]> git.zerfleddert.de Git - proxmark3-svn/blob - client/cmdlf.c
Indala fixes - set accurate preamble and start of.. (#385)
[proxmark3-svn] / client / cmdlf.c
1 //-----------------------------------------------------------------------------
2 // Copyright (C) 2010 iZsh <izsh at fail0verflow.com>
3 //
4 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
5 // at your option, any later version. See the LICENSE.txt file for the text of
6 // the license.
7 //-----------------------------------------------------------------------------
8 // Low frequency commands
9 //-----------------------------------------------------------------------------
10
11 #include <stdio.h>
12 #include <stdlib.h>
13 #include <string.h>
14 #include <limits.h>
15 #include <stdbool.h>
16 #include <stdint.h>
17 #include "proxmark3.h"
18 #include "cmdlf.h"
19 #include "lfdemod.h" // for psk2TOpsk1
20 #include "util.h" // for parsing cli command utils
21 #include "ui.h" // for show graph controls
22 #include "graph.h" // for graph data
23 #include "cmdparser.h" // for getting cli commands included in cmdmain.h
24 #include "cmdmain.h" // for sending cmds to device
25 #include "data.h" // for GetFromBigBuf
26 #include "cmddata.h" // for `lf search`
27 #include "cmdlfawid.h" // for awid menu
28 #include "cmdlfem4x.h" // for em4x menu
29 #include "cmdlfhid.h" // for hid menu
30 #include "cmdlfhitag.h" // for hitag menu
31 #include "cmdlfio.h" // for ioprox menu
32 #include "cmdlft55xx.h" // for t55xx menu
33 #include "cmdlfti.h" // for ti menu
34 #include "cmdlfpresco.h" // for presco menu
35 #include "cmdlfpcf7931.h"// for pcf7931 menu
36 #include "cmdlfpyramid.h"// for pyramid menu
37 #include "cmdlfviking.h" // for viking menu
38 #include "cmdlfcotag.h" // for COTAG menu
39 #include "cmdlfvisa2000.h" // for VISA2000 menu
40 #include "cmdlfindala.h" // for indala menu
41 #include "cmdlfgproxii.h"// for gproxii menu
42 #include "cmdlffdx.h" // for fdx-b menu
43 #include "cmdlfparadox.h"// for paradox menu
44 #include "cmdlfnexwatch.h"//for nexwatch menu
45 #include "cmdlfjablotron.h" //for jablotron menu
46 #include "cmdlfnoralsy.h"// for noralsy menu
47 #include "cmdlfsecurakey.h"//for securakey menu
48 #include "cmdlfpac.h" // for pac menu
49
50 bool g_lf_threshold_set = false;
51 static int CmdHelp(const char *Cmd);
52
53
54
55 int usage_lf_cmdread(void)
56 {
57 PrintAndLog("Usage: lf cmdread d <delay period> z <zero period> o <one period> c <cmdbytes> [H] ");
58 PrintAndLog("Options: ");
59 PrintAndLog(" h This help");
60 PrintAndLog(" L Low frequency (125 KHz)");
61 PrintAndLog(" H High frequency (134 KHz)");
62 PrintAndLog(" d <delay> delay OFF period");
63 PrintAndLog(" z <zero> time period ZERO");
64 PrintAndLog(" o <one> time period ONE");
65 PrintAndLog(" c <cmd> Command bytes");
66 PrintAndLog(" ************* All periods in microseconds");
67 PrintAndLog("Examples:");
68 PrintAndLog(" lf cmdread d 80 z 100 o 200 c 11000");
69 PrintAndLog(" lf cmdread d 80 z 100 o 100 c 11000 H");
70 return 0;
71 }
72
73 /* send a command before reading */
74 int CmdLFCommandRead(const char *Cmd)
75 {
76 static char dummy[3] = {0x20,0x00,0x00};
77 UsbCommand c = {CMD_MOD_THEN_ACQUIRE_RAW_ADC_SAMPLES_125K};
78 bool errors = false;
79 //uint8_t divisor = 95; //125khz
80 uint8_t cmdp = 0;
81 while(param_getchar(Cmd, cmdp) != 0x00)
82 {
83 switch(param_getchar(Cmd, cmdp))
84 {
85 case 'h':
86 return usage_lf_cmdread();
87 case 'H':
88 //divisor = 88;
89 dummy[1]='h';
90 cmdp++;
91 break;
92 case 'L':
93 cmdp++;
94 break;
95 case 'c':
96 param_getstr(Cmd, cmdp+1, (char *)&c.d.asBytes);
97 cmdp+=2;
98 break;
99 case 'd':
100 c.arg[0] = param_get32ex(Cmd, cmdp+1, 0, 10);
101 cmdp+=2;
102 break;
103 case 'z':
104 c.arg[1] = param_get32ex(Cmd, cmdp+1, 0, 10);
105 cmdp+=2;
106 break;
107 case 'o':
108 c.arg[2] = param_get32ex(Cmd, cmdp+1, 0, 10);
109 cmdp+=2;
110 break;
111 default:
112 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
113 errors = 1;
114 break;
115 }
116 if(errors) break;
117 }
118 // No args
119 if(cmdp == 0) errors = 1;
120
121 //Validations
122 if(errors) return usage_lf_cmdread();
123
124 // in case they specified 'H'
125 strcpy((char *)&c.d.asBytes + strlen((char *)c.d.asBytes), dummy);
126
127 clearCommandBuffer();
128 SendCommand(&c);
129 return 0;
130 }
131
132 int CmdFlexdemod(const char *Cmd)
133 {
134 int i;
135 for (i = 0; i < GraphTraceLen; ++i) {
136 if (GraphBuffer[i] < 0) {
137 GraphBuffer[i] = -1;
138 } else {
139 GraphBuffer[i] = 1;
140 }
141 }
142
143 #define LONG_WAIT 100
144 int start;
145 for (start = 0; start < GraphTraceLen - LONG_WAIT; start++) {
146 int first = GraphBuffer[start];
147 for (i = start; i < start + LONG_WAIT; i++) {
148 if (GraphBuffer[i] != first) {
149 break;
150 }
151 }
152 if (i == (start + LONG_WAIT)) {
153 break;
154 }
155 }
156 if (start == GraphTraceLen - LONG_WAIT) {
157 PrintAndLog("nothing to wait for");
158 return 0;
159 }
160
161 GraphBuffer[start] = 2;
162 GraphBuffer[start+1] = -2;
163 uint8_t bits[64] = {0x00};
164
165 int bit, sum;
166 i = start;
167 for (bit = 0; bit < 64; bit++) {
168 sum = 0;
169 for (int j = 0; j < 16; j++) {
170 sum += GraphBuffer[i++];
171 }
172
173 bits[bit] = (sum > 0) ? 1 : 0;
174
175 PrintAndLog("bit %d sum %d", bit, sum);
176 }
177
178 for (bit = 0; bit < 64; bit++) {
179 int j;
180 int sum = 0;
181 for (j = 0; j < 16; j++) {
182 sum += GraphBuffer[i++];
183 }
184 if (sum > 0 && bits[bit] != 1) {
185 PrintAndLog("oops1 at %d", bit);
186 }
187 if (sum < 0 && bits[bit] != 0) {
188 PrintAndLog("oops2 at %d", bit);
189 }
190 }
191
192 // HACK writing back to graphbuffer.
193 GraphTraceLen = 32*64;
194 i = 0;
195 int phase = 0;
196 for (bit = 0; bit < 64; bit++) {
197
198 phase = (bits[bit] == 0) ? 0 : 1;
199
200 int j;
201 for (j = 0; j < 32; j++) {
202 GraphBuffer[i++] = phase;
203 phase = !phase;
204 }
205 }
206
207 RepaintGraphWindow();
208 return 0;
209 }
210
211 int usage_lf_read(void)
212 {
213 PrintAndLog("Usage: lf read");
214 PrintAndLog("Options: ");
215 PrintAndLog(" h This help");
216 PrintAndLog(" s silent run no printout");
217 PrintAndLog(" [# samples] # samples to collect (optional)");
218 PrintAndLog("Use 'lf config' to set parameters.");
219 return 0;
220 }
221 int usage_lf_snoop(void)
222 {
223 PrintAndLog("Usage: lf snoop");
224 PrintAndLog("Options: ");
225 PrintAndLog(" h This help");
226 PrintAndLog("This function takes no arguments. ");
227 PrintAndLog("Use 'lf config' to set parameters.");
228 return 0;
229 }
230
231 int usage_lf_config(void)
232 {
233 PrintAndLog("Usage: lf config [H|<divisor>] [b <bps>] [d <decim>] [a 0|1]");
234 PrintAndLog("Options: ");
235 PrintAndLog(" h This help");
236 PrintAndLog(" L Low frequency (125 KHz)");
237 PrintAndLog(" H High frequency (134 KHz)");
238 PrintAndLog(" q <divisor> Manually set divisor. 88-> 134KHz, 95-> 125 Hz");
239 PrintAndLog(" b <bps> Sets resolution of bits per sample. Default (max): 8");
240 PrintAndLog(" d <decim> Sets decimation. A value of N saves only 1 in N samples. Default: 1");
241 PrintAndLog(" a [0|1] Averaging - if set, will average the stored sample value when decimating. Default: 1");
242 PrintAndLog(" t <threshold> Sets trigger threshold. 0 means no threshold (range: 0-128)");
243 PrintAndLog("Examples:");
244 PrintAndLog(" lf config b 8 L");
245 PrintAndLog(" Samples at 125KHz, 8bps.");
246 PrintAndLog(" lf config H b 4 d 3");
247 PrintAndLog(" Samples at 134KHz, averages three samples into one, stored with ");
248 PrintAndLog(" a resolution of 4 bits per sample.");
249 PrintAndLog(" lf read");
250 PrintAndLog(" Performs a read (active field)");
251 PrintAndLog(" lf snoop");
252 PrintAndLog(" Performs a snoop (no active field)");
253 return 0;
254 }
255
256 int CmdLFSetConfig(const char *Cmd)
257 {
258
259 uint8_t divisor = 0;//Frequency divisor
260 uint8_t bps = 0; // Bits per sample
261 uint8_t decimation = 0; //How many to keep
262 bool averaging = 1; // Defaults to true
263 bool errors = false;
264 int trigger_threshold =-1;//Means no change
265 uint8_t unsigned_trigg = 0;
266
267 uint8_t cmdp =0;
268 while(param_getchar(Cmd, cmdp) != 0x00)
269 {
270 switch(param_getchar(Cmd, cmdp))
271 {
272 case 'h':
273 return usage_lf_config();
274 case 'H':
275 divisor = 88;
276 cmdp++;
277 break;
278 case 'L':
279 divisor = 95;
280 cmdp++;
281 break;
282 case 'q':
283 errors |= param_getdec(Cmd,cmdp+1,&divisor);
284 cmdp+=2;
285 break;
286 case 't':
287 errors |= param_getdec(Cmd,cmdp+1,&unsigned_trigg);
288 cmdp+=2;
289 if(!errors) {
290 trigger_threshold = unsigned_trigg;
291 if (trigger_threshold > 0) g_lf_threshold_set = true;
292 }
293 break;
294 case 'b':
295 errors |= param_getdec(Cmd,cmdp+1,&bps);
296 cmdp+=2;
297 break;
298 case 'd':
299 errors |= param_getdec(Cmd,cmdp+1,&decimation);
300 cmdp+=2;
301 break;
302 case 'a':
303 averaging = param_getchar(Cmd,cmdp+1) == '1';
304 cmdp+=2;
305 break;
306 default:
307 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
308 errors = 1;
309 break;
310 }
311 if(errors) break;
312 }
313 if(cmdp == 0)
314 {
315 errors = 1;// No args
316 }
317
318 //Validations
319 if(errors)
320 {
321 return usage_lf_config();
322 }
323 //Bps is limited to 8, so fits in lower half of arg1
324 if(bps >> 4) bps = 8;
325
326 sample_config config = {
327 decimation,bps,averaging,divisor,trigger_threshold
328 };
329 //Averaging is a flag on high-bit of arg[1]
330 UsbCommand c = {CMD_SET_LF_SAMPLING_CONFIG};
331 memcpy(c.d.asBytes,&config,sizeof(sample_config));
332 clearCommandBuffer();
333 SendCommand(&c);
334 return 0;
335 }
336
337 bool lf_read(bool silent, uint32_t samples) {
338 if (offline) return false;
339 UsbCommand c = {CMD_ACQUIRE_RAW_ADC_SAMPLES_125K, {silent,samples,0}};
340 clearCommandBuffer();
341 //And ship it to device
342 SendCommand(&c);
343
344 UsbCommand resp;
345 if (g_lf_threshold_set) {
346 WaitForResponse(CMD_ACK,&resp);
347 } else {
348 if ( !WaitForResponseTimeout(CMD_ACK,&resp,2500) ) {
349 PrintAndLog("command execution time out");
350 return false;
351 }
352 }
353 // resp.arg[0] is bits read not bytes read.
354 getSamples(resp.arg[0]/8, silent);
355
356 return true;
357 }
358
359 int CmdLFRead(const char *Cmd)
360 {
361 uint8_t cmdp = 0;
362 bool silent = false;
363 if (param_getchar(Cmd, cmdp) == 'h')
364 {
365 return usage_lf_read();
366 }
367 if (param_getchar(Cmd, cmdp) == 's') {
368 silent = true; //suppress print
369 cmdp++;
370 }
371 uint32_t samples = param_get32ex(Cmd, cmdp, 0, 10);
372 return lf_read(silent, samples);
373 }
374
375 int CmdLFSnoop(const char *Cmd)
376 {
377 uint8_t cmdp =0;
378 if(param_getchar(Cmd, cmdp) == 'h')
379 {
380 return usage_lf_snoop();
381 }
382
383 UsbCommand c = {CMD_LF_SNOOP_RAW_ADC_SAMPLES};
384 clearCommandBuffer();
385 SendCommand(&c);
386 WaitForResponse(CMD_ACK,NULL);
387 getSamples(0, true);
388
389 return 0;
390 }
391
392 static void ChkBitstream(const char *str)
393 {
394 int i;
395
396 /* convert to bitstream if necessary */
397 for (i = 0; i < (int)(GraphTraceLen / 2); i++){
398 if (GraphBuffer[i] > 1 || GraphBuffer[i] < 0) {
399 CmdGetBitStream("");
400 break;
401 }
402 }
403 }
404 //Attempt to simulate any wave in buffer (one bit per output sample)
405 // converts GraphBuffer to bitstream (based on zero crossings) if needed.
406 int CmdLFSim(const char *Cmd)
407 {
408 int i,j;
409 static int gap;
410
411 sscanf(Cmd, "%i", &gap);
412
413 // convert to bitstream if necessary
414
415 ChkBitstream(Cmd);
416
417 //can send only 512 bits at a time (1 byte sent per bit...)
418 printf("Sending [%d bytes]", GraphTraceLen);
419 for (i = 0; i < GraphTraceLen; i += USB_CMD_DATA_SIZE) {
420 UsbCommand c={CMD_DOWNLOADED_SIM_SAMPLES_125K, {i, 0, 0}};
421
422 for (j = 0; j < USB_CMD_DATA_SIZE; j++) {
423 c.d.asBytes[j] = GraphBuffer[i+j];
424 }
425 SendCommand(&c);
426 WaitForResponse(CMD_ACK,NULL);
427 printf(".");
428 }
429
430 printf("\n");
431 PrintAndLog("Starting to simulate");
432 UsbCommand c = {CMD_SIMULATE_TAG_125K, {GraphTraceLen, gap, 0}};
433 clearCommandBuffer();
434 SendCommand(&c);
435 return 0;
436 }
437
438 int usage_lf_simfsk(void)
439 {
440 //print help
441 PrintAndLog("Usage: lf simfsk [c <clock>] [i] [H <fcHigh>] [L <fcLow>] [d <hexdata>]");
442 PrintAndLog("Options: ");
443 PrintAndLog(" h This help");
444 PrintAndLog(" c <clock> Manually set clock - can autodetect if using DemodBuffer");
445 PrintAndLog(" i invert data");
446 PrintAndLog(" H <fcHigh> Manually set the larger Field Clock");
447 PrintAndLog(" L <fcLow> Manually set the smaller Field Clock");
448 //PrintAndLog(" s TBD- -to enable a gap between playback repetitions - default: no gap");
449 PrintAndLog(" d <hexdata> Data to sim as hex - omit to sim from DemodBuffer");
450 PrintAndLog("\n NOTE: if you set one clock manually set them all manually");
451 return 0;
452 }
453
454 int usage_lf_simask(void)
455 {
456 //print help
457 PrintAndLog("Usage: lf simask [c <clock>] [i] [b|m|r] [s] [d <raw hex to sim>]");
458 PrintAndLog("Options: ");
459 PrintAndLog(" h This help");
460 PrintAndLog(" c <clock> Manually set clock - can autodetect if using DemodBuffer");
461 PrintAndLog(" i invert data");
462 PrintAndLog(" b sim ask/biphase");
463 PrintAndLog(" m sim ask/manchester - Default");
464 PrintAndLog(" r sim ask/raw");
465 PrintAndLog(" s add t55xx Sequence Terminator gap - default: no gaps (only manchester)");
466 PrintAndLog(" d <hexdata> Data to sim as hex - omit to sim from DemodBuffer");
467 return 0;
468 }
469
470 int usage_lf_simpsk(void)
471 {
472 //print help
473 PrintAndLog("Usage: lf simpsk [1|2|3] [c <clock>] [i] [r <carrier>] [d <raw hex to sim>]");
474 PrintAndLog("Options: ");
475 PrintAndLog(" h This help");
476 PrintAndLog(" c <clock> Manually set clock - can autodetect if using DemodBuffer");
477 PrintAndLog(" i invert data");
478 PrintAndLog(" 1 set PSK1 (default)");
479 PrintAndLog(" 2 set PSK2");
480 PrintAndLog(" 3 set PSK3");
481 PrintAndLog(" r <carrier> 2|4|8 are valid carriers: default = 2");
482 PrintAndLog(" d <hexdata> Data to sim as hex - omit to sim from DemodBuffer");
483 return 0;
484 }
485
486 // by marshmellow - sim fsk data given clock, fcHigh, fcLow, invert
487 // - allow pull data from DemodBuffer
488 int CmdLFfskSim(const char *Cmd)
489 {
490 //might be able to autodetect FCs and clock from Graphbuffer if using demod buffer
491 // otherwise will need FChigh, FClow, Clock, and bitstream
492 uint8_t fcHigh=0, fcLow=0, clk=0;
493 uint8_t invert=0;
494 bool errors = false;
495 char hexData[32] = {0x00}; // store entered hex data
496 uint8_t data[255] = {0x00};
497 int dataLen = 0;
498 uint8_t cmdp = 0;
499 while(param_getchar(Cmd, cmdp) != 0x00)
500 {
501 switch(param_getchar(Cmd, cmdp))
502 {
503 case 'h':
504 return usage_lf_simfsk();
505 case 'i':
506 invert = 1;
507 cmdp++;
508 break;
509 case 'c':
510 errors |= param_getdec(Cmd,cmdp+1,&clk);
511 cmdp+=2;
512 break;
513 case 'H':
514 errors |= param_getdec(Cmd,cmdp+1,&fcHigh);
515 cmdp+=2;
516 break;
517 case 'L':
518 errors |= param_getdec(Cmd,cmdp+1,&fcLow);
519 cmdp+=2;
520 break;
521 //case 's':
522 // separator=1;
523 // cmdp++;
524 // break;
525 case 'd':
526 dataLen = param_getstr(Cmd, cmdp+1, hexData);
527 if (dataLen==0) {
528 errors=true;
529 } else {
530 dataLen = hextobinarray((char *)data, hexData);
531 }
532 if (dataLen==0) errors=true;
533 if (errors) PrintAndLog ("Error getting hex data");
534 cmdp+=2;
535 break;
536 default:
537 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
538 errors = true;
539 break;
540 }
541 if(errors) break;
542 }
543 if(cmdp == 0 && DemodBufferLen == 0)
544 {
545 errors = true;// No args
546 }
547
548 //Validations
549 if(errors)
550 {
551 return usage_lf_simfsk();
552 }
553 int firstClockEdge = 0;
554 if (dataLen == 0){ //using DemodBuffer
555 if (clk==0 || fcHigh==0 || fcLow==0){ //manual settings must set them all
556 uint8_t ans = fskClocks(&fcHigh, &fcLow, &clk, 0, &firstClockEdge);
557 if (ans==0){
558 if (!fcHigh) fcHigh=10;
559 if (!fcLow) fcLow=8;
560 if (!clk) clk=50;
561 }
562 }
563 } else {
564 setDemodBuf(data, dataLen, 0);
565 }
566
567 //default if not found
568 if (clk == 0) clk = 50;
569 if (fcHigh == 0) fcHigh = 10;
570 if (fcLow == 0) fcLow = 8;
571
572 uint16_t arg1, arg2;
573 arg1 = fcHigh << 8 | fcLow;
574 arg2 = invert << 8 | clk;
575 size_t size = DemodBufferLen;
576 if (size > USB_CMD_DATA_SIZE) {
577 PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
578 size = USB_CMD_DATA_SIZE;
579 }
580 UsbCommand c = {CMD_FSK_SIM_TAG, {arg1, arg2, size}};
581
582 memcpy(c.d.asBytes, DemodBuffer, size);
583 clearCommandBuffer();
584 SendCommand(&c);
585 return 0;
586 }
587
588 // by marshmellow - sim ask data given clock, invert, manchester or raw, separator
589 // - allow pull data from DemodBuffer
590 int CmdLFaskSim(const char *Cmd)
591 {
592 //autodetect clock from Graphbuffer if using demod buffer
593 // needs clock, invert, manchester/raw as m or r, separator as s, and bitstream
594 uint8_t encoding = 1, separator = 0;
595 uint8_t clk=0, invert=0;
596 bool errors = false;
597 char hexData[32] = {0x00};
598 uint8_t data[255]= {0x00}; // store entered hex data
599 int dataLen = 0;
600 uint8_t cmdp = 0;
601 while(param_getchar(Cmd, cmdp) != 0x00)
602 {
603 switch(param_getchar(Cmd, cmdp))
604 {
605 case 'h':
606 return usage_lf_simask();
607 case 'i':
608 invert = 1;
609 cmdp++;
610 break;
611 case 'c':
612 errors |= param_getdec(Cmd,cmdp+1,&clk);
613 cmdp+=2;
614 break;
615 case 'b':
616 encoding=2; //biphase
617 cmdp++;
618 break;
619 case 'm':
620 encoding=1;
621 cmdp++;
622 break;
623 case 'r':
624 encoding=0;
625 cmdp++;
626 break;
627 case 's':
628 separator=1;
629 cmdp++;
630 break;
631 case 'd':
632 dataLen = param_getstr(Cmd, cmdp+1, hexData);
633 if (dataLen==0) {
634 errors=true;
635 } else {
636 dataLen = hextobinarray((char *)data, hexData);
637 }
638 if (dataLen==0) errors=true;
639 if (errors) PrintAndLog ("Error getting hex data, datalen: %d",dataLen);
640 cmdp+=2;
641 break;
642 default:
643 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
644 errors = true;
645 break;
646 }
647 if(errors) break;
648 }
649 if(cmdp == 0 && DemodBufferLen == 0)
650 {
651 errors = true;// No args
652 }
653
654 //Validations
655 if(errors)
656 {
657 return usage_lf_simask();
658 }
659 if (dataLen == 0){ //using DemodBuffer
660 if (clk == 0) clk = GetAskClock("0", false, false);
661 } else {
662 setDemodBuf(data, dataLen, 0);
663 }
664 if (clk == 0) clk = 64;
665 if (encoding == 0) clk = clk/2; //askraw needs to double the clock speed
666 uint16_t arg1, arg2;
667 size_t size=DemodBufferLen;
668 arg1 = clk << 8 | encoding;
669 arg2 = invert << 8 | separator;
670 if (size > USB_CMD_DATA_SIZE) {
671 PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
672 size = USB_CMD_DATA_SIZE;
673 }
674 UsbCommand c = {CMD_ASK_SIM_TAG, {arg1, arg2, size}};
675 PrintAndLog("preparing to sim ask data: %d bits", size);
676 memcpy(c.d.asBytes, DemodBuffer, size);
677 clearCommandBuffer();
678 SendCommand(&c);
679 return 0;
680 }
681
682 // by marshmellow - sim psk data given carrier, clock, invert
683 // - allow pull data from DemodBuffer or parameters
684 int CmdLFpskSim(const char *Cmd)
685 {
686 //might be able to autodetect FC and clock from Graphbuffer if using demod buffer
687 //will need carrier, Clock, and bitstream
688 uint8_t carrier=0, clk=0;
689 uint8_t invert=0;
690 bool errors = false;
691 char hexData[32] = {0x00}; // store entered hex data
692 uint8_t data[255] = {0x00};
693 int dataLen = 0;
694 uint8_t cmdp = 0;
695 uint8_t pskType = 1;
696 while(param_getchar(Cmd, cmdp) != 0x00)
697 {
698 switch(param_getchar(Cmd, cmdp))
699 {
700 case 'h':
701 return usage_lf_simpsk();
702 case 'i':
703 invert = 1;
704 cmdp++;
705 break;
706 case 'c':
707 errors |= param_getdec(Cmd,cmdp+1,&clk);
708 cmdp+=2;
709 break;
710 case 'r':
711 errors |= param_getdec(Cmd,cmdp+1,&carrier);
712 cmdp+=2;
713 break;
714 case '1':
715 pskType=1;
716 cmdp++;
717 break;
718 case '2':
719 pskType=2;
720 cmdp++;
721 break;
722 case '3':
723 pskType=3;
724 cmdp++;
725 break;
726 case 'd':
727 dataLen = param_getstr(Cmd, cmdp+1, hexData);
728 if (dataLen==0) {
729 errors=true;
730 } else {
731 dataLen = hextobinarray((char *)data, hexData);
732 }
733 if (dataLen==0) errors=true;
734 if (errors) PrintAndLog ("Error getting hex data");
735 cmdp+=2;
736 break;
737 default:
738 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
739 errors = true;
740 break;
741 }
742 if (errors) break;
743 }
744 if (cmdp == 0 && DemodBufferLen == 0)
745 {
746 errors = true;// No args
747 }
748
749 //Validations
750 if (errors)
751 {
752 return usage_lf_simpsk();
753 }
754 if (dataLen == 0){ //using DemodBuffer
755 PrintAndLog("Getting Clocks");
756 if (clk==0) clk = GetPskClock("", false, false);
757 PrintAndLog("clk: %d",clk);
758 if (!carrier) carrier = GetPskCarrier("", false, false);
759 PrintAndLog("carrier: %d", carrier);
760 } else {
761 setDemodBuf(data, dataLen, 0);
762 }
763
764 if (clk <= 0) clk = 32;
765 if (carrier == 0) carrier = 2;
766 if (pskType != 1){
767 if (pskType == 2){
768 //need to convert psk2 to psk1 data before sim
769 psk2TOpsk1(DemodBuffer, DemodBufferLen);
770 } else {
771 PrintAndLog("Sorry, PSK3 not yet available");
772 }
773 }
774 uint16_t arg1, arg2;
775 arg1 = clk << 8 | carrier;
776 arg2 = invert;
777 size_t size=DemodBufferLen;
778 if (size > USB_CMD_DATA_SIZE) {
779 PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
780 size=USB_CMD_DATA_SIZE;
781 }
782 UsbCommand c = {CMD_PSK_SIM_TAG, {arg1, arg2, size}};
783 PrintAndLog("DEBUG: Sending DemodBuffer Length: %d", size);
784 memcpy(c.d.asBytes, DemodBuffer, size);
785 clearCommandBuffer();
786 SendCommand(&c);
787
788 return 0;
789 }
790
791 int CmdLFSimBidir(const char *Cmd)
792 {
793 // Set ADC to twice the carrier for a slight supersampling
794 // HACK: not implemented in ARMSRC.
795 PrintAndLog("Not implemented yet.");
796 UsbCommand c = {CMD_LF_SIMULATE_BIDIR, {47, 384, 0}};
797 SendCommand(&c);
798 return 0;
799 }
800
801 int CmdVchDemod(const char *Cmd)
802 {
803 // Is this the entire sync pattern, or does this also include some
804 // data bits that happen to be the same everywhere? That would be
805 // lovely to know.
806 static const int SyncPattern[] = {
807 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
808 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
809 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
810 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
811 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
812 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
813 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
814 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
815 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
816 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
817 };
818
819 // So first, we correlate for the sync pattern, and mark that.
820 int bestCorrel = 0, bestPos = 0;
821 int i;
822 // It does us no good to find the sync pattern, with fewer than
823 // 2048 samples after it...
824 for (i = 0; i < (GraphTraceLen-2048); i++) {
825 int sum = 0;
826 int j;
827 for (j = 0; j < arraylen(SyncPattern); j++) {
828 sum += GraphBuffer[i+j]*SyncPattern[j];
829 }
830 if (sum > bestCorrel) {
831 bestCorrel = sum;
832 bestPos = i;
833 }
834 }
835 PrintAndLog("best sync at %d [metric %d]", bestPos, bestCorrel);
836
837 char bits[257];
838 bits[256] = '\0';
839
840 int worst = INT_MAX;
841 int worstPos = 0;
842
843 for (i = 0; i < 2048; i += 8) {
844 int sum = 0;
845 int j;
846 for (j = 0; j < 8; j++) {
847 sum += GraphBuffer[bestPos+i+j];
848 }
849 if (sum < 0) {
850 bits[i/8] = '.';
851 } else {
852 bits[i/8] = '1';
853 }
854 if(abs(sum) < worst) {
855 worst = abs(sum);
856 worstPos = i;
857 }
858 }
859 PrintAndLog("bits:");
860 PrintAndLog("%s", bits);
861 PrintAndLog("worst metric: %d at pos %d", worst, worstPos);
862
863 if (strcmp(Cmd, "clone")==0) {
864 GraphTraceLen = 0;
865 char *s;
866 for(s = bits; *s; s++) {
867 int j;
868 for(j = 0; j < 16; j++) {
869 GraphBuffer[GraphTraceLen++] = (*s == '1') ? 1 : 0;
870 }
871 }
872 RepaintGraphWindow();
873 }
874 return 0;
875 }
876
877
878 //by marshmellow
879 int CheckChipType(char cmdp) {
880 uint32_t wordData = 0;
881
882 if (offline || cmdp == '1') return 0;
883
884 save_restoreGB(GRAPH_SAVE);
885 save_restoreDB(GRAPH_SAVE);
886 //check for em4x05/em4x69 chips first
887 if (EM4x05Block0Test(&wordData)) {
888 PrintAndLog("\nValid EM4x05/EM4x69 Chip Found\nTry lf em 4x05... commands\n");
889 save_restoreGB(GRAPH_RESTORE);
890 save_restoreDB(GRAPH_RESTORE);
891 return 1;
892 }
893
894 //check for t55xx chip...
895 if (tryDetectP1(true)) {
896 PrintAndLog("\nValid T55xx Chip Found\nTry lf t55xx ... commands\n");
897 save_restoreGB(GRAPH_RESTORE);
898 save_restoreDB(GRAPH_RESTORE);
899 return 1;
900 }
901 save_restoreGB(GRAPH_RESTORE);
902 save_restoreDB(GRAPH_RESTORE);
903 return 0;
904 }
905
906 //by marshmellow
907 int CmdLFfind(const char *Cmd)
908 {
909 uint32_t wordData = 0;
910 int ans=0;
911 size_t minLength = 1000;
912 char cmdp = param_getchar(Cmd, 0);
913 char testRaw = param_getchar(Cmd, 1);
914 if (strlen(Cmd) > 3 || cmdp == 'h' || cmdp == 'H') {
915 PrintAndLog("Usage: lf search <0|1> [u]");
916 PrintAndLog(" <use data from Graphbuffer> , if not set, try reading data from tag.");
917 PrintAndLog(" [Search for Unknown tags] , if not set, reads only known tags.");
918 PrintAndLog("");
919 PrintAndLog(" sample: lf search = try reading data from tag & search for known tags");
920 PrintAndLog(" : lf search 1 = use data from GraphBuffer & search for known tags");
921 PrintAndLog(" : lf search u = try reading data from tag & search for known and unknown tags");
922 PrintAndLog(" : lf search 1 u = use data from GraphBuffer & search for known and unknown tags");
923
924 return 0;
925 }
926
927 if (!offline && (cmdp != '1')) {
928 lf_read(true, 30000);
929 } else if (GraphTraceLen < minLength) {
930 PrintAndLog("Data in Graphbuffer was too small.");
931 return 0;
932 }
933 if (cmdp == 'u' || cmdp == 'U') testRaw = 'u';
934
935 PrintAndLog("NOTE: some demods output possible binary\n if it finds something that looks like a tag");
936 PrintAndLog("False Positives ARE possible\n");
937 PrintAndLog("\nChecking for known tags:\n");
938
939 size_t testLen = minLength;
940 // only run if graphbuffer is just noise as it should be for hitag/cotag
941 if (graphJustNoise(GraphBuffer, testLen)) {
942 // only run these tests if we are in online mode
943 if (!offline && (cmdp != '1')) {
944 // test for em4x05 in reader talk first mode.
945 if (EM4x05Block0Test(&wordData)) {
946 PrintAndLog("\nValid EM4x05/EM4x69 Chip Found\nUse lf em 4x05readword/dump commands to read\n");
947 return 1;
948 }
949 ans=CmdLFHitagReader("26");
950 if (ans==0) {
951 return 1;
952 }
953 ans=CmdCOTAGRead("");
954 if (ans>0) {
955 PrintAndLog("\nValid COTAG ID Found!");
956 return 1;
957 }
958 }
959 return 0;
960 }
961
962 // TODO test for modulation then only test formats that use that modulation
963
964 ans=CmdFSKdemodIO("");
965 if (ans>0) {
966 PrintAndLog("\nValid IO Prox ID Found!");
967 return CheckChipType(cmdp);
968 }
969
970 ans=CmdFSKdemodPyramid("");
971 if (ans>0) {
972 PrintAndLog("\nValid Pyramid ID Found!");
973 return CheckChipType(cmdp);
974 }
975
976 ans=CmdFSKdemodParadox("");
977 if (ans>0) {
978 PrintAndLog("\nValid Paradox ID Found!");
979 return CheckChipType(cmdp);
980 }
981
982 ans=CmdFSKdemodAWID("");
983 if (ans>0) {
984 PrintAndLog("\nValid AWID ID Found!");
985 return CheckChipType(cmdp);
986 }
987
988 ans=CmdFSKdemodHID("");
989 if (ans>0) {
990 PrintAndLog("\nValid HID Prox ID Found!");
991 return CheckChipType(cmdp);
992 }
993
994 ans=CmdAskEM410xDemod("");
995 if (ans>0) {
996 PrintAndLog("\nValid EM410x ID Found!");
997 return CheckChipType(cmdp);
998 }
999
1000 ans=CmdVisa2kDemod("");
1001 if (ans>0) {
1002 PrintAndLog("\nValid Visa2000 ID Found!");
1003 return CheckChipType(cmdp);
1004 }
1005
1006 ans=CmdG_Prox_II_Demod("");
1007 if (ans>0) {
1008 PrintAndLog("\nValid G Prox II ID Found!");
1009 return CheckChipType(cmdp);
1010 }
1011
1012 ans=CmdFdxDemod(""); //biphase
1013 if (ans>0) {
1014 PrintAndLog("\nValid FDX-B ID Found!");
1015 return CheckChipType(cmdp);
1016 }
1017
1018 ans=EM4x50Read("", false); //ask
1019 if (ans>0) {
1020 PrintAndLog("\nValid EM4x50 ID Found!");
1021 return 1;
1022 }
1023
1024 ans=CmdJablotronDemod("");
1025 if (ans>0) {
1026 PrintAndLog("\nValid Jablotron ID Found!");
1027 return CheckChipType(cmdp);
1028 }
1029
1030 ans=CmdNoralsyDemod("");
1031 if (ans>0) {
1032 PrintAndLog("\nValid Noralsy ID Found!");
1033 return CheckChipType(cmdp);
1034 }
1035
1036 ans=CmdSecurakeyDemod("");
1037 if (ans>0) {
1038 PrintAndLog("\nValid Securakey ID Found!");
1039 return CheckChipType(cmdp);
1040 }
1041
1042 ans=CmdVikingDemod("");
1043 if (ans>0) {
1044 PrintAndLog("\nValid Viking ID Found!");
1045 return CheckChipType(cmdp);
1046 }
1047
1048 ans=CmdIndalaDecode(""); //psk
1049 if (ans>0) {
1050 PrintAndLog("\nValid Indala ID Found!");
1051 return CheckChipType(cmdp);
1052 }
1053
1054 ans=CmdPSKNexWatch("");
1055 if (ans>0) {
1056 PrintAndLog("\nValid NexWatch ID Found!");
1057 return CheckChipType(cmdp);
1058 }
1059
1060 ans=CmdPacDemod("");
1061 if (ans>0) {
1062 PrintAndLog("\nValid PAC/Stanley ID Found!");
1063 return CheckChipType(cmdp);
1064 }
1065
1066 PrintAndLog("\nNo Known Tags Found!\n");
1067 if (testRaw=='u' || testRaw=='U') {
1068 //ans=CheckChipType(cmdp);
1069 //test unknown tag formats (raw mode)0
1070 PrintAndLog("\nChecking for Unknown tags:\n");
1071 ans=AutoCorrelate(GraphBuffer, GraphBuffer, GraphTraceLen, 4000, false, false);
1072 if (ans > 0) PrintAndLog("Possible Auto Correlation of %d repeating samples",ans);
1073 ans=GetFskClock("",false,false);
1074 if (ans != 0) { //fsk
1075 ans=FSKrawDemod("",true);
1076 if (ans>0) {
1077 PrintAndLog("\nUnknown FSK Modulated Tag Found!");
1078 return CheckChipType(cmdp);
1079 }
1080 }
1081 bool st = true;
1082 ans=ASKDemod_ext("0 0 0",true,false,1,&st);
1083 if (ans>0) {
1084 PrintAndLog("\nUnknown ASK Modulated and Manchester encoded Tag Found!");
1085 PrintAndLog("\nif it does not look right it could instead be ASK/Biphase - try 'data rawdemod ab'");
1086 return CheckChipType(cmdp);
1087 }
1088 ans=CmdPSK1rawDemod("");
1089 if (ans>0) {
1090 PrintAndLog("Possible unknown PSK1 Modulated Tag Found above!\n\nCould also be PSK2 - try 'data rawdemod p2'");
1091 PrintAndLog("\nCould also be PSK3 - [currently not supported]");
1092 PrintAndLog("\nCould also be NRZ - try 'data rawdemod nr'");
1093 return CheckChipType(cmdp);
1094 }
1095 ans = CheckChipType(cmdp);
1096 PrintAndLog("\nNo Data Found!\n");
1097 }
1098 return 0;
1099 }
1100
1101 static command_t CommandTable[] =
1102 {
1103 {"help", CmdHelp, 1, "This help"},
1104 {"awid", CmdLFAWID, 1, "{ AWID RFIDs... }"},
1105 {"cotag", CmdLFCOTAG, 1, "{ COTAG CHIPs... }"},
1106 {"em", CmdLFEM4X, 1, "{ EM4X CHIPs & RFIDs... }"},
1107 {"fdx", CmdLFFdx, 1, "{ FDX-B RFIDs... }"},
1108 {"gproxii", CmdLF_G_Prox_II, 1, "{ G Prox II RFIDs... }"},
1109 {"hid", CmdLFHID, 1, "{ HID RFIDs... }"},
1110 {"hitag", CmdLFHitag, 1, "{ Hitag CHIPs... }"},
1111 {"io", CmdLFIO, 1, "{ ioProx RFIDs... }"},
1112 {"indala", CmdLFINDALA, 1, "{ Indala RFIDs... }"},
1113 {"jablotron", CmdLFJablotron, 1, "{ Jablotron RFIDs... }"},
1114 {"nexwatch", CmdLFNexWatch, 1, "{ NexWatch RFIDs... }"},
1115 {"noralsy", CmdLFNoralsy, 1, "{ Noralsy RFIDs... }"},
1116 {"pac", CmdLFPac, 1, "{ PAC/Stanley RFIDs... }"},
1117 {"paradox", CmdLFParadox, 1, "{ Paradox RFIDs... }"},
1118 {"presco", CmdLFPresco, 1, "{ Presco RFIDs... }"},
1119 {"pcf7931", CmdLFPCF7931, 1, "{ PCF7931 CHIPs... }"},
1120 {"pyramid", CmdLFPyramid, 1, "{ Farpointe/Pyramid RFIDs... }"},
1121 {"securakey", CmdLFSecurakey, 1, "{ Securakey RFIDs... }"},
1122 {"t55xx", CmdLFT55XX, 1, "{ T55xx CHIPs... }"},
1123 {"ti", CmdLFTI, 1, "{ TI CHIPs... }"},
1124 {"viking", CmdLFViking, 1, "{ Viking RFIDs... }"},
1125 {"visa2000", CmdLFVisa2k, 1, "{ Visa2000 RFIDs... }"},
1126 {"cmdread", CmdLFCommandRead, 0, "<d period> <z period> <o period> <c command> ['H'] -- Modulate LF reader field to send command before read (all periods in microseconds) (option 'H' for 134)"},
1127 {"config", CmdLFSetConfig, 0, "Set config for LF sampling, bit/sample, decimation, frequency"},
1128 {"flexdemod", CmdFlexdemod, 1, "Demodulate samples for FlexPass"},
1129 {"read", CmdLFRead, 0, "['s' silent] Read 125/134 kHz LF ID-only tag. Do 'lf read h' for help"},
1130 {"search", CmdLFfind, 1, "[offline] ['u'] Read and Search for valid known tag (in offline mode it you can load first then search) - 'u' to search for unknown tags"},
1131 {"sim", CmdLFSim, 0, "[GAP] -- Simulate LF tag from buffer with optional GAP (in microseconds)"},
1132 {"simask", CmdLFaskSim, 0, "[clock] [invert <1|0>] [biphase/manchester/raw <'b'|'m'|'r'>] [msg separator 's'] [d <hexdata>] -- Simulate LF ASK tag from demodbuffer or input"},
1133 {"simfsk", CmdLFfskSim, 0, "[c <clock>] [i] [H <fcHigh>] [L <fcLow>] [d <hexdata>] -- Simulate LF FSK tag from demodbuffer or input"},
1134 {"simpsk", CmdLFpskSim, 0, "[1|2|3] [c <clock>] [i] [r <carrier>] [d <raw hex to sim>] -- Simulate LF PSK tag from demodbuffer or input"},
1135 {"simbidir", CmdLFSimBidir, 0, "Simulate LF tag (with bidirectional data transmission between reader and tag)"},
1136 {"snoop", CmdLFSnoop, 0, "['l'|'h'|<divisor>] [trigger threshold]-- Snoop LF (l:125khz, h:134khz)"},
1137 {"vchdemod", CmdVchDemod, 1, "['clone'] -- Demodulate samples for VeriChip"},
1138 {NULL, NULL, 0, NULL}
1139 };
1140
1141 int CmdLF(const char *Cmd)
1142 {
1143 CmdsParse(CommandTable, Cmd);
1144 return 0;
1145 }
1146
1147 int CmdHelp(const char *Cmd)
1148 {
1149 CmdsHelp(CommandTable);
1150 return 0;
1151 }
Impressum, Datenschutz