]> git.zerfleddert.de Git - proxmark3-svn/blob - client/cmdlf.c
projects / proxmark3-svn / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
rework of GetFromBigBuf() (#597)
[proxmark3-svn] / client / cmdlf.c
1 //-----------------------------------------------------------------------------
2 // Copyright (C) 2010 iZsh <izsh at fail0verflow.com>
3 //
4 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
5 // at your option, any later version. See the LICENSE.txt file for the text of
6 // the license.
7 //-----------------------------------------------------------------------------
8 // Low frequency commands
9 //-----------------------------------------------------------------------------
10
11 #include <stdio.h>
12 #include <stdlib.h>
13 #include <string.h>
14 #include <limits.h>
15 #include <stdbool.h>
16 #include <stdint.h>
17 #include "proxmark3.h"
18 #include "cmdlf.h"
19 #include "lfdemod.h" // for psk2TOpsk1
20 #include "util.h" // for parsing cli command utils
21 #include "ui.h" // for show graph controls
22 #include "graph.h" // for graph data
23 #include "cmdparser.h" // for getting cli commands included in cmdmain.h
24 #include "cmdmain.h" // for sending cmds to device
25 #include "cmddata.h" // for `lf search`
26 #include "cmdlfawid.h" // for awid menu
27 #include "cmdlfem4x.h" // for em4x menu
28 #include "cmdlfhid.h" // for hid menu
29 #include "cmdlfhitag.h" // for hitag menu
30 #include "cmdlfio.h" // for ioprox menu
31 #include "cmdlft55xx.h" // for t55xx menu
32 #include "cmdlfti.h" // for ti menu
33 #include "cmdlfpresco.h" // for presco menu
34 #include "cmdlfpcf7931.h"// for pcf7931 menu
35 #include "cmdlfpyramid.h"// for pyramid menu
36 #include "cmdlfviking.h" // for viking menu
37 #include "cmdlfcotag.h" // for COTAG menu
38 #include "cmdlfvisa2000.h" // for VISA2000 menu
39 #include "cmdlfindala.h" // for indala menu
40 #include "cmdlfgproxii.h"// for gproxii menu
41 #include "cmdlffdx.h" // for fdx-b menu
42 #include "cmdlfparadox.h"// for paradox menu
43 #include "cmdlfnexwatch.h"//for nexwatch menu
44 #include "cmdlfjablotron.h" //for jablotron menu
45 #include "cmdlfnoralsy.h"// for noralsy menu
46 #include "cmdlfsecurakey.h"//for securakey menu
47 #include "cmdlfpac.h" // for pac menu
48
49 bool g_lf_threshold_set = false;
50 static int CmdHelp(const char *Cmd);
51
52
53
54 int usage_lf_cmdread(void)
55 {
56 PrintAndLog("Usage: lf cmdread d <delay period> z <zero period> o <one period> c <cmdbytes> ");
57 PrintAndLog("Options: ");
58 PrintAndLog(" h This help");
59 PrintAndLog(" d <delay> delay OFF period between bits (0 for bitbang mode)");
60 PrintAndLog(" z <zero> time period ZERO (antenna off in bitbang mode)");
61 PrintAndLog(" o <one> time period ONE (antenna on in bitbang mode)");
62 PrintAndLog(" c <cmd> Command bytes");
63 PrintAndLog(" ************* All periods in microseconds");
64 PrintAndLog(" ************* Use lf config to configure options.");
65 PrintAndLog("Examples:");
66 PrintAndLog(" lf cmdread d 80 z 100 o 200 c 11000");
67 PrintAndLog(" lf cmdread d 80 z 100 o 100 c 11000");
68 return 0;
69 }
70
71 /* send a command before reading */
72 int CmdLFCommandRead(const char *Cmd)
73 {
74 UsbCommand c = {CMD_MOD_THEN_ACQUIRE_RAW_ADC_SAMPLES_125K};
75 bool errors = false;
76 //uint8_t divisor = 95; //125khz
77 uint8_t cmdp = 0;
78 while(param_getchar(Cmd, cmdp) != 0x00)
79 {
80 switch(param_getchar(Cmd, cmdp))
81 {
82 case 'h':
83 return usage_lf_cmdread();
84 case 'c':
85 param_getstr(Cmd, cmdp+1, (char *)&c.d.asBytes, sizeof(c.d.asBytes));
86 cmdp+=2;
87 break;
88 case 'd':
89 c.arg[0] = param_get32ex(Cmd, cmdp+1, 0, 10);
90 cmdp+=2;
91 break;
92 case 'z':
93 c.arg[1] = param_get32ex(Cmd, cmdp+1, 0, 10);
94 cmdp+=2;
95 break;
96 case 'o':
97 c.arg[2] = param_get32ex(Cmd, cmdp+1, 0, 10);
98 cmdp+=2;
99 break;
100 default:
101 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
102 errors = 1;
103 break;
104 }
105 if(errors) break;
106 }
107 // No args
108 if(cmdp == 0) errors = 1;
109
110 //Validations
111 if(errors) return usage_lf_cmdread();
112
113 clearCommandBuffer();
114 SendCommand(&c);
115
116 WaitForResponse(CMD_ACK,NULL);
117 getSamples(0, true);
118
119
120 return 0;
121 }
122
123 int CmdFlexdemod(const char *Cmd)
124 {
125 int i;
126 for (i = 0; i < GraphTraceLen; ++i) {
127 if (GraphBuffer[i] < 0) {
128 GraphBuffer[i] = -1;
129 } else {
130 GraphBuffer[i] = 1;
131 }
132 }
133
134 #define LONG_WAIT 100
135 int start;
136 for (start = 0; start < GraphTraceLen - LONG_WAIT; start++) {
137 int first = GraphBuffer[start];
138 for (i = start; i < start + LONG_WAIT; i++) {
139 if (GraphBuffer[i] != first) {
140 break;
141 }
142 }
143 if (i == (start + LONG_WAIT)) {
144 break;
145 }
146 }
147 if (start == GraphTraceLen - LONG_WAIT) {
148 PrintAndLog("nothing to wait for");
149 return 0;
150 }
151
152 GraphBuffer[start] = 2;
153 GraphBuffer[start+1] = -2;
154 uint8_t bits[64] = {0x00};
155
156 int bit, sum;
157 i = start;
158 for (bit = 0; bit < 64; bit++) {
159 sum = 0;
160 for (int j = 0; j < 16; j++) {
161 sum += GraphBuffer[i++];
162 }
163
164 bits[bit] = (sum > 0) ? 1 : 0;
165
166 PrintAndLog("bit %d sum %d", bit, sum);
167 }
168
169 for (bit = 0; bit < 64; bit++) {
170 int j;
171 int sum = 0;
172 for (j = 0; j < 16; j++) {
173 sum += GraphBuffer[i++];
174 }
175 if (sum > 0 && bits[bit] != 1) {
176 PrintAndLog("oops1 at %d", bit);
177 }
178 if (sum < 0 && bits[bit] != 0) {
179 PrintAndLog("oops2 at %d", bit);
180 }
181 }
182
183 // HACK writing back to graphbuffer.
184 GraphTraceLen = 32*64;
185 i = 0;
186 int phase = 0;
187 for (bit = 0; bit < 64; bit++) {
188
189 phase = (bits[bit] == 0) ? 0 : 1;
190
191 int j;
192 for (j = 0; j < 32; j++) {
193 GraphBuffer[i++] = phase;
194 phase = !phase;
195 }
196 }
197
198 RepaintGraphWindow();
199 return 0;
200 }
201
202 int usage_lf_read(void)
203 {
204 PrintAndLog("Usage: lf read");
205 PrintAndLog("Options: ");
206 PrintAndLog(" h This help");
207 PrintAndLog(" s silent run no printout");
208 PrintAndLog(" [# samples] # samples to collect (optional)");
209 PrintAndLog("Use 'lf config' to set parameters.");
210 return 0;
211 }
212 int usage_lf_snoop(void)
213 {
214 PrintAndLog("Usage: lf snoop");
215 PrintAndLog("Options: ");
216 PrintAndLog(" h This help");
217 PrintAndLog("This function takes no arguments. ");
218 PrintAndLog("Use 'lf config' to set parameters.");
219 return 0;
220 }
221
222 int usage_lf_config(void)
223 {
224 PrintAndLog("Usage: lf config [H|<divisor>] [b <bps>] [d <decim>] [a 0|1]");
225 PrintAndLog("Options: ");
226 PrintAndLog(" h This help");
227 PrintAndLog(" L Low frequency (125 KHz)");
228 PrintAndLog(" H High frequency (134 KHz)");
229 PrintAndLog(" q <divisor> Manually set divisor. 88-> 134KHz, 95-> 125 Hz");
230 PrintAndLog(" b <bps> Sets resolution of bits per sample. Default (max): 8");
231 PrintAndLog(" d <decim> Sets decimation. A value of N saves only 1 in N samples. Default: 1");
232 PrintAndLog(" a [0|1] Averaging - if set, will average the stored sample value when decimating. Default: 1");
233 PrintAndLog(" t <threshold> Sets trigger threshold. 0 means no threshold (range: 0-128)");
234 PrintAndLog("Examples:");
235 PrintAndLog(" lf config b 8 L");
236 PrintAndLog(" Samples at 125KHz, 8bps.");
237 PrintAndLog(" lf config H b 4 d 3");
238 PrintAndLog(" Samples at 134KHz, averages three samples into one, stored with ");
239 PrintAndLog(" a resolution of 4 bits per sample.");
240 PrintAndLog(" lf read");
241 PrintAndLog(" Performs a read (active field)");
242 PrintAndLog(" lf snoop");
243 PrintAndLog(" Performs a snoop (no active field)");
244 return 0;
245 }
246
247 int CmdLFSetConfig(const char *Cmd)
248 {
249
250 uint8_t divisor = 0;//Frequency divisor
251 uint8_t bps = 0; // Bits per sample
252 uint8_t decimation = 0; //How many to keep
253 bool averaging = 1; // Defaults to true
254 bool errors = false;
255 int trigger_threshold =-1;//Means no change
256 uint8_t unsigned_trigg = 0;
257
258 uint8_t cmdp =0;
259 while(param_getchar(Cmd, cmdp) != 0x00)
260 {
261 switch(param_getchar(Cmd, cmdp))
262 {
263 case 'h':
264 return usage_lf_config();
265 case 'H':
266 divisor = 88;
267 cmdp++;
268 break;
269 case 'L':
270 divisor = 95;
271 cmdp++;
272 break;
273 case 'q':
274 errors |= param_getdec(Cmd,cmdp+1,&divisor);
275 cmdp+=2;
276 break;
277 case 't':
278 errors |= param_getdec(Cmd,cmdp+1,&unsigned_trigg);
279 cmdp+=2;
280 if(!errors) {
281 trigger_threshold = unsigned_trigg;
282 if (trigger_threshold > 0) g_lf_threshold_set = true;
283 }
284 break;
285 case 'b':
286 errors |= param_getdec(Cmd,cmdp+1,&bps);
287 cmdp+=2;
288 break;
289 case 'd':
290 errors |= param_getdec(Cmd,cmdp+1,&decimation);
291 cmdp+=2;
292 break;
293 case 'a':
294 averaging = param_getchar(Cmd,cmdp+1) == '1';
295 cmdp+=2;
296 break;
297 default:
298 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
299 errors = 1;
300 break;
301 }
302 if(errors) break;
303 }
304 if(cmdp == 0)
305 {
306 errors = 1;// No args
307 }
308
309 //Validations
310 if(errors)
311 {
312 return usage_lf_config();
313 }
314 //Bps is limited to 8, so fits in lower half of arg1
315 if(bps >> 4) bps = 8;
316
317 sample_config config = {
318 decimation,bps,averaging,divisor,trigger_threshold
319 };
320 //Averaging is a flag on high-bit of arg[1]
321 UsbCommand c = {CMD_SET_LF_SAMPLING_CONFIG};
322 memcpy(c.d.asBytes,&config,sizeof(sample_config));
323 clearCommandBuffer();
324 SendCommand(&c);
325 return 0;
326 }
327
328 bool lf_read(bool silent, uint32_t samples) {
329 if (IsOffline()) return false;
330 UsbCommand c = {CMD_ACQUIRE_RAW_ADC_SAMPLES_125K, {silent,samples,0}};
331 clearCommandBuffer();
332 //And ship it to device
333 SendCommand(&c);
334
335 UsbCommand resp;
336 if (g_lf_threshold_set) {
337 WaitForResponse(CMD_ACK,&resp);
338 } else {
339 if ( !WaitForResponseTimeout(CMD_ACK,&resp,2500) ) {
340 PrintAndLog("command execution time out");
341 return false;
342 }
343 }
344 // resp.arg[0] is bits read not bytes read.
345 getSamples(resp.arg[0]/8, silent);
346
347 return true;
348 }
349
350 int CmdLFRead(const char *Cmd)
351 {
352 uint8_t cmdp = 0;
353 bool silent = false;
354 if (param_getchar(Cmd, cmdp) == 'h')
355 {
356 return usage_lf_read();
357 }
358 if (param_getchar(Cmd, cmdp) == 's') {
359 silent = true; //suppress print
360 cmdp++;
361 }
362 uint32_t samples = param_get32ex(Cmd, cmdp, 0, 10);
363 return lf_read(silent, samples);
364 }
365
366 int CmdLFSnoop(const char *Cmd)
367 {
368 uint8_t cmdp =0;
369 if(param_getchar(Cmd, cmdp) == 'h')
370 {
371 return usage_lf_snoop();
372 }
373
374 UsbCommand c = {CMD_LF_SNOOP_RAW_ADC_SAMPLES};
375 clearCommandBuffer();
376 SendCommand(&c);
377 WaitForResponse(CMD_ACK,NULL);
378 getSamples(0, true);
379
380 return 0;
381 }
382
383 static void ChkBitstream(const char *str)
384 {
385 int i;
386
387 /* convert to bitstream if necessary */
388 for (i = 0; i < (int)(GraphTraceLen / 2); i++){
389 if (GraphBuffer[i] > 1 || GraphBuffer[i] < 0) {
390 CmdGetBitStream("");
391 break;
392 }
393 }
394 }
395 //Attempt to simulate any wave in buffer (one bit per output sample)
396 // converts GraphBuffer to bitstream (based on zero crossings) if needed.
397 int CmdLFSim(const char *Cmd)
398 {
399 int i,j;
400 static int gap;
401
402 sscanf(Cmd, "%i", &gap);
403
404 // convert to bitstream if necessary
405 ChkBitstream(Cmd);
406
407 //can send only 512 bits at a time (1 byte sent per bit...)
408 printf("Sending [%d bytes]", GraphTraceLen);
409 for (i = 0; i < GraphTraceLen; i += USB_CMD_DATA_SIZE) {
410 UsbCommand c = {CMD_DOWNLOADED_SIM_SAMPLES_125K, {i, 0, 0}};
411
412 for (j = 0; j < USB_CMD_DATA_SIZE; j++) {
413 c.d.asBytes[j] = GraphBuffer[i+j];
414 }
415 SendCommand(&c);
416 WaitForResponse(CMD_ACK,NULL);
417 printf(".");
418 }
419
420 printf("\n");
421 PrintAndLog("Starting to simulate");
422 UsbCommand c = {CMD_SIMULATE_TAG_125K, {GraphTraceLen, gap, 0}};
423 clearCommandBuffer();
424 SendCommand(&c);
425 return 0;
426 }
427
428 int usage_lf_simfsk(void)
429 {
430 //print help
431 PrintAndLog("Usage: lf simfsk [c <clock>] [i] [H <fcHigh>] [L <fcLow>] [d <hexdata>]");
432 PrintAndLog("Options: ");
433 PrintAndLog(" h This help");
434 PrintAndLog(" c <clock> Manually set clock - can autodetect if using DemodBuffer");
435 PrintAndLog(" i invert data");
436 PrintAndLog(" H <fcHigh> Manually set the larger Field Clock");
437 PrintAndLog(" L <fcLow> Manually set the smaller Field Clock");
438 //PrintAndLog(" s TBD- -to enable a gap between playback repetitions - default: no gap");
439 PrintAndLog(" d <hexdata> Data to sim as hex - omit to sim from DemodBuffer");
440 PrintAndLog("\n NOTE: if you set one clock manually set them all manually");
441 return 0;
442 }
443
444 int usage_lf_simask(void)
445 {
446 //print help
447 PrintAndLog("Usage: lf simask [c <clock>] [i] [b|m|r] [s] [d <raw hex to sim>]");
448 PrintAndLog("Options: ");
449 PrintAndLog(" h This help");
450 PrintAndLog(" c <clock> Manually set clock - can autodetect if using DemodBuffer");
451 PrintAndLog(" i invert data");
452 PrintAndLog(" b sim ask/biphase");
453 PrintAndLog(" m sim ask/manchester - Default");
454 PrintAndLog(" r sim ask/raw");
455 PrintAndLog(" s add t55xx Sequence Terminator gap - default: no gaps (only manchester)");
456 PrintAndLog(" d <hexdata> Data to sim as hex - omit to sim from DemodBuffer");
457 return 0;
458 }
459
460 int usage_lf_simpsk(void)
461 {
462 //print help
463 PrintAndLog("Usage: lf simpsk [1|2|3] [c <clock>] [i] [r <carrier>] [d <raw hex to sim>]");
464 PrintAndLog("Options: ");
465 PrintAndLog(" h This help");
466 PrintAndLog(" c <clock> Manually set clock - can autodetect if using DemodBuffer");
467 PrintAndLog(" i invert data");
468 PrintAndLog(" 1 set PSK1 (default)");
469 PrintAndLog(" 2 set PSK2");
470 PrintAndLog(" 3 set PSK3");
471 PrintAndLog(" r <carrier> 2|4|8 are valid carriers: default = 2");
472 PrintAndLog(" d <hexdata> Data to sim as hex - omit to sim from DemodBuffer");
473 return 0;
474 }
475
476 // by marshmellow - sim fsk data given clock, fcHigh, fcLow, invert
477 // - allow pull data from DemodBuffer
478 int CmdLFfskSim(const char *Cmd)
479 {
480 //might be able to autodetect FCs and clock from Graphbuffer if using demod buffer
481 // otherwise will need FChigh, FClow, Clock, and bitstream
482 uint8_t fcHigh=0, fcLow=0, clk=0;
483 uint8_t invert=0;
484 bool errors = false;
485 char hexData[64] = {0x00}; // store entered hex data
486 uint8_t data[255] = {0x00};
487 int dataLen = 0;
488 uint8_t cmdp = 0;
489 while(param_getchar(Cmd, cmdp) != 0x00)
490 {
491 switch(param_getchar(Cmd, cmdp))
492 {
493 case 'h':
494 return usage_lf_simfsk();
495 case 'i':
496 invert = 1;
497 cmdp++;
498 break;
499 case 'c':
500 errors |= param_getdec(Cmd,cmdp+1,&clk);
501 cmdp+=2;
502 break;
503 case 'H':
504 errors |= param_getdec(Cmd,cmdp+1,&fcHigh);
505 cmdp+=2;
506 break;
507 case 'L':
508 errors |= param_getdec(Cmd,cmdp+1,&fcLow);
509 cmdp+=2;
510 break;
511 //case 's':
512 // separator=1;
513 // cmdp++;
514 // break;
515 case 'd':
516 dataLen = param_getstr(Cmd, cmdp+1, hexData, sizeof(hexData));
517 if (dataLen==0) {
518 errors=true;
519 } else {
520 dataLen = hextobinarray((char *)data, hexData);
521 }
522 if (dataLen==0) errors=true;
523 if (errors) PrintAndLog ("Error getting hex data");
524 cmdp+=2;
525 break;
526 default:
527 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
528 errors = true;
529 break;
530 }
531 if(errors) break;
532 }
533 if(cmdp == 0 && DemodBufferLen == 0)
534 {
535 errors = true;// No args
536 }
537
538 //Validations
539 if(errors)
540 {
541 return usage_lf_simfsk();
542 }
543 int firstClockEdge = 0;
544 if (dataLen == 0){ //using DemodBuffer
545 if (clk==0 || fcHigh==0 || fcLow==0){ //manual settings must set them all
546 uint8_t ans = fskClocks(&fcHigh, &fcLow, &clk, 0, &firstClockEdge);
547 if (ans==0){
548 if (!fcHigh) fcHigh=10;
549 if (!fcLow) fcLow=8;
550 if (!clk) clk=50;
551 }
552 }
553 } else {
554 setDemodBuf(data, dataLen, 0);
555 }
556
557 //default if not found
558 if (clk == 0) clk = 50;
559 if (fcHigh == 0) fcHigh = 10;
560 if (fcLow == 0) fcLow = 8;
561
562 uint16_t arg1, arg2;
563 arg1 = fcHigh << 8 | fcLow;
564 arg2 = invert << 8 | clk;
565 size_t size = DemodBufferLen;
566 if (size > USB_CMD_DATA_SIZE) {
567 PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
568 size = USB_CMD_DATA_SIZE;
569 }
570 UsbCommand c = {CMD_FSK_SIM_TAG, {arg1, arg2, size}};
571
572 memcpy(c.d.asBytes, DemodBuffer, size);
573 clearCommandBuffer();
574 SendCommand(&c);
575 return 0;
576 }
577
578 // by marshmellow - sim ask data given clock, invert, manchester or raw, separator
579 // - allow pull data from DemodBuffer
580 int CmdLFaskSim(const char *Cmd)
581 {
582 //autodetect clock from Graphbuffer if using demod buffer
583 // needs clock, invert, manchester/raw as m or r, separator as s, and bitstream
584 uint8_t encoding = 1, separator = 0;
585 uint8_t clk=0, invert=0;
586 bool errors = false;
587 char hexData[64] = {0x00};
588 uint8_t data[255]= {0x00}; // store entered hex data
589 int dataLen = 0;
590 uint8_t cmdp = 0;
591 while(param_getchar(Cmd, cmdp) != 0x00)
592 {
593 switch(param_getchar(Cmd, cmdp))
594 {
595 case 'h':
596 return usage_lf_simask();
597 case 'i':
598 invert = 1;
599 cmdp++;
600 break;
601 case 'c':
602 errors |= param_getdec(Cmd,cmdp+1,&clk);
603 cmdp+=2;
604 break;
605 case 'b':
606 encoding=2; //biphase
607 cmdp++;
608 break;
609 case 'm':
610 encoding=1;
611 cmdp++;
612 break;
613 case 'r':
614 encoding=0;
615 cmdp++;
616 break;
617 case 's':
618 separator=1;
619 cmdp++;
620 break;
621 case 'd':
622 dataLen = param_getstr(Cmd, cmdp+1, hexData, sizeof(hexData));
623 if (dataLen==0) {
624 errors=true;
625 } else {
626 dataLen = hextobinarray((char *)data, hexData);
627 }
628 if (dataLen==0) errors=true;
629 if (errors) PrintAndLog ("Error getting hex data, datalen: %d",dataLen);
630 cmdp+=2;
631 break;
632 default:
633 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
634 errors = true;
635 break;
636 }
637 if(errors) break;
638 }
639 if(cmdp == 0 && DemodBufferLen == 0)
640 {
641 errors = true;// No args
642 }
643
644 //Validations
645 if(errors)
646 {
647 return usage_lf_simask();
648 }
649 if (dataLen == 0){ //using DemodBuffer
650 if (clk == 0) clk = GetAskClock("0", false, false);
651 } else {
652 setDemodBuf(data, dataLen, 0);
653 }
654 if (clk == 0) clk = 64;
655 if (encoding == 0) clk = clk/2; //askraw needs to double the clock speed
656 uint16_t arg1, arg2;
657 size_t size=DemodBufferLen;
658 arg1 = clk << 8 | encoding;
659 arg2 = invert << 8 | separator;
660 if (size > USB_CMD_DATA_SIZE) {
661 PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
662 size = USB_CMD_DATA_SIZE;
663 }
664 UsbCommand c = {CMD_ASK_SIM_TAG, {arg1, arg2, size}};
665 PrintAndLog("preparing to sim ask data: %d bits", size);
666 memcpy(c.d.asBytes, DemodBuffer, size);
667 clearCommandBuffer();
668 SendCommand(&c);
669 return 0;
670 }
671
672 // by marshmellow - sim psk data given carrier, clock, invert
673 // - allow pull data from DemodBuffer or parameters
674 int CmdLFpskSim(const char *Cmd)
675 {
676 //might be able to autodetect FC and clock from Graphbuffer if using demod buffer
677 //will need carrier, Clock, and bitstream
678 uint8_t carrier=0, clk=0;
679 uint8_t invert=0;
680 bool errors = false;
681 char hexData[64] = {0x00}; // store entered hex data
682 uint8_t data[255] = {0x00};
683 int dataLen = 0;
684 uint8_t cmdp = 0;
685 uint8_t pskType = 1;
686 while(param_getchar(Cmd, cmdp) != 0x00)
687 {
688 switch(param_getchar(Cmd, cmdp))
689 {
690 case 'h':
691 return usage_lf_simpsk();
692 case 'i':
693 invert = 1;
694 cmdp++;
695 break;
696 case 'c':
697 errors |= param_getdec(Cmd,cmdp+1,&clk);
698 cmdp+=2;
699 break;
700 case 'r':
701 errors |= param_getdec(Cmd,cmdp+1,&carrier);
702 cmdp+=2;
703 break;
704 case '1':
705 pskType=1;
706 cmdp++;
707 break;
708 case '2':
709 pskType=2;
710 cmdp++;
711 break;
712 case '3':
713 pskType=3;
714 cmdp++;
715 break;
716 case 'd':
717 dataLen = param_getstr(Cmd, cmdp+1, hexData, sizeof(hexData));
718 if (dataLen==0) {
719 errors=true;
720 } else {
721 dataLen = hextobinarray((char *)data, hexData);
722 }
723 if (dataLen==0) errors=true;
724 if (errors) PrintAndLog ("Error getting hex data");
725 cmdp+=2;
726 break;
727 default:
728 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
729 errors = true;
730 break;
731 }
732 if (errors) break;
733 }
734 if (cmdp == 0 && DemodBufferLen == 0)
735 {
736 errors = true;// No args
737 }
738
739 //Validations
740 if (errors)
741 {
742 return usage_lf_simpsk();
743 }
744 if (dataLen == 0){ //using DemodBuffer
745 PrintAndLog("Getting Clocks");
746 if (clk==0) clk = GetPskClock("", false, false);
747 PrintAndLog("clk: %d",clk);
748 if (!carrier) carrier = GetPskCarrier("", false, false);
749 PrintAndLog("carrier: %d", carrier);
750 } else {
751 setDemodBuf(data, dataLen, 0);
752 }
753
754 if (clk <= 0) clk = 32;
755 if (carrier == 0) carrier = 2;
756 if (pskType != 1){
757 if (pskType == 2){
758 //need to convert psk2 to psk1 data before sim
759 psk2TOpsk1(DemodBuffer, DemodBufferLen);
760 } else {
761 PrintAndLog("Sorry, PSK3 not yet available");
762 }
763 }
764 uint16_t arg1, arg2;
765 arg1 = clk << 8 | carrier;
766 arg2 = invert;
767 size_t size=DemodBufferLen;
768 if (size > USB_CMD_DATA_SIZE) {
769 PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
770 size=USB_CMD_DATA_SIZE;
771 }
772 UsbCommand c = {CMD_PSK_SIM_TAG, {arg1, arg2, size}};
773 PrintAndLog("DEBUG: Sending DemodBuffer Length: %d", size);
774 memcpy(c.d.asBytes, DemodBuffer, size);
775 clearCommandBuffer();
776 SendCommand(&c);
777
778 return 0;
779 }
780
781 int CmdLFSimBidir(const char *Cmd)
782 {
783 // Set ADC to twice the carrier for a slight supersampling
784 // HACK: not implemented in ARMSRC.
785 PrintAndLog("Not implemented yet.");
786 UsbCommand c = {CMD_LF_SIMULATE_BIDIR, {47, 384, 0}};
787 SendCommand(&c);
788 return 0;
789 }
790
791 int CmdVchDemod(const char *Cmd)
792 {
793 // Is this the entire sync pattern, or does this also include some
794 // data bits that happen to be the same everywhere? That would be
795 // lovely to know.
796 static const int SyncPattern[] = {
797 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
798 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
799 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
800 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
801 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
802 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
803 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
804 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
805 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
806 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
807 };
808
809 // So first, we correlate for the sync pattern, and mark that.
810 int bestCorrel = 0, bestPos = 0;
811 int i;
812 // It does us no good to find the sync pattern, with fewer than
813 // 2048 samples after it...
814 for (i = 0; i < (GraphTraceLen-2048); i++) {
815 int sum = 0;
816 int j;
817 for (j = 0; j < arraylen(SyncPattern); j++) {
818 sum += GraphBuffer[i+j]*SyncPattern[j];
819 }
820 if (sum > bestCorrel) {
821 bestCorrel = sum;
822 bestPos = i;
823 }
824 }
825 PrintAndLog("best sync at %d [metric %d]", bestPos, bestCorrel);
826
827 char bits[257];
828 bits[256] = '\0';
829
830 int worst = INT_MAX;
831 int worstPos = 0;
832
833 for (i = 0; i < 2048; i += 8) {
834 int sum = 0;
835 int j;
836 for (j = 0; j < 8; j++) {
837 sum += GraphBuffer[bestPos+i+j];
838 }
839 if (sum < 0) {
840 bits[i/8] = '.';
841 } else {
842 bits[i/8] = '1';
843 }
844 if(abs(sum) < worst) {
845 worst = abs(sum);
846 worstPos = i;
847 }
848 }
849 PrintAndLog("bits:");
850 PrintAndLog("%s", bits);
851 PrintAndLog("worst metric: %d at pos %d", worst, worstPos);
852
853 if (strcmp(Cmd, "clone")==0) {
854 GraphTraceLen = 0;
855 char *s;
856 for(s = bits; *s; s++) {
857 int j;
858 for(j = 0; j < 16; j++) {
859 GraphBuffer[GraphTraceLen++] = (*s == '1') ? 1 : 0;
860 }
861 }
862 RepaintGraphWindow();
863 }
864 return 0;
865 }
866
867
868 //by marshmellow
869 int CheckChipType(char cmdp) {
870 uint32_t wordData = 0;
871
872 if (IsOffline() || cmdp == '1') return 0;
873
874 save_restoreGB(GRAPH_SAVE);
875 save_restoreDB(GRAPH_SAVE);
876 //check for em4x05/em4x69 chips first
877 if (EM4x05Block0Test(&wordData)) {
878 PrintAndLog("\nValid EM4x05/EM4x69 Chip Found\nTry lf em 4x05... commands\n");
879 save_restoreGB(GRAPH_RESTORE);
880 save_restoreDB(GRAPH_RESTORE);
881 return 1;
882 }
883
884 //check for t55xx chip...
885 if (tryDetectP1(true)) {
886 PrintAndLog("\nValid T55xx Chip Found\nTry lf t55xx ... commands\n");
887 save_restoreGB(GRAPH_RESTORE);
888 save_restoreDB(GRAPH_RESTORE);
889 return 1;
890 }
891 save_restoreGB(GRAPH_RESTORE);
892 save_restoreDB(GRAPH_RESTORE);
893 return 0;
894 }
895
896 //by marshmellow
897 int CmdLFfind(const char *Cmd)
898 {
899 uint32_t wordData = 0;
900 int ans=0;
901 size_t minLength = 1000;
902 char cmdp = param_getchar(Cmd, 0);
903 char testRaw = param_getchar(Cmd, 1);
904 if (strlen(Cmd) > 3 || cmdp == 'h' || cmdp == 'H') {
905 PrintAndLog("Usage: lf search <0|1> [u]");
906 PrintAndLog(" <use data from Graphbuffer> , if not set, try reading data from tag.");
907 PrintAndLog(" [Search for Unknown tags] , if not set, reads only known tags.");
908 PrintAndLog("");
909 PrintAndLog(" sample: lf search = try reading data from tag & search for known tags");
910 PrintAndLog(" : lf search 1 = use data from GraphBuffer & search for known tags");
911 PrintAndLog(" : lf search u = try reading data from tag & search for known and unknown tags");
912 PrintAndLog(" : lf search 1 u = use data from GraphBuffer & search for known and unknown tags");
913
914 return 0;
915 }
916
917 if (!IsOffline() && (cmdp != '1')) {
918 lf_read(true, 30000);
919 } else if (GraphTraceLen < minLength) {
920 PrintAndLog("Data in Graphbuffer was too small.");
921 return 0;
922 }
923 if (cmdp == 'u' || cmdp == 'U') testRaw = 'u';
924
925 PrintAndLog("NOTE: some demods output possible binary\n if it finds something that looks like a tag");
926 PrintAndLog("False Positives ARE possible\n");
927 PrintAndLog("\nChecking for known tags:\n");
928
929 size_t testLen = minLength;
930 // only run if graphbuffer is just noise as it should be for hitag/cotag
931 if (graphJustNoise(GraphBuffer, testLen)) {
932 // only run these tests if we are in online mode
933 if (!IsOffline() && (cmdp != '1')) {
934 // test for em4x05 in reader talk first mode.
935 if (EM4x05Block0Test(&wordData)) {
936 PrintAndLog("\nValid EM4x05/EM4x69 Chip Found\nUse lf em 4x05readword/dump commands to read\n");
937 return 1;
938 }
939 ans=CmdLFHitagReader("26"); // 26 = RHT2F_UID_ONLY
940 if (ans==0) {
941 return 1;
942 }
943 ans=CmdCOTAGRead("");
944 if (ans>0) {
945 PrintAndLog("\nValid COTAG ID Found!");
946 return 1;
947 }
948 }
949 PrintAndLog("\nNo Data Found! - maybe not an LF tag?\n");
950 return 0;
951 }
952
953 // TODO test for modulation then only test formats that use that modulation
954
955 ans=CmdFSKdemodIO("");
956 if (ans>0) {
957 PrintAndLog("\nValid IO Prox ID Found!");
958 return CheckChipType(cmdp);
959 }
960
961 ans=CmdFSKdemodPyramid("");
962 if (ans>0) {
963 PrintAndLog("\nValid Pyramid ID Found!");
964 return CheckChipType(cmdp);
965 }
966
967 ans=CmdFSKdemodParadox("");
968 if (ans>0) {
969 PrintAndLog("\nValid Paradox ID Found!");
970 return CheckChipType(cmdp);
971 }
972
973 ans=CmdFSKdemodAWID("");
974 if (ans>0) {
975 PrintAndLog("\nValid AWID ID Found!");
976 return CheckChipType(cmdp);
977 }
978
979 ans=CmdFSKdemodHID("");
980 if (ans>0) {
981 PrintAndLog("\nValid HID Prox ID Found!");
982 return CheckChipType(cmdp);
983 }
984
985 ans=CmdAskEM410xDemod("");
986 if (ans>0) {
987 PrintAndLog("\nValid EM410x ID Found!");
988 return CheckChipType(cmdp);
989 }
990
991 ans=CmdVisa2kDemod("");
992 if (ans>0) {
993 PrintAndLog("\nValid Visa2000 ID Found!");
994 return CheckChipType(cmdp);
995 }
996
997 ans=CmdG_Prox_II_Demod("");
998 if (ans>0) {
999 PrintAndLog("\nValid G Prox II ID Found!");
1000 return CheckChipType(cmdp);
1001 }
1002
1003 ans=CmdFdxDemod(""); //biphase
1004 if (ans>0) {
1005 PrintAndLog("\nValid FDX-B ID Found!");
1006 return CheckChipType(cmdp);
1007 }
1008
1009 ans=EM4x50Read("", false); //ask
1010 if (ans>0) {
1011 PrintAndLog("\nValid EM4x50 ID Found!");
1012 return 1;
1013 }
1014
1015 ans=CmdJablotronDemod("");
1016 if (ans>0) {
1017 PrintAndLog("\nValid Jablotron ID Found!");
1018 return CheckChipType(cmdp);
1019 }
1020
1021 ans=CmdNoralsyDemod("");
1022 if (ans>0) {
1023 PrintAndLog("\nValid Noralsy ID Found!");
1024 return CheckChipType(cmdp);
1025 }
1026
1027 ans=CmdSecurakeyDemod("");
1028 if (ans>0) {
1029 PrintAndLog("\nValid Securakey ID Found!");
1030 return CheckChipType(cmdp);
1031 }
1032
1033 ans=CmdVikingDemod("");
1034 if (ans>0) {
1035 PrintAndLog("\nValid Viking ID Found!");
1036 return CheckChipType(cmdp);
1037 }
1038
1039 ans=CmdIndalaDecode(""); //psk
1040 if (ans>0) {
1041 PrintAndLog("\nValid Indala ID Found!");
1042 return CheckChipType(cmdp);
1043 }
1044
1045 ans=CmdPSKNexWatch("");
1046 if (ans>0) {
1047 PrintAndLog("\nValid NexWatch ID Found!");
1048 return CheckChipType(cmdp);
1049 }
1050
1051 ans=CmdPacDemod("");
1052 if (ans>0) {
1053 PrintAndLog("\nValid PAC/Stanley ID Found!");
1054 return CheckChipType(cmdp);
1055 }
1056
1057 PrintAndLog("\nNo Known Tags Found!\n");
1058 if (testRaw=='u' || testRaw=='U') {
1059 //ans=CheckChipType(cmdp);
1060 //test unknown tag formats (raw mode)0
1061 PrintAndLog("\nChecking for Unknown tags:\n");
1062 ans=AutoCorrelate(GraphBuffer, GraphBuffer, GraphTraceLen, 4000, false, false);
1063 if (ans > 0) PrintAndLog("Possible Auto Correlation of %d repeating samples",ans);
1064 ans=GetFskClock("",false,false);
1065 if (ans != 0) { //fsk
1066 ans=FSKrawDemod("",true);
1067 if (ans>0) {
1068 PrintAndLog("\nUnknown FSK Modulated Tag Found!");
1069 return CheckChipType(cmdp);
1070 }
1071 }
1072 bool st = true;
1073 ans=ASKDemod_ext("0 0 0",true,false,1,&st);
1074 if (ans>0) {
1075 PrintAndLog("\nUnknown ASK Modulated and Manchester encoded Tag Found!");
1076 PrintAndLog("\nif it does not look right it could instead be ASK/Biphase - try 'data rawdemod ab'");
1077 return CheckChipType(cmdp);
1078 }
1079 ans=CmdPSK1rawDemod("");
1080 if (ans>0) {
1081 PrintAndLog("Possible unknown PSK1 Modulated Tag Found above!\n\nCould also be PSK2 - try 'data rawdemod p2'");
1082 PrintAndLog("\nCould also be PSK3 - [currently not supported]");
1083 PrintAndLog("\nCould also be NRZ - try 'data rawdemod nr'");
1084 return CheckChipType(cmdp);
1085 }
1086 ans = CheckChipType(cmdp);
1087 PrintAndLog("\nNo Data Found!\n");
1088 }
1089 return 0;
1090 }
1091
1092 static command_t CommandTable[] =
1093 {
1094 {"help", CmdHelp, 1, "This help"},
1095 {"awid", CmdLFAWID, 1, "{ AWID RFIDs... }"},
1096 {"cotag", CmdLFCOTAG, 1, "{ COTAG CHIPs... }"},
1097 {"em", CmdLFEM4X, 1, "{ EM4X CHIPs & RFIDs... }"},
1098 {"fdx", CmdLFFdx, 1, "{ FDX-B RFIDs... }"},
1099 {"gproxii", CmdLF_G_Prox_II, 1, "{ G Prox II RFIDs... }"},
1100 {"hid", CmdLFHID, 1, "{ HID RFIDs... }"},
1101 {"hitag", CmdLFHitag, 1, "{ Hitag CHIPs... }"},
1102 {"io", CmdLFIO, 1, "{ ioProx RFIDs... }"},
1103 {"indala", CmdLFINDALA, 1, "{ Indala RFIDs... }"},
1104 {"jablotron", CmdLFJablotron, 1, "{ Jablotron RFIDs... }"},
1105 {"nexwatch", CmdLFNexWatch, 1, "{ NexWatch RFIDs... }"},
1106 {"noralsy", CmdLFNoralsy, 1, "{ Noralsy RFIDs... }"},
1107 {"pac", CmdLFPac, 1, "{ PAC/Stanley RFIDs... }"},
1108 {"paradox", CmdLFParadox, 1, "{ Paradox RFIDs... }"},
1109 {"presco", CmdLFPresco, 1, "{ Presco RFIDs... }"},
1110 {"pcf7931", CmdLFPCF7931, 1, "{ PCF7931 CHIPs... }"},
1111 {"pyramid", CmdLFPyramid, 1, "{ Farpointe/Pyramid RFIDs... }"},
1112 {"securakey", CmdLFSecurakey, 1, "{ Securakey RFIDs... }"},
1113 {"t55xx", CmdLFT55XX, 1, "{ T55xx CHIPs... }"},
1114 {"ti", CmdLFTI, 1, "{ TI CHIPs... }"},
1115 {"viking", CmdLFViking, 1, "{ Viking RFIDs... }"},
1116 {"visa2000", CmdLFVisa2k, 1, "{ Visa2000 RFIDs... }"},
1117 {"cmdread", CmdLFCommandRead, 0, "<d period> <z period> <o period> <c command> ['H'] -- Modulate LF reader field to send command before read (all periods in microseconds) (option 'H' for 134)"},
1118 {"config", CmdLFSetConfig, 0, "Set config for LF sampling, bit/sample, decimation, frequency"},
1119 {"flexdemod", CmdFlexdemod, 1, "Demodulate samples for FlexPass"},
1120 {"read", CmdLFRead, 0, "['s' silent] Read 125/134 kHz LF ID-only tag. Do 'lf read h' for help"},
1121 {"search", CmdLFfind, 1, "[offline] ['u'] Read and Search for valid known tag (in offline mode it you can load first then search) - 'u' to search for unknown tags"},
1122 {"sim", CmdLFSim, 0, "[GAP] -- Simulate LF tag from buffer with optional GAP (in microseconds)"},
1123 {"simask", CmdLFaskSim, 0, "[clock] [invert <1|0>] [biphase/manchester/raw <'b'|'m'|'r'>] [msg separator 's'] [d <hexdata>] -- Simulate LF ASK tag from demodbuffer or input"},
1124 {"simfsk", CmdLFfskSim, 0, "[c <clock>] [i] [H <fcHigh>] [L <fcLow>] [d <hexdata>] -- Simulate LF FSK tag from demodbuffer or input"},
1125 {"simpsk", CmdLFpskSim, 0, "[1|2|3] [c <clock>] [i] [r <carrier>] [d <raw hex to sim>] -- Simulate LF PSK tag from demodbuffer or input"},
1126 {"simbidir", CmdLFSimBidir, 0, "Simulate LF tag (with bidirectional data transmission between reader and tag)"},
1127 {"snoop", CmdLFSnoop, 0, "['l'|'h'|<divisor>] [trigger threshold]-- Snoop LF (l:125khz, h:134khz)"},
1128 {"vchdemod", CmdVchDemod, 1, "['clone'] -- Demodulate samples for VeriChip"},
1129 {NULL, NULL, 0, NULL}
1130 };
1131
1132 int CmdLF(const char *Cmd)
1133 {
1134 CmdsParse(CommandTable, Cmd);
1135 return 0;
1136 }
1137
1138 int CmdHelp(const char *Cmd)
1139 {
1140 CmdsHelp(CommandTable);
1141 return 0;
1142 }
Proxmark3 GIT tracking
Impressum, Datenschutz