dash/proxmark3
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ADD: started with adding a LF AWID26 write function. not done yet.

Browse Source 
ADD: latest pwpiwi & holiman changes.
This commit is contained in:
iceman1001
2014-12-19 13:46:02 +01:00
parent d3499d369d
commit f5ed4d12de
18 changed files with 368 additions and 464 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
client/Makefile
View File

@@ -83,6 +83,7 @@ CMDSRCS = nonce2key/crapto1.c\
cmdhfdes.c \
cmdhw.c \
cmdlf.c \
cmdlfawid26.c \
cmdlfio.c \
cmdlfhid.c \
cmdlfem4x.c \

93
client/cmdhf14a.c
View File

@@ -40,9 +40,7 @@ int CmdHF14AList(const char *Cmd)
return 0;
}
if (param == 'f') {
ShowWaitCycles = true;
}
ShowWaitCycles = (param == 'f');
// for the time being. Need better Bigbuf handling.
#define TRACE_SIZE 3000
@@ -56,8 +54,8 @@ int CmdHF14AList(const char *Cmd)
PrintAndLog("Start = Start of Start Bit, End = End of last modulation. Src = Source of Transfer");
PrintAndLog("All times are in carrier periods (1/13.56Mhz)");
PrintAndLog("");
PrintAndLog(" Start | End | Src | Data");
PrintAndLog("-----------|-----------|-----|--------");
PrintAndLog(" Start | End | Src | Data (! denotes parity error) | CRC ");
PrintAndLog("-----------|-----------|-----|-----------------------------------------------------------------------");
uint16_t tracepos = 0;
uint16_t duration;
@@ -70,44 +68,40 @@ int CmdHF14AList(const char *Cmd)
for (;;) {
if(tracepos >= TRACE_SIZE) {
break;
}
if(tracepos >= TRACE_SIZE) break;
timestamp = *((uint32_t *)(trace + tracepos));
// Break and stick with current result if buffer was not completely full
if (timestamp == 0x44444444) break;
if(tracepos == 0) {
first_timestamp = timestamp;
}
tracepos += 4;
duration = *((uint16_t *)(trace + tracepos));
tracepos += 2;
data_len = *((uint16_t *)(trace + tracepos));
tracepos += 2;
isResponse = false;
if (data_len & 0x8000) {
data_len &= 0x7fff;
isResponse = true;
} else {
isResponse = false;
}
parity_len = (data_len-1)/8 + 1;
if (tracepos + data_len + parity_len >= TRACE_SIZE) {
break;
}
if (tracepos + data_len + parity_len >= TRACE_SIZE) break;
uint8_t *frame = trace + tracepos;
tracepos += data_len;
uint8_t *parityBytes = trace + tracepos;
tracepos += parity_len;
// Break and stick with current result if buffer was not completely full
if (timestamp == 0x44444444) break;
char line[1000] = "";
int j;
for (j = 0; j < data_len; j++) {
char line[16][110];
for (int j = 0; j < data_len; j++) {
int oddparity = 0x01;
int k;
@@ -117,47 +111,53 @@ int CmdHF14AList(const char *Cmd)
uint8_t parityBits = parityBytes[j>>3];
if (isResponse && (oddparity != ((parityBits >> (7-(j&0x0007))) & 0x01))) {
sprintf(line+(j*4), "%02x! ", frame[j]);
sprintf(line[j/16]+((j%16)*4), "%02x! ", frame[j]);
} else {
sprintf(line+(j*4), "%02x ", frame[j]);
sprintf(line[j/16]+((j%16)*4), "%02x ", frame[j]);
}
}
char crc[6] = "";
char crc[5] = {0x00};
if (data_len > 2) {
uint8_t b1, b2;
ComputeCrc14443(CRC_14443_A, frame, data_len-2, &b1, &b2);
if (b1 != frame[data_len-2] || b2 != frame[data_len-1]) {
sprintf(crc, (isResponse & (data_len < 6)) ? "" : " !crc");
} else {
sprintf(crc, "");
}
sprintf(crc, (isResponse & (data_len < 6)) ? "" : "!crc");
}
}
EndOfTransmissionTimestamp = timestamp + duration;
PrintAndLog(" %9d | %9d | %s | %s %s",
(timestamp - first_timestamp),
(EndOfTransmissionTimestamp - first_timestamp),
(isResponse ? "Tag" : "Rdr"),
line,
crc);
int num_lines = (data_len - 1)/16 + 1;
for (int j = 0; j < num_lines; j++) {
if (j == 0) {
PrintAndLog(" %9d | %9d | %s | %-64s| %s",
(timestamp - first_timestamp),
(EndOfTransmissionTimestamp - first_timestamp),
(isResponse ? "Tag" : "Rdr"),
line[j],
(j == num_lines-1)?crc:""
);
} else {
PrintAndLog(" | | | %-64s| %s",
line[j],
(j == num_lines-1)?crc:"");
}
}
bool next_isResponse = *((uint16_t *)(trace + tracepos + 6)) & 0x8000;
if (ShowWaitCycles && !isResponse && next_isResponse) {
uint32_t next_timestamp = *((uint32_t *)(trace + tracepos));
if (next_timestamp != 0x44444444) {
PrintAndLog(" %9d | %9d | %s | fdt (Frame Delay Time): %d",
(EndOfTransmissionTimestamp - first_timestamp),
(next_timestamp - first_timestamp),
" ",
(next_timestamp - EndOfTransmissionTimestamp));
}
PrintAndLog(" %9d | %9d | %s | fdt (Frame Delay Time): %d",
(EndOfTransmissionTimestamp - first_timestamp),
(next_timestamp - first_timestamp),
" ",
(next_timestamp - EndOfTransmissionTimestamp));
}
}
}
return 0;
}
@@ -168,8 +168,7 @@ void iso14a_set_timeout(uint32_t timeout) {
int CmdHF14AReader(const char *Cmd)
{
//UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0}};
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT , 0, 0}};
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0}};
SendCommand(&c);
UsbCommand resp;

5
client/cmdhfepa.c
View File

@@ -54,10 +54,10 @@ int CmdHFEPACollectPACENonces(const char *Cmd)
size_t nonce_length = resp.arg[1];
char *nonce = (char *) malloc(2 * nonce_length + 1);
for(int j = 0; j < nonce_length; j++) {
snprintf(nonce + (2 * j), 3, "%02X", resp.d.asBytes[j]);
snprintf(nonce + (2 * j), "%02X", resp.d.asBytes[j]);
}
// print nonce
PrintAndLog("Length: %d, Nonce: %s",resp.arg[1], nonce);
PrintAndLog("Length: %d, Nonce: %s", nonce_length, nonce);
}
if (i < n - 1) {
sleep(d);
@@ -68,7 +68,6 @@ int CmdHFEPACollectPACENonces(const char *Cmd)
return 1;
}
// UI-related stuff
// UI-related stuff
static const command_t CommandTable[] =

44
client/cmdhficlass.c
View File

@@ -342,6 +342,17 @@ int CmdHFiClassSim(const char *Cmd)
UsbCommand c = {CMD_SIMULATE_TAG_ICLASS, {simType,NUM_CSNS}};
UsbCommand resp = {0};
/*uint8_t csns[8 * NUM_CSNS] = {
0x00,0x0B,0x0F,0xFF,0xF7,0xFF,0x12,0xE0 ,
0x00,0x13,0x94,0x7e,0x76,0xff,0x12,0xe0 ,
0x2a,0x99,0xac,0x79,0xec,0xff,0x12,0xe0 ,
0x17,0x12,0x01,0xfd,0xf7,0xff,0x12,0xe0 ,
0xcd,0x56,0x01,0x7c,0x6f,0xff,0x12,0xe0 ,
0x4b,0x5e,0x0b,0x72,0xef,0xff,0x12,0xe0 ,
0x00,0x73,0xd8,0x75,0x58,0xff,0x12,0xe0 ,
0x0c,0x90,0x32,0xf3,0x5d,0xff,0x12,0xe0 };
*/
uint8_t csns[8*NUM_CSNS] = {
0x00, 0x0B, 0x0F, 0xFF, 0xF7, 0xFF, 0x12, 0xE0,
0x00, 0x04, 0x0E, 0x08, 0xF7, 0xFF, 0x12, 0xE0,
@@ -501,17 +512,31 @@ int CmdHFiClassReader_Dump(const char *Cmd)
}
UsbCommand resp;
uint8_t key_sel[8] = {0};
uint8_t key_sel_p[8] = { 0 };
//HACK -- Below is for testing without access to a tag
uint8_t fake_dummy_test = false;
if(fake_dummy_test)
{
uint8_t xdata[16] = {0x01,0x02,0x03,0x04,0xF7,0xFF,0x12,0xE0, //CSN from http://www.proxmark.org/forum/viewtopic.php?pid=11230#p11230
0xFE,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}; // Just a random CC. Would be good to add a real testcase here
memcpy(resp.d.asBytes,xdata, 16);
resp.arg[0] = 2;
}
//End hack
UsbCommand c = {CMD_READER_ICLASS, {0}};
c.arg[0] = FLAG_ICLASS_READER_ONLY_ONCE;
if(!fake_dummy_test)
SendCommand(&c);
UsbCommand resp;
uint8_t key_sel[8] = {0x00};
uint8_t key_sel_p[8] = {0x00};
if (WaitForResponseTimeout(CMD_ACK,&resp,4500)) {
if (fake_dummy_test || WaitForResponseTimeout(CMD_ACK,&resp,4500)) {
uint8_t isOK = resp.arg[0] & 0xff;
uint8_t * data = resp.d.asBytes;
@@ -528,7 +553,6 @@ int CmdHFiClassReader_Dump(const char *Cmd)
{
if(elite)
{
//Get the key index (hash1)
uint8_t key_index[8] = {0};
@@ -536,6 +560,7 @@ int CmdHFiClassReader_Dump(const char *Cmd)
printvar("hash1", key_index,8);
for(i = 0; i < 8 ; i++)
key_sel[i] = keytable[key_index[i]] & 0xFF;
PrintAndLog("Pre-fortified 'permuted' HS key that would be needed by an iclass reader to talk to above CSN:");
printvar("k_sel", key_sel,8);
//Permute from iclass format to standard format
permutekey_rev(key_sel,key_sel_p);
@@ -552,8 +577,11 @@ int CmdHFiClassReader_Dump(const char *Cmd)
used_key = KEY;
}
PrintAndLog("Pre-fortified key that would be needed by the OmniKey reader to talk to above CSN:");
printvar("Used key",used_key,8);
diversifyKey(CSN,used_key, div_key);
PrintAndLog("Hash0, a.k.a diversified key, that is computed using Ksel and stored in the card (Block 3):");
printvar("Div key", div_key, 8);
printvar("CC_NR:",CCNR,12);
doMAC(CCNR,12,div_key, MAC);
@@ -561,7 +589,7 @@ int CmdHFiClassReader_Dump(const char *Cmd)
UsbCommand d = {CMD_READER_ICLASS_REPLAY, {readerType}};
memcpy(d.d.asBytes, MAC, 4);
SendCommand(&d);
if(!fake_dummy_test) SendCommand(&d);
}else{
PrintAndLog("Failed to obtain CC! Aborting");

262
client/cmdhfmf.c
View File

@@ -34,7 +34,7 @@ start:
SendCommand(&c);
//flush queue
while (ukbhit()) getchar();
while (ukbhit()) getchar();
// wait cycle
while (true) {
@@ -66,19 +66,19 @@ start:
if (isOK != 1) return 1;
// execute original function from util nonce2key
if (nonce2key(uid, nt, nr, par_list, ks_list, &r_key))
{
if (nonce2key(uid, nt, nr, par_list, ks_list, &r_key)) {
isOK = 2;
PrintAndLog("Key not found (lfsr_common_prefix list is null). Nt=%08x", nt);
} else {
printf("------------------------------------------------------------------\n");
PrintAndLog("Key found:%012"llx" \n", r_key);
PrintAndLog("Key found :%012"llx" \n", r_key);
num_to_bytes(r_key, 6, keyBlock);
isOK = mfCheckKeys(0, 0, 1, keyBlock, &r_key);
}
if (!isOK)
PrintAndLog("Found valid key:%012"llx, r_key);
PrintAndLog("Found valid key :%012"llx, r_key);
else
{
if (isOK != 2) PrintAndLog("Found invalid key. ");
@@ -87,6 +87,7 @@ start:
goto start;
}
PrintAndLog("");
return 0;
}
@@ -139,117 +140,6 @@ int CmdHF14AMfWrBl(const char *Cmd)
return 0;
}
/* dublett finns i CMDHFMFU.C
int CmdHF14AMfUWrBl(const char *Cmd)
{
uint8_t blockNo = 0;
bool chinese_card=0;
uint8_t bldata[16] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
UsbCommand resp;
if (strlen(Cmd)<3) {
PrintAndLog("Usage: hf mf uwrbl <block number> <block data (8 hex symbols)> <w>");
PrintAndLog(" sample: hf mf uwrbl 0 01020304");
return 0;
}
blockNo = param_get8(Cmd, 0);
if (param_gethex(Cmd, 1, bldata, 8)) {
PrintAndLog("Block data must include 8 HEX symbols");
return 1;
}
if (strchr(Cmd,'w') != 0) {
chinese_card=1;
}
switch(blockNo){
case 0:
if (!chinese_card){
PrintAndLog("Access Denied");
}else{
PrintAndLog("--specialblock no:%d", blockNo);
PrintAndLog("--data: %s", sprint_hex(bldata, 4));
UsbCommand d = {CMD_MIFAREU_WRITEBL, {blockNo}};
memcpy(d.d.asBytes,bldata, 4);
SendCommand(&d);
if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
uint8_t isOK = resp.arg[0] & 0xff;
PrintAndLog("isOk:%02x", isOK);
} else {
PrintAndLog("Command execute timeout");
}
}
break;
case 1:
if (!chinese_card){
PrintAndLog("Access Denied");
}else{
PrintAndLog("--specialblock no:%d", blockNo);
PrintAndLog("--data: %s", sprint_hex(bldata, 4));
UsbCommand d = {CMD_MIFAREU_WRITEBL, {blockNo}};
memcpy(d.d.asBytes,bldata, 4);
SendCommand(&d);
if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
uint8_t isOK = resp.arg[0] & 0xff;
PrintAndLog("isOk:%02x", isOK);
} else {
PrintAndLog("Command execute timeout");
}
}
break;
case 2:
if (!chinese_card){
PrintAndLog("Access Denied");
}else{
PrintAndLog("--specialblock no:%d", blockNo);
PrintAndLog("--data: %s", sprint_hex(bldata, 4));
UsbCommand c = {CMD_MIFAREU_WRITEBL, {blockNo}};
memcpy(c.d.asBytes, bldata, 4);
SendCommand(&c);
if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
uint8_t isOK = resp.arg[0] & 0xff;
PrintAndLog("isOk:%02x", isOK);
} else {
PrintAndLog("Command execute timeout");
}
}
break;
case 3:
PrintAndLog("--specialblock no:%d", blockNo);
PrintAndLog("--data: %s", sprint_hex(bldata, 4));
UsbCommand d = {CMD_MIFAREU_WRITEBL, {blockNo}};
memcpy(d.d.asBytes,bldata, 4);
SendCommand(&d);
if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
uint8_t isOK = resp.arg[0] & 0xff;
PrintAndLog("isOk:%02x", isOK);
} else {
PrintAndLog("Command execute timeout");
}
break;
default:
PrintAndLog("--block no:%d", blockNo);
PrintAndLog("--data: %s", sprint_hex(bldata, 4));
UsbCommand e = {CMD_MIFAREU_WRITEBL, {blockNo}};
memcpy(e.d.asBytes,bldata, 4);
SendCommand(&e);
if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
uint8_t isOK = resp.arg[0] & 0xff;
PrintAndLog("isOk:%02x", isOK);
} else {
PrintAndLog("Command execute timeout");
}
break;
}
return 0;
}
*/
int CmdHF14AMfRdBl(const char *Cmd)
{
uint8_t blockNo = 0;
@@ -298,133 +188,6 @@ int CmdHF14AMfRdBl(const char *Cmd)
return 0;
}
/* dublett finns i CMDHFMFU.C
int CmdHF14AMfURdBl(const char *Cmd)
{
uint8_t blockNo = 0;
if (strlen(Cmd)<1) {
PrintAndLog("Usage: hf mf urdbl <block number>");
PrintAndLog(" sample: hf mf urdbl 0");
return 0;
}
blockNo = param_get8(Cmd, 0);
PrintAndLog("--block no:%d", blockNo);
UsbCommand c = {CMD_MIFAREU_READBL, {blockNo}};
SendCommand(&c);
UsbCommand resp;
if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
uint8_t isOK = resp.arg[0] & 0xff;
uint8_t *data = resp.d.asBytes;
if (isOK)
PrintAndLog("isOk:%02x data:%s", isOK, sprint_hex(data, 4));
else
PrintAndLog("isOk:%02x", isOK);
} else {
PrintAndLog("Command execute timeout");
}
return 0;
}
*/
/* dublett finns i CMDHFMFU.C
int CmdHF14AMfURdCard(const char *Cmd)
{
int i;
uint8_t sectorNo = 0;
uint8_t *lockbytes_t=NULL;
uint8_t lockbytes[2]={0,0};
bool bit[16]={0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
uint8_t isOK = 0;
uint8_t * data = NULL;
if (sectorNo > 15) {
PrintAndLog("Sector number must be less than 16");
return 1;
}
PrintAndLog("Attempting to Read Ultralight... ");
UsbCommand c = {CMD_MIFAREU_READCARD, {sectorNo}};
SendCommand(&c);
UsbCommand resp;
if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
isOK = resp.arg[0] & 0xff;
data = resp.d.asBytes;
PrintAndLog("isOk:%02x", isOK);
if (isOK)
for (i = 0; i < 16; i++) {
switch(i){
case 2:
//process lock bytes
lockbytes_t=data+(i*4);
lockbytes[0]=lockbytes_t[2];
lockbytes[1]=lockbytes_t[3];
for(int j=0; j<16; j++){
bit[j]=lockbytes[j/8] & ( 1 <<(7-j%8));
}
//PrintAndLog("LB %02x %02x", lockbytes[0],lockbytes[1]);
//PrintAndLog("LB2b %02x %02x %02x %02x %02x %02x %02x %02x",bit[8],bit[9],bit[10],bit[11],bit[12],bit[13],bit[14],bit[15]);
PrintAndLog("Block %3d:%s ", i,sprint_hex(data + i * 4, 4));
break;
case 3:
PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[4]);
break;
case 4:
PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[3]);
break;
case 5:
PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[2]);
break;
case 6:
PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[1]);
break;
case 7:
PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[0]);
break;
case 8:
PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[15]);
break;
case 9:
PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[14]);
break;
case 10:
PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[13]);
break;
case 11:
PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[12]);
break;
case 12:
PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[11]);
break;
case 13:
PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[10]);
break;
case 14:
PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[9]);
break;
case 15:
PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[8]);
break;
default:
PrintAndLog("Block %3d:%s ", i,sprint_hex(data + i * 4, 4));
break;
}
}
} else {
PrintAndLog("Command execute timeout");
}
return 0;
}
*/
int CmdHF14AMfRdSc(const char *Cmd)
{
int i;
@@ -482,7 +245,6 @@ int CmdHF14AMfRdSc(const char *Cmd)
return 0;
}
uint8_t FirstBlockOfSector(uint8_t sectorNo)
{
if (sectorNo < 32) {
@@ -492,7 +254,6 @@ uint8_t FirstBlockOfSector(uint8_t sectorNo)
}
}
uint8_t NumBlocksPerSector(uint8_t sectorNo)
{
if (sectorNo < 32) {
@@ -502,7 +263,6 @@ uint8_t NumBlocksPerSector(uint8_t sectorNo)
}
}
int CmdHF14AMfDump(const char *Cmd)
{
uint8_t sectorNo, blockNo;
@@ -677,7 +437,6 @@ int CmdHF14AMfDump(const char *Cmd)
return 0;
}
int CmdHF14AMfRestore(const char *Cmd)
{
uint8_t sectorNo,blockNo;
@@ -744,6 +503,7 @@ int CmdHF14AMfRestore(const char *Cmd)
if (fread(bldata, 1, 16, fdump) == 0) {
PrintAndLog("File reading error (dumpdata.bin).");
fclose(fdump);
return 2;
}
@@ -778,11 +538,9 @@ int CmdHF14AMfRestore(const char *Cmd)
}
fclose(fdump);
return 0;
}
int CmdHF14AMfNested(const char *Cmd)
{
int i, j, res, iterations;
@@ -1028,7 +786,6 @@ int CmdHF14AMfNested(const char *Cmd)
return 0;
}
int CmdHF14AMfChk(const char *Cmd)
{
if (strlen(Cmd)<3) {
@@ -1256,11 +1013,10 @@ int CmdHF14AMfChk(const char *Cmd)
}
free(keyBlock);
PrintAndLog("");
return 0;
}
int CmdHF14AMf1kSim(const char *Cmd)
{
uint8_t uid[7] = {0, 0, 0, 0, 0, 0, 0};
@@ -1326,7 +1082,6 @@ int CmdHF14AMf1kSim(const char *Cmd)
return 0;
}
int CmdHF14AMfDbg(const char *Cmd)
{
int dbgMode = param_get32ex(Cmd, 0, 0, 10);
@@ -1374,7 +1129,6 @@ int CmdHF14AMfEGet(const char *Cmd)
return 0;
}
int CmdHF14AMfEClear(const char *Cmd)
{
if (param_getchar(Cmd, 0) == 'h') {

2
client/cmdlf.c
View File

@@ -20,6 +20,7 @@
#include "cmdmain.h"
#include "cmddata.h"
#include "cmdlf.h"
#include "cmdlfawid26.h"
#include "cmdlfhid.h"
#include "cmdlfti.h"
#include "cmdlfem4x.h"
@@ -580,6 +581,7 @@ static command_t CommandTable[] =
{"simman", CmdLFSimManchester, 0, "<Clock> <Bitstream> [GAP] Simulate arbitrary Manchester LF tag"},
{"snoop", CmdLFSnoop, 0, "['l'|'h'|<divisor>] [trigger threshold]-- Snoop LF (l:125khz, h:134khz)"},
{"avid", CmdLFAWID26, 1, "{ AWID26 tags }"},
{"em4x", CmdLFEM4X, 1, "{ EM4X tags }"},
{"hid", CmdLFHID, 1, "{ HID tags }"},
{"hitag", CmdLFHitag, 1, "{ Hitag tags and transponders }"},

102
client/cmdlfawid26.c Normal file
View File

@@ -0,0 +1,102 @@
//-----------------------------------------------------------------------------
//
// This code is licensed to you under the terms of the GNU GPL, version 2 or,
// at your option, any later version. See the LICENSE.txt file for the text of
// the license.
//-----------------------------------------------------------------------------
// Low frequency AWID26 commands
//-----------------------------------------------------------------------------
#include <stdio.h>
#include <string.h>
#include <inttypes.h>
#include "proxmark3.h"
#include "ui.h"
#include "graph.h"
#include "cmdmain.h"
#include "cmdparser.h"
#include "cmddata.h"
#include "cmdlf.h"
#include "cmdlfawid26.h"
#include "util.h"
#include "data.h"
static int CmdHelp(const char *Cmd);
int CmdClone(const char *Cmd)
{
char cmdp = param_getchar(Cmd, 0);
if (strlen(Cmd) < 1 || cmdp == 'h' || cmdp == 'H') {
PrintAndLog("Usage: lf awid26 write []");
PrintAndLog(" [], ");
PrintAndLog("");
PrintAndLog(" sample: lf awid26 write 26 2233");
PrintAndLog(" : lf awid26 write 26 15 2233");
return 0;
}
//sscanf(Cmd, "%d %d", &facilitycode, &cardno);
// char block0 = "00107060";
// char block1 = "00107060";
// char block2 = "00107060";
// char block3 = "00107060";
// PrintAndLog("Writing block %d with data %08X", Block, Data);
return 0;
}
// int CmdReadTrace(const char *Cmd)
// {
// uint8_t bits[LF_BITSSTREAM_LEN] = {0x00};
// uint8_t * bitstream = bits;
// uint8_t si = 5;
// uint32_t bl0 = PackBits(si, 32, bitstream);
// uint32_t bl1 = PackBits(si+32, 32, bitstream);
// uint32_t acl = PackBits(si, 8, bitstream); si += 8;
// uint32_t mfc = PackBits(si, 8, bitstream); si += 8;
// uint32_t cid = PackBits(si, 5, bitstream); si += 5;
// uint32_t icr = PackBits(si, 3, bitstream); si += 3;
// uint32_t year = PackBits(si, 4, bitstream); si += 4;
// uint32_t quarter = PackBits(si, 2, bitstream); si += 2;
// uint32_t lotid = PackBits(si, 12, bitstream); si += 12;
// uint32_t wafer = PackBits(si, 5, bitstream); si += 5;
// uint32_t dw = PackBits(si, 15, bitstream);
// PrintAndLog("");
// PrintAndLog("-- T55xx Trace Information ----------------------------------");
// PrintAndLog("-------------------------------------------------------------");
// PrintAndLog(" ACL Allocation class (ISO/IEC 15963-1) : 0x%02X (%d)", acl, acl);
// PrintAndLog(" MFC Manufacturer ID (ISO/IEC 7816-6) : 0x%02X (%d)", mfc, mfc);
// PrintAndLog(" CID : 0x%02X (%d)", cid, cid);
// PrintAndLog(" ICR IC Revision : %d",icr );
// return 0;
// }
static command_t CommandTable[] =
{
{"help", CmdHelp, 1, "This help"},
{"clone", CmdClone, 0, "<facility> <id> -- clone to a t55xx tag"},
{NULL, NULL, 0, NULL}
};
int CmdLFAWID26(const char *Cmd)
{
CmdsParse(CommandTable, Cmd);
return 0;
}
int CmdHelp(const char *Cmd)
{
CmdsHelp(CommandTable);
return 0;
}

16
client/cmdlfawid26.h Normal file
View File

@@ -0,0 +1,16 @@
//-----------------------------------------------------------------------------
//
// This code is licensed to you under the terms of the GNU GPL, version 2 or,
// at your option, any later version. See the LICENSE.txt file for the text of
// the license.
//-----------------------------------------------------------------------------
// Low frequency AWID 26 commands
//-----------------------------------------------------------------------------
#ifndef CMDLFAWID26_H__
#define CMDLFAWID26_H__
int CmdLFAWID26(const char *Cmd);
int CmdClone(const char *Cmd);
#endif

14
client/loclass/elite_crack.c
View File

@@ -151,9 +151,9 @@ void hash1(uint8_t csn[] , uint8_t k[])
k[0] = csn[0]^csn[1]^csn[2]^csn[3]^csn[4]^csn[5]^csn[6]^csn[7];
k[1] = csn[0]+csn[1]+csn[2]+csn[3]+csn[4]+csn[5]+csn[6]+csn[7];
k[2] = rr(swap( csn[2]+k[1] ));
k[3] = rr(swap( csn[3]+k[0] ));
k[4] = ~rr(swap( csn[4]+k[2] ))+1;
k[5] = ~rr(swap( csn[5]+k[3] ))+1;
k[3] = rl(swap( csn[3]+k[0] ));
k[4] = ~rr( csn[4]+k[2] )+1;
k[5] = ~rl( csn[5]+k[3] )+1;
k[6] = rr( csn[6]+(k[4]^0x3c) );
k[7] = rl( csn[7]+(k[5]^0xc3) );
int i;
@@ -563,9 +563,13 @@ int bruteforceFile(const char *filename, uint16_t keytable[])
fseek(f, 0, SEEK_SET);
uint8_t *dump = malloc(fsize);
fread(dump, fsize, 1, f);
fclose(f);
size_t bytes_read = fread(dump, fsize, 1, f);
fclose(f);
if (bytes_read < fsize)
{
prnlog("Error, could only read %d bytes (should be %d)",bytes_read, fsize );
}
return bruteforceDump(dump,fsize,keytable);
}
/**