From c3c241f389048bd14422d70504cecec6637b89f3 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Tue, 26 May 2015 11:04:57 +0200 Subject: [PATCH] CHG: moved a xor function into util.c CHG: added some calls to clearCommandBuffer() in /hf mfu/hf 14a sim/hf mf sim/ commands. CHG: minor adjustments to relative pathing. --- armsrc/Makefile | 1 - armsrc/appmain.c | 9 +++-- armsrc/iso14443a.c | 94 ++++++++++++++++++++++++++------------------- armsrc/start.c | 2 +- armsrc/util.c | 2 +- client/cmdhf14a.c | 25 ++++++------ client/cmdhfmf.c | 45 ++++++++++++++-------- client/cmdhfmfdes.c | 18 ++------- client/cmdhfmfu.c | 16 +++++++- client/cmdhw.c | 1 - client/cmdmain.c | 2 +- client/util.c | 9 +++++ client/util.h | 3 ++ 13 files changed, 135 insertions(+), 92 deletions(-) diff --git a/armsrc/Makefile b/armsrc/Makefile index 3140a0e7..2ddad17e 100644 --- a/armsrc/Makefile +++ b/armsrc/Makefile @@ -45,7 +45,6 @@ ARMSRC = fpgaloader.c \ BigBuf.c \ optimized_cipher.c - # stdint.h provided locally until GCC 4.5 becomes C99 compliant APP_CFLAGS += -I. diff --git a/armsrc/appmain.c b/armsrc/appmain.c index 0d3337b6..6e2e75db 100644 --- a/armsrc/appmain.c +++ b/armsrc/appmain.c @@ -10,16 +10,17 @@ // executes. //----------------------------------------------------------------------------- -#include "../common/usb_cdc.h" -#include "../common/cmd.h" -#include "../include/proxmark3.h" -#include "../include/hitag2.h" +#include "usb_cdc.h" +#include "cmd.h" + +#include "proxmark3.h" #include "apps.h" #include "util.h" #include "printf.h" #include "string.h" #include #include "legicrf.h" +#include #include "lfsampling.h" #include "BigBuf.h" diff --git a/armsrc/iso14443a.c b/armsrc/iso14443a.c index 8e547147..200e31f2 100644 --- a/armsrc/iso14443a.c +++ b/armsrc/iso14443a.c @@ -1007,7 +1007,7 @@ void SimulateIso14443aTag(int tagType, int flags, int uid_2nd, byte_t* data) response2a[0] = data[3]; response2a[1] = data[4]; response2a[2] = data[5]; - response2a[3] = data[7]; + response2a[3] = data[6]; //?? response2a[4] = response2a[0] ^ response2a[1] ^ response2a[2] ^ response2a[3]; // Configure the ATQA and SAK accordingly @@ -1034,7 +1034,7 @@ void SimulateIso14443aTag(int tagType, int flags, int uid_2nd, byte_t* data) response3a[0] = sak & 0xFB; ComputeCrc14443(CRC_14443_A, response3a, 1, &response3a[1], &response3a[2]); - uint8_t response5[] = { 0x00, 0x00, 0x00, 0x00 }; // Very random tag nonce + uint8_t response5[] = { 0x01, 0x02, 0x03, 0x04 }; // Very random tag nonce uint8_t response6[] = { 0x04, 0x58, 0x80, 0x02, 0x00, 0x00 }; // dummy ATS (pseudo-ATR), answer to RATS: // Format byte = 0x58: FSCI=0x08 (FSC=256), TA(1) and TC(1) present, // TA(1) = 0x80: different divisors not supported, DR = 1, DS = 1 @@ -2310,7 +2310,7 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t * uint8_t cardWRBL = 0; uint8_t cardAUTHSC = 0; uint8_t cardAUTHKEY = 0xff; // no authentication - uint32_t cardRr = 0; +// uint32_t cardRr = 0; uint32_t cuid = 0; //uint32_t rn_enc = 0; uint32_t ans = 0; @@ -2328,7 +2328,8 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t * uint8_t rATQA[] = {0x04, 0x00}; // Mifare classic 1k 4BUID uint8_t rUIDBCC1[] = {0xde, 0xad, 0xbe, 0xaf, 0x62}; uint8_t rUIDBCC2[] = {0xde, 0xad, 0xbe, 0xaf, 0x62}; // !!! - uint8_t rSAK[] = {0x08, 0xb6, 0xdd}; + //uint8_t rSAK[] = {0x08, 0xb6, 0xdd}; // Mifare Classic + uint8_t rSAK[] = {0x09, 0x3f, 0xcc }; // Mifare Mini uint8_t rSAK1[] = {0x04, 0xda, 0x17}; uint8_t rAUTH_NT[] = {0x01, 0x02, 0x03, 0x04}; @@ -2337,9 +2338,11 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t * //Here, we collect UID,NT,AR,NR,UID2,NT2,AR2,NR2 // This can be used in a reader-only attack. // (it can also be retrieved via 'hf 14a list', but hey... - uint32_t ar_nr_responses[] = {0,0,0,0,0,0,0,0}; + uint32_t ar_nr_responses[] = {0,0,0,0,0,0,0,0,0,0}; uint8_t ar_nr_collected = 0; + Dbprintf("FIRE"); + // free eventually allocated BigBuf memory but keep Emulator Memory BigBuf_free_keep_EM(); @@ -2347,6 +2350,7 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t * clear_trace(); set_tracing(TRUE); + Dbprintf("ICE"); // Authenticate response - nonce uint32_t nonce = bytes_to_num(rAUTH_NT, 4); @@ -2376,6 +2380,12 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t * } } + Dbprintf("ICE2"); + // save uid. + ar_nr_responses[0*5] = bytes_to_num(rUIDBCC1+1, 3); + if ( _7BUID ) + ar_nr_responses[0*5+1] = bytes_to_num(rUIDBCC2, 4); + /* * Regardless of what method was used to set the UID, set fifth byte and modify * the ATQA for 4 or 7-byte UID @@ -2403,6 +2413,7 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t * } } + Dbprintf("ICE3"); bool finished = FALSE; while (!BUTTON_PRESS() && !finished) { WDT_HIT(); @@ -2418,7 +2429,6 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t * if(cardSTATE == MFEMUL_NOFIELD) continue; //Now, get data - res = EmGetCmd(receivedCmd, &len, receivedCmd_par); if (res == 2) { //Field is off! cardSTATE = MFEMUL_NOFIELD; @@ -2493,10 +2503,11 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t * if(ar_nr_collected < 2){ if(ar_nr_responses[2] != ar) {// Avoid duplicates... probably not necessary, ar should vary. - ar_nr_responses[ar_nr_collected*4] = cuid; - ar_nr_responses[ar_nr_collected*4+1] = nonce; - ar_nr_responses[ar_nr_collected*4+2] = ar; - ar_nr_responses[ar_nr_collected*4+3] = nr; + //ar_nr_responses[ar_nr_collected*5] = 0; + //ar_nr_responses[ar_nr_collected*5+1] = 0; + ar_nr_responses[ar_nr_collected*5+2] = nonce; + ar_nr_responses[ar_nr_collected*5+3] = nr; + ar_nr_responses[ar_nr_collected*5+4] = ar; ar_nr_collected++; } // Interactive mode flag, means we need to send ACK @@ -2507,22 +2518,23 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t * } // --- crypto - crypto1_word(pcs, ar , 1); - cardRr = nr ^ crypto1_word(pcs, 0, 0); - - // test if auth OK - if (cardRr != prng_successor(nonce, 64)){ - if (MF_DBGLEVEL >= 2) Dbprintf("AUTH FAILED for sector %d with key %c. cardRr=%08x, succ=%08x", - cardAUTHSC, cardAUTHKEY == 0 ? 'A' : 'B', - cardRr, prng_successor(nonce, 64)); + //crypto1_word(pcs, ar , 1); + //cardRr = nr ^ crypto1_word(pcs, 0, 0); + + //test if auth OK + //if (cardRr != prng_successor(nonce, 64)){ + + //if (MF_DBGLEVEL >= 4) Dbprintf("AUTH FAILED for sector %d with key %c. cardRr=%08x, succ=%08x", + // cardAUTHSC, cardAUTHKEY == 0 ? 'A' : 'B', + // cardRr, prng_successor(nonce, 64)); // Shouldn't we respond anything here? // Right now, we don't nack or anything, which causes the // reader to do a WUPA after a while. /Martin // -- which is the correct response. /piwi - cardSTATE_TO_IDLE(); - LogTrace(Uart.output, Uart.len, Uart.startTime*16 - DELAY_AIR2ARM_AS_TAG, Uart.endTime*16 - DELAY_AIR2ARM_AS_TAG, Uart.parity, TRUE); - break; - } + //cardSTATE_TO_IDLE(); + //LogTrace(Uart.output, Uart.len, Uart.startTime*16 - DELAY_AIR2ARM_AS_TAG, Uart.endTime*16 - DELAY_AIR2ARM_AS_TAG, Uart.parity, TRUE); + //break; + //} ans = prng_successor(nonce, 96) ^ crypto1_word(pcs, 0, 0); @@ -2630,13 +2642,13 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t * || receivedCmd[0] == 0xB0) { // transfer if (receivedCmd[1] >= 16 * 4) { EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA)); - if (MF_DBGLEVEL >= 2) Dbprintf("Reader tried to operate (0x%02) on out of range block: %d (0x%02x), nacking",receivedCmd[0],receivedCmd[1],receivedCmd[1]); + if (MF_DBGLEVEL >= 4) Dbprintf("Reader tried to operate (0x%02) on out of range block: %d (0x%02x), nacking",receivedCmd[0],receivedCmd[1],receivedCmd[1]); break; } if (receivedCmd[1] / 4 != cardAUTHSC) { EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA)); - if (MF_DBGLEVEL >= 2) Dbprintf("Reader tried to operate (0x%02) on block (0x%02x) not authenticated for (0x%02x), nacking",receivedCmd[0],receivedCmd[1],cardAUTHSC); + if (MF_DBGLEVEL >= 4) Dbprintf("Reader tried to operate (0x%02) on block (0x%02x) not authenticated for (0x%02x), nacking",receivedCmd[0],receivedCmd[1],cardAUTHSC); break; } } @@ -2668,7 +2680,7 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t * if (receivedCmd[0] == 0xC0 || receivedCmd[0] == 0xC1 || receivedCmd[0] == 0xC2) { if (MF_DBGLEVEL >= 4) Dbprintf("RECV 0x%02x inc(0xC1)/dec(0xC0)/restore(0xC2) block %d (%02x)",receivedCmd[0],receivedCmd[1],receivedCmd[1]); if (emlCheckValBl(receivedCmd[1])) { - if (MF_DBGLEVEL >= 2) Dbprintf("Reader tried to operate on block, but emlCheckValBl failed, nacking"); + if (MF_DBGLEVEL >= 4) Dbprintf("Reader tried to operate on block, but emlCheckValBl failed, nacking"); EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA)); break; } @@ -2770,35 +2782,37 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t * if(flags & FLAG_INTERACTIVE)// Interactive mode flag, means we need to send ACK { //May just aswell send the collected ar_nr in the response aswell - cmd_send(CMD_ACK,CMD_SIMULATE_MIFARE_CARD,1,0,&ar_nr_responses,ar_nr_collected*4*4); + uint8_t len = ar_nr_collected*5*4; + cmd_send(CMD_ACK, CMD_SIMULATE_MIFARE_CARD, len, 0, &ar_nr_responses, len); } if(flags & FLAG_NR_AR_ATTACK && MF_DBGLEVEL >= 1 ) { if(ar_nr_collected > 1 ) { Dbprintf("Collected two pairs of AR/NR which can be used to extract keys from reader:"); - Dbprintf("../tools/mfkey/mfkey32 %08x %08x %08x %08x %08x %08x", - ar_nr_responses[0], // UID - ar_nr_responses[1], // NT - ar_nr_responses[2], // AR1 - ar_nr_responses[3], // NR1 - ar_nr_responses[6], // AR2 - ar_nr_responses[7] // NR2 + Dbprintf("../tools/mfkey/mfkey32 %06x%08x %08x %08x %08x %08x %08x", + ar_nr_responses[0], // UID1 + ar_nr_responses[1], // UID2 + ar_nr_responses[2], // NT + ar_nr_responses[3], // AR1 + ar_nr_responses[4], // NR1 + ar_nr_responses[8], // AR2 + ar_nr_responses[9] // NR2 ); } else { Dbprintf("Failed to obtain two AR/NR pairs!"); if(ar_nr_collected > 0 ) { - Dbprintf("Only got these: UID=%08x, nonce=%08x, AR1=%08x, NR1=%08x", - ar_nr_responses[0], // UID - ar_nr_responses[1], // NT - ar_nr_responses[2], // AR1 - ar_nr_responses[3] // NR1 + Dbprintf("Only got these: UID=%07x%08x, nonce=%08x, AR1=%08x, NR1=%08x", + ar_nr_responses[0], // UID1 + ar_nr_responses[1], // UID2 + ar_nr_responses[2], // NT + ar_nr_responses[3], // AR1 + ar_nr_responses[4] // NR1 ); } } } - if (MF_DBGLEVEL >= 1) Dbprintf("Emulator stopped. Tracing: %d trace length: %d ", tracing, BigBuf_get_traceLen()); - + if (MF_DBGLEVEL >= 1) Dbprintf("Emulator stopped. Tracing: %d trace length: %d ", tracing, BigBuf_get_traceLen()); } diff --git a/armsrc/start.c b/armsrc/start.c index 3f5dc676..d7332bda 100644 --- a/armsrc/start.c +++ b/armsrc/start.c @@ -9,7 +9,7 @@ // with the linker script. //----------------------------------------------------------------------------- -#include "../include/proxmark3.h" +#include "proxmark3.h" #include "apps.h" extern char __data_start__, __data_src_start__, __data_end__, __bss_start__, __bss_end__; diff --git a/armsrc/util.c b/armsrc/util.c index c3d4d2c6..74fba94b 100644 --- a/armsrc/util.c +++ b/armsrc/util.c @@ -8,7 +8,7 @@ // Utility functions used in many places, not specific to any piece of code. //----------------------------------------------------------------------------- -#include "../include/proxmark3.h" +#include "proxmark3.h" #include "util.h" #include "string.h" #include "apps.h" diff --git a/client/cmdhf14a.c b/client/cmdhf14a.c index 8f53bebe..931ef990 100644 --- a/client/cmdhf14a.c +++ b/client/cmdhf14a.c @@ -481,6 +481,8 @@ int CmdHF14ASim(const char *Cmd) uint64_t uid = 0; uint8_t cmdp = 0; + clearCommandBuffer(); + while(param_getchar(Cmd, cmdp) != 0x00) { switch(param_getchar(Cmd, cmdp)) @@ -537,19 +539,18 @@ int CmdHF14ASim(const char *Cmd) uint8_t data[40]; uint8_t key[6]; - + UsbCommand resp; while(!ukbhit()){ - UsbCommand resp; - WaitForResponseTimeout(CMD_ACK,&resp,1500); - PrintAndLog("CMD_SIMULATE_MIFARE_CARD [%04X] -- %04X", CMD_SIMULATE_MIFARE_CARD, resp.arg[0]); - if ( (resp.arg[0] & 0xffff) == CMD_SIMULATE_MIFARE_CARD ){ - memset(data, 0x00, sizeof(data)); - memset(key, 0x00, sizeof(key)); - int len = (resp.arg[1] > sizeof(data)) ? sizeof(data) : resp.arg[1]; - memcpy(data, resp.d.asBytes, len); - tryMfk32(uid, data, key); - //tryMfk64(uid, data, key); - PrintAndLog("--"); + if ( WaitForResponseTimeout(CMD_ACK,&resp,1500)) { + if ( (resp.arg[0] & 0xffff) == CMD_SIMULATE_MIFARE_CARD ){ + memset(data, 0x00, sizeof(data)); + memset(key, 0x00, sizeof(key)); + int len = (resp.arg[1] > sizeof(data)) ? sizeof(data) : resp.arg[1]; + memcpy(data, resp.d.asBytes, len); + tryMfk32(uid, data, key); + //tryMfk64(uid, data, key); + PrintAndLog("--"); + } } } return 0; diff --git a/client/cmdhfmf.c b/client/cmdhfmf.c index 7bd2e6f1..d84fe49a 100644 --- a/client/cmdhfmf.c +++ b/client/cmdhfmf.c @@ -1012,8 +1012,10 @@ int CmdHF14AMf1kSim(const char *Cmd) uint8_t uid[7] = {0, 0, 0, 0, 0, 0, 0}; uint8_t exitAfterNReads = 0; uint8_t flags = 0; - + uint8_t cmdp = param_getchar(Cmd, 0); + + clearCommandBuffer(); if (cmdp == 'h' || cmdp == 'H') { PrintAndLog("Usage: hf mf sim u n i x"); @@ -1065,25 +1067,38 @@ int CmdHF14AMf1kSim(const char *Cmd) if(flags & FLAG_INTERACTIVE) { - uint64_t corr_uid = bytes_to_num(uid, ( flags & FLAG_4B_UID_IN_DATA ) ? 4 : 7 ); - PrintAndLog("Press pm3-button to abort simulation"); uint8_t data[40]; uint8_t key[6]; - while(!ukbhit()){ - UsbCommand resp; - WaitForResponseTimeout(CMD_ACK,&resp,1500); - PrintAndLog("CMD_SIMULATE_MIFARE_CARD [%04X] -- %04X", CMD_SIMULATE_MIFARE_CARD, resp.arg[0]); - if ( (resp.arg[0] & 0xffff) == CMD_SIMULATE_MIFARE_CARD ){ - memset(data, 0x00, sizeof(data)); - memset(key, 0x00, sizeof(key)); - int len = (resp.arg[1] > sizeof(data)) ? sizeof(data) : resp.arg[1]; - memcpy(data, resp.d.asBytes, len); - tryMfk32(corr_uid, data, key); - //tryMfk64(corr_uid, data, key); - PrintAndLog("--"); + UsbCommand resp; + while(!ukbhit() ){ + if ( WaitForResponseTimeout(CMD_ACK,&resp,1500) ) { + if ( (resp.arg[0] & 0xffff) == CMD_SIMULATE_MIFARE_CARD ){ + memset(data, 0x00, sizeof(data)); + memset(key, 0x00, sizeof(key)); + int len = (resp.arg[1] > sizeof(data)) ? sizeof(data) : resp.arg[1]; + + memcpy(data, resp.d.asBytes, len); + + uint64_t corr_uid = 0; + if ( memcmp(data, "\x00\x00\x00\x00", 4) == 0 ) { + corr_uid = (data[3] << 24) | (data[2] << 16) | (data[1] << 8) | data[0]; + } + else { + corr_uid |= (uint64_t)data[2] << 48; + corr_uid |= (uint64_t)data[1] << 40; + corr_uid |= (uint64_t)data[0] << 32; + corr_uid |= data[7] << 24; + corr_uid |= data[6] << 16; + corr_uid |= data[5] << 8; + corr_uid |= data[4]; + } + tryMfk32(corr_uid, data, key); + //tryMfk64(corr_uid, data, key); + PrintAndLog("--"); + } } } } diff --git a/client/cmdhfmfdes.c b/client/cmdhfmfdes.c index f72cfecd..516b41bd 100644 --- a/client/cmdhfmfdes.c +++ b/client/cmdhfmfdes.c @@ -36,9 +36,6 @@ uint8_t key_defa_data[16] = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09, uint8_t key_picc_data[16] = { 0x40,0x41,0x42,0x43,0x44,0x45,0x46,0x47,0x48,0x49,0x4a,0x4b,0x4c,0x4d,0x4e,0x4f }; static int CmdHelp(const char *Cmd); -static void xor(unsigned char * dst, unsigned char * src, size_t len); -static int32_t le24toh (uint8_t data[3]); - int CmdHF14ADesWb(const char *Cmd) { @@ -640,23 +637,14 @@ int CmdHF14ADesAuth(const char *Cmd){ } -static void xor(unsigned char * dst, unsigned char * src, size_t len) { - for( ; len > 0; len--,dst++,src++) - *dst ^= *src; -} - -static int32_t le24toh (uint8_t data[3]) { - return (data[2] << 16) | (data[1] << 8) | data[0]; -} - static command_t CommandTable[] = { {"help", CmdHelp, 1, "This help"}, - {"auth", CmdHF14ADesAuth, 0, "Tries a MIFARE DesFire Authentication"}, - {"rb", CmdHF14ADesRb, 0, "Read MIFARE DesFire block"}, - {"wb", CmdHF14ADesWb, 0, "write MIFARE DesFire block"}, {"info", CmdHF14ADesInfo, 0, "Get MIFARE DesFire information"}, {"enum", CmdHF14ADesEnumApplications,0, "Tries enumerate all applications"}, + {"auth", CmdHF14ADesAuth, 0, "Tries a MIFARE DesFire Authentication"}, + {"rdbl", CmdHF14ADesRb, 0, "Read MIFARE DesFire block"}, + {"wrbl", CmdHF14ADesWb, 0, "write MIFARE DesFire block"}, {NULL, NULL, 0, NULL} }; diff --git a/client/cmdhfmfu.c b/client/cmdhfmfu.c index 0c116eb4..5153e8ec 100644 --- a/client/cmdhfmfu.c +++ b/client/cmdhfmfu.c @@ -646,6 +646,8 @@ int CmdHF14AMfUInfo(const char *Cmd){ int len = 0; char tempStr[50]; + clearCommandBuffer(); + while(param_getchar(Cmd, cmdp) != 0x00) { switch(param_getchar(Cmd, cmdp)) @@ -857,6 +859,8 @@ int CmdHF14AMfUWrBl(const char *Cmd){ uint8_t authenticationkey[16] = {0x00}; uint8_t *authKeyPtr = authenticationkey; + clearCommandBuffer(); + // starting with getting tagtype TagTypeUL_t tagtype = GetHF14AMfU_Type(); if (tagtype == UL_ERROR) return -1; @@ -982,7 +986,9 @@ int CmdHF14AMfURdBl(const char *Cmd){ uint8_t data[16] = {0x00}; uint8_t authenticationkey[16] = {0x00}; uint8_t *authKeyPtr = authenticationkey; - + + clearCommandBuffer(); + // starting with getting tagtype TagTypeUL_t tagtype = GetHF14AMfU_Type(); if (tagtype == UL_ERROR) return -1; @@ -1179,6 +1185,8 @@ int CmdHF14AMfUDump(const char *Cmd){ uint8_t startPage = 0; char tempStr[50]; + clearCommandBuffer(); + while(param_getchar(Cmd, cmdp) != 0x00) { switch(param_getchar(Cmd, cmdp)) @@ -1403,6 +1411,8 @@ int CmdHF14AMfucAuth(const char *Cmd){ char cmdp = param_getchar(Cmd, 0); + clearCommandBuffer(); + //Change key to user defined one if (cmdp == 'k' || cmdp == 'K'){ keyNo = param_get8(Cmd, 1); @@ -1542,6 +1552,8 @@ int CmdHF14AMfucSetPwd(const char *Cmd){ char cmdp = param_getchar(Cmd, 0); + clearCommandBuffer(); + if (strlen(Cmd) == 0 || cmdp == 'h' || cmdp == 'H') { PrintAndLog("Usage: hf mfu setpwd "); PrintAndLog(" [password] - (32 hex symbols)"); @@ -1588,6 +1600,8 @@ int CmdHF14AMfucSetUid(const char *Cmd){ uint8_t uid[7] = {0x00}; char cmdp = param_getchar(Cmd, 0); + clearCommandBuffer(); + if (strlen(Cmd) == 0 || cmdp == 'h' || cmdp == 'H') { PrintAndLog("Usage: hf mfu setuid "); PrintAndLog(" [uid] - (14 hex symbols)"); diff --git a/client/cmdhw.c b/client/cmdhw.c index 4f65fb8c..5ec0aa60 100644 --- a/client/cmdhw.c +++ b/client/cmdhw.c @@ -15,7 +15,6 @@ #include "ui.h" #include "proxmark3.h" #include "cmdparser.h" -#include "cmddata.h" #include "cmdhw.h" #include "cmdmain.h" #include "cmddata.h" diff --git a/client/cmdmain.c b/client/cmdmain.c index b0d3d2a0..75778d1a 100644 --- a/client/cmdmain.c +++ b/client/cmdmain.c @@ -34,7 +34,7 @@ static int CmdHelp(const char *Cmd); static int CmdQuit(const char *Cmd); //For storing command that are received from the device -#define CMD_BUFFER_SIZE 50 +#define CMD_BUFFER_SIZE 60 static UsbCommand cmdBuffer[CMD_BUFFER_SIZE]; //Points to the next empty position to write to static int cmd_head;//Starts as 0 diff --git a/client/util.c b/client/util.c index a64f46b9..30547080 100644 --- a/client/util.c +++ b/client/util.c @@ -444,3 +444,12 @@ void wiegand_add_parity(char *target, char *source, char length) target += length; *(target)= GetParity(source + length / 2, ODD, length / 2); } + +void xor(unsigned char * dst, unsigned char * src, size_t len) { + for( ; len > 0; len--,dst++,src++) + *dst ^= *src; +} + +int32_t le24toh (uint8_t data[3]) { + return (data[2] << 16) | (data[1] << 8) | data[0]; +} diff --git a/client/util.h b/client/util.h index f58f64cb..4c7e93a7 100644 --- a/client/util.h +++ b/client/util.h @@ -63,3 +63,6 @@ void binarraytobinstring(char *target, char *source, int length); uint8_t GetParity( char *string, uint8_t type, int length); void wiegand_add_parity(char *target, char *source, char length); +void xor(unsigned char * dst, unsigned char * src, size_t len); +int32_t le24toh (uint8_t data[3]); + -- 2.39.2