+ clearCommandBuffer();\r
+ SendCommand(&c);\r
+ if ( !WaitForResponseTimeout(CMD_ACK,NULL,2500) ) {\r
+ PrintAndLog("command execution time out");\r
+ return 0;\r
+ }\r
+\r
+ uint8_t got[BIGBUF_SIZE-1];\r
+ GetFromBigBuf(got,sizeof(got),0);\r
+ WaitForResponse(CMD_ACK,NULL);\r
+ setGraphBuf(got, sizeof(got));\r
+ return 1;\r
+}\r
+\r
+int CmdT55xxWipe(const char *Cmd) {\r
+ char writeData[20] = {0};\r
+ char *ptrData = writeData;\r
+ \r
+ PrintAndLog("\nBeginning Wipe of a T55xx tag (assuming the tag is not password protected)\n");\r
+ \r
+ //try with the default password to reset block 0 (with a pwd should work even if pwd bit not set)\r
+ snprintf(ptrData,sizeof(writeData),"b 0 d 000880E0 p 0");\r
+ \r
+ if (!CmdT55xxWriteBlock(ptrData))\r
+ PrintAndLog("Error writing blk 0");\r
+ \r
+ for (uint8_t blk = 1; blk<8; blk++) {\r
+ \r
+ snprintf(ptrData,sizeof(writeData),"b %d d 0", blk);\r
+ \r
+ if (!CmdT55xxWriteBlock(ptrData)) \r
+ PrintAndLog("Error writing blk %d", blk);\r
+ \r
+ memset(writeData, sizeof(writeData), 0x00);\r
+ }\r
+ return 0;\r
+}\r
+\r
+int CmdT55xxBruteForce(const char *Cmd) {\r
+ uint32_t start_password = 0x00000000; //start password\r
+ uint32_t end_password = 0xFFFFFFFF; //end password\r
+\r
+ bool found = false;\r
+ char cmdp = param_getchar(Cmd, 0);\r
+ if (cmdp == 'h' || cmdp == 'H') return usage_t55xx_bruteforce();\r
+\r
+ start_password = param_get32ex(Cmd, 0, 0, 16);\r
+ end_password = param_get32ex(Cmd, 1, 0, 16);\r
+ \r
+ if ( start_password == end_password ) return usage_t55xx_bruteforce();\r
+ \r
+ PrintAndLog("Start Password %08x", start_password);\r
+ PrintAndLog(" End Password %08x", end_password);\r
+ \r
+ int i = start_password;\r
+\r
+ while ((!found) && (i <= end_password)){\r
+\r
+ AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, TRUE, i);\r
+ found = tryDetectModulation();\r
+ \r
+ if (found)\r
+ break;\r
+ \r
+ if ((i % 0x100) == 0) printf("[%08x], ",i);\r