]> git.zerfleddert.de Git - proxmark3-svn/blob - client/cmdhf14b.c
projects / proxmark3-svn / blob
? search:


8a83df8f76f98a3ee6776acaa68f27a8d0244061
[proxmark3-svn] / client / cmdhf14b.c
1 //-----------------------------------------------------------------------------
2 // Copyright (C) 2010 iZsh <izsh at fail0verflow.com>
3 //
4 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
5 // at your option, any later version. See the LICENSE.txt file for the text of
6 // the license.
7 //-----------------------------------------------------------------------------
8 // High frequency ISO14443B commands
9 //-----------------------------------------------------------------------------
10
11 #include "cmdhf14b.h"
12
13 #include <stdio.h>
14 #include <stdlib.h>
15 #include <stdbool.h>
16 #include <string.h>
17 #include <stdint.h>
18 #include <ctype.h>
19 #include "iso14443crc.h"
20 #include "comms.h"
21 #include "graph.h"
22 #include "util.h"
23 #include "ui.h"
24 #include "cmdparser.h"
25 #include "cmdmain.h"
26 #include "taginfo.h"
27
28
29 int CmdHF14BList(const char *Cmd) {
30 PrintAndLog("Deprecated command, use 'hf list 14b' instead");
31 return 0;
32 }
33
34
35 int CmdHF14BSim(const char *Cmd) {
36 UsbCommand c={CMD_SIMULATE_TAG_ISO_14443B};
37 clearCommandBuffer();
38 SendCommand(&c);
39 return 0;
40 }
41
42
43 int CmdHF14BSnoop(const char *Cmd) {
44 UsbCommand c = {CMD_SNOOP_ISO_14443B};
45 clearCommandBuffer();
46 SendCommand(&c);
47 return 0;
48 }
49
50
51 /* New command to read the contents of a SRI512 tag
52 * SRI512 tags are ISO14443-B modulated memory tags,
53 * this command just dumps the contents of the memory
54 */
55 int CmdSri512Read(const char *Cmd) {
56 UsbCommand c = {CMD_READ_SRI512_TAG, {strtol(Cmd, NULL, 0), 0, 0}};
57 clearCommandBuffer();
58 SendCommand(&c);
59 return 0;
60 }
61
62
63 /* New command to read the contents of a SRIX4K tag
64 * SRIX4K tags are ISO14443-B modulated memory tags,
65 * this command just dumps the contents of the memory/
66 */
67 int CmdSrix4kRead(const char *Cmd) {
68 UsbCommand c = {CMD_READ_SRIX4K_TAG, {strtol(Cmd, NULL, 0), 0, 0}};
69 clearCommandBuffer();
70 SendCommand(&c);
71 return 0;
72 }
73
74
75 static bool switch_off_field_14b(void) {
76 UsbCommand resp;
77 UsbCommand c = {CMD_ISO_14443B_COMMAND, {0, 0, 0}};
78 clearCommandBuffer();
79 SendCommand(&c);
80 if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000)) {
81 return false;
82 }
83 return false;
84 }
85
86
87 int HF14BCmdRaw(bool reply, bool *crc, bool power, uint8_t *data, uint8_t *datalen, bool verbose) {
88 UsbCommand resp;
89 UsbCommand c = {CMD_ISO_14443B_COMMAND, {0, 0, 0}}; // len,recv,power
90 if (*crc) {
91 uint8_t first, second;
92 ComputeCrc14443(CRC_14443_B, data, *datalen, &first, &second);
93 data[*datalen] = first;
94 data[*datalen + 1] = second;
95 *datalen += 2;
96 }
97
98 c.arg[0] = *datalen;
99 c.arg[1] = reply;
100 c.arg[2] = power;
101 memcpy(c.d.asBytes,data, *datalen);
102 clearCommandBuffer();
103 SendCommand(&c);
104
105 if (!reply) return 1;
106
107 if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000)) {
108 if (verbose) PrintAndLog("timeout while waiting for reply.");
109 return 0;
110 }
111 *datalen = resp.arg[0];
112 if (verbose) PrintAndLog("received %u octets", *datalen);
113 if (*datalen < 2) return 0;
114
115 memcpy(data, resp.d.asBytes, *datalen);
116 if (verbose) PrintAndLog("%s", sprint_hex(data, *datalen));
117
118 uint8_t first, second;
119 ComputeCrc14443(CRC_14443_B, data, *datalen-2, &first, &second);
120 if (data[*datalen-2] == first && data[*datalen-1] == second) {
121 if (verbose) PrintAndLog("CRC OK");
122 *crc = true;
123 } else {
124 if (verbose) PrintAndLog("CRC failed");
125 *crc = false;
126 }
127 return 1;
128 }
129
130
131 static int CmdHF14BCmdRaw (const char *Cmd) {
132 bool reply = true;
133 bool crc = false;
134 bool power = false;
135 bool select = false;
136 bool SRx = false;
137 char buf[5] = "";
138 uint8_t data[100] = {0x00};
139 uint8_t datalen = 0;
140 unsigned int temp;
141 int i = 0;
142 if (strlen(Cmd) < 3) {
143 PrintAndLog("Usage: hf 14b raw [-r] [-c] [-p] [-s || -ss] <0A 0B 0C ... hex>");
144 PrintAndLog(" -r do not read response");
145 PrintAndLog(" -c calculate and append CRC");
146 PrintAndLog(" -p leave the field on after receive");
147 PrintAndLog(" -s active signal field ON with select");
148 PrintAndLog(" -ss active signal field ON with select for SRx ST Microelectronics tags");
149 return 0;
150 }
151
152 // strip
153 while (*Cmd == ' ' || *Cmd == '\t') Cmd++;
154
155 while (Cmd[i] != '\0') {
156 if (Cmd[i] == ' ' || Cmd[i] == '\t') { i++; continue; }
157 if (Cmd[i] == '-') {
158 switch (Cmd[i+1]) {
159 case 'r':
160 case 'R':
161 reply = false;
162 break;
163 case 'c':
164 case 'C':
165 crc = true;
166 break;
167 case 'p':
168 case 'P':
169 power = true;
170 break;
171 case 's':
172 case 'S':
173 select = true;
174 if (Cmd[i+2] == 's' || Cmd[i+2] == 'S') {
175 SRx = true;
176 i++;
177 }
178 break;
179 default:
180 PrintAndLog("Invalid option");
181 return 0;
182 }
183 i += 2;
184 continue;
185 }
186 if ((Cmd[i] >= '0' && Cmd[i] <= '9') ||
187 (Cmd[i] >= 'a' && Cmd[i] <= 'f') ||
188 (Cmd[i] >= 'A' && Cmd[i] <= 'F') ) {
189 buf[strlen(buf)+1] = 0;
190 buf[strlen(buf)] = Cmd[i];
191 i++;
192
193 if (strlen(buf) >= 2) {
194 sscanf(buf, "%x", &temp);
195 data[datalen++] = (uint8_t)(temp & 0xff);
196 *buf = 0;
197 }
198 continue;
199 }
200 PrintAndLog("Invalid char on input");
201 return 0;
202 }
203 if (datalen == 0) {
204 PrintAndLog("Missing data input");
205 return 0;
206 }
207
208 if (select) { //auto select 14b tag
209 uint8_t cmd2[16];
210 bool crc2 = true;
211 uint8_t cmdLen;
212
213 if (SRx) {
214 // REQ SRx
215 cmdLen = 2;
216 cmd2[0] = 0x06;
217 cmd2[1] = 0x00;
218 } else {
219 cmdLen = 3;
220 // REQB
221 cmd2[0] = 0x05;
222 cmd2[1] = 0x00;
223 cmd2[2] = 0x08;
224 }
225
226 if (HF14BCmdRaw(true, &crc2, true, cmd2, &cmdLen, false) == 0) return switch_off_field_14b();
227
228 if (SRx && (cmdLen != 3 || !crc2) ) return switch_off_field_14b();
229 else if (cmd2[0] != 0x50 || cmdLen != 14 || !crc2) return switch_off_field_14b();
230
231 uint8_t chipID = 0;
232 if (SRx) {
233 // select
234 chipID = cmd2[0];
235 cmd2[0] = 0x0E;
236 cmd2[1] = chipID;
237 cmdLen = 2;
238 } else {
239 // attrib
240 cmd2[0] = 0x1D;
241 // UID from cmd2[1 - 4]
242 cmd2[5] = 0x00;
243 cmd2[6] = 0x08;
244 cmd2[7] = 0x01;
245 cmd2[8] = 0x00;
246 cmdLen = 9;
247 }
248
249 if (HF14BCmdRaw(true, &crc2, true, cmd2, &cmdLen, false) == 0) return switch_off_field_14b();
250
251 if (cmdLen != 3 || !crc2) return switch_off_field_14b();
252 if (SRx && cmd2[0] != chipID) return switch_off_field_14b();
253 }
254 return HF14BCmdRaw(reply, &crc, power, data, &datalen, true);
255 }
256
257
258 // print full atqb info
259 static void print_atqb_resp(uint8_t *data) {
260 //PrintAndLog (" UID: %s", sprint_hex(data+1,4));
261 PrintAndLog(" App Data: %s", sprint_hex(data+5,4));
262 PrintAndLog(" Protocol: %s", sprint_hex(data+9,3));
263 uint8_t BitRate = data[9];
264 if (!BitRate)
265 PrintAndLog (" Bit Rate: 106 kbit/s only PICC <-> PCD");
266 if (BitRate & 0x10)
267 PrintAndLog (" Bit Rate: 212 kbit/s PICC -> PCD supported");
268 if (BitRate & 0x20)
269 PrintAndLog (" Bit Rate: 424 kbit/s PICC -> PCD supported");
270 if (BitRate & 0x40)
271 PrintAndLog (" Bit Rate: 847 kbit/s PICC -> PCD supported");
272 if (BitRate & 0x01)
273 PrintAndLog (" Bit Rate: 212 kbit/s PICC <- PCD supported");
274 if (BitRate & 0x02)
275 PrintAndLog (" Bit Rate: 424 kbit/s PICC <- PCD supported");
276 if (BitRate & 0x04)
277 PrintAndLog (" Bit Rate: 847 kbit/s PICC <- PCD supported");
278 if (BitRate & 0x80)
279 PrintAndLog (" Same bit rate <-> required");
280
281 uint16_t maxFrame = data[10] >> 4;
282 if (maxFrame < 5)
283 maxFrame = 8*maxFrame + 16;
284 else if (maxFrame == 5)
285 maxFrame = 64;
286 else if (maxFrame == 6)
287 maxFrame = 96;
288 else if (maxFrame == 7)
289 maxFrame = 128;
290 else if (maxFrame == 8)
291 maxFrame = 256;
292 else
293 maxFrame = 257;
294
295 PrintAndLog ("Max Frame Size: %u%s", maxFrame, (maxFrame == 257) ? "+ RFU" : "");
296
297 uint8_t protocolT = data[10] & 0xF;
298 PrintAndLog (" Protocol Type: Protocol is %scompliant with ISO/IEC 14443-4",(protocolT) ? "" : "not " );
299 PrintAndLog ("Frame Wait Int: %u", data[11]>>4);
300 PrintAndLog (" App Data Code: Application is %s",(data[11]&4) ? "Standard" : "Proprietary");
301 PrintAndLog (" Frame Options: NAD is %ssupported",(data[11]&2) ? "" : "not ");
302 PrintAndLog (" Frame Options: CID is %ssupported",(data[11]&1) ? "" : "not ");
303 PrintAndLog ("Max Buf Length: %u (MBLI) %s",data[14]>>4, (data[14] & 0xF0) ? "" : "not supported");
304
305 return;
306 }
307
308
309 int print_ST_Lock_info(uint8_t model) {
310 //assume connection open and tag selected...
311 uint8_t data[16] = {0x00};
312 uint8_t datalen = 2;
313 bool crc = true;
314 uint8_t resplen;
315 uint8_t blk1;
316 data[0] = 0x08;
317
318 if (model == 0x02) { //SR176 has special command:
319 data[1] = 0x0f;
320 resplen = 4;
321 } else {
322 data[1] = 0xff;
323 resplen = 6;
324 }
325
326 //std read cmd
327 if (HF14BCmdRaw(true, &crc, true, data, &datalen, false) == 0) return switch_off_field_14b();
328
329 if (datalen != resplen || !crc) return switch_off_field_14b();
330
331 PrintAndLog("Chip Write Protection Bits:");
332 // now interpret the data
333 switch (model){
334 case 0x0: //fall through (SRIX4K special)
335 case 0x3: //fall through (SRIx4K)
336 case 0x7: // (SRI4K)
337 //only need data[3]
338 blk1 = 9;
339 PrintAndLog(" raw: %s",printBits(1,data+3));
340 PrintAndLog(" 07/08:%slocked", (data[3] & 1) ? " not " : " " );
341 for (uint8_t i = 1; i < 8; i++){
342 PrintAndLog(" %02u:%slocked", blk1, (data[3] & (1 << i)) ? " not " : " " );
343 blk1++;
344 }
345 break;
346 case 0x4: //fall through (SRIX512)
347 case 0x6: //fall through (SRI512)
348 case 0xC: // (SRT512)
349 //need data[2] and data[3]
350 blk1 = 0;
351 PrintAndLog(" raw: %s", printBits(2,data+2));
352 for (uint8_t b = 2; b < 4; b++) {
353 for (uint8_t i = 0; i < 8; i++) {
354 PrintAndLog(" %02u:%slocked", blk1, (data[b] & (1 << i)) ? " not " : " " );
355 blk1++;
356 }
357 }
358 break;
359 case 0x2: // (SR176)
360 //need data[2]
361 blk1 = 0;
362 PrintAndLog(" raw: %s",printBits(1, data+2));
363 for (uint8_t i = 0; i < 8; i++){
364 PrintAndLog(" %02u/%02u:%slocked", blk1, blk1+1, (data[2] & (1 << i)) ? " " : " not " );
365 blk1 += 2;
366 }
367 break;
368 default:
369 return switch_off_field_14b();
370 }
371 return 1;
372 }
373
374
375 // print UID info from SRx chips (ST Microelectronics)
376 static void print_st_general_info(uint8_t *data) {
377 //uid = first 8 bytes in data
378 PrintAndLog(" UID: %s", sprint_hex(SwapEndian64(data, 8, 8), 8));
379 PrintAndLog(" MFG: %02X, %s", data[6], getManufacturerName(data[6]));
380 PrintAndLog(" Chip: %02X, %s", data[5], getChipInfo(data[6], data[5]));
381 return;
382 }
383
384
385 // 14b get and print UID only (general info)
386 int HF14BStdReader(uint8_t *data, uint8_t *datalen) {
387 //05 00 00 = find one tag in field
388 //1d xx xx xx xx 00 08 01 00 = attrib xx=UID (resp 10 [f9 e0])
389 //a3 = ? (resp 03 [e2 c2])
390 //02 = ? (resp 02 [6a d3])
391 // 022b (resp 02 67 00 [29 5b])
392 // 0200a40400 (resp 02 67 00 [29 5b])
393 // 0200a4040c07a0000002480300 (resp 02 67 00 [29 5b])
394 // 0200a4040c07a0000002480200 (resp 02 67 00 [29 5b])
395 // 0200a4040006a0000000010100 (resp 02 6a 82 [4b 4c])
396 // 0200a4040c09d27600002545500200 (resp 02 67 00 [29 5b])
397 // 0200a404000cd2760001354b414e4d30310000 (resp 02 6a 82 [4b 4c])
398 // 0200a404000ca000000063504b43532d313500 (resp 02 6a 82 [4b 4c])
399 // 0200a4040010a000000018300301000000000000000000 (resp 02 6a 82 [4b 4c])
400 //03 = ? (resp 03 [e3 c2])
401 //c2 = ? (resp c2 [66 15])
402 //b2 = ? (resp a3 [e9 67])
403 //a2 = ? (resp 02 [6a d3])
404 bool crc = true;
405 *datalen = 3;
406 //std read cmd
407 data[0] = 0x05;
408 data[1] = 0x00;
409 data[2] = 0x08;
410
411 if (HF14BCmdRaw(true, &crc, true, data, datalen, false) == 0) return switch_off_field_14b();
412
413 if (data[0] != 0x50 || *datalen != 14 || !crc) return switch_off_field_14b();
414
415 PrintAndLog ("\n14443-3b tag found:");
416 PrintAndLog (" UID: %s", sprint_hex(data+1, 4));
417
418 uint8_t cmd2[16];
419 uint8_t cmdLen = 3;
420 bool crc2 = true;
421
422 cmd2[0] = 0x1D;
423 // UID from data[1 - 4]
424 cmd2[1] = data[1];
425 cmd2[2] = data[2];
426 cmd2[3] = data[3];
427 cmd2[4] = data[4];
428 cmd2[5] = 0x00;
429 cmd2[6] = 0x08;
430 cmd2[7] = 0x01;
431 cmd2[8] = 0x00;
432 cmdLen = 9;
433
434 // attrib
435 if (HF14BCmdRaw(true, &crc2, true, cmd2, &cmdLen, false) == 0) return switch_off_field_14b();
436
437 if (cmdLen != 3 || !crc2) return switch_off_field_14b();
438 // add attrib responce to data
439 data[14] = cmd2[0];
440 switch_off_field_14b();
441 return 1;
442 }
443
444
445 // 14b get and print Full Info (as much as we know)
446 static bool HF14B_Std_Info(uint8_t *data, uint8_t *datalen) {
447 if (!HF14BStdReader(data, datalen)) return false;
448
449 //add more info here
450 print_atqb_resp(data);
451
452 return true;
453 }
454
455
456 // SRx get and print general info about SRx chip from UID
457 static bool HF14B_ST_Reader(uint8_t *data, uint8_t *datalen, bool closeCon){
458 bool crc = true;
459 *datalen = 2;
460 //wake cmd
461 data[0] = 0x06;
462 data[1] = 0x00;
463
464 //leave power on
465 // verbose on for now for testing - turn off when functional
466 if (HF14BCmdRaw(true, &crc, true, data, datalen, false) == 0) return switch_off_field_14b();
467
468 if (*datalen != 3 || !crc) return switch_off_field_14b();
469
470 uint8_t chipID = data[0];
471 // select
472 data[0] = 0x0E;
473 data[1] = chipID;
474 *datalen = 2;
475
476 //leave power on
477 if (HF14BCmdRaw(true, &crc, true, data, datalen, false) == 0) return switch_off_field_14b();
478
479 if (*datalen != 3 || !crc || data[0] != chipID) return switch_off_field_14b();
480
481 // get uid
482 data[0] = 0x0B;
483 *datalen = 1;
484
485 //leave power on
486 if (HF14BCmdRaw(true, &crc, true, data, datalen, false) == 0) return switch_off_field_14b();
487
488 if (*datalen != 10 || !crc) return switch_off_field_14b();
489
490 //power off ?
491 if (closeCon) switch_off_field_14b();
492
493 PrintAndLog("\n14443-3b ST tag found:");
494 print_st_general_info(data);
495 return 1;
496 }
497
498
499 // SRx get and print full info (needs more info...)
500 static bool HF14B_ST_Info(bool verbose) {
501 uint8_t data[100];
502 uint8_t datalen;
503
504 if (!HF14B_ST_Reader(data, &datalen, false)) return false;
505
506 //add locking bit information here.
507 if (print_ST_Lock_info(data[5] >> 2))
508 switch_off_field_14b();
509
510 return true;
511 }
512
513
514 // test for other 14b type tags (mimic another reader - don't have tags to identify)
515 static bool HF14B_Other_Reader(bool verbose) {
516 uint8_t data[4];
517 uint8_t datalen;
518
519 bool crc = true;
520 datalen = 4;
521 //std read cmd
522 data[0] = 0x00;
523 data[1] = 0x0b;
524 data[2] = 0x3f;
525 data[3] = 0x80;
526
527 if (HF14BCmdRaw(true, &crc, true, data, &datalen, false) != 0) {
528 if (datalen > 2 || !crc) {
529 PrintAndLog ("\n14443-3b tag found:");
530 PrintAndLog ("Unknown tag type answered to a 0x000b3f80 command ans:");
531 PrintAndLog ("%s", sprint_hex(data, datalen));
532 switch_off_field_14b();
533 return true;
534 }
535 }
536
537 crc = false;
538 datalen = 1;
539 data[0] = 0x0a;
540
541 if (HF14BCmdRaw(true, &crc, true, data, &datalen, false) != 0) {
542 if (datalen > 0) {
543 PrintAndLog ("\n14443-3b tag found:");
544 PrintAndLog ("Unknown tag type answered to a 0x0A command ans:");
545 PrintAndLog ("%s", sprint_hex(data, datalen));
546 switch_off_field_14b();
547 return true;
548 }
549 }
550
551 crc = false;
552 datalen = 1;
553 data[0] = 0x0c;
554
555 if (HF14BCmdRaw(true, &crc, true, data, &datalen, false) != 0) {
556 if (datalen > 0) {
557 PrintAndLog ("\n14443-3b tag found:");
558 PrintAndLog ("Unknown tag type answered to a 0x0C command ans:");
559 PrintAndLog ("%s", sprint_hex(data, datalen));
560 switch_off_field_14b();
561 return true;
562 }
563 }
564 switch_off_field_14b();
565 return false;
566 }
567
568
569 // get and print all info known about any known 14b tag
570 static int usage_hf_14b_info(void) {
571 PrintAndLogEx(NORMAL, "Usage: hf 14b info [h] [s]");
572 PrintAndLogEx(NORMAL, "Options:");
573 PrintAndLogEx(NORMAL, " h this help");
574 PrintAndLogEx(NORMAL, " s silently");
575 PrintAndLogEx(NORMAL, "Example:");
576 PrintAndLogEx(NORMAL, " hf 14b info");
577 return 0;
578 }
579
580 int infoHF14B(bool verbose) {
581 uint8_t data[100];
582 uint8_t datalen;
583
584 // try std 14b (atqb)
585 if (HF14B_Std_Info(data, &datalen)) return 1;
586
587 // try st 14b
588 if (HF14B_ST_Info(verbose)) return 1;
589
590 // try unknown 14b read commands (to be identified later)
591 // could be read of calypso, CEPAS, moneo, or pico pass.
592 if (HF14B_Other_Reader(verbose)) return 1;
593
594 if (verbose) PrintAndLog("no 14443B tag found");
595 return 0;
596 }
597
598
599 // menu command to get and print all info known about any known 14b tag
600 static int CmdHF14Binfo(const char *Cmd){
601 char cmdp = tolower(param_getchar(Cmd, 0));
602 if (cmdp == 'h') return usage_hf_14b_info();
603
604 bool verbose = !(cmdp == 's');
605 return infoHF14B(verbose);
606 }
607
608
609 // get and print general info about all known 14b chips
610 int readHF14B(bool verbose){
611 uint8_t data[100];
612 uint8_t datalen = 5;
613
614 // try std 14b (atqb)
615 if (HF14BStdReader(data, &datalen)) return 1;
616
617 // try st 14b
618 if (HF14B_ST_Reader(data, &datalen, true)) return 1;
619
620 // try unknown 14b read commands (to be identified later)
621 // could be read of calypso, CEPAS, moneo, or pico pass.
622 if (HF14B_Other_Reader(verbose)) return 1;
623
624 if (verbose) PrintAndLog("no 14443B tag found");
625 return 0;
626 }
627
628
629 // menu command to get and print general info about all known 14b chips
630 static int usage_hf_14b_reader(void) {
631 PrintAndLogEx(NORMAL, "Usage: hf 14b reader [h] [s]");
632 PrintAndLogEx(NORMAL, "Options:");
633 PrintAndLogEx(NORMAL, " h this help");
634 PrintAndLogEx(NORMAL, " s silently");
635 PrintAndLogEx(NORMAL, "Example:");
636 PrintAndLogEx(NORMAL, " hf 14b reader");
637 return 0;
638 }
639
640
641 static int CmdHF14BReader(const char *Cmd) {
642 char cmdp = tolower(param_getchar(Cmd, 0));
643 if (cmdp == 'h') return usage_hf_14b_reader();
644
645 bool verbose = !(cmdp == 's');
646 return readHF14B(verbose);
647 }
648
649
650 int CmdSriWrite(const char *Cmd) {
651 /*
652 * For SRIX4K blocks 00 - 7F
653 * hf 14b raw -c -p 09 $srix4kwblock $srix4kwdata
654 *
655 * For SR512 blocks 00 - 0F
656 * hf 14b raw -c -p 09 $sr512wblock $sr512wdata
657 *
658 * Special block FF = otp_lock_reg block.
659 * Data len 4 bytes-
660 */
661 char cmdp = param_getchar(Cmd, 0);
662 uint8_t blockno = -1;
663 uint8_t data[4] = {0x00};
664 bool isSrix4k = true;
665 char str[20];
666
667 if (strlen(Cmd) < 1 || cmdp == 'h' || cmdp == 'H') {
668 PrintAndLog("Usage: hf 14b write <1|2> <BLOCK> <DATA>");
669 PrintAndLog(" [1 = SRIX4K]");
670 PrintAndLog(" [2 = SRI512]");
671 PrintAndLog(" [BLOCK number depends on tag, special block == FF]");
672 PrintAndLog(" sample: hf 14b write 1 7F 11223344");
673 PrintAndLog(" : hf 14b write 1 FF 11223344");
674 PrintAndLog(" : hf 14b write 2 15 11223344");
675 PrintAndLog(" : hf 14b write 2 FF 11223344");
676 return 0;
677 }
678
679 if ( cmdp == '2' )
680 isSrix4k = false;
681
682 //blockno = param_get8(Cmd, 1);
683
684 if (param_gethex(Cmd,1, &blockno, 2) ) {
685 PrintAndLog("Block number must include 2 HEX symbols");
686 return 0;
687 }
688
689 if (isSrix4k) {
690 if (blockno > 0x7f && blockno != 0xff){
691 PrintAndLog("Block number out of range");
692 return 0;
693 }
694 } else {
695 if (blockno > 0x0f && blockno != 0xff){
696 PrintAndLog("Block number out of range");
697 return 0;
698 }
699 }
700
701 if (param_gethex(Cmd, 2, data, 8)) {
702 PrintAndLog("Data must include 8 HEX symbols");
703 return 0;
704 }
705
706 if (blockno == 0xff)
707 PrintAndLog("[%s] Write special block %02X [ %s ]", (isSrix4k)?"SRIX4K":"SRI512", blockno, sprint_hex(data, 4));
708 else
709 PrintAndLog("[%s] Write block %02X [ %s ]", (isSrix4k)?"SRIX4K":"SRI512", blockno, sprint_hex(data, 4));
710
711 sprintf(str, "-c 09 %02x %02x%02x%02x%02x", blockno, data[0], data[1], data[2], data[3]);
712
713 CmdHF14BCmdRaw(str);
714 return 0;
715 }
716
717
718 static int CmdHelp(const char *Cmd);
719
720 static command_t CommandTable[] =
721 {
722 {"help", CmdHelp, 1, "This help"},
723 {"info", CmdHF14Binfo, 0, "Find and print details about a 14443B tag"},
724 {"list", CmdHF14BList, 0, "[Deprecated] List ISO 14443B history"},
725 {"reader", CmdHF14BReader, 0, "Act as a 14443B reader to identify a tag"},
726 {"sim", CmdHF14BSim, 0, "Fake ISO 14443B tag"},
727 {"snoop", CmdHF14BSnoop, 0, "Eavesdrop ISO 14443B"},
728 {"sri512read", CmdSri512Read, 0, "Read contents of a SRI512 tag"},
729 {"srix4kread", CmdSrix4kRead, 0, "Read contents of a SRIX4K tag"},
730 {"sriwrite", CmdSriWrite, 0, "Write data to a SRI512 | SRIX4K tag"},
731 {"raw", CmdHF14BCmdRaw, 0, "Send raw hex data to tag"},
732 {NULL, NULL, 0, NULL}
733 };
734
735 int CmdHF14B(const char *Cmd)
736 {
737 CmdsParse(CommandTable, Cmd);
738 return 0;
739 }
740
741 int CmdHelp(const char *Cmd)
742 {
743 CmdsHelp(CommandTable);
744 return 0;
745 }
Proxmark3 GIT tracking
Impressum, Datenschutz