X-Git-Url: http://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/4888b2819574627efea9bd7d23444d785c5a2077..7781a65656e334a44ded56f6378a167a30afa2e5:/client/cmdhficlass.c diff --git a/client/cmdhficlass.c b/client/cmdhficlass.c index 03b39021..dd0a8e2f 100644 --- a/client/cmdhficlass.c +++ b/client/cmdhficlass.c @@ -329,8 +329,8 @@ int CmdHFiClassReader_Dump(const char *Cmd) printvar("MAC", MAC, 4); uint8_t iclass_data[32000] = {0}; - uint8_t iclass_datalen = 0; - uint8_t iclass_blocksFailed = 0;//Set to 1 if dump was incomplete + uint32_t iclass_datalen = 0; + uint32_t iclass_blocksFailed = 0;//Set to 1 if dump was incomplete UsbCommand d = {CMD_READER_ICLASS_REPLAY, {readerType}}; memcpy(d.d.asBytes, MAC, 4); @@ -346,11 +346,11 @@ int CmdHFiClassReader_Dump(const char *Cmd) } if(WaitForResponseTimeout(CMD_ACK,&resp,4500)) { - uint64_t dataLength = resp.arg[0]; + uint32_t dataLength = resp.arg[0]; iclass_blocksFailed |= resp.arg[1]; - if(dataLength > 0) { + PrintAndLog("Got %d bytes data (total so far %d)" ,dataLength,iclass_datalen); memcpy(iclass_data, resp.d.asBytes,dataLength); iclass_datalen += dataLength; }else @@ -368,7 +368,6 @@ int CmdHFiClassReader_Dump(const char *Cmd) CSN[0],CSN[1],CSN[2],CSN[3], CSN[4],CSN[5],CSN[6],CSN[7]); saveFile(filename,"bin",iclass_data, iclass_datalen ); - } //Aaaand we're finished return 0; @@ -380,6 +379,78 @@ int CmdHFiClassReader_Dump(const char *Cmd) return 0; } +int hf_iclass_eload_usage() +{ + PrintAndLog("Loads iclass tag-dump into emulator memory on device"); + PrintAndLog("Usage: hf iclass eload f "); + PrintAndLog(""); + PrintAndLog("Example: hf iclass eload f iclass_tagdump-aa162d30f8ff12f1.bin"); + return 0; + +} + +int iclassEmlSetMem(uint8_t *data, int blockNum, int blocksCount) { + UsbCommand c = {CMD_MIFARE_EML_MEMSET, {blockNum, blocksCount, 0}}; + memcpy(c.d.asBytes, data, blocksCount * 16); + SendCommand(&c); + return 0; +} +int CmdHFiClassELoad(const char *Cmd) +{ + + char opt = param_getchar(Cmd, 0); + if (strlen(Cmd)<1 || opt == 'h') + return hf_iclass_eload_usage(); + + //File handling and reading + FILE *f; + char filename[FILE_PATH_SIZE]; + if(opt == 'f' && param_getstr(Cmd, 1, filename) > 0) + { + f = fopen(filename, "rb"); + }else{ + return hf_iclass_eload_usage(); + } + + if(!f) { + PrintAndLog("Failed to read from file '%s'", filename); + return 1; + } + + fseek(f, 0, SEEK_END); + long fsize = ftell(f); + fseek(f, 0, SEEK_SET); + + uint8_t *dump = malloc(fsize); + size_t bytes_read = fread(dump, 1, fsize, f); + fclose(f); + + //Validate + + if (bytes_read < fsize) + { + prnlog("Error, could only read %d bytes (should be %d)",bytes_read, fsize ); + free(dump); + return 1; + } + //Send to device + uint32_t bytes_sent = 0; + uint32_t bytes_remaining = bytes_read; + + while(bytes_remaining > 0){ + uint32_t bytes_in_packet = MIN(USB_CMD_DATA_SIZE, bytes_remaining); + UsbCommand c = {CMD_ICLASS_EML_MEMSET, {bytes_sent,bytes_in_packet,0}}; + memcpy(c.d.asBytes, dump, bytes_in_packet); + SendCommand(&c); + bytes_remaining -= bytes_in_packet; + bytes_sent += bytes_in_packet; + } + free(dump); + PrintAndLog("Sent %d bytes of data to device emulator memory", bytes_sent); + return 0; +} + + int CmdHFiClass_iso14443A_write(const char *Cmd) { uint8_t readerType = 0; @@ -428,7 +499,7 @@ int CmdHFiClass_iso14443A_write(const char *Cmd) memcpy(CSN,data,8); memcpy(CCNR,data+8,8); PrintAndLog("DEBUG: %s",sprint_hex(CSN,8)); - PrintAndLog("DEBUG: %s",sprint_hex(CCNR,8)); + PrintAndLog("DEBUG: %s",sprint_hex(CCNR,8)); PrintAndLog("isOk:%02x", isOK); } else { PrintAndLog("Command execute timeout"); @@ -514,6 +585,7 @@ static command_t CommandTable[] = {"dump", CmdHFiClassReader_Dump, 0, "Authenticate and Dump iClass tag"}, {"write", CmdHFiClass_iso14443A_write, 0, "Authenticate and Write iClass block"}, {"loclass", CmdHFiClass_loclass, 1, "Use loclass to perform bruteforce of reader attack dump"}, + {"eload", CmdHFiClassELoad, 0, "[experimental] Load data into iclass emulator memory"}, {NULL, NULL, 0, NULL} };