CHG: 'lf t55x7 brute' - extra check if device gotten offline
CHG: 'lf nedap' - Nedap is supposed to be Diphase.
int CmdHIDClone(const char *Cmd) {
int CmdHIDClone(const char *Cmd) {
- unsigned int hi2 = 0, hi = 0, lo = 0;
+ uint32_t hi2 = 0, hi = 0, lo = 0;
int n = 0, i = 0;
UsbCommand c;
int n = 0, i = 0;
UsbCommand c;
{"fskdemod",CmdHIDDemodFSK, 0, "Realtime HID FSK demodulator"},
{"sim", CmdHIDSim, 0, "HID tag simulator"},
{"clone", CmdHIDClone, 0, "Clone HID to T55x7"},
{"fskdemod",CmdHIDDemodFSK, 0, "Realtime HID FSK demodulator"},
{"sim", CmdHIDSim, 0, "HID tag simulator"},
{"clone", CmdHIDClone, 0, "Clone HID to T55x7"},
- {"wiegand", CmdHIDWiegand, 0, "Convert facility code/card number to Wiegand code"},
+ {"wiegand", CmdHIDWiegand, 1, "Convert facility code/card number to Wiegand code"},
{"brute", CmdHIDBrute, 0, "Bruteforce card number against reader"},
{NULL, NULL, 0, NULL}
};
{"brute", CmdHIDBrute, 0, "Bruteforce card number against reader"},
{NULL, NULL, 0, NULL}
};
- ((ASK/biphase data rawdemod ab 0 64 1 0
- //NEDAP - compat mode, ASK/Biphase, data rate 64, 4 data blocks
- blocks[0] = T55x7_MODULATION_BIPHASE | T55x7_BITRATE_RF_64 | 4<<T55x7_MAXBLOCK_SHIFT;
+ ((ASK/DIphase data rawdemod ab 0 64 1 0
+ //NEDAP - compat mode, ASK/DIphase, data rate 64, 4 data blocks
+ // DI-pahse (CDP) T55x7_MODULATION_DIPHASE
+ blocks[0] = T55x7_MODULATION_DIPHASE | T55x7_BITRATE_RF_64 | 7<<T55x7_MAXBLOCK_SHIFT;
if (param_getchar(Cmd, 3) == 'Q' || param_getchar(Cmd, 3) == 'q')
//t5555 (Q5) BITRATE = (RF-2)/2 (iceman)
if (param_getchar(Cmd, 3) == 'Q' || param_getchar(Cmd, 3) == 'q')
//t5555 (Q5) BITRATE = (RF-2)/2 (iceman)
- blocks[0] = T5555_MODULATION_BIPHASE | T5555_INVERT_OUTPUT | 64<<T5555_BITRATE_SHIFT | 4<<T5555_MAXBLOCK_SHIFT;
+ blocks[0] = T5555_MODULATION_BIPHASE | T5555_INVERT_OUTPUT | 64<<T5555_BITRATE_SHIFT | 7<<T5555_MAXBLOCK_SHIFT;
blocks[1] = bytebits_to_byte(bs,32);
blocks[2] = bytebits_to_byte(bs+32,32);
blocks[1] = bytebits_to_byte(bs,32);
blocks[2] = bytebits_to_byte(bs+32,32);
size_t size = sizeof(bs);
memset(bs, 0x00, size);
size_t size = sizeof(bs);
memset(bs, 0x00, size);
- // NEDAP, Bihase = 2, clock 64, inverted,
+ // NEDAP, Biphase = 2, clock 64, inverted, (DIPhase == inverted BIphase
uint8_t encoding = 2, separator = 0, clk=64, invert=1;
uint16_t arg1, arg2;
arg1 = clk << 8 | encoding;
uint8_t encoding = 2, separator = 0, clk=64, invert=1;
uint16_t arg1, arg2;
arg1 = clk << 8 | encoding;
uint8_t cl = 0x1D, ch = 0x1D, carry = 0;
uint8_t al, bl, temp;
uint8_t cl = 0x1D, ch = 0x1D, carry = 0;
uint8_t al, bl, temp;
- for (int i = 0; i < len; ++i){
+ for (int i = len; i >=0; --i){
al = data[i];
for (int j = 8; j > 0; --j) {
al = data[i];
for (int j = 8; j > 0; --j) {
if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;\r
memcpy(filename, Cmd+2, len);\r
\r
if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;\r
memcpy(filename, Cmd+2, len);\r
\r
- FILE * f = fopen( filename , "r");\r
- \r
+ FILE * f = fopen( filename , "r"); \r
if ( !f ) {\r
PrintAndLog("File: %s: not found or locked.", filename);\r
free(keyBlock);\r
if ( !f ) {\r
PrintAndLog("File: %s: not found or locked.", filename);\r
free(keyBlock);\r
// loop\r
uint64_t testpwd = 0x00;\r
for (uint16_t c = 0; c < keycnt; ++c ) {\r
// loop\r
uint64_t testpwd = 0x00;\r
for (uint16_t c = 0; c < keycnt; ++c ) {\r
+\r
+ if ( offline ) {\r
+ printf("Device offline\n");\r
+ free(keyBlock);\r
+ return 2;\r
+ }\r
+ \r
if (ukbhit()) {\r
ch = getchar();\r
(void)ch;\r
if (ukbhit()) {\r
ch = getchar();\r
(void)ch;\r
testpwd = bytes_to_num(keyBlock + 4*c, 4);\r
\r
PrintAndLog("Testing %08X", testpwd);\r
testpwd = bytes_to_num(keyBlock + 4*c, 4);\r
\r
PrintAndLog("Testing %08X", testpwd);\r
if ( !AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, TRUE, testpwd)) {\r
PrintAndLog("Aquireing data from device failed. Quitting");\r
free(keyBlock);\r
if ( !AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, TRUE, testpwd)) {\r
PrintAndLog("Aquireing data from device failed. Quitting");\r
free(keyBlock);\r
}\r
\r
found = tryDetectModulation();\r
}\r
\r
found = tryDetectModulation();\r
if ( found ) {\r
PrintAndLog("Found valid password: [%08X]", testpwd);\r
free(keyBlock);\r
if ( found ) {\r
PrintAndLog("Found valid password: [%08X]", testpwd);\r
free(keyBlock);\r
\r
if (tryDetectModulation())\r
return 1;\r
\r
if (tryDetectModulation())\r
return 1;\r
}\r
\r
int CmdT55xxRecoverPW(const char *Cmd) {\r
}\r
\r
int CmdT55xxRecoverPW(const char *Cmd) {\r