]>
git.zerfleddert.de Git - proxmark3-svn/blob - client/cmdlfhid.c
1 //-----------------------------------------------------------------------------
2 // Copyright (C) 2010 iZsh <izsh at fail0verflow.com>
4 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
5 // at your option, any later version. See the LICENSE.txt file for the text of
7 //-----------------------------------------------------------------------------
8 // Low frequency HID commands
9 //-----------------------------------------------------------------------------
13 #include "proxmark3.h"
16 #include "cmdparser.h"
21 static int CmdHelp(const char *Cmd
);
23 int usage_hid_wiegand(){
24 PrintAndLog("Usage: lf hid wiegand [h] [formatlenght] [oem] [FacilityCode] [cardnumber]");
25 PrintAndLog("This command converts FC/Cardnum to wiegand code");
26 PrintAndLog("Options:");
27 PrintAndLog(" h - This help");
28 PrintAndLog(" formatlen - Format length, 26|34|35|37|44|84");
29 PrintAndLog(" oem - Oem number");
30 PrintAndLog(" facilitynum - Facility number");
31 PrintAndLog(" cardnum - Card number");
32 PrintAndLog("Examples:");
33 PrintAndLog(" lf hid wiegand 26 0 101 2001");
38 int CmdHIDDemod(const char *Cmd)
40 if (GraphTraceLen < 4800) {
41 PrintAndLog("too short; need at least 4800 samples");
46 for (int i = 0; i < GraphTraceLen; ++i) {
47 if (GraphBuffer[i] < 0) {
57 int CmdHIDDemodFSK(const char *Cmd
)
59 int findone
= ( Cmd
[0] == '1' ) ? 1 : 0;
60 UsbCommand c
= {CMD_HID_DEMOD_FSK
, {findone
, 0 , 0}};
66 int CmdHIDSim(const char *Cmd
)
68 unsigned int hi
= 0, lo
= 0;
71 while (sscanf(&Cmd
[i
++], "%1x", &n
) == 1) {
72 hi
= (hi
<< 4) | (lo
>> 28);
73 lo
= (lo
<< 4) | (n
& 0xf);
76 PrintAndLog("Emulating tag with ID %x%16x", hi
, lo
);
77 PrintAndLog("Press pm3-button to abort simulation");
79 UsbCommand c
= {CMD_HID_SIM_TAG
, {hi
, lo
, 0}};
85 int CmdHIDClone(const char *Cmd
)
87 unsigned int hi2
= 0, hi
= 0, lo
= 0;
91 if (strchr(Cmd
,'l') != 0) {
92 while (sscanf(&Cmd
[i
++], "%1x", &n
) == 1) {
93 hi2
= (hi2
<< 4) | (hi
>> 28);
94 hi
= (hi
<< 4) | (lo
>> 28);
95 lo
= (lo
<< 4) | (n
& 0xf);
98 PrintAndLog("Cloning tag with long ID %x%08x%08x", hi2
, hi
, lo
);
102 while (sscanf(&Cmd
[i
++], "%1x", &n
) == 1) {
103 hi
= (hi
<< 4) | (lo
>> 28);
104 lo
= (lo
<< 4) | (n
& 0xf);
107 PrintAndLog("Cloning tag with ID %x%08x", hi
, lo
);
113 c
.cmd
= CMD_HID_CLONE_TAG
;
118 clearCommandBuffer();
123 static void getParity26(uint32_t *hi
, uint32_t *lo
){
127 for (i
= 24;i
>= 13;i
--)
128 result
^= (*lo
>> i
) & 1;
129 // even parity 26th bit
134 for (i
= 12;i
>= 1;i
--)
135 result
^= (*lo
>> i
) & 1;
138 static void getParity34(uint32_t *hi
, uint32_t *lo
){
143 for (i
= 7;i
>= 0;i
--)
144 result
^= (*hi
>> i
) & i
;
145 for (i
= 31;i
>= 24;i
--)
146 result
^= (*lo
>> i
) & 1;
152 for (i
= 23;i
>= 1;i
--)
153 result
^= (*lo
>> i
) & 1;
157 static void getParity35(uint32_t *hi
, uint32_t *lo
){
160 static void getParity37S(uint32_t *hi
,uint32_t *lo
){
165 for (i
= 4; i
>= 0; i
--)
166 result
^= (*hi
>> i
) & 1;
168 for (i
= 31; i
>= 20; i
--)
169 result
^= (*lo
>> i
) & 1;
175 for (i
= 19; i
>= 1; i
--)
176 result
^= (*lo
>> i
) & 1;
180 static void getParity37H(uint32_t *hi
, uint32_t *lo
){
185 for (i
= 4;i
>= 0;i
--)
186 result
^= (*hi
>> i
) & 1;
187 for (i
= 31;i
>= 20;i
--)
188 result
^= (*lo
>> i
) & 1;
193 for (i
= 19;i
>= 1;i
--)
194 result
^= (*lo
>> i
) & 1;
198 static void calc26(uint16_t fc
, uint32_t cardno
, uint32_t *hi
, uint32_t *lo
){
199 *lo
= ((cardno
& 0xFFFF) << 1) | ((fc
& 0xFF) << 17) | (1 << 26);
202 static void calc34(uint16_t fc
, uint32_t cardno
, uint32_t *hi
, uint32_t *lo
){
203 // put card number first bit 1 .. 20 //
204 *lo
= ((cardno
& 0X000F7FFF) << 1) | ((fc
& 0XFFFF) << 17);
205 // set bit format for less than 37 bit format
206 *hi
= (1 << 5) | (fc
>> 15);
208 static void calc35(uint16_t fc
, uint32_t cardno
, uint32_t *hi
, uint32_t *lo
){
209 *lo
= ((cardno
& 0xFFFFF) << 1) | fc
<< 21;
210 *hi
= (1 << 5) | ((fc
>> 11) & 1);
212 static void calc37S(uint16_t sc
, uint32_t cn
, uint32_t *hi
, uint32_t *lo
){
213 // SC 2 - 17 - 16 bit
214 // CN 18 - 36 - 19 bit
219 *lo
= ( (sc
<< 20) | (cn
& 0x7FFFF) << 1);
222 static void calc37H(uint64_t cn
, uint32_t *hi
, uint32_t *lo
){
225 // Even Parity 0th bit 1-18
226 // Odd Parity 36th bit 19-35
227 cn
= (cn
& 0x00000003FFFFFFFF);
231 static void calc40(uint64_t cn
, uint32_t *hi
, uint32_t *lo
){
232 cn
= (cn
& 0xFFFFFFFFFF);
233 *lo
= ((cn
& 0xFFFFFFFF) << 1 );
237 int CmdHIDWiegand(const char *Cmd
)
241 uint32_t fc
, lo
= 0, hi
= 0;
243 uint32_t cardnum
= 0;
246 uint8_t ctmp
= param_getchar(Cmd
, 0);
247 if ( strlen(Cmd
) < 0 || strlen(Cmd
) < 4 || ctmp
== 'H' || ctmp
== 'h' ) return usage_hid_wiegand();
249 fmtlen
= param_get8(Cmd
, 0);
250 oem
= param_get8(Cmd
, 1);
251 fc
= param_get32ex(Cmd
, 2, 0, 10);
252 cn
= param_get64ex(Cmd
, 3, 0, 10);
256 cardnum
= (cn
& 0xFFFFFFFF);
257 calc26(fc
, cardnum
, &hi
, &lo
);
258 getParity26(&hi
, &lo
);
262 cardnum
= (cn
& 0xFFFFFFFF);
263 calc34(fc
, cardnum
, &hi
, &lo
);
264 getParity34(&hi
, &lo
);
268 cardnum
= (cn
& 0xFFFFFFFF);
269 calc35(fc
, cardnum
, &hi
, &lo
);
270 getParity35(&hi
, &lo
);
274 cardnum
= (cn
& 0xFFFFFFFF);
275 calc37S(fc
, cardnum
, &hi
, &lo
);
276 getParity37S(&hi
, &lo
);
280 cardnum
= (cn
& 0xFFFFFFFF);
281 calc37H(cardnum
, &hi
, &lo
);
282 getParity37H(&hi
, &lo
);
286 calc40(cn
, &hi
, &lo
);
292 PrintAndLog("HID %d bit | FC: %d CN: %lld | Wiegand Code: %08X%08X", fmtlen
, fc
, cn
, hi
, lo
);
296 static command_t CommandTable
[] = {
297 {"help", CmdHelp
, 1, "This help"},
298 //{"demod", CmdHIDDemod, 1, "Demodulate HID Prox Card II (not optimal)"},
299 {"fskdemod", CmdHIDDemodFSK
, 0, "['1'] Realtime HID FSK demodulator (option '1' for one tag only)"},
300 {"sim", CmdHIDSim
, 0, "<ID> -- HID tag simulator"},
301 {"clone", CmdHIDClone
, 0, "<ID> ['l'] -- Clone HID to T55x7 (tag must be in antenna)(option 'l' for 84bit ID)"},
302 {"wiegand", CmdHIDWiegand
, 1, "<oem> <fmtlen> <fc> <cardnum> -- convert facilitycode, cardnumber to Wiegand code"},
303 {NULL
, NULL
, 0, NULL
}
306 int CmdLFHID(const char *Cmd
) {
307 CmdsParse(CommandTable
, Cmd
);
311 int CmdHelp(const char *Cmd
) {
312 CmdsHelp(CommandTable
);