From: iceman1001 Date: Wed, 7 Jan 2015 10:09:05 +0000 (+0100) Subject: Merge branch 'master' of https://github.com/Proxmark/proxmark3 X-Git-Tag: v2.0.0-rc1~60 X-Git-Url: http://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/commitdiff_plain/4888b2819574627efea9bd7d23444d785c5a2077?hp=-c Merge branch 'master' of https://github.com/Proxmark/proxmark3 --- 4888b2819574627efea9bd7d23444d785c5a2077 diff --combined armsrc/iclass.c index 625cf39b,2b28b793..ea9af7d4 --- a/armsrc/iclass.c +++ b/armsrc/iclass.c @@@ -433,6 -433,7 +433,6 @@@ static RAMFUNC int ManchesterDecoding(i else { modulation = bit & Demod.syncBit; modulation |= ((bit << 1) ^ ((Demod.buffer & 0x08) >> 3)) & Demod.syncBit; - //modulation = ((bit << 1) ^ ((Demod.buffer & 0x08) >> 3)) & Demod.syncBit; Demod.samples += 4; @@@ -841,7 -842,10 +841,7 @@@ static int GetIClassCommandFromReader(u } if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) { uint8_t b = (uint8_t)AT91C_BASE_SSC->SSC_RHR; - /*if(OutOfNDecoding((b & 0xf0) >> 4)) { - *len = Uart.byteCnt; - return TRUE; - }*/ + if(OutOfNDecoding(b & 0x0f)) { *len = Uart.byteCnt; return TRUE; @@@ -997,6 -1001,8 +997,6 @@@ void SimulateIClass(uint32_t arg0, uint */ int doIClassSimulation(uint8_t csn[], int breakAfterMacReceived, uint8_t *reader_mac_buf) { - - // CSN followed by two CRC bytes uint8_t response2[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; uint8_t response3[] = { 0,0,0,0,0,0,0,0,0,0}; @@@ -1100,7 -1106,6 +1100,7 @@@ //Signal tracer // Can be used to get a trigger for an oscilloscope.. LED_C_OFF(); + if(!GetIClassCommandFromReader(receivedCmd, &len, 100)) { buttonPressed = true; break; @@@ -1363,6 -1368,7 +1363,6 @@@ void ReaderTransmitIClass(uint8_t* fram int samples = 0; // This is tied to other size changes - // uint8_t* frame_addr = ((uint8_t*)BigBuf) + 2024; CodeIClassCommand(frame,len); // Select the card @@@ -1417,7 -1423,10 +1417,7 @@@ static int GetIClassAnswer(uint8_t *rec b = (uint8_t)AT91C_BASE_SSC->SSC_RHR; skip = !skip; if(skip) continue; - /*if(ManchesterDecoding((b>>4) & 0xf)) { - *samples = ((c - 1) << 3) + 4; - return TRUE; - }*/ + if(ManchesterDecoding(b & 0x0f)) { *samples = c << 3; return TRUE; @@@ -1585,7 -1594,7 +1585,7 @@@ void ReaderIClass(uint8_t arg0) void ReaderIClass_Replay(uint8_t arg0, uint8_t *MAC) { - uint8_t card_data[24]={0}; + uint8_t card_data[USB_CMD_DATA_SIZE]={0}; uint16_t block_crc_LUT[255] = {0}; {//Generate a lookup table for block crc @@@ -1658,7 -1667,10 +1658,10 @@@ cardsize = memory.k16 ? 255 : 32; WDT_HIT(); - + //Set card_data to all zeroes, we'll fill it with data + memset(card_data,0x0,USB_CMD_DATA_SIZE); + uint8_t failedRead =0; + uint8_t stored_data_length =0; //then loop around remaining blocks for(int block=0; block < cardsize; block++){ @@@ -1674,14 -1686,47 +1677,47 @@@ resp[3], resp[4], resp[5], resp[6], resp[7]); + //Fill up the buffer + memcpy(card_data+stored_data_length,resp,8); + stored_data_length += 8; + + if(stored_data_length +8 > USB_CMD_DATA_SIZE) + {//Time to send this off and start afresh + cmd_send(CMD_ACK, + stored_data_length,//data length + failedRead,//Failed blocks? + 0,//Not used ATM + card_data, stored_data_length); + //reset + stored_data_length = 0; + failedRead = 0; + } + }else{ + failedRead = 1; + stored_data_length +=8;//Otherwise, data becomes misaligned Dbprintf("Failed to dump block %d", block); - } } + //Send off any remaining data + if(stored_data_length > 0) + { + cmd_send(CMD_ACK, + stored_data_length,//data length + failedRead,//Failed blocks? + 0,//Not used ATM + card_data, stored_data_length); + } //If we got here, let's break break; } + //Signal end of transmission + cmd_send(CMD_ACK, + 0,//data length + 0,//Failed blocks? + 0,//Not used ATM + card_data, 0); + LED_A_OFF(); } diff --combined client/cmdhficlass.c index b097eea8,ee7c0d6c..03b39021 --- a/client/cmdhficlass.c +++ b/client/cmdhficlass.c @@@ -16,6 -16,7 +16,6 @@@ #include #include "iso14443crc.h" // Can also be used for iClass, using 0xE012 as CRC-type #include "data.h" -//#include "proxusb.h" #include "proxmark3.h" #include "ui.h" #include "cmdparser.h" @@@ -271,87 -272,111 +271,111 @@@ int CmdHFiClassReader_Dump(const char * uint8_t key_sel[8] = {0}; uint8_t key_sel_p[8] = { 0 }; - //HACK -- Below is for testing without access to a tag - uint8_t fake_dummy_test = false; - if(fake_dummy_test) - { - uint8_t xdata[16] = {0x01,0x02,0x03,0x04,0xF7,0xFF,0x12,0xE0, //CSN from http://www.proxmark.org/forum/viewtopic.php?pid=11230#p11230 - 0xFE,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}; // Just a random CC. Would be good to add a real testcase here - memcpy(resp.d.asBytes,xdata, 16); - resp.arg[0] = 2; - } - - //End hack - - UsbCommand c = {CMD_READER_ICLASS, {0}}; c.arg[0] = FLAG_ICLASS_READER_ONLY_ONCE| FLAG_ICLASS_READER_GET_CC; - if(!fake_dummy_test) - SendCommand(&c); + SendCommand(&c); - if (fake_dummy_test || WaitForResponseTimeout(CMD_ACK,&resp,4500)) { - uint8_t isOK = resp.arg[0] & 0xff; - uint8_t * data = resp.d.asBytes; + if (!WaitForResponseTimeout(CMD_ACK,&resp,4500)) + { + PrintAndLog("Command execute timeout"); + return 0; + } - memcpy(CSN,data,8); - memcpy(CCNR,data+8,8); + uint8_t isOK = resp.arg[0] & 0xff; + uint8_t * data = resp.d.asBytes; - PrintAndLog("isOk:%02x", isOK); + memcpy(CSN,data,8); + memcpy(CCNR,data+8,8); - if(isOK > 0) - { - PrintAndLog("CSN: %s",sprint_hex(CSN,8)); - } - if(isOK > 1) - { - if(elite) - { - //Get the key index (hash1) - uint8_t key_index[8] = {0}; - - hash1(CSN, key_index); - printvar("hash1", key_index,8); - for(i = 0; i < 8 ; i++) - key_sel[i] = keytable[key_index[i]] & 0xFF; - PrintAndLog("Pre-fortified 'permuted' HS key that would be needed by an iclass reader to talk to above CSN:"); - printvar("k_sel", key_sel,8); - //Permute from iclass format to standard format - permutekey_rev(key_sel,key_sel_p); - used_key = key_sel_p; - }else{ - //Perhaps this should also be permuted to std format? - // Something like the code below? I have no std system - // to test this with /Martin + PrintAndLog("isOk:%02x", isOK); - //uint8_t key_sel_p[8] = { 0 }; - //permutekey_rev(KEY,key_sel_p); - //used_key = key_sel_p; + if(isOK > 0) + { + PrintAndLog("CSN: %s",sprint_hex(CSN,8)); + } + if(isOK <= 1){ + PrintAndLog("Failed to obtain CC! Aborting"); + return 0; + } + //Status 2 or higher - used_key = KEY; + if(elite) + { + //Get the key index (hash1) + uint8_t key_index[8] = {0}; + + hash1(CSN, key_index); + printvar("hash1", key_index,8); + for(i = 0; i < 8 ; i++) + key_sel[i] = keytable[key_index[i]] & 0xFF; + PrintAndLog("Pre-fortified 'permuted' HS key that would be needed by an iclass reader to talk to above CSN:"); + printvar("k_sel", key_sel,8); + //Permute from iclass format to standard format + permutekey_rev(key_sel,key_sel_p); + used_key = key_sel_p; + }else{ + used_key = KEY; + } - } + PrintAndLog("Pre-fortified key that would be needed by the OmniKey reader to talk to above CSN:"); + printvar("Used key",used_key,8); + diversifyKey(CSN,used_key, div_key); + PrintAndLog("Hash0, a.k.a diversified key, that is computed using Ksel and stored in the card (Block 3):"); + printvar("Div key", div_key, 8); + printvar("CC_NR:",CCNR,12); + doMAC(CCNR,12,div_key, MAC); + printvar("MAC", MAC, 4); + + uint8_t iclass_data[32000] = {0}; + uint8_t iclass_datalen = 0; + uint8_t iclass_blocksFailed = 0;//Set to 1 if dump was incomplete + + UsbCommand d = {CMD_READER_ICLASS_REPLAY, {readerType}}; + memcpy(d.d.asBytes, MAC, 4); + clearCommandBuffer(); + SendCommand(&d); + PrintAndLog("Waiting for device to dump data. Press button on device and key on keyboard to abort..."); + while (true) { + printf("."); + if (ukbhit()) { + getchar(); + printf("\naborted via keyboard!\n"); + break; + } + if(WaitForResponseTimeout(CMD_ACK,&resp,4500)) + { + uint64_t dataLength = resp.arg[0]; + iclass_blocksFailed |= resp.arg[1]; + + if(dataLength > 0) + { + memcpy(iclass_data, resp.d.asBytes,dataLength); + iclass_datalen += dataLength; + }else + {//Last transfer, datalength 0 means the dump is finished + PrintAndLog("Dumped %d bytes of data from tag. ", iclass_datalen); + if(iclass_blocksFailed) + { + PrintAndLog("OBS! Some blocks failed to be dumped correctly!"); + } + if(iclass_datalen > 0) + { + char filename[100] = {0}; + //create a preferred filename + snprintf(filename, 100,"iclass_tagdump-%02x%02x%02x%02x%02x%02x%02x%02x", + CSN[0],CSN[1],CSN[2],CSN[3], + CSN[4],CSN[5],CSN[6],CSN[7]); + saveFile(filename,"bin",iclass_data, iclass_datalen ); + + } + //Aaaand we're finished + return 0; + } + } + } - PrintAndLog("Pre-fortified key that would be needed by the OmniKey reader to talk to above CSN:"); - printvar("Used key",used_key,8); - diversifyKey(CSN,used_key, div_key); - PrintAndLog("Hash0, a.k.a diversified key, that is computed using Ksel and stored in the card (Block 3):"); - printvar("Div key", div_key, 8); - printvar("CC_NR:",CCNR,12); - doMAC(CCNR,12,div_key, MAC); - printvar("MAC", MAC, 4); - - UsbCommand d = {CMD_READER_ICLASS_REPLAY, {readerType}}; - memcpy(d.d.asBytes, MAC, 4); - if(!fake_dummy_test) SendCommand(&d); - - }else{ - PrintAndLog("Failed to obtain CC! Aborting"); - } - } else { - PrintAndLog("Command execute timeout"); - } return 0; } diff --combined client/loclass/fileutils.c index f96f8652,e2ca5ce5..206d9695 --- a/client/loclass/fileutils.c +++ b/client/loclass/fileutils.c @@@ -11,14 -11,8 +11,14 @@@ * @return */ int fileExists(const char *filename) { + +#ifdef _WIN32 + struct _stat st; + int result = _stat(filename, &st); +#else struct stat st; int result = stat(filename, &st); +#endif return result == 0; } @@@ -46,7 -40,7 +46,7 @@@ int saveFile(const char *preferredName } fwrite(data, 1, datalen, fileHandle); fclose(fileHandle); - PrintAndLog(">Saved data to '%s'", fileName); + PrintAndLog("Saved data to '%s'", fileName); free(fileName);