dash/proxmark3
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lf t55xx detect and help

Browse Source 
Added lf t55xx detect to try without password first and try password if still not detected.
Added password status to detected output.

Updated lf t55xx help to show current default downlink mode.

typo fixed in win10 color help
This commit is contained in:
mwalker33
2019-10-08 21:46:36 +11:00
parent 1e3d2d80b4
commit 275c628da5
4 changed files with 77 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG.md
View File

@@ -360,7 +360,8 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
- Added save to .eml and .bin for `em 4x05_dump` (@mwalker33)
- Added `s` <samples to skip> to `lf config` / `lf sniff` to skip samples when sniffing based on same option in Proxmark/proxmark3 by @marshmellow42. (@mwalker33)
- Added support for color text on windows 10 (@mwalker33)
- Added lf t55xx detected to try without password first (@mwalker33)
### Fixed
- Changed driver file proxmark3.inf to support both old and new Product/Vendor IDs (@pwpiwi)
- Changed start sequence in Qt mode (fix: short commands hangs main Qt thread) (@merlokk)

108
client/cmdlft55xx.c
View File

@@ -61,17 +61,17 @@ void Set_t55xx_Config(t55xx_conf_block_t conf) {
config = conf;
}
static void print_usage_t55xx_downloadlink(uint8_t ShowAll) {
static void print_usage_t55xx_downloadlink(uint8_t ShowAll, uint8_t dl_mode_default) {
if (ShowAll == T55XX_DLMODE_ALL)
PrintAndLogEx(NORMAL, " r <mode> - downlink encoding 0|1|2|3|4");
else
PrintAndLogEx(NORMAL, " r <mode> - downlink encoding 0|1|2|3");
PrintAndLogEx(NORMAL, " 0 - fixed bit length"); // default will be whats in config struct
PrintAndLogEx(NORMAL, " 1 - long leading reference");
PrintAndLogEx(NORMAL, " 2 - leading zero");
PrintAndLogEx(NORMAL, " 3 - 1 of 4 coding reference");
PrintAndLogEx(NORMAL, " 0 - fixed bit length%s",(dl_mode_default == 0)? " (detected default)":""); // default will be whats in config struct
PrintAndLogEx(NORMAL, " 1 - long leading reference%s",(dl_mode_default == 1)? " (detected default)":"");
PrintAndLogEx(NORMAL, " 2 - leading zero%s",(dl_mode_default == 2)? " (detected default)":"");
PrintAndLogEx(NORMAL, " 3 - 1 of 4 coding reference%s",(dl_mode_default == 3)? " (detected default)":"");
if (ShowAll == T55XX_DLMODE_ALL)
PrintAndLogEx(NORMAL, " 4 - Try all downlink modes");
PrintAndLogEx(NORMAL, " 4 - Try all downlink modes%s",(dl_mode_default == 4)? " (default)":"");
}
static int usage_t55xx_config() {
@@ -86,7 +86,7 @@ static int usage_t55xx_config() {
PrintAndLogEx(NORMAL, " Q5 [0/1] - Set/reset as T5555 ( Q5 ) chip instead of T55x7");
PrintAndLogEx(NORMAL, " ST [0/1] - Set/reset Sequence Terminator on");
PrintAndLogEx(NORMAL, ""); // layout is a little differnet, so seperate until a better fix
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE);
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE,config.downlink_mode);
PrintAndLogEx(NORMAL, "");
PrintAndLogEx(NORMAL, "Examples:");
PrintAndLogEx(NORMAL, " lf t55xx config d FSK - FSK demodulation");
@@ -102,7 +102,7 @@ static int usage_t55xx_read() {
PrintAndLogEx(NORMAL, " p <password> - OPTIONAL password (8 hex characters)");
PrintAndLogEx(NORMAL, " o - OPTIONAL override safety check");
PrintAndLogEx(NORMAL, " 1 - OPTIONAL 0|1 read Page 1 instead of Page 0");
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE);
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE,config.downlink_mode);
PrintAndLogEx(NORMAL, " " _RED_("**** WARNING ****"));
PrintAndLogEx(NORMAL, " Use of read with password on a tag not configured");
PrintAndLogEx(NORMAL, " for a password can damage the tag");
@@ -119,7 +119,7 @@ static int usage_t55xx_resetread() {
PrintAndLogEx(NORMAL, "Send Reset Cmd then lf read the stream to attempt to identify the start of it (needs a demod and/or plot after)");
PrintAndLogEx(NORMAL, "Usage: lf t55xx resetread [r <mode>]");
PrintAndLogEx(NORMAL, "Options:");
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE);
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE,config.downlink_mode);
PrintAndLogEx(NORMAL, "");
PrintAndLogEx(NORMAL, "Examples:");
PrintAndLogEx(NORMAL, " lf t55xx resetread");
@@ -135,7 +135,7 @@ static int usage_t55xx_write() {
PrintAndLogEx(NORMAL, " 1 - OPTIONAL write Page 1 instead of Page 0");
PrintAndLogEx(NORMAL, " t - OPTIONAL test mode write - ****DANGER****");
PrintAndLogEx(NORMAL, " v - OPTIONAL validate data afterwards");
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE);
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE,config.downlink_mode);
PrintAndLogEx(NORMAL, "");
PrintAndLogEx(NORMAL, "Examples:");
PrintAndLogEx(NORMAL, " lf t55xx write b 3 d 11223344 - write 11223344 to block 3");
@@ -147,7 +147,7 @@ static int usage_t55xx_write() {
static int usage_t55xx_trace() {
PrintAndLogEx(NORMAL, "Usage: lf t55xx trace [1] [r mode]");
PrintAndLogEx(NORMAL, "Options:");
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE);
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE,config.downlink_mode);
PrintAndLogEx(NORMAL, " 1 - if set, use Graphbuffer otherwise read data from tag.");
PrintAndLogEx(NORMAL, "");
PrintAndLogEx(NORMAL, "Examples:");
@@ -165,7 +165,7 @@ static int usage_t55xx_info() {
PrintAndLogEx(NORMAL, " c <block0> - set configuration from a block0");
PrintAndLogEx(NORMAL, " if set, use these data instead of reading tag.");
PrintAndLogEx(NORMAL, " q - if set, provided data are interpreted as Q5 config.");
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE);
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE,config.downlink_mode);
PrintAndLogEx(NORMAL, "");
PrintAndLogEx(NORMAL, "Examples:");
PrintAndLogEx(NORMAL, " lf t55xx info");
@@ -181,7 +181,7 @@ static int usage_t55xx_dump() {
PrintAndLogEx(NORMAL, "Options:");
PrintAndLogEx(NORMAL, " p <password> - OPTIONAL password 4bytes (8 hex symbols)");
PrintAndLogEx(NORMAL, " o - OPTIONAL override, force pwd read despite danger to card");
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE);
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE,config.downlink_mode);
PrintAndLogEx(NORMAL, "");
PrintAndLogEx(NORMAL, "Examples:");
PrintAndLogEx(NORMAL, " lf t55xx dump");
@@ -194,7 +194,7 @@ static int usage_t55xx_detect() {
PrintAndLogEx(NORMAL, "Options:");
PrintAndLogEx(NORMAL, " 1 - if set, use Graphbuffer otherwise read data from tag.");
PrintAndLogEx(NORMAL, " p <password - OPTIONAL password (8 hex characters)");
print_usage_t55xx_downloadlink(T55XX_DLMODE_ALL);
print_usage_t55xx_downloadlink(T55XX_DLMODE_ALL,T55XX_DLMODE_ALL);
PrintAndLogEx(NORMAL, "");
PrintAndLogEx(NORMAL, "Examples:");
PrintAndLogEx(NORMAL, " lf t55xx detect");
@@ -209,7 +209,7 @@ static int usage_t55xx_detectP1() {
PrintAndLogEx(NORMAL, "Options:");
PrintAndLogEx(NORMAL, " 1 - if set, use Graphbuffer otherwise read data from tag.");
PrintAndLogEx(NORMAL, " p <password> - OPTIONAL password (8 hex characters)");
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE); // Need to setup to try all modes
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE,config.downlink_mode); // Need to setup to try all modes
PrintAndLogEx(NORMAL, "");
PrintAndLogEx(NORMAL, "Examples:");
PrintAndLogEx(NORMAL, " lf t55xx p1detect");
@@ -224,7 +224,7 @@ static int usage_t55xx_wakup() {
PrintAndLogEx(NORMAL, "Options:");
PrintAndLogEx(NORMAL, " h - this help");
PrintAndLogEx(NORMAL, " p <password> - password 4bytes (8 hex symbols)");
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE);
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE,config.downlink_mode);
PrintAndLogEx(NORMAL, "");
PrintAndLogEx(NORMAL, "Examples:");
PrintAndLogEx(NORMAL, " lf t55xx wakeup p 11223344 - send wakeup password");
@@ -239,7 +239,7 @@ static int usage_t55xx_chk() {
PrintAndLogEx(NORMAL, "Options:");
PrintAndLogEx(NORMAL, " h - this help");
PrintAndLogEx(NORMAL, " m - use dictionary from flashmemory\n");
print_usage_t55xx_downloadlink(T55XX_DLMODE_ALL);
print_usage_t55xx_downloadlink(T55XX_DLMODE_ALL,T55XX_DLMODE_ALL);
PrintAndLogEx(NORMAL, " i <*.dic> - loads a default keys dictionary file <*.dic>");
PrintAndLogEx(NORMAL, "");
PrintAndLogEx(NORMAL, "Examples:");
@@ -257,7 +257,7 @@ static int usage_t55xx_bruteforce() {
PrintAndLogEx(NORMAL, " password must be 4 bytes (8 hex symbols)");
PrintAndLogEx(NORMAL, "Options:");
PrintAndLogEx(NORMAL, " h - this help");
print_usage_t55xx_downloadlink(T55XX_DLMODE_ALL);
print_usage_t55xx_downloadlink(T55XX_DLMODE_ALL,T55XX_DLMODE_ALL);
PrintAndLogEx(NORMAL, " s <start_pwd> - 4 byte hex value to start pwd search at");
PrintAndLogEx(NORMAL, " e <end_pwd> - 4 byte hex value to end pwd search at");
PrintAndLogEx(NORMAL, "");
@@ -276,7 +276,7 @@ static int usage_t55xx_recoverpw() {
PrintAndLogEx(NORMAL, " default password is 51243648, used by many cloners");
PrintAndLogEx(NORMAL, "Options:");
PrintAndLogEx(NORMAL, " h - this help");
print_usage_t55xx_downloadlink(T55XX_DLMODE_ALL);
print_usage_t55xx_downloadlink(T55XX_DLMODE_ALL,T55XX_DLMODE_ALL);
PrintAndLogEx(NORMAL, " p <password> - 4 byte hex value of password written by cloner");
PrintAndLogEx(NORMAL, "");
PrintAndLogEx(NORMAL, "Examples:");
@@ -328,7 +328,7 @@ static int usage_t55xx_protect() {
PrintAndLogEx(NORMAL, " p <password> - OPTIONAL password (8 hex characters)");
PrintAndLogEx(NORMAL, " o - OPTIONAL override safety check");
PrintAndLogEx(NORMAL, " n <new password> - new password");
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE);
print_usage_t55xx_downloadlink(T55XX_DLMODE_SINGLE,config.downlink_mode);
PrintAndLogEx(NORMAL, "");
PrintAndLogEx(NORMAL, "Examples:");
PrintAndLogEx(NORMAL, " lf t55xx protect n 01020304 - sets new password to 01020304");
@@ -490,6 +490,13 @@ bool t55xxAquireAndDetect(bool usepwd, uint32_t password, uint32_t known_block0,
if (verbose)
PrintAndLogEx(INFO, "Block0 write detected, running `detect` to see if validation is possible");
// Update flags for usepwd pwd assume its correct
config.usepwd = usepwd;
if (usepwd)
config.pwd = password;
else
config.pwd = 0x00;
for (uint8_t m = 0; m < 4; m++) {
if (AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, m) == false)
continue;
@@ -500,6 +507,9 @@ bool t55xxAquireAndDetect(bool usepwd, uint32_t password, uint32_t known_block0,
config.downlink_mode = m;
return true;
}
config.usepwd = false; // unknown so assume no password
config.pwd = 0x00;
return false;
}
@@ -943,6 +953,7 @@ static int CmdT55xxDetect(const char *Cmd) {
bool errors = false;
bool useGB = false;
bool usepwd = false;
bool try_with_pwd = false;
bool try_all_dl_modes = true;
bool found = false;
uint32_t password = 0;
@@ -982,33 +993,57 @@ static int CmdT55xxDetect(const char *Cmd) {
return PM3_ESOFT;
if (useGB == false) {
// do ... while to check without password then loop back if password supplied
do {
if (try_all_dl_modes) {
for (uint8_t m = downlink_mode; m < 4; m++) {
if (AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, try_with_pwd & usepwd, password, m) == false)
continue;
if (try_all_dl_modes) {
// pre fill to save passing in.
config.usepwd = try_with_pwd;
if (try_with_pwd)
config.pwd = password;
else
config.pwd = 0x00;
for (uint8_t m = downlink_mode; m < 4; m++) {
if (AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, m) == false)
continue;
if (tryDetectModulation(m, T55XX_PrintConfig) == false)
continue;
if (tryDetectModulation(m, T55XX_PrintConfig) == false)
continue;
found = true;
break;
}
} else {
config.usepwd = try_with_pwd;
if (try_with_pwd)
config.pwd = password;
else
config.pwd = 0x00;
found = true;
break;
if (AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, downlink_mode)) {
found = tryDetectModulation(downlink_mode, T55XX_PrintConfig);
}
}
} else {
if (AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, downlink_mode)) {
found = tryDetectModulation(downlink_mode, T55XX_PrintConfig);
}
}
if (!found & usepwd)
try_with_pwd = !try_with_pwd; // toggle so we loop back if not found and try with pwd
if (found)
try_with_pwd = false; // force exit as decect block has been found.
} while (try_with_pwd);
} else {
found = tryDetectModulation(downlink_mode, T55XX_PrintConfig);
}
if (found == false)
if (found == false) {
config.usepwd = false;
config.pwd = 0x00;
PrintAndLogEx(WARNING, "Could not detect modulation automatically. Try setting it manually with " _YELLOW_("\'lf t55xx config\'"));
}
return PM3_SUCCESS;
}
@@ -1482,6 +1517,9 @@ int printConfiguration(t55xx_conf_block_t b) {
PrintAndLogEx(NORMAL, " Seq. Term. : %s", (b.ST) ? _GREEN_("Yes") : "No");
PrintAndLogEx(NORMAL, " Block0 : 0x%08X", b.block0);
PrintAndLogEx(NORMAL, " Downlink Mode : %s", GetDownlinkModeStr(b.downlink_mode));
PrintAndLogEx(NORMAL, " Password Set : %s", (b.usepwd) ? _RED_("Yes") : _GREEN_("No"));
if (b.usepwd)
PrintAndLogEx(NORMAL, " Password : %08X",b.pwd);
PrintAndLogEx(NORMAL, "");
return PM3_SUCCESS;
}

1
client/cmdlft55xx.h
View File

@@ -118,6 +118,7 @@ typedef struct {
bool Q5;
bool ST;
bool usepwd;
uint32_t pwd;
enum {
refFixedBit = 0x00,
refLongLeading = 0x01,

2
doc/md/Installation_Instructions/Windows-Installation-Instructions.md
View File

@@ -135,4 +135,4 @@ In later versions of windows 10 you may be able to get color to work by setting
[HKEY_CURRENT_USER\Console]
"VirtualTerminalLevel"=dword:00000001
```
If after setting this key (and restarting proxmark.exe) you get extra characters and no color text, either delete the key or set the value to 0
If after setting this key (and restarting proxmark3.exe) you get extra characters and no color text, either delete the key or set the value to 0