X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/ac14bee321a52c588038b02bfe69d208a31a70ba..d13dee9046acdaa599e224f0a8546054eb818c6e:/client/cmdhfmf.c diff --git a/client/cmdhfmf.c b/client/cmdhfmf.c index b4450d54..1fbeff4a 100644 --- a/client/cmdhfmf.c +++ b/client/cmdhfmf.c @@ -1,5 +1,5 @@ //----------------------------------------------------------------------------- -// Copyright (C) 2011 Merlok +// Copyright (C) 2011,2012 Merlok // // This code is licensed to you under the terms of the GNU GPL, version 2 or, // at your option, any later version. See the LICENSE.txt file for the text of @@ -37,7 +37,6 @@ start: // message printf("-------------------------------------------------------------------------\n"); printf("Executing command. It may take up to 30 min.\n"); - printf("Press the key on proxmark3 device to abort proxmark3.\n"); printf("Press the key on the proxmark3 device to abort both proxmark3 and client.\n"); printf("-------------------------------------------------------------------------\n"); @@ -1542,6 +1541,121 @@ int CmdHF14AMfCSave(const char *Cmd) { } } +int CmdHF14AMfSniff(const char *Cmd){ + // params + bool wantLogToFile = 0; + bool wantDecrypt = 0; + //bool wantSaveToEml = 0; TODO + bool wantSaveToEmlFile = 0; + + //var + int res = 0; + int len = 0; + int blockLen = 0; + int num = 0; + int pckNum = 0; + uint8_t uid[8]; + uint8_t atqa[2]; + uint8_t sak; + bool isTag; + uint32_t parity; + uint8_t buf[3000]; + uint8_t * bufPtr = buf; + memset(buf, 0x00, 3000); + + if (param_getchar(Cmd, 0) == 'h') { + PrintAndLog("It continuously get data from the field and saves it to: log, emulator, emulator file."); + PrintAndLog("You can specify:"); + PrintAndLog(" l - save encrypted sequence to logfile `uid.log`"); + PrintAndLog(" d - decrypt sequence and put it to log file `uid.log`"); + PrintAndLog(" n/a e - decrypt sequence, collect read and write commands and save the result of the sequence to emulator memory"); + PrintAndLog(" r - decrypt sequence, collect read and write commands and save the result of the sequence to emulator dump file `uid.eml`"); + PrintAndLog("Usage: hf mf sniff [l][d][e][r]"); + PrintAndLog(" sample: hf mf sniff l d e"); + return 0; + } + + for (int i = 0; i < 4; i++) { + char ctmp = param_getchar(Cmd, i); + if (ctmp == 'l' || ctmp == 'L') wantLogToFile = true; + if (ctmp == 'd' || ctmp == 'D') wantDecrypt = true; + //if (ctmp == 'e' || ctmp == 'E') wantSaveToEml = true; TODO + if (ctmp == 'f' || ctmp == 'F') wantSaveToEmlFile = true; + } + + printf("-------------------------------------------------------------------------\n"); + printf("Executing command. \n"); + printf("Press the key on the proxmark3 device to abort both proxmark3 and client.\n"); + printf("Press the key on pc keyboard to abort the client.\n"); + printf("-------------------------------------------------------------------------\n"); + + UsbCommand c = {CMD_MIFARE_SNIFFER, {0, 0, 0}}; + SendCommand(&c); + + // wait cycle + while (true) { + printf("."); + fflush(stdout); + if (ukbhit()) { + getchar(); + printf("\naborted via keyboard!\n"); + break; + } + + UsbCommand * resp = WaitForResponseTimeout(CMD_ACK, 2000); + if (resp != NULL) { + res = resp->arg[0] & 0xff; + len = resp->arg[1]; + num = resp->arg[2]; + + if (res == 0) return 0; + if (res == 1) { + if (num ==0) { + bufPtr = buf; + memset(buf, 0x00, 3000); + } + memcpy(bufPtr, resp->d.asBytes, len); + bufPtr += len; + pckNum++; + } + if (res == 2) { + blockLen = bufPtr - buf; + bufPtr = buf; + printf(">\n"); + PrintAndLog("received trace len: %d packages: %d", blockLen, pckNum); + num = 0; + while (bufPtr - buf + 9 < blockLen) { + isTag = bufPtr[3] & 0x80 ? true:false; + bufPtr += 4; + parity = *((uint32_t *)(bufPtr)); + bufPtr += 4; + len = bufPtr[0]; + bufPtr++; + if ((len == 14) && (bufPtr[0] = 0xff) && (bufPtr[1] = 0xff)) { + memcpy(uid, bufPtr + 2, 7); + memcpy(atqa, bufPtr + 2 + 7, 2); + sak = bufPtr[11]; + + PrintAndLog("tag select uid:%s atqa:%02x %02x sak:0x%02x", sprint_hex(uid, 7), atqa[0], atqa[1], sak); + if (wantLogToFile) { + FillFileNameByUID(logHexFileName, uid, ".log", 7); + AddLogCurrentDT(logHexFileName); + } + if (wantDecrypt) mfTraceInit(uid, atqa, sak, wantSaveToEmlFile); + } else { + PrintAndLog("%s(%d):%s", isTag ? "TAG":"RDR", num, sprint_hex(bufPtr, len)); + if (wantLogToFile) AddLogHex(logHexFileName, isTag ? "TAG: ":"RDR: ", bufPtr, len); + if (wantDecrypt) mfTraceDecode(bufPtr, len, parity, wantSaveToEmlFile); + } + bufPtr += len; + num++; + } + } + } // resp not NILL + } // while (true) + return 0; +} + static command_t CommandTable[] = { {"help", CmdHelp, 1, "This help"}, @@ -1554,6 +1668,7 @@ static command_t CommandTable[] = {"chk", CmdHF14AMfChk, 0, "Test block keys"}, {"mifare", CmdHF14AMifare, 0, "Read parity error messages. param - "}, {"nested", CmdHF14AMfNested, 0, "Test nested authentication"}, + {"sniff", CmdHF14AMfSniff, 0, "Sniff card-reader communication"}, {"sim", CmdHF14AMf1kSim, 0, "Simulate MIFARE card"}, {"eclr", CmdHF14AMfEClear, 0, "Clear simulator memory block"}, {"eget", CmdHF14AMfEGet, 0, "Get simulator memory block"},