X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/669c1b80c563bb9cb7eda52c6d01e720453d00b0..5e174a511b37e17cd3fcaedad608ce605ba34ce9:/client/cmdhflegic.c diff --git a/client/cmdhflegic.c b/client/cmdhflegic.c index cc4e0ff2..e9333ef9 100644 --- a/client/cmdhflegic.c +++ b/client/cmdhflegic.c @@ -1,32 +1,19 @@ #include #include #include "proxusb.h" +#include "data.h" +#include "ui.h" #include "cmdparser.h" #include "cmdhflegic.h" #include "cmdmain.h" -#include "data.h" -#include "ui.h" -#include -#include static int CmdHelp(const char *Cmd); -int CmdLegicRFRead(const char *Cmd) -{ - int byte_count=0,offset=0; - sscanf(Cmd, "%i %i", &offset, &byte_count); - if(byte_count == 0) byte_count = 256; - if(byte_count + offset > 256) byte_count = 256 - offset; - UsbCommand c={CMD_READER_LEGIC_RF, {offset, byte_count, 0}}; - SendCommand(&c); - return 0; -} - static command_t CommandTable[] = { {"help", CmdHelp, 1, "This help"}, - {"reader", CmdLegicRFRead, 0, "[offset [length]] -- read bytes from a LEGIC card"}, {"decode", CmdLegicDecode, 0, "Display deobfuscated and decoded LEGIC RF tag data (use after hf legic reader)"}, + {"reader", CmdLegicRFRead, 0, "[offset [length]] -- read bytes from a LEGIC card"}, {NULL, NULL, 0, NULL} }; @@ -46,7 +33,6 @@ int CmdHelp(const char *Cmd) * Output BigBuf and deobfuscate LEGIC RF tag data. * This is based on information given in the talk held * by Henryk Ploetz and Karsten Nohl at 26c3 - * FIXME: will crash if sample buffer does not contain valid legic data */ int CmdLegicDecode(const char *Cmd) { @@ -147,7 +133,7 @@ int CmdLegicDecode(const char *Cmd) PrintAndLog("\nADF: User Area"); - i = 22; + i = 22; for (n=0; n<64; n++) { segment_len = ((data_buf[i+1]^crc)&0x0f) * 256 + (data_buf[i]^crc); segment_flag = ((data_buf[i+1]^crc)&0xf0)>>4; @@ -175,7 +161,7 @@ int CmdLegicDecode(const char *Cmd) if (wrc>0) { PrintAndLog("WRC protected area:"); - for (k=0, j=0; k < wrc; k++, i++, j += 3) { + for (k=0, j=0; k < wrc && j<(sizeof(out_string)-3); k++, i++, j += 3) { sprintf(&out_string[j], "%02x", (data_buf[i]^crc)); out_string[j+2] = ' '; }; @@ -188,7 +174,7 @@ int CmdLegicDecode(const char *Cmd) if (wrp>wrc) { PrintAndLog("Remaining write protected area:"); - for (k=0, j=0; k < (wrp-wrc); k++, i++, j += 3) { + for (k=0, j=0; k < (wrp-wrc) && j<(sizeof(out_string)-3); k++, i++, j += 3) { sprintf(&out_string[j], "%02x", (data_buf[i]^crc)); out_string[j+2] = ' '; }; @@ -203,7 +189,7 @@ int CmdLegicDecode(const char *Cmd) } PrintAndLog("Remaining segment payload:"); - for (k=0, j=0; k < (segment_len - wrp - 5); k++, i++, j += 3) { + for (k=0, j=0; k < (segment_len - wrp - 5) && j<(sizeof(out_string)-3); k++, i++, j += 3) { sprintf(&out_string[j], "%02x", (data_buf[i]^crc)); out_string[j+2] = ' '; }; @@ -218,3 +204,14 @@ int CmdLegicDecode(const char *Cmd) }; return 0; } + +int CmdLegicRFRead(const char *Cmd) +{ + int byte_count=0,offset=0; + sscanf(Cmd, "%i %i", &offset, &byte_count); + if(byte_count == 0) byte_count = -1; + if(byte_count + offset > 1024) byte_count = 1024 - offset; + UsbCommand c={CMD_READER_LEGIC_RF, {offset, byte_count, 0}}; + SendCommand(&c); + return 0; +}