}
}
-//Testing to fix timing issues
-void SimulateTagLowFrequencyTest(int period, int gap, int ledcontrol)
+//Testing to fix timing issues by marshmellow (MM)
+void SimulateTagLowFrequencyMM(int period, int gap, int ledcontrol)
{
int i;
uint8_t *tab = BigBuf_get_addr();
while(!(AT91C_BASE_PIOA->PIO_PDSR & GPIO_SSC_CLK)) {
WDT_HIT();
}
- if (i>0 && tab[i]!=tab[i-1]){
+ if (i>0){
+ if (tab[i]!=tab[i-1]){
+ // transition
+ if (ledcontrol)
+ LED_D_ON();
+
+ // modulate coil
+ if(tab[i])
+ OPEN_COIL();
+ else
+ SHORT_COIL();
+
+ if (ledcontrol)
+ LED_D_OFF();
+
+ } else { //no transition
+ //NOTE: it appears the COIL transition messes with the detection of the carrier, so if a transition happened
+ // skip test for readers Carrier = LOW, otherwise we get a bit behind
+
+ //wait until reader carrier is LOW
+ while(AT91C_BASE_PIOA->PIO_PDSR & GPIO_SSC_CLK) {
+ WDT_HIT();
+ }
+ }
+ } else {
// transition
if (ledcontrol)
LED_D_ON();
SHORT_COIL();
if (ledcontrol)
- LED_D_OFF();
- } else { //no transition
- //NOTE: it appears the COIL transition messes with the detection of the carrier, so if a transition happened
- // skip test for readers Carrier = LOW, otherwise we get a bit behind
-
- //wait until reader carrier is LOW
- while(AT91C_BASE_PIOA->PIO_PDSR & GPIO_SSC_CLK) {
- WDT_HIT();
- }
- }
+ LED_D_OFF();
+ }
+ WDT_HIT();
+
i++;
if(i == period) {
for (idx=0; idx < (uint8_t) clock/c; idx++){
// loop through field clock length - put 1/2 FC length 1's and 1/2 0's per field clock wave (to create the wave)
for (fcCnt=0; fcCnt < c; fcCnt++){ //fudge slow transition from low to high - shorten wave by 1
- if (fcCnt < c/2){
- dest[((*n)++)]=1;
+ if (fcCnt < c/2+1){
+ dest[((*n)++)]=0;
} else {
//fudge low to high transition
- //if (idx==clock/c && dest[*n-1]==1 && mod>0) dest[((*n++))]=0;
- dest[((*n)++)]=0;
+ //if (idx==clock/c && dest[*n-1]==1 && mod>0) dest[((*n++))]=0;
+ //if (c==8 && fcCnt==5) continue;
+ dest[((*n)++)]=1;
}
}
}
if (mod>0) (*modCnt)++;
- if ((mod>0) && modAdjOk){ //fsk2
- if ((*modCnt % modAdj) == 0){
+ if ((mod>0) && modAdjOk){ //fsk2
+ if ((*modCnt % modAdj) == 0){ //if 4th 8 length wave in a rf/50 add extra 8 length wave
for (fcCnt=0; fcCnt < c; fcCnt++){ //fudge slow transition from low to high - shorten wave by 1
- if (fcCnt < c/2){
- dest[((*n)++)]=1;
+ if (fcCnt < c/2+1){
+ dest[((*n)++)]=0;
} else {
- dest[((*n)++)]=0;
+ //if (c==8 && fcCnt==5) continue;
+ dest[((*n)++)]=1;
}
}
}
if (mod>0 && !modAdjOk){ //fsk1
for (idx=0; idx < mod; idx++){
if (idx < mod/2) {
- dest[((*n)++)]=1;
- } else {
dest[((*n)++)]=0;
+ } else {
+ dest[((*n)++)]=1;
}
}
}
if (ledcontrol)
LED_A_ON();
- SimulateTagLowFrequencyTest(n, 0, ledcontrol);
+ SimulateTagLowFrequencyMM(n, 0, ledcontrol);
if (ledcontrol)
LED_A_OFF();
if (ledcontrol)
LED_A_ON();
- SimulateTagLowFrequencyTest(n, 0, ledcontrol);
+ SimulateTagLowFrequencyMM(n, 0, ledcontrol);
if (ledcontrol)
LED_A_OFF();
if (ledcontrol)
LED_A_ON();
- SimulateTagLowFrequencyTest(n, 0, ledcontrol);
+ SimulateTagLowFrequencyMM(n, 0, ledcontrol);
if (ledcontrol)
LED_A_OFF();
--- /dev/null
+@echo off
+color 0a
+MODE CON COLS=80 LINES=36
+title OS FLASH FILE
+echo.
+echo.
+echo.
+echo ======================================================================
+echo ©¦!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! O__O !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!©¦
+echo ©¦==================================================================©¦
+echo ©¦OS-ONLY FLASHER BATCH FILE ©¦
+echo ©¦ ©¦
+echo ©¦you will need to have this file (FLASH - OS.bat) in \win32 folder ©¦
+echo ©¦you will need to have flasher.exe in \win32 folder ©¦
+echo ©¦you will need to have osimage.elf in \firmware_win folder ©¦
+echo ©¦ ©¦
+echo ©¦ ©¦
+echo ©¦IF YOU HAVE THOSE REQUISITES HIT ANY BUTTON TO CONTINUE ! ©¦
+echo ©¦------------------------------------------------------------------©¦
+echo ======================================================================
+pause.
+
+cls
+echo.
+echo ====================================
+echo FLASHING osimage.elf, please wait...
+echo ====================================
+echo.
+flasher.exe com3 ..\armsrc\obj\osimage.elf
+
+pause.
+
+cls
+title DONE
+echo.
+echo ___/ \___/ \___/ \___/ \___/ \___/ \___/ \___/ \___
+echo / \___/ \___/ \___/ \___/ \___/ \___/ \___/ \___/ \
+echo \___/ \___/ \___/ \___/ \___/ \___/ \___/ \___/ \___/
+echo / \___/ \___/ \
+echo \___/ \___/
+echo / \ / \
+echo \___/ \___/
+echo / \ FLASHING OPERATION SUCCESSFUL ! Enjoy it ! / \
+echo \___/ \___/
+echo / \ / \
+echo \___/ \___/
+echo / \ BATCH FILE BY ASPER / \
+echo \___/ \___/
+echo / \ / \
+echo \___/ \___/
+echo / \___ ___/ \
+echo \___/ \___ ___ ___ ___ ___ ___ ___/ \___/
+echo / \___/ \___/ \___/ \___/ \___/ \___/ \___/ \___/ \
+echo \___/ \___/ \___/ \___/ \___/ \___/ \___/ \___/ \___/
+echo \___/ \___/ \___/ \___/ \___/ \___/ \___/ \___/
+
+echo.
+pause.
+cls
+MODE CON COLS=130 LINES=36
+cmd.exe
return;
}
-
+int CmdPrintDemodBuff(const char *Cmd)
+{
+ printDemodBuff();
+ return 1;
+}
int CmdAmp(const char *Cmd)
{
int i, rising, falling;
return 1;
}
+// set demod buffer back to raw after biphase demod
+void setBiphaseDemodBuf(uint8_t *BitStream, size_t size)
+{
+ uint8_t rawStream[512]={0x00};
+ size_t i=0;
+ uint8_t curPhase=0;
+ if (size > 256) {
+ PrintAndLog("ERROR - Biphase Demod Buffer overrun");
+ return;
+ }
+ for (size_t idx=0; idx<size; idx++){
+ if(BitStream[idx]){
+ rawStream[i++] = curPhase;
+ rawStream[i++] = curPhase;
+ curPhase ^= 1;
+ } else {
+ rawStream[i++] = curPhase;
+ rawStream[i++] = curPhase ^ 1;
+ }
+ }
+ setDemodBuf(rawStream,i,0);
+ return;
+}
//by marshmellow
//takes 4 arguments - clock, invert, maxErr as integers and amplify as char
//attempts to demodulate ask only
return 1;
}
+//by marshmellow
+//attempts to demodulate and identify a G_Prox_II verex/chubb card
+//WARNING: if it fails during some points it will destroy the DemodBuffer data
+// but will leave the GraphBuffer intact.
+//if successful it will push askraw data back to demod buffer ready for emulation
+int CmdG_Prox_II_Demod(const char *Cmd)
+{
+ int ans = ASKrawDemod(Cmd, FALSE);
+ if (ans <= 0) {
+ if (g_debugMode) PrintAndLog("Error AskrawDemod: %d",ans);
+ return ans;
+ }
+ size_t size = DemodBufferLen;
+ ans = BiphaseRawDecode(DemodBuffer, &size, 0, 0);
+ if (ans !=0) {
+ if (g_debugMode) PrintAndLog("Error BiphaseRawDecode: %d",ans);
+ return ans;
+ }
+ //call lfdemod.c demod for gProxII
+ ans = gProxII_Demod(DemodBuffer, &size);
+ if (ans < 0){
+ if (g_debugMode) PrintAndLog("Error gProxII_Demod 1st Try: %d",ans);
+ //try biphase again
+ ans = BiphaseRawDecode(DemodBuffer, &size, 1, 0);
+ if (ans != 0) {
+ if (g_debugMode) PrintAndLog("Error BiphaseRawDecode: %d",ans);
+ return ans;
+ }
+ ans = gProxII_Demod(DemodBuffer, &size);
+ if (ans < 0) {
+ if (g_debugMode) PrintAndLog("Error gProxII_Demod 1st Try: %d",ans);
+ return ans;
+ }
+ }
+ //got a good demod
+ uint32_t ByteStream[65] = {0x00};
+ uint8_t xorKey=0;
+ uint8_t keyCnt=0;
+ uint8_t bitCnt=0;
+ uint8_t ByteCnt=0;
+ size_t startIdx = ans + 6; //start after preamble
+ for (size_t idx = 0; idx<size-6; idx++){
+ if ((idx+1) % 5 == 0){
+ //spacer bit - should be 0
+ if (DemodBuffer[startIdx+idx] != 0) {
+ if (g_debugMode) PrintAndLog("Error spacer not 0: %d, pos: %d",DemodBuffer[startIdx+idx],startIdx+idx);
+ return -1;
+ }
+ continue;
+ }
+ if (keyCnt<8){ //lsb first
+ xorKey = xorKey | (DemodBuffer[startIdx+idx]<<keyCnt);
+ keyCnt++;
+ if (keyCnt==8 && g_debugMode) PrintAndLog("xorKey Found: %02x", xorKey);
+ continue;
+ }
+ //lsb first
+ ByteStream[ByteCnt] = ByteStream[ByteCnt] | (DemodBuffer[startIdx+idx]<<bitCnt);
+ bitCnt++;
+ if (bitCnt % 8 == 0){
+ if (g_debugMode) PrintAndLog("byte %d: %02x",ByteCnt,ByteStream[ByteCnt]);
+ bitCnt=0;
+ ByteCnt++;
+ }
+ }
+ for (uint8_t i = 0; i < ByteCnt; i++){
+ ByteStream[i] ^= xorKey; //xor
+ if (g_debugMode) PrintAndLog("byte %d after xor: %02x", i, ByteStream[i]);
+ }
+ //now ByteStream contains 64 bytes of decrypted raw tag data
+ //
+ uint8_t fmtLen = ByteStream[0]>>2;
+ uint32_t FC = 0;
+ uint32_t Card = 0;
+ uint32_t raw1 = bytebits_to_byte(DemodBuffer+ans,32);
+ uint32_t raw2 = bytebits_to_byte(DemodBuffer+ans+32, 32);
+ uint32_t raw3 = bytebits_to_byte(DemodBuffer+ans+64, 32);
+
+ if (fmtLen==36){
+ FC = ((ByteStream[3] & 0x7F)<<7) | (ByteStream[4]>>1);
+ Card = ((ByteStream[4]&1)<<19) | (ByteStream[5]<<11) | (ByteStream[6]<<3) | (ByteStream[7]>>5);
+ PrintAndLog("G-Prox-II Found: FmtLen %d, FC %d, Card %d",fmtLen,FC,Card);
+ } else if(fmtLen==26){
+ FC = ((ByteStream[3] & 0x7F)<<1) | (ByteStream[4]>>7);
+ Card = ((ByteStream[4]&0x7F)<<9) | (ByteStream[5]<<1) | (ByteStream[6]>>7);
+ PrintAndLog("G-Prox-II Found: FmtLen %d, FC %d, Card %d",fmtLen,FC,Card);
+ } else {
+ PrintAndLog("Unknown G-Prox-II Fmt Found: FmtLen %d",fmtLen);
+ }
+ PrintAndLog("Raw: %08x%08x%08x", raw1,raw2,raw3);
+ setBiphaseDemodBuf(DemodBuffer+ans, 96);
+ return 1;
+}
+
//by marshmellow - see ASKrawDemod
int Cmdaskrawdemod(const char *Cmd)
{
//{"askdemod", Cmdaskdemod, 1, "<0 or 1> -- Attempt to demodulate simple ASK tags"},
{"askedgedetect", CmdAskEdgeDetect, 1, "[threshold] Adjust Graph for manual ask demod using length of sample differences to detect the edge of a wave (default = 25)"},
{"askem410xdemod",CmdAskEM410xDemod, 1, "[clock] [invert<0|1>] [maxErr] -- Demodulate an EM410x tag from GraphBuffer (args optional)"},
+ {"askgproxiidemod",CmdG_Prox_II_Demod,1, "Demodulate a G Prox II tag from GraphBuffer"},
//{"askmandemod", Cmdaskmandemod, 1, "[clock] [invert<0|1>] [maxErr] -- Attempt to demodulate ASK/Manchester tags and output binary (args optional)"},
//{"askrawdemod", Cmdaskrawdemod, 1, "[clock] [invert<0|1>] -- Attempt to demodulate ASK tags and output bin (args optional)"},
{"autocorr", CmdAutoCorr, 1, "<window length> -- Autocorrelation over window"},
//{"nrzrawdemod", CmdNRZrawDemod, 1, "[clock] [invert<0|1>] [maxErr] -- Attempt to demodulate nrz tags and output binary (args optional)"},
{"plot", CmdPlot, 1, "Show graph window (hit 'h' in window for keystroke help)"},
//{"pskdetectclock",CmdDetectPSKClockRate, 1, "Detect ASK, PSK, or NRZ clock rate"},
+ {"printdemodbuffer",CmdPrintDemodBuff,1, "[clock] [invert<0|1>] -- Demodulate an indala tag (PSK1) from GraphBuffer (args optional)"},
{"pskindalademod",CmdIndalaDecode, 1, "[clock] [invert<0|1>] -- Demodulate an indala tag (PSK1) from GraphBuffer (args optional)"},
//{"psk1rawdemod", CmdPSK1rawDemod, 1, "[clock] [invert<0|1>] [maxErr] -- Attempt to demodulate psk1 tags and output binary (args optional)"},
//{"psk2rawdemod", CmdPSK2rawDemod, 1, "[clock] [invert<0|1>] [maxErr] -- Attempt to demodulate psk2 tags and output binary (args optional)"},
int CmdAmp(const char *Cmd);
int Cmdaskdemod(const char *Cmd);
int CmdAskEM410xDemod(const char *Cmd);
+int CmdG_Prox_II_Demod(const char *Cmd);
int Cmdaskrawdemod(const char *Cmd);
int Cmdaskmandemod(const char *Cmd);
int CmdAutoCorr(const char *Cmd);
setDemodBuf(data, dataLen, 0);
}
if (clk == 0) clk = 64;
-
+ if (manchester == 0) clk = clk/2; //askraw needs to double the clock speed
uint16_t arg1, arg2;
+ size_t size=DemodBufferLen;
arg1 = clk << 8 | manchester;
arg2 = invert << 8 | separator;
- UsbCommand c = {CMD_ASK_SIM_TAG, {arg1, arg2, DemodBufferLen}};
- if (DemodBufferLen > USB_CMD_DATA_SIZE) {
- PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", DemodBufferLen, USB_CMD_DATA_SIZE);
+ if (size > USB_CMD_DATA_SIZE) {
+ PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
+ size = USB_CMD_DATA_SIZE;
}
- PrintAndLog("preparing to sim ask data: %d bits", DemodBufferLen);
- memcpy(c.d.asBytes, DemodBuffer, DemodBufferLen);
+ UsbCommand c = {CMD_ASK_SIM_TAG, {arg1, arg2, size}};
+
+ PrintAndLog("preparing to sim ask data: %d bits", size);
+ memcpy(c.d.asBytes, DemodBuffer, size);
SendCommand(&c);
return 0;
}
return usage_lf_simpsk();
}
if (dataLen == 0){ //using DemodBuffer
- if (clk==0) clk = GetPskClock(NULL, FALSE, FALSE);
- if (!carrier) carrier = GetPskCarrier(NULL, FALSE, FALSE);
+ PrintAndLog("Getting Clocks");
+ if (clk==0) clk = GetPskClock("", FALSE, FALSE);
+ PrintAndLog("clk: %d",clk);
+ if (!carrier) carrier = GetPskCarrier("", FALSE, FALSE);
+ PrintAndLog("carrier: %d", carrier);
} else {
setDemodBuf(data, dataLen, 0);
}
+
if (clk <= 0) clk = 32;
if (carrier == 0) carrier = 2;
if (pskType != 1){
if (DemodBufferLen > USB_CMD_DATA_SIZE) {
PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", DemodBufferLen, USB_CMD_DATA_SIZE);
}
+ PrintAndLog("DEBUG: Sending DemodBuffer Length: %d", DemodBufferLen);
memcpy(c.d.asBytes, DemodBuffer, DemodBufferLen);
SendCommand(&c);
return 0;
PrintAndLog("\nValid EM410x ID Found!");
return 1;
}
+ ans=CmdG_Prox_II_Demod("");
+ if (ans>0) {
+ PrintAndLog("\nValid G Prox II ID Found!");
+ return 1;
+ }
PrintAndLog("\nNo Known Tags Found!\n");
if (testRaw=='u' || testRaw=='U'){
//test unknown tag formats (raw mode)
projects / proxmark3-svn / commitdiff