X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/e7f43e92e9b8a8afe7aa235a34a70af59e8e6cea..3e83ff215963589f2443f4e5f82e286c5accd38b:/client/cmdhf14a.c?ds=inline diff --git a/client/cmdhf14a.c b/client/cmdhf14a.c index abb786f4..2600d937 100644 --- a/client/cmdhf14a.c +++ b/client/cmdhf14a.c @@ -130,24 +130,27 @@ char* getTagInfo(uint8_t uid) { int usage_hf_14a_sim(void) { // PrintAndLog("\n Emulating ISO/IEC 14443 type A tag with 4,7 or 10 byte UID\n"); PrintAndLog("\n Emulating ISO/IEC 14443 type A tag with 4,7 byte UID\n"); - PrintAndLog("Usage: hf 14a sim t u x"); - PrintAndLog(" Options : "); - PrintAndLog(" h : this help"); - PrintAndLog(" t : 1 = MIFARE Classic"); + PrintAndLog("usage: hf 14a sim [h] t u [x] [e] [v]"); + PrintAndLog("options: "); + PrintAndLog(" h : This help"); + PrintAndLog(" t : 1 = MIFARE Classic 1k"); PrintAndLog(" 2 = MIFARE Ultralight"); PrintAndLog(" 3 = MIFARE Desfire"); PrintAndLog(" 4 = ISO/IEC 14443-4"); PrintAndLog(" 5 = MIFARE Tnp3xxx"); PrintAndLog(" 6 = MIFARE Mini"); PrintAndLog(" 7 = AMIIBO (NTAG 215), pack 0x8080"); + PrintAndLog(" 8 = MIFARE Classic 4k"); // PrintAndLog(" u : 4, 7 or 10 byte UID"); PrintAndLog(" u : 4, 7 byte UID"); - PrintAndLog(" x : (Optional) performs the 'reader attack', nr/ar attack against a legitimate reader"); - PrintAndLog(" v : (Optional) show maths used for cracking reader. Useful for debugging."); - PrintAndLog("\n sample : hf 14a sim t 1 u 11223344 x"); - PrintAndLog(" : hf 14a sim t 1 u 11223344"); - PrintAndLog(" : hf 14a sim t 1 u 11223344556677"); -// PrintAndLog(" : hf 14a sim t 1 u 11223445566778899AA\n"); + PrintAndLog(" x : (Optional) Performs the 'reader attack', nr/ar attack against a reader"); + PrintAndLog(" e : (Optional) Fill simulator keys from found keys"); + PrintAndLog(" v : (Optional) Verbose"); + PrintAndLog("samples:"); + PrintAndLog(" hf 14a sim t 1 u 11223344 x"); + PrintAndLog(" hf 14a sim t 1 u 11223344"); + PrintAndLog(" hf 14a sim t 1 u 11223344556677"); +// PrintAndLog(" hf 14a sim t 1 u 11223445566778899AA\n"); return 0; } int usage_hf_14a_sniff(void){ @@ -216,16 +219,17 @@ int CmdHF14AReader(const char *Cmd) { ul_switch_off_field(); uint32_t tagT = GetHF14AMfU_Type(); - ul_print_type(tagT, 0); + if (tagT != UL_ERROR) + ul_print_type(tagT, 0); + else + PrintAndLog("TYPE: Possible AZTEK (iso14443a compliant)"); // reconnect for further tests c.arg[0] = ISO14A_CONNECT | ISO14A_NO_DISCONNECT; c.arg[1] = 0; c.arg[2] = 0; - clearCommandBuffer(); SendCommand(&c); - UsbCommand resp; WaitForResponse(CMD_ACK, &resp); @@ -440,7 +444,6 @@ int CmdHF14ACUIDs(const char *Cmd) { // ## simulate iso14443a tag // ## greg - added ability to specify tag UID int CmdHF14ASim(const char *Cmd) { - #define ATTACK_KEY_COUNT 8 bool errors = FALSE; uint8_t flags = 0; uint8_t tagtype = 1; @@ -448,8 +451,10 @@ int CmdHF14ASim(const char *Cmd) { uint8_t uid[10] = {0,0,0,0,0,0,0,0,0,0}; int uidlen = 0; bool useUIDfromEML = TRUE; - bool verbose = false; - + bool setEmulatorMem = FALSE; + bool verbose = FALSE; + nonces_t data[1]; + while(param_getchar(Cmd, cmdp) != 0x00) { switch(param_getchar(Cmd, cmdp)) { case 'h': @@ -460,7 +465,7 @@ int CmdHF14ASim(const char *Cmd) { // Retrieve the tag type tagtype = param_get8ex(Cmd, cmdp+1, 0, 10); if (tagtype == 0) - errors = true; + errors = TRUE; cmdp += 2; break; case 'u': @@ -481,7 +486,7 @@ int CmdHF14ASim(const char *Cmd) { break; case 'v': case 'V': - verbose = true; + verbose = TRUE; cmdp++; break; case 'x': @@ -489,9 +494,14 @@ int CmdHF14ASim(const char *Cmd) { flags |= FLAG_NR_AR_ATTACK; cmdp++; break; + case 'e': + case 'E': + setEmulatorMem = TRUE; + cmdp++; + break; default: PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp)); - errors = true; + errors = TRUE; break; } if(errors) break; @@ -503,25 +513,23 @@ int CmdHF14ASim(const char *Cmd) { if ( useUIDfromEML ) flags |= FLAG_UID_IN_EMUL; - PrintAndLog("Press pm3-button to abort simulation"); - UsbCommand c = {CMD_SIMULATE_TAG_ISO_14443a,{ tagtype, flags, 0 }}; memcpy(c.d.asBytes, uid, uidlen>>1); clearCommandBuffer(); SendCommand(&c); - - nonces_t data[ATTACK_KEY_COUNT*2]; UsbCommand resp; - + + PrintAndLog("Press pm3-button to abort simulation"); + while( !ukbhit() ){ if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500) ) continue; - if ( !(flags & FLAG_NR_AR_ATTACK) ) break; if ( (resp.arg[0] & 0xffff) != CMD_SIMULATE_MIFARE_CARD ) break; - memcpy( data, resp.d.asBytes, sizeof(data) ); - readerAttack(data, TRUE, verbose); + memcpy(data, resp.d.asBytes, sizeof(data) ); + readerAttack(data[0], setEmulatorMem, verbose); } + showSectorTable(); return 0; }