added magic card write block

diff --git a/client/cmdhfmf.c b/client/cmdhfmf.c
index 9928cb1b899de4f42ff1e7a8e210d78b87eb3e49..8c91e84cb9f3015510841735467a514a27bffae4 100644 (file)
--- a/client/cmdhfmf.c
+++ b/client/cmdhfmf.c
@@ -1255,6 +1255,40 @@ int CmdHF14AMfCSetUID(const char *Cmd)
 \r
 int CmdHF14AMfCSetBlk(const char *Cmd)\r
 {\r
 \r
 int CmdHF14AMfCSetBlk(const char *Cmd)\r
 {\r

+       uint8_t uid[8];\r
+       uint8_t memBlock[16];\r
+       uint8_t blockNo = 0;\r
+       int res;\r
+       memset(memBlock, 0x00, sizeof(memBlock));\r
+\r
+       if (strlen(Cmd) < 1 || param_getchar(Cmd, 0) == 'h') {\r
+               PrintAndLog("Usage:  hf mf csetblk <block number> <block data (32 hex symbols)>");\r
+               PrintAndLog("sample:  hf mf csetblk 1 01020304050607080910111213141516");\r
+               PrintAndLog("Set block data for magic Chinese card (only works with!!!)");\r
+               PrintAndLog("If you want wipe card then add 'w' into command line. \n");\r
+               return 0;\r
+       }       \r
+\r
+       blockNo = param_get8(Cmd, 0);\r
+       if (blockNo >= 32 * 4 + 8 * 16) {\r
+               PrintAndLog("Block number must be in [0..255] as in MIFARE classic.");\r
+               return 1;\r
+       }\r
+\r
+       if (param_gethex(Cmd, 1, memBlock, 32)) {\r
+               PrintAndLog("block data must include 32 HEX symbols");\r
+               return 1;\r
+       }\r
+\r
+       PrintAndLog("--block number:%02x data:%s", blockNo, sprint_hex(memBlock, 16));\r
+\r
+       res = mfCSetBlock(blockNo, memBlock, uid, 0);\r
+       if (res) {\r
+                       PrintAndLog("Can't write block. error=%d", res);\r
+                       return 1;\r
+               }\r
+       \r
+       PrintAndLog("UID:%s", sprint_hex(uid, 4));\r

        return 0;\r
 }\r
 \r
        return 0;\r
 }\r
 \r


@@ -1284,7 +1318,7 @@ static command_t CommandTable[] =
   {"ecfill",   CmdHF14AMfECFill,               0, "Fill simulator memory with help of keys from simulator"},\r
   {"ekeyprn",  CmdHF14AMfEKeyPrn,      0, "Print keys from simulator memory"},\r
   {"csetuid",  CmdHF14AMfCSetUID,      0, "Set UID for magic Chinese card"},\r
   {"ecfill",   CmdHF14AMfECFill,               0, "Fill simulator memory with help of keys from simulator"},\r
   {"ekeyprn",  CmdHF14AMfEKeyPrn,      0, "Print keys from simulator memory"},\r
   {"csetuid",  CmdHF14AMfCSetUID,      0, "Set UID for magic Chinese card"},\r

-  {"csetblk",  CmdHF14AMfCSetBlk,      0, "(n/a)Write block into magic Chinese card"},\r
+  {"csetblk",  CmdHF14AMfCSetBlk,      0, "Write block into magic Chinese card"},\r

   {"cload",            CmdHF14AMfCLoad,                0, "(n/a)Load dump into magic Chinese card"},\r
   {NULL, NULL, 0, NULL}\r
 };\r
   {"cload",            CmdHF14AMfCLoad,                0, "(n/a)Load dump into magic Chinese card"},\r
   {NULL, NULL, 0, NULL}\r
 };\r

diff --git a/client/mifarehost.c b/client/mifarehost.c
index 529c248d9604a9c9d8fcee815aab7e17f476d564..2ce0b5e2c02188e501752b42b49f8679adbdbd9a 100644 (file)
--- a/client/mifarehost.c
+++ b/client/mifarehost.c
@@ -217,14 +217,19 @@ int mfEmlSetMem(uint8_t *data, int blockNum, int blocksCount) {
 }\r
 \r
 int mfCSetUID(uint8_t *uid, uint8_t *oldUID, int wantWipe) {\r
 }\r
 \r
 int mfCSetUID(uint8_t *uid, uint8_t *oldUID, int wantWipe) {\r

-       uint8_t isOK = 0;\r

        uint8_t block0[16];\r
        memset(block0, 0, 16);\r
        memcpy(block0, uid, 4); \r
        block0[4] = block0[0]^block0[1]^block0[2]^block0[3]; // Mifare UID BCC\r
        uint8_t block0[16];\r
        memset(block0, 0, 16);\r
        memcpy(block0, uid, 4); \r
        block0[4] = block0[0]^block0[1]^block0[2]^block0[3]; // Mifare UID BCC\r

+       \r
+       return mfCSetBlock(0, block0, oldUID, wantWipe);\r
+}\r
+\r
+int mfCSetBlock(uint8_t blockNo, uint8_t *data, uint8_t *uid, int wantWipe) {\r
+       uint8_t isOK = 0;\r

 \r
 \r

-  UsbCommand c = {CMD_MIFARE_EML_CSETBLOCK, {wantWipe, 1, 0}};\r
-       memcpy(c.d.asBytes, block0, 16); \r
+  UsbCommand c = {CMD_MIFARE_EML_CSETBLOCK, {wantWipe, 1, blockNo}};\r
+       memcpy(c.d.asBytes, data, 16); \r

   SendCommand(&c);\r
 \r
        UsbCommand * resp = WaitForResponseTimeout(CMD_ACK, 1500);\r
   SendCommand(&c);\r
 \r
        UsbCommand * resp = WaitForResponseTimeout(CMD_ACK, 1500);\r


@@ -232,7 +237,7 @@ int mfCSetUID(uint8_t *uid, uint8_t *oldUID, int wantWipe) {
        if (resp != NULL) {\r
                isOK  = resp->arg[0] & 0xff;\r
                PrintAndLog("isOk:%02x", isOK);\r
        if (resp != NULL) {\r
                isOK  = resp->arg[0] & 0xff;\r
                PrintAndLog("isOk:%02x", isOK);\r

-               memcpy(oldUID, resp->d.asBytes, 4); \r
+               memcpy(uid, resp->d.asBytes, 4); \r

                if (!isOK) return 2;\r
        } else {\r
                PrintAndLog("Command execute timeout");\r
                if (!isOK) return 2;\r
        } else {\r
                PrintAndLog("Command execute timeout");\r

diff --git a/client/mifarehost.h b/client/mifarehost.h
index e5d7c84a6388a1f48a21ff87a3fdb6e1cfad2716..4a107fd0cba0f39aa76539989eb4212636150a3e 100644 (file)
--- a/client/mifarehost.h
+++ b/client/mifarehost.h
@@ -45,4 +45,5 @@ int mfCheckKeys (uint8_t blockNo, uint8_t keyType, uint8_t keycnt, uint8_t * key
 int mfEmlGetMem(uint8_t *data, int blockNum, int blocksCount);\r
 int mfEmlSetMem(uint8_t *data, int blockNum, int blocksCount);\r
 int mfCSetUID(uint8_t *uid, uint8_t *oldUID, int wantWipe);\r
 int mfEmlGetMem(uint8_t *data, int blockNum, int blocksCount);\r
 int mfEmlSetMem(uint8_t *data, int blockNum, int blocksCount);\r
 int mfCSetUID(uint8_t *uid, uint8_t *oldUID, int wantWipe);\r

+int mfCSetBlock(uint8_t blockNo, uint8_t *data, uint8_t *uid, int wantWipe);\r

 \r
 \r