From ec679385b9867a090f6b4e1f188cbb4a28b8d6ca Mon Sep 17 00:00:00 2001
From: iceman1001 <iceman@iuse.se>
Date: Sun, 11 Oct 2020 09:51:56 +0200
Subject: [PATCH] hf mfu otptear - textual

---
 armsrc/mifarecmd.c    |  7 +++--
 client/src/cmdhfmfu.c | 59 +++++++++++++++++++++++++++++--------------
 2 files changed, 43 insertions(+), 23 deletions(-)

diff --git a/armsrc/mifarecmd.c b/armsrc/mifarecmd.c
index 76cbea5c1..0f101fed4 100644
--- a/armsrc/mifarecmd.c
+++ b/armsrc/mifarecmd.c
@@ -2704,7 +2704,7 @@ void MifareU_Otp_Tearoff(uint8_t arg0, uint32_t arg1, uint8_t *datain) {
     memcpy(data_testwrite, datain + 4, 4);
 // optional authentication before?
 
-    if (DBGLEVEL >= DBG_ERROR) DbpString("Preparing OTP tear-off");
+    if (DBGLEVEL >= DBG_DEBUG) DbpString("Preparing OTP tear-off");
 
     LEDsoff();
     iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
@@ -2720,7 +2720,7 @@ void MifareU_Otp_Tearoff(uint8_t arg0, uint32_t arg1, uint8_t *datain) {
     MifareUWriteBlock(blockNo, 0, data_fullwrite);
 
     AddCrc14A(cmd, sizeof(cmd) - 2);
-    if (DBGLEVEL >= DBG_ERROR) DbpString("Transmitting");
+
     // anticollision / select card
     if (!iso14443a_select_card(NULL, NULL, NULL, true, 0, true)) {
         if (DBGLEVEL >= DBG_ERROR) Dbprintf("Can't select card");
@@ -2733,10 +2733,9 @@ void MifareU_Otp_Tearoff(uint8_t arg0, uint32_t arg1, uint8_t *datain) {
     // Wait before cutting power.  aka tear-off
     LED_D_ON();
     WaitUS(tearOffTime);
+    if (DBGLEVEL >= DBG_ERROR) Dbprintf(_YELLOW_("OTP tear-off triggered!"));
     switch_off();
 
     reply_ng(CMD_HF_MFU_OTP_TEAROFF, PM3_SUCCESS, NULL, 0);
     StopTicks();
-
-    if (DBGLEVEL >= DBG_ERROR) DbpString("Done");
 }
diff --git a/client/src/cmdhfmfu.c b/client/src/cmdhfmfu.c
index 334e47ecc..621843622 100644
--- a/client/src/cmdhfmfu.c
+++ b/client/src/cmdhfmfu.c
@@ -2883,50 +2883,71 @@ static int CmdHF14AMfuOtpTearoff(const char *Cmd) {
 
     if (errors) return usage_hf_mfu_otp_tearoff();
 
-    PrintAndLogEx(INFO, "Starting TearOff test - Selected Block no: %u", blockNoUint);
+    PrintAndLogEx(INFO, "Starting Tear-off test");
+    PrintAndLogEx(INFO, "Target block no: %u", blockNoUint);
 
 
+    uint8_t isOK;
+    bool got_pre = false, got_post = false;
+    uint8_t pre[4] = {0};
+    uint8_t post[4] = {0};
     uint32_t actualTime = startTime;
 
     while (actualTime <= (timeLimit - interval)) {
-        PrintAndLogEx(INFO, "Using tear-off at: %" PRIu32 " us", actualTime);
-        PrintAndLogEx(INFO, "Reading block BEFORE attack");
+        PrintAndLogEx(INFO, "Using tear-off delay " _GREEN_("%" PRIu32) " us", actualTime);
 
         clearCommandBuffer();
         SendCommandMIX(CMD_HF_MIFAREU_READBL, blockNoUint, 0, 0, NULL, 0);
         PacketResponseNG resp;
 
+        got_pre = false;
         if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
-            uint8_t isOK = resp.oldarg[0] & 0xff;
+            isOK = resp.oldarg[0] & 0xFF;
             if (isOK) {
-                uint8_t *d = resp.data.asBytes;
-                PrintAndLogEx(NORMAL, "\nBlock#  | Data        | Ascii");
-                PrintAndLogEx(NORMAL, "-----------------------------");
-                PrintAndLogEx(NORMAL, "%02d/0x%02X | %s| %s\n", blockNoUint, blockNoUint, sprint_hex(d, 4), sprint_ascii(d, 4));
+                memcpy(pre, resp.data.asBytes, sizeof(pre));
+                got_pre = true;
             }
         }
 
-        PrintAndLogEx(INFO, ".....");
         clearCommandBuffer();
-
         SendCommandMIX(CMD_HF_MFU_OTP_TEAROFF, blockNoUint, actualTime, 0, teardata, 8);
-        if (!WaitForResponseTimeout(CMD_HF_MFU_OTP_TEAROFF, &resp, 4000)) {
+        if (!WaitForResponseTimeout(CMD_HF_MFU_OTP_TEAROFF, &resp, 2000)) {
             PrintAndLogEx(WARNING, "Failed");
             return PM3_ESOFT;
         }
 
-        PrintAndLogEx(INFO, "Reading block AFTER attack");
-
+        got_post = false;
         clearCommandBuffer();
         SendCommandMIX(CMD_HF_MIFAREU_READBL, blockNoUint, 0, 0, NULL, 0);
         if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
-            uint8_t isOK = resp.oldarg[0] & 0xff;
+            isOK = resp.oldarg[0] & 0xFF;
             if (isOK) {
-                uint8_t *d = resp.data.asBytes;
-                PrintAndLogEx(NORMAL, "\nBlock#  | Data        | Ascii");
-                PrintAndLogEx(NORMAL, "-----------------------------");
-                PrintAndLogEx(NORMAL, "%02d/0x%02X | %s| %s\n", blockNoUint, blockNoUint, sprint_hex(d, 4), sprint_ascii(d, 4));
-            }
+                memcpy(post, resp.data.asBytes, sizeof(post));
+                got_post = true;
+           }
+        }
+
+        if (got_pre && got_post) {
+            
+            char post_res[30] = {0};
+            if (memcmp(pre, post, sizeof(pre)) == 0)
+                snprintf(post_res, sizeof(post_res) - 1, "%s", sprint_hex_inrow(post, sizeof(post)));
+            else
+                snprintf(post_res, sizeof(post_res) - 1, _CYAN_("%s"), sprint_hex_inrow(post, sizeof(post)));
+                
+            
+            PrintAndLogEx(INFO, "Result   %02d/0x%02X |  %s vs %s"
+                    , blockNoUint
+                    , blockNoUint
+                    , sprint_hex_inrow(pre, sizeof(pre))
+                    , post_res
+                    );
+            
+        } else {
+            if (got_pre == false)
+                PrintAndLogEx(FAILED, "Failed to read block BEFORE");
+            if (got_post == false)
+                PrintAndLogEx(FAILED, "Failed to read block AFTER");
         }
 
         /*  TEMPORALLY DISABLED