]> git.zerfleddert.de Git - proxmark3-svn/blobdiff - client/cmdhf14a.c
target and bitstream back to front!
[proxmark3-svn] / client / cmdhf14a.c
index 2a8c1f8766294b095a19ff08e1f7eccaabd86201..35fcd68cc172b76c889a086c8d309abdca998f8d 100644 (file)
@@ -173,20 +173,142 @@ int CmdHF14AReader(const char *Cmd)
        PrintAndLog("ATQA : %02x %02x", card->atqa[0], card->atqa[1]);
        PrintAndLog(" UID : %s", sprint_hex(uid, 12));
        PrintAndLog(" SAK : %02x [%d]", card->sak, resp->arg[0]);
+
        switch (card->sak) {
-               case  0: PrintAndLog(" SAK : MIFARE ultralight?"); break;
-               case  8: PrintAndLog(" SAK : MIFARE CLASSIC 1K"); break;
-               case  9: PrintAndLog(" SAK : MIFARE MINI"); break;
-               case 18: PrintAndLog(" SAK : MIFARE CLASSIC 4K"); break;
-               case 20: PrintAndLog(" SAK : MIFARE DESFIRE or JCOP 31/41"); break;
-               case 28: PrintAndLog(" SAK : JCOP31 or JCOP41 v2.3.1"); break;
-               case 38: PrintAndLog(" SAK : Nokia 6212 or 6131 MIFARE CLASSIC 4K"); break;
-               case 88: PrintAndLog(" SAK : Infineon MIFARE CLASSIC 1K"); break;
-               case 98: PrintAndLog(" SAK : Gemplus MPCOS"); break;
+               case 0x00: PrintAndLog(" SAK : NXP MIFARE Ultralight | Ultralight C"); break;
+               case 0x04: PrintAndLog(" SAK : NXP MIFARE (various !DESFire !DESFire EV1)"); break;
+
+               case 0x08: PrintAndLog(" SAK : NXP MIFARE CLASSIC 1k | Plus 2k"); break;
+               case 0x09: PrintAndLog(" SAK : NXP MIFARE Mini 0.3k"); break;
+               case 0x10: PrintAndLog(" SAK : NXP MIFARE Plus 2k"); break;
+               case 0x11: PrintAndLog(" SAK : NXP MIFARE Plus 4k"); break;
+               case 0x18: PrintAndLog(" SAK : NXP MIFARE Classic 4k | Plus 4k"); break;
+               case 0x20: PrintAndLog(" SAK : NXP MIFARE DESFire 4k | DESFire EV1 2k/4k/8k | Plus 2k/4k | JCOP 31/41"); break;
+               case 0x24: PrintAndLog(" SAK : NXP MIFARE DESFire | DESFire EV1"); break;
+               case 0x28: PrintAndLog(" SAK : JCOP31 or JCOP41 v2.3.1"); break;
+               case 0x38: PrintAndLog(" SAK : Nokia 6212 or 6131 MIFARE CLASSIC 4K"); break;
+               case 0x88: PrintAndLog(" SAK : Infineon MIFARE CLASSIC 1K"); break;
+               case 0x98: PrintAndLog(" SAK : Gemplus MPCOS"); break;
                default: ;
        }
-       if(resp->arg[0] == 1)
+       if(resp->arg[0] == 1) {
+               bool ta1 = 0, tb1 = 0, tc1 = 0;
+               int pos;
+
                PrintAndLog(" ATS : %s", sprint_hex(card->ats, card->ats_len));
+               if (card->ats_len > 0) {
+                       PrintAndLog("       -  TL : length is %d bytes", card->ats[0]);
+               }
+               if (card->ats_len > 1) {
+                       ta1 = (card->ats[1] & 0x10) == 0x10;
+                       tb1 = (card->ats[1] & 0x20) == 0x20;
+                       tc1 = (card->ats[1] & 0x40) == 0x40;
+                       PrintAndLog("       -  T0 : TA1 is%s present, TB1 is%s present, "
+                                       "TC1 is%s present, FSCI is %d",
+                               (ta1 ? "" : " NOT"), (tb1 ? "" : " NOT"), (tc1 ? "" : " NOT"),
+                               (card->ats[1] & 0x0f));
+               }
+               pos = 2;
+               if (ta1 && card->ats_len > pos) {
+                       char dr[16], ds[16];
+                       dr[0] = ds[0] = '\0';
+                       if (card->ats[pos] & 0x10) strcat(ds, "2, ");
+                       if (card->ats[pos] & 0x20) strcat(ds, "4, ");
+                       if (card->ats[pos] & 0x40) strcat(ds, "8, ");
+                       if (card->ats[pos] & 0x01) strcat(dr, "2, ");
+                       if (card->ats[pos] & 0x02) strcat(dr, "4, ");
+                       if (card->ats[pos] & 0x04) strcat(dr, "8, ");
+                       if (strlen(ds) != 0) ds[strlen(ds) - 2] = '\0';
+                       if (strlen(dr) != 0) dr[strlen(dr) - 2] = '\0';
+                       PrintAndLog("       - TA1 : different divisors are%s supported, "
+                                       "DR: [%s], DS: [%s]",
+                                       (card->ats[pos] & 0x80 ? " NOT" : ""), dr, ds);
+                       pos++;
+               }
+               if (tb1 && card->ats_len > pos) {
+                       PrintAndLog("       - TB1 : SFGI = %d, FWI = %d",
+                                       (card->ats[pos] & 0x08),
+                                       (card->ats[pos] & 0x80) >> 4);
+                       pos++;
+               }
+               if (tc1 && card->ats_len > pos) {
+                       PrintAndLog("       - TC1 : NAD is%s supported, CID is%s supported",
+                                       (card->ats[pos] & 0x01) ? "" : " NOT",
+                                       (card->ats[pos] & 0x02) ? "" : " NOT");
+                       pos++;
+               }
+               if (card->ats_len > pos) {
+                       char *tip = "";
+                       if (card->ats_len - pos > 7) {
+                               if (memcmp(card->ats + pos, "\xC1\x05\x2F\x2F\x01\xBC\xD6", 7) == 0) {
+                                       tip = "-> MIFARE Plus X 2K or 4K";
+                               } else if (memcmp(card->ats + pos, "\xC1\x05\x2F\x2F\x00\x35\xC7", 7) == 0) {
+                                       tip = "-> MIFARE Plus S 2K or 4K";
+                               }
+                       } 
+                       PrintAndLog("       -  HB : %s%s", sprint_hex(card->ats + pos, card->ats_len - pos - 2), tip);
+                       if (card->ats[pos] == 0xC1) {
+                               PrintAndLog("               c1 -> Mifare or (multiple) virtual cards of various type");
+                               PrintAndLog("                  %02x -> Length is %d bytes",
+                                               card->ats[pos + 1], card->ats[pos + 1]);
+                               switch (card->ats[pos + 2] & 0xf0) {
+                                       case 0x10:
+                                               PrintAndLog("                     1x -> MIFARE DESFire");
+                                               break;
+                                       case 0x20:
+                                               PrintAndLog("                     2x -> MIFARE Plus");
+                                               break;
+                               }
+                               switch (card->ats[pos + 2] & 0x0f) {
+                                       case 0x00:
+                                               PrintAndLog("                     x0 -> <1 kByte");
+                                               break;
+                                       case 0x01:
+                                               PrintAndLog("                     x0 -> 1 kByte");
+                                               break;
+                                       case 0x02:
+                                               PrintAndLog("                     x0 -> 2 kByte");
+                                               break;
+                                       case 0x03:
+                                               PrintAndLog("                     x0 -> 4 kByte");
+                                               break;
+                                       case 0x04:
+                                               PrintAndLog("                     x0 -> 8 kByte");
+                                               break;
+                               }
+                               switch (card->ats[pos + 3] & 0xf0) {
+                                       case 0x00:
+                                               PrintAndLog("                        0x -> Engineering sample");
+                                               break;
+                                       case 0x20:
+                                               PrintAndLog("                        2x -> Released");
+                                               break;
+                               }
+                               switch (card->ats[pos + 3] & 0x0f) {
+                                       case 0x00:
+                                               PrintAndLog("                        x0 -> Generation 1");
+                                               break;
+                                       case 0x01:
+                                               PrintAndLog("                        x1 -> Generation 2");
+                                               break;
+                                       case 0x02:
+                                               PrintAndLog("                        x2 -> Generation 3");
+                                               break;
+                               }
+                               switch (card->ats[pos + 4] & 0x0f) {
+                                       case 0x00:
+                                               PrintAndLog("                           x0 -> Only VCSL supported");
+                                               break;
+                                       case 0x01:
+                                               PrintAndLog("                           x1 -> VCS, VCSL, and SVC supported");
+                                               break;
+                                       case 0x0E:
+                                               PrintAndLog("                           xE -> no VCS command supported");
+                                               break;
+                               }
+                       }
+               }
+       }
        else
                PrintAndLog("proprietary non-iso14443a card found, RATS not supported");
 
@@ -196,25 +318,108 @@ int CmdHF14AReader(const char *Cmd)
 // ## simulate iso14443a tag
 // ## greg - added ability to specify tag UID
 int CmdHF14ASim(const char *Cmd)
-{                                 
-
+{
+       UsbCommand c = {CMD_SIMULATE_TAG_ISO_14443a,{0,0,0}};
+       
+       // Retrieve the tag type
+       uint8_t tagtype = param_get8ex(Cmd,0,0,10);
+       
+       // When no argument was given, just print help message
+       if (tagtype == 0) {
+               PrintAndLog("");
+               PrintAndLog(" Emulating ISO/IEC 14443 type A tag with 4 or 7 byte UID");
+               PrintAndLog("");
+               PrintAndLog("   syntax: hf 14a sim <type> <uid>");
+               PrintAndLog("    types: 1 = MIFARE Classic");
+               PrintAndLog("           2 = MIFARE Ultralight");
+               PrintAndLog("           3 = MIFARE DESFIRE");
+               PrintAndLog("           4 = ISO/IEC 14443-4");
+               PrintAndLog("");
+               return 1;
+       }
+       
+       // Store the tag type
+       c.arg[0] = tagtype;
+       
+       // Retrieve the full 4 or 7 byte long uid 
+       uint64_t long_uid = param_get64ex(Cmd,1,0,16);
+
+       // Are we handling the (optional) second part uid?
+       if (long_uid > 0xffffffff) {
+               PrintAndLog("Emulating ISO/IEC 14443 type A tag with 7 byte UID (%014llx)",long_uid);
+               // Store the second part
+               c.arg[2] = (long_uid & 0xffffffff);
+               long_uid >>= 32;
+               // Store the first part, ignore the first byte, it is replaced by cascade byte (0x88)
+               c.arg[1] = (long_uid & 0xffffff);
+       } else {
+               PrintAndLog("Emulating ISO/IEC 14443 type A tag with 4 byte UID (%08x)",long_uid);
+               // Only store the first part
+               c.arg[1] = long_uid & 0xffffffff;
+       }
+/*
+               // At lease save the mandatory first part of the UID
+               c.arg[0] = long_uid & 0xffffffff;
+
+       
+       // At lease save the mandatory first part of the UID
+       c.arg[0] = long_uid & 0xffffffff;
+       
+       if (c.arg[1] == 0) {
+               PrintAndLog("Emulating ISO/IEC 14443 type A tag with UID %01d %08x %08x",c.arg[0],c.arg[1],c.arg[2]);
+       }
+       
+       switch (c.arg[0]) {
+               case 1: {
+                       PrintAndLog("Emulating ISO/IEC 14443-3 type A tag with 4 byte UID");
+                       UsbCommand c = {CMD_SIMULATE_TAG_ISO_14443a,param_get32ex(Cmd,0,0,10),param_get32ex(Cmd,1,0,16),param_get32ex(Cmd,2,0,16)};
+               } break;
+               case 2: {
+                       PrintAndLog("Emulating ISO/IEC 14443-4 type A tag with 7 byte UID");
+               } break;
+               default: {
+                       PrintAndLog("Error: unkown tag type (%d)",c.arg[0]);
+                       PrintAndLog("syntax: hf 14a sim <uid>",c.arg[0]);
+                       PrintAndLog(" type1: 4 ",c.arg[0]);
+
+                       return 1;
+               } break;
+       }       
+*/
+/*
   unsigned int hi = 0, lo = 0;
   int n = 0, i = 0;
   while (sscanf(&Cmd[i++], "%1x", &n ) == 1) {
     hi= (hi << 4) | (lo >> 28);
     lo= (lo << 4) | (n & 0xf);
   }
-
-  // c.arg should be set to *Cmd or convert *Cmd to the correct format for a uid
-  UsbCommand c = {CMD_SIMULATE_TAG_ISO_14443a, {hi, lo, 0}};
-  PrintAndLog("Emulating 14443A TAG with UID %x%16x", hi, lo);
+*/
+//     UsbCommand c = {CMD_SIMULATE_TAG_ISO_14443a,param_get32ex(Cmd,0,0,10),param_get32ex(Cmd,1,0,16),param_get32ex(Cmd,2,0,16)};
+//  PrintAndLog("Emulating ISO/IEC 14443 type A tag with UID %01d %08x %08x",c.arg[0],c.arg[1],c.arg[2]);
   SendCommand(&c);
   return 0;
 }
 
-int CmdHF14ASnoop(const char *Cmd)
-{
-  UsbCommand c = {CMD_SNOOP_ISO_14443a};
+int CmdHF14ASnoop(const char *Cmd) {
+       int param = 0;
+       
+       if (param_getchar(Cmd, 0) == 'h') {
+               PrintAndLog("It get data from the field and saves it into command buffer.");
+               PrintAndLog("Buffer accessible from command hf 14a list.");
+               PrintAndLog("Usage:  hf 14a snoop [c][r]");
+               PrintAndLog("c - triggered by first data from card");
+               PrintAndLog("r - triggered by first 7-bit request from reader (REQ,WUP,...)");
+               PrintAndLog("sample: hf 14a snoop c r");
+               return 0;
+       }       
+       
+       for (int i = 0; i < 2; i++) {
+               char ctmp = param_getchar(Cmd, i);
+               if (ctmp == 'c' || ctmp == 'C') param |= 0x01;
+               if (ctmp == 'r' || ctmp == 'R') param |= 0x02;
+       }
+
+  UsbCommand c = {CMD_SNOOP_ISO_14443a, {param, 0, 0}};
   SendCommand(&c);
   return 0;
 }
Impressum, Datenschutz