]> git.zerfleddert.de Git - proxmark3-svn/blob - client/cmdlf.c
projects / proxmark3-svn / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #257 from marshmellow42/master
[proxmark3-svn] / client / cmdlf.c
1 //-----------------------------------------------------------------------------
2 // Copyright (C) 2010 iZsh <izsh at fail0verflow.com>
3 //
4 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
5 // at your option, any later version. See the LICENSE.txt file for the text of
6 // the license.
7 //-----------------------------------------------------------------------------
8 // Low frequency commands
9 //-----------------------------------------------------------------------------
10
11 #include <stdio.h>
12 #include <stdlib.h>
13 #include <string.h>
14 #include <limits.h>
15 #include "proxmark3.h"
16 #include "cmdlf.h"
17 #include "lfdemod.h" // for psk2TOpsk1
18 #include "util.h" // for parsing cli command utils
19 #include "ui.h" // for show graph controls
20 #include "graph.h" // for graph data
21 #include "cmdparser.h" // for getting cli commands included in cmdmain.h
22 #include "cmdmain.h" // for sending cmds to device
23 #include "data.h" // for GetFromBigBuf
24 #include "cmddata.h" // for `lf search`
25 #include "cmdlfawid.h" // for awid menu
26 #include "cmdlfem4x.h" // for em4x menu
27 #include "cmdlfhid.h" // for hid menu
28 #include "cmdlfhitag.h" // for hitag menu
29 #include "cmdlfio.h" // for ioprox menu
30 #include "cmdlft55xx.h" // for t55xx menu
31 #include "cmdlfti.h" // for ti menu
32 #include "cmdlfpresco.h" // for presco menu
33 #include "cmdlfpcf7931.h"// for pcf7931 menu
34 #include "cmdlfpyramid.h"// for pyramid menu
35 #include "cmdlfviking.h" // for viking menu
36 #include "cmdlfcotag.h" // for COTAG menu
37 #include "cmdlfvisa2000.h" // for VISA2000 menu
38 #include "cmdlfindala.h" // for indala menu
39 #include "cmdlfgproxii.h"// for gproxii menu
40 #include "cmdlffdx.h" // for fdx-b menu
41 #include "cmdlfparadox.h"// for paradox menu
42 #include "cmdlfnexwatch.h"//for nexwatch menu
43
44 bool g_lf_threshold_set = false;
45 static int CmdHelp(const char *Cmd);
46
47
48
49 int usage_lf_cmdread(void)
50 {
51 PrintAndLog("Usage: lf cmdread d <delay period> z <zero period> o <one period> c <cmdbytes> [H] ");
52 PrintAndLog("Options: ");
53 PrintAndLog(" h This help");
54 PrintAndLog(" L Low frequency (125 KHz)");
55 PrintAndLog(" H High frequency (134 KHz)");
56 PrintAndLog(" d <delay> delay OFF period");
57 PrintAndLog(" z <zero> time period ZERO");
58 PrintAndLog(" o <one> time period ONE");
59 PrintAndLog(" c <cmd> Command bytes");
60 PrintAndLog(" ************* All periods in microseconds");
61 PrintAndLog("Examples:");
62 PrintAndLog(" lf cmdread d 80 z 100 o 200 c 11000");
63 PrintAndLog(" lf cmdread d 80 z 100 o 100 c 11000 H");
64 return 0;
65 }
66
67 /* send a command before reading */
68 int CmdLFCommandRead(const char *Cmd)
69 {
70 static char dummy[3] = {0x20,0x00,0x00};
71 UsbCommand c = {CMD_MOD_THEN_ACQUIRE_RAW_ADC_SAMPLES_125K};
72 bool errors = false;
73 //uint8_t divisor = 95; //125khz
74 uint8_t cmdp = 0;
75 while(param_getchar(Cmd, cmdp) != 0x00)
76 {
77 switch(param_getchar(Cmd, cmdp))
78 {
79 case 'h':
80 return usage_lf_cmdread();
81 case 'H':
82 //divisor = 88;
83 dummy[1]='h';
84 cmdp++;
85 break;
86 case 'L':
87 cmdp++;
88 break;
89 case 'c':
90 param_getstr(Cmd, cmdp+1, (char *)&c.d.asBytes);
91 cmdp+=2;
92 break;
93 case 'd':
94 c.arg[0] = param_get32ex(Cmd, cmdp+1, 0, 10);
95 cmdp+=2;
96 break;
97 case 'z':
98 c.arg[1] = param_get32ex(Cmd, cmdp+1, 0, 10);
99 cmdp+=2;
100 break;
101 case 'o':
102 c.arg[2] = param_get32ex(Cmd, cmdp+1, 0, 10);
103 cmdp+=2;
104 break;
105 default:
106 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
107 errors = 1;
108 break;
109 }
110 if(errors) break;
111 }
112 // No args
113 if(cmdp == 0) errors = 1;
114
115 //Validations
116 if(errors) return usage_lf_cmdread();
117
118 // in case they specified 'H'
119 strcpy((char *)&c.d.asBytes + strlen((char *)c.d.asBytes), dummy);
120
121 clearCommandBuffer();
122 SendCommand(&c);
123 return 0;
124 }
125
126 int CmdFlexdemod(const char *Cmd)
127 {
128 int i;
129 for (i = 0; i < GraphTraceLen; ++i) {
130 if (GraphBuffer[i] < 0) {
131 GraphBuffer[i] = -1;
132 } else {
133 GraphBuffer[i] = 1;
134 }
135 }
136
137 #define LONG_WAIT 100
138 int start;
139 for (start = 0; start < GraphTraceLen - LONG_WAIT; start++) {
140 int first = GraphBuffer[start];
141 for (i = start; i < start + LONG_WAIT; i++) {
142 if (GraphBuffer[i] != first) {
143 break;
144 }
145 }
146 if (i == (start + LONG_WAIT)) {
147 break;
148 }
149 }
150 if (start == GraphTraceLen - LONG_WAIT) {
151 PrintAndLog("nothing to wait for");
152 return 0;
153 }
154
155 GraphBuffer[start] = 2;
156 GraphBuffer[start+1] = -2;
157 uint8_t bits[64] = {0x00};
158
159 int bit, sum;
160 i = start;
161 for (bit = 0; bit < 64; bit++) {
162 sum = 0;
163 for (int j = 0; j < 16; j++) {
164 sum += GraphBuffer[i++];
165 }
166
167 bits[bit] = (sum > 0) ? 1 : 0;
168
169 PrintAndLog("bit %d sum %d", bit, sum);
170 }
171
172 for (bit = 0; bit < 64; bit++) {
173 int j;
174 int sum = 0;
175 for (j = 0; j < 16; j++) {
176 sum += GraphBuffer[i++];
177 }
178 if (sum > 0 && bits[bit] != 1) {
179 PrintAndLog("oops1 at %d", bit);
180 }
181 if (sum < 0 && bits[bit] != 0) {
182 PrintAndLog("oops2 at %d", bit);
183 }
184 }
185
186 // HACK writing back to graphbuffer.
187 GraphTraceLen = 32*64;
188 i = 0;
189 int phase = 0;
190 for (bit = 0; bit < 64; bit++) {
191
192 phase = (bits[bit] == 0) ? 0 : 1;
193
194 int j;
195 for (j = 0; j < 32; j++) {
196 GraphBuffer[i++] = phase;
197 phase = !phase;
198 }
199 }
200
201 RepaintGraphWindow();
202 return 0;
203 }
204
205 int usage_lf_read(void)
206 {
207 PrintAndLog("Usage: lf read");
208 PrintAndLog("Options: ");
209 PrintAndLog(" h This help");
210 PrintAndLog(" s silent run no printout");
211 PrintAndLog("This function takes no arguments. ");
212 PrintAndLog("Use 'lf config' to set parameters.");
213 return 0;
214 }
215 int usage_lf_snoop(void)
216 {
217 PrintAndLog("Usage: lf snoop");
218 PrintAndLog("Options: ");
219 PrintAndLog(" h This help");
220 PrintAndLog("This function takes no arguments. ");
221 PrintAndLog("Use 'lf config' to set parameters.");
222 return 0;
223 }
224
225 int usage_lf_config(void)
226 {
227 PrintAndLog("Usage: lf config [H|<divisor>] [b <bps>] [d <decim>] [a 0|1]");
228 PrintAndLog("Options: ");
229 PrintAndLog(" h This help");
230 PrintAndLog(" L Low frequency (125 KHz)");
231 PrintAndLog(" H High frequency (134 KHz)");
232 PrintAndLog(" q <divisor> Manually set divisor. 88-> 134KHz, 95-> 125 Hz");
233 PrintAndLog(" b <bps> Sets resolution of bits per sample. Default (max): 8");
234 PrintAndLog(" d <decim> Sets decimation. A value of N saves only 1 in N samples. Default: 1");
235 PrintAndLog(" a [0|1] Averaging - if set, will average the stored sample value when decimating. Default: 1");
236 PrintAndLog(" t <threshold> Sets trigger threshold. 0 means no threshold (range: 0-128)");
237 PrintAndLog("Examples:");
238 PrintAndLog(" lf config b 8 L");
239 PrintAndLog(" Samples at 125KHz, 8bps.");
240 PrintAndLog(" lf config H b 4 d 3");
241 PrintAndLog(" Samples at 134KHz, averages three samples into one, stored with ");
242 PrintAndLog(" a resolution of 4 bits per sample.");
243 PrintAndLog(" lf read");
244 PrintAndLog(" Performs a read (active field)");
245 PrintAndLog(" lf snoop");
246 PrintAndLog(" Performs a snoop (no active field)");
247 return 0;
248 }
249
250 int CmdLFSetConfig(const char *Cmd)
251 {
252
253 uint8_t divisor = 0;//Frequency divisor
254 uint8_t bps = 0; // Bits per sample
255 uint8_t decimation = 0; //How many to keep
256 bool averaging = 1; // Defaults to true
257 bool errors = false;
258 int trigger_threshold =-1;//Means no change
259 uint8_t unsigned_trigg = 0;
260
261 uint8_t cmdp =0;
262 while(param_getchar(Cmd, cmdp) != 0x00)
263 {
264 switch(param_getchar(Cmd, cmdp))
265 {
266 case 'h':
267 return usage_lf_config();
268 case 'H':
269 divisor = 88;
270 cmdp++;
271 break;
272 case 'L':
273 divisor = 95;
274 cmdp++;
275 break;
276 case 'q':
277 errors |= param_getdec(Cmd,cmdp+1,&divisor);
278 cmdp+=2;
279 break;
280 case 't':
281 errors |= param_getdec(Cmd,cmdp+1,&unsigned_trigg);
282 cmdp+=2;
283 if(!errors) {
284 trigger_threshold = unsigned_trigg;
285 if (trigger_threshold > 0) g_lf_threshold_set = true;
286 }
287 break;
288 case 'b':
289 errors |= param_getdec(Cmd,cmdp+1,&bps);
290 cmdp+=2;
291 break;
292 case 'd':
293 errors |= param_getdec(Cmd,cmdp+1,&decimation);
294 cmdp+=2;
295 break;
296 case 'a':
297 averaging = param_getchar(Cmd,cmdp+1) == '1';
298 cmdp+=2;
299 break;
300 default:
301 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
302 errors = 1;
303 break;
304 }
305 if(errors) break;
306 }
307 if(cmdp == 0)
308 {
309 errors = 1;// No args
310 }
311
312 //Validations
313 if(errors)
314 {
315 return usage_lf_config();
316 }
317 //Bps is limited to 8, so fits in lower half of arg1
318 if(bps >> 4) bps = 8;
319
320 sample_config config = {
321 decimation,bps,averaging,divisor,trigger_threshold
322 };
323 //Averaging is a flag on high-bit of arg[1]
324 UsbCommand c = {CMD_SET_LF_SAMPLING_CONFIG};
325 memcpy(c.d.asBytes,&config,sizeof(sample_config));
326 clearCommandBuffer();
327 SendCommand(&c);
328 return 0;
329 }
330
331 int CmdLFRead(const char *Cmd)
332 {
333 if (offline) return 0;
334 uint8_t cmdp = 0;
335 bool arg1 = false;
336 if (param_getchar(Cmd, cmdp) == 'h')
337 {
338 return usage_lf_read();
339 }
340 if (param_getchar(Cmd, cmdp) == 's') arg1 = true; //suppress print
341 //And ship it to device
342 UsbCommand c = {CMD_ACQUIRE_RAW_ADC_SAMPLES_125K, {arg1,0,0}};
343 clearCommandBuffer();
344 SendCommand(&c);
345 if (g_lf_threshold_set) {
346 WaitForResponse(CMD_ACK,NULL);
347 } else {
348 if ( !WaitForResponseTimeout(CMD_ACK,NULL,2500) ) {
349 PrintAndLog("command execution time out");
350 return 1;
351 }
352 }
353 return 0;
354 }
355
356 int CmdLFSnoop(const char *Cmd)
357 {
358 uint8_t cmdp =0;
359 if(param_getchar(Cmd, cmdp) == 'h')
360 {
361 return usage_lf_snoop();
362 }
363
364 UsbCommand c = {CMD_LF_SNOOP_RAW_ADC_SAMPLES};
365 clearCommandBuffer();
366 SendCommand(&c);
367 WaitForResponse(CMD_ACK,NULL);
368 return 0;
369 }
370
371 static void ChkBitstream(const char *str)
372 {
373 int i;
374
375 /* convert to bitstream if necessary */
376 for (i = 0; i < (int)(GraphTraceLen / 2); i++){
377 if (GraphBuffer[i] > 1 || GraphBuffer[i] < 0) {
378 CmdGetBitStream("");
379 break;
380 }
381 }
382 }
383 //Attempt to simulate any wave in buffer (one bit per output sample)
384 // converts GraphBuffer to bitstream (based on zero crossings) if needed.
385 int CmdLFSim(const char *Cmd)
386 {
387 int i,j;
388 static int gap;
389
390 sscanf(Cmd, "%i", &gap);
391
392 // convert to bitstream if necessary
393
394 ChkBitstream(Cmd);
395
396 //can send only 512 bits at a time (1 byte sent per bit...)
397 printf("Sending [%d bytes]", GraphTraceLen);
398 for (i = 0; i < GraphTraceLen; i += USB_CMD_DATA_SIZE) {
399 UsbCommand c={CMD_DOWNLOADED_SIM_SAMPLES_125K, {i, 0, 0}};
400
401 for (j = 0; j < USB_CMD_DATA_SIZE; j++) {
402 c.d.asBytes[j] = GraphBuffer[i+j];
403 }
404 SendCommand(&c);
405 WaitForResponse(CMD_ACK,NULL);
406 printf(".");
407 }
408
409 printf("\n");
410 PrintAndLog("Starting to simulate");
411 UsbCommand c = {CMD_SIMULATE_TAG_125K, {GraphTraceLen, gap, 0}};
412 clearCommandBuffer();
413 SendCommand(&c);
414 return 0;
415 }
416
417 int usage_lf_simfsk(void)
418 {
419 //print help
420 PrintAndLog("Usage: lf simfsk [c <clock>] [i] [H <fcHigh>] [L <fcLow>] [d <hexdata>]");
421 PrintAndLog("Options: ");
422 PrintAndLog(" h This help");
423 PrintAndLog(" c <clock> Manually set clock - can autodetect if using DemodBuffer");
424 PrintAndLog(" i invert data");
425 PrintAndLog(" H <fcHigh> Manually set the larger Field Clock");
426 PrintAndLog(" L <fcLow> Manually set the smaller Field Clock");
427 //PrintAndLog(" s TBD- -to enable a gap between playback repetitions - default: no gap");
428 PrintAndLog(" d <hexdata> Data to sim as hex - omit to sim from DemodBuffer");
429 PrintAndLog("\n NOTE: if you set one clock manually set them all manually");
430 return 0;
431 }
432
433 int usage_lf_simask(void)
434 {
435 //print help
436 PrintAndLog("Usage: lf simask [c <clock>] [i] [b|m|r] [s] [d <raw hex to sim>]");
437 PrintAndLog("Options: ");
438 PrintAndLog(" h This help");
439 PrintAndLog(" c <clock> Manually set clock - can autodetect if using DemodBuffer");
440 PrintAndLog(" i invert data");
441 PrintAndLog(" b sim ask/biphase");
442 PrintAndLog(" m sim ask/manchester - Default");
443 PrintAndLog(" r sim ask/raw");
444 PrintAndLog(" s add t55xx Sequence Terminator gap - default: no gaps (only manchester)");
445 PrintAndLog(" d <hexdata> Data to sim as hex - omit to sim from DemodBuffer");
446 return 0;
447 }
448
449 int usage_lf_simpsk(void)
450 {
451 //print help
452 PrintAndLog("Usage: lf simpsk [1|2|3] [c <clock>] [i] [r <carrier>] [d <raw hex to sim>]");
453 PrintAndLog("Options: ");
454 PrintAndLog(" h This help");
455 PrintAndLog(" c <clock> Manually set clock - can autodetect if using DemodBuffer");
456 PrintAndLog(" i invert data");
457 PrintAndLog(" 1 set PSK1 (default)");
458 PrintAndLog(" 2 set PSK2");
459 PrintAndLog(" 3 set PSK3");
460 PrintAndLog(" r <carrier> 2|4|8 are valid carriers: default = 2");
461 PrintAndLog(" d <hexdata> Data to sim as hex - omit to sim from DemodBuffer");
462 return 0;
463 }
464
465 // by marshmellow - sim fsk data given clock, fcHigh, fcLow, invert
466 // - allow pull data from DemodBuffer
467 int CmdLFfskSim(const char *Cmd)
468 {
469 //might be able to autodetect FCs and clock from Graphbuffer if using demod buffer
470 // otherwise will need FChigh, FClow, Clock, and bitstream
471 uint8_t fcHigh=0, fcLow=0, clk=0;
472 uint8_t invert=0;
473 bool errors = false;
474 char hexData[32] = {0x00}; // store entered hex data
475 uint8_t data[255] = {0x00};
476 int dataLen = 0;
477 uint8_t cmdp = 0;
478 while(param_getchar(Cmd, cmdp) != 0x00)
479 {
480 switch(param_getchar(Cmd, cmdp))
481 {
482 case 'h':
483 return usage_lf_simfsk();
484 case 'i':
485 invert = 1;
486 cmdp++;
487 break;
488 case 'c':
489 errors |= param_getdec(Cmd,cmdp+1,&clk);
490 cmdp+=2;
491 break;
492 case 'H':
493 errors |= param_getdec(Cmd,cmdp+1,&fcHigh);
494 cmdp+=2;
495 break;
496 case 'L':
497 errors |= param_getdec(Cmd,cmdp+1,&fcLow);
498 cmdp+=2;
499 break;
500 //case 's':
501 // separator=1;
502 // cmdp++;
503 // break;
504 case 'd':
505 dataLen = param_getstr(Cmd, cmdp+1, hexData);
506 if (dataLen==0) {
507 errors=true;
508 } else {
509 dataLen = hextobinarray((char *)data, hexData);
510 }
511 if (dataLen==0) errors=true;
512 if (errors) PrintAndLog ("Error getting hex data");
513 cmdp+=2;
514 break;
515 default:
516 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
517 errors = true;
518 break;
519 }
520 if(errors) break;
521 }
522 if(cmdp == 0 && DemodBufferLen == 0)
523 {
524 errors = true;// No args
525 }
526
527 //Validations
528 if(errors)
529 {
530 return usage_lf_simfsk();
531 }
532
533 if (dataLen == 0){ //using DemodBuffer
534 if (clk==0 || fcHigh==0 || fcLow==0){ //manual settings must set them all
535 uint8_t ans = fskClocks(&fcHigh, &fcLow, &clk, 0);
536 if (ans==0){
537 if (!fcHigh) fcHigh=10;
538 if (!fcLow) fcLow=8;
539 if (!clk) clk=50;
540 }
541 }
542 } else {
543 setDemodBuf(data, dataLen, 0);
544 }
545
546 //default if not found
547 if (clk == 0) clk = 50;
548 if (fcHigh == 0) fcHigh = 10;
549 if (fcLow == 0) fcLow = 8;
550
551 uint16_t arg1, arg2;
552 arg1 = fcHigh << 8 | fcLow;
553 arg2 = invert << 8 | clk;
554 size_t size = DemodBufferLen;
555 if (size > USB_CMD_DATA_SIZE) {
556 PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
557 size = USB_CMD_DATA_SIZE;
558 }
559 UsbCommand c = {CMD_FSK_SIM_TAG, {arg1, arg2, size}};
560
561 memcpy(c.d.asBytes, DemodBuffer, size);
562 clearCommandBuffer();
563 SendCommand(&c);
564 return 0;
565 }
566
567 // by marshmellow - sim ask data given clock, invert, manchester or raw, separator
568 // - allow pull data from DemodBuffer
569 int CmdLFaskSim(const char *Cmd)
570 {
571 //autodetect clock from Graphbuffer if using demod buffer
572 // needs clock, invert, manchester/raw as m or r, separator as s, and bitstream
573 uint8_t encoding = 1, separator = 0;
574 uint8_t clk=0, invert=0;
575 bool errors = false;
576 char hexData[32] = {0x00};
577 uint8_t data[255]= {0x00}; // store entered hex data
578 int dataLen = 0;
579 uint8_t cmdp = 0;
580 while(param_getchar(Cmd, cmdp) != 0x00)
581 {
582 switch(param_getchar(Cmd, cmdp))
583 {
584 case 'h':
585 return usage_lf_simask();
586 case 'i':
587 invert = 1;
588 cmdp++;
589 break;
590 case 'c':
591 errors |= param_getdec(Cmd,cmdp+1,&clk);
592 cmdp+=2;
593 break;
594 case 'b':
595 encoding=2; //biphase
596 cmdp++;
597 break;
598 case 'm':
599 encoding=1;
600 cmdp++;
601 break;
602 case 'r':
603 encoding=0;
604 cmdp++;
605 break;
606 case 's':
607 separator=1;
608 cmdp++;
609 break;
610 case 'd':
611 dataLen = param_getstr(Cmd, cmdp+1, hexData);
612 if (dataLen==0) {
613 errors=true;
614 } else {
615 dataLen = hextobinarray((char *)data, hexData);
616 }
617 if (dataLen==0) errors=true;
618 if (errors) PrintAndLog ("Error getting hex data, datalen: %d",dataLen);
619 cmdp+=2;
620 break;
621 default:
622 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
623 errors = true;
624 break;
625 }
626 if(errors) break;
627 }
628 if(cmdp == 0 && DemodBufferLen == 0)
629 {
630 errors = true;// No args
631 }
632
633 //Validations
634 if(errors)
635 {
636 return usage_lf_simask();
637 }
638 if (dataLen == 0){ //using DemodBuffer
639 if (clk == 0) clk = GetAskClock("0", false, false);
640 } else {
641 setDemodBuf(data, dataLen, 0);
642 }
643 if (clk == 0) clk = 64;
644 if (encoding == 0) clk = clk/2; //askraw needs to double the clock speed
645 uint16_t arg1, arg2;
646 size_t size=DemodBufferLen;
647 arg1 = clk << 8 | encoding;
648 arg2 = invert << 8 | separator;
649 if (size > USB_CMD_DATA_SIZE) {
650 PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
651 size = USB_CMD_DATA_SIZE;
652 }
653 UsbCommand c = {CMD_ASK_SIM_TAG, {arg1, arg2, size}};
654 PrintAndLog("preparing to sim ask data: %d bits", size);
655 memcpy(c.d.asBytes, DemodBuffer, size);
656 clearCommandBuffer();
657 SendCommand(&c);
658 return 0;
659 }
660
661 // by marshmellow - sim psk data given carrier, clock, invert
662 // - allow pull data from DemodBuffer or parameters
663 int CmdLFpskSim(const char *Cmd)
664 {
665 //might be able to autodetect FC and clock from Graphbuffer if using demod buffer
666 //will need carrier, Clock, and bitstream
667 uint8_t carrier=0, clk=0;
668 uint8_t invert=0;
669 bool errors = false;
670 char hexData[32] = {0x00}; // store entered hex data
671 uint8_t data[255] = {0x00};
672 int dataLen = 0;
673 uint8_t cmdp = 0;
674 uint8_t pskType = 1;
675 while(param_getchar(Cmd, cmdp) != 0x00)
676 {
677 switch(param_getchar(Cmd, cmdp))
678 {
679 case 'h':
680 return usage_lf_simpsk();
681 case 'i':
682 invert = 1;
683 cmdp++;
684 break;
685 case 'c':
686 errors |= param_getdec(Cmd,cmdp+1,&clk);
687 cmdp+=2;
688 break;
689 case 'r':
690 errors |= param_getdec(Cmd,cmdp+1,&carrier);
691 cmdp+=2;
692 break;
693 case '1':
694 pskType=1;
695 cmdp++;
696 break;
697 case '2':
698 pskType=2;
699 cmdp++;
700 break;
701 case '3':
702 pskType=3;
703 cmdp++;
704 break;
705 case 'd':
706 dataLen = param_getstr(Cmd, cmdp+1, hexData);
707 if (dataLen==0) {
708 errors=true;
709 } else {
710 dataLen = hextobinarray((char *)data, hexData);
711 }
712 if (dataLen==0) errors=true;
713 if (errors) PrintAndLog ("Error getting hex data");
714 cmdp+=2;
715 break;
716 default:
717 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
718 errors = true;
719 break;
720 }
721 if (errors) break;
722 }
723 if (cmdp == 0 && DemodBufferLen == 0)
724 {
725 errors = true;// No args
726 }
727
728 //Validations
729 if (errors)
730 {
731 return usage_lf_simpsk();
732 }
733 if (dataLen == 0){ //using DemodBuffer
734 PrintAndLog("Getting Clocks");
735 if (clk==0) clk = GetPskClock("", false, false);
736 PrintAndLog("clk: %d",clk);
737 if (!carrier) carrier = GetPskCarrier("", false, false);
738 PrintAndLog("carrier: %d", carrier);
739 } else {
740 setDemodBuf(data, dataLen, 0);
741 }
742
743 if (clk <= 0) clk = 32;
744 if (carrier == 0) carrier = 2;
745 if (pskType != 1){
746 if (pskType == 2){
747 //need to convert psk2 to psk1 data before sim
748 psk2TOpsk1(DemodBuffer, DemodBufferLen);
749 } else {
750 PrintAndLog("Sorry, PSK3 not yet available");
751 }
752 }
753 uint16_t arg1, arg2;
754 arg1 = clk << 8 | carrier;
755 arg2 = invert;
756 size_t size=DemodBufferLen;
757 if (size > USB_CMD_DATA_SIZE) {
758 PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
759 size=USB_CMD_DATA_SIZE;
760 }
761 UsbCommand c = {CMD_PSK_SIM_TAG, {arg1, arg2, size}};
762 PrintAndLog("DEBUG: Sending DemodBuffer Length: %d", size);
763 memcpy(c.d.asBytes, DemodBuffer, size);
764 clearCommandBuffer();
765 SendCommand(&c);
766
767 return 0;
768 }
769
770 int CmdLFSimBidir(const char *Cmd)
771 {
772 // Set ADC to twice the carrier for a slight supersampling
773 // HACK: not implemented in ARMSRC.
774 PrintAndLog("Not implemented yet.");
775 UsbCommand c = {CMD_LF_SIMULATE_BIDIR, {47, 384, 0}};
776 SendCommand(&c);
777 return 0;
778 }
779
780 int CmdVchDemod(const char *Cmd)
781 {
782 // Is this the entire sync pattern, or does this also include some
783 // data bits that happen to be the same everywhere? That would be
784 // lovely to know.
785 static const int SyncPattern[] = {
786 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
787 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
788 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
789 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
790 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
791 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
792 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
793 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
794 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
795 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
796 };
797
798 // So first, we correlate for the sync pattern, and mark that.
799 int bestCorrel = 0, bestPos = 0;
800 int i;
801 // It does us no good to find the sync pattern, with fewer than
802 // 2048 samples after it...
803 for (i = 0; i < (GraphTraceLen-2048); i++) {
804 int sum = 0;
805 int j;
806 for (j = 0; j < arraylen(SyncPattern); j++) {
807 sum += GraphBuffer[i+j]*SyncPattern[j];
808 }
809 if (sum > bestCorrel) {
810 bestCorrel = sum;
811 bestPos = i;
812 }
813 }
814 PrintAndLog("best sync at %d [metric %d]", bestPos, bestCorrel);
815
816 char bits[257];
817 bits[256] = '\0';
818
819 int worst = INT_MAX;
820 int worstPos = 0;
821
822 for (i = 0; i < 2048; i += 8) {
823 int sum = 0;
824 int j;
825 for (j = 0; j < 8; j++) {
826 sum += GraphBuffer[bestPos+i+j];
827 }
828 if (sum < 0) {
829 bits[i/8] = '.';
830 } else {
831 bits[i/8] = '1';
832 }
833 if(abs(sum) < worst) {
834 worst = abs(sum);
835 worstPos = i;
836 }
837 }
838 PrintAndLog("bits:");
839 PrintAndLog("%s", bits);
840 PrintAndLog("worst metric: %d at pos %d", worst, worstPos);
841
842 if (strcmp(Cmd, "clone")==0) {
843 GraphTraceLen = 0;
844 char *s;
845 for(s = bits; *s; s++) {
846 int j;
847 for(j = 0; j < 16; j++) {
848 GraphBuffer[GraphTraceLen++] = (*s == '1') ? 1 : 0;
849 }
850 }
851 RepaintGraphWindow();
852 }
853 return 0;
854 }
855
856
857 //by marshmellow
858 int CheckChipType(char cmdp) {
859 uint32_t wordData = 0;
860
861 //check for em4x05/em4x69 chips first
862 save_restoreGB(1);
863 if ((!offline && (cmdp != '1')) && EM4x05Block0Test(&wordData)) {
864 PrintAndLog("\nValid EM4x05/EM4x69 Chip Found\nTry lf em 4x05... commands\n");
865 save_restoreGB(0);
866 return 1;
867 }
868
869 //TODO check for t55xx chip...
870
871 save_restoreGB(0);
872 return 1;
873 }
874
875 //by marshmellow
876 int CmdLFfind(const char *Cmd)
877 {
878 uint32_t wordData = 0;
879 int ans=0;
880 size_t minLength = 1000;
881 char cmdp = param_getchar(Cmd, 0);
882 char testRaw = param_getchar(Cmd, 1);
883 if (strlen(Cmd) > 3 || cmdp == 'h' || cmdp == 'H') {
884 PrintAndLog("Usage: lf search <0|1> [u]");
885 PrintAndLog(" <use data from Graphbuffer> , if not set, try reading data from tag.");
886 PrintAndLog(" [Search for Unknown tags] , if not set, reads only known tags.");
887 PrintAndLog("");
888 PrintAndLog(" sample: lf search = try reading data from tag & search for known tags");
889 PrintAndLog(" : lf search 1 = use data from GraphBuffer & search for known tags");
890 PrintAndLog(" : lf search u = try reading data from tag & search for known and unknown tags");
891 PrintAndLog(" : lf search 1 u = use data from GraphBuffer & search for known and unknown tags");
892
893 return 0;
894 }
895
896 if (!offline && (cmdp != '1')){
897 CmdLFRead("s");
898 getSamples("30000",false);
899 } else if (GraphTraceLen < minLength) {
900 PrintAndLog("Data in Graphbuffer was too small.");
901 return 0;
902 }
903 if (cmdp == 'u' || cmdp == 'U') testRaw = 'u';
904
905 PrintAndLog("NOTE: some demods output possible binary\n if it finds something that looks like a tag");
906 PrintAndLog("False Positives ARE possible\n");
907 PrintAndLog("\nChecking for known tags:\n");
908
909 size_t testLen = minLength;
910 // only run if graphbuffer is just noise as it should be for hitag/cotag
911 if (graphJustNoise(GraphBuffer, testLen)) {
912 // only run these tests if we are in online mode
913 if (!offline && (cmdp != '1')) {
914 // test for em4x05 in reader talk first mode.
915 if (EM4x05Block0Test(&wordData)) {
916 PrintAndLog("\nValid EM4x05/EM4x69 Chip Found\nUse lf em 4x05readword/dump commands to read\n");
917 return 1;
918 }
919 ans=CmdLFHitagReader("26");
920 if (ans==0) {
921 return 1;
922 }
923 ans=CmdCOTAGRead("");
924 if (ans>0){
925 PrintAndLog("\nValid COTAG ID Found!");
926 return 1;
927 }
928 }
929 return 0;
930 }
931
932 ans=CmdFSKdemodIO("");
933 if (ans>0) {
934 PrintAndLog("\nValid IO Prox ID Found!");
935 return CheckChipType(cmdp);
936 }
937
938 ans=CmdFSKdemodPyramid("");
939 if (ans>0) {
940 PrintAndLog("\nValid Pyramid ID Found!");
941 return CheckChipType(cmdp);
942 }
943
944 ans=CmdFSKdemodParadox("");
945 if (ans>0) {
946 PrintAndLog("\nValid Paradox ID Found!");
947 return CheckChipType(cmdp);
948 }
949
950 ans=CmdFSKdemodAWID("");
951 if (ans>0) {
952 PrintAndLog("\nValid AWID ID Found!");
953 return CheckChipType(cmdp);
954 }
955
956 ans=CmdFSKdemodHID("");
957 if (ans>0) {
958 PrintAndLog("\nValid HID Prox ID Found!");
959 return CheckChipType(cmdp);
960 }
961
962 ans=CmdAskEM410xDemod("");
963 if (ans>0) {
964 PrintAndLog("\nValid EM410x ID Found!");
965 return CheckChipType(cmdp);
966 }
967
968 ans=CmdVisa2kDemod("");
969 if (ans>0) {
970 PrintAndLog("\nValid Visa2000 ID Found!");
971 return CheckChipType(cmdp);
972 }
973
974 ans=CmdG_Prox_II_Demod("");
975 if (ans>0) {
976 PrintAndLog("\nValid G Prox II ID Found!");
977 return CheckChipType(cmdp);
978 }
979
980 ans=CmdFdxDemod("");
981 if (ans>0) {
982 PrintAndLog("\nValid FDX-B ID Found!");
983 return CheckChipType(cmdp);
984 }
985
986 ans=EM4x50Read("", false);
987 if (ans>0) {
988 PrintAndLog("\nValid EM4x50 ID Found!");
989 return 1;
990 }
991
992 ans=CmdVikingDemod("");
993 if (ans>0) {
994 PrintAndLog("\nValid Viking ID Found!");
995 return CheckChipType(cmdp);
996 }
997
998 ans=CmdIndalaDecode("");
999 if (ans>0) {
1000 PrintAndLog("\nValid Indala ID Found!");
1001 return CheckChipType(cmdp);
1002 }
1003
1004 ans=CmdPSKNexWatch("");
1005 if (ans>0) {
1006 PrintAndLog("\nValid NexWatch ID Found!");
1007 return CheckChipType(cmdp);
1008 }
1009
1010 PrintAndLog("\nNo Known Tags Found!\n");
1011 if (testRaw=='u' || testRaw=='U'){
1012 ans=CheckChipType(cmdp);
1013 //test unknown tag formats (raw mode)0
1014 PrintAndLog("\nChecking for Unknown tags:\n");
1015 ans=AutoCorrelate(4000, false, false);
1016 if (ans > 0) PrintAndLog("Possible Auto Correlation of %d repeating samples",ans);
1017 ans=GetFskClock("",false,false);
1018 if (ans != 0){ //fsk
1019 ans=FSKrawDemod("",true);
1020 if (ans>0) {
1021 PrintAndLog("\nUnknown FSK Modulated Tag Found!");
1022 return 1;
1023 }
1024 }
1025 bool st = true;
1026 ans=ASKDemod_ext("0 0 0",true,false,1,&st);
1027 if (ans>0) {
1028 PrintAndLog("\nUnknown ASK Modulated and Manchester encoded Tag Found!");
1029 PrintAndLog("\nif it does not look right it could instead be ASK/Biphase - try 'data rawdemod ab'");
1030 return 1;
1031 }
1032 ans=CmdPSK1rawDemod("");
1033 if (ans>0) {
1034 PrintAndLog("Possible unknown PSK1 Modulated Tag Found above!\n\nCould also be PSK2 - try 'data rawdemod p2'");
1035 PrintAndLog("\nCould also be PSK3 - [currently not supported]");
1036 PrintAndLog("\nCould also be NRZ - try 'data nrzrawdemod");
1037 return 1;
1038 }
1039 PrintAndLog("\nNo Data Found!\n");
1040 }
1041 return 0;
1042 }
1043
1044 static command_t CommandTable[] =
1045 {
1046 {"help", CmdHelp, 1, "This help"},
1047 {"awid", CmdLFAWID, 1, "{ AWID RFIDs... }"},
1048 {"cotag", CmdLFCOTAG, 1, "{ COTAG CHIPs... }"},
1049 {"em", CmdLFEM4X, 1, "{ EM4X CHIPs & RFIDs... }"},
1050 {"fdx", CmdLFFdx, 1, "{ FDX-B RFIDs... }"},
1051 {"gproxii", CmdLF_G_Prox_II, 1, "{ G Prox II RFIDs... }"},
1052 {"hid", CmdLFHID, 1, "{ HID RFIDs... }"},
1053 {"hitag", CmdLFHitag, 1, "{ Hitag CHIPs... }"},
1054 {"io", CmdLFIO, 1, "{ ioProx RFIDs... }"},
1055 {"indala", CmdLFINDALA, 1, "{ Indala RFIDs... }"},
1056 {"nexwatch", CmdLFNexWatch, 1, "{ NexWatch RFIDs... }"},
1057 {"paradox", CmdLFParadox, 1, "{ Paradox RFIDs... }"},
1058 {"presco", CmdLFPresco, 1, "{ Presco RFIDs... }"},
1059 {"pcf7931", CmdLFPCF7931, 1, "{ PCF7931 CHIPs... }"},
1060 {"pyramid", CmdLFPyramid, 1, "{ Farpointe/Pyramid RFIDs... }"},
1061 {"t55xx", CmdLFT55XX, 1, "{ T55xx CHIPs... }"},
1062 {"ti", CmdLFTI, 1, "{ TI CHIPs... }"},
1063 {"viking", CmdLFViking, 1, "{ Viking RFIDs... }"},
1064 {"visa2000", CmdLFVisa2k, 1, "{ Visa2000 RFIDs... }"},
1065 {"cmdread", CmdLFCommandRead, 0, "<d period> <z period> <o period> <c command> ['H'] -- Modulate LF reader field to send command before read (all periods in microseconds) (option 'H' for 134)"},
1066 {"config", CmdLFSetConfig, 0, "Set config for LF sampling, bit/sample, decimation, frequency"},
1067 {"flexdemod", CmdFlexdemod, 1, "Demodulate samples for FlexPass"},
1068 {"read", CmdLFRead, 0, "['s' silent] Read 125/134 kHz LF ID-only tag. Do 'lf read h' for help"},
1069 {"search", CmdLFfind, 1, "[offline] ['u'] Read and Search for valid known tag (in offline mode it you can load first then search) - 'u' to search for unknown tags"},
1070 {"sim", CmdLFSim, 0, "[GAP] -- Simulate LF tag from buffer with optional GAP (in microseconds)"},
1071 {"simask", CmdLFaskSim, 0, "[clock] [invert <1|0>] [biphase/manchester/raw <'b'|'m'|'r'>] [msg separator 's'] [d <hexdata>] -- Simulate LF ASK tag from demodbuffer or input"},
1072 {"simfsk", CmdLFfskSim, 0, "[c <clock>] [i] [H <fcHigh>] [L <fcLow>] [d <hexdata>] -- Simulate LF FSK tag from demodbuffer or input"},
1073 {"simpsk", CmdLFpskSim, 0, "[1|2|3] [c <clock>] [i] [r <carrier>] [d <raw hex to sim>] -- Simulate LF PSK tag from demodbuffer or input"},
1074 {"simbidir", CmdLFSimBidir, 0, "Simulate LF tag (with bidirectional data transmission between reader and tag)"},
1075 {"snoop", CmdLFSnoop, 0, "['l'|'h'|<divisor>] [trigger threshold]-- Snoop LF (l:125khz, h:134khz)"},
1076 {"vchdemod", CmdVchDemod, 1, "['clone'] -- Demodulate samples for VeriChip"},
1077 {NULL, NULL, 0, NULL}
1078 };
1079
1080 int CmdLF(const char *Cmd)
1081 {
1082 CmdsParse(CommandTable, Cmd);
1083 return 0;
1084 }
1085
1086 int CmdHelp(const char *Cmd)
1087 {
1088 CmdsHelp(CommandTable);
1089 return 0;
1090 }
Proxmark3 GIT tracking
Impressum, Datenschutz