "Error get config. Maybe not a Gen4 card?. error=%d rlen=%zu", res, resplen); + if (dlen == 0) { + if (IfPm3Iso14443a()) { + res = mfG4GetConfig(pwd, resp, &resplen, verbose); + if (res != PM3_SUCCESS || resplen == 0) { + if (res == PM3_ETIMEOUT) + PrintAndLogEx(ERR, "No card in the field or card command timeout."); + else + PrintAndLogEx(ERR, "Error get config. Maybe not a Gen4 card?. error=%d rlen=%zu", res, resplen); + return PM3_ESOFT; + } + } else { + PrintAndLogEx(ERR, "Offline mode, please provide data"); return PM3_ESOFT; } + } else if (dlen != 32) { + PrintAndLogEx(FAILED, "Data must be 32 bytes length, got " _YELLOW_("%u"), dlen); + return PM3_EINVARG; } else { memcpy(resp, data, dlen); resplen = 32; @@ -10139,7 +10147,7 @@ static command_t CommandTable[] = { {"gen3blk", CmdHf14AGen3Block, IfPm3Iso14443a, "Overwrite manufacturer block"}, {"gen3freeze", CmdHf14AGen3Freeze, IfPm3Iso14443a, "Perma lock UID changes. irreversible"}, {"-----------", CmdHelp, IfPm3Iso14443a, "-------------------- " _CYAN_("magic gen4 GTU") " --------------------------"}, - {"ginfo", CmdHF14AGen4Info, IfPm3Iso14443a, "Info about configuration of the card"}, + {"ginfo", CmdHF14AGen4Info, AlwaysAvailable, "Info about configuration of the card"}, {"ggetblk", CmdHF14AGen4GetBlk, IfPm3Iso14443a, "Read block from card"}, {"gload", CmdHF14AGen4Load, IfPm3Iso14443a, "Load dump to card"}, {"gsave", CmdHF14AGen4Save, IfPm3Iso14443a, "Save dump from card into file or emulator"}, From 7637fa01508ddd3bf90aa9b54a52b9d7663e6f94 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Fri, 10 Jan 2025 09:36:37 +0100 Subject: [PATCH 02/11] fix offline hf mf ginfo --- client/src/cmdhfmf.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/client/src/cmdhfmf.c b/client/src/cmdhfmf.c index 8c8208235..981b2646f 100644 --- a/client/src/cmdhfmf.c +++ b/client/src/cmdhfmf.c @@ -8067,6 +8067,9 @@ static int CmdHF14AGen4Info(const char *cmd) { } parse_gtu_cfg(resp, resplen); + if (! IfPm3Iso14443a()) { + return PM3_SUCCESS; + } uint8_t uid_len = resp[1]; From 7eefd358d3def0e1b42b2fb1ba2dcd2e01259e50 Mon Sep 17 00:00:00 2001 From: Henry Gabryjelski Date: Fri, 10 Jan 2025 12:06:49 -0800 Subject: [PATCH 03/11] Allow manual initiation of CodeQL --- .github/workflows/codeql-analysis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index efac3fd69..d9ce0a0de 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -12,6 +12,7 @@ name: "CodeQL" on: + workflow_dispatch: push: branches: [ master ] pull_request: From 4c6ccfedc195efc6c50001a66e42e7a2c0c86f5a Mon Sep 17 00:00:00 2001 From: Henry Gabryjelski Date: Fri, 10 Jan 2025 12:20:17 -0800 Subject: [PATCH 04/11] See if this avoids changelist warnings when building in a fork --- .github/workflows/rebase.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/rebase.yml b/.github/workflows/rebase.yml index b1cc0e0c1..f93d60a5a 100644 --- a/.github/workflows/rebase.yml +++ b/.github/workflows/rebase.yml @@ -2,6 +2,7 @@ on: pull_request_target name: Changelog Reminder jobs: remind: + if: github.repository_owner = 'RfidResearchGroup' name: Changelog Reminder runs-on: ubuntu-latest steps: From 65b9348ad97096c2d60fc2dd3889b88f1c42ad0a Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Sat, 11 Jan 2025 19:18:33 +0100 Subject: [PATCH 05/11] modified lf hitag chk to show progress, added user side abort, and a minor delay since I noticed proxmark timeouts if running unlimited --- CHANGELOG.md | 3 ++- client/src/cmdlfhitag.c | 17 ++++++++++++++++- 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7207389e1..0d0542268 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file. This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... ## [unreleased][unreleased] +- Changed `lf hitag chk` - added key counter, client side abort and minor delay (@iceman1001) - Added `hf seos sam` - Added support for HID SAM SEOS communications (@jkramarz) - Changed (extended) area accessible by spiffs into last page of FLASH (@piotrva) - Changed flash-stored key dictionaries (Mifare, iClass, T55XX) and T55XX configurations to SPIFFS files (@piotrva) @@ -27,7 +28,7 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac - Added simulation function to `hf iclass legrec` (@antiklesys) - Added keys from Momentum firmware projects. (@onovy) - Added Dutch Statistics Agency default key (@eagle00789) -- Changed hf mf autopwn - now allows for custom suffix (@zxkmm) +- Changed `hf mf autopwn` - now allows for custom suffix (@zxkmm) ## [Orca.4.19552][2024-11-22] - Fixed `hf_legic.lua` - removed bit32 commands from the script (@diorch1968) diff --git a/client/src/cmdlfhitag.c b/client/src/cmdlfhitag.c index 0c8956d75..7fac8fa45 100644 --- a/client/src/cmdlfhitag.c +++ b/client/src/cmdlfhitag.c @@ -488,8 +488,23 @@ static int ht2_check_dictionary(uint32_t key_count, uint8_t *keys, uint8_t keyl uint8_t *pkeys = keys; + uint32_t toti = key_count; + uint32_t cnt = 0; + while (key_count--) { + cnt++; + + if (kbd_enter_pressed()) { + SendCommandNG(CMD_BREAK_LOOP, NULL, 0); + PrintAndLogEx(INFO, "User aborted"); + break; + } + + PrintAndLogEx(INPLACE, "Checking Keys %u / %u", cnt, toti); + + msleep(30); + if (keylen == 4) { packet.cmd = HT2F_PASSWORD; memcpy(packet.pwd, pkeys, keylen); @@ -503,7 +518,7 @@ static int ht2_check_dictionary(uint32_t key_count, uint8_t *keys, uint8_t keyl clearCommandBuffer(); SendCommandNG(CMD_LF_HITAG_READER, (uint8_t *)&packet, sizeof(packet)); PacketResponseNG resp; - if (WaitForResponseTimeout(CMD_LF_HITAG_READER, &resp, 2000) == false) { + if (WaitForResponseTimeout(CMD_LF_HITAG_READER, &resp, 4000) == false) { PrintAndLogEx(WARNING, "timeout while waiting for reply."); SendCommandNG(CMD_BREAK_LOOP, NULL, 0); return PM3_ETIMEOUT; From c4b24d48b90ce2b2c03c850557327d943a1368b8 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 12 Jan 2025 18:08:52 +0100 Subject: [PATCH 06/11] Update manufacturer list with 2022 info --- client/src/cmdhf14a.c | 30 +++++++++++++++++++++++------- 1 file changed, 23 insertions(+), 7 deletions(-) diff --git a/client/src/cmdhf14a.c b/client/src/cmdhf14a.c index 03e8585e1..9203a05ae 100644 --- a/client/src/cmdhf14a.c +++ b/client/src/cmdhf14a.c @@ -103,12 +103,12 @@ static const manufactureName_t manufactureMapping[] = { { 0x0F, "Hynix / Hyundai, Korea" }, { 0x10, "LG-Semiconductors Co. Ltd Korea" }, { 0x11, "Emosyn-EM Microelectronics USA" }, - { 0x12, "INSIDE Technology France" }, + { 0x12, "Wisekey Semiconductors (previously INSIDE Technology) France" }, { 0x13, "ORGA Kartensysteme GmbH Germany" }, { 0x14, "SHARP Corporation Japan" }, { 0x15, "ATMEL France" }, { 0x16, "EM Microelectronic-Marin SA Switzerland" }, - { 0x17, "KSW Microtec GmbH Germany" }, + { 0x17, "SMARTRAC TECHNOLOGY GmbH Germany" }, { 0x18, "ZMD AG Germany" }, { 0x19, "XICOR, Inc. USA" }, { 0x1A, "Sony Corporation Japan" }, @@ -124,7 +124,7 @@ static const manufactureName_t manufactureMapping[] = { { 0x24, "Masktech Germany Gmbh Germany" }, { 0x25, "Innovision Research and Technology Plc UK" }, { 0x26, "Hitachi ULSI Systems Co., Ltd. Japan" }, - { 0x27, "Cypak AB Sweden" }, + { 0x27, "Yubico AB Sweden" }, { 0x28, "Ricoh Japan" }, { 0x29, "ASK France" }, { 0x2A, "Unicore Microsystems, LLC Russian Federation" }, @@ -140,7 +140,7 @@ static const manufactureName_t manufactureMapping[] = { { 0x34, "Mikron JSC Russia" }, { 0x35, "Fraunhofer Institute for Photonic Microsystems Germany" }, { 0x36, "IDS Microchip AG Switzerland" }, - { 0x37, "Thinfilm - Kovio USA" }, + { 0x37, "Kovio USA" }, { 0x38, "HMT Microelectronic Ltd Switzerland" }, { 0x39, "Silicon Craft Technology Thailand" }, { 0x3A, "Advanced Film Device Inc. Japan" }, @@ -185,18 +185,34 @@ static const manufactureName_t manufactureMapping[] = { { 0x61, "Wearlinks Technology Inc. China" }, { 0x62, "Userstar Information Systems Co., Ltd Taiwan" }, { 0x63, "Pragmatic Printing Ltd. UK" }, - { 0x64, "Associacao do Laboratorio de Sistemas Integraveis Tecnologico - LSI-TEC Brazil" }, + { 0x64, "Associação do Laboratório de Sistemas Integráveis Tecnológico - LSI-TEC Brazil" }, { 0x65, "Tendyron Corporation China" }, { 0x66, "MUTO Smart Co., Ltd. Korea" }, { 0x67, "ON Semiconductor USA" }, - { 0x68, "TUBITAK BILGEM Turkey" }, + { 0x68, "TÜBİTAK BİLGEM Turkey" }, { 0x69, "Huada Semiconductor Co., Ltd China" }, { 0x6A, "SEVENEY France" }, - { 0x6B, "ISSM France" }, + { 0x6B, "THALES DIS Design Services SAS (previously ISSM) France" }, { 0x6C, "Wisesec Ltd Israel" }, + { 0x6D, "LTD \"NM-Teh\" Russia" }, + { 0x70, "ifm electronic gmbh Germany" }, + { 0x71, "Sichuan Kiloway Technologies Co., Ltd. China" }, + { 0x72, "Ford Motor Company US" }, + { 0x73, "Beijing Tsingteng MicroSystem Co.,Ltd China" }, + { 0x74, "Huada EverCore Co., Ltd China" }, + { 0x75, "Smartchip Microelectronics Corporation Taiwan" }, + { 0x76, "Tongxin Microelectronics Co., Ltd. China" }, + { 0x77, "Ningbo IOT Microelectronics Co Ltd China" }, + { 0x78, "AU Optronics Taiwan" }, + { 0x79, "CUBIC USA" }, + { 0x7A, "Abbott Diabetes Care USA" }, + { 0x7B, "Shenzen Nation RFID Technology Co Ltd China" }, { 0x7C, "DB HiTek Co Ltd Korea" }, { 0x7D, "SATO Vicinity Australia" }, { 0x7E, "Holtek Taiwan" }, + { 0x7F, "Shenzhen Goodix Technology Co., Ltd. China" }, + { 0x80, "Panthronics AG Austria" }, + { 0x81, "Beijing Huada Infosec Technology Co., Ltd China"}, { 0x00, "no tag-info available" } // must be the last entry }; From ab96b74110fa38a78bd2331ab3ea9334aff3bd03 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 12 Jan 2025 18:26:47 +0100 Subject: [PATCH 07/11] ref --- client/src/cmdhf14a.c | 1 + 1 file changed, 1 insertion(+) diff --git a/client/src/cmdhf14a.c b/client/src/cmdhf14a.c index 9203a05ae..939c2b257 100644 --- a/client/src/cmdhf14a.c +++ b/client/src/cmdhf14a.c @@ -84,6 +84,7 @@ static const iso14a_polling_frame_t ECP_FRAME = { }; +// based on ISO/IEC JTC1/SC17 STANDING DOCUMENT 5 (Updated 25 February 2022) Register of IC manufacturers static const manufactureName_t manufactureMapping[] = { // ID, "Vendor Country" { 0x01, "Motorola UK" }, From d481a21e545a900af3c255f9637d98fab7fcbf39 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 12 Jan 2025 18:50:16 +0100 Subject: [PATCH 08/11] Update manufacturer list with 2024 info --- client/src/cmdhf14a.c | 33 ++++++++++++++++++++++++++++----- 1 file changed, 28 insertions(+), 5 deletions(-) diff --git a/client/src/cmdhf14a.c b/client/src/cmdhf14a.c index 939c2b257..49bf3cc05 100644 --- a/client/src/cmdhf14a.c +++ b/client/src/cmdhf14a.c @@ -84,7 +84,7 @@ static const iso14a_polling_frame_t ECP_FRAME = { }; -// based on ISO/IEC JTC1/SC17 STANDING DOCUMENT 5 (Updated 25 February 2022) Register of IC manufacturers +// based on ISO/IEC JTC1/SC17 STANDING DOCUMENT 5 (Updated 20 September 2024) Register of IC manufacturers static const manufactureName_t manufactureMapping[] = { // ID, "Vendor Country" { 0x01, "Motorola UK" }, @@ -150,12 +150,12 @@ static const manufactureName_t manufactureMapping[] = { { 0x3D, "HID Global USA" }, { 0x3E, "Productivity Engineering Gmbh Germany" }, { 0x3F, "Austriamicrosystems AG (reserved) Austria" }, - { 0x40, "Gemalto SA France" }, + { 0x40, "Thales DIS (previously Gemalto SA) France" }, { 0x41, "Renesas Electronics Corporation Japan" }, { 0x42, "3Alogics Inc Korea" }, { 0x43, "Top TroniQ Asia Limited Hong Kong" }, { 0x44, "Gentag Inc. USA" }, - { 0x45, "Invengo Information Technology Co.Ltd China" }, + { 0x45, "Invengo Information Technology Co. Ltd China" }, { 0x46, "Guangzhou Sysur Microelectronics, Inc China" }, { 0x47, "CEITEC S.A. Brazil" }, { 0x48, "Shanghai Quanray Electronics Co. Ltd. China" }, @@ -166,7 +166,7 @@ static const manufactureName_t manufactureMapping[] = { { 0x4D, "Balluff GmbH Germany" }, { 0x4E, "Oberthur Technologies France" }, { 0x4F, "Silterra Malaysia Sdn. Bhd. Malaysia" }, - { 0x50, "DELTA Danish Electronics, Light & Acoustics Denmark" }, + { 0x50, "Presto Engineering Denmark" }, { 0x51, "Giesecke & Devrient GmbH Germany" }, { 0x52, "Shenzhen China Vision Microelectronics Co., Ltd. China" }, { 0x53, "Shanghai Feiju Microelectronics Co. Ltd. China" }, @@ -211,9 +211,32 @@ static const manufactureName_t manufactureMapping[] = { { 0x7C, "DB HiTek Co Ltd Korea" }, { 0x7D, "SATO Vicinity Australia" }, { 0x7E, "Holtek Taiwan" }, + // Previously, following entries were listed in the doc as 0x7f, 0x80 etc. + // Now, they are listed as 'FF 00', 'FF 01',... { 0x7F, "Shenzhen Goodix Technology Co., Ltd. China" }, { 0x80, "Panthronics AG Austria" }, - { 0x81, "Beijing Huada Infosec Technology Co., Ltd China"}, + { 0x81, "Beijing Huada Infosec Technology Co., Ltd China" }, + { 0x82, "Shanghai Oriental Magnetic Card Engineering Co Ltd. China" }, + { 0x83, "8ApeX Inc USA" }, + { 0x84, "Abbott Ireland" }, + { 0x85, "Proqure Inc USA" }, + { 0x86, "Schreiner Group GmbH & Co. KG Germany" }, + { 0x87, "Beijing SmartChip Microelectronics Technology Company Limited China" }, + { 0x88, "Datang Microelectronics Technology Co., Ltd. China" }, + { 0x89, "Wise Security Technology (Guangzhou) Co., Ltd. China" }, + { 0x8A, "CEC Huada Electronic Design Co., Ltd. China" }, + { 0x8B, "Shanghai Techsun RFID Technology Co., Ltd. China" }, + { 0x8C, "North China Institute of Computing Technology China" }, + { 0x8D, "Shanghai Huahong Integrated Circuit Co., Ltd. China" }, + { 0x8E, "Shanghai MintSilicon Microelectronics Inc., Ltd. China" }, + { 0x8F, "Xinsheng Technology Co., Ltd. China" }, + { 0x90, "IDEX Biometrics ASA Norway" }, + { 0x91, "Novo Nordisk A/S Denmark" }, + { 0x92, "Shandong Huayi Micro-Electronics Technology Co., Ltd. China" }, + { 0x93, "Abbott Heart Failure USA" }, + { 0x94, "P&M Information Technology (Shenzhen) Co., Ltd. China" }, + { 0x95, "MARS TECHNOLOGY PTE. LTD. Singapore" }, + { 0x96, "Trovan Limited Isle of Man" }, { 0x00, "no tag-info available" } // must be the last entry }; From 52b2c731397a0e557e11014b00cd74717a5e163e Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 12 Jan 2025 19:19:00 +0100 Subject: [PATCH 09/11] trying to fix Proxspace compilation, might need some more trials... --- client/src/cmdhf14a.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/src/cmdhf14a.c b/client/src/cmdhf14a.c index 49bf3cc05..bdc32077b 100644 --- a/client/src/cmdhf14a.c +++ b/client/src/cmdhf14a.c @@ -190,7 +190,7 @@ static const manufactureName_t manufactureMapping[] = { { 0x65, "Tendyron Corporation China" }, { 0x66, "MUTO Smart Co., Ltd. Korea" }, { 0x67, "ON Semiconductor USA" }, - { 0x68, "TÜBİTAK BİLGEM Turkey" }, + { 0x68, "TÜBITAK BILGEM Turkey" }, // Don't use "İ", Proxspace doesn't like it { 0x69, "Huada Semiconductor Co., Ltd China" }, { 0x6A, "SEVENEY France" }, { 0x6B, "THALES DIS Design Services SAS (previously ISSM) France" }, From 97953d1ef336a57abe2d4401a9358c04de316382 Mon Sep 17 00:00:00 2001 From: nvx Date: Tue, 14 Jan 2025 22:00:17 +1000 Subject: [PATCH 10/11] fix hf mf csetuid --gdm --- client/src/mifare/mifarehost.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/src/mifare/mifarehost.c b/client/src/mifare/mifarehost.c index 7e44df14a..28969b1bd 100644 --- a/client/src/mifare/mifarehost.c +++ b/client/src/mifare/mifarehost.c @@ -1144,7 +1144,7 @@ int mf_chinese_set_uid(uint8_t *uid, uint8_t uidlen, const uint8_t *atqa, const res = mf_chinese_set_block(0, block0, NULL, params); if (res == PM3_SUCCESS) { - params = MAGIC_SINGLE | MAGIC_WUPC; + params = MAGIC_SINGLE | (gdm ? MAGIC_GDM_ALT_WUPC : MAGIC_WUPC); memset(block0, 0, sizeof(block0)); res = mf_chinese_get_block(0, block0, params); if (res == 0) { From 29e0c51393702ca0f32bed1f3a67b35cdedea865 Mon Sep 17 00:00:00 2001 From: nvx Date: Tue, 14 Jan 2025 22:36:59 +1000 Subject: [PATCH 11/11] Changed `hf mf info` - now differentiates between full USCUID and cut down ZUID chips --- CHANGELOG.md | 1 + armsrc/mifarecmd.c | 12 +++++++++++- client/src/cmdhf14a.c | 2 +- client/src/mifare/mifarehost.c | 4 ++++ include/protocols.h | 29 +++++++++++++++-------------- 5 files changed, 32 insertions(+), 16 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0d0542268..6d3de96f2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file. This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... ## [unreleased][unreleased] +- Changed `hf mf info` - now differentiates between full USCUID and cut down ZUID chips (@nvx) - Changed `lf hitag chk` - added key counter, client side abort and minor delay (@iceman1001) - Added `hf seos sam` - Added support for HID SAM SEOS communications (@jkramarz) - Changed (extended) area accessible by spiffs into last page of FLASH (@piotrva) diff --git a/armsrc/mifarecmd.c b/armsrc/mifarecmd.c index bf308364d..46c032011 100644 --- a/armsrc/mifarecmd.c +++ b/armsrc/mifarecmd.c @@ -2927,6 +2927,7 @@ void MifareCIdent(bool is_mfc, uint8_t keytype, uint8_t *key) { uint8_t rdbl00[4] = {ISO14443A_CMD_READBLOCK, 0x00, 0x02, 0xa8}; uint8_t gen4gdmAuth[4] = {MIFARE_MAGIC_GDM_AUTH_KEY, 0x00, 0x6C, 0x92}; uint8_t gen4gdmGetConf[4] = {MIFARE_MAGIC_GDM_READ_CFG, 0x00, 0x39, 0xF7}; + uint8_t gen4gdmGetMagicBlock[4] = {MIFARE_MAGIC_GDM_READBLOCK, 0x00, 0xC2, 0x66}; uint8_t gen4GetConf[8] = {GEN_4GTU_CMD, 0x00, 0x00, 0x00, 0x00, GEN_4GTU_GETCNF, 0, 0}; uint8_t superGen1[9] = {0x0A, 0x00, 0x00, 0xA6, 0xB0, 0x00, 0x10, 0x14, 0x1D}; bool isGen2 = false; @@ -2955,7 +2956,16 @@ void MifareCIdent(bool is_mfc, uint8_t keytype, uint8_t *key) { ReaderTransmit(gen4gdmGetConf, sizeof(gen4gdmGetConf), NULL); res = ReaderReceive(buf, PM3_CMD_DATA_SIZE, par); if (res > 1) { - flag |= MAGIC_FLAG_GDM_WUP_40; + // could be ZUID or full USCUID, the magic blocks don't exist on ZUID so + // a failure here indicates a feature limited chip like ZUID + // check for GDM hidden block read + ReaderTransmit(gen4gdmGetMagicBlock, sizeof(gen4gdmGetMagicBlock), NULL); + res = ReaderReceive(buf, PM3_CMD_DATA_SIZE, par); + if (res > 1) { + flag |= MAGIC_FLAG_GDM_WUP_40; + } else { + flag |= MAGIC_FLAG_GDM_WUP_40_ZUID; + } } } diff --git a/client/src/cmdhf14a.c b/client/src/cmdhf14a.c index bdc32077b..f2d573a8c 100644 --- a/client/src/cmdhf14a.c +++ b/client/src/cmdhf14a.c @@ -2761,7 +2761,7 @@ int infoHF14A(bool verbose, bool do_nack_test, bool do_aid_search) { PrintAndLogEx(HINT, "Hint: use `" _YELLOW_("hf mf c*") "` magic commands"); // if GEN4 GDM in Gen1a more, hint about it - if ((isMagic & MAGIC_FLAG_GDM_WUP_40) == MAGIC_FLAG_GDM_WUP_40) { + if (((isMagic & MAGIC_FLAG_GDM_WUP_40) == MAGIC_FLAG_GDM_WUP_40) || ((isMagic & MAGIC_FLAG_GDM_WUP_40_ZUID) == MAGIC_FLAG_GDM_WUP_40_ZUID)) { PrintAndLogEx(HINT, "Hint: use `" _YELLOW_("hf mf gdm* --gen1a") "` magic commands"); } } diff --git a/client/src/mifare/mifarehost.c b/client/src/mifare/mifarehost.c index 7e44df14a..849c06f15 100644 --- a/client/src/mifare/mifarehost.c +++ b/client/src/mifare/mifarehost.c @@ -1614,6 +1614,10 @@ uint16_t detect_mf_magic(bool is_mfc, uint8_t key_type, uint64_t key) { PrintAndLogEx(SUCCESS, "Magic capabilities... " _GREEN_("Gen 4 GDM / USCUID") " ( Gen1 Magic Wakeup )"); } + if ((isMagic & MAGIC_FLAG_GDM_WUP_40_ZUID) == MAGIC_FLAG_GDM_WUP_40_ZUID) { + PrintAndLogEx(SUCCESS, "Magic capabilities... " _GREEN_("Gen 4 GDM / USCUID") " ( ZUID Gen1 Magic Wakeup )"); + } + if ((isMagic & MAGIC_FLAG_GEN_UNFUSED) == MAGIC_FLAG_GEN_UNFUSED) { PrintAndLogEx(SUCCESS, "Magic capabilities... " _GREEN_("Write Once / FUID")); } diff --git a/include/protocols.h b/include/protocols.h index 3591a8dc2..dbb60aa5e 100644 --- a/include/protocols.h +++ b/include/protocols.h @@ -263,20 +263,21 @@ ISO 7816-4 Basic interindustry commands. For command APDU's. #define MAGIC_SINGLE (MAGIC_HALT | MAGIC_INIT | MAGIC_OFF) //0x1E // by CMD_HF_MIFARE_CIDENT / Flags -#define MAGIC_FLAG_NONE 0x0000 -#define MAGIC_FLAG_GEN_1A 0x0001 -#define MAGIC_FLAG_GEN_1B 0x0002 -#define MAGIC_FLAG_GEN_2 0x0004 -#define MAGIC_FLAG_GEN_UNFUSED 0x0008 -#define MAGIC_FLAG_SUPER_GEN1 0x0010 -#define MAGIC_FLAG_SUPER_GEN2 0x0020 -#define MAGIC_FLAG_NTAG21X 0x0040 -#define MAGIC_FLAG_GEN_3 0x0080 -#define MAGIC_FLAG_GEN_4GTU 0x0100 -#define MAGIC_FLAG_GDM_AUTH 0x0200 -#define MAGIC_FLAG_QL88 0x0400 -#define MAGIC_FLAG_GDM_WUP_20 0x0800 -#define MAGIC_FLAG_GDM_WUP_40 0x1000 +#define MAGIC_FLAG_NONE 0x0000 +#define MAGIC_FLAG_GEN_1A 0x0001 +#define MAGIC_FLAG_GEN_1B 0x0002 +#define MAGIC_FLAG_GEN_2 0x0004 +#define MAGIC_FLAG_GEN_UNFUSED 0x0008 +#define MAGIC_FLAG_SUPER_GEN1 0x0010 +#define MAGIC_FLAG_SUPER_GEN2 0x0020 +#define MAGIC_FLAG_NTAG21X 0x0040 +#define MAGIC_FLAG_GEN_3 0x0080 +#define MAGIC_FLAG_GEN_4GTU 0x0100 +#define MAGIC_FLAG_GDM_AUTH 0x0200 +#define MAGIC_FLAG_QL88 0x0400 +#define MAGIC_FLAG_GDM_WUP_20 0x0800 +#define MAGIC_FLAG_GDM_WUP_40 0x1000 +#define MAGIC_FLAG_GDM_WUP_40_ZUID 0x2000 // Commands for configuration of Gen4 GTU cards.