add lf PAC/Stanley tag read (#354)
authormarshmellow42 <marshmellow42@users.noreply.github.com>
Fri, 14 Jul 2017 12:04:46 +0000 (08:04 -0400)
committerpwpiwi <pwpiwi@users.noreply.github.com>
Fri, 14 Jul 2017 12:04:46 +0000 (14:04 +0200)
lf pac read - read from antenna and demod
lf pac demod - demodulate from graphbuffer
fix typo in securakey

CHANGELOG.md
client/cmdlf.c
client/cmdlfpac.c [new file with mode: 0644]
client/cmdlfpac.h [new file with mode: 0644]
client/cmdlfsecurakey.c

index 6fdda88ba8313abcf0c52b1623fa21244096d975..f34b78f03108934f380ef8bdf5246ba07ccf10d8 100644 (file)
@@ -11,9 +11,11 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
 ### Fixed
 
 ### Added
+- Added PAC/Stanley detection to lf search (marshmellow)
+- Added lf pac demod and lf pac read - extracts the raw blocks from a PAC/Stanley tag (marshmellow)
 - Added hf mf c* commands compatibity for 4k and gen1b backdoor (Fl0-0)
 - Added backdoor detection for gen1b magic s70/4k tag (Fl0-0)
-- Added data fsktonrz, a fsk cleaning/demodulating routine for weak fsk signal. Note: follow this up with a `data rawdemod nr` to finish demoding your signal.
+- Added data fsktonrz, a fsk cleaning/demodulating routine for weak fsk signal. Note: follow this up with a `data rawdemod nr` to finish demoding your signal. (marshmellow)
 - Added lf em 410xbrute, LF EM410x reader bruteforce attack by simulating UIDs from a file (Fl0-0)
 
 ## [3.0.1][2017-06-08]
index 79bcee0b82ce99183d5dce3a40f6725b7fa2d077..28b758b6fbb2ca7b895c838d3f7fb4b0864fb877 100644 (file)
@@ -45,6 +45,7 @@
 #include "cmdlfjablotron.h" //for jablotron menu
 #include "cmdlfnoralsy.h"// for noralsy menu
 #include "cmdlfsecurakey.h"//for securakey menu
+#include "cmdlfpac.h"    // for pac menu
 
 bool g_lf_threshold_set = false;
 static int CmdHelp(const char *Cmd);
@@ -1055,6 +1056,12 @@ int CmdLFfind(const char *Cmd)
                return CheckChipType(cmdp);
        }
 
+       ans=CmdPacDemod("");
+       if (ans>0) {
+               PrintAndLog("\nValid PAC/Stanley ID Found!");
+               return CheckChipType(cmdp);             
+       }
+
        PrintAndLog("\nNo Known Tags Found!\n");
        if (testRaw=='u' || testRaw=='U') {
                //ans=CheckChipType(cmdp);
@@ -1105,6 +1112,7 @@ static command_t CommandTable[] =
        {"jablotron",   CmdLFJablotron,     1, "{ Jablotron RFIDs...         }"},
        {"nexwatch",    CmdLFNexWatch,      1, "{ NexWatch RFIDs...          }"},
        {"noralsy",     CmdLFNoralsy,       1, "{ Noralsy RFIDs...           }"},
+       {"pac",         CmdLFPac,           1, "{ PAC/Stanley RFIDs...       }"},
        {"paradox",     CmdLFParadox,       1, "{ Paradox RFIDs...           }"},
        {"presco",      CmdLFPresco,        1, "{ Presco RFIDs...            }"},
        {"pcf7931",     CmdLFPCF7931,       1, "{ PCF7931 CHIPs...           }"},
diff --git a/client/cmdlfpac.c b/client/cmdlfpac.c
new file mode 100644 (file)
index 0000000..ef6b394
--- /dev/null
@@ -0,0 +1,100 @@
+//-----------------------------------------------------------------------------
+//
+// This code is licensed to you under the terms of the GNU GPL, version 2 or,
+// at your option, any later version. See the LICENSE.txt file for the text of
+// the license.
+//-----------------------------------------------------------------------------
+// Low frequency Stanley/PAC tag commands
+// NRZ, RF/32, 128 bits long (unknown cs)
+//-----------------------------------------------------------------------------
+#include "cmdlfpac.h"
+#include <string.h>
+#include <inttypes.h>
+#include "proxmark3.h"
+#include "ui.h"
+#include "util.h"
+#include "graph.h"
+#include "cmdparser.h"
+#include "cmddata.h"
+#include "cmdmain.h"
+#include "cmdlf.h"
+#include "lfdemod.h"    // preamble test
+
+static int CmdHelp(const char *Cmd);
+
+// by marshmellow
+// find PAC preamble in already demoded data
+int PacFind(uint8_t *dest, size_t *size) {
+       if (*size < 128) return -1; //make sure buffer has data
+       size_t startIdx = 0;
+       uint8_t preamble[] = {1,1,1,1,1,1,1,1,0,0,1,0,0,0,0,0,0,1,0};
+       if (!preambleSearch(dest, preamble, sizeof(preamble), size, &startIdx))
+               return -2; //preamble not found
+       if (*size != 128) return -3; //wrong demoded size
+       //return start position
+       return (int)startIdx;
+}
+
+//see NRZDemod for what args are accepted
+int CmdPacDemod(const char *Cmd) {
+
+       //NRZ
+       if (!NRZrawDemod(Cmd, false)) {
+               if (g_debugMode) PrintAndLog("DEBUG: Error - PAC: NRZ Demod failed");
+               return 0;
+       }
+       size_t size = DemodBufferLen;
+       int ans = PacFind(DemodBuffer, &size);
+       if (ans < 0) {
+               if (g_debugMode) {
+                       if (ans == -1)
+                               PrintAndLog("DEBUG: Error - PAC: too few bits found");
+                       else if (ans == -2)
+                               PrintAndLog("DEBUG: Error - PAC: preamble not found");
+                       else if (ans == -3)
+                               PrintAndLog("DEBUG: Error - PAC: Size not correct: %d", size);
+                       else
+                               PrintAndLog("DEBUG: Error - PAC: ans: %d", ans);
+               }
+               return 0;
+       }
+       setDemodBuf(DemodBuffer, 128, ans);
+       setClockGrid(g_DemodClock, g_DemodStartIdx + (ans*g_DemodClock));
+
+       //got a good demod
+       uint32_t raw1 = bytebits_to_byte(DemodBuffer   , 32);
+       uint32_t raw2 = bytebits_to_byte(DemodBuffer+32, 32);
+       uint32_t raw3 = bytebits_to_byte(DemodBuffer+64, 32);
+       uint32_t raw4 = bytebits_to_byte(DemodBuffer+96, 32);
+
+       // preamble     then appears to have marker bits of "10"                                                                                                                                       CS?    
+       // 11111111001000000 10 01001100 10 00001101 10 00001101 10 00001101 10 00001101 10 00001101 10 00001101 10 00001101 10 00001101 10 10001100 10 100000001
+       // unknown checksum 9 bits at the end
+       
+       PrintAndLog("PAC/Stanley Tag Found -- Raw: %08X%08X%08X%08X", raw1 ,raw2, raw3, raw4);
+       PrintAndLog("\nHow the Raw ID is translated by the reader is unknown");
+       return 1;
+}
+
+int CmdPacRead(const char *Cmd) {
+       lf_read(true, 4096*2 + 20);
+       return CmdPacDemod(Cmd);
+}
+
+static command_t CommandTable[] = {
+       {"help",  CmdHelp,    1, "This help"},
+       {"demod", CmdPacDemod,1, "Attempt to read and extract tag data from the GraphBuffer"},
+       {"read",  CmdPacRead, 0, "Attempt to read and extract tag data from the antenna"},
+       {NULL, NULL, 0, NULL}
+};
+
+int CmdLFPac(const char *Cmd) {
+       clearCommandBuffer();
+       CmdsParse(CommandTable, Cmd);
+       return 0;
+}
+
+int CmdHelp(const char *Cmd) {
+       CmdsHelp(CommandTable);
+       return 0;
+}
diff --git a/client/cmdlfpac.h b/client/cmdlfpac.h
new file mode 100644 (file)
index 0000000..99b35a5
--- /dev/null
@@ -0,0 +1,17 @@
+//-----------------------------------------------------------------------------
+//
+// This code is licensed to you under the terms of the GNU GPL, version 2 or,
+// at your option, any later version. See the LICENSE.txt file for the text of
+// the license.
+//-----------------------------------------------------------------------------
+// Low frequency Securakey tag commands
+//-----------------------------------------------------------------------------
+#ifndef CMDLFPAC_H__
+#define CMDLFPAC_H__
+
+extern int CmdLFPac(const char *Cmd);
+extern int CmdPacRead(const char *Cmd);
+extern int CmdPacDemod(const char *Cmd);
+
+#endif
+
index 8085eedc909ec3cb259567ff5d94aa8dd648967c..8ae81250fb06fb3b995ec048d937291b9eabb099 100644 (file)
@@ -44,7 +44,7 @@ int CmdSecurakeyDemod(const char *Cmd) {
        //ASK / Manchester
        bool st = false;
        if (!ASKDemod_ext("40 0 0", false, false, 1, &st)) {
-               if (g_debugMode) PrintAndLog("DEBUG: Error - Noralsy: ASK/Manchester Demod failed");
+               if (g_debugMode) PrintAndLog("DEBUG: Error - Securakey: ASK/Manchester Demod failed");
                return 0;
        }
        if (st) return 0;
Impressum, Datenschutz