From f13fbe32e84c5d62e2fadc2ffb04bfe1fe2a1b81 Mon Sep 17 00:00:00 2001
From: iceman1001 <iceman@iuse.se>
Date: Wed, 12 Aug 2020 13:00:30 +0200
Subject: [PATCH] hf iclass replay

---
 armsrc/appmain.c | 11 ++++++++---
 armsrc/iclass.c  |  5 +++--
 armsrc/iclass.h  |  2 +-
 3 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/armsrc/appmain.c b/armsrc/appmain.c
index 7c0edee5f..04027bef0 100644
--- a/armsrc/appmain.c
+++ b/armsrc/appmain.c
@@ -502,6 +502,7 @@ static void SendCapabilities(void) {
 
 // Show some leds in a pattern to identify StandAlone mod is running
 void StandAloneMode(void) {
+    DbpString("");
     DbpString("Stand-alone mode, no computer necessary");
     SpinDown(50);
     SpinDelay(50);
@@ -780,7 +781,7 @@ static void PacketReceived(PacketCommandNG *packet) {
         case CMD_LF_HID_WATCH: {
             uint32_t high, low;
             int res = lf_hid_watch(0, &high, &low);
-            reply_ng(CMD_LF_HID_WATCH, res, NULL, 0);            
+            reply_ng(CMD_LF_HID_WATCH, res, NULL, 0);
             break;
         }
         case CMD_LF_HID_SIMULATE: {
@@ -1023,12 +1024,16 @@ static void PacketReceived(PacketCommandNG *packet) {
             break;
         }
         case CMD_HF_ISO15693_SNIFF: {
+            /*
             struct p {
                 uint8_t jam_search_len;
                 uint8_t jam_search_string[];
             } PACKED;
             struct p *payload = (struct p *) packet->data.asBytes;
+
             SniffIso15693(payload->jam_search_len, payload->jam_search_string);
+            */
+            SniffIso15693(0, NULL);
             reply_ng(CMD_HF_ISO15693_SNIFF, PM3_SUCCESS, NULL, 0);
             break;
         }
@@ -1399,10 +1404,10 @@ static void PacketReceived(PacketCommandNG *packet) {
         }
         case CMD_HF_ICLASS_REPLAY: {
             struct p {
-                uint8_t reader;
+                uint8_t reader[4];
                 uint8_t mac[4];
             } PACKED;
-            struct p *payload = (struct p *) packet->data.asBytes;            
+            struct p *payload = (struct p *) packet->data.asBytes;
             ReaderIClass_Replay(payload->reader, payload->mac);
             break;
         }
diff --git a/armsrc/iclass.c b/armsrc/iclass.c
index b374d1d98..9721a5ec2 100644
--- a/armsrc/iclass.c
+++ b/armsrc/iclass.c
@@ -1469,12 +1469,13 @@ void ReaderIClass(uint8_t flags) {
 }
 
 // turn off afterwards
-void ReaderIClass_Replay(uint8_t reader, uint8_t *mac) {
+void ReaderIClass_Replay(uint8_t *rnr, uint8_t *mac) {
     
     BigBuf_free();
 
     uint8_t check[] = { ICLASS_CMD_CHECK, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
-    // copy mac
+
+    memcpy(check + 1, rnr, 4);
     memcpy(check + 5, mac, 4);
 
     uint8_t *card_data = BigBuf_malloc(ICLASS_16KS_SIZE);
diff --git a/armsrc/iclass.h b/armsrc/iclass.h
index add295c33..3776aa385 100644
--- a/armsrc/iclass.h
+++ b/armsrc/iclass.h
@@ -17,7 +17,7 @@
 
 void SniffIClass(uint8_t jam_search_len, uint8_t *jam_search_string);
 void ReaderIClass(uint8_t arg0);
-void ReaderIClass_Replay(uint8_t arg0, uint8_t *mac);
+void ReaderIClass_Replay(uint8_t *rnr, uint8_t *mac);
 
 void iClass_WriteBlock(uint8_t *msg);
 void iClass_Dump(uint8_t *msg);