diff --git a/.gitignore b/.gitignore index 4ee047c9e..31f4e1595 100644 --- a/.gitignore +++ b/.gitignore @@ -41,6 +41,7 @@ Makefile.platform # cmake client/build/ client/android/build/ +client/deps/bzip2/ # Coverity cov-int/ @@ -77,17 +78,16 @@ fpga/* !fpga/xst_hf.scr !fpga/go.bat !fpga/sim.tcl + # offcial dumps folder dumps/* +traces/* #client/* -# my own traces folder client/traces/* -# my own dumps folder client/dumps/* *.ice *.new -armsrc/TEMP EMV/* tools/mf_nonce_brute/mf_nonce_brute tools/andrew/* tools/jtag_openocd/openocd_configuration diff --git a/CHANGELOG.md b/CHANGELOG.md index 416f063b9..492c67794 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,8 +3,14 @@ All notable changes to this project will be documented in this file. This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... ## [unreleased][unreleased] - - Added lf em function: 4x50_sread (@tharexde) - - Added lf em functions: 4x50_info, 4x50_write, 4x50_write_password (@tharexde) + - Readded verichip command which seems missing (@iceman1001) + - Fix missing t55x7 config block detection (@iceman1001) + - Fix missing define on proxspace (@mwalker33) + - Added `lf em 4x50_dump` (@iceman1001) + - Added `lf em 4x50_read` (@tharexde) + - Added `lf em 4x50_info` (@tharexde) + - Added `4x50_write` (@tharexde) + - Added `4x50_write_password` (@tharexde) - Fix em4x50 demodulation error (@tharexde) - Fix `hf mfdes` authentification issues, DES working (@bkerler) - Add Android cross-compilation to client cmake (@dxl, @doegox) diff --git a/armsrc/appmain.c b/armsrc/appmain.c index 2ed5811fa..a50c0ba7d 100644 --- a/armsrc/appmain.c +++ b/armsrc/appmain.c @@ -1023,7 +1023,10 @@ static void PacketReceived(PacketCommandNG *packet) { em4x50_read((em4x50_data_t *)packet->data.asBytes); break; } - + case CMD_LF_EM4X50_WIPE: { + em4x50_wipe((em4x50_data_t *)packet->data.asBytes); + break; + } #endif #ifdef WITH_ISO15693 diff --git a/armsrc/em4x50.c b/armsrc/em4x50.c index 93da6425f..63b58e5bd 100644 --- a/armsrc/em4x50.c +++ b/armsrc/em4x50.c @@ -1028,3 +1028,61 @@ void em4x50_write_password(em4x50_data_t *etd) { lf_finalize(); reply_ng(CMD_ACK, bsuccess, 0, 0); } + +void em4x50_wipe(em4x50_data_t *etd) { + + // set all data of EM4x50 tag to 0x0 including password + + bool bsuccess = false; + uint8_t zero[4] = {0, 0, 0, 0}; + uint8_t addresses[4] = {0, 0, EM4X50_NO_WORDS - 3, 1}; + + init_tag(); + em4x50_setup_read(); + + // set gHigh and gLow + if (get_signalproperties() && find_em4x50_tag()) { + + // login first + if (login(etd->password)) { + + // write 0x0 to each address but ignore addresses + // 0 -> password, 32 -> serial, 33 -> uid + // writing 34 words takes about 3.6 seconds -> high timeout needed + for (int i = 1; i <= EM4X50_NO_WORDS - 3; i++) + write(zero, i); + + // to verify result reset EM4x50 + if (reset()) { + + // login not necessary because protectd word has been set to 0 + // -> no read protected words + // -> selective read can be called immediately + if (selective_read(addresses)) { + + // check if everything is zero + bsuccess = true; + for (int i = 1; i <= EM4X50_NO_WORDS - 3; i++) + for (int j = 0; j < 4; j++) + bsuccess &= (tag.sectors[i][j] == 0) ? true : false; + + } + + if (bsuccess) { + + // so far everything is fine + // last task: reset password + if (login(etd->password)) + bsuccess = write_password(etd->password, zero); + + // verify by login with new password + if (bsuccess) + bsuccess = login(zero); + } + } + } + } + + lf_finalize(); + reply_ng(CMD_ACK, bsuccess, (uint8_t *)tag.sectors, 238); +} diff --git a/armsrc/em4x50.h b/armsrc/em4x50.h index d786e61c0..f9f1375f2 100644 --- a/armsrc/em4x50.h +++ b/armsrc/em4x50.h @@ -21,5 +21,6 @@ void em4x50_info(em4x50_data_t *etd); void em4x50_write(em4x50_data_t *etd); void em4x50_write_password(em4x50_data_t *etd); void em4x50_read(em4x50_data_t *etd); +void em4x50_wipe(em4x50_data_t *etd); #endif /* EM4X50_H */ diff --git a/client/CMakeLists.txt b/client/CMakeLists.txt index 565bfba14..ef0aeb7ab 100644 --- a/client/CMakeLists.txt +++ b/client/CMakeLists.txt @@ -267,7 +267,6 @@ set (TARGET_SOURCES ${PM3_ROOT}/client/src/cmdlfsecurakey.c ${PM3_ROOT}/client/src/cmdlft55xx.c ${PM3_ROOT}/client/src/cmdlfti.c - ${PM3_ROOT}/client/src/cmdlfverichip.c ${PM3_ROOT}/client/src/cmdlfviking.c ${PM3_ROOT}/client/src/cmdlfvisa2000.c ${PM3_ROOT}/client/src/cmdmain.c diff --git a/client/android/CMakeLists.txt b/client/android/CMakeLists.txt index 11da2f5e4..cc827d143 100644 --- a/client/android/CMakeLists.txt +++ b/client/android/CMakeLists.txt @@ -1,12 +1,6 @@ # version cmake_minimum_required(VERSION 3.4.1) -# We are build on android platform, so we need add def "ANDROID" -# NDK version for SDK 19 doesn't implement the whole C++11 standard in the STL. -# see: https://stackoverflow.com/questions/44736135/ndk-clang-error-undefined-reference-to-localeconv -# so we need add def getlocaledecpoint()='.' -add_definitions(-DANDROID -D"getlocaledecpoint\(\)='.'") - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -O3 -fvisibility=hidden -w") # Root path into client @@ -14,138 +8,170 @@ set(PM3_ROOT ../../) add_subdirectory(../deps deps) +# Build zlib deps at external +if (CMAKE_MAKE_PROGRAM MATCHES ".*ninja.*") + set(BZIP2_INCLUDE_DIRS ${BZIP2_ROOT}) + set(BZIP2_LIBRARIES pm3rrg_rdv4_bzip2) + find_library(pm3rrg_rdv4_bzip2 REQUIRED) +elseif (UNIX) # Cross compile at Unix Makefile System. + # bzip2 dep. + include(ExternalProject) + set(CFLAGS_EXTERNAL_LIB "CFLAGS=--target=${CMAKE_C_COMPILER_TARGET} -w") + set(BZIP2_BUILD_DIR ${CMAKE_CURRENT_BINARY_DIR}/deps/bzip2/src/bzip2) + ExternalProject_Add(bzip2 + GIT_REPOSITORY https://android.googlesource.com/platform/external/bzip2 + GIT_TAG platform-tools-30.0.2 + PREFIX deps/bzip2 + #SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/deps/bzip2 + CONFIGURE_COMMAND mkdir -p ${BZIP2_BUILD_DIR} && git archive --format tar HEAD | tar -C ${BZIP2_BUILD_DIR} -x + BUILD_IN_SOURCE ON + BUILD_COMMAND make -C ${BZIP2_BUILD_DIR} -j4 CC=${CMAKE_C_COMPILER} CXX=${CMAKE_CXX_COMPILER} LD=${CMAKE_C_COMPILER} AR=${CMAKE_AR} RANLIB=${CMAKE_RANLIB} ${CFLAGS_EXTERNAL_LIB} libbz2.a + INSTALL_COMMAND "" + LOG_DOWNLOAD ON + ) + ExternalProject_Add_StepTargets(bzip2 configure build install) + set(BZIP2_INCLUDE_DIRS ${CMAKE_CURRENT_BINARY_DIR}/deps/bzip2/src/bzip2) + set(BZIP2_LIBRARIES ${CMAKE_CURRENT_BINARY_DIR}/deps/bzip2/src/bzip2/libbz2.a) +else () + message(ERROR "Please implement your BZIP2 import.") +endif () + # client resources add_library(pm3rrg_rdv4 SHARED + ${PM3_ROOT}/common/commonutil.c ${PM3_ROOT}/common/util_posix.c + ${PM3_ROOT}/common/parity.c + ${PM3_ROOT}/common/bucketsort.c ${PM3_ROOT}/common/crapto1/crapto1.c ${PM3_ROOT}/common/crapto1/crypto1.c ${PM3_ROOT}/common/crc.c ${PM3_ROOT}/common/crc16.c ${PM3_ROOT}/common/crc32.c ${PM3_ROOT}/common/crc64.c - ${PM3_ROOT}/common/cardhelper.c - ${PM3_ROOT}/common/parity.c - ${PM3_ROOT}/common/commonutil.c - ${PM3_ROOT}/common/generator.c ${PM3_ROOT}/common/lfdemod.c - ${PM3_ROOT}/common/iso15693tools.c - ${PM3_ROOT}/common/bucketsort.c ${PM3_ROOT}/common/legic_prng.c - # client inside - ${PM3_ROOT}/client/src/fileutils.c - ${PM3_ROOT}/client/src/uart/uart_posix.c - ${PM3_ROOT}/client/src/loclass/cipherutils.c - ${PM3_ROOT}/client/src/loclass/cipher.c - ${PM3_ROOT}/client/src/loclass/ikeys.c - ${PM3_ROOT}/client/src/loclass/elite_crack.c - ${PM3_ROOT}/client/src/emv/emvcore.c + ${PM3_ROOT}/common/iso15693tools.c + ${PM3_ROOT}/common/cardhelper.c + ${PM3_ROOT}/common/generator.c + ${PM3_ROOT}/client/src/crypto/asn1dump.c + ${PM3_ROOT}/client/src/crypto/asn1utils.c + ${PM3_ROOT}/client/src/crypto/libpcrypto.c + ${PM3_ROOT}/client/src/emv/test/cda_test.c + ${PM3_ROOT}/client/src/emv/test/crypto_test.c + ${PM3_ROOT}/client/src/emv/test/cryptotest.c + ${PM3_ROOT}/client/src/emv/test/dda_test.c + ${PM3_ROOT}/client/src/emv/test/sda_test.c + ${PM3_ROOT}/client/src/emv/apduinfo.c ${PM3_ROOT}/client/src/emv/cmdemv.c - ${PM3_ROOT}/client/src/emv/tlv.c - ${PM3_ROOT}/client/src/emv/dol.c - ${PM3_ROOT}/client/src/emv/emv_tags.c - ${PM3_ROOT}/client/src/emv/emv_roca.c - ${PM3_ROOT}/client/src/emv/dump.c - ${PM3_ROOT}/client/src/emv/crypto_polarssl.c ${PM3_ROOT}/client/src/emv/crypto.c + ${PM3_ROOT}/client/src/emv/crypto_polarssl.c + ${PM3_ROOT}/client/src/emv/dol.c + ${PM3_ROOT}/client/src/emv/dump.c ${PM3_ROOT}/client/src/emv/emv_pk.c ${PM3_ROOT}/client/src/emv/emv_pki.c + ${PM3_ROOT}/client/src/emv/emv_pki_priv.c + ${PM3_ROOT}/client/src/emv/emv_roca.c + ${PM3_ROOT}/client/src/emv/emv_tags.c + ${PM3_ROOT}/client/src/emv/emvcore.c ${PM3_ROOT}/client/src/emv/emvjson.c - ${PM3_ROOT}/client/src/emv/apduinfo.c - ${PM3_ROOT}/client/src/emv/test/cryptotest.c - ${PM3_ROOT}/client/src/emv/test/sda_test.c - ${PM3_ROOT}/client/src/emv/test/dda_test.c - ${PM3_ROOT}/client/src/emv/test/cda_test.c - ${PM3_ROOT}/client/src/emv/test/crypto_test.c - ${PM3_ROOT}/client/src/emv/test/cryptotest.c - ${PM3_ROOT}/client/src/emv/test/sda_test.c - ${PM3_ROOT}/client/src/emv/test/dda_test.c - ${PM3_ROOT}/client/src/emv/test/cda_test.c - ${PM3_ROOT}/client/src/emv/test/crypto_test.c - ${PM3_ROOT}/client/src/crypto/libpcrypto.c - ${PM3_ROOT}/client/src/crypto/asn1utils.c - ${PM3_ROOT}/client/src/crypto/asn1dump.c + ${PM3_ROOT}/client/src/emv/tlv.c + ${PM3_ROOT}/client/src/fido/additional_ca.c + ${PM3_ROOT}/client/src/fido/cbortools.c + ${PM3_ROOT}/client/src/fido/cose.c + ${PM3_ROOT}/client/src/fido/fidocore.c + ${PM3_ROOT}/client/src/loclass/cipher.c + ${PM3_ROOT}/client/src/loclass/cipherutils.c + ${PM3_ROOT}/client/src/loclass/elite_crack.c + ${PM3_ROOT}/client/src/loclass/hash1_brute.c + ${PM3_ROOT}/client/src/loclass/ikeys.c ${PM3_ROOT}/client/src/mifare/mad.c ${PM3_ROOT}/client/src/mifare/mfkey.c ${PM3_ROOT}/client/src/mifare/mifare4.c + ${PM3_ROOT}/client/src/mifare/mifaredefault.c ${PM3_ROOT}/client/src/mifare/mifarehost.c ${PM3_ROOT}/client/src/mifare/ndef.c ${PM3_ROOT}/client/src/mifare/desfire_crypto.c - ${PM3_ROOT}/client/src/mifare/mifaredefault.c - ${PM3_ROOT}/client/src/fido/cose.c - ${PM3_ROOT}/client/src/fido/fidocore.c - ${PM3_ROOT}/client/src/fido/cbortools.c - ${PM3_ROOT}/client/src/fido/additional_ca.c - ${PM3_ROOT}/client/src/preferences.c - ${PM3_ROOT}/client/src/graph.c - ${PM3_ROOT}/client/src/ui.c - ${PM3_ROOT}/client/src/tea.c - ${PM3_ROOT}/client/src/util.c - ${PM3_ROOT}/client/src/comms.c - ${PM3_ROOT}/client/src/cmdcrc.c - ${PM3_ROOT}/client/src/cmdanalyse.c - ${PM3_ROOT}/client/src/cmddata.c - ${PM3_ROOT}/client/src/cmdtrace.c - ${PM3_ROOT}/client/src/cmdhf.c - ${PM3_ROOT}/client/src/cmdhflto.c + ${PM3_ROOT}/client/src/uart/uart_posix.c + ${PM3_ROOT}/client/src/uart/uart_win32.c + ${PM3_ROOT}/client/src/ui/overlays.ui ${PM3_ROOT}/client/src/aidsearch.c + ${PM3_ROOT}/client/src/cmdanalyse.c + ${PM3_ROOT}/client/src/cmdcrc.c + ${PM3_ROOT}/client/src/cmddata.c + ${PM3_ROOT}/client/src/cmdflashmem.c + ${PM3_ROOT}/client/src/cmdflashmemspiffs.c + ${PM3_ROOT}/client/src/cmdhf.c ${PM3_ROOT}/client/src/cmdhf14a.c ${PM3_ROOT}/client/src/cmdhf14b.c - ${PM3_ROOT}/client/src/cmdwiegand.c - ${PM3_ROOT}/client/src/wiegand_formatutils.c - ${PM3_ROOT}/client/src/wiegand_formats.c - ${PM3_ROOT}/client/src/cmdlfmotorola.c - ${PM3_ROOT}/client/src/cmdlfgallagher.c ${PM3_ROOT}/client/src/cmdhf15.c + ${PM3_ROOT}/client/src/cmdhfcryptorf.c ${PM3_ROOT}/client/src/cmdhfepa.c - ${PM3_ROOT}/client/src/cmdhflegic.c - ${PM3_ROOT}/client/src/cmdhfthinfilm.c - ${PM3_ROOT}/client/src/cmdflashmemspiffs.c ${PM3_ROOT}/client/src/cmdhffelica.c + ${PM3_ROOT}/client/src/cmdhffido.c ${PM3_ROOT}/client/src/cmdhficlass.c + ${PM3_ROOT}/client/src/cmdhflegic.c ${PM3_ROOT}/client/src/cmdhflist.c + ${PM3_ROOT}/client/src/cmdhflto.c ${PM3_ROOT}/client/src/cmdhfmf.c ${PM3_ROOT}/client/src/cmdhfmfdes.c - ${PM3_ROOT}/client/src/cmdhfmfu.c + ${PM3_ROOT}/client/src/cmdhfmfhard.c ${PM3_ROOT}/client/src/cmdhfmfp.c - ${PM3_ROOT}/client/src/cmdhffido.c + ${PM3_ROOT}/client/src/cmdhfmfu.c + ${PM3_ROOT}/client/src/cmdhfthinfilm.c ${PM3_ROOT}/client/src/cmdhftopaz.c ${PM3_ROOT}/client/src/cmdhw.c ${PM3_ROOT}/client/src/cmdlf.c - ${PM3_ROOT}/client/src/cmdlfkeri.c - ${PM3_ROOT}/client/src/cmdlffdx.c - ${PM3_ROOT}/client/src/cmdlfio.c - ${PM3_ROOT}/client/src/cmdlfem4x.c - ${PM3_ROOT}/client/src/cmdlfhid.c - ${PM3_ROOT}/client/src/cmdlfnedap.c - ${PM3_ROOT}/client/src/cmdlfguard.c - ${PM3_ROOT}/client/src/cmdlfhitag.c - ${PM3_ROOT}/client/src/cmdlfjablotron.c - ${PM3_ROOT}/client/src/cmdsmartcard.c - ${PM3_ROOT}/client/src/cmdlfti.c - ${PM3_ROOT}/client/src/cmdlfpac.c - ${PM3_ROOT}/client/src/cmdlfnoralsy.c - ${PM3_ROOT}/client/src/cmdlfnexwatch.c - ${PM3_ROOT}/client/src/cmdlfpresco.c - ${PM3_ROOT}/client/src/cmdlfindala.c - ${PM3_ROOT}/client/src/cmdlfviking.c - ${PM3_ROOT}/client/src/cmdlfsecurakey.c - ${PM3_ROOT}/client/src/cmdlfpyramid.c - ${PM3_ROOT}/client/src/cmdlfparadox.c - ${PM3_ROOT}/client/src/cmdlfcotag.c ${PM3_ROOT}/client/src/cmdlfawid.c - ${PM3_ROOT}/client/src/cmdparser.c - ${PM3_ROOT}/client/src/cmdscript.c + ${PM3_ROOT}/client/src/cmdlfcotag.c + ${PM3_ROOT}/client/src/cmdlfem4x.c + ${PM3_ROOT}/client/src/cmdlfem4x50.c + ${PM3_ROOT}/client/src/cmdlffdx.c + ${PM3_ROOT}/client/src/cmdlfgallagher.c + ${PM3_ROOT}/client/src/cmdlfguard.c + ${PM3_ROOT}/client/src/cmdlfhid.c + ${PM3_ROOT}/client/src/cmdlfhitag.c + ${PM3_ROOT}/client/src/cmdlfindala.c + ${PM3_ROOT}/client/src/cmdlfio.c + ${PM3_ROOT}/client/src/cmdlfjablotron.c + ${PM3_ROOT}/client/src/cmdlfkeri.c + ${PM3_ROOT}/client/src/cmdlfmotorola.c + ${PM3_ROOT}/client/src/cmdlfnedap.c + ${PM3_ROOT}/client/src/cmdlfnexwatch.c + ${PM3_ROOT}/client/src/cmdlfnoralsy.c + ${PM3_ROOT}/client/src/cmdlfpac.c + ${PM3_ROOT}/client/src/cmdlfparadox.c + ${PM3_ROOT}/client/src/cmdlfpcf7931.c + ${PM3_ROOT}/client/src/cmdlfpresco.c + ${PM3_ROOT}/client/src/cmdlfpyramid.c + ${PM3_ROOT}/client/src/cmdlfsecurakey.c + ${PM3_ROOT}/client/src/cmdlft55xx.c + ${PM3_ROOT}/client/src/cmdlfti.c + ${PM3_ROOT}/client/src/cmdlfverichip.c + ${PM3_ROOT}/client/src/cmdlfviking.c ${PM3_ROOT}/client/src/cmdlfvisa2000.c ${PM3_ROOT}/client/src/cmdmain.c - ${PM3_ROOT}/client/src/cmdflashmem.c - ${PM3_ROOT}/client/src/scripting.c + ${PM3_ROOT}/client/src/cmdparser.c + ${PM3_ROOT}/client/src/cmdscript.c + ${PM3_ROOT}/client/src/cmdsmartcard.c + ${PM3_ROOT}/client/src/cmdtrace.c + ${PM3_ROOT}/client/src/cmdusart.c + ${PM3_ROOT}/client/src/cmdwiegand.c + ${PM3_ROOT}/client/src/comms.c + ${PM3_ROOT}/client/src/fileutils.c + ${PM3_ROOT}/client/src/flash.c + ${PM3_ROOT}/client/src/graph.c + ${PM3_ROOT}/client/src/jansson_path.c + ${PM3_ROOT}/client/src/preferences.c ${PM3_ROOT}/client/src/pm3_binlib.c ${PM3_ROOT}/client/src/pm3_bitlib.c - ${PM3_ROOT}/client/src/cmdlft55xx.c - ${PM3_ROOT}/client/src/cmdlfpcf7931.c - ${PM3_ROOT}/client/src/cmdhfmfhard.c - ${PM3_ROOT}/client/src/cmdusart.c - ${PM3_ROOT}/client/src/jansson_path.c + ${PM3_ROOT}/client/src/prng.c + ${PM3_ROOT}/client/src/scandir.c + ${PM3_ROOT}/client/src/scripting.c + ${PM3_ROOT}/client/src/tea.c + ${PM3_ROOT}/client/src/ui.c + ${PM3_ROOT}/client/src/util.c + ${PM3_ROOT}/client/src/wiegand_formats.c + ${PM3_ROOT}/client/src/wiegand_formatutils.c # android resources jni_tools.c pm3_main.c @@ -154,6 +180,7 @@ add_library(pm3rrg_rdv4 SHARED # includes target_include_directories(pm3rrg_rdv4 PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + ${BZIP2_INCLUDE_DIRS} ${PM3_ROOT}/include/ ${PM3_ROOT}/common ${PM3_ROOT}/common_fpga @@ -169,7 +196,7 @@ find_library(pm3rrg_rdv4_hardnested REQUIRED) find_library(pm3rrg_rdv4_whereami REQUIRED) target_link_libraries(pm3rrg_rdv4 - bz2 + ${BZIP2_LIBRARIES} pm3rrg_rdv4_hardnested pm3rrg_rdv4_mbedtls pm3rrg_rdv4_cliparser @@ -180,4 +207,4 @@ target_link_libraries(pm3rrg_rdv4 pm3rrg_rdv4_reveng pm3rrg_rdv4_whereami android - log) + log) \ No newline at end of file diff --git a/client/android/pm3_main.c b/client/android/pm3_main.c index af45725cd..fc4e0b2dc 100644 --- a/client/android/pm3_main.c +++ b/client/android/pm3_main.c @@ -28,26 +28,18 @@ #include "jni_tools.h" //iceman, todo: proxify socker server name. Maybe set in preferences? +// DXL reply, todo: +// Is a good idea, we can move this def to preferences, but not now. +// Because libpm3rrg_rdv4.so cant load preferences. +// I will impl a function to load preferences at future. #define PM3_LOCAL_SOCKET_SERVER "DXL.COM.ASL" -void ShowGraphWindow(void) { -} - -void HideGraphWindow(void) { -} - -void RepaintGraphWindow(void) { -} - -int push_cmdscriptfile(char *path, bool stayafter) { - return PM3_SUCCESS; -} - static char *g_android_executable_directory = NULL; -static const char *g_android_user_directory = NULL; +static char *g_android_user_directory = NULL; -const char *get_executable_directory(void) { +char version_information[] = {"ANDROID_LIBRARY 1.4.6 build by DXL"}; +const char *get_my_executable_directory(void) { if (g_android_executable_directory == NULL) { char buf[FILE_PATH_SIZE] = {0}; getcwd(buf, sizeof(buf)); @@ -57,14 +49,20 @@ const char *get_executable_directory(void) { return g_android_executable_directory; } -const char *get_user_directory(void) { +const char *get_my_user_directory(void) { return g_android_user_directory; } +void ShowGraphWindow(void) {} + +void HideGraphWindow(void) {} + +void RepaintGraphWindow(void) {} + +int push_cmdscriptfile(char *path, bool stayafter) { return PM3_SUCCESS; } + static bool OpenPm3(void) { - if (conn.run) { - return true; - } + if (conn.run) { return true; } // Open with LocalSocket. Not a tcp connection! bool ret = OpenProxmark("socket:"PM3_LOCAL_SOCKET_SERVER, false, 1000, false, 115200); return ret; @@ -88,7 +86,7 @@ jint Console(JNIEnv *env, jobject instance, jstring cmd_) { PrintAndLogEx(NORMAL, ""); - char *cmd = (char *)((*env)->GetStringUTFChars(env, cmd_, 0)); + char *cmd = (char *) ((*env)->GetStringUTFChars(env, cmd_, 0)); int ret = CommandReceived(cmd); if (ret == 99) { // exit / quit @@ -104,11 +102,11 @@ jint Console(JNIEnv *env, jobject instance, jstring cmd_) { * Is client running! * */ jboolean IsClientRunning(JNIEnv *env, jobject instance) { - return (jboolean)((jboolean) conn.run); + return (jboolean) ((jboolean) conn.run); } /* - * test hw and hw and client. + * test hw and fw and client. * */ jboolean TestPm3(JNIEnv *env, jobject instance) { if (open() == false) { @@ -116,7 +114,7 @@ jboolean TestPm3(JNIEnv *env, jobject instance) { return false; } bool ret = (TestProxmark() == PM3_SUCCESS); - return (jboolean)(ret); + return (jboolean) (ret); } /* @@ -143,25 +141,27 @@ JNIEXPORT jint JNI_OnLoad(JavaVM *vm, void *reserved) { } jclass clz_test = (*jniEnv)->FindClass(jniEnv, "cn/rrg/devices/Proxmark3RRGRdv4"); JNINativeMethod methods[] = { - {"startExecute", "(Ljava/lang/String;)I", (void *) Console}, - {"stopExecute", "()V", (void *) ClosePm3}, - {"isExecuting", "()Z", (void *) IsClientRunning} + {"startExecute", "(Ljava/lang/String;)I", (void *) Console}, + {"stopExecute", "()V", (void *) ClosePm3}, + {"isExecuting", "()Z", (void *) IsClientRunning} }; JNINativeMethod methods1[] = { - {"testPm3", "()Z", (void *) TestPm3}, - {"closePm3", "()V", ClosePm3} + {"testPm3", "()Z", (void *) TestPm3}, + {"closePm3", "()V", ClosePm3} }; - if ((*jniEnv)->RegisterNatives(jniEnv, clazz, methods, sizeof(methods) / sizeof(methods[0])) != JNI_OK) { + if ((*jniEnv)->RegisterNatives(jniEnv, clazz, methods, sizeof(methods) / sizeof(methods[0])) != + JNI_OK) { return -1; } - if ((*jniEnv)->RegisterNatives(jniEnv, clz_test, methods1, sizeof(methods1) / sizeof(methods1[0])) != JNI_OK) { + if ((*jniEnv)->RegisterNatives(jniEnv, clz_test, methods1, + sizeof(methods1) / sizeof(methods1[0])) != JNI_OK) { return -1; } (*jniEnv)->DeleteLocalRef(jniEnv, clazz); (*jniEnv)->DeleteLocalRef(jniEnv, clz_test); return JNI_VERSION_1_4; -} +} \ No newline at end of file diff --git a/client/src/cmdhfmf.c b/client/src/cmdhfmf.c index c8ab85b14..1b458e6e0 100644 --- a/client/src/cmdhfmf.c +++ b/client/src/cmdhfmf.c @@ -307,13 +307,13 @@ static int usage_hf14_decryptbytes(void) { PrintAndLogEx(NORMAL, "Usage: hf mf decrypt [h] "); PrintAndLogEx(NORMAL, "Options:"); PrintAndLogEx(NORMAL, " h this help"); - PrintAndLogEx(NORMAL, " reader nonce"); + PrintAndLogEx(NORMAL, " tag nonce"); PrintAndLogEx(NORMAL, " encrypted reader response"); PrintAndLogEx(NORMAL, " encrypted tag response"); PrintAndLogEx(NORMAL, " encrypted data, taken directly after at_enc and forward"); PrintAndLogEx(NORMAL, "Examples:"); PrintAndLogEx(NORMAL, _YELLOW_(" hf mf decrypt b830049b 9248314a 9280e203 41e586f9")); - PrintAndLogEx(NORMAL, "\n this sample decrypts 41e586f9 -> 3003999a Annotated: 30 03 [99 9a] auth block 3 [crc]"); + PrintAndLogEx(NORMAL, "\n this sample decrypts 41e586f9 -> 3003999a Annotated: 30 03 [99 9a] read block 3 [crc]"); return PM3_SUCCESS; } diff --git a/client/src/cmdhfmfhard.c b/client/src/cmdhfmfhard.c index 15eb15ab0..3d378322e 100644 --- a/client/src/cmdhfmfhard.c +++ b/client/src/cmdhfmfhard.c @@ -1664,14 +1664,6 @@ static inline bool bitflips_match(uint8_t byte, uint32_t state, odd_even_t odd_e return true; } -/* -static uint_fast8_t reverse(uint_fast8_t b) { - b = (b & 0xF0) >> 4 | (b & 0x0F) << 4; - b = (b & 0xCC) >> 2 | (b & 0x33) << 2; - b = (b & 0xAA) >> 1 | (b & 0x55) << 1; - return b; -} -*/ static uint_fast8_t reverse(uint_fast8_t b) { return (b * 0x0202020202ULL & 0x010884422010ULL) % 1023; } diff --git a/client/src/cmdlf.c b/client/src/cmdlf.c index 389d18dad..3daf91e2f 100644 --- a/client/src/cmdlf.c +++ b/client/src/cmdlf.c @@ -1286,6 +1286,7 @@ int CmdLFfind(const char *Cmd) { } } + if (demodVisa2k() == PM3_SUCCESS) { PrintAndLogEx(SUCCESS, "\nValid " _GREEN_("Visa2000 ID") " found!"); goto out;} if (demodHID() == PM3_SUCCESS) { PrintAndLogEx(SUCCESS, "\nValid " _GREEN_("HID Prox ID") " found!"); goto out;} if (demodAWID() == PM3_SUCCESS) { PrintAndLogEx(SUCCESS, "\nValid " _GREEN_("AWID ID") " found!"); goto out;} if (demodIOProx() == PM3_SUCCESS) { PrintAndLogEx(SUCCESS, "\nValid " _GREEN_("IO Prox ID") " found!"); goto out;} @@ -1308,8 +1309,8 @@ int CmdLFfind(const char *Cmd) { if (demodPyramid() == PM3_SUCCESS) { PrintAndLogEx(SUCCESS, "\nValid " _GREEN_("Pyramid ID") " found!"); goto out;} if (demodSecurakey() == PM3_SUCCESS) { PrintAndLogEx(SUCCESS, "\nValid " _GREEN_("Securakey ID") " found!"); goto out;} if (demodViking() == PM3_SUCCESS) { PrintAndLogEx(SUCCESS, "\nValid " _GREEN_("Viking ID") " found!"); goto out;} - if (demodVisa2k() == PM3_SUCCESS) { PrintAndLogEx(SUCCESS, "\nValid " _GREEN_("Visa2000 ID") " found!"); goto out;} if (demodGallagher() == PM3_SUCCESS) { PrintAndLogEx(SUCCESS, "\nValid " _GREEN_("GALLAGHER ID") " found!"); goto out;} + // if (demodTI() == PM3_SUCCESS) { PrintAndLogEx(SUCCESS, "\nValid " _GREEN_("Texas Instrument ID") " found!"); goto out;} //if (demodFermax() == PM3_SUCCESS) { PrintAndLogEx(SUCCESS, "\nValid " _GREEN_("Fermax ID") " found!"); goto out;} diff --git a/client/src/cmdlfem4x.c b/client/src/cmdlfem4x.c index 8fbb0e509..bb07adaaa 100644 --- a/client/src/cmdlfem4x.c +++ b/client/src/cmdlfem4x.c @@ -128,7 +128,7 @@ static int usage_lf_em4x05_dump(void) { PrintAndLogEx(NORMAL, "Examples:"); PrintAndLogEx(NORMAL, " lf em 4x05_dump"); PrintAndLogEx(NORMAL, " lf em 4x05_dump 11223344"); - PrintAndLogEx(NORMAL, " lf em 4x50_dump f card1 11223344"); + PrintAndLogEx(NORMAL, " lf em 4x05_dump f card1 11223344"); return PM3_SUCCESS; } static int usage_lf_em4x05_wipe(void) { @@ -1395,10 +1395,12 @@ static command_t CommandTable[] = { {"4x05_read", CmdEM4x05Read, IfPm3Lf, "read word data from EM4x05/EM4x69"}, {"4x05_write", CmdEM4x05Write, IfPm3Lf, "write word data to EM4x05/EM4x69"}, {"----------", CmdHelp, AlwaysAvailable, "----------------------- " _CYAN_("EM 4x50") " -----------------------"}, - {"4x50_info", CmdEM4x50Info, IfPm3EM4x50, "read complete data from EM4x50"}, + {"4x50_dump", CmdEM4x50Dump, IfPm3EM4x50, "dump EM4x50 tag"}, + {"4x50_info", CmdEM4x50Info, IfPm3EM4x50, "tag information EM4x50"}, {"4x50_write", CmdEM4x50Write, IfPm3EM4x50, "write word data to EM4x50"}, {"4x50_write_password", CmdEM4x50WritePassword, IfPm3EM4x50, "change passwword of EM4x50 tag"}, {"4x50_read", CmdEM4x50Read, IfPm3EM4x50, "read word data from EM4x50"}, + {"4x50_wipe", CmdEM4x50Wipe, IfPm3EM4x50, "wipe data from EM4x50"}, {NULL, NULL, NULL, NULL} }; diff --git a/client/src/cmdlfem4x50.c b/client/src/cmdlfem4x50.c index dad399a36..8198bdc74 100644 --- a/client/src/cmdlfem4x50.c +++ b/client/src/cmdlfem4x50.c @@ -15,7 +15,7 @@ #include "commonutil.h" #include "em4x50.h" -int usage_lf_em4x50_info(void) { +static int usage_lf_em4x50_info(void) { PrintAndLogEx(NORMAL, "Read all information of EM4x50. Tag nust be on antenna."); PrintAndLogEx(NORMAL, ""); PrintAndLogEx(NORMAL, "Usage: lf em 4x50_info [h] [v] [p ]"); @@ -30,7 +30,7 @@ int usage_lf_em4x50_info(void) { PrintAndLogEx(NORMAL, ""); return PM3_SUCCESS; } -int usage_lf_em4x50_write(void) { +static int usage_lf_em4x50_write(void) { PrintAndLogEx(NORMAL, "Write EM4x50 word. Tag must be on antenna. "); PrintAndLogEx(NORMAL, ""); PrintAndLogEx(NORMAL, "Usage: lf em 4x50_write [h] [a
] [w ]"); @@ -44,7 +44,7 @@ int usage_lf_em4x50_write(void) { PrintAndLogEx(NORMAL, ""); return PM3_SUCCESS; } -int usage_lf_em4x50_write_password(void) { +static int usage_lf_em4x50_write_password(void) { PrintAndLogEx(NORMAL, "Write EM4x50 password. Tag must be on antenna. "); PrintAndLogEx(NORMAL, ""); PrintAndLogEx(NORMAL, "Usage: lf em 4x50_write_password [h] [p ] [n ]"); @@ -57,8 +57,8 @@ int usage_lf_em4x50_write_password(void) { PrintAndLogEx(NORMAL, ""); return PM3_SUCCESS; } -int usage_lf_em4x50_read(void) { - PrintAndLogEx(NORMAL, "Read EM4x50 word(s). Tag must be on antenna. "); +static int usage_lf_em4x50_read(void) { + PrintAndLogEx(NORMAL, "Read EM4x50 word(s). Tag must be on antenna."); PrintAndLogEx(NORMAL, ""); PrintAndLogEx(NORMAL, "Usage: lf em 4x50_read [h] [a
] [p ]"); PrintAndLogEx(NORMAL, "Options:"); @@ -71,6 +71,32 @@ int usage_lf_em4x50_read(void) { PrintAndLogEx(NORMAL, ""); return PM3_SUCCESS; } +static int usage_lf_em4x50_dump(void) { + PrintAndLogEx(NORMAL, "Dump EM4x50 tag. Tag must be on antenna."); + PrintAndLogEx(NORMAL, ""); + PrintAndLogEx(NORMAL, "Usage: lf em 4x50_dump [h] [f ] [p ]"); + PrintAndLogEx(NORMAL, "Options:"); + PrintAndLogEx(NORMAL, " h - this help"); + PrintAndLogEx(NORMAL, " f - overide filename prefix (optional). Default is based on UID"); + PrintAndLogEx(NORMAL, " p - password (hex) (optional)"); + PrintAndLogEx(NORMAL, "Examples:"); + PrintAndLogEx(NORMAL, _YELLOW_(" lf em 4x50_dump")); + PrintAndLogEx(NORMAL, _YELLOW_(" lf em 4x50_dump p 11223344")); + PrintAndLogEx(NORMAL, _YELLOW_(" lf em 4x50_dump f card_nnn p 11223344")); + return PM3_SUCCESS; +} +static int usage_lf_em4x50_wipe(void) { + PrintAndLogEx(NORMAL, "Wipe data from EM4x50 tag. Tag must be on antenna. "); + PrintAndLogEx(NORMAL, ""); + PrintAndLogEx(NORMAL, "Usage: lf em 4x50_wipe [h] [p ]"); + PrintAndLogEx(NORMAL, "Options:"); + PrintAndLogEx(NORMAL, " h - this help"); + PrintAndLogEx(NORMAL, " p - password (hex)"); + PrintAndLogEx(NORMAL, "Examples:"); + PrintAndLogEx(NORMAL, _YELLOW_(" lf em 4x50_wwipe p 11223344")); + PrintAndLogEx(NORMAL, ""); + return PM3_SUCCESS; +} static void prepare_result(const uint8_t *byte, int fwr, int lwr, em4x50_word_t *words) { @@ -128,46 +154,52 @@ static void prepare_result(const uint8_t *byte, int fwr, int lwr, em4x50_word_t } } -static void print_result(const em4x50_word_t *words, int fwr, int lwr, bool verbose) { +static void print_result(const em4x50_word_t *words, int fwr, int lwr) { // print available information for given word from fwr to lwr, i.e. // bit table + summary lines with hex notation of word (msb + lsb) - char string[NO_CHARS_MAX] = {0}, pstring[NO_CHARS_MAX] = {0}; + PrintAndLogEx(NORMAL, ""); + PrintAndLogEx(INFO, " # | word (msb) | word (lsb) | desc"); + PrintAndLogEx(INFO, "----+-------------+-------------+--------------------"); for (int i = fwr; i <= lwr; i++) { - if (verbose) { - - // final result - string[0] = '\0'; - sprintf(pstring, "\n word[%i] msb: " _GREEN_("0x"), i); - strcat(string, pstring); - - for (int j = 0; j < 4; j++) { - sprintf(pstring, _GREEN_("%02x"), words[i].byte[j]); - strcat(string, pstring); - } - - sprintf(pstring, "\n word[%i] lsb: 0x", i); - strcat(string, pstring); - - for (int j = 0; j < 4; j++) { - sprintf(pstring, "%02x", reflect8(words[i].byte[3-j])); - strcat(string, pstring); - } - } else { - string[0] = '\0'; - sprintf(pstring, "[" _GREEN_("+") "] word[%i]: " _YELLOW_("0x"), i); - strcat(string, pstring); - - for (int j = 0; j < 4; j++) { - sprintf(pstring, _YELLOW_("%02x"), words[i].byte[j]); - strcat(string, pstring); - } + char s[50] = {0}; + switch(i) { + case EM4X50_DEVICE_PASSWORD: + sprintf(s, _YELLOW_("password, write only")); + break; + case EM4X50_PROTECTION: + sprintf(s, _YELLOW_("protection cfg (locked)")); + break; + case EM4X50_CONTROL: + sprintf(s, _YELLOW_("control cfg (locked)")); + break; + case EM4X50_DEVICE_SERIAL: + sprintf(s, _YELLOW_("device serial number (read only)")); + break; + case EM4X50_DEVICE_ID: + sprintf(s, _YELLOW_("device identification (read only)")); + break; + default: + sprintf(s, "user data"); + break; } - PrintAndLogEx(INFO, string); + + char r[30] = {0}; + for (int j = 3; j >= 0; j--) { + sprintf(r + strlen(r), "%02x ", reflect8(words[i].byte[j])); + } + + PrintAndLogEx(INFO, " %2i | " _GREEN_("%s") "| %s| %s", + i, + sprint_hex(words[i].byte, 4), + r, + s + ); } + PrintAndLogEx(INFO, "----+-------------+-------------+--------------------"); } static void print_info_result(uint8_t *data, bool verbose) { @@ -193,43 +225,8 @@ static void print_info_result(uint8_t *data, bool verbose) { // data section PrintAndLogEx(NORMAL, ""); PrintAndLogEx(INFO, _YELLOW_("EM4x50 data:")); - - if (verbose) { - print_result(words, 0, EM4X50_NO_WORDS - 1, true); - } else { - - PrintAndLogEx(NORMAL, ""); - PrintAndLogEx(INFO, "idx | word | desc"); - PrintAndLogEx(INFO, "----+-------------+----------------------------------"); - - // condensed data section - for (int i = 0; i < EM4X50_NO_WORDS; i++) { - char s[50] = {0}; - switch(i) { - case EM4X50_DEVICE_PASSWORD: - sprintf(s, _YELLOW_("password, write only")); - break; - case EM4X50_PROTECTION: - sprintf(s, _YELLOW_("protection cfg (locked)")); - break; - case EM4X50_CONTROL: - sprintf(s, _YELLOW_("control cfg (locked)")); - break; - case EM4X50_DEVICE_SERIAL: - sprintf(s, _YELLOW_("device serial number (read only)")); - break; - case EM4X50_DEVICE_ID: - sprintf(s, _YELLOW_("device identification (read only)")); - break; - default: - sprintf(s, "user data"); - break; - } - PrintAndLogEx(INFO, " %2i | %s| %s", i, sprint_hex(words[i].byte, 4), s); - } - } - PrintAndLogEx(INFO, "----+-------------+----------------------------------"); - + print_result(words, 0, EM4X50_NO_WORDS - 1); + // configuration section PrintAndLogEx(NORMAL, ""); PrintAndLogEx(INFO, "---- " _CYAN_("Configuration") " ----"); @@ -416,7 +413,7 @@ int CmdEM4x50Write(const char *Cmd) { em4x50_word_t words[EM4X50_NO_WORDS]; prepare_result(data, etd.address, etd.address, words); - print_result(words, etd.address, etd.address, true); + print_result(words, etd.address, etd.address); PrintAndLogEx(SUCCESS, "Successfully wrote to tag"); PrintAndLogEx(HINT, "Try `" _YELLOW_("lf em 4x50_read a %u") "` - to read your data", etd.address); return PM3_SUCCESS; @@ -553,9 +550,7 @@ int em4x50_read(em4x50_data_t *etd, em4x50_word_t *out, bool verbose) { memcpy(out, &words, sizeof(em4x50_word_t) * EM4X50_NO_WORDS); } - if (verbose) { - print_result(words, etd->address, etd->address, true); - } + print_result(words, etd->address, etd->address); return PM3_SUCCESS; } @@ -573,15 +568,6 @@ int CmdEM4x50Read(const char *Cmd) { case 'h': { return usage_lf_em4x50_read(); } - case 'p': { - if (param_gethex(Cmd, cmdp + 1, etd.password, 8)) { - PrintAndLogEx(FAILED, "\n password has to be 8 hex symbols\n"); - return PM3_EINVARG; - } - etd.pwd_given = true; - cmdp += 2; - break; - } case 'a': { param_getdec(Cmd, cmdp + 1, &etd.address); @@ -594,6 +580,15 @@ int CmdEM4x50Read(const char *Cmd) { cmdp += 2; break; } + case 'p': { + if (param_gethex(Cmd, cmdp + 1, etd.password, 8)) { + PrintAndLogEx(FAILED, "\n password has to be 8 hex symbols\n"); + return PM3_EINVARG; + } + etd.pwd_given = true; + cmdp += 2; + break; + } default: { PrintAndLogEx(WARNING, "\n Unknown parameter '%c'\n", param_getchar(Cmd, cmdp)); errors = true; @@ -602,8 +597,144 @@ int CmdEM4x50Read(const char *Cmd) { } } - if (errors) + if (errors || strlen(Cmd) == 0 || etd.addr_given == false) return usage_lf_em4x50_read(); return em4x50_read(&etd, NULL, true); } + +int CmdEM4x50Dump(const char *Cmd) { + + em4x50_data_t etd; + etd.pwd_given = false; + etd.addr_given = false; + + char filename[FILE_PATH_SIZE] = {0x00}; + char *fptr = filename; + + bool errors = false; + uint8_t cmdp = 0; + while (param_getchar(Cmd, cmdp) != 0x00 && !errors) { + switch (tolower(param_getchar(Cmd, cmdp))) { + case 'h': + return usage_lf_em4x50_dump(); + break; + case 'f': + param_getstr(Cmd, cmdp + 1, filename, FILE_PATH_SIZE); + cmdp += 2; + break; + case 'p': { + if (param_gethex(Cmd, cmdp + 1, etd.password, 8)) { + PrintAndLogEx(FAILED, "\n password has to be 8 hex symbols\n"); + return PM3_EINVARG; + } + etd.pwd_given = true; + cmdp += 2; + break; + } + default: + PrintAndLogEx(WARNING, " Unknown parameter '%c'", param_getchar(Cmd, cmdp)); + errors = true; + break; + }; + } + + // validation + if (errors) + return usage_lf_em4x50_dump(); + + PrintAndLogEx(INFO, "reading EM4x50 tag"); + clearCommandBuffer(); + SendCommandNG(CMD_LF_EM4X50_INFO, (uint8_t *)&etd, sizeof(etd)); + PacketResponseNG resp; + if (!WaitForResponseTimeout(CMD_ACK, &resp, TIMEOUT)) { + PrintAndLogEx(WARNING, "timeout while waiting for reply."); + return PM3_ETIMEOUT; + } + + bool success = (resp.status & STATUS_SUCCESS) >> 1; + if (success == false) { + PrintAndLogEx(FAILED, "reading tag " _RED_("failed")); + return PM3_ESOFT; + } + + // structured format + em4x50_word_t words[EM4X50_NO_WORDS]; + prepare_result(resp.data.asBytes, 0, EM4X50_NO_WORDS - 1, words); + + PrintAndLogEx(INFO, _YELLOW_("EM4x50 data:")); + print_result(words, 0, EM4X50_NO_WORDS - 1); + + // user supplied filename? + if (strlen(filename) == 0) { + PrintAndLogEx(INFO, "Using UID as filename"); + fptr += sprintf(fptr, "lf-4x50-"); + FillFileNameByUID(fptr, words[EM4X50_DEVICE_SERIAL].byte, "-dump", 4); + } + + uint8_t data[EM4X50_NO_WORDS * 4] = {0}; + for (int i=0; i < EM4X50_NO_WORDS; i++) { + memcpy(data + (i*4), words[i].byte, 4); + } + + // saveFileEML will add .eml extension to filename + // saveFile (binary) passes in the .bin extension. + saveFileEML(filename, data, sizeof(data), 4); + saveFile(filename, ".bin", data, sizeof(data)); + //saveFileJSON... + return PM3_SUCCESS; +} + +int CmdEM4x50Wipe(const char *Cmd) { + + // fills EM4x50 tag with zeros including password + + bool errors = false, bpwd = false; + uint8_t cmdp = 0; + em4x50_data_t etd; + PacketResponseNG resp; + + while (param_getchar(Cmd, cmdp) != 0x00 && !errors) { + + switch (tolower(param_getchar(Cmd, cmdp))) { + case 'h': + return usage_lf_em4x50_wipe(); + + case 'p': + if (param_gethex(Cmd, cmdp + 1, etd.password, 8)) { + PrintAndLogEx(FAILED, "\npassword has to be 8 hex symbols\n"); + return PM3_EINVARG; + } + bpwd = true; + cmdp += 2; + break; + + default: + PrintAndLogEx(WARNING, "\nUnknown parameter '%c'\n", param_getchar(Cmd, cmdp)); + errors = true; + break; + } + } + + if (errors || !bpwd) + return usage_lf_em4x50_wipe(); + + clearCommandBuffer(); + SendCommandNG(CMD_LF_EM4X50_WIPE, (uint8_t *)&etd, sizeof(etd)); + + if (!WaitForResponseTimeout(CMD_ACK, &resp, 2*TIMEOUT)) { + PrintAndLogEx(WARNING, "\ntimeout while waiting for reply.\n"); + return PM3_ETIMEOUT; + } + + // print response + bool isOK = resp.status; + if (isOK) { + PrintAndLogEx(SUCCESS,"\nwiping data " _GREEN_("ok") "\n"); + } else { + PrintAndLogEx(FAILED,"\nwiping data " _RED_("failed") "\n"); + return PM3_ESOFT; + } + + return PM3_SUCCESS; +} diff --git a/client/src/cmdlfem4x50.h b/client/src/cmdlfem4x50.h index e426fd460..01417aa1e 100644 --- a/client/src/cmdlfem4x50.h +++ b/client/src/cmdlfem4x50.h @@ -14,11 +14,6 @@ #include"common.h" #include "em4x50.h" -int usage_lf_em4x50_info(void); -int usage_lf_em4x50_write(void); -int usage_lf_em4x50_write_password(void); -int usage_lf_em4x50_read(void); - int read_em4x50_uid(void); bool detect_4x50_block(void); int em4x50_read(em4x50_data_t *etd, em4x50_word_t *out, bool verbose); @@ -27,5 +22,7 @@ int CmdEM4x50Info(const char *Cmd); int CmdEM4x50Write(const char *Cmd); int CmdEM4x50WritePassword(const char *Cmd); int CmdEM4x50Read(const char *Cmd); +int CmdEM4x50Dump(const char *Cmd); +int CmdEM4x50Wipe(const char *Cmd); #endif diff --git a/client/src/cmdlfkeri.c b/client/src/cmdlfkeri.c index b1a73cc9d..d05c159c0 100644 --- a/client/src/cmdlfkeri.c +++ b/client/src/cmdlfkeri.c @@ -137,11 +137,16 @@ static int CmdKeriMSScramble(KeriMSScramble_t Action, uint32_t *FC, uint32_t *ID static int CmdKeriDemod(const char *Cmd) { (void)Cmd; // Cmd is not used so far + return demodKeri(); +} + +int demodKeri(void) { if (PSKDemod("", false) != PM3_SUCCESS) { PrintAndLogEx(DEBUG, "DEBUG: Error - KERI: PSK1 Demod failed"); return PM3_ESOFT; } + bool invert = false; size_t size = DemodBufferLen; int idx = detectKeri(DemodBuffer, &size, &invert); @@ -207,6 +212,8 @@ static int CmdKeriDemod(const char *Cmd) { return PM3_SUCCESS; } + + static int CmdKeriRead(const char *Cmd) { lf_read(false, 10000); return CmdKeriDemod(Cmd); @@ -382,7 +389,3 @@ int detectKeri(uint8_t *dest, size_t *size, bool *invert) { return (int)startIdx; } -int demodKeri(void) { - return CmdKeriDemod(""); -} - diff --git a/client/src/cmdlfpac.c b/client/src/cmdlfpac.c index 10365358e..f162b7342 100644 --- a/client/src/cmdlfpac.c +++ b/client/src/cmdlfpac.c @@ -1,4 +1,6 @@ //----------------------------------------------------------------------------- +// by marshmellow +// by danshuk // // This code is licensed to you under the terms of the GNU GPL, version 2 or, // at your option, any later version. See the LICENSE.txt file for the text of @@ -9,20 +11,19 @@ //----------------------------------------------------------------------------- #include "cmdlfpac.h" -#include //tolower +#include // tolower #include #include - -#include "commonutil.h" // ARRAYLEN +#include "commonutil.h" // ARRAYLEN #include "common.h" -#include "cmdparser.h" // command_t +#include "cmdparser.h" // command_t #include "comms.h" #include "ui.h" #include "cmddata.h" #include "cmdlf.h" #include "lfdemod.h" // preamble test #include "protocols.h" // t55xx defines -#include "cmdlft55xx.h" // clone.. +#include "cmdlft55xx.h" // clone #include "parity.h" static int CmdHelp(const char *Cmd); @@ -54,7 +55,7 @@ static int usage_lf_pac_sim(void) { PrintAndLogEx(NORMAL, _YELLOW_(" lf pac sim 12345678")); return PM3_SUCCESS; } -// by danshuk + // PAC_8byte format: preamble (8 mark/idle bits), ascii STX (02), ascii '2' (32), ascii '0' (30), ascii bytes 0..7 (cardid), then xor checksum of cardid bytes // all bytes following 8 bit preamble are one start bit (0), 7 data bits (lsb first), odd parity bit, and one stop bit (1) static int demodbuf_to_pacid(uint8_t *src, const size_t src_size, uint8_t *dst, const size_t dst_size) { @@ -85,7 +86,9 @@ static int demodbuf_to_pacid(uint8_t *src, const size_t src_size, uint8_t *dst, PrintAndLogEx(DEBUG, "DEBUG: Error - PAC: Bad checksum - expected: %02X, actual: %02X", dst[dataLength - 1], checksum); return PM3_ESOFT; } - dst[dataLength - 1] = 0; // overwrite checksum byte with null terminator + + // overwrite checksum byte with null terminator + dst[dataLength - 1] = 0; return PM3_SUCCESS; } @@ -142,9 +145,13 @@ static void pacCardIdToRaw(uint8_t *outRawBytes, const char *cardId) { //see NRZDemod for what args are accepted static int CmdPacDemod(const char *Cmd) { + (void)Cmd; + return demodPac(); +} +int demodPac(void) { //NRZ - if (NRZrawDemod(Cmd, false) != PM3_SUCCESS) { + if (NRZrawDemod("", false) != PM3_SUCCESS) { PrintAndLogEx(DEBUG, "DEBUG: Error - PAC: NRZ Demod failed"); return PM3_ESOFT; } @@ -307,7 +314,6 @@ int CmdLFPac(const char *Cmd) { return CmdsParse(CommandTable, Cmd); } -// by marshmellow // find PAC preamble in already demoded data int detectPac(uint8_t *dest, size_t *size) { if (*size < 128) return -1; //make sure buffer has data @@ -320,7 +326,4 @@ int detectPac(uint8_t *dest, size_t *size) { return (int)startIdx; } -int demodPac(void) { - return CmdPacDemod(""); -} diff --git a/client/src/cmdlfparadox.c b/client/src/cmdlfparadox.c index 92cea3755..7d82f8437 100644 --- a/client/src/cmdlfparadox.c +++ b/client/src/cmdlfparadox.c @@ -128,7 +128,7 @@ int demodParadox(void) { uint8_t error = 0; // Remove manchester encoding from FSK bits, skip pre - for (uint8_t i = idx + PARADOX_PREAMBLE_LEN; i < (idx + 96 - PARADOX_PREAMBLE_LEN ); i += 2) { + for (uint8_t i = idx + PARADOX_PREAMBLE_LEN; i < (idx + 96); i += 2) { // not manchester data if (bits[i] == bits[i + 1]) { diff --git a/client/src/cmdlft55xx.c b/client/src/cmdlft55xx.c index b2f048665..52cf37665 100644 --- a/client/src/cmdlft55xx.c +++ b/client/src/cmdlft55xx.c @@ -1345,17 +1345,25 @@ bool testKnownConfigBlock(uint32_t block0) { case T55X7_RAW_CONFIG_BLOCK: case T55X7_EM_UNIQUE_CONFIG_BLOCK: case T55X7_FDXB_CONFIG_BLOCK: + case T55X7_FDXB_2_CONFIG_BLOCK: case T55X7_HID_26_CONFIG_BLOCK: case T55X7_PYRAMID_CONFIG_BLOCK: case T55X7_INDALA_64_CONFIG_BLOCK: case T55X7_INDALA_224_CONFIG_BLOCK: case T55X7_GUARDPROXII_CONFIG_BLOCK: case T55X7_VIKING_CONFIG_BLOCK: - case T55X7_NORALYS_CONFIG_BLOCK: + case T55X7_NORALSY_CONFIG_BLOCK: case T55X7_IOPROX_CONFIG_BLOCK: case T55X7_PRESCO_CONFIG_BLOCK: case T55X7_NEDAP_64_CONFIG_BLOCK: case T55X7_NEDAP_128_CONFIG_BLOCK: + case T55X7_VISA2000_CONFIG_BLOCK: + case T55X7_SECURAKEY_CONFIG_BLOCK: + case T55X7_PAC_CONFIG_BLOCK: + case T55X7_VERICHIP_CONFIG_BLOCK: + case T55X7_KERI_CONFIG_BLOCK: + case T55X7_NEXWATCH_CONFIG_BLOCK: + case T55X7_JABLOTRON_CONFIG_BLOCK: return true; } return false; @@ -2044,17 +2052,18 @@ static void printT5x7KnownBlock0(uint32_t b0) { case T55X7_EM_UNIQUE_CONFIG_BLOCK: snprintf(s + strlen(s), sizeof(s) - strlen(s), "EM unique, Paxton "); break; + case T55X7_FDXB_2_CONFIG_BLOCK: case T55X7_FDXB_CONFIG_BLOCK: snprintf(s + strlen(s), sizeof(s) - strlen(s), "FDXB "); break; case T55X7_HID_26_CONFIG_BLOCK: - snprintf(s + strlen(s), sizeof(s) - strlen(s), "HID 26b (ProxCard) "); + snprintf(s + strlen(s), sizeof(s) - strlen(s), "HID 26b (ProxCard), Paradox, AWID "); break; case T55X7_PYRAMID_CONFIG_BLOCK: snprintf(s + strlen(s), sizeof(s) - strlen(s), "Pyramid "); break; case T55X7_INDALA_64_CONFIG_BLOCK: - snprintf(s + strlen(s), sizeof(s) - strlen(s), "Indala 64"); + snprintf(s + strlen(s), sizeof(s) - strlen(s), "Indala 64, Motorola"); break; case T55X7_INDALA_224_CONFIG_BLOCK: snprintf(s + strlen(s), sizeof(s) - strlen(s), "Indala 224 "); @@ -2065,7 +2074,7 @@ static void printT5x7KnownBlock0(uint32_t b0) { case T55X7_VIKING_CONFIG_BLOCK: snprintf(s + strlen(s), sizeof(s) - strlen(s), "Viking "); break; - case T55X7_NORALYS_CONFIG_BLOCK: + case T55X7_NORALSY_CONFIG_BLOCK: snprintf(s + strlen(s), sizeof(s) - strlen(s), "Noralys "); break; case T55X7_IOPROX_CONFIG_BLOCK: @@ -2080,12 +2089,33 @@ static void printT5x7KnownBlock0(uint32_t b0) { case T55X7_NEDAP_128_CONFIG_BLOCK: snprintf(s + strlen(s), sizeof(s) - strlen(s), "Nedap 128 "); break; + case T55X7_PAC_CONFIG_BLOCK: + snprintf(s + strlen(s), sizeof(s) - strlen(s), "PAC/Stanley "); + break; + case T55X7_VERICHIP_CONFIG_BLOCK: + snprintf(s + strlen(s), sizeof(s) - strlen(s), "Verichip "); + break; + case T55X7_VISA2000_CONFIG_BLOCK: + snprintf(s + strlen(s), sizeof(s) - strlen(s), "VISA2000 "); + break; + case T55X7_JABLOTRON_CONFIG_BLOCK: + snprintf(s + strlen(s), sizeof(s) - strlen(s), "Jablotron "); + break; + case T55X7_KERI_CONFIG_BLOCK: + snprintf(s + strlen(s), sizeof(s) - strlen(s), "KERI "); + break; + case T55X7_SECURAKEY_CONFIG_BLOCK: + snprintf(s + strlen(s), sizeof(s) - strlen(s), "SecuraKey "); + break; + case T55X7_NEXWATCH_CONFIG_BLOCK: + snprintf(s + strlen(s), sizeof(s) - strlen(s), "NexWatch, Quadrakey "); + break; default: break; } if (strlen(s) > 0) - PrintAndLogEx(NORMAL, "\n Config block match : " _YELLOW_("%s"), s); + PrintAndLogEx(SUCCESS, "\nConfig block match : " _YELLOW_("%s"), s); } static int CmdT55xxInfo(const char *Cmd) { @@ -2224,11 +2254,11 @@ static int CmdT55xxInfo(const char *Cmd) { PrintAndLogEx(NORMAL, " POR-Delay : %s", (por) ? _GREEN_("Yes") : "No"); } PrintAndLogEx(NORMAL, "-------------------------------------------------------------"); - PrintAndLogEx(NORMAL, " Raw Data - Page 0"); + PrintAndLogEx(NORMAL, " Raw Data - Page 0, block 0"); if (gotdata) - PrintAndLogEx(NORMAL, " Block 0 : 0x%08X", block0); + PrintAndLogEx(NORMAL, " 0x" _GREEN_("%08X"), block0); else - PrintAndLogEx(NORMAL, " Block 0 : 0x%08X %s", block0, sprint_bin(DemodBuffer + config.offset, 32)); + PrintAndLogEx(NORMAL, " 0x" _GREEN_("%08X") " %s", block0, sprint_bin(DemodBuffer + config.offset, 32)); if (((!gotdata) && (!config.Q5)) || (gotdata && (!dataasq5))) printT5x7KnownBlock0(block0); diff --git a/client/src/cmdlft55xx.h b/client/src/cmdlft55xx.h index 7074124e6..155e23c77 100644 --- a/client/src/cmdlft55xx.h +++ b/client/src/cmdlft55xx.h @@ -25,28 +25,45 @@ // config blocks #define T55X7_DEFAULT_CONFIG_BLOCK 0x000880E8 // ASK, compat mode, data rate 32, manchester, STT, 7 data blocks #define T55X7_RAW_CONFIG_BLOCK 0x000880E0 // ASK, compat mode, data rate 32, manchester, 7 data blocks -#define T55X7_EM_UNIQUE_CONFIG_BLOCK 0x00148040 // ASK, emulate em4x02/unique - compat mode, manchester, data rate 64, 2 data blocks -#define T55X7_EM_PAXTON_CONFIG_BLOCK 0x00148040 // ASK, emulate em4x02/paxton - compat mode, manchester, data rate 64, 2 data blocks +#define T55X7_EM_UNIQUE_CONFIG_BLOCK 0x00148040 // ASK, EM4x02/unique - compat mode, manchester, data rate 64, 2 data blocks +#define T55X7_EM_PAXTON_CONFIG_BLOCK 0x00148040 // ASK, EM4x02/paxton - compat mode, manchester, data rate 64, 2 data blocks +#define T55X7_VISA2000_CONFIG_BLOCK 0x00148068 // ASK, data rate 64, 3 data blocks, STT +#define T55X7_VIKING_CONFIG_BLOCK 0x00088040 // ASK, compat mode, data rate 32, Manchester, 2 data blocks +#define T55X7_NORALSY_CONFIG_BLOCK 0x00088C6A // ASK, compat mode, (NORALSY - KCP3000), data rate 32, 3 data blocks +#define T55X7_PRESCO_CONFIG_BLOCK 0x00088088 // ASK, data rate 32, Manchester, 4 data blocks, STT +#define T55X7_SECURAKEY_CONFIG_BLOCK 0x000C8060 // ASK, Manchester, data rate 40, 3 data blocks + // FDXB requires data inversion and BiPhase 57 is simply BiPhase 50 inverted, so we can either do it using the modulation scheme or the inversion flag // we've done both below to prove that it works either way, and the modulation value for BiPhase 50 in the Atmel data sheet of binary "10001" (17) is a typo, // and it should actually be "10000" (16) -// #define T55X7_FDXB_CONFIG_BLOCK 0x903F8080 // emulate fdx-b - xtended mode, BiPhase ('57), data rate 32, 4 data blocks -#define T55X7_FDXB_CONFIG_BLOCK 0x903F0082 // emulate fdx-b - xtended mode, BiPhase ('50), invert data, data rate 32, 4 data blocks -#define T55X7_HID_26_CONFIG_BLOCK 0x00107060 // hid 26 bit - compat mode, FSK2a, data rate 50, 3 data blocks -#define T55X7_PYRAMID_CONFIG_BLOCK 0x00107080 // Pyramid 26 bit - compat mode, FSK2a, data rate 50, 4 data blocks -#define T55X7_INDALA_64_CONFIG_BLOCK 0x00081040 // emulate indala 64 bit - compat mode, PSK1, psk carrier FC * 2, data rate 32, maxblock 2 -#define T55X7_INDALA_224_CONFIG_BLOCK 0x000810E0 // emulate indala 224 bit - compat mode, PSK1, psk carrier FC * 2, data rate 32, maxblock 7 -#define T55X7_GUARDPROXII_CONFIG_BLOCK 0x00150060 // bitrate 64pcb, Direct modulation, Biphase, 3 data blocks -#define T55X7_VIKING_CONFIG_BLOCK 0x00088040 // ASK, compat mode, data rate 32, Manchester, 2 data blocks -#define T55X7_NORALYS_CONFIG_BLOCK 0x00088C6A // ASK, compat mode, (NORALYS - KCP3000), 3 data blocks -#define T55X7_IOPROX_CONFIG_BLOCK 0x00147040 // ioprox - FSK2a, data rate 64, 2 data blocks -#define T55X7_PRESCO_CONFIG_BLOCK 0x00088088 // ASK, data rate 32, Manchester, 4 data blocks, STT -#define T55X7_NEDAP_64_CONFIG_BLOCK 0x907f0042 // BiPhase, data rate 64, 2 data blocks -#define T55X7_NEDAP_128_CONFIG_BLOCK 0x907f0082 // BiPhase, data rate 64, 4 data blocks +// #define T55X7_FDXB_CONFIG_BLOCK 0x903F8080 // BiPhase, fdx-b - xtended mode, BiPhase ('57), data rate 32, 4 data blocks +#define T55X7_FDXB_CONFIG_BLOCK 0x903F0082 // BiPhase, fdx-b - xtended mode, BiPhase ('50), invert data, data rate 32, 4 data blocks +#define T55X7_FDXB_2_CONFIG_BLOCK 0x00098080 // +#define T55X7_HID_26_CONFIG_BLOCK 0x00107060 // FSK2a, hid 26 bit - compat mode, data rate 50, 3 data blocks +#define T55X7_PARADOX_CONFIG_BLOCK 0x00107060 // FSK2a, hid 26 bit - compat mode, data rate 50, 3 data blocks +#define T55X7_AWID_CONFIG_BLOCK 0x00107060 // FSK2a, hid 26 bit - compat mode, data rate 50, 3 data blocks +#define T55X7_PYRAMID_CONFIG_BLOCK 0x00107080 // FSK2a, Pyramid 26 bit - compat mode, data rate 50, 4 data blocks +#define T55X7_IOPROX_CONFIG_BLOCK 0x00147040 // FSK2a, data rate 64, 2 data blocks + +#define T55X7_INDALA_64_CONFIG_BLOCK 0x00081040 // PSK1, indala 64 bit - compat mode, psk carrier FC * 2, data rate 32, maxblock 2 +#define T55X7_INDALA_224_CONFIG_BLOCK 0x000810E0 // PSK1, indala 224 bit - compat mode, psk carrier FC * 2, data rate 32, maxblock 7 +#define T55X7_MOTOROLA_CONFIG_BLOCK 0x00081040 // PSK1, data rate 32, 2 data blocks +#define T55X7_NEXWATCH_CONFIG_BLOCK 0x00081060 // PSK1 data rate 16, psk carrier FC * 2, 3 data blocks +#define T55X7_KERI_CONFIG_BLOCK 0x603E1040 // PSK1, 2 data blocks + +#define T55X7_JABLOTRON_CONFIG_BLOCK 0x00158040 // Biphase, data rate 64, 2 data blocks +#define T55X7_GUARDPROXII_CONFIG_BLOCK 0x00150060 // Biphase, data rate 64, Direct modulation, 3 data blocks +#define T55X7_NEDAP_64_CONFIG_BLOCK 0x907f0042 // BiPhase, data rate 64, 2 data blocks +#define T55X7_NEDAP_128_CONFIG_BLOCK 0x907f0082 // BiPhase, data rate 64, 4 data blocks + +#define T55X7_PAC_CONFIG_BLOCK 0x00080080 // NRZ, data rate 32, 4 data blocks +#define T55X7_VERICHIP_CONFIG_BLOCK 0x000C0080 // NRZ, data rate 40, 4 data blocks #define T55X7_bin 0b0010 -#define T5555_DEFAULT_CONFIG_BLOCK 0x6001F004 // data rate 64 , ask, manchester, 2 data blocks? +// Q5 / Termic / T5555 +#define T5555_DEFAULT_CONFIG_BLOCK 0x6001F004 // ASK, data rate 64, manchester, 2 data blocks? + typedef enum { T55x7_RAW = 0x00, T55x7_DEFAULT = 0x00, diff --git a/client/src/cmdlfverichip.c b/client/src/cmdlfverichip_disabled.c similarity index 96% rename from client/src/cmdlfverichip.c rename to client/src/cmdlfverichip_disabled.c index 0eec31bf1..ee2de0846 100644 --- a/client/src/cmdlfverichip.c +++ b/client/src/cmdlfverichip_disabled.c @@ -39,9 +39,13 @@ static int usage_lf_verichip_clone(void) { //see NRZDemod for what args are accepted static int CmdVerichipDemod(const char *Cmd) { + (void)Cmd; + return demodVerichip(); +} +int demodVerichip(void) { //NRZ - if (NRZrawDemod(Cmd, false) != PM3_SUCCESS) { + if (NRZrawDemod("", false) != PM3_SUCCESS) { PrintAndLogEx(DEBUG, "DEBUG: Error - VERICHIP: NRZ Demod failed"); return PM3_ESOFT; } @@ -154,20 +158,15 @@ int CmdLFVerichip(const char *Cmd) { return CmdsParse(CommandTable, Cmd); } -// by marshmellow -// find PAC preamble in already demoded data +// find VERICHIP preamble in already demoded data int detectVerichip(uint8_t *dest, size_t *size) { if (*size < 128) return -1; //make sure buffer has data size_t startIdx = 0; uint8_t preamble[] = {1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, 0}; if (!preambleSearch(dest, preamble, sizeof(preamble), size, &startIdx)) return -2; //preamble not found - if (*size != 128) return -3; //wrong demoded size + if (*size < 128) return -3; //wrong demoded size //return start position return (int)startIdx; } -int demodVerichip(void) { - return CmdVerichipDemod(""); -} - diff --git a/client/src/cmdlfverichip.h b/client/src/cmdlfverichip_disabled.h similarity index 100% rename from client/src/cmdlfverichip.h rename to client/src/cmdlfverichip_disabled.h diff --git a/client/src/loclass/cipherutils.c b/client/src/loclass/cipherutils.c index 76415b74f..58875216b 100644 --- a/client/src/loclass/cipherutils.c +++ b/client/src/loclass/cipherutils.c @@ -128,24 +128,17 @@ uint64_t x_bytes_to_num(uint8_t *src, size_t len) { return num; } -uint8_t reversebytes(uint8_t b) { - b = (b & 0xF0) >> 4 | (b & 0x0F) << 4; - b = (b & 0xCC) >> 2 | (b & 0x33) << 2; - b = (b & 0xAA) >> 1 | (b & 0x55) << 1; - return b; -} - void reverse_arraybytes(uint8_t *arr, size_t len) { uint8_t i; for (i = 0; i < len ; i++) { - arr[i] = reversebytes(arr[i]); + arr[i] = reflect8(arr[i]); } } void reverse_arraycopy(uint8_t *arr, uint8_t *dest, size_t len) { uint8_t i; for (i = 0; i < len ; i++) { - dest[i] = reversebytes(arr[i]); + dest[i] = reflect8(arr[i]); } } diff --git a/client/src/proxmark3.c b/client/src/proxmark3.c index e0dafe480..1b790f946 100644 --- a/client/src/proxmark3.c +++ b/client/src/proxmark3.c @@ -727,6 +727,10 @@ static bool DetectWindowsAnsiSupport(void) { RegCloseKey(hKey); } +#ifndef ENABLE_VIRTUAL_TERMINAL_PROCESSING +#define ENABLE_VIRTUAL_TERMINAL_PROCESSING 0x0004 +#endif + HANDLE hOut = GetStdHandle(STD_OUTPUT_HANDLE); DWORD dwMode = 0; GetConsoleMode(hOut, &dwMode); diff --git a/client/src/util.c b/client/src/util.c index 80def08ef..808f147f0 100644 --- a/client/src/util.c +++ b/client/src/util.c @@ -791,15 +791,6 @@ uint32_t PackBits(uint8_t start, uint8_t len, uint8_t *bits) { return tmp; } -/* -uint8_t pw_rev_A(uint8_t b) { - b = (b & 0xF0) >> 4 | (b & 0x0F) << 4; - b = (b & 0xCC) >> 2 | (b & 0x33) << 2; - b = (b & 0xAA) >> 1 | (b & 0x55) << 1; - return b; -} -*/ - uint64_t HornerScheme(uint64_t num, uint64_t divider, uint64_t factor) { uint64_t remaind = 0, quotient = 0, result = 0; remaind = num % divider; diff --git a/client/src/util.h b/client/src/util.h index c15183734..156c3a089 100644 --- a/client/src/util.h +++ b/client/src/util.h @@ -54,9 +54,12 @@ void print_blocks(uint32_t *data, size_t len); int hex_to_bytes(const char *hexValue, uint8_t *bytesValue, size_t maxBytesValueLen); void num_to_bytebits(uint64_t n, size_t len, uint8_t *dest); void num_to_bytebitsLSBF(uint64_t n, size_t len, uint8_t *dest); + +// Swap endian on arrays up to 64bytes. uint8_t *SwapEndian64(const uint8_t *src, const size_t len, const uint8_t blockSize); void SwapEndian64ex(const uint8_t *src, const size_t len, const uint8_t blockSize, uint8_t *dest); +// parameter helper functions int param_getlength(const char *line, int paramnum); char param_getchar(const char *line, int paramnum); char param_getchar_indx(const char *line, int indx, int paramnum); diff --git a/common/commonutil.c b/common/commonutil.c index 14f2d58e5..fc287fe9d 100644 --- a/common/commonutil.c +++ b/common/commonutil.c @@ -60,9 +60,21 @@ uint32_t reflect(uint32_t v, int b) { return v; } +// https://graphics.stanford.edu/~seander/bithacks.html#BitReverseTable + +// Reverse the bits in a byte with 3 operations (64-bit multiply and modulus division): +uint8_t reflect8(uint8_t b) { + return (b * 0x0202020202ULL & 0x010884422010ULL) % 1023; +} + + +// Reverse the bits in a byte with 4 operations (64-bit multiply, no division): +/* uint8_t reflect8(uint8_t b) { return ((b * 0x80200802ULL) & 0x0884422110ULL) * 0x0101010101ULL >> 32; } +*/ + uint16_t reflect16(uint16_t b) { uint16_t v = 0; v |= (b & 0x8000) >> 15; @@ -117,10 +129,13 @@ void lsl(uint8_t *data, size_t len) { data[len - 1] <<= 1; } + +// BSWAP24 of array[3] uint32_t le24toh(uint8_t data[3]) { return (data[2] << 16) | (data[1] << 8) | data[0]; } +// BSWAP24, take u32, output array void htole24(uint32_t val, uint8_t data[3]) { data[0] = (uint8_t) val; data[1] = (uint8_t)(val >> 8); diff --git a/doc/bt_manual_v10.md b/doc/bt_manual_v10.md index e474c0ec7..22db91322 100644 --- a/doc/bt_manual_v10.md +++ b/doc/bt_manual_v10.md @@ -182,8 +182,9 @@ Instead of `aa:bb:cc:dd:ee:ff`, you'll see your MAC address. If you don't have `hcitool`, you can use `bluetoothctl` and `scan on` as shown in next section. 2. Use Proxmark client with Bluetooth MAC address as bt: + ```sh -./proxmark3 bt:aa:bb:cc:dd:ee:ff +./proxmark3 -p bt:aa:bb:cc:dd:ee:ff ``` The first time, your OS will ask you for pairing. The default PIN is 1234. If PIN is not typed in quickly, the client might timeout. Simply @@ -225,7 +226,7 @@ turn on solid. 4. a serial port `/dev/ttyUSB0` will be created, use Proxmark3 client on it ```sh -./proxmark3 /dev/ttyUSB0 +./proxmark3 -p /dev/ttyUSB0 ``` #### 5.2.3 (deprecated) Connecting rdv4.0 with Bluetooth on Linux computer via rfcomm @@ -257,7 +258,7 @@ connection is successful. 4. Use Proxmark client on BT-serial port ```sh -./proxmark3 /dev/rfcomm0 +./proxmark3 -p /dev/rfcomm0 ``` See instructions above (method 1) for initial pairing. @@ -283,7 +284,7 @@ After reboot you can go ahead to pairing your Proxmark3 RDV4 Blue Shark: 8. A serial port like `/dev/tty.PM3_RDV40-DevB` will be created, use Proxmark3 client on it ```sh -./proxmark3 /dev/tty.PM3_RDV40-DevB +./proxmark3 -p /dev/tty.PM3_RDV40-DevB ``` ### 5.4 Android ^[Top](#top) @@ -294,7 +295,7 @@ After reboot you can go ahead to pairing your Proxmark3 RDV4 Blue Shark: 1. Make sure you already followed this tutorial https://github.com/RfidResearchGroup/proxmark3/blob/master/doc/termux_notes.md#setup and have Termux with an running Proxmark3 client ready. You need additional the `cp210x` serial usb driver enabled and working, like the `USB_ACM` driver to communicate wireless. 2. Insert the Bluetooth adapter with an fitting USB-C/Micro-USB converter into your Android USB port and a serial port `/dev/ttyUSB0` will be created. To see if it's working, run `tsudo ls /dev/ttyU*` and it should list `/dev/ttyUSB0`. 3. The adapter will search automatically and establish the connection to BlueShark. The adapter will remember the device that was first connected and after that the same device will be connected. After the connection is established, the blue state LED on add-on will turn on solid. - 4. If you see this, congratulations, you can run your Proxmark3 client in Termux with `tsudo proxmark3/client/proxmark3 /dev/ttyUSB0` + 4. If you see this, congratulations, you can run your Proxmark3 client in Termux with `tsudo proxmark3/client/proxmark3 -p /dev/ttyUSB0` ## 6. OTHER NOTES ^[Top](#top) diff --git a/include/pm3_cmd.h b/include/pm3_cmd.h index 492eca798..ac5d7ce00 100644 --- a/include/pm3_cmd.h +++ b/include/pm3_cmd.h @@ -406,6 +406,7 @@ typedef struct { #define CMD_LF_EM4X50_WRITE 0x0241 #define CMD_LF_EM4X50_WRITE_PASSWORD 0x0242 #define CMD_LF_EM4X50_READ 0x0243 +#define CMD_LF_EM4X50_WIPE 0x0244 // Sampling configuration for LF reader/sniffer #define CMD_LF_SAMPLING_SET_CONFIG 0x021D #define CMD_LF_FSK_SIMULATE 0x021E