github/proxmark3
1
0
Fork 0
mirror of https://github.com/Proxmark/proxmark3.git synced 2025-07-16 02:03:00 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #122 from marshmellow42/master

Browse source 
add hf 14b info command +
This commit is contained in:
Martin Holst Swende 2015-06-27 21:51:23 +02:00
commit 86ed606758
4 changed files with 364 additions and 129 deletions
Download patch file Download diff file Expand all files Collapse all files

5
CHANGELOG.md
View file

@ -4,7 +4,12 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
## [Unreleased][unreleased]
### Changed
- Changed `hf 14b write` to `hf 14b sriwrite` as it only applied to sri tags (marshmellow)
- Added `hf 14b info` to `hf search` (marshmellow)
### Added
- Add `hf 14b info` to find and print info about std 14b tags and sri tags (using 14b raw commands in the client) (marshmellow)
- Add PACE replay functionality (frederikmoellers)
### Fixed

12
client/cmdhf.c
View file

@ -557,6 +557,11 @@ int CmdHFSearch(const char *Cmd){
PrintAndLog("\nValid ISO14443A Tag Found - Quiting Search\n");
return ans;
}
ans = HF14BInfo(false);
if (ans) {
PrintAndLog("\nValid ISO14443B Tag Found - Quiting Search\n");
return ans;
}
ans = HFiClassReader("", false, false);
if (ans) {
PrintAndLog("\nValid iClass Tag (or PicoPass Tag) Found - Quiting Search\n");
@ -567,12 +572,7 @@ int CmdHFSearch(const char *Cmd){
PrintAndLog("\nValid ISO15693 Tag Found - Quiting Search\n");
return ans;
}
//14b has issues currently...
//ans = CmdHF14BRead(Cmd);
//if (ans > 0) return ans;
PrintAndLog("\nno known/supported 13.56 MHz tags found\n");
return 0;
}

466
client/cmdhf14b.c
View file

@ -22,6 +22,7 @@
#include "cmdparser.h"
#include "cmdhf14b.h"
#include "cmdmain.h"
#include "cmdhf14a.h"
static int CmdHelp(const char *Cmd);
@ -35,6 +36,7 @@ int CmdHF14BList(const char *Cmd)
int CmdHF14BSim(const char *Cmd)
{
UsbCommand c={CMD_SIMULATE_TAG_ISO_14443B};
clearCommandBuffer();
SendCommand(&c);
return 0;
}
@ -42,6 +44,7 @@ int CmdHF14BSim(const char *Cmd)
int CmdHF14BSnoop(const char *Cmd)
{
UsbCommand c = {CMD_SNOOP_ISO_14443B};
clearCommandBuffer();
SendCommand(&c);
return 0;
}
@ -53,6 +56,7 @@ int CmdHF14BSnoop(const char *Cmd)
int CmdSri512Read(const char *Cmd)
{
UsbCommand c = {CMD_READ_SRI512_TAG, {strtol(Cmd, NULL, 0), 0, 0}};
clearCommandBuffer();
SendCommand(&c);
return 0;
}
@ -64,129 +68,356 @@ int CmdSri512Read(const char *Cmd)
int CmdSrix4kRead(const char *Cmd)
{
UsbCommand c = {CMD_READ_SRIX4K_TAG, {strtol(Cmd, NULL, 0), 0, 0}};
clearCommandBuffer();
SendCommand(&c);
return 0;
}
int CmdHF14BCmdRaw (const char *cmd) {
UsbCommand resp;
uint8_t *recv;
UsbCommand c = {CMD_ISO_14443B_COMMAND, {0, 0, 0}}; // len,recv?
uint8_t reply=1;
uint8_t crc=0;
uint8_t power=0;
char buf[5]="";
int i=0;
uint8_t data[100] = {0x00};
unsigned int datalen=0, temp;
char *hexout;
if (strlen(cmd)<3) {
PrintAndLog("Usage: hf 14b raw [-r] [-c] [-p] <0A 0B 0C ... hex>");
PrintAndLog(" -r do not read response");
PrintAndLog(" -c calculate and append CRC");
PrintAndLog(" -p leave the field on after receive");
return 0;
}
// strip
while (*cmd==' ' || *cmd=='\t') cmd++;
while (cmd[i]!='\0') {
if (cmd[i]==' ' || cmd[i]=='\t') { i++; continue; }
if (cmd[i]=='-') {
switch (cmd[i+1]) {
case 'r':
case 'R':
reply=0;
break;
case 'c':
case 'C':
crc=1;
break;
case 'p':
case 'P':
power=1;
break;
default:
PrintAndLog("Invalid option");
return 0;
}
i+=2;
continue;
}
if ((cmd[i]>='0' && cmd[i]<='9') ||
(cmd[i]>='a' && cmd[i]<='f') ||
(cmd[i]>='A' && cmd[i]<='F') ) {
buf[strlen(buf)+1]=0;
buf[strlen(buf)]=cmd[i];
i++;
if (strlen(buf)>=2) {
sscanf(buf,"%x",&temp);
data[datalen]=(uint8_t)(temp & 0xff);
datalen++;
*buf=0;
}
continue;
}
PrintAndLog("Invalid char on input");
return 1;
}
if (datalen == 0)
{
PrintAndLog("Missing data input");
return 0;
}
if(crc)
{
uint8_t first, second;
ComputeCrc14443(CRC_14443_B, data, datalen, &first, &second);
data[datalen++] = first;
data[datalen++] = second;
}
c.arg[0] = datalen;
c.arg[1] = reply;
c.arg[2] = power;
memcpy(c.d.asBytes,data,datalen);
SendCommand(&c);
if (reply) {
if (WaitForResponseTimeout(CMD_ACK,&resp,1000)) {
recv = resp.d.asBytes;
PrintAndLog("received %i octets",resp.arg[0]);
if(resp.arg[0] == 0)
return 0;
hexout = (char *)malloc(resp.arg[0] * 3 + 1);
if (hexout != NULL) {
uint8_t first, second;
for (int i = 0; i < resp.arg[0]; i++) { // data in hex
sprintf(&hexout[i * 3], "%02X ", recv[i]);
}
PrintAndLog("%s", hexout);
free(hexout);
if (resp.arg[0] > 2) {
ComputeCrc14443(CRC_14443_B, recv, resp.arg[0]-2, &first, &second);
if(recv[resp.arg[0]-2]==first && recv[resp.arg[0]-1]==second) {
PrintAndLog("CRC OK");
} else {
PrintAndLog("CRC failed");
}
}
} else {
PrintAndLog("malloc failed your client has low memory?");
}
} else {
PrintAndLog("timeout while waiting for reply.");
}
} // if reply
return 0;
int rawClose(void){
UsbCommand resp;
UsbCommand c = {CMD_ISO_14443B_COMMAND, {0, 0, 0}};
clearCommandBuffer();
SendCommand(&c);
if (!WaitForResponseTimeout(CMD_ACK,&resp,1000)) {
return 0;
}
return 0;
}
int CmdHF14BWrite( const char *Cmd){
int HF14BCmdRaw(bool reply, bool *crc, bool power, uint8_t *data, uint8_t *datalen, bool verbose){
UsbCommand resp;
UsbCommand c = {CMD_ISO_14443B_COMMAND, {0, 0, 0}}; // len,recv,power
if(*crc)
{
uint8_t first, second;
ComputeCrc14443(CRC_14443_B, data, *datalen, &first, &second);
data[*datalen] = first;
data[*datalen + 1] = second;
*datalen += 2;
}
c.arg[0] = *datalen;
c.arg[1] = reply;
c.arg[2] = power;
memcpy(c.d.asBytes,data,*datalen);
clearCommandBuffer();
SendCommand(&c);
if (!reply) return 1;
if (!WaitForResponseTimeout(CMD_ACK,&resp,1000)) {
if (verbose) PrintAndLog("timeout while waiting for reply.");
return 0;
}
*datalen = resp.arg[0];
if (verbose) PrintAndLog("received %u octets", *datalen);
if(*datalen<2) return 0;
memcpy(data, resp.d.asBytes, *datalen);
if (verbose) PrintAndLog("%s", sprint_hex(data, *datalen));
uint8_t first, second;
ComputeCrc14443(CRC_14443_B, data, *datalen-2, &first, &second);
if(data[*datalen-2] == first && data[*datalen-1] == second) {
if (verbose) PrintAndLog("CRC OK");
*crc = true;
} else {
if (verbose) PrintAndLog("CRC failed");
*crc = false;
}
return 1;
}
int CmdHF14BCmdRaw (const char *Cmd) {
bool reply = true;
bool crc = false;
bool power = false;
char buf[5] = "";
uint8_t data[100] = {0x00};
uint8_t datalen = 0;
unsigned int temp;
int i = 0;
if (strlen(Cmd)<3) {
PrintAndLog("Usage: hf 14b raw [-r] [-c] [-p] <0A 0B 0C ... hex>");
PrintAndLog(" -r do not read response");
PrintAndLog(" -c calculate and append CRC");
PrintAndLog(" -p leave the field on after receive");
return 0;
}
// strip
while (*Cmd==' ' || *Cmd=='\t') Cmd++;
while (Cmd[i]!='\0') {
if (Cmd[i]==' ' || Cmd[i]=='\t') { i++; continue; }
if (Cmd[i]=='-') {
switch (Cmd[i+1]) {
case 'r':
case 'R':
reply = false;
break;
case 'c':
case 'C':
crc = true;
break;
case 'p':
case 'P':
power = true;
break;
default:
PrintAndLog("Invalid option");
return 0;
}
i+=2;
continue;
}
if ((Cmd[i]>='0' && Cmd[i]<='9') ||
(Cmd[i]>='a' && Cmd[i]<='f') ||
(Cmd[i]>='A' && Cmd[i]<='F') ) {
buf[strlen(buf)+1]=0;
buf[strlen(buf)]=Cmd[i];
i++;
if (strlen(buf)>=2) {
sscanf(buf,"%x",&temp);
data[datalen++]=(uint8_t)(temp & 0xff);
*buf=0;
}
continue;
}
PrintAndLog("Invalid char on input");
return 1;
}
if (datalen == 0)
{
PrintAndLog("Missing data input");
return 0;
}
return HF14BCmdRaw(reply, &crc, power, data, &datalen, true);
}
static void print_atqb_resp(uint8_t *data){
PrintAndLog (" UID: %s", sprint_hex(data+1,4));
PrintAndLog (" App Data: %s", sprint_hex(data+5,4));
PrintAndLog (" Protocol: %s", sprint_hex(data+9,3));
uint8_t BitRate = data[9];
if (!BitRate)
PrintAndLog (" Bit Rate: 106 kbit/s only PICC <-> PCD");
if (BitRate & 0x10)
PrintAndLog (" Bit Rate: 212 kbit/s PICC -> PCD supported");
if (BitRate & 0x20)
PrintAndLog (" Bit Rate: 424 kbit/s PICC -> PCD supported");
if (BitRate & 0x40)
PrintAndLog (" Bit Rate: 847 kbit/s PICC -> PCD supported");
if (BitRate & 0x01)
PrintAndLog (" Bit Rate: 212 kbit/s PICC <- PCD supported");
if (BitRate & 0x02)
PrintAndLog (" Bit Rate: 424 kbit/s PICC <- PCD supported");
if (BitRate & 0x04)
PrintAndLog (" Bit Rate: 847 kbit/s PICC <- PCD supported");
if (BitRate & 0x80)
PrintAndLog (" Same bit rate <-> required");
uint16_t maxFrame = data[10]>>4;
if (maxFrame < 5)
maxFrame = 8*maxFrame + 16;
else if (maxFrame == 5)
maxFrame = 64;
else if (maxFrame == 6)
maxFrame = 96;
else if (maxFrame == 7)
maxFrame = 128;
else if (maxFrame == 8)
maxFrame = 256;
else
maxFrame = 257;
PrintAndLog ("Max Frame Size: %d%s",maxFrame, (maxFrame == 257) ? "+ RFU" : "");
uint8_t protocolT = data[10] & 0xF;
PrintAndLog (" Protocol Type: Protocol is %scompliant with ISO/IEC 14443-4",(protocolT) ? "" : "not " );
PrintAndLog ("Frame Wait Int: %d", data[11]>>4);
PrintAndLog (" App Data Code: Application is %s",(data[11]&4) ? "Standard" : "Proprietary");
PrintAndLog (" Frame Options: NAD is %ssupported",(data[11]&2) ? "" : "not ");
PrintAndLog (" Frame Options: CID is %ssupported",(data[11]&1) ? "" : "not ");
return;
}
char *get_ST_Chip_Model(uint8_t data){
static char model[20];
char *retStr = model;
memset(model,0, sizeof(model));
switch (data) {
case 0x0: sprintf(retStr, "SRIX4K (Special)"); break;
case 0x2: sprintf(retStr, "SR176"); break;
case 0x3: sprintf(retStr, "SRIX4K"); break;
case 0x4: sprintf(retStr, "SRIX512"); break;
case 0x6: sprintf(retStr, "SRI512"); break;
case 0x7: sprintf(retStr, "SRI4K"); break;
case 0xC: sprintf(retStr, "SRT512"); break;
default : sprintf(retStr, "Unknown"); break;
}
return retStr;
}
static void print_st_info(uint8_t *data){
//uid = first 8 bytes in data
PrintAndLog(" UID: %s", sprint_hex(SwapEndian64(data,8,8),8));
PrintAndLog(" MFG: %02X, %s", data[6], getTagInfo(data[6]));
PrintAndLog("Chip: %02X, %s", data[5]>>2, get_ST_Chip_Model(data[5]>>2));
return;
}
int HF14BStdInfo(uint8_t *data, uint8_t *datalen){
//05 00 00 = find one tag in field
//1d xx xx xx xx 20 00 08 01 00 = attrib xx=crc
//a3 = ? (resp 03 e2 c2)
//02 = ? (resp 02 6a d3)
// 022b (resp 02 67 00 [29 5b])
// 0200a40400 (resp 02 67 00 [29 5b])
// 0200a4040c07a0000002480300 (resp 02 67 00 [29 5b])
// 0200a4040c07a0000002480200 (resp 02 67 00 [29 5b])
// 0200a4040006a0000000010100 (resp 02 6a 82 [4b 4c])
// 0200a4040c09d27600002545500200 (resp 02 67 00 [29 5b])
// 0200a404000cd2760001354b414e4d30310000 (resp 02 6a 82 [4b 4c])
// 0200a404000ca000000063504b43532d313500 (resp 02 6a 82 [4b 4c])
// 0200a4040010a000000018300301000000000000000000 (resp 02 6a 82 [4b 4c])
//03 = ? (resp 03 [e3 c2])
//c2 = ? (resp c2 [66 15])
//b2 = ? (resp a3 [e9 67])
bool crc = true;
*datalen = 3;
//std read cmd
data[0] = 0x05;
data[1] = 0x00;
data[2] = 0x00;
if (HF14BCmdRaw(true, &crc, false, data, datalen, false)==0) return 0;
if (data[0] != 0x50 || *datalen != 14 || !crc) return 0;
PrintAndLog ("\n14443-3b tag found:");
print_atqb_resp(data);
return 1;
}
int HF14B_ST_Info(uint8_t *data, uint8_t *datalen){
bool crc = true;
*datalen = 2;
//wake cmd
data[0] = 0x06;
data[1] = 0x00;
//leave power on
// verbose on for now for testing - turn off when functional
if (HF14BCmdRaw(true, &crc, true, data, datalen, false)==0) return rawClose();
if (*datalen != 3 || !crc) return rawClose();
uint8_t chipID = data[0];
// select
data[0] = 0x0E;
data[1] = chipID;
*datalen = 2;
//leave power on
// verbose on for now for testing - turn off when functional
if (HF14BCmdRaw(true, &crc, true, data, datalen, false)==0) return rawClose();
if (*datalen != 3 || !crc || data[0] != chipID) return rawClose();
// get uid
data[0] = 0x0B;
*datalen = 1;
//power off
// verbose on for now for testing - turn off when functional
if (HF14BCmdRaw(true, &crc, true, data, datalen, false)==0) return 0;
rawClose();
if (*datalen != 10 || !crc) return 0;
PrintAndLog("\n14443-3b ST tag found:");
print_st_info(data);
return 1;
}
// test for other 14b type tags (mimic another reader - don't have tags to identify)
int HF14B_Other_Info(uint8_t *data, uint8_t *datalen){
bool crc = true;
*datalen = 4;
//std read cmd
data[0] = 0x00;
data[1] = 0x0b;
data[2] = 0x3f;
data[3] = 0x80;
if (HF14BCmdRaw(true, &crc, false, data, datalen, false)!=0) {
if (*datalen > 2 || !crc) {
PrintAndLog ("\n14443-3b tag found:");
PrintAndLog ("Unknown tag type answered to a 0x000b3f80 command ans:");
PrintAndLog ("%s",sprint_hex(data,*datalen));
return 1;
}
}
crc = false;
*datalen = 1;
data[0] = 0x0a;
if (HF14BCmdRaw(true, &crc, false, data, datalen, false)!=0) {
if (*datalen > 0) {
PrintAndLog ("\n14443-3b tag found:");
PrintAndLog ("Unknown tag type answered to a 0x0A command ans:");
PrintAndLog ("%s",sprint_hex(data,*datalen));
return 1;
}
}
crc = false;
*datalen = 1;
data[0] = 0x0c;
if (HF14BCmdRaw(true, &crc, false, data, datalen, false)!=0) {
if (*datalen > 0) {
PrintAndLog ("\n14443-3b tag found:");
PrintAndLog ("Unknown tag type answered to a 0x0C command ans:");
PrintAndLog ("%s",sprint_hex(data,*datalen));
return 1;
}
}
return 0;
}
int HF14BInfo(bool verbose){
uint8_t data[100];
uint8_t datalen = 5;
// try std 14b (atqb)
if (HF14BStdInfo(data, &datalen)) return 1;
// try st 14b
if (HF14B_ST_Info(data, &datalen)) return 1;
// try unknown 14b read commands (to be identified later)
// could be read of calypso, CEPAS, moneo, or pico pass.
if (HF14B_Other_Info(data, &datalen)) return 1;
if (verbose) PrintAndLog("no 14443B tag found");
return 0;
}
int CmdHF14Binfo(const char *Cmd){
return HF14BInfo(true);
}
int CmdSriWrite( const char *Cmd){
/*
* For SRIX4K blocks 00 - 7F
* hf 14b raw -c -p 09 $srix4kwblock $srix4kwdata
@ -256,13 +487,14 @@ int CmdHF14BWrite( const char *Cmd){
static command_t CommandTable[] =
{
{"help", CmdHelp, 1, "This help"},
{"info", CmdHF14Binfo, 0, "Find and print info about a 14b type tag (HF ISO 14443b)"},
{"list", CmdHF14BList, 0, "[Deprecated] List ISO 14443b history"},
{"sim", CmdHF14BSim, 0, "Fake ISO 14443B tag"},
{"snoop", CmdHF14BSnoop, 0, "Eavesdrop ISO 14443B"},
{"sri512read", CmdSri512Read, 0, "Read contents of a SRI512 tag"},
{"srix4kread", CmdSrix4kRead, 0, "Read contents of a SRIX4K tag"},
{"sriwrite", CmdSriWrite, 0, "Write data to a SRI512 | SRIX4K tag"},
{"raw", CmdHF14BCmdRaw, 0, "Send raw hex data to tag"},
{"write", CmdHF14BWrite, 0, "Write data to a SRI512 | SRIX4K tag"},
{NULL, NULL, 0, NULL}
};

8
client/cmdhf14b.h
View file

@ -12,15 +12,13 @@
#define CMDHF14B_H__
int CmdHF14B(const char *Cmd);
int CmdHF14BDemod(const char *Cmd);
int CmdHF14BList(const char *Cmd);
int CmdHF14BRead(const char *Cmd);
int CmdHF14Sim(const char *Cmd);
int CmdHFSimlisten(const char *Cmd);
int CmdHF14BInfo(const char *Cmd);
int CmdHF14BSim(const char *Cmd);
int CmdHF14BSnoop(const char *Cmd);
int CmdSri512Read(const char *Cmd);
int CmdSrix4kRead(const char *Cmd);
int CmdHF14BWrite( const char *cmd);
int HF14BInfo(bool verbose);
#endif