]> git.zerfleddert.de Git - proxmark3-svn/blame - client/cmdlf.c
projects / proxmark3-svn / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #257 from marshmellow42/master
[proxmark3-svn] / client / cmdlf.c
CommitLineData
a553f267 1//-----------------------------------------------------------------------------
2// Copyright (C) 2010 iZsh <izsh at fail0verflow.com>
3//
4// This code is licensed to you under the terms of the GNU GPL, version 2 or,
5// at your option, any later version. See the LICENSE.txt file for the text of
6// the license.
7//-----------------------------------------------------------------------------
8// Low frequency commands
9//-----------------------------------------------------------------------------
10
7fe9b0b7 11#include <stdio.h>
590f8ff9 12#include <stdlib.h>
7fe9b0b7 13#include <string.h>
393c3ef9 14#include <limits.h>
902cb3c0 15#include "proxmark3.h"
7fe9b0b7 16#include "cmdlf.h"
29ada8fc 17#include "lfdemod.h" // for psk2TOpsk1
6923d3f1 18#include "util.h" // for parsing cli command utils
19#include "ui.h" // for show graph controls
20#include "graph.h" // for graph data
21#include "cmdparser.h" // for getting cli commands included in cmdmain.h
22#include "cmdmain.h" // for sending cmds to device
23#include "data.h" // for GetFromBigBuf
24#include "cmddata.h" // for `lf search`
25#include "cmdlfawid.h" // for awid menu
26#include "cmdlfem4x.h" // for em4x menu
27#include "cmdlfhid.h" // for hid menu
28#include "cmdlfhitag.h" // for hitag menu
29#include "cmdlfio.h" // for ioprox menu
30#include "cmdlft55xx.h" // for t55xx menu
31#include "cmdlfti.h" // for ti menu
32#include "cmdlfpresco.h" // for presco menu
33#include "cmdlfpcf7931.h"// for pcf7931 menu
34#include "cmdlfpyramid.h"// for pyramid menu
35#include "cmdlfviking.h" // for viking menu
e04475c4 36#include "cmdlfcotag.h" // for COTAG menu
8b6abef5 37#include "cmdlfvisa2000.h" // for VISA2000 menu
0fb65a26 38#include "cmdlfindala.h" // for indala menu
946a84c3 39#include "cmdlfgproxii.h"// for gproxii menu
4db6f3bb 40#include "cmdlffdx.h" // for fdx-b menu
5bce72d5 41#include "cmdlfparadox.h"// for paradox menu
42#include "cmdlfnexwatch.h"//for nexwatch menu
e04475c4 43
fac69c3d 44bool g_lf_threshold_set = false;
7fe9b0b7 45static int CmdHelp(const char *Cmd);
46
21a615cb 47
48
f86d6b55 49int usage_lf_cmdread(void)
21a615cb 50{
51 PrintAndLog("Usage: lf cmdread d <delay period> z <zero period> o <one period> c <cmdbytes> [H] ");
52 PrintAndLog("Options: ");
53 PrintAndLog(" h This help");
54 PrintAndLog(" L Low frequency (125 KHz)");
55 PrintAndLog(" H High frequency (134 KHz)");
56 PrintAndLog(" d <delay> delay OFF period");
57 PrintAndLog(" z <zero> time period ZERO");
58 PrintAndLog(" o <one> time period ONE");
59 PrintAndLog(" c <cmd> Command bytes");
60 PrintAndLog(" ************* All periods in microseconds");
61 PrintAndLog("Examples:");
62 PrintAndLog(" lf cmdread d 80 z 100 o 200 c 11000");
63 PrintAndLog(" lf cmdread d 80 z 100 o 100 c 11000 H");
64 return 0;
65}
66
7fe9b0b7 67/* send a command before reading */
68int CmdLFCommandRead(const char *Cmd)
69{
21a615cb 70 static char dummy[3] = {0x20,0x00,0x00};
e0165dcf 71 UsbCommand c = {CMD_MOD_THEN_ACQUIRE_RAW_ADC_SAMPLES_125K};
7cb8516c 72 bool errors = false;
21a615cb 73 //uint8_t divisor = 95; //125khz
74 uint8_t cmdp = 0;
21a615cb 75 while(param_getchar(Cmd, cmdp) != 0x00)
76 {
77 switch(param_getchar(Cmd, cmdp))
78 {
79 case 'h':
80 return usage_lf_cmdread();
81 case 'H':
82 //divisor = 88;
83 dummy[1]='h';
84 cmdp++;
85 break;
86 case 'L':
87 cmdp++;
88 break;
89 case 'c':
f9ce1c3a 90 param_getstr(Cmd, cmdp+1, (char *)&c.d.asBytes);
21a615cb 91 cmdp+=2;
92 break;
93 case 'd':
94 c.arg[0] = param_get32ex(Cmd, cmdp+1, 0, 10);
95 cmdp+=2;
96 break;
97 case 'z':
98 c.arg[1] = param_get32ex(Cmd, cmdp+1, 0, 10);
99 cmdp+=2;
100 break;
101 case 'o':
102 c.arg[2] = param_get32ex(Cmd, cmdp+1, 0, 10);
103 cmdp+=2;
104 break;
105 default:
106 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
107 errors = 1;
108 break;
109 }
110 if(errors) break;
111 }
112 // No args
113 if(cmdp == 0) errors = 1;
114
115 //Validations
116 if(errors) return usage_lf_cmdread();
117
118 // in case they specified 'H'
e0165dcf 119 strcpy((char *)&c.d.asBytes + strlen((char *)c.d.asBytes), dummy);
21a615cb 120
121 clearCommandBuffer();
e0165dcf 122 SendCommand(&c);
123 return 0;
7fe9b0b7 124}
125
126int CmdFlexdemod(const char *Cmd)
127{
e0165dcf 128 int i;
129 for (i = 0; i < GraphTraceLen; ++i) {
130 if (GraphBuffer[i] < 0) {
131 GraphBuffer[i] = -1;
132 } else {
133 GraphBuffer[i] = 1;
134 }
135 }
7fe9b0b7 136
f6650679 137 #define LONG_WAIT 100
e0165dcf 138 int start;
139 for (start = 0; start < GraphTraceLen - LONG_WAIT; start++) {
140 int first = GraphBuffer[start];
141 for (i = start; i < start + LONG_WAIT; i++) {
142 if (GraphBuffer[i] != first) {
143 break;
144 }
145 }
146 if (i == (start + LONG_WAIT)) {
147 break;
148 }
149 }
150 if (start == GraphTraceLen - LONG_WAIT) {
151 PrintAndLog("nothing to wait for");
152 return 0;
153 }
154
155 GraphBuffer[start] = 2;
156 GraphBuffer[start+1] = -2;
3fe4ff4f 157 uint8_t bits[64] = {0x00};
7fe9b0b7 158
3fe4ff4f 159 int bit, sum;
e0165dcf 160 i = start;
161 for (bit = 0; bit < 64; bit++) {
3fe4ff4f 162 sum = 0;
163 for (int j = 0; j < 16; j++) {
e0165dcf 164 sum += GraphBuffer[i++];
165 }
3fe4ff4f 166
167 bits[bit] = (sum > 0) ? 1 : 0;
168
e0165dcf 169 PrintAndLog("bit %d sum %d", bit, sum);
170 }
171
172 for (bit = 0; bit < 64; bit++) {
173 int j;
174 int sum = 0;
175 for (j = 0; j < 16; j++) {
176 sum += GraphBuffer[i++];
177 }
178 if (sum > 0 && bits[bit] != 1) {
179 PrintAndLog("oops1 at %d", bit);
180 }
181 if (sum < 0 && bits[bit] != 0) {
182 PrintAndLog("oops2 at %d", bit);
183 }
184 }
7fe9b0b7 185
3fe4ff4f 186 // HACK writing back to graphbuffer.
e0165dcf 187 GraphTraceLen = 32*64;
188 i = 0;
189 int phase = 0;
190 for (bit = 0; bit < 64; bit++) {
3fe4ff4f 191
192 phase = (bits[bit] == 0) ? 0 : 1;
193
e0165dcf 194 int j;
195 for (j = 0; j < 32; j++) {
196 GraphBuffer[i++] = phase;
197 phase = !phase;
198 }
199 }
200
201 RepaintGraphWindow();
202 return 0;
0fb65a26 203}
2414f978 204
f86d6b55 205int usage_lf_read(void)
f6d9fb17 206{
31abe49f 207 PrintAndLog("Usage: lf read");
f6d9fb17
MHS		 208 PrintAndLog("Options: ");
209 PrintAndLog(" h This help");
1fbf8956 210 PrintAndLog(" s silent run no printout");
31abe49f
MHS		 211 PrintAndLog("This function takes no arguments. ");
212 PrintAndLog("Use 'lf config' to set parameters.");
213 return 0;
214}
f86d6b55 215int usage_lf_snoop(void)
31abe49f
MHS		 216{
217 PrintAndLog("Usage: lf snoop");
218 PrintAndLog("Options: ");
219 PrintAndLog(" h This help");
220 PrintAndLog("This function takes no arguments. ");
221 PrintAndLog("Use 'lf config' to set parameters.");
222 return 0;
223}
224
f86d6b55 225int usage_lf_config(void)
31abe49f
MHS		 226{
227 PrintAndLog("Usage: lf config [H|<divisor>] [b <bps>] [d <decim>] [a 0|1]");
228 PrintAndLog("Options: ");
229 PrintAndLog(" h This help");
230 PrintAndLog(" L Low frequency (125 KHz)");
231 PrintAndLog(" H High frequency (134 KHz)");
232 PrintAndLog(" q <divisor> Manually set divisor. 88-> 134KHz, 95-> 125 Hz");
233 PrintAndLog(" b <bps> Sets resolution of bits per sample. Default (max): 8");
234 PrintAndLog(" d <decim> Sets decimation. A value of N saves only 1 in N samples. Default: 1");
235 PrintAndLog(" a [0|1] Averaging - if set, will average the stored sample value when decimating. Default: 1");
b29d55f2 236 PrintAndLog(" t <threshold> Sets trigger threshold. 0 means no threshold (range: 0-128)");
f6d9fb17 237 PrintAndLog("Examples:");
31abe49f 238 PrintAndLog(" lf config b 8 L");
f6d9fb17 239 PrintAndLog(" Samples at 125KHz, 8bps.");
31abe49f 240 PrintAndLog(" lf config H b 4 d 3");
f6d9fb17
MHS		 241 PrintAndLog(" Samples at 134KHz, averages three samples into one, stored with ");
242 PrintAndLog(" a resolution of 4 bits per sample.");
31abe49f
MHS		 243 PrintAndLog(" lf read");
244 PrintAndLog(" Performs a read (active field)");
245 PrintAndLog(" lf snoop");
246 PrintAndLog(" Performs a snoop (no active field)");
f6d9fb17
MHS		 247 return 0;
248}
31abe49f
MHS		 249
250int CmdLFSetConfig(const char *Cmd)
7fe9b0b7 251{
31abe49f
MHS		 252
253 uint8_t divisor = 0;//Frequency divisor
254 uint8_t bps = 0; // Bits per sample
255 uint8_t decimation = 0; //How many to keep
256 bool averaging = 1; // Defaults to true
7cb8516c 257 bool errors = false;
31abe49f
MHS		 258 int trigger_threshold =-1;//Means no change
259 uint8_t unsigned_trigg = 0;
f6d9fb17
MHS		 260
261 uint8_t cmdp =0;
31abe49f 262 while(param_getchar(Cmd, cmdp) != 0x00)
f6d9fb17 263 {
31abe49f
MHS		 264 switch(param_getchar(Cmd, cmdp))
265 {
266 case 'h':
267 return usage_lf_config();
268 case 'H':
269 divisor = 88;
270 cmdp++;
271 break;
272 case 'L':
273 divisor = 95;
274 cmdp++;
275 break;
276 case 'q':
277 errors |= param_getdec(Cmd,cmdp+1,&divisor);
278 cmdp+=2;
279 break;
280 case 't':
281 errors |= param_getdec(Cmd,cmdp+1,&unsigned_trigg);
282 cmdp+=2;
2b11c7c7 283 if(!errors) {
284 trigger_threshold = unsigned_trigg;
fac69c3d 285 if (trigger_threshold > 0) g_lf_threshold_set = true;
2b11c7c7 286 }
31abe49f
MHS		 287 break;
288 case 'b':
289 errors |= param_getdec(Cmd,cmdp+1,&bps);
290 cmdp+=2;
291 break;
292 case 'd':
293 errors |= param_getdec(Cmd,cmdp+1,&decimation);
294 cmdp+=2;
295 break;
296 case 'a':
297 averaging = param_getchar(Cmd,cmdp+1) == '1';
298 cmdp+=2;
299 break;
300 default:
301 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
302 errors = 1;
303 break;
304 }
305 if(errors) break;
f6d9fb17 306 }
31abe49f 307 if(cmdp == 0)
f6d9fb17 308 {
31abe49f 309 errors = 1;// No args
f6d9fb17 310 }
31abe49f 311
f6d9fb17
MHS		 312 //Validations
313 if(errors)
314 {
31abe49f 315 return usage_lf_config();
f6d9fb17 316 }
f6d9fb17 317 //Bps is limited to 8, so fits in lower half of arg1
72c5877a 318 if(bps >> 4) bps = 8;
f6d9fb17 319
31abe49f
MHS		 320 sample_config config = {
321 decimation,bps,averaging,divisor,trigger_threshold
322 };
323 //Averaging is a flag on high-bit of arg[1]
324 UsbCommand c = {CMD_SET_LF_SAMPLING_CONFIG};
325 memcpy(c.d.asBytes,&config,sizeof(sample_config));
709665b5 326 clearCommandBuffer();
31abe49f
MHS		 327 SendCommand(&c);
328 return 0;
329}
f6d9fb17 330
7fe9b0b7 331int CmdLFRead(const char *Cmd)
332{
2b11c7c7 333 if (offline) return 0;
1fbf8956 334 uint8_t cmdp = 0;
335 bool arg1 = false;
336 if (param_getchar(Cmd, cmdp) == 'h')
31abe49f
MHS		 337 {
338 return usage_lf_read();
339 }
1fbf8956 340 if (param_getchar(Cmd, cmdp) == 's') arg1 = true; //suppress print
f6d9fb17 341 //And ship it to device
1fbf8956 342 UsbCommand c = {CMD_ACQUIRE_RAW_ADC_SAMPLES_125K, {arg1,0,0}};
709665b5 343 clearCommandBuffer();
31abe49f 344 SendCommand(&c);
fac69c3d 345 if (g_lf_threshold_set) {
2b11c7c7 346 WaitForResponse(CMD_ACK,NULL);
347 } else {
348 if ( !WaitForResponseTimeout(CMD_ACK,NULL,2500) ) {
349 PrintAndLog("command execution time out");
350 return 1;
351 }
352 }
31abe49f
MHS		 353 return 0;
354}
f6d9fb17 355
31abe49f
MHS		 356int CmdLFSnoop(const char *Cmd)
357{
358 uint8_t cmdp =0;
359 if(param_getchar(Cmd, cmdp) == 'h')
360 {
361 return usage_lf_snoop();
362 }
363
364 UsbCommand c = {CMD_LF_SNOOP_RAW_ADC_SAMPLES};
709665b5 365 clearCommandBuffer();
f6d9fb17
MHS		 366 SendCommand(&c);
367 WaitForResponse(CMD_ACK,NULL);
368 return 0;
7fe9b0b7 369}
370
371static void ChkBitstream(const char *str)
372{
e0165dcf 373 int i;
78f5b1a7 374
e0165dcf 375 /* convert to bitstream if necessary */
b915fda3 376 for (i = 0; i < (int)(GraphTraceLen / 2); i++){
377 if (GraphBuffer[i] > 1 || GraphBuffer[i] < 0) {
e0165dcf 378 CmdGetBitStream("");
379 break;
380 }
381 }
7fe9b0b7 382}
2767fc02 383//Attempt to simulate any wave in buffer (one bit per output sample)
384// converts GraphBuffer to bitstream (based on zero crossings) if needed.
7fe9b0b7 385int CmdLFSim(const char *Cmd)
386{
e0165dcf 387 int i,j;
388 static int gap;
7fe9b0b7 389
e0165dcf 390 sscanf(Cmd, "%i", &gap);
7fe9b0b7 391
2767fc02 392 // convert to bitstream if necessary
78f5b1a7 393
e0165dcf 394 ChkBitstream(Cmd);
7fe9b0b7 395
2767fc02 396 //can send only 512 bits at a time (1 byte sent per bit...)
e0165dcf 397 printf("Sending [%d bytes]", GraphTraceLen);
398 for (i = 0; i < GraphTraceLen; i += USB_CMD_DATA_SIZE) {
399 UsbCommand c={CMD_DOWNLOADED_SIM_SAMPLES_125K, {i, 0, 0}};
52ab55ab 400
e0165dcf 401 for (j = 0; j < USB_CMD_DATA_SIZE; j++) {
402 c.d.asBytes[j] = GraphBuffer[i+j];
403 }
404 SendCommand(&c);
405 WaitForResponse(CMD_ACK,NULL);
406 printf(".");
407 }
7fe9b0b7 408
e0165dcf 409 printf("\n");
410 PrintAndLog("Starting to simulate");
411 UsbCommand c = {CMD_SIMULATE_TAG_125K, {GraphTraceLen, gap, 0}};
709665b5 412 clearCommandBuffer();
e0165dcf 413 SendCommand(&c);
414 return 0;
7fe9b0b7 415}
416
abd6112f 417int usage_lf_simfsk(void)
418{
e0165dcf 419 //print help
420 PrintAndLog("Usage: lf simfsk [c <clock>] [i] [H <fcHigh>] [L <fcLow>] [d <hexdata>]");
421 PrintAndLog("Options: ");
422 PrintAndLog(" h This help");
423 PrintAndLog(" c <clock> Manually set clock - can autodetect if using DemodBuffer");
424 PrintAndLog(" i invert data");
425 PrintAndLog(" H <fcHigh> Manually set the larger Field Clock");
426 PrintAndLog(" L <fcLow> Manually set the smaller Field Clock");
427 //PrintAndLog(" s TBD- -to enable a gap between playback repetitions - default: no gap");
428 PrintAndLog(" d <hexdata> Data to sim as hex - omit to sim from DemodBuffer");
429 PrintAndLog("\n NOTE: if you set one clock manually set them all manually");
430 return 0;
abd6112f 431}
432
433int usage_lf_simask(void)
434{
e0165dcf 435 //print help
436 PrintAndLog("Usage: lf simask [c <clock>] [i] [b|m|r] [s] [d <raw hex to sim>]");
437 PrintAndLog("Options: ");
438 PrintAndLog(" h This help");
439 PrintAndLog(" c <clock> Manually set clock - can autodetect if using DemodBuffer");
440 PrintAndLog(" i invert data");
441 PrintAndLog(" b sim ask/biphase");
442 PrintAndLog(" m sim ask/manchester - Default");
443 PrintAndLog(" r sim ask/raw");
29ada8fc 444 PrintAndLog(" s add t55xx Sequence Terminator gap - default: no gaps (only manchester)");
e0165dcf 445 PrintAndLog(" d <hexdata> Data to sim as hex - omit to sim from DemodBuffer");
446 return 0;
abd6112f 447}
448
872e3d4d 449int usage_lf_simpsk(void)
450{
e0165dcf 451 //print help
452 PrintAndLog("Usage: lf simpsk [1|2|3] [c <clock>] [i] [r <carrier>] [d <raw hex to sim>]");
453 PrintAndLog("Options: ");
454 PrintAndLog(" h This help");
455 PrintAndLog(" c <clock> Manually set clock - can autodetect if using DemodBuffer");
456 PrintAndLog(" i invert data");
457 PrintAndLog(" 1 set PSK1 (default)");
458 PrintAndLog(" 2 set PSK2");
459 PrintAndLog(" 3 set PSK3");
460 PrintAndLog(" r <carrier> 2|4|8 are valid carriers: default = 2");
461 PrintAndLog(" d <hexdata> Data to sim as hex - omit to sim from DemodBuffer");
462 return 0;
872e3d4d 463}
712ebfa6 464
f86d6b55 465// by marshmellow - sim fsk data given clock, fcHigh, fcLow, invert
abd6112f 466// - allow pull data from DemodBuffer
467int CmdLFfskSim(const char *Cmd)
468{
2767fc02 469 //might be able to autodetect FCs and clock from Graphbuffer if using demod buffer
470 // otherwise will need FChigh, FClow, Clock, and bitstream
e0165dcf 471 uint8_t fcHigh=0, fcLow=0, clk=0;
472 uint8_t invert=0;
7cb8516c 473 bool errors = false;
e0165dcf 474 char hexData[32] = {0x00}; // store entered hex data
475 uint8_t data[255] = {0x00};
476 int dataLen = 0;
477 uint8_t cmdp = 0;
478 while(param_getchar(Cmd, cmdp) != 0x00)
479 {
480 switch(param_getchar(Cmd, cmdp))
481 {
482 case 'h':
483 return usage_lf_simfsk();
484 case 'i':
485 invert = 1;
486 cmdp++;
487 break;
488 case 'c':
489 errors |= param_getdec(Cmd,cmdp+1,&clk);
490 cmdp+=2;
491 break;
492 case 'H':
493 errors |= param_getdec(Cmd,cmdp+1,&fcHigh);
494 cmdp+=2;
495 break;
496 case 'L':
497 errors |= param_getdec(Cmd,cmdp+1,&fcLow);
498 cmdp+=2;
499 break;
500 //case 's':
501 // separator=1;
502 // cmdp++;
503 // break;
504 case 'd':
505 dataLen = param_getstr(Cmd, cmdp+1, hexData);
506 if (dataLen==0) {
7cb8516c 507 errors=true;
e0165dcf 508 } else {
509 dataLen = hextobinarray((char *)data, hexData);
510 }
7cb8516c 511 if (dataLen==0) errors=true;
e0165dcf 512 if (errors) PrintAndLog ("Error getting hex data");
513 cmdp+=2;
514 break;
515 default:
516 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
7cb8516c 517 errors = true;
e0165dcf 518 break;
519 }
520 if(errors) break;
521 }
522 if(cmdp == 0 && DemodBufferLen == 0)
523 {
7cb8516c 524 errors = true;// No args
e0165dcf 525 }
526
527 //Validations
528 if(errors)
529 {
530 return usage_lf_simfsk();
531 }
532
533 if (dataLen == 0){ //using DemodBuffer
534 if (clk==0 || fcHigh==0 || fcLow==0){ //manual settings must set them all
535 uint8_t ans = fskClocks(&fcHigh, &fcLow, &clk, 0);
536 if (ans==0){
537 if (!fcHigh) fcHigh=10;
538 if (!fcLow) fcLow=8;
539 if (!clk) clk=50;
540 }
541 }
542 } else {
543 setDemodBuf(data, dataLen, 0);
544 }
2767fc02 545
546 //default if not found
e0165dcf 547 if (clk == 0) clk = 50;
548 if (fcHigh == 0) fcHigh = 10;
549 if (fcLow == 0) fcLow = 8;
550
551 uint16_t arg1, arg2;
552 arg1 = fcHigh << 8 | fcLow;
553 arg2 = invert << 8 | clk;
554 size_t size = DemodBufferLen;
555 if (size > USB_CMD_DATA_SIZE) {
556 PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
557 size = USB_CMD_DATA_SIZE;
558 }
559 UsbCommand c = {CMD_FSK_SIM_TAG, {arg1, arg2, size}};
560
561 memcpy(c.d.asBytes, DemodBuffer, size);
709665b5 562 clearCommandBuffer();
e0165dcf 563 SendCommand(&c);
564 return 0;
abd6112f 565}
566
567// by marshmellow - sim ask data given clock, invert, manchester or raw, separator
568// - allow pull data from DemodBuffer
569int CmdLFaskSim(const char *Cmd)
570{
e0165dcf 571 //autodetect clock from Graphbuffer if using demod buffer
2767fc02 572 // needs clock, invert, manchester/raw as m or r, separator as s, and bitstream
e0165dcf 573 uint8_t encoding = 1, separator = 0;
e0165dcf 574 uint8_t clk=0, invert=0;
7cb8516c 575 bool errors = false;
e0165dcf 576 char hexData[32] = {0x00};
577 uint8_t data[255]= {0x00}; // store entered hex data
578 int dataLen = 0;
579 uint8_t cmdp = 0;
580 while(param_getchar(Cmd, cmdp) != 0x00)
581 {
582 switch(param_getchar(Cmd, cmdp))
583 {
584 case 'h':
585 return usage_lf_simask();
586 case 'i':
587 invert = 1;
588 cmdp++;
589 break;
590 case 'c':
591 errors |= param_getdec(Cmd,cmdp+1,&clk);
592 cmdp+=2;
593 break;
594 case 'b':
595 encoding=2; //biphase
596 cmdp++;
597 break;
598 case 'm':
599 encoding=1;
600 cmdp++;
601 break;
602 case 'r':
603 encoding=0;
604 cmdp++;
605 break;
606 case 's':
607 separator=1;
608 cmdp++;
609 break;
610 case 'd':
611 dataLen = param_getstr(Cmd, cmdp+1, hexData);
612 if (dataLen==0) {
7cb8516c 613 errors=true;
e0165dcf 614 } else {
615 dataLen = hextobinarray((char *)data, hexData);
616 }
7cb8516c 617 if (dataLen==0) errors=true;
e0165dcf 618 if (errors) PrintAndLog ("Error getting hex data, datalen: %d",dataLen);
619 cmdp+=2;
620 break;
621 default:
622 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
7cb8516c 623 errors = true;
e0165dcf 624 break;
625 }
626 if(errors) break;
627 }
628 if(cmdp == 0 && DemodBufferLen == 0)
629 {
7cb8516c 630 errors = true;// No args
e0165dcf 631 }
632
633 //Validations
634 if(errors)
635 {
636 return usage_lf_simask();
637 }
638 if (dataLen == 0){ //using DemodBuffer
639 if (clk == 0) clk = GetAskClock("0", false, false);
640 } else {
641 setDemodBuf(data, dataLen, 0);
642 }
643 if (clk == 0) clk = 64;
644 if (encoding == 0) clk = clk/2; //askraw needs to double the clock speed
645 uint16_t arg1, arg2;
646 size_t size=DemodBufferLen;
647 arg1 = clk << 8 | encoding;
648 arg2 = invert << 8 | separator;
649 if (size > USB_CMD_DATA_SIZE) {
650 PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
651 size = USB_CMD_DATA_SIZE;
652 }
653 UsbCommand c = {CMD_ASK_SIM_TAG, {arg1, arg2, size}};
654 PrintAndLog("preparing to sim ask data: %d bits", size);
655 memcpy(c.d.asBytes, DemodBuffer, size);
709665b5 656 clearCommandBuffer();
e0165dcf 657 SendCommand(&c);
658 return 0;
abd6112f 659}
660
872e3d4d 661// by marshmellow - sim psk data given carrier, clock, invert
662// - allow pull data from DemodBuffer or parameters
663int CmdLFpskSim(const char *Cmd)
664{
e0165dcf 665 //might be able to autodetect FC and clock from Graphbuffer if using demod buffer
666 //will need carrier, Clock, and bitstream
667 uint8_t carrier=0, clk=0;
668 uint8_t invert=0;
7cb8516c 669 bool errors = false;
e0165dcf 670 char hexData[32] = {0x00}; // store entered hex data
671 uint8_t data[255] = {0x00};
672 int dataLen = 0;
673 uint8_t cmdp = 0;
674 uint8_t pskType = 1;
675 while(param_getchar(Cmd, cmdp) != 0x00)
676 {
677 switch(param_getchar(Cmd, cmdp))
678 {
679 case 'h':
680 return usage_lf_simpsk();
681 case 'i':
682 invert = 1;
683 cmdp++;
684 break;
685 case 'c':
686 errors |= param_getdec(Cmd,cmdp+1,&clk);
687 cmdp+=2;
688 break;
689 case 'r':
690 errors |= param_getdec(Cmd,cmdp+1,&carrier);
691 cmdp+=2;
692 break;
693 case '1':
694 pskType=1;
695 cmdp++;
696 break;
697 case '2':
698 pskType=2;
699 cmdp++;
700 break;
701 case '3':
702 pskType=3;
703 cmdp++;
704 break;
705 case 'd':
706 dataLen = param_getstr(Cmd, cmdp+1, hexData);
707 if (dataLen==0) {
7cb8516c 708 errors=true;
e0165dcf 709 } else {
710 dataLen = hextobinarray((char *)data, hexData);
711 }
7cb8516c 712 if (dataLen==0) errors=true;
e0165dcf 713 if (errors) PrintAndLog ("Error getting hex data");
714 cmdp+=2;
715 break;
716 default:
717 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
7cb8516c 718 errors = true;
e0165dcf 719 break;
720 }
721 if (errors) break;
722 }
723 if (cmdp == 0 && DemodBufferLen == 0)
724 {
7cb8516c 725 errors = true;// No args
e0165dcf 726 }
727
728 //Validations
729 if (errors)
730 {
731 return usage_lf_simpsk();
732 }
733 if (dataLen == 0){ //using DemodBuffer
734 PrintAndLog("Getting Clocks");
7cb8516c 735 if (clk==0) clk = GetPskClock("", false, false);
e0165dcf 736 PrintAndLog("clk: %d",clk);
7cb8516c 737 if (!carrier) carrier = GetPskCarrier("", false, false);
e0165dcf 738 PrintAndLog("carrier: %d", carrier);
739 } else {
740 setDemodBuf(data, dataLen, 0);
741 }
742
743 if (clk <= 0) clk = 32;
744 if (carrier == 0) carrier = 2;
745 if (pskType != 1){
746 if (pskType == 2){
747 //need to convert psk2 to psk1 data before sim
748 psk2TOpsk1(DemodBuffer, DemodBufferLen);
749 } else {
750 PrintAndLog("Sorry, PSK3 not yet available");
751 }
752 }
753 uint16_t arg1, arg2;
754 arg1 = clk << 8 | carrier;
755 arg2 = invert;
756 size_t size=DemodBufferLen;
757 if (size > USB_CMD_DATA_SIZE) {
758 PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
759 size=USB_CMD_DATA_SIZE;
760 }
761 UsbCommand c = {CMD_PSK_SIM_TAG, {arg1, arg2, size}};
762 PrintAndLog("DEBUG: Sending DemodBuffer Length: %d", size);
763 memcpy(c.d.asBytes, DemodBuffer, size);
709665b5 764 clearCommandBuffer();
e0165dcf 765 SendCommand(&c);
766
767 return 0;
872e3d4d 768}
abd6112f 769
7fe9b0b7 770int CmdLFSimBidir(const char *Cmd)
771{
e0165dcf 772 // Set ADC to twice the carrier for a slight supersampling
773 // HACK: not implemented in ARMSRC.
774 PrintAndLog("Not implemented yet.");
775 UsbCommand c = {CMD_LF_SIMULATE_BIDIR, {47, 384, 0}};
776 SendCommand(&c);
777 return 0;
7fe9b0b7 778}
779
7fe9b0b7 780int CmdVchDemod(const char *Cmd)
781{
e0165dcf 782 // Is this the entire sync pattern, or does this also include some
783 // data bits that happen to be the same everywhere? That would be
784 // lovely to know.
785 static const int SyncPattern[] = {
786 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
787 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
788 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
789 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
790 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
791 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
792 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
793 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
794 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
795 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
796 };
797
798 // So first, we correlate for the sync pattern, and mark that.
799 int bestCorrel = 0, bestPos = 0;
800 int i;
801 // It does us no good to find the sync pattern, with fewer than
802 // 2048 samples after it...
803 for (i = 0; i < (GraphTraceLen-2048); i++) {
804 int sum = 0;
805 int j;
806 for (j = 0; j < arraylen(SyncPattern); j++) {
807 sum += GraphBuffer[i+j]*SyncPattern[j];
808 }
809 if (sum > bestCorrel) {
810 bestCorrel = sum;
811 bestPos = i;
812 }
813 }
814 PrintAndLog("best sync at %d [metric %d]", bestPos, bestCorrel);
815
816 char bits[257];
817 bits[256] = '\0';
818
819 int worst = INT_MAX;
820 int worstPos = 0;
821
822 for (i = 0; i < 2048; i += 8) {
823 int sum = 0;
824 int j;
825 for (j = 0; j < 8; j++) {
826 sum += GraphBuffer[bestPos+i+j];
827 }
828 if (sum < 0) {
829 bits[i/8] = '.';
830 } else {
831 bits[i/8] = '1';
832 }
833 if(abs(sum) < worst) {
834 worst = abs(sum);
835 worstPos = i;
836 }
837 }
838 PrintAndLog("bits:");
839 PrintAndLog("%s", bits);
840 PrintAndLog("worst metric: %d at pos %d", worst, worstPos);
841
842 if (strcmp(Cmd, "clone")==0) {
843 GraphTraceLen = 0;
844 char *s;
845 for(s = bits; *s; s++) {
846 int j;
847 for(j = 0; j < 16; j++) {
848 GraphBuffer[GraphTraceLen++] = (*s == '1') ? 1 : 0;
849 }
850 }
851 RepaintGraphWindow();
852 }
853 return 0;
7fe9b0b7 854}
855
d0b05864 856
857//by marshmellow
858int CheckChipType(char cmdp) {
859 uint32_t wordData = 0;
860
861 //check for em4x05/em4x69 chips first
862 save_restoreGB(1);
863 if ((!offline && (cmdp != '1')) && EM4x05Block0Test(&wordData)) {
864 PrintAndLog("\nValid EM4x05/EM4x69 Chip Found\nTry lf em 4x05... commands\n");
865 save_restoreGB(0);
866 return 1;
867 }
868
869 //TODO check for t55xx chip...
870
871 save_restoreGB(0);
872 return 1;
873}
874
d5a72d2f 875//by marshmellow
876int CmdLFfind(const char *Cmd)
877{
d0b05864 878 uint32_t wordData = 0;
e0165dcf 879 int ans=0;
e04475c4 880 size_t minLength = 1000;
e0165dcf 881 char cmdp = param_getchar(Cmd, 0);
882 char testRaw = param_getchar(Cmd, 1);
883 if (strlen(Cmd) > 3 || cmdp == 'h' || cmdp == 'H') {
884 PrintAndLog("Usage: lf search <0|1> [u]");
885 PrintAndLog(" <use data from Graphbuffer> , if not set, try reading data from tag.");
886 PrintAndLog(" [Search for Unknown tags] , if not set, reads only known tags.");
887 PrintAndLog("");
888 PrintAndLog(" sample: lf search = try reading data from tag & search for known tags");
889 PrintAndLog(" : lf search 1 = use data from GraphBuffer & search for known tags");
890 PrintAndLog(" : lf search u = try reading data from tag & search for known and unknown tags");
891 PrintAndLog(" : lf search 1 u = use data from GraphBuffer & search for known and unknown tags");
892
893 return 0;
894 }
895
896 if (!offline && (cmdp != '1')){
2767fc02 897 CmdLFRead("s");
898 getSamples("30000",false);
e04475c4 899 } else if (GraphTraceLen < minLength) {
e0165dcf 900 PrintAndLog("Data in Graphbuffer was too small.");
901 return 0;
902 }
903 if (cmdp == 'u' || cmdp == 'U') testRaw = 'u';
904
905 PrintAndLog("NOTE: some demods output possible binary\n if it finds something that looks like a tag");
906 PrintAndLog("False Positives ARE possible\n");
907 PrintAndLog("\nChecking for known tags:\n");
908
e04475c4 909 size_t testLen = minLength;
910 // only run if graphbuffer is just noise as it should be for hitag/cotag
911 if (graphJustNoise(GraphBuffer, testLen)) {
912 // only run these tests if we are in online mode
d0b05864 913 if (!offline && (cmdp != '1')) {
914 // test for em4x05 in reader talk first mode.
915 if (EM4x05Block0Test(&wordData)) {
916 PrintAndLog("\nValid EM4x05/EM4x69 Chip Found\nUse lf em 4x05readword/dump commands to read\n");
917 return 1;
918 }
e04475c4 919 ans=CmdLFHitagReader("26");
920 if (ans==0) {
921 return 1;
922 }
923 ans=CmdCOTAGRead("");
924 if (ans>0){
925 PrintAndLog("\nValid COTAG ID Found!");
926 return 1;
927 }
928 }
929 return 0;
930 }
931
e0165dcf 932 ans=CmdFSKdemodIO("");
933 if (ans>0) {
934 PrintAndLog("\nValid IO Prox ID Found!");
d0b05864 935 return CheckChipType(cmdp);
e0165dcf 936 }
937
938 ans=CmdFSKdemodPyramid("");
939 if (ans>0) {
940 PrintAndLog("\nValid Pyramid ID Found!");
d0b05864 941 return CheckChipType(cmdp);
e0165dcf 942 }
943
944 ans=CmdFSKdemodParadox("");
945 if (ans>0) {
946 PrintAndLog("\nValid Paradox ID Found!");
d0b05864 947 return CheckChipType(cmdp);
e0165dcf 948 }
949
950 ans=CmdFSKdemodAWID("");
951 if (ans>0) {
952 PrintAndLog("\nValid AWID ID Found!");
d0b05864 953 return CheckChipType(cmdp);
e0165dcf 954 }
955
956 ans=CmdFSKdemodHID("");
957 if (ans>0) {
958 PrintAndLog("\nValid HID Prox ID Found!");
d0b05864 959 return CheckChipType(cmdp);
e0165dcf 960 }
961
e0165dcf 962 ans=CmdAskEM410xDemod("");
963 if (ans>0) {
964 PrintAndLog("\nValid EM410x ID Found!");
d0b05864 965 return CheckChipType(cmdp);
e0165dcf 966 }
967
8b6abef5 968 ans=CmdVisa2kDemod("");
969 if (ans>0) {
970 PrintAndLog("\nValid Visa2000 ID Found!");
971 return CheckChipType(cmdp);
972 }
973
e0165dcf 974 ans=CmdG_Prox_II_Demod("");
975 if (ans>0) {
976 PrintAndLog("\nValid G Prox II ID Found!");
d0b05864 977 return CheckChipType(cmdp);
e0165dcf 978 }
979
4db6f3bb 980 ans=CmdFdxDemod("");
ecfcb34c 981 if (ans>0) {
982 PrintAndLog("\nValid FDX-B ID Found!");
d0b05864 983 return CheckChipType(cmdp);
ecfcb34c 984 }
985
23f0a7d8 986 ans=EM4x50Read("", false);
987 if (ans>0) {
988 PrintAndLog("\nValid EM4x50 ID Found!");
989 return 1;
990 }
411105e0 991
415274a7 992 ans=CmdVikingDemod("");
993 if (ans>0) {
994 PrintAndLog("\nValid Viking ID Found!");
d0b05864 995 return CheckChipType(cmdp);
415274a7 996 }
997
6fe5c94b 998 ans=CmdIndalaDecode("");
999 if (ans>0) {
1000 PrintAndLog("\nValid Indala ID Found!");
d0b05864 1001 return CheckChipType(cmdp);
6fe5c94b 1002 }
1003
411105e0 1004 ans=CmdPSKNexWatch("");
1005 if (ans>0) {
1006 PrintAndLog("\nValid NexWatch ID Found!");
d0b05864 1007 return CheckChipType(cmdp);
411105e0 1008 }
1009
e0165dcf 1010 PrintAndLog("\nNo Known Tags Found!\n");
1011 if (testRaw=='u' || testRaw=='U'){
d0b05864 1012 ans=CheckChipType(cmdp);
1013 //test unknown tag formats (raw mode)0
e0165dcf 1014 PrintAndLog("\nChecking for Unknown tags:\n");
7cb8516c 1015 ans=AutoCorrelate(4000, false, false);
e0165dcf 1016 if (ans > 0) PrintAndLog("Possible Auto Correlation of %d repeating samples",ans);
7cb8516c 1017 ans=GetFskClock("",false,false);
e0165dcf 1018 if (ans != 0){ //fsk
7cb8516c 1019 ans=FSKrawDemod("",true);
e0165dcf 1020 if (ans>0) {
1021 PrintAndLog("\nUnknown FSK Modulated Tag Found!");
e0165dcf 1022 return 1;
1023 }
1024 }
7cb8516c 1025 bool st = true;
1026 ans=ASKDemod_ext("0 0 0",true,false,1,&st);
e0165dcf 1027 if (ans>0) {
1028 PrintAndLog("\nUnknown ASK Modulated and Manchester encoded Tag Found!");
1029 PrintAndLog("\nif it does not look right it could instead be ASK/Biphase - try 'data rawdemod ab'");
e0165dcf 1030 return 1;
1031 }
1032 ans=CmdPSK1rawDemod("");
1033 if (ans>0) {
1034 PrintAndLog("Possible unknown PSK1 Modulated Tag Found above!\n\nCould also be PSK2 - try 'data rawdemod p2'");
1035 PrintAndLog("\nCould also be PSK3 - [currently not supported]");
1036 PrintAndLog("\nCould also be NRZ - try 'data nrzrawdemod");
e0165dcf 1037 return 1;
1038 }
1039 PrintAndLog("\nNo Data Found!\n");
1040 }
1041 return 0;
d5a72d2f 1042}
1043
7fe9b0b7 1044static command_t CommandTable[] =
1045{
e0165dcf 1046 {"help", CmdHelp, 1, "This help"},
9b99a6db 1047 {"awid", CmdLFAWID, 1, "{ AWID RFIDs... }"},
1048 {"cotag", CmdLFCOTAG, 1, "{ COTAG CHIPs... }"},
1049 {"em", CmdLFEM4X, 1, "{ EM4X CHIPs & RFIDs... }"},
1050 {"fdx", CmdLFFdx, 1, "{ FDX-B RFIDs... }"},
1051 {"gproxii", CmdLF_G_Prox_II, 1, "{ G Prox II RFIDs... }"},
1052 {"hid", CmdLFHID, 1, "{ HID RFIDs... }"},
1053 {"hitag", CmdLFHitag, 1, "{ Hitag CHIPs... }"},
1054 {"io", CmdLFIO, 1, "{ ioProx RFIDs... }"},
1055 {"indala", CmdLFINDALA, 1, "{ Indala RFIDs... }"},
5bce72d5 1056 {"nexwatch", CmdLFNexWatch, 1, "{ NexWatch RFIDs... }"},
1057 {"paradox", CmdLFParadox, 1, "{ Paradox RFIDs... }"},
9b99a6db 1058 {"presco", CmdLFPresco, 1, "{ Presco RFIDs... }"},
1059 {"pcf7931", CmdLFPCF7931, 1, "{ PCF7931 CHIPs... }"},
6923d3f1 1060 {"pyramid", CmdLFPyramid, 1, "{ Farpointe/Pyramid RFIDs... }"},
9b99a6db 1061 {"t55xx", CmdLFT55XX, 1, "{ T55xx CHIPs... }"},
1062 {"ti", CmdLFTI, 1, "{ TI CHIPs... }"},
1063 {"viking", CmdLFViking, 1, "{ Viking RFIDs... }"},
1064 {"visa2000", CmdLFVisa2k, 1, "{ Visa2000 RFIDs... }"},
21a615cb 1065 {"cmdread", CmdLFCommandRead, 0, "<d period> <z period> <o period> <c command> ['H'] -- Modulate LF reader field to send command before read (all periods in microseconds) (option 'H' for 134)"},
e0165dcf 1066 {"config", CmdLFSetConfig, 0, "Set config for LF sampling, bit/sample, decimation, frequency"},
1067 {"flexdemod", CmdFlexdemod, 1, "Demodulate samples for FlexPass"},
e0165dcf 1068 {"read", CmdLFRead, 0, "['s' silent] Read 125/134 kHz LF ID-only tag. Do 'lf read h' for help"},
1069 {"search", CmdLFfind, 1, "[offline] ['u'] Read and Search for valid known tag (in offline mode it you can load first then search) - 'u' to search for unknown tags"},
1070 {"sim", CmdLFSim, 0, "[GAP] -- Simulate LF tag from buffer with optional GAP (in microseconds)"},
aa53efc3 1071 {"simask", CmdLFaskSim, 0, "[clock] [invert <1|0>] [biphase/manchester/raw <'b'|'m'|'r'>] [msg separator 's'] [d <hexdata>] -- Simulate LF ASK tag from demodbuffer or input"},
e0165dcf 1072 {"simfsk", CmdLFfskSim, 0, "[c <clock>] [i] [H <fcHigh>] [L <fcLow>] [d <hexdata>] -- Simulate LF FSK tag from demodbuffer or input"},
1073 {"simpsk", CmdLFpskSim, 0, "[1|2|3] [c <clock>] [i] [r <carrier>] [d <raw hex to sim>] -- Simulate LF PSK tag from demodbuffer or input"},
1074 {"simbidir", CmdLFSimBidir, 0, "Simulate LF tag (with bidirectional data transmission between reader and tag)"},
e0165dcf 1075 {"snoop", CmdLFSnoop, 0, "['l'|'h'|<divisor>] [trigger threshold]-- Snoop LF (l:125khz, h:134khz)"},
e0165dcf 1076 {"vchdemod", CmdVchDemod, 1, "['clone'] -- Demodulate samples for VeriChip"},
e0165dcf 1077 {NULL, NULL, 0, NULL}
7fe9b0b7 1078};
1079
1080int CmdLF(const char *Cmd)
1081{
e0165dcf 1082 CmdsParse(CommandTable, Cmd);
1083 return 0;
7fe9b0b7 1084}
1085
1086int CmdHelp(const char *Cmd)
1087{
e0165dcf 1088 CmdsHelp(CommandTable);
1089 return 0;
7fe9b0b7 1090}
Proxmark3 GIT tracking
Impressum, Datenschutz