]> git.zerfleddert.de Git - proxmark3-svn/blobdiff - client/cmdlft55xx.c
ADD: `analyse nuid` - generates NUID 4byte from a UID 7byte. Mifare Classic Ev1...
[proxmark3-svn] / client / cmdlft55xx.c
index f30bc5ce2146a676f54154d1677f7efba7ffdf98..5b650b30d27ffe64370e860b33c62978580de092 100644 (file)
@@ -6,28 +6,7 @@
 //-----------------------------------------------------------------------------\r
 // Low frequency T55xx commands\r
 //-----------------------------------------------------------------------------\r
 //-----------------------------------------------------------------------------\r
 // Low frequency T55xx commands\r
 //-----------------------------------------------------------------------------\r
-\r
-#include <stdio.h>\r
-#include <string.h>\r
-#include <inttypes.h>\r
-#include "proxmark3.h"\r
-#include "ui.h"\r
-#include "graph.h"\r
-#include "cmdmain.h"\r
-#include "cmdparser.h"\r
-#include "cmddata.h"\r
-#include "cmdlf.h"\r
 #include "cmdlft55xx.h"\r
 #include "cmdlft55xx.h"\r
-#include "util.h"\r
-#include "data.h"\r
-#include "lfdemod.h"\r
-#include "cmdhf14a.h" //for getTagInfo\r
-\r
-#define T55x7_CONFIGURATION_BLOCK 0x00\r
-#define T55x7_PAGE0 0x00\r
-#define T55x7_PAGE1 0x01\r
-#define T55x7_PWD      0x00000010\r
-#define REGULAR_READ_MODE_BLOCK 0xFF\r
 \r
 // Default configuration\r
 t55xx_conf_block_t config = { .modulation = DEMOD_ASK, .inverted = FALSE, .offset = 0x00, .block0 = 0x00, .Q5 = FALSE };\r
 \r
 // Default configuration\r
 t55xx_conf_block_t config = { .modulation = DEMOD_ASK, .inverted = FALSE, .offset = 0x00, .block0 = 0x00, .Q5 = FALSE };\r
@@ -636,6 +615,7 @@ bool tryDetectModulation(){
                                tests[hits].ST = FALSE;\r
                                ++hits;\r
                        }\r
                                tests[hits].ST = FALSE;\r
                                ++hits;\r
                        }\r
+                       //ICEMAN: are these PSKDemod calls needed?\r
                        // PSK2 - needs a call to psk1TOpsk2.\r
                        if ( PSKDemod("0 0 6", FALSE)) {\r
                                psk1TOpsk2(DemodBuffer, DemodBufferLen);\r
                        // PSK2 - needs a call to psk1TOpsk2.\r
                        if ( PSKDemod("0 0 6", FALSE)) {\r
                                psk1TOpsk2(DemodBuffer, DemodBufferLen);\r
@@ -1431,10 +1411,9 @@ void t55x7_create_config_block( int tagtype ){
 \r
 int CmdResetRead(const char *Cmd) {\r
        UsbCommand c = {CMD_T55XX_RESET_READ, {0,0,0}};\r
 \r
 int CmdResetRead(const char *Cmd) {\r
        UsbCommand c = {CMD_T55XX_RESET_READ, {0,0,0}};\r
-\r
        clearCommandBuffer();\r
        SendCommand(&c);\r
        clearCommandBuffer();\r
        SendCommand(&c);\r
-       if ( !WaitForResponseTimeout(CMD_ACK,NULL,2500) ) {\r
+       if ( !WaitForResponseTimeout(CMD_ACK, NULL, 2500) ) {\r
                PrintAndLog("command execution time out");\r
                return 0;\r
        }\r
                PrintAndLog("command execution time out");\r
                return 0;\r
        }\r
@@ -1489,7 +1468,7 @@ bool IsCancelled(void) {
 int CmdT55xxBruteForce(const char *Cmd) {\r
        \r
        // load a default pwd file.\r
 int CmdT55xxBruteForce(const char *Cmd) {\r
        \r
        // load a default pwd file.\r
-       char buf[9];\r
+       char line[9];\r
        char filename[FILE_PATH_SIZE]={0};\r
        int     keycnt = 0;\r
        uint8_t stKeyBlock = 20;\r
        char filename[FILE_PATH_SIZE]={0};\r
        int     keycnt = 0;\r
        uint8_t stKeyBlock = 20;\r
@@ -1498,10 +1477,12 @@ int CmdT55xxBruteForce(const char *Cmd) {
     uint32_t end_password   = 0xFFFFFFFF; //end   password\r
     bool found = false;\r
 \r
     uint32_t end_password   = 0xFFFFFFFF; //end   password\r
     bool found = false;\r
 \r
+       memset(line, 0, sizeof(line));\r
+       \r
     char cmdp = param_getchar(Cmd, 0);\r
        if (cmdp == 'h' || cmdp == 'H') return usage_t55xx_bruteforce();\r
 \r
     char cmdp = param_getchar(Cmd, 0);\r
        if (cmdp == 'h' || cmdp == 'H') return usage_t55xx_bruteforce();\r
 \r
-       keyBlock = calloc(stKeyBlock, 6);\r
+       keyBlock = calloc(stKeyBlock, 4);\r
        if (keyBlock == NULL) return 1;\r
 \r
        if (cmdp == 'i' || cmdp == 'I') {\r
        if (keyBlock == NULL) return 1;\r
 \r
        if (cmdp == 'i' || cmdp == 'I') {\r
@@ -1516,45 +1497,47 @@ int CmdT55xxBruteForce(const char *Cmd) {
                        free(keyBlock);\r
                        return 1;\r
                }                       \r
                        free(keyBlock);\r
                        return 1;\r
                }                       \r
-                       \r
-               while( fgets(buf, sizeof(buf), f) ){\r
-                       if (strlen(buf) < 8 || buf[7] == '\n') continue;\r
                \r
                \r
-                       while (fgetc(f) != '\n' && !feof(f)) ;  //goto next line\r
-                       \r
+               while( fgets(line, sizeof(line), f) ){\r
+                       if (strlen(line) < 8 || line[7] == '\n') continue;\r
+               \r
+                       //goto next line\r
+                       while (fgetc(f) != '\n' && !feof(f)) ;\r
+               \r
                        //The line start with # is comment, skip\r
                        //The line start with # is comment, skip\r
-                       if( buf[0]=='#' ) continue;\r
+                       if( line[0]=='#' ) continue;\r
 \r
 \r
-                       if (!isxdigit(buf[0])){\r
-                               PrintAndLog("File content error. '%s' must include 8 HEX symbols", buf);\r
+                       if (!isxdigit(line[0])) {\r
+                               PrintAndLog("File content error. '%s' must include 8 HEX symbols", line);\r
                                continue;\r
                        }\r
                        \r
                                continue;\r
                        }\r
                        \r
-                       buf[8] = 0;\r
-\r
+                       line[8] = 0;            \r
+                       \r
+                       // realloc keyblock array size.\r
                        if ( stKeyBlock - keycnt < 2) {\r
                        if ( stKeyBlock - keycnt < 2) {\r
-                               p = realloc(keyBlock, 6*(stKeyBlock+=10));\r
+                               p = realloc(keyBlock, 4 * (stKeyBlock += 10));\r
                                if (!p) {\r
                                        PrintAndLog("Cannot allocate memory for defaultKeys");\r
                                        free(keyBlock);\r
                                if (!p) {\r
                                        PrintAndLog("Cannot allocate memory for defaultKeys");\r
                                        free(keyBlock);\r
-                                       if (f) {\r
+                                       if (f)\r
                                                fclose(f);\r
                                                fclose(f);\r
-                                               f = NULL;\r
-                                       }\r
                                        return 2;\r
                                }\r
                                keyBlock = p;\r
                        }\r
                                        return 2;\r
                                }\r
                                keyBlock = p;\r
                        }\r
+                       // clear mem\r
                        memset(keyBlock + 4 * keycnt, 0, 4);\r
                        memset(keyBlock + 4 * keycnt, 0, 4);\r
-                       num_to_bytes(strtoll(buf, NULL, 16), 4, keyBlock + 4*keycnt);\r
-                       PrintAndLog("chk custom pwd[%2d] %08X", keycnt, bytes_to_num(keyBlock + 4*keycnt, 4));\r
-                       keycnt++;\r
-                       memset(buf, 0, sizeof(buf));\r
+                       \r
+                       num_to_bytes( strtoll(line, NULL, 16), 4, keyBlock + 4*keycnt);\r
+                       \r
+                       PrintAndLog("chk custom pwd[%2d] %08X", keycnt, bytes_to_num(keyBlock + 4 * keycnt, 4) );                       \r
+                       keycnt++;                       \r
+                       memset(line, 0, sizeof(line));\r
                }               \r
                }               \r
-               if (f) {\r
+               if (f)\r
                        fclose(f);\r
                        fclose(f);\r
-                       f = NULL;\r
-               }\r
+               \r
                if (keycnt == 0) {\r
                        PrintAndLog("No keys found in file");\r
                        free(keyBlock);\r
                if (keycnt == 0) {\r
                        PrintAndLog("No keys found in file");\r
                        free(keyBlock);\r
@@ -1582,7 +1565,7 @@ int CmdT55xxBruteForce(const char *Cmd) {
                        PrintAndLog("Testing %08X", testpwd);\r
                                                \r
                        if ( !AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, TRUE, testpwd)) {\r
                        PrintAndLog("Testing %08X", testpwd);\r
                                                \r
                        if ( !AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, TRUE, testpwd)) {\r
-                               PrintAndLog("Aquireing data from device failed. Quitting");\r
+                               PrintAndLog("Acquire data from device failed. Quitting");\r
                                free(keyBlock);\r
                                return 0;\r
                        }\r
                                free(keyBlock);\r
                                return 0;\r
                        }\r
@@ -1590,8 +1573,8 @@ int CmdT55xxBruteForce(const char *Cmd) {
                        found = tryDetectModulation();\r
                        if ( found ) {\r
                                PrintAndLog("Found valid password: [%08X]", testpwd);\r
                        found = tryDetectModulation();\r
                        if ( found ) {\r
                                PrintAndLog("Found valid password: [%08X]", testpwd);\r
-                               free(keyBlock);\r
-                               return 0;\r
+                               //free(keyBlock);\r
+                               //return 0;\r
                        } \r
                }\r
                PrintAndLog("Password NOT found.");\r
                        } \r
                }\r
                PrintAndLog("Password NOT found.");\r
@@ -1625,7 +1608,7 @@ int CmdT55xxBruteForce(const char *Cmd) {
                }\r
                        \r
                if (!AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, TRUE, i)) {\r
                }\r
                        \r
                if (!AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, TRUE, i)) {\r
-                       PrintAndLog("Aquireing data from device failed. Quitting");\r
+                       PrintAndLog("Acquire data from device failed. Quitting");\r
                        free(keyBlock);\r
                        return 0;\r
                }\r
                        free(keyBlock);\r
                        return 0;\r
                }\r
@@ -1649,7 +1632,7 @@ int CmdT55xxBruteForce(const char *Cmd) {
 int tryOnePassword(uint32_t password) {\r
        PrintAndLog("Trying password %08x", password);\r
        if (!AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, TRUE, password)) {\r
 int tryOnePassword(uint32_t password) {\r
        PrintAndLog("Trying password %08x", password);\r
        if (!AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, TRUE, password)) {\r
-               PrintAndLog("Aquireing data from device failed. Quitting");\r
+               PrintAndLog("Acquire data from device failed. Quitting");\r
                return -1;\r
        }\r
 \r
                return -1;\r
        }\r
 \r
@@ -1666,20 +1649,16 @@ int CmdT55xxRecoverPW(const char *Cmd) {
        uint32_t prev_password = 0xffffffff;\r
        uint32_t mask = 0x0;\r
        int found = 0;\r
        uint32_t prev_password = 0xffffffff;\r
        uint32_t mask = 0x0;\r
        int found = 0;\r
-\r
        char cmdp = param_getchar(Cmd, 0);\r
        if (cmdp == 'h' || cmdp == 'H') return usage_t55xx_recoverpw();\r
 \r
        orig_password = param_get32ex(Cmd, 0, 0x51243648, 16); //password used by handheld cloners\r
 \r
        // first try fliping each bit in the expected password\r
        char cmdp = param_getchar(Cmd, 0);\r
        if (cmdp == 'h' || cmdp == 'H') return usage_t55xx_recoverpw();\r
 \r
        orig_password = param_get32ex(Cmd, 0, 0x51243648, 16); //password used by handheld cloners\r
 \r
        // first try fliping each bit in the expected password\r
-       while ((found != 1) && (bit < 32)) {\r
+       while (bit < 32) {\r
                curr_password = orig_password ^ ( 1 << bit );\r
                found = tryOnePassword(curr_password);\r
                curr_password = orig_password ^ ( 1 << bit );\r
                found = tryOnePassword(curr_password);\r
-               if (found == 1)\r
-                       goto done;\r
-               else if (found == -1)\r
-                       return 0;\r
+               if (found == -1) return 0;\r
                bit++;\r
                \r
                if (IsCancelled()) return 0;\r
                bit++;\r
                \r
                if (IsCancelled()) return 0;\r
@@ -1691,7 +1670,7 @@ int CmdT55xxRecoverPW(const char *Cmd) {
        // not sure from which end the bit bits are written, so try from both ends \r
        // from low bit to high bit\r
        bit = 0;\r
        // not sure from which end the bit bits are written, so try from both ends \r
        // from low bit to high bit\r
        bit = 0;\r
-       while ((found != 1) && (bit < 32)) {\r
+       while (bit < 32) {\r
                mask += ( 1 << bit );\r
                curr_password = orig_password & mask;\r
                // if updated mask didn't change the password, don't try it again\r
                mask += ( 1 << bit );\r
                curr_password = orig_password & mask;\r
                // if updated mask didn't change the password, don't try it again\r
@@ -1700,10 +1679,7 @@ int CmdT55xxRecoverPW(const char *Cmd) {
                        continue;\r
                }\r
                found = tryOnePassword(curr_password);\r
                        continue;\r
                }\r
                found = tryOnePassword(curr_password);\r
-               if (found == 1)\r
-                       goto done;\r
-               else if (found == -1)\r
-                       return 0;\r
+               if (found == -1) return 0;\r
                bit++;\r
                prev_password = curr_password;\r
                \r
                bit++;\r
                prev_password = curr_password;\r
                \r
@@ -1713,7 +1689,7 @@ int CmdT55xxRecoverPW(const char *Cmd) {
        // from high bit to low\r
        bit = 0;\r
        mask = 0xffffffff;\r
        // from high bit to low\r
        bit = 0;\r
        mask = 0xffffffff;\r
-       while ((found != 1) && (bit < 32)) {\r
+       while (bit < 32) {\r
                mask -= ( 1 << bit );\r
                curr_password = orig_password & mask;\r
                // if updated mask didn't change the password, don't try it again\r
                mask -= ( 1 << bit );\r
                curr_password = orig_password & mask;\r
                // if updated mask didn't change the password, don't try it again\r
@@ -1722,16 +1698,14 @@ int CmdT55xxRecoverPW(const char *Cmd) {
                        continue;\r
                }\r
                found = tryOnePassword(curr_password);\r
                        continue;\r
                }\r
                found = tryOnePassword(curr_password);\r
-               if (found == 1)\r
-                       goto done;\r
-               else if (found == -1)\r
+               if (found == -1)\r
                        return 0;\r
                bit++;\r
                prev_password = curr_password;\r
                \r
                if (IsCancelled()) return 0;\r
        }\r
                        return 0;\r
                bit++;\r
                prev_password = curr_password;\r
                \r
                if (IsCancelled()) return 0;\r
        }\r
-done:\r
+\r
        PrintAndLog("");\r
 \r
        if (found == 1)\r
        PrintAndLog("");\r
 \r
        if (found == 1)\r
Impressum, Datenschutz