minor change to lf em4x menu & iceman script...

...updates

client/cmdlfem4x.c

@@ -604,11 +604,11 @@ static command_t CommandTable[] =
 {
 	{"help", CmdHelp, 1, "This help"},
 	{"em410xdemod", CmdEMdemodASK, 0, "[findone] -- Extract ID from EM410x tag (option 0 for continuous loop, 1 for only 1 tag)"},  
-	{"em410xread", CmdEM410xRead, 1, "[clock rate] -- Extract ID from EM410x tag"},
+	{"em410xread", CmdEM410xRead, 1, "[clock rate] -- Extract ID from EM410x tag in GraphBuffer"},
 	{"em410xsim", CmdEM410xSim, 0, "<UID> -- Simulate EM410x tag"},
 	{"em410xwatch", CmdEM410xWatch, 0, "['h'] -- Watches for EM410x 125/134 kHz tags (option 'h' for 134)"},
 	{"em410xspoof", CmdEM410xWatchnSpoof, 0, "['h'] --- Watches for EM410x 125/134 kHz tags, and replays them. (option 'h' for 134)" },
-	{"em410xwrite", CmdEM410xWrite, 1, "<UID> <'0' T5555> <'1' T55x7> [clock rate] -- Write EM410x UID to T5555(Q5) or T55x7 tag, optionally setting clock rate"},
+	{"em410xwrite", CmdEM410xWrite, 0, "<UID> <'0' T5555> <'1' T55x7> [clock rate] -- Write EM410x UID to T5555(Q5) or T55x7 tag, optionally setting clock rate"},
 	{"em4x50read", CmdEM4x50Read, 1, "Extract data from EM4x50 tag"},
 	{"readword", CmdReadWord, 1, "<Word> -- Read EM4xxx word data"},
 	{"readwordPWD", CmdReadWordPWD, 1, "<Word> <Password> -- Read EM4xxx word data in password mode"},

client/lualibs/default_toys.lua

@@ -45,6 +45,7 @@ local _names = {
 --{"26", "1a00", "0030", "life", "regular", "Elite Stealth Elf"},
 --{"26", "1a00", "0030", "life", "regular", "Dark Stealth Elf"},
 {"27", "1b00", "0030", "life", "regular", "Stump Smash"},
+{"27", "1b00", "0118", "life", "regular", "Stump Smash"},
 --{"27", "1b00", "0030", "life", "regular", "Autumn Stump Smash"},
 {"28", "1c00", "0030", "magic", "regular", "Dark Spyro"},
 --{"28", "1c00", "0030", "magic", "regular", "Elite Spyro"},
@@ -70,7 +71,7 @@ local _names = {
 --{"107", "6b00", "0030", "water", "giant", "Admiral Thumpback"},
 {"108", "6c00", "0030", "magic", "giant", "Pop Fizz"},
 --{"108", "6c00", "0030", "magic", "giant", "Hoppity Pop Fizz"},
---{"108", "6c00", "0030", "magic", "giant", "Love Potion Pop Fizz"},
+{"108", "6c00", "023c", "magic", "giant", "Love Potion Pop Fizz"},
 --{"108", "6c00", "0030", "magic", "giant", "Punch Pop Fizz"},
 {"109", "6d00", "0030", "magic", "giant", "Nin Jini"},
 {"110", "6e00", "0030", "tech", "giant", "Bouncer"},
@@ -174,8 +175,8 @@ local _names = {
 {"304", "3001", "0030", "none", "location", "Volcanic Vault"},
 {"305", "3101", "0030", "none", "location", "Mirror Of Mystery"},
 {"306", "3201", "0030", "none", "location", "Nightmare Express"},
-{"307", "3301", "0030", "none", "location", "Sunscraper Spire"},
+{"307", "3301", "0030", "light", "location", "Sunscraper Spire"},
-{"308", "3401", "0030", "none", "location", "Midnight Museum"},
+{"308", "3401", "0030", "dark", "location", "Midnight Museum"},
 
 {"404", "9401", "0030", "earth", "legendary","Bash"},
 {"416", "a001", "0030", "magic", "legendary", "Spyro"},
@@ -219,7 +220,7 @@ local _names = {
 {"461", "cd01", "0030", "fire", "regular", "Torch"},
 {"462", "ce01", "0030", "water", "trapmaster", "Snap Shot"},
 {"462", "ce01", "0234", "water", "trapmaster", "Dark Snap Shot"},
---, "water", "trapmaster", "Instant Snap Shot"},
+{"462", "6c00", "023c", "water", "trapmaster", "Instant Snap Shot"},
 --, "water", "trapmaster", "Merry Snap Shot"},
 {"463", "cf01", "0030", "water", "trapmaster", "Lob Star"},
 {"463", "cf01", "0234", "water", "trapmaster", "Winterfest Lob Star"},
@@ -245,6 +246,7 @@ local _names = {
 {"475", "db01", "0030", "life", "trapmaster", "Tuff Luck"},
 --{"475", "db01", "0234", "life", "trapmaster", "Special Tuff Luck"},
 {"476", "dc01", "0030", "life", "regular", "Food Fight"},
+{"476", "dc01", "0612", "life", "regular", "LightCore Food Fight"},
 --{"476", "dc01", "0030", "life", "regular", "Dark Food Fight"},
 --{"476", "dc01", "0030", "life", "regular", "Frosted Food Fight"},
 --{"476", "dc01", "0030", "life", "regular", "Instant Food Fight"},
@@ -255,6 +257,7 @@ local _names = {
 --{"479", "df01", "0234", "undead", "trapmaster", "Special Short Cut"},
 {"480", "e001", "0030", "undead", "regular", "Bat Spin"},
 {"481", "e101", "0030", "undead", "regular", "Funny Bone"},
+{"481", "e101", "0612", "undead", "regular", "LightCore Funny Bone"},
 --{"481", "e101", "0030", "undead", "regular", "Fortune Funny Bone"},
 {"482", "e201", "0030", "light", "trapmaster", "Knight light"},
 --{"482", "e201", "0234", "light", "trapmaster", "Special Knight light"},
@@ -292,6 +295,7 @@ local _names = {
 --{"3002", "ba0b", "0030", "earth", "SWAPFORCE", "Dark Slobber Tooth"},
 --{"3002", "ba0b", "0030", "earth", "SWAPFORCE", "Sundae Slobber Tooth"},
 {"3003", "bb0b", "0030", "earth", "SWAPFORCE", "Scorp"},
+{"3004", "bc0b", "0030", "fire", "SWAPFORCE", "Fryno"},
 {"3004", "bc0b", "0138", "fire", "SWAPFORCE", "Hog Wild Fryno"},
 --{"3004", "bc0b", "0138", "fire", "SWAPFORCE", "Flip flop Fryno"},
 {"3005", "bd0b", "0030", "fire", "SWAPFORCE", "Smolderdash"},
@@ -314,9 +318,10 @@ local _names = {
 }
 
 local function find( main, sub)
-    
+    main = main:lower()
+	sub = sub:lower()
     for k, v in pairs(_names) do
-		if ( v[2] == main  and v[3] == sub) then
+		if ( v[2]:lower()  == main  and v[3]:lower() == sub) then
 			return v
 		end
 	end

client/scripts/tnp3clone.lua

@@ -25,6 +25,14 @@ Arguments:
 	-h             : this help
 	-t <data>      : toytype id, 4hex symbols.
 	-s <data>      : subtype id, 4hex symbols		
+	
+	For fun,  try the following subtype id: 
+	0612 - Lightcore
+	0118 - Series 1
+	0138 - Series 2
+	0234 - Special
+	023c - Special
+	
 ]]
 
 

client/scripts/tnp3dump.lua

@@ -30,9 +30,7 @@ Arguments:
 	-p             : Use the precalc to find all keys
 	-o             : filename for the saved dumps
 ]]
-
+local RANDOM = '20436F707972696768742028432920323031302041637469766973696F6E2E20416C6C205269676874732052657365727665642E20'
-local HASHCONSTANT = '20436F707972696768742028432920323031302041637469766973696F6E2E20416C6C205269676874732052657365727665642E20'
-
 local TIMEOUT = 2000 -- Shouldn't take longer than 2 seconds
 local DEBUG = false -- the debug flag
 local numBlocks = 64
@@ -96,16 +94,6 @@ local function waitCmd()
 	return nil, "No response from device"
 end
 
-local function computeCrc16(s)
-	local hash = core.crc16(utils.ConvertHexToAscii(s))	
-	return hash
-end
-
-local function reverseCrcBytes(crc)
-	crc2 = crc:sub(3,4)..crc:sub(1,2)
-	return tonumber(crc2,16)
-end
-
 local function main(args)
 
 	print( string.rep('--',20) )
@@ -146,10 +134,6 @@ local function main(args)
 
 	core.clearCommandBuffer()
 	
-	if 0x01 ~= result.sak then -- NXP MIFARE TNP3xxx
-	--	return oops('This is not a TNP3xxx tag. aborting.')
-	end	
-
 	-- Show tag info
 	print((' Found tag %s'):format(result.name))
 
@@ -189,6 +173,8 @@ local function main(args)
 	local block1, err = waitCmd()
 	if err then return oops(err) end
 
+	local tmpHash = block0..block1..'%02x'..RANDOM
+
 	local key
 	local pos = 0
 	local blockNo
@@ -221,20 +207,16 @@ local function main(args)
 				-- Block 0-7 not encrypted
 				blocks[blockNo+1] = ('%02d  :: %s'):format(blockNo,blockdata) 
 			else
-				local base = ('%s%s%02x%s'):format(block0, block1, blockNo, HASHCONSTANT)	
-				local baseStr = utils.ConvertHexToAscii(base)
-				local md5hash = md5.sumhexa(baseStr)
-				local aestest = core.aes(md5hash, blockdata)
-
-				local hex = utils.ConvertAsciiToBytes(aestest)
-				hex = utils.ConvertBytesToHex(hex)
-
 				-- blocks with zero not encrypted.
 				if string.find(blockdata, '^0+$') then
 					blocks[blockNo+1] = ('%02d  :: %s'):format(blockNo,blockdata) 
 				else
-					blocks[blockNo+1] = ('%02d  :: %s'):format(blockNo,hex)
+					local baseStr = utils.ConvertHexToAscii(tmpHash:format(blockNo))
-					io.write( blockNo..',')
+					local key = md5.sumhexa(baseStr)
+					local aestest = core.aes128_decrypt(key, blockdata)
+					local hex = utils.ConvertAsciiToBytes(aestest)					
+					hex = utils.ConvertBytesToHex(hex)
+					blocks[blockNo+1] = ('%02d  :: %s'):format(blockNo,hex)					
 				end		
 			end
 		else
@@ -258,11 +240,10 @@ local function main(args)
 		emldata = emldata..slice..'\n'
 		for c in (str):gmatch('.') do
 			bindata[#bindata+1] = c
-		end
+		end		
 	end 
 
 	print( string.rep('--',20) )
-
 	
 	local uid = block0:sub(1,8)
 	local toytype = block1:sub(1,4)
@@ -273,26 +254,24 @@ local function main(args)
 	
 	-- Write dump to files
 	if not DEBUG then
-		local foo = dumplib.SaveAsBinary(bindata, outputTemplate..'_uid_'..uid..'.bin')
+		local foo = dumplib.SaveAsBinary(bindata, outputTemplate..'-'..uid..'.bin')
 		print(("Wrote a BIN dump to:  %s"):format(foo))
-		local bar = dumplib.SaveAsText(emldata, outputTemplate..'_uid_'..uid..'.eml')
+		local bar = dumplib.SaveAsText(emldata, outputTemplate..'-'..uid..'.eml')
 		print(("Wrote a EML dump to:  %s"):format(bar))
 	end
+	
+	print( string.rep('--',20) )
+	-- Show info 
 
 	local item = toys.Find(toytype, subtype)
 	if item then
-		local itemStr = ('%s - %s (%s)'):format(item[6],item[5], item[4])
+		print(('            ITEM TYPE : %s - %s (%s)'):format(item[6],item[5], item[4]) )
-		print('            ITEM TYPE : '..itemStr )
 	else
 		print(('            ITEM TYPE : 0x%s 0x%s'):format(toytype, subtype))
 	end
-	
+
-	-- Show info 
-	print( (' Alter ego / traptype : 0x%s'):format(traptype) )
 	print( ('                  UID : 0x%s'):format(uid) )
 	print( ('               CARDID : 0x%s'):format(cardid ) )
-	
 	print( string.rep('--',20) )
-
 end
 main(args)