From: iceman1001 Date: Tue, 6 Jan 2015 16:43:31 +0000 (+0100) Subject: CHG: rename the HF MFU * commands. X-Git-Url: http://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/commitdiff_plain/e3ab50cafb66e8d594a4946537594e01882d9242 CHG: rename the HF MFU * commands. ADD: added a HF MFU INFO commmand, where you can see some tag info. Used to be in the readcard command. FIX: minor code clean up for ultralight & desfire commands in armsrc/mifarecmd.c, armsrc/mifaredesfire.c, armsrc/mifareutil.c CHG: Lowered the default MF_DBGLEVEL, it set to MF_DBG_ERROR. CHG: lowered a testing value for timeout in cmdhf14a.c --- diff --git a/armsrc/mifarecmd.c b/armsrc/mifarecmd.c index fc480a38..d2497977 100644 --- a/armsrc/mifarecmd.c +++ b/armsrc/mifarecmd.c @@ -90,8 +90,8 @@ void MifareReadBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) void MifareUC_Auth1(uint8_t arg0, uint8_t *datain){ // variables byte_t isOK = 0; - byte_t dataoutbuf[16]; - uint8_t uid[10]; + byte_t dataoutbuf[16] = {0x00}; + uint8_t uid[10] = {0x00}; uint32_t cuid; // clear trace @@ -116,18 +116,15 @@ void MifareUC_Auth1(uint8_t arg0, uint8_t *datain){ LED_B_ON(); cmd_send(CMD_ACK,isOK,cuid,0,dataoutbuf,11); - LED_B_OFF(); - // Thats it... LEDsoff(); } void MifareUC_Auth2(uint32_t arg0, uint8_t *datain){ - // params + uint32_t cuid = arg0; - uint8_t key[16]={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}; - // variables + uint8_t key[16] = {0x00}; byte_t isOK = 0; - byte_t dataoutbuf[16]; + byte_t dataoutbuf[16] = {0x00}; memcpy(key, datain, 16); @@ -138,11 +135,11 @@ void MifareUC_Auth2(uint32_t arg0, uint8_t *datain){ if(mifare_ultra_auth2(cuid, key, dataoutbuf)){ if (MF_DBGLEVEL >= 1) Dbprintf("Authentication part2: Fail..."); } - isOK=1; + isOK = 1; if (MF_DBGLEVEL >= 2) DbpString("AUTH 2 FINISHED"); LED_B_ON(); - cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,11); + cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,11); LED_B_OFF(); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); @@ -156,8 +153,8 @@ void MifareUReadBlock(uint8_t arg0,uint8_t *datain) // variables byte_t isOK = 0; - byte_t dataoutbuf[16]; - uint8_t uid[10]; + byte_t dataoutbuf[16] = {0x00}; + uint8_t uid[10] = {0x00}; uint32_t cuid; // clear trace @@ -269,57 +266,62 @@ void MifareUReadCard(uint8_t arg0, int arg1, uint8_t *datain) { // params uint8_t sectorNo = arg0; - int Pages=arg1; - int count_Pages=0; - // variables - byte_t isOK = 0; - byte_t dataoutbuf[176]; - uint8_t uid[10]; + int Pages = arg1; + int count_Pages = 0; + byte_t dataoutbuf[176] = {0x00};; + uint8_t uid[10] = {0x00}; uint32_t cuid; - // clear trace iso14a_clear_trace(); - iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); LED_A_ON(); LED_B_OFF(); LED_C_OFF(); - Dbprintf("Pages %d",Pages); - while (true) { - if(!iso14443a_select_card(uid, NULL, &cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); - break; - }; - for(int sec=0;sec= 1) Dbprintf("Read block %d error",sec); - break; - }else{ - count_Pages++; - }; - } - if(mifare_ultra_halt(cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); - break; - }; - - isOK = 1; - break; - } - Dbprintf("Pages read %d",count_Pages); - if (MF_DBGLEVEL >= 2) DbpString("READ CARD FINISHED"); - - LED_B_ON(); - if (Pages==16) cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,64); - if (Pages==44 && count_Pages==16) cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,64); - if (Pages==44 && count_Pages>16) cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,176); - LED_B_OFF(); + + if (MF_DBGLEVEL >= MF_DBG_ALL) + Dbprintf("Pages %d",Pages); + + if (!iso14443a_select_card(uid, NULL, &cuid)) { + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("Can't select card"); + OnError(); + return; + } + + for (int i = 0; i < Pages; i++){ + if (mifare_ultra_readblock(cuid, sectorNo * 4 + i, dataoutbuf + 4 * i)) { + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("Read block %d error",i); + OnError(); + return; + } else { + count_Pages++; + } + } + + if (mifare_ultra_halt(cuid)) { + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("Halt error"); + OnError(); + return; + } + + if (MF_DBGLEVEL >= MF_DBG_ALL) { + Dbprintf("Pages read %d",count_Pages); + DbpString("Read card finished"); + } - // Thats it... + int len = 16*4; //64 bytes + + // Read a UL-C + if (Pages == 44 && count_Pages > 16) + len = 176; + + cmd_send(CMD_ACK, 1, 0, 0, dataoutbuf, len); + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); LEDsoff(); - } @@ -397,76 +399,65 @@ void MifareWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) void MifareUWriteBlock(uint8_t arg0, uint8_t *datain) { - // params - uint8_t blockNo = arg0; - byte_t blockdata[16]; + // params + uint8_t blockNo = arg0; + byte_t blockdata[16] = {0x00}; - memset(blockdata,'\0',16); - memcpy(blockdata, datain,16); - - // variables - byte_t isOK = 0; - uint8_t uid[10]; - uint32_t cuid; + memcpy(blockdata, datain, 16); + + // variables + byte_t isOK = 0; + uint8_t uid[10] = {0x00}; + uint32_t cuid; - // clear trace - iso14a_clear_trace(); + iso14a_clear_trace(); + iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); - iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); + LED_A_ON(); + LED_B_OFF(); + LED_C_OFF(); - LED_A_ON(); - LED_B_OFF(); - LED_C_OFF(); - - while (true) { - if(!iso14443a_select_card(uid, NULL, &cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); - break; - }; - - if(mifare_ultra_writeblock(cuid, blockNo, blockdata)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Write block error"); - break; - }; - - if(mifare_ultra_halt(cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); - break; - }; - - isOK = 1; - break; - } - - if (MF_DBGLEVEL >= 2) DbpString("WRITE BLOCK FINISHED"); + while (true) { + if(!iso14443a_select_card(uid, NULL, &cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); + break; + }; - LED_B_ON(); - cmd_send(CMD_ACK,isOK,0,0,0,0); - LED_B_OFF(); + if(mifare_ultra_writeblock(cuid, blockNo, blockdata)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Write block error"); + break; + }; + if(mifare_ultra_halt(cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); + break; + }; + + isOK = 1; + break; + } + + if (MF_DBGLEVEL >= 2) DbpString("WRITE BLOCK FINISHED"); - // Thats it... - FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); - LEDsoff(); -// iso14a_set_tracing(TRUE); + cmd_send(CMD_ACK,isOK,0,0,0,0); + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + LEDsoff(); } void MifareUWriteBlock_Special(uint8_t arg0, uint8_t *datain) { // params uint8_t blockNo = arg0; - byte_t blockdata[4]; + byte_t blockdata[4] = {0x00}; memcpy(blockdata, datain,4); // variables byte_t isOK = 0; - uint8_t uid[10]; + uint8_t uid[10] = {0x00}; uint32_t cuid; - // clear trace iso14a_clear_trace(); - iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); LED_A_ON(); @@ -495,11 +486,7 @@ void MifareUWriteBlock_Special(uint8_t arg0, uint8_t *datain) if (MF_DBGLEVEL >= 2) DbpString("WRITE BLOCK FINISHED"); - LED_B_ON(); cmd_send(CMD_ACK,isOK,0,0,0,0); - LED_B_OFF(); - - // Thats it... FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); LEDsoff(); } @@ -1152,71 +1139,54 @@ void MifareCIdent(){ void Mifare_DES_Auth1(uint8_t arg0, uint8_t *datain){ // variables byte_t isOK = 0; - byte_t dataoutbuf[16]; - uint8_t uid[10]; + byte_t dataout[11] = {0x00}; + uint8_t uid[10] = {0x00}; uint32_t cuid; - // clear trace iso14a_clear_trace(); iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); - - LED_A_ON(); - LED_B_OFF(); - LED_C_OFF(); - if(!iso14443a_select_card(uid, NULL, &cuid)) { if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card, something went wrong before auth"); }; - if(mifare_desfire_des_auth1(cuid, dataoutbuf)){ - if (MF_DBGLEVEL >= 1) Dbprintf("Authentication part1: Fail."); + if(mifare_desfire_des_auth1(cuid, dataout)){ + if (MF_DBGLEVEL >= 1) + Dbprintf("Authentication part1: Fail."); } - isOK=1; - if (MF_DBGLEVEL >= 2) DbpString("AUTH 1 FINISHED"); + isOK = 1; + if (MF_DBGLEVEL >= 2) DbpString("AUTH 1 FINISHED"); - LED_B_ON(); - cmd_send(CMD_ACK,isOK,cuid,0,dataoutbuf,11); - LED_B_OFF(); - - // Thats it... - //FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); - LEDsoff(); + cmd_send(CMD_ACK,isOK,cuid,0,dataout, sizeof(dataout)); } void Mifare_DES_Auth2(uint32_t arg0, uint8_t *datain){ - // params + uint32_t cuid = arg0; - uint8_t key[16]={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}; - // variables + uint8_t key[16] = {0x00}; byte_t isOK = 0; - byte_t dataoutbuf[16]; + byte_t dataout[12] = {0x00}; memcpy(key, datain, 16); - // clear trace - //iso14a_clear_trace(); - //iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); - + LED_A_ON(); LED_B_OFF(); LED_C_OFF(); - -// Dbprintf("Sending %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", -// key[0],key[1],key[2],key[3],key[4],key[5],key[6],key[7],key[8], -// key[9],key[10],key[11],key[12],key[13],key[14],key[15]); - if(mifare_desfire_des_auth2(cuid, key, dataoutbuf)){ - if (MF_DBGLEVEL >= 1) Dbprintf("Authentication part2: Fail..."); + isOK = mifare_desfire_des_auth2(cuid, key, dataout); + + if(isOK){ + if (MF_DBGLEVEL >= 2) + DbpString("AUTH 2 FINISHED"); + cmd_send(CMD_ACK,isOK,0,0,dataout,sizeof(dataout)); } - isOK=1; - if (MF_DBGLEVEL >= 2) DbpString("AUTH 2 FINISHED"); - - LED_B_ON(); - cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,12); - LED_B_OFF(); - - // Thats it... + else { + if (MF_DBGLEVEL >= 2) + Dbprintf("Authentication part2: Failed"); + OnError(); + } + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); LEDsoff(); } \ No newline at end of file diff --git a/armsrc/mifaredesfire.c b/armsrc/mifaredesfire.c index 155538cb..e064c33a 100644 --- a/armsrc/mifaredesfire.c +++ b/armsrc/mifaredesfire.c @@ -18,13 +18,9 @@ static uint8_t deselect_cmd[] = {0xc2,0xe0,0xb4}; //static uint8_t __res[MAX_FRAME_SIZE]; bool InitDesfireCard(){ - - // Make sure it is off. -// FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); -// SpinDelay(300); - byte_t cardbuf[USB_CMD_DATA_SIZE]; - memset(cardbuf,0,sizeof(cardbuf)); + byte_t cardbuf[USB_CMD_DATA_SIZE] = {0x00}; + iso14a_card_select_t *card = (iso14a_card_select_t*)cardbuf; iso14a_set_tracing(TRUE); @@ -99,13 +95,9 @@ void MifareSendCommand(uint8_t arg0, uint8_t arg1, uint8_t *datain){ void MifareDesfireGetInformation(){ int len = 0; - uint8_t resp[USB_CMD_DATA_SIZE]; - uint8_t dataout[USB_CMD_DATA_SIZE]; - byte_t cardbuf[USB_CMD_DATA_SIZE]; - - memset(resp,0,sizeof(resp)); - memset(dataout,0, sizeof(dataout)); - memset(cardbuf,0,sizeof(cardbuf)); + uint8_t resp[USB_CMD_DATA_SIZE] = {0x00}; + uint8_t dataout[USB_CMD_DATA_SIZE] = {0x00}; + byte_t cardbuf[USB_CMD_DATA_SIZE] = {0x00}; /* 1 = PCB 1 @@ -191,7 +183,6 @@ void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain //uint8_t new_key_data8[8] = { 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77}; //uint8_t new_key_data16[16] = { 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,0x99,0xAA,0xBB,0xCC,0xDD,0xEE,0xFF}; - //uint8_t* bigbuffer = get_bigbufptr_recvrespbuf(); uint8_t resp[256] = {0x00}; uint8_t IV[16] = {0x00}; @@ -219,7 +210,7 @@ void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain case 1:{ if (algo == 1) { - uint8_t keybytes[8]; + uint8_t keybytes[8] = {0x00}; uint8_t RndA[8] = {0x00}; uint8_t RndB[8] = {0x00}; @@ -268,7 +259,6 @@ void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain for (int x = 0; x < 8; x++) { decRndB[x] = decRndB[x] ^ encRndA[x]; - } des_dec(&encRndB, &decRndB, key->data); @@ -366,14 +356,14 @@ void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain case 3:{ //defaultkey - uint8_t keybytes[16]; + uint8_t keybytes[16] = {0x00}; if (datain[1] == 0xff){ memcpy(keybytes,PICC_MASTER_KEY16,16); } else{ memcpy(keybytes, datain+1, datalen); } - struct desfire_key defaultkey = {0}; + struct desfire_key defaultkey = {0x00}; desfirekey_t key = &defaultkey; Desfire_aes_key_new( keybytes, key); diff --git a/armsrc/mifareutil.c b/armsrc/mifareutil.c index 84f77a35..d51da21c 100644 --- a/armsrc/mifareutil.c +++ b/armsrc/mifareutil.c @@ -19,7 +19,7 @@ #include "crapto1.h" #include "mifareutil.h" -int MF_DBGLEVEL = MF_DBG_ALL; +int MF_DBGLEVEL = MF_DBG_ERROR; // memory management uint8_t* get_bigbufptr_recvrespbuf(void) { @@ -511,7 +511,7 @@ int mifare_ultra_halt(uint32_t uid) if (MF_DBGLEVEL >= 1) Dbprintf("halt error. response len: %x", len); return 1; } - + return 0; } @@ -638,7 +638,7 @@ int mifare_sendcmd_special(struct Crypto1State *pcs, uint8_t crypted, uint8_t cm int len = ReaderReceive(answer, answer_parity); if(!len) { if (MF_DBGLEVEL >= 1) Dbprintf("Authentication failed. Card timeout."); - return 2; + return 1; } return len; } @@ -654,7 +654,7 @@ int mifare_sendcmd_special2(struct Crypto1State *pcs, uint8_t crypted, uint8_t c int len = ReaderReceive(answer, answer_parity); if(!len){ if (MF_DBGLEVEL >= 1) Dbprintf("Authentication failed. Card timeout."); - return 2; + return 1; } return len; } @@ -662,7 +662,7 @@ int mifare_sendcmd_special2(struct Crypto1State *pcs, uint8_t crypted, uint8_t c int mifare_desfire_des_auth1(uint32_t uid, uint8_t *blockData){ // variables int len; - // load key, keynumber + // load key, keynumber uint8_t data[2]={0x0a, 0x00}; uint8_t* receivedAnswer = get_bigbufptr_recvrespbuf(); uint8_t *receivedAnswerPar = receivedAnswer + MAX_FRAME_SIZE; @@ -688,7 +688,8 @@ int mifare_desfire_des_auth1(uint32_t uid, uint8_t *blockData){ int mifare_desfire_des_auth2(uint32_t uid, uint8_t *key, uint8_t *blockData){ // variables int len; - uint8_t data[17]={0xaf,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}; + uint8_t data[17] = {0x00}; + data[0] = 0xAF; memcpy(data+1,key,16); uint8_t* receivedAnswer = get_bigbufptr_recvrespbuf(); @@ -697,7 +698,7 @@ int mifare_desfire_des_auth2(uint32_t uid, uint8_t *key, uint8_t *blockData){ // command MIFARE_CLASSIC_READBLOCK len = mifare_sendcmd_special2(NULL, 1, 0x03, data, receivedAnswer, receivedAnswerPar ,NULL); - if ((receivedAnswer[0] == 0x03)&&(receivedAnswer[1] == 0xae)) { + if ((receivedAnswer[0] == 0x03) && (receivedAnswer[1] == 0xae)) { if (MF_DBGLEVEL >= 1) Dbprintf("Auth Error: %02x %02x", receivedAnswer[0], receivedAnswer[1]); return 1; } diff --git a/client/cmdhf14a.c b/client/cmdhf14a.c index 4f0ffde6..12fb10ed 100644 --- a/client/cmdhf14a.c +++ b/client/cmdhf14a.c @@ -649,7 +649,7 @@ static void waitCmd(uint8_t iSelect) UsbCommand resp; char *hexout; - if (WaitForResponseTimeout(CMD_ACK,&resp,10000)) { + if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) { recv = resp.d.asBytes; uint8_t iLen = iSelect ? resp.arg[1] : resp.arg[0]; PrintAndLog("received %i octets",iLen); diff --git a/client/cmdhfmf.c b/client/cmdhfmf.c index 49928c9a..6939f653 100644 --- a/client/cmdhfmf.c +++ b/client/cmdhfmf.c @@ -1983,9 +1983,6 @@ static command_t CommandTable[] = {"help", CmdHelp, 1, "This help"}, {"dbg", CmdHF14AMfDbg, 0, "Set default debug mode"}, {"rdbl", CmdHF14AMfRdBl, 0, "Read MIFARE classic block"}, - //{"urdbl", CmdHF14AMfURdBl, 0, "Read MIFARE Ultralight block"}, - //{"urdcard", CmdHF14AMfURdCard, 0,"Read MIFARE Ultralight Card"}, - //{"uwrbl", CmdHF14AMfUWrBl, 0,"Write MIFARE Ultralight block"}, {"rdsc", CmdHF14AMfRdSc, 0, "Read MIFARE classic sector"}, {"dump", CmdHF14AMfDump, 0, "Dump MIFARE classic tag to binary file"}, {"restore", CmdHF14AMfRestore, 0, "Restore MIFARE classic binary file to BLANK tag"}, @@ -2003,9 +2000,9 @@ static command_t CommandTable[] = {"ecfill", CmdHF14AMfECFill, 0, "Fill simulator memory with help of keys from simulator"}, {"ekeyprn", CmdHF14AMfEKeyPrn, 0, "Print keys from simulator memory"}, {"csetuid", CmdHF14AMfCSetUID, 0, "Set UID for magic Chinese card"}, - {"csetblk", CmdHF14AMfCSetBlk, 0, "Write block into magic Chinese card"}, - {"cgetblk", CmdHF14AMfCGetBlk, 0, "Read block from magic Chinese card"}, - {"cgetsc", CmdHF14AMfCGetSc, 0, "Read sector from magic Chinese card"}, + {"csetblk", CmdHF14AMfCSetBlk, 0, "Write block - Magic Chinese card"}, + {"cgetblk", CmdHF14AMfCGetBlk, 0, "Read block - Magic Chinese card"}, + {"cgetsc", CmdHF14AMfCGetSc, 0, "Read sector - Magic Chinese card"}, {"cload", CmdHF14AMfCLoad, 0, "Load dump into magic Chinese card"}, {"csave", CmdHF14AMfCSave, 0, "Save dump from magic Chinese card into file or emulator"}, {NULL, NULL, 0, NULL} diff --git a/client/cmdhfmfu.c b/client/cmdhfmfu.c index 52b7ad14..e9a12083 100644 --- a/client/cmdhfmfu.c +++ b/client/cmdhfmfu.c @@ -20,6 +20,57 @@ uint8_t key5_ones_data[16] = { 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01 static int CmdHelp(const char *Cmd); +int CmdHF14AMfUInfo(const char *Cmd){ + + uint8_t datatemp[7] = {0x00}; + uint8_t isOK = 0; + uint8_t *data = NULL; + + UsbCommand c = {CMD_MIFAREU_READCARD, {0, 4}}; + SendCommand(&c); + UsbCommand resp; + + if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) { + isOK = resp.arg[0] & 0xff; + data = resp.d.asBytes; + + if (!isOK) { + PrintAndLog("Error reading from tag"); + return -1; + } + } else { + PrintAndLog("Command execute timed out"); + return -1; + } + + // UID + memcpy( datatemp, data,3); + memcpy( datatemp+3, data+4, 4); + PrintAndLog(" UID :%s ", sprint_hex(datatemp, 7)); + // BBC + // CT (cascade tag byte) 0x88 xor SN0 xor SN1 xor SN2 + int crc0 = 0x88 ^ data[0] ^ data[1] ^data[2]; + if ( data[3] == crc0 ) + PrintAndLog(" BCC0 :%02x - Ok", data[3]); + else + PrintAndLog(" BCC0 :%02x - crc should be %02x", data[3], crc0); + + int crc1 = data[4] ^ data[5] ^ data[6] ^data[7]; + if ( data[8] == crc1 ) + PrintAndLog(" BCC1 :%02x - Ok", data[8]); + else + PrintAndLog(" BCC1 :%02x - crc should be %02x", data[8], crc1 ); + + PrintAndLog(" Internal :%s ", sprint_hex(data + 9, 1)); + + memcpy(datatemp, data+10, 2); + PrintAndLog(" Lock :%s - %s", sprint_hex(datatemp, 2),printBits( 2, &datatemp) ); + PrintAndLog(" OneTimePad :%s ", sprint_hex(data + 3*4, 4)); + PrintAndLog(""); + + return 0; +} + // // Mifare Ultralight Write Single Block // @@ -172,19 +223,18 @@ int CmdHF14AMfURdBl(const char *Cmd){ int CmdHF14AMfURdCard(const char *Cmd){ int i; uint8_t BlockNo = 0; - int pages=16; - uint8_t *lockbytes_t=NULL; - uint8_t lockbytes[2]={0x00}; - bool bit[16]={0x00}; - bool dump=false; - uint8_t datatemp[7]= {0x00}; - + int pages = 16; + uint8_t *lockbytes_t = NULL; + uint8_t lockbytes[2] = {0x00}; + bool bit[16] = {0x00}; + bool dump = false; + uint8_t datatemp[7] = {0x00}; uint8_t isOK = 0; uint8_t * data = NULL; FILE *fout = NULL; if (strchr(Cmd,'x') != 0){ - dump=true; + dump = true; if ((fout = fopen("dump_ultralight_data.bin","wb")) == NULL) { PrintAndLog("Could not create file name dumpdata.bin"); return 1; @@ -201,36 +251,6 @@ int CmdHF14AMfURdCard(const char *Cmd){ data = resp.d.asBytes; PrintAndLog("isOk:%02x", isOK); if (isOK) { - - // UID - memcpy( datatemp, data,3); - memcpy( datatemp+3, data+4, 4); - PrintAndLog(" UID :%s ", sprint_hex(datatemp, 7)); - // BBC - // CT (cascade tag byte) 0x88 xor SN0 xor SN1 xor SN2 - int crc0 = 0x88 ^ data[0] ^ data[1] ^data[2]; - if ( data[3] == crc0 ) { - PrintAndLog(" BCC0 :%02x - Ok", data[3]); - } - else{ - PrintAndLog(" BCC0 :%02x - crc should be %02x", data[3], crc0); - } - - int crc1 = data[4] ^ data[5] ^ data[6] ^data[7]; - if ( data[8] == crc1 ){ - PrintAndLog(" BCC1 :%02x - Ok", data[8]); - } - else{ - PrintAndLog(" BCC1 :%02x - crc should be %02x", data[8], crc1 ); - } - - PrintAndLog(" Internal :%s ", sprint_hex(data + 9, 1)); - - memcpy(datatemp, data+10, 2); - PrintAndLog(" Lock :%s - %s", sprint_hex(datatemp, 2),printBits( 2, &datatemp) ); - - PrintAndLog(" OneTimePad :%s ", sprint_hex(data + 3*4, 4)); - PrintAndLog(""); for (i = 0; i < pages; i++) { switch(i){ @@ -320,7 +340,7 @@ int CmdHF14AMfURdCard(const char *Cmd){ } } } else { - PrintAndLog("Command1 execute timeout"); + PrintAndLog("Command execute timeout"); } if (dump) fclose(fout); return 0; @@ -1131,17 +1151,18 @@ int CmdHF14AMfUCWrBl(const char *Cmd){ //------------------------------------ static command_t CommandTable[] = { - {"help", CmdHelp, 1,"This help"}, - {"dbg", CmdHF14AMfDbg, 0,"Set default debug mode"}, - {"urdbl", CmdHF14AMfURdBl, 0,"Read MIFARE Ultralight block"}, - {"urdcard", CmdHF14AMfURdCard, 0,"Read MIFARE Ultralight Card"}, - {"udump", CmdHF14AMfUDump, 0,"Dump MIFARE Ultralight tag to binary file"}, - {"uwrbl", CmdHF14AMfUWrBl, 0,"Write MIFARE Ultralight block"}, - {"ucrdbl", CmdHF14AMfUCRdBl, 0,"Read MIFARE Ultralight C block"}, - {"ucrdcard",CmdHF14AMfUCRdCard, 0,"Read MIFARE Ultralight C Card"}, - {"ucdump", CmdHF14AMfUCDump, 0,"Dump MIFARE Ultralight C tag to binary file"}, - {"ucwrbl", CmdHF14AMfUCWrBl, 0,"Write MIFARE Ultralight C block"}, - {"auth", CmdHF14AMfucAuth, 0,"Ultralight C Authentication"}, + {"help", CmdHelp, 1,"This help"}, + {"dbg", CmdHF14AMfDbg, 0,"Set default debug mode"}, + {"info", CmdHF14AMfUInfo, 0,"Taginfo"}, + {"rdbl", CmdHF14AMfURdBl, 0,"Read block - MIFARE Ultralight"}, + {"rdcard", CmdHF14AMfURdCard, 0,"Read card - MIFARE Ultralight"}, + {"dump", CmdHF14AMfUDump, 0,"Dump MIFARE Ultralight tag to binary file"}, + {"wrbl", CmdHF14AMfUWrBl, 0,"Write block - MIFARE Ultralight"}, + {"crdbl", CmdHF14AMfUCRdBl, 0,"Read block - MIFARE Ultralight C"}, + {"crdcard", CmdHF14AMfUCRdCard, 0,"Read card - MIFARE Ultralight C"}, + {"cdump", CmdHF14AMfUCDump, 0,"Dump MIFARE Ultralight C tag to binary file"}, + {"cwrbl", CmdHF14AMfUCWrBl, 0,"Write MIFARE Ultralight C block"}, + {"cauth", CmdHF14AMfucAuth, 0,"try a Ultralight C Authentication"}, {NULL, NULL, 0, NULL} }; diff --git a/client/cmdhfmfu.h b/client/cmdhfmfu.h index 20f25d1d..5389f4ab 100644 --- a/client/cmdhfmfu.h +++ b/client/cmdhfmfu.h @@ -1,5 +1,6 @@ #include "cmdhfmf.h" + //standard ultralight int CmdHF14AMfUWrBl(const char *Cmd); int CmdHF14AMfURdBl(const char *Cmd); @@ -14,3 +15,4 @@ void rol (uint8_t *data, const size_t len); //general stuff int CmdHFMFUltra(const char *Cmd); +int CmdHF14AMfUInfo(const char *Cmd)