X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/ce432659f2b238ecaced79ae6fa520750690146c..d31d3804fe58fc844fe19feb30be58fc0d3d107d:/client/cmdhfmfu.c diff --git a/client/cmdhfmfu.c b/client/cmdhfmfu.c index e36e78cc..027214ab 100644 --- a/client/cmdhfmfu.c +++ b/client/cmdhfmfu.c @@ -13,7 +13,7 @@ #include "cmdhf14a.h" #include "mifare.h" #include "util.h" -#include "../common/protocols.h" +#include "protocols.h" #include "data.h" #define MAX_UL_BLOCKS 0x0f @@ -102,17 +102,20 @@ char *getUlev1CardSizeStr( uint8_t fsize ){ static void ul_switch_on_field(void) { UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0}}; + clearCommandBuffer(); SendCommand(&c); } void ul_switch_off_field(void) { UsbCommand c = {CMD_READER_ISO_14443a, {0, 0, 0}}; + clearCommandBuffer(); SendCommand(&c); } static int ul_send_cmd_raw( uint8_t *cmd, uint8_t cmdlen, uint8_t *response, uint16_t responseLength ) { UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_APPEND_CRC, cmdlen, 0}}; memcpy(c.d.asBytes, cmd, cmdlen); + clearCommandBuffer(); SendCommand(&c); UsbCommand resp; if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) return -1; @@ -129,6 +132,7 @@ static int ul_send_cmd_raw_crc( uint8_t *cmd, uint8_t cmdlen, uint8_t *response, c.arg[0] |= ISO14A_APPEND_CRC; memcpy(c.d.asBytes, cmd, cmdlen); + clearCommandBuffer(); SendCommand(&c); UsbCommand resp; if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) return -1; @@ -193,6 +197,7 @@ static int ulc_authentication( uint8_t *key, bool switch_off_field ){ UsbCommand c = {CMD_MIFAREUC_AUTH, {switch_off_field}}; memcpy(c.d.asBytes, key, 16); + clearCommandBuffer(); SendCommand(&c); UsbCommand resp; if ( !WaitForResponseTimeout(CMD_ACK, &resp, 1500) ) return 0; @@ -209,7 +214,6 @@ static int ulev1_requestAuthentication( uint8_t *pwd, uint8_t *pack, uint16_t pa } static int ul_auth_select( iso14a_card_select_t *card, TagTypeUL_t tagtype, bool hasAuthKey, uint8_t *authenticationkey, uint8_t *pack, uint8_t packSize){ - if ( hasAuthKey && (tagtype & UL_C)) { //will select card automatically and close connection on error if (!ulc_authentication(authenticationkey, false)) { @@ -280,7 +284,7 @@ static int ul_print_default( uint8_t *data){ uid[6] = data[7]; PrintAndLog(" UID : %s ", sprint_hex(uid, 7)); - PrintAndLog(" UID[0] : %02X, Manufacturer: %s", uid[0], getTagInfo(uid[0]) ); + PrintAndLog(" UID[0] : %02X, %s", uid[0], getTagInfo(uid[0]) ); if ( uid[0] == 0x05 ) { uint8_t chip = (data[8] & 0xC7); // 11000111 mask, bit 3,4,5 RFU switch (chip){ @@ -518,6 +522,7 @@ static int ul_magic_test(){ // Magic Ultralight tests // 1) take present UID, and try to write it back. OBSOLETE // 2) make a wrong length write to page0, and see if tag answers with ACK/NACK: + ul_switch_off_field(); iso14a_card_select_t card; if ( !ul_select(&card) ) return UL_ERROR; @@ -855,7 +860,7 @@ int CmdHF14AMfUWrBl(const char *Cmd){ uint8_t blockdata[20] = {0x00}; uint8_t data[16] = {0x00}; uint8_t authenticationkey[16] = {0x00}; - uint8_t *authkeyptr = authenticationkey; + uint8_t *authKeyPtr = authenticationkey; // starting with getting tagtype TagTypeUL_t tagtype = GetHF14AMfU_Type(); @@ -896,7 +901,7 @@ int CmdHF14AMfUWrBl(const char *Cmd){ uint8_t maxblockno = 0; for (uint8_t idx = 0; idx < MAX_UL_TYPES; idx++){ if (tagtype & UL_TYPES_ARRAY[idx]) - maxblockno = UL_MEMORY_ARRAY[idx]+1; + maxblockno = UL_MEMORY_ARRAY[idx]; } if (blockNo < 0) { @@ -904,7 +909,7 @@ int CmdHF14AMfUWrBl(const char *Cmd){ errors = true; } if (blockNo > maxblockno){ - PrintAndLog("block number to large. Max block is %u/0x%02X \n", maxblockno,maxblockno); + PrintAndLog("block number too large. Max block is %u/0x%02X \n", maxblockno,maxblockno); errors = true; } cmdp += 2; @@ -935,30 +940,28 @@ int CmdHF14AMfUWrBl(const char *Cmd){ if ( blockNo == -1 ) return usage_hf_mfu_wrbl(); // Swap endianness - if (swapEndian && hasAuthKey) authkeyptr = SwapEndian64(authenticationkey, 16, 8); - if (swapEndian && hasPwdKey) authkeyptr = SwapEndian64(authenticationkey, 4, 4); - + if (swapEndian && hasAuthKey) authKeyPtr = SwapEndian64(authenticationkey, 16, 8); + if (swapEndian && hasPwdKey) authKeyPtr = SwapEndian64(authenticationkey, 4, 4); if ( blockNo <= 3) PrintAndLog("Special Block: %0d (0x%02X) [ %s]", blockNo, blockNo, sprint_hex(blockdata, 4)); else PrintAndLog("Block: %0d (0x%02X) [ %s]", blockNo, blockNo, sprint_hex(blockdata, 4)); - - //Send write Block UsbCommand c = {CMD_MIFAREU_WRITEBL, {blockNo}}; memcpy(c.d.asBytes,blockdata,4); if ( hasAuthKey ){ c.arg[1] = 1; - memcpy(c.d.asBytes+4,authkeyptr,16); + memcpy(c.d.asBytes+4,authKeyPtr,16); } else if ( hasPwdKey ) { c.arg[1] = 2; - memcpy(c.d.asBytes+4,authkeyptr,4); + memcpy(c.d.asBytes+4,authKeyPtr,4); } + clearCommandBuffer(); SendCommand(&c); UsbCommand resp; if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) { @@ -984,8 +987,8 @@ int CmdHF14AMfURdBl(const char *Cmd){ uint8_t keylen = 0; uint8_t data[16] = {0x00}; uint8_t authenticationkey[16] = {0x00}; - uint8_t *authkeyptr = authenticationkey; - + uint8_t *authKeyPtr = authenticationkey; + // starting with getting tagtype TagTypeUL_t tagtype = GetHF14AMfU_Type(); if (tagtype == UL_ERROR) return -1; @@ -1025,7 +1028,7 @@ int CmdHF14AMfURdBl(const char *Cmd){ uint8_t maxblockno = 0; for (uint8_t idx = 0; idx < MAX_UL_TYPES; idx++){ if (tagtype & UL_TYPES_ARRAY[idx]) - maxblockno = UL_MEMORY_ARRAY[idx]+1; + maxblockno = UL_MEMORY_ARRAY[idx]; } if (blockNo < 0) { @@ -1051,30 +1054,34 @@ int CmdHF14AMfURdBl(const char *Cmd){ //Validations if(errors) return usage_hf_mfu_rdbl(); } + if ( blockNo == -1 ) return usage_hf_mfu_rdbl(); // Swap endianness - if (swapEndian && hasAuthKey) authkeyptr = SwapEndian64(authenticationkey, 16, 8); - if (swapEndian && hasPwdKey) authkeyptr = SwapEndian64(authenticationkey, 4, 4); + if (swapEndian && hasAuthKey) authKeyPtr = SwapEndian64(authenticationkey, 16, 8); + if (swapEndian && hasPwdKey) authKeyPtr = SwapEndian64(authenticationkey, 4, 4); //Read Block UsbCommand c = {CMD_MIFAREU_READBL, {blockNo}}; if ( hasAuthKey ){ c.arg[1] = 1; - memcpy(c.d.asBytes,authkeyptr,16); + memcpy(c.d.asBytes,authKeyPtr,16); } else if ( hasPwdKey ) { c.arg[1] = 2; - memcpy(c.d.asBytes,authkeyptr,4); + memcpy(c.d.asBytes,authKeyPtr,4); } + clearCommandBuffer(); SendCommand(&c); UsbCommand resp; if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) { uint8_t isOK = resp.arg[0] & 0xff; if (isOK) { uint8_t *data = resp.d.asBytes; - PrintAndLog("Block: %0d (0x%02X) [ %s]", blockNo, blockNo, sprint_hex(data, 4)); + PrintAndLog("\nBlock# | Data | Ascii"); + PrintAndLog("-----------------------------"); + PrintAndLog("%02d/0x%02X | %s| %.4s\n", blockNo, blockNo, sprint_hex(data, 4), data); } else { PrintAndLog("Failed reading block: (%02x)", isOK); @@ -1082,7 +1089,6 @@ int CmdHF14AMfURdBl(const char *Cmd){ } else { PrintAndLog("Command execute time-out"); } - return 0; } @@ -1156,8 +1162,6 @@ int usage_hf_mfu_wrbl(void) { // // Mifare Ultralight / Ultralight-C / Ultralight-EV1 // Read and Dump Card Contents, using auto detection of tag size. -// -// TODO: take a password to read UL-C / UL-EV1 tags. int CmdHF14AMfUDump(const char *Cmd){ FILE *fout; @@ -1246,10 +1250,10 @@ int CmdHF14AMfUDump(const char *Cmd){ TagTypeUL_t tagtype = GetHF14AMfU_Type(); if (tagtype == UL_ERROR) return -1; - if (!manualPages) + if (!manualPages) //get number of pages to read for (uint8_t idx = 0; idx < MAX_UL_TYPES; idx++) if (tagtype & UL_TYPES_ARRAY[idx]) - Pages = UL_MEMORY_ARRAY[idx]+1; + Pages = UL_MEMORY_ARRAY[idx]+1; //add one as maxblks starts at 0 ul_print_type(tagtype, 0); PrintAndLog("Reading tag memory..."); @@ -1262,6 +1266,8 @@ int CmdHF14AMfUDump(const char *Cmd){ memcpy(c.d.asBytes, authKeyPtr, dataLen); } + + clearCommandBuffer(); SendCommand(&c); UsbCommand resp; if (!WaitForResponseTimeout(CMD_ACK, &resp,1500)) { @@ -1273,12 +1279,13 @@ int CmdHF14AMfUDump(const char *Cmd){ return 1; } + uint32_t startindex = resp.arg[2]; uint32_t bufferSize = resp.arg[1]; if (bufferSize > sizeof(data)) { PrintAndLog("Data exceeded Buffer size!"); bufferSize = sizeof(data); } - GetFromBigBuf(data, bufferSize, 0); + GetFromBigBuf(data, bufferSize, startindex); WaitForResponse(CMD_ACK,NULL); Pages = bufferSize/4; @@ -1319,9 +1326,11 @@ int CmdHF14AMfUDump(const char *Cmd){ } } + PrintAndLog("\nBlock# | Data |lck| Ascii"); + PrintAndLog("---------------------------------"); for (i = 0; i < Pages; ++i) { if ( i < 3 ) { - PrintAndLog("Block %02x:%s ", i,sprint_hex(data + i * 4, 4)); + PrintAndLog("%02d/0x%02X | %s| | ", i+startPage, i+startPage, sprint_hex(data + i * 4, 4)); continue; } switch(i){ @@ -1368,8 +1377,9 @@ int CmdHF14AMfUDump(const char *Cmd){ case 43: tmplockbit = bit2[9]; break; //auth1 default: break; } - PrintAndLog("Block %02X:%s [%d] {%.4s}", i, sprint_hex(data + i * 4, 4), tmplockbit, data+i*4); + PrintAndLog("%02d/0x%02X | %s| %d | %.4s", i+startPage, i+startPage, sprint_hex(data + i * 4, 4), tmplockbit, data+i*4); } + PrintAndLog("---------------------------------"); // user supplied filename? if (fileNlen < 1) { @@ -1560,6 +1570,7 @@ int CmdHF14AMfucSetPwd(const char *Cmd){ UsbCommand c = {CMD_MIFAREUC_SETPWD}; memcpy( c.d.asBytes, pwd, 16); + clearCommandBuffer(); SendCommand(&c); UsbCommand resp; @@ -1608,6 +1619,7 @@ int CmdHF14AMfucSetUid(const char *Cmd){ // read block2. c.cmd = CMD_MIFAREU_READBL; c.arg[0] = 2; + clearCommandBuffer(); SendCommand(&c); if (!WaitForResponseTimeout(CMD_ACK,&resp,1500)) { PrintAndLog("Command execute timeout"); @@ -1625,6 +1637,7 @@ int CmdHF14AMfucSetUid(const char *Cmd){ c.d.asBytes[1] = uid[1]; c.d.asBytes[2] = uid[2]; c.d.asBytes[3] = 0x88 ^ uid[0] ^ uid[1] ^ uid[2]; + clearCommandBuffer(); SendCommand(&c); if (!WaitForResponseTimeout(CMD_ACK,&resp,1500)) { PrintAndLog("Command execute timeout"); @@ -1637,6 +1650,7 @@ int CmdHF14AMfucSetUid(const char *Cmd){ c.d.asBytes[1] = uid[4]; c.d.asBytes[2] = uid[5]; c.d.asBytes[3] = uid[6]; + clearCommandBuffer(); SendCommand(&c); if (!WaitForResponseTimeout(CMD_ACK,&resp,1500) ) { PrintAndLog("Command execute timeout"); @@ -1649,6 +1663,7 @@ int CmdHF14AMfucSetUid(const char *Cmd){ c.d.asBytes[1] = oldblock2[1]; c.d.asBytes[2] = oldblock2[2]; c.d.asBytes[3] = oldblock2[3]; + clearCommandBuffer(); SendCommand(&c); if (!WaitForResponseTimeout(CMD_ACK,&resp,1500) ) { PrintAndLog("Command execute timeout"); @@ -1765,7 +1780,7 @@ static command_t CommandTable[] = {"help", CmdHelp, 1, "This help"}, {"dbg", CmdHF14AMfDbg, 0, "Set default debug mode"}, {"info", CmdHF14AMfUInfo, 0, "Tag information"}, - {"dump", CmdHF14AMfUDump, 0, "Dump Ultralight / Ultralight-C tag to binary file"}, + {"dump", CmdHF14AMfUDump, 0, "Dump Ultralight / Ultralight-C / NTAG tag to binary file"}, {"rdbl", CmdHF14AMfURdBl, 0, "Read block"}, {"wrbl", CmdHF14AMfUWrBl, 0, "Write block"}, {"cauth", CmdHF14AMfucAuth, 0, "Authentication - Ultralight C"},