From e727fe5818cbba21c21c9da97bbc79cb2baa535e Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 24 May 2019 07:06:08 -0400 Subject: [PATCH] chf: lf asksim - uses NG --- armsrc/appmain.c | 6 ++++-- armsrc/apps.h | 3 ++- armsrc/lfops.c | 6 +----- client/cmdlf.c | 23 ++++++++++++++++++----- client/cmdlffdx.c | 22 ++++++++++++++++------ client/cmdlfguard.c | 24 +++++++++++++++++------- client/cmdlfjablotron.c | 19 +++++++++++++++---- client/cmdlfnedap.c | 17 +++++++++++++---- client/cmdlfnoralsy.c | 21 +++++++++++++++------ client/cmdlfpresco.c | 21 ++++++++++++++++----- client/cmdlft55xx.c | 2 +- client/cmdlfviking.c | 28 +++++++++++++++++++--------- client/cmdlfvisa2000.c | 23 ++++++++++++++++------- include/pm3_cmd.h | 9 +++++++++ 14 files changed, 162 insertions(+), 62 deletions(-) diff --git a/armsrc/appmain.c b/armsrc/appmain.c index 7a86c5b49..24dd79826 100644 --- a/armsrc/appmain.c +++ b/armsrc/appmain.c @@ -787,9 +787,11 @@ static void PacketReceived(PacketCommandNG *packet) { CmdFSKsimTAG(payload->fchigh, payload->fclow, payload->separator, payload->clock, packet->length - sizeof(lf_fsksim_t), payload->data, 1); break; } - case CMD_ASK_SIM_TAG: - CmdASKsimTag(packet->oldarg[0], packet->oldarg[1], packet->oldarg[2], packet->data.asBytes, 1); + case CMD_ASK_SIM_TAG: { + lf_asksim_t *payload = (lf_asksim_t *)packet->data.asBytes; + CmdASKsimTAG(payload->encoding, payload->invert, payload->separator, payload->clock, packet->length - sizeof(lf_asksim_t), payload->data, 1); break; + } case CMD_PSK_SIM_TAG: CmdPSKsimTag(packet->oldarg[0], packet->oldarg[1], packet->oldarg[2], packet->data.asBytes, 1); break; diff --git a/armsrc/apps.h b/armsrc/apps.h index 6e845349b..7ca3d5178 100644 --- a/armsrc/apps.h +++ b/armsrc/apps.h @@ -88,9 +88,10 @@ void CmdHIDsimTAGEx(uint32_t hi, uint32_t lo, int ledcontrol, int numcycles); void CmdHIDsimTAG(uint32_t hi, uint32_t lo, int ledcontrol); void CmdFSKsimTAG(uint8_t fchigh, uint8_t fclow, uint8_t separator, uint8_t clock, uint16_t bitslen, uint8_t *bits, int ledcontrol); +void CmdASKsimTAG(uint8_t encoding, uint8_t invert, uint8_t separator, uint8_t clk, size_t size, uint8_t *bits, int ledcontrol); -void CmdASKsimTag(uint16_t arg1, uint16_t arg2, size_t size, uint8_t *bits, int ledcontrol); void CmdPSKsimTag(uint16_t arg1, uint16_t arg2, size_t size, uint8_t *bits, int ledcontrol); + void CmdHIDdemodFSK(int findone, uint32_t *high, uint32_t *low, int ledcontrol); void CmdAWIDdemodFSK(int findone, uint32_t *high, uint32_t *low, int ledcontrol); // Realtime demodulation mode for AWID26 void CmdEM410xdemod(int findone, uint32_t *high, uint64_t *low, int ledcontrol); diff --git a/armsrc/lfops.c b/armsrc/lfops.c index 4d4141503..5cff85796 100644 --- a/armsrc/lfops.c +++ b/armsrc/lfops.c @@ -903,15 +903,11 @@ static void stAskSimBit(int *n, uint8_t clock) { } // args clock, ask/man or askraw, invert, transmission separator -void CmdASKsimTag(uint16_t arg1, uint16_t arg2, size_t size, uint8_t *bits, int ledcontrol) { +void CmdASKsimTAG(uint8_t encoding, uint8_t invert, uint8_t separator, uint8_t clk, size_t size, uint8_t *bits, int ledcontrol) { FpgaDownloadAndGo(FPGA_BITSTREAM_LF); set_tracing(false); int n = 0, i = 0; - uint8_t clk = (arg1 >> 8) & 0xFF; - uint8_t encoding = arg1 & 0xFF; - uint8_t separator = arg2 & 1; - uint8_t invert = (arg2 >> 8) & 1; if (encoding == 2) { //biphase uint8_t phase = 0; diff --git a/client/cmdlf.c b/client/cmdlf.c index 05f61bdf1..34fe95dda 100644 --- a/client/cmdlf.c +++ b/client/cmdlf.c @@ -712,16 +712,29 @@ int CmdLFaskSim(const char *Cmd) { if (encoding == 0) clk /= 2; //askraw needs to double the clock speed size_t size = DemodBufferLen; - if (size > PM3_CMD_DATA_SIZE) { - PrintAndLogEx(NORMAL, "DemodBuffer too long for current implementation - length: %d - max: %d", size, PM3_CMD_DATA_SIZE); - size = PM3_CMD_DATA_SIZE; + if (size > (PM3_CMD_DATA_SIZE - sizeof(lf_asksim_t))) { + PrintAndLogEx(NORMAL, "DemodBuffer too long for current implementation - length: %d - max: %d", size, PM3_CMD_DATA_SIZE - sizeof(lf_asksim_t)); + size = PM3_CMD_DATA_SIZE - sizeof(lf_asksim_t); } - PrintAndLogEx(NORMAL, "preparing to sim ask data: %d bits", size); + + lf_asksim_t *payload = calloc(1, sizeof(lf_asksim_t) + size); + payload->encoding = encoding; + payload->invert = invert; + payload->separator = separator; + payload->clock = clk; + memcpy(payload->data, DemodBuffer, size); + + PrintAndLogEx(INFO, "Simulating"); + clearCommandBuffer(); - SendCommandOLD(CMD_ASK_SIM_TAG, clk << 8 | encoding, invert << 8 | separator, size, DemodBuffer, size); + SendCommandNG(CMD_ASK_SIM_TAG, (uint8_t *)payload, sizeof(lf_asksim_t) + size); + free(payload); + PacketResponseNG resp; WaitForResponse(CMD_ASK_SIM_TAG, &resp); + + PrintAndLogEx(INFO, "Done"); if (resp.status != PM3_EOPABORTED) return resp.status; return PM3_SUCCESS; diff --git a/client/cmdlffdx.c b/client/cmdlffdx.c index 0211fcad1..6f019b169 100644 --- a/client/cmdlffdx.c +++ b/client/cmdlffdx.c @@ -319,18 +319,28 @@ static int CmdFdxSim(const char *Cmd) { verify_values(countryid, animalid); - // 32, no STT, BIPHASE INVERTED == diphase - uint8_t clk = 32, encoding = 2, separator = 0, invert = 1; - PrintAndLogEx(SUCCESS, "Simulating FDX-B animal ID: %04u-%"PRIu64, countryid, animalid); - uint8_t data[128]; + uint8_t bs[128]; //getFDXBits(uint64_t national_id, uint16_t country, uint8_t isanimal, uint8_t isextended, uint32_t extended, uint8_t *bits) - getFDXBits(animalid, countryid, 1, 0, 0, data); + getFDXBits(animalid, countryid, 1, 0, 0, bs); + + // 32, no STT, BIPHASE INVERTED == diphase + lf_asksim_t *payload = calloc(1, sizeof(lf_asksim_t) + sizeof(bs)); + payload->encoding = 2; + payload->invert = 1; + payload->separator = 0; + payload->clock = 32; + memcpy(payload->data, bs, sizeof(bs)); + clearCommandBuffer(); - SendCommandOLD(CMD_ASK_SIM_TAG, clk << 8 | encoding, invert << 8 | separator, sizeof(data), data, sizeof(data)); + SendCommandNG(CMD_ASK_SIM_TAG, (uint8_t *)payload, sizeof(lf_asksim_t) + sizeof(bs)); + free(payload); + PacketResponseNG resp; WaitForResponse(CMD_ASK_SIM_TAG, &resp); + + PrintAndLogEx(INFO, "Done"); if (resp.status != PM3_EOPABORTED) return resp.status; return PM3_SUCCESS; diff --git a/client/cmdlfguard.c b/client/cmdlfguard.c index 53c912f15..54073fc02 100644 --- a/client/cmdlfguard.c +++ b/client/cmdlfguard.c @@ -138,8 +138,8 @@ static int CmdGuardRead(const char *Cmd) { static int CmdGuardClone(const char *Cmd) { - char cmdp = param_getchar(Cmd, 0); - if (strlen(Cmd) == 0 || cmdp == 'h' || cmdp == 'H') return usage_lf_guard_clone(); + char cmdp = tolower(param_getchar(Cmd, 0)); + if (strlen(Cmd) == 0 || cmdp == 'h') return usage_lf_guard_clone(); uint32_t facilitycode = 0, cardnumber = 0, fc = 0, cn = 0, fmtlen = 0; uint8_t bs[96]; @@ -198,12 +198,10 @@ static int CmdGuardClone(const char *Cmd) { static int CmdGuardSim(const char *Cmd) { - // Guard uses: clk: 64, invert: 0, encoding: 2 (ASK Biphase) - uint8_t clock1 = 64, encoding = 2, separator = 0, invert = 0; uint32_t facilitycode = 0, cardnumber = 0, fc = 0, cn = 0, fmtlen = 0; - char cmdp = param_getchar(Cmd, 0); - if (strlen(Cmd) == 0 || cmdp == 'h' || cmdp == 'H') return usage_lf_guard_sim(); + char cmdp = tolower(param_getchar(Cmd, 0)); + if (strlen(Cmd) == 0 || cmdp == 'h') return usage_lf_guard_sim(); if (sscanf(Cmd, "%u %u %u", &fmtlen, &fc, &cn) != 3) return usage_lf_guard_sim(); @@ -221,10 +219,22 @@ static int CmdGuardSim(const char *Cmd) { PrintAndLogEx(SUCCESS, "Simulating Guardall - Facility Code: %u, CardNumber: %u", facilitycode, cardnumber); + // Guard uses: clk: 64, invert: 0, encoding: 2 (ASK Biphase) + lf_asksim_t *payload = calloc(1, sizeof(lf_asksim_t) + sizeof(bs)); + payload->encoding = 2; + payload->invert = 0; + payload->separator = 0; + payload->clock = 64; + memcpy(payload->data, bs, sizeof(bs)); + clearCommandBuffer(); - SendCommandOLD(CMD_ASK_SIM_TAG, (clock1 << 8) | encoding, (invert << 8) | separator, sizeof(bs), bs, sizeof(bs)); + SendCommandNG(CMD_ASK_SIM_TAG, (uint8_t *)payload, sizeof(lf_asksim_t) + sizeof(bs)); + free(payload); + PacketResponseNG resp; WaitForResponse(CMD_ASK_SIM_TAG, &resp); + + PrintAndLogEx(INFO, "Done"); if (resp.status != PM3_EOPABORTED) return resp.status; return PM3_SUCCESS; diff --git a/client/cmdlfjablotron.c b/client/cmdlfjablotron.c index b6fcacf40..a5b9166ac 100644 --- a/client/cmdlfjablotron.c +++ b/client/cmdlfjablotron.c @@ -195,15 +195,26 @@ static int CmdJablotronSim(const char *Cmd) { PrintAndLogEx(INFO, "Card Number Truncated to 39bits: %"PRIx64, fullcode); } - uint8_t clk = 64, encoding = 2, separator = 0, invert = 1; PrintAndLogEx(SUCCESS, "Simulating Jablotron - FullCode: %"PRIx64, fullcode); - uint8_t data[64]; - getJablotronBits(fullcode, data); + uint8_t bs[64]; + getJablotronBits(fullcode, bs); + + lf_asksim_t *payload = calloc(1, sizeof(lf_asksim_t) + sizeof(bs)); + payload->encoding = 2; + payload->invert = 1; + payload->separator = 0; + payload->clock = 64; + memcpy(payload->data, bs, sizeof(bs)); + clearCommandBuffer(); - SendCommandOLD(CMD_ASK_SIM_TAG, clk << 8 | encoding, invert << 8 | separator, sizeof(data), data, sizeof(data)); + SendCommandNG(CMD_ASK_SIM_TAG, (uint8_t *)payload, sizeof(lf_asksim_t) + sizeof(bs)); + free(payload); + PacketResponseNG resp; WaitForResponse(CMD_ASK_SIM_TAG, &resp); + + PrintAndLogEx(INFO, "Done"); if (resp.status != PM3_EOPABORTED) return resp.status; return PM3_SUCCESS; diff --git a/client/cmdlfnedap.c b/client/cmdlfnedap.c index 918b5151e..636a23b33 100644 --- a/client/cmdlfnedap.c +++ b/client/cmdlfnedap.c @@ -242,9 +242,6 @@ static int CmdLFNedapSim(const char *Cmd) { uint8_t bs[128]; memset(bs, 0x00, sizeof(bs)); - // NEDAP, Biphase = 2, clock 64, inverted, (DIPhase == inverted BIphase - uint8_t clk = 64, encoding = 2, separator = 0, invert = 1; - if (getNedapBits(cardnumber, bs) != PM3_SUCCESS) { PrintAndLogEx(WARNING, "Error with tag bitstream generation."); return PM3_ESOFT; @@ -253,10 +250,22 @@ static int CmdLFNedapSim(const char *Cmd) { PrintAndLogEx(SUCCESS, "bin %s", sprint_bin_break(bs, 128, 32)); PrintAndLogEx(SUCCESS, "Simulating Nedap - CardNumber: %u", cardnumber); + // NEDAP, Biphase = 2, clock 64, inverted, (DIPhase == inverted BIphase) + lf_asksim_t *payload = calloc(1, sizeof(lf_asksim_t) + sizeof(bs)); + payload->encoding = 2; + payload->invert = 1; + payload->separator = 0; + payload->clock = 64; + memcpy(payload->data, bs, sizeof(bs)); + clearCommandBuffer(); - SendCommandOLD(CMD_ASK_SIM_TAG, clk << 8 | encoding, invert << 8 | separator, sizeof(bs), bs, sizeof(bs)); + SendCommandNG(CMD_ASK_SIM_TAG, (uint8_t *)payload, sizeof(lf_asksim_t) + sizeof(bs)); + free(payload); + PacketResponseNG resp; WaitForResponse(CMD_ASK_SIM_TAG, &resp); + + PrintAndLogEx(INFO, "Done"); if (resp.status != PM3_EOPABORTED) return resp.status; return PM3_SUCCESS; diff --git a/client/cmdlfnoralsy.c b/client/cmdlfnoralsy.c index f6ff78645..9e3413405 100644 --- a/client/cmdlfnoralsy.c +++ b/client/cmdlfnoralsy.c @@ -181,8 +181,8 @@ static int CmdNoralsyClone(const char *Cmd) { static int CmdNoralsySim(const char *Cmd) { - uint8_t bits[96]; - memset(bits, 0, sizeof(bits)); + uint8_t bs[96]; + memset(bs, 0, sizeof(bs)); uint16_t year = 0; uint32_t id = 0; @@ -194,19 +194,28 @@ static int CmdNoralsySim(const char *Cmd) { id = param_get32ex(Cmd, 0, 0, 10); year = param_get32ex(Cmd, 1, 2000, 10); - uint8_t clk = 32, encoding = 1, separator = 1, invert = 0; - - if (getnoralsyBits(id, year, bits) != PM3_SUCCESS) { + if (getnoralsyBits(id, year, bs) != PM3_SUCCESS) { PrintAndLogEx(WARNING, "Error with tag bitstream generation."); return PM3_ESOFT; } PrintAndLogEx(SUCCESS, "Simulating Noralsy - CardId: %u", id); + lf_asksim_t *payload = calloc(1, sizeof(lf_asksim_t) + sizeof(bs)); + payload->encoding = 1; + payload->invert = 0; + payload->separator = 1; + payload->clock = 32; + memcpy(payload->data, bs, sizeof(bs)); + clearCommandBuffer(); - SendCommandOLD(CMD_ASK_SIM_TAG, clk << 8 | encoding, invert << 8 | separator, sizeof(bits), bits, sizeof(bits)); + SendCommandNG(CMD_ASK_SIM_TAG, (uint8_t *)payload, sizeof(lf_asksim_t) + sizeof(bs)); + free(payload); + PacketResponseNG resp; WaitForResponse(CMD_ASK_SIM_TAG, &resp); + + PrintAndLogEx(INFO, "Done"); if (resp.status != PM3_EOPABORTED) return resp.status; return PM3_SUCCESS; diff --git a/client/cmdlfpresco.c b/client/cmdlfpresco.c index 4c33334e6..e0a9bb351 100644 --- a/client/cmdlfpresco.c +++ b/client/cmdlfpresco.c @@ -154,15 +154,26 @@ static int CmdPrescoSim(const char *Cmd) { if (getWiegandFromPresco(Cmd, &sitecode, &usercode, &fullcode, &Q5) == -1) return usage_lf_presco_sim(); - uint8_t clk = 32, encoding = 1, separator = 1, invert = 0; - PrintAndLogEx(SUCCESS, "Simulating Presco - SiteCode: %u, UserCode: %u, FullCode: %08X", sitecode, usercode, fullcode); - uint8_t data[128]; - getPrescoBits(fullcode, data); - SendCommandOLD(CMD_ASK_SIM_TAG, clk << 8 | encoding, invert << 8 | separator, sizeof(data), data, sizeof(data)); + uint8_t bs[128]; + getPrescoBits(fullcode, bs); + + lf_asksim_t *payload = calloc(1, sizeof(lf_asksim_t) + sizeof(bs)); + payload->encoding = 1; + payload->invert = 0; + payload->separator = 1; + payload->clock = 32; + memcpy(payload->data, bs, sizeof(bs)); + + clearCommandBuffer(); + SendCommandNG(CMD_ASK_SIM_TAG, (uint8_t *)payload, sizeof(lf_asksim_t) + sizeof(bs)); + free(payload); + PacketResponseNG resp; WaitForResponse(CMD_ASK_SIM_TAG, &resp); + + PrintAndLogEx(INFO, "Done"); if (resp.status != PM3_EOPABORTED) return resp.status; return PM3_SUCCESS; diff --git a/client/cmdlft55xx.c b/client/cmdlft55xx.c index 9ba81d27f..8bf6ede8b 100644 --- a/client/cmdlft55xx.c +++ b/client/cmdlft55xx.c @@ -1866,7 +1866,7 @@ static int CmdT55xxChkPwds(const char *Cmd) { /* // block 7, page1 = false, usepwd = false, override = false, pwd = 00000000 - if ( T55xxReadBlock(7, false, false, false, 0x00000000) ) { + if ( T55xxReadBlock(7, false, false, false, 0x00000000) == PM3_SUCCESS) { // now try to validate it.. PrintAndLogEx(WARNING, "\n Block 7 was readable"); diff --git a/client/cmdlfviking.c b/client/cmdlfviking.c index d8d2554cf..138945531 100644 --- a/client/cmdlfviking.c +++ b/client/cmdlfviking.c @@ -74,8 +74,8 @@ static int CmdVikingClone(const char *Cmd) { uint32_t id = 0; uint64_t rawID = 0; bool Q5 = false; - char cmdp = param_getchar(Cmd, 0); - if (strlen(Cmd) == 0 || cmdp == 'h' || cmdp == 'H') return usage_lf_viking_clone(); + char cmdp = tolower(param_getchar(Cmd, 0)); + if (strlen(Cmd) == 0 || cmdp == 'h') return usage_lf_viking_clone(); id = param_get32ex(Cmd, 0, 0, 16); if (id == 0) return usage_lf_viking_clone(); @@ -101,10 +101,8 @@ static int CmdVikingClone(const char *Cmd) { static int CmdVikingSim(const char *Cmd) { uint32_t id = 0; uint64_t rawID = 0; - uint8_t clk = 32, encoding = 1, separator = 0, invert = 0; - - char cmdp = param_getchar(Cmd, 0); - if (strlen(Cmd) == 0 || cmdp == 'h' || cmdp == 'H') return usage_lf_viking_sim(); + char cmdp = tolower(param_getchar(Cmd, 0)); + if (strlen(Cmd) == 0 || cmdp == 'h') return usage_lf_viking_sim(); id = param_get32ex(Cmd, 0, 0, 16); if (id == 0) return usage_lf_viking_sim(); @@ -113,12 +111,24 @@ static int CmdVikingSim(const char *Cmd) { PrintAndLogEx(SUCCESS, "Simulating Viking - ID: %08X, Raw: %08X%08X", id, (uint32_t)(rawID >> 32), (uint32_t)(rawID & 0xFFFFFFFF)); - uint8_t data[64]; - num_to_bytebits(rawID, sizeof(data), data); + uint8_t bs[64]; + num_to_bytebits(rawID, sizeof(bs), bs); + + lf_asksim_t *payload = calloc(1, sizeof(lf_asksim_t) + sizeof(bs)); + payload->encoding = 1; + payload->invert = 0; + payload->separator = 0; + payload->clock = 32; + memcpy(payload->data, bs, sizeof(bs)); + clearCommandBuffer(); - SendCommandOLD(CMD_ASK_SIM_TAG, clk << 8 | encoding, invert << 8 | separator, sizeof(data), data, sizeof(data)); + SendCommandNG(CMD_ASK_SIM_TAG, (uint8_t *)payload, sizeof(lf_asksim_t) + sizeof(bs)); + free(payload); + PacketResponseNG resp; WaitForResponse(CMD_ASK_SIM_TAG, &resp); + + PrintAndLogEx(INFO, "Done"); if (resp.status != PM3_EOPABORTED) return resp.status; return PM3_SUCCESS; diff --git a/client/cmdlfvisa2000.c b/client/cmdlfvisa2000.c index e07bf75cb..b717f65dd 100644 --- a/client/cmdlfvisa2000.c +++ b/client/cmdlfvisa2000.c @@ -196,26 +196,35 @@ static int CmdVisa2kClone(const char *Cmd) { static int CmdVisa2kSim(const char *Cmd) { uint32_t id = 0; - char cmdp = param_getchar(Cmd, 0); - if (strlen(Cmd) == 0 || cmdp == 'h' || cmdp == 'H') + char cmdp = tolower(param_getchar(Cmd, 0)); + if (strlen(Cmd) == 0 || cmdp == 'h') return usage_lf_visa2k_sim(); id = param_get32ex(Cmd, 0, 0, 10); - uint8_t clk = 64, encoding = 1, separator = 1, invert = 0; - PrintAndLogEx(SUCCESS, "Simulating Visa2000 - CardId: %u", id); uint32_t blocks[3] = { BL0CK1, id, (visa_parity(id) << 4) | visa_chksum(id) }; - uint8_t data[96]; + uint8_t bs[96]; for (int i = 0; i < 3; ++i) - num_to_bytebits(blocks[i], 32, data + i * 32); + num_to_bytebits(blocks[i], 32, bs + i * 32); + + lf_asksim_t *payload = calloc(1, sizeof(lf_asksim_t) + sizeof(bs)); + payload->encoding = 1; + payload->invert = 0; + payload->separator = 1; + payload->clock = 64; + memcpy(payload->data, bs, sizeof(bs)); clearCommandBuffer(); - SendCommandOLD(CMD_ASK_SIM_TAG, clk << 8 | encoding, invert << 8 | separator, sizeof(data), data, sizeof(data)); + SendCommandNG(CMD_ASK_SIM_TAG, (uint8_t *)payload, sizeof(lf_asksim_t) + sizeof(bs)); + free(payload); + PacketResponseNG resp; WaitForResponse(CMD_ASK_SIM_TAG, &resp); + + PrintAndLogEx(INFO, "Done"); if (resp.status != PM3_EOPABORTED) return resp.status; return PM3_SUCCESS; diff --git a/include/pm3_cmd.h b/include/pm3_cmd.h index a98eb8f89..bfa114f19 100644 --- a/include/pm3_cmd.h +++ b/include/pm3_cmd.h @@ -185,6 +185,15 @@ typedef struct { uint8_t data[]; } PACKED lf_fsksim_t; +// For CMD_ASK_SIM_TAG +typedef struct { + uint8_t encoding; + uint8_t invert; + uint8_t separator; + uint8_t clock; + uint8_t data[]; +} PACKED lf_asksim_t; + // For the bootloader #define CMD_DEVICE_INFO 0x0000 #define CMD_SETUP_WRITE 0x0001