Paradox clone functionality implemented (#747)
[proxmark3-svn] / client / cmdlfparadox.c
1 //-----------------------------------------------------------------------------
2 //
3 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
4 // at your option, any later version. See the LICENSE.txt file for the text of
5 // the license.
6 //-----------------------------------------------------------------------------
7 // Low frequency Paradox tag commands
8 // FSK2a, rf/50, 96 bits (completely known)
9 //-----------------------------------------------------------------------------
10 #include <stdio.h>
11 #include <string.h>
12 #include <inttypes.h>
13 #include "cmdlfparadox.h"
14 #include "proxmark3.h"
15 #include "ui.h"
16 #include "util.h"
17 #include "graph.h"
18 #include "cmdparser.h"
19 #include "cmddata.h"
20 #include "cmdlf.h"
21 #include "lfdemod.h"
22 #include "comms.h"
23 // This card type is similar to HID, so we include the utils from there
24 #include "cmdlfhid.h"
25 #include "hidcardformats.h"
26 #include "hidcardformatutils.h"
27
28 static int CmdHelp(const char *Cmd);
29 void ParadoxWrite(hidproxmessage_t *packed);
30
31 //by marshmellow
32 //Paradox Prox demod - FSK RF/50 with preamble of 00001111 (then manchester encoded)
33 //print full Paradox Prox ID and some bit format details if found
34 int CmdFSKdemodParadox(const char *Cmd)
35 {
36 //raw fsk demod no manchester decoding no start bit finding just get binary from wave
37 uint32_t hi2=0, hi=0, lo=0;
38
39 uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
40 size_t BitLen = getFromGraphBuf(BitStream);
41 if (BitLen==0) return 0;
42 int waveIdx=0;
43 //get binary from fsk wave
44 int idx = ParadoxdemodFSK(BitStream,&BitLen,&hi2,&hi,&lo,&waveIdx);
45 if (idx<0){
46 if (g_debugMode){
47 if (idx==-1){
48 PrintAndLog("DEBUG: Just Noise Detected");
49 } else if (idx == -2) {
50 PrintAndLog("DEBUG: Error demoding fsk");
51 } else if (idx == -3) {
52 PrintAndLog("DEBUG: Preamble not found");
53 } else if (idx == -4) {
54 PrintAndLog("DEBUG: Error in Manchester data");
55 } else {
56 PrintAndLog("DEBUG: Error demoding fsk %d", idx);
57 }
58 }
59 return 0;
60 }
61 if (hi2==0 && hi==0 && lo==0){
62 if (g_debugMode) PrintAndLog("DEBUG: Error - no value found");
63 return 0;
64 }
65
66 uint32_t fc = ((hi & 0x3)<<6) | (lo>>26);
67 uint32_t cardnum = (lo>>10)&0xFFFF;
68 uint32_t rawLo = bytebits_to_byte(BitStream+idx+64,32);
69 uint32_t rawHi = bytebits_to_byte(BitStream+idx+32,32);
70 uint32_t rawHi2 = bytebits_to_byte(BitStream+idx,32);
71
72 // Steal the HID parsing to output a "full" ID we can send to the HID cloning function
73 hidproxmessage_t packed = initialize_proxmessage_object(hi2, hi, lo);
74
75 if (packed.top != 0) {
76 PrintAndLog("Paradox TAG ID: %x%08x (Full ID: %x%08x%08x) - FC: %d - Card: %d - Checksum: %02x - RAW: %08x%08x%08x",
77 hi>>10, (hi & 0x3)<<26 | (lo>>10), (uint32_t)packed.top, (uint32_t)packed.mid, (uint32_t)packed.bot, fc, cardnum, (lo>>2) & 0xFF, rawHi2, rawHi, rawLo);
78 } else {
79 PrintAndLog("Paradox TAG ID: %x%08x (Full ID: %x%08x) - FC: %d - Card: %d - Checksum: %02x - RAW: %08x%08x%08x",
80 hi>>10, (hi & 0x3)<<26 | (lo>>10), (uint32_t)packed.mid, (uint32_t)packed.bot, fc, cardnum, (lo>>2) & 0xFF, rawHi2, rawHi, rawLo);
81
82 }
83 setDemodBuf(BitStream,BitLen,idx);
84 setClockGrid(50, waveIdx + (idx*50));
85 if (g_debugMode){
86 PrintAndLog("DEBUG: idx: %d, len: %d, Printing Demod Buffer:", idx, BitLen);
87 printDemodBuff();
88 }
89 return 1;
90 }
91 //by marshmellow
92 //see ASKDemod for what args are accepted
93 int CmdParadoxRead(const char *Cmd) {
94 // read lf silently
95 lf_read(true, 10000);
96 // demod and output viking ID
97 return CmdFSKdemodParadox(Cmd);
98 }
99
100 int CmdParadoxClone(const char *Cmd)
101 {
102 unsigned int top = 0, mid = 0, bot = 0;
103 hid_hexstring_to_int96(&top, &mid, &bot, Cmd);
104 hidproxmessage_t packed = initialize_proxmessage_object(top, mid, bot);
105 ParadoxWrite(&packed);
106 return 0;
107 }
108
109 void ParadoxWrite(hidproxmessage_t *packed){
110 UsbCommand c;
111 c.d.asBytes[0] = (packed->top != 0 && ((packed->mid & 0xFFFFFFC0) != 0))
112 ? 1 : 0; // Writing long format?
113 c.cmd = CMD_PARADOX_CLONE_TAG;
114 c.arg[0] = (packed->top & 0x000FFFFF);
115 c.arg[1] = packed->mid;
116 c.arg[2] = packed->bot;
117 SendCommand(&c);
118 }
119
120 static command_t CommandTable[] = {
121 {"help", CmdHelp, 1, "This help"},
122 {"demod", CmdFSKdemodParadox, 1, "Demodulate a Paradox FSK tag from the GraphBuffer"},
123 {"read", CmdParadoxRead, 0, "Attempt to read and Extract tag data from the antenna"},
124 {"clone", CmdParadoxClone, 0, "<ID> -- Clone Paradox to T55x7 (tag must be in antenna)"},
125 {NULL, NULL, 0, NULL}
126 };
127
128 int CmdLFParadox(const char *Cmd) {
129 CmdsParse(CommandTable, Cmd);
130 return 0;
131 }
132
133 int CmdHelp(const char *Cmd) {
134 CmdsHelp(CommandTable);
135 return 0;
136 }
Impressum, Datenschutz