dash/proxmark3
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into allin

Browse Source 
update 201031
This commit is contained in:
tharexde
2020-10-31 14:56:23 +01:00
parent 098ca87c81 a7cdffd568
commit d977902fd8
52 changed files with 1959206 additions and 276 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
armsrc/appmain.c
View File

@@ -1220,7 +1220,11 @@ static void PacketReceived(PacketCommandNG *packet) {
#ifdef WITH_ISO14443b
case CMD_HF_SRI_READ: {
ReadSTMemoryIso14443b(packet->oldarg[0]);
struct p {
uint8_t blockno;
} PACKED;
struct p *payload = (struct p *) packet->data.asBytes;
ReadSTBlock(payload->blockno);
break;
}
case CMD_HF_ISO14443B_SNIFF: {

3
armsrc/iso14443a.c
View File

@@ -2623,9 +2623,10 @@ int iso14443a_select_card(uint8_t *uid_ptr, iso14a_card_select_t *p_card, uint32
// PICC compliant with iso14443a-4 ---> (SAK & 0x20 != 0)
if ((sak & 0x20) == 0) return 2;
} else if (hf14aconfig.forcerats == 2) {
if ((sak & 0x20) != 0) Dbprintf("Skipping RATS according to hf 14a config");
return 2;
} // else force RATS
if ((sak & 0x20) == 0) Dbprintf("Forcing RATS according to hf 14a config");
// RATS, Request for answer to select
if (no_rats == false) {
uint8_t rats[] = { ISO14443A_CMD_RATS, 0x80, 0x00, 0x00 }; // FSD=256, FSDI=8, CID=0

63
armsrc/iso14443b.c
View File

@@ -1540,7 +1540,8 @@ void iso14443b_setup(void) {
//
// I tried to be systematic and check every answer of the tag, every CRC, etc...
//-----------------------------------------------------------------------------
static bool ReadSTBlock(uint8_t blocknr, uint8_t *block) {
static int read_srx_block(uint8_t blocknr, uint8_t *block) {
uint8_t cmd[] = {ISO14443B_READ_BLK, blocknr, 0x00, 0x00};
AddCrc14B(cmd, 2);
@@ -1557,60 +1558,50 @@ static bool ReadSTBlock(uint8_t blocknr, uint8_t *block) {
// Check if we got an answer from the tag
if (retlen != 6) {
DbpString("[!] expected 6 bytes from tag, got less...");
return false;
return PM3_EWRONGANSWER;
}
// The check the CRC of the answer
if (!check_crc(CRC_14443_B, r_block, retlen)) {
if (check_crc(CRC_14443_B, r_block, retlen) == false) {
DbpString("CRC fail");
return false;
return PM3_ECRC;
}
if (block) {
memcpy(block, r_block, 4);
}
Dbprintf("Address=%02x, Contents=%08x, CRC=%04x",
blocknr,
(r_block[3] << 24) + (r_block[2] << 16) + (r_block[1] << 8) + r_block[0],
(r_block[4] << 8) + r_block[5]);
if (DBGLEVEL >= DBG_DEBUG) {
Dbprintf("Address=%02x, Contents=%08x, CRC=%04x",
blocknr,
(r_block[3] << 24) + (r_block[2] << 16) + (r_block[1] << 8) + r_block[0],
(r_block[4] << 8) + r_block[5]
);
}
return true;
return PM3_SUCCESS;
}
void ReadSTMemoryIso14443b(uint16_t numofblocks) {
void ReadSTBlock(uint8_t blocknr) {
iso14443b_setup();
uint8_t *mem = BigBuf_malloc((numofblocks + 1) * 4);
iso14b_card_select_t card;
int res = iso14443b_select_srx_card(&card);
int isOK = PM3_SUCCESS;
// 0: OK 2: attrib fail, 3:crc fail,
if (res < 1) {
isOK = PM3_ETIMEOUT;
goto out;
}
++numofblocks;
for (uint8_t i = 0; i < numofblocks; i++) {
if (ReadSTBlock(i, mem + (i * 4)) == false) {
isOK = PM3_ETIMEOUT;
break;
// 0: OK -1 wrong len, -2: attrib fail, -3:crc fail,
switch(res) {
case -1:
case -3: {
reply_ng(CMD_HF_SRI_READ, PM3_EWRONGANSWER, NULL, 0);
goto out;
}
case -2: {
reply_ng(CMD_HF_SRI_READ, PM3_ECRC, NULL, 0);
goto out;
}
}
// System area block (0xFF)
if (ReadSTBlock(0xFF, mem + (numofblocks * 4)) == false)
isOK = PM3_ETIMEOUT;
uint8_t *data = BigBuf_malloc(4);
res = read_srx_block(blocknr, data);
reply_ng(CMD_HF_SRI_READ, res, data, 4);
out:
reply_ng(CMD_HF_SRI_READ, isOK, mem, numofblocks * 4);
BigBuf_free();
switch_off();
}

2
armsrc/iso14443b.h
View File

@@ -34,7 +34,7 @@ int iso14443b_select_card_srx(iso14b_card_select_t *card);
void SimulateIso14443bTag(uint8_t *pupi);
void AcquireRawAdcSamplesIso14443b(uint32_t parameter);
void ReadSTMemoryIso14443b(uint16_t numofblocks);
void ReadSTBlock(uint8_t blocknr);
void SniffIso14443b(void);
void SendRawCommand14443B(uint32_t, uint32_t, uint8_t, uint8_t[]);
void SendRawCommand14443B_Ex(PacketCommandNG *c);

98
armsrc/mifarecmd.c
View File

@@ -2247,6 +2247,11 @@ void MifareCIdent(bool is_mfc) {
uint8_t *par = BigBuf_malloc(MAX_PARITY_SIZE);
uint8_t *buf = BigBuf_malloc(PM3_CMD_DATA_SIZE);
uint8_t *uid = BigBuf_malloc(10);
memset(par, 0x00, MAX_PARITY_SIZE);
memset(buf, 0x00, PM3_CMD_DATA_SIZE);
memset(uid, 0x00, 10);
uint32_t cuid = 0;
uint8_t data[1] = {0x00};
@@ -2278,52 +2283,56 @@ void MifareCIdent(bool is_mfc) {
ReaderTransmit(rats, sizeof(rats), NULL);
res = ReaderReceive(buf, par);
// test for some MFC gen2
if (memcmp(buf, "\x09\x78\x00\x91\x02\xDA\xBC\x19\x10\xF0\x05", 11) == 0) {
if (res ) {
// super card ident
uint8_t super[] = {0x0A, 0x00, 0x00, 0xA6, 0xB0, 0x00, 0x10, 0x14, 0x1D};
ReaderTransmit(super, sizeof(super), NULL);
res = ReaderReceive(buf, par);
if (res == 22) {
isGen = MAGIC_SUPER;
// test for some MFC gen2
if (memcmp(buf, "\x09\x78\x00\x91\x02\xDA\xBC\x19\x10\xF0\x05", 11) == 0) {
// super card ident
uint8_t super[] = {0x0A, 0x00, 0x00, 0xA6, 0xB0, 0x00, 0x10, 0x14, 0x1D};
ReaderTransmit(super, sizeof(super), NULL);
res = ReaderReceive(buf, par);
if (res == 22) {
isGen = MAGIC_SUPER;
goto OUT;
}
isGen = MAGIC_GEN_2;
goto OUT;
}
// test for some MFC 7b gen2
if (memcmp(buf, "\x0D\x78\x00\x71\x02\x88\x49\xA1\x30\x20\x15\x06\x08\x56\x3D", 15) == 0) {
isGen = MAGIC_GEN_2;
goto OUT;
}
// test for Ultralight magic gen2
if (memcmp(buf, "\x0A\x78\x00\x81\x02\xDB\xA0\xC1\x19\x40\x2A\xB5", 12) == 0) {
isGen = MAGIC_GEN_2;
goto OUT;
}
// test for Ultralight EV1 magic gen2
if (memcmp(buf, "\x85\x00\x00\xA0\x00\x00\x0A\xC3\x00\x04\x03\x01\x01\x00\x0B\x03\x41\xDF", 18) == 0) {
isGen = MAGIC_GEN_2;
goto OUT;
}
// test for some other Ultralight EV1 magic gen2
if (memcmp(buf, "\x85\x00\x00\xA0\x0A\x00\x0A\xC3\x00\x04\x03\x01\x01\x00\x0B\x03\x16\xD7", 18) == 0) {
isGen = MAGIC_GEN_2;
goto OUT;
}
// test for some other Ultralight magic gen2
if (memcmp(buf, "\x85\x00\x00\xA0\x0A\x00\x0A\xB0\x00\x00\x00\x00\x00\x00\x00\x00\x18\x4D", 18) == 0) {
isGen = MAGIC_GEN_2;
goto OUT;
}
// test for NTAG213 magic gen2
if (memcmp(buf, "\x85\x00\x00\xA0\x00\x00\x0A\xA5\x00\x04\x04\x02\x01\x00\x0F\x03\x79\x0C", 18) == 0) {
isGen = MAGIC_GEN_2;
goto OUT;
}
isGen = MAGIC_GEN_2;
goto OUT;
}
// test for some MFC 7b gen2
if (memcmp(buf, "\x0D\x78\x00\x71\x02\x88\x49\xA1\x30\x20\x15\x06\x08\x56\x3D", 15) == 0) {
isGen = MAGIC_GEN_2;
}
// test for Ultralight magic gen2
if (memcmp(buf, "\x0A\x78\x00\x81\x02\xDB\xA0\xC1\x19\x40\x2A\xB5", 12) == 0) {
isGen = MAGIC_GEN_2;
goto OUT;
}
// test for Ultralight EV1 magic gen2
if (memcmp(buf, "\x85\x00\x00\xA0\x00\x00\x0A\xC3\x00\x04\x03\x01\x01\x00\x0B\x03\x41\xDF", 18) == 0) {
isGen = MAGIC_GEN_2;
goto OUT;
}
// test for some other Ultralight EV1 magic gen2
if (memcmp(buf, "\x85\x00\x00\xA0\x0A\x00\x0A\xC3\x00\x04\x03\x01\x01\x00\x0B\x03\x16\xD7", 18) == 0) {
isGen = MAGIC_GEN_2;
goto OUT;
}
// test for some other Ultralight magic gen2
if (memcmp(buf, "\x85\x00\x00\xA0\x0A\x00\x0A\xB0\x00\x00\x00\x00\x00\x00\x00\x00\x18\x4D", 18) == 0) {
isGen = MAGIC_GEN_2;
goto OUT;
}
// test for NTAG213 magic gen2
if (memcmp(buf, "\x85\x00\x00\xA0\x00\x00\x0A\xA5\x00\x04\x04\x02\x01\x00\x0F\x03\x79\x0C", 18) == 0) {
isGen = MAGIC_GEN_2;
goto OUT;
}
if (! is_mfc) {
if (is_mfc == false) {
// magic ntag test
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
SpinDelay(40);
@@ -2336,8 +2345,7 @@ void MifareCIdent(bool is_mfc) {
isGen = MAGIC_NTAG21X;
}
}
}
if (is_mfc) {
} else {
// magic MFC Gen3 test
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
SpinDelay(40);
@@ -2767,6 +2775,8 @@ void MifareU_Counter_Tearoff(uint8_t counter, uint32_t tearoff_time) {
if (!iso14443a_select_card(NULL, NULL, NULL, true, 0, true)) {
if (DBGLEVEL >= DBG_ERROR) Dbprintf("Can't select card");
OnError(1);
switch_off();
LEDsoff();
return;
};
@@ -2775,6 +2785,6 @@ void MifareU_Counter_Tearoff(uint8_t counter, uint32_t tearoff_time) {
LED_D_ON();
SpinDelayUsPrecision(tearoff_time);
switch_off();
LEDsoff();
reply_ng(CMD_HF_MFU_COUNTER_TEAROFF, PM3_SUCCESS, NULL, 0);
}