From: iceman1001 Date: Tue, 10 Mar 2015 08:18:35 +0000 (+0100) Subject: Merge branch 'master' of https://github.com/Proxmark/proxmark3 X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/commitdiff_plain/12d708fec157dfde6f94d61e5fdc265713a71578?hp=652c39c63bce093cec80b174dfb0d8154e7c6827 Merge branch 'master' of https://github.com/Proxmark/proxmark3 Conflicts: client/cmddata.c client/cmddata.h --- diff --git a/armsrc/appmain.c b/armsrc/appmain.c index f1edc3aa..f6c97978 100644 --- a/armsrc/appmain.c +++ b/armsrc/appmain.c @@ -661,6 +661,15 @@ void UsbPacketReceived(uint8_t *packet, int len) case CMD_HID_SIM_TAG: CmdHIDsimTAG(c->arg[0], c->arg[1], 1); break; + case CMD_FSK_SIM_TAG: + CmdFSKsimTAG(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes); + break; + case CMD_ASK_SIM_TAG: + CmdASKsimTag(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes); + break; + case CMD_PSK_SIM_TAG: + CmdPSKsimTag(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes); + break; case CMD_HID_CLONE_TAG: CopyHIDtoT55x7(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes[0]); break; diff --git a/armsrc/apps.h b/armsrc/apps.h index dc8a9c93..3fe8acae 100644 --- a/armsrc/apps.h +++ b/armsrc/apps.h @@ -122,6 +122,9 @@ void SimulateTagLowFrequency( uint16_t period, uint32_t gap, uint8_t ledcontrol) //void SimulateTagLowFrequencyA(int period, int gap); void CmdHIDsimTAG(int hi, int lo, int ledcontrol); +void CmdFSKsimTAG(uint16_t arg1, uint16_t arg2, size_t size, uint8_t *BitStream); +void CmdASKsimTag(uint16_t arg1, uint16_t arg2, size_t size, uint8_t *BitStream); +void CmdPSKsimTag(uint16_t arg1, uint16_t arg2, size_t size, uint8_t *BitStream); void CmdHIDdemodFSK(int findone, int *high, int *low, int ledcontrol); void CmdEM410xdemod(int findone, int *high, int *low, int ledcontrol); void CmdIOdemodFSK(int findone, int *high, int *low, int ledcontrol); diff --git a/armsrc/iso14443a.c b/armsrc/iso14443a.c index f2fa1ff2..fe5533e0 100644 --- a/armsrc/iso14443a.c +++ b/armsrc/iso14443a.c @@ -2301,8 +2301,6 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t * } if(cardSTATE == MFEMUL_NOFIELD) continue; - //Now, get data - res = EmGetCmd(receivedCmd, &len, receivedCmd_par); if (res == 2) { //Field is off! cardSTATE = MFEMUL_NOFIELD; @@ -2373,7 +2371,7 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t * uint32_t nr = bytes_to_num(&receivedCmd[4], 4); //Collect AR/NR - if(ar_nr_collected < 2){ + if(ar_nr_collected < 2 && cardAUTHSC == 2){ if(ar_nr_responses[2] != ar) {// Avoid duplicates... probably not necessary, ar should vary. ar_nr_responses[ar_nr_collected*4] = cuid; @@ -2381,6 +2379,11 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t * ar_nr_responses[ar_nr_collected*4+2] = ar; ar_nr_responses[ar_nr_collected*4+3] = nr; ar_nr_collected++; + } + // Interactive mode flag, means we need to send ACK + if(flags & FLAG_INTERACTIVE && ar_nr_collected == 2) + { + finished = true; } } @@ -2528,7 +2531,7 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t * mf_crypto1_encrypt(pcs, response, 18, response_par); EmSendCmdPar(response, 18, response_par); numReads++; - if(exitAfterNReads > 0 && numReads == exitAfterNReads) { + if(exitAfterNReads > 0 && numReads >= exitAfterNReads) { Dbprintf("%d reads done, exiting", numReads); finished = true; } @@ -2648,12 +2651,12 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t * if(flags & FLAG_INTERACTIVE)// Interactive mode flag, means we need to send ACK { //May just aswell send the collected ar_nr in the response aswell - cmd_send(CMD_ACK,CMD_SIMULATE_MIFARE_CARD,0,0,&ar_nr_responses,ar_nr_collected*4*4); + cmd_send(CMD_ACK,CMD_SIMULATE_MIFARE_CARD,1,0,&ar_nr_responses,ar_nr_collected*4*4); } - if(flags & FLAG_NR_AR_ATTACK) + if(flags & FLAG_NR_AR_ATTACK && MF_DBGLEVEL >= 1 ) { - if(ar_nr_collected > 1) { + if(ar_nr_collected > 1 ) { Dbprintf("Collected two pairs of AR/NR which can be used to extract keys from reader:"); Dbprintf("../tools/mfkey/mfkey32 %08x %08x %08x %08x %08x %08x", ar_nr_responses[0], // UID @@ -2665,7 +2668,7 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t * ); } else { Dbprintf("Failed to obtain two AR/NR pairs!"); - if(ar_nr_collected >0) { + if(ar_nr_collected > 0 ) { Dbprintf("Only got these: UID=%08x, nonce=%08x, AR1=%08x, NR1=%08x", ar_nr_responses[0], // UID ar_nr_responses[1], //NT diff --git a/armsrc/lfops.c b/armsrc/lfops.c index 16e46c8b..887e8404 100644 --- a/armsrc/lfops.c +++ b/armsrc/lfops.c @@ -392,11 +392,12 @@ void SimulateTagLowFrequency(uint16_t period, uint32_t gap, uint8_t ledcontrol) AT91C_BASE_PIOA->PIO_OER = GPIO_SSC_DOUT; AT91C_BASE_PIOA->PIO_ODR = GPIO_SSC_CLK; -#define SHORT_COIL() LOW(GPIO_SSC_DOUT) -#define OPEN_COIL() HIGH(GPIO_SSC_DOUT) + #define SHORT_COIL() LOW(GPIO_SSC_DOUT) + #define OPEN_COIL() HIGH(GPIO_SSC_DOUT) i = 0; for(;;) { + //wait until SSC_CLK goes HIGH while(!(AT91C_BASE_PIOA->PIO_PDSR & GPIO_SSC_CLK)) { if(BUTTON_PRESS()) { DbpString("Stopped"); @@ -404,7 +405,6 @@ void SimulateTagLowFrequency(uint16_t period, uint32_t gap, uint8_t ledcontrol) } WDT_HIT(); } - if (ledcontrol) LED_D_ON(); @@ -415,17 +415,18 @@ void SimulateTagLowFrequency(uint16_t period, uint32_t gap, uint8_t ledcontrol) if (ledcontrol) LED_D_OFF(); - + //wait until SSC_CLK goes LOW while(AT91C_BASE_PIOA->PIO_PDSR & GPIO_SSC_CLK) { if(BUTTON_PRESS()) { DbpString("Stopped"); return; } WDT_HIT(); - } - + } + i++; if(i == period) { + i = 0; if (gap) { SHORT_COIL(); @@ -440,8 +441,9 @@ void SimulateTagLowFrequencyBidir(int divisor, int t0) { } -// compose fc/8 fc/10 waveform -static void fc(int c, int *n) { +// compose fc/8 fc/10 waveform (FSK2) +static void fc(int c, int *n) +{ uint8_t *dest = BigBuf_get_addr(); int idx; @@ -449,20 +451,21 @@ static void fc(int c, int *n) { if(c==0) { dest[((*n)++)]=1; dest[((*n)++)]=1; - dest[((*n)++)]=0; - dest[((*n)++)]=0; + dest[((*n)++)]=1; + dest[((*n)++)]=1; dest[((*n)++)]=0; dest[((*n)++)]=0; dest[((*n)++)]=0; dest[((*n)++)]=0; } - // an fc/8 encoded bit is a bit pattern of 11000000 x6 = 48 samples + + // an fc/8 encoded bit is a bit pattern of 11110000 x6 = 48 samples if(c==8) { for (idx=0; idx<6; idx++) { dest[((*n)++)]=1; dest[((*n)++)]=1; - dest[((*n)++)]=0; - dest[((*n)++)]=0; + dest[((*n)++)]=1; + dest[((*n)++)]=1; dest[((*n)++)]=0; dest[((*n)++)]=0; dest[((*n)++)]=0; @@ -470,9 +473,11 @@ static void fc(int c, int *n) { } } - // an fc/10 encoded bit is a bit pattern of 1110000000 x5 = 50 samples + // an fc/10 encoded bit is a bit pattern of 1111100000 x5 = 50 samples if(c==10) { for (idx=0; idx<5; idx++) { + dest[((*n)++)]=1; + dest[((*n)++)]=1; dest[((*n)++)]=1; dest[((*n)++)]=1; dest[((*n)++)]=1; @@ -481,11 +486,39 @@ static void fc(int c, int *n) { dest[((*n)++)]=0; dest[((*n)++)]=0; dest[((*n)++)]=0; - dest[((*n)++)]=0; - dest[((*n)++)]=0; } } } +// compose fc/X fc/Y waveform (FSKx) +static void fcAll(uint8_t fc, int *n, uint8_t clock, uint16_t *modCnt) +{ + uint8_t *dest = BigBuf_get_addr(); + uint8_t halfFC = fc/2; + uint8_t wavesPerClock = clock/fc; + uint8_t mod = clock % fc; //modifier + uint8_t modAdj = fc/mod; //how often to apply modifier + bool modAdjOk = !(fc % mod); //if (fc % mod==0) modAdjOk=TRUE; + // loop through clock - step field clock + for (uint8_t idx=0; idx < wavesPerClock; idx++){ + // put 1/2 FC length 1's and 1/2 0's per field clock wave (to create the wave) + memset(dest+(*n), 0, fc-halfFC); //in case of odd number use extra here + memset(dest+(*n)+(fc-halfFC), 1, halfFC); + *n += fc; + } + if (mod>0) (*modCnt)++; + if ((mod>0) && modAdjOk){ //fsk2 + if ((*modCnt % modAdj) == 0){ //if 4th 8 length wave in a rf/50 add extra 8 length wave + memset(dest+(*n), 0, fc-halfFC); + memset(dest+(*n)+(fc-halfFC), 1, halfFC); + *n += fc; + } + } + if (mod>0 && !modAdjOk){ //fsk1 + memset(dest+(*n), 0, mod-(mod/2)); + memset(dest+(*n)+(mod-(mod/2)), 1, mod/2); + *n += mod; + } +} // prepare a waveform pattern in the buffer based on the ID given then // simulate a HID tag until the button is pressed @@ -503,7 +536,7 @@ void CmdHIDsimTAG(int hi, int lo, int ledcontrol) */ if (hi>0xFFF) { - DbpString("Tags can only have 44 bits."); + DbpString("Tags can only have 44 bits. - USE lf simfsk for larger tags"); return; } fc(0,&n); @@ -543,6 +576,150 @@ void CmdHIDsimTAG(int hi, int lo, int ledcontrol) LED_A_OFF(); } +// prepare a waveform pattern in the buffer based on the ID given then +// simulate a FSK tag until the button is pressed +// arg1 contains fcHigh and fcLow, arg2 contains invert and clock +void CmdFSKsimTAG(uint16_t arg1, uint16_t arg2, size_t size, uint8_t *BitStream) +{ + int ledcontrol=1; + int n=0, i=0; + uint8_t fcHigh = arg1 >> 8; + uint8_t fcLow = arg1 & 0xFF; + uint16_t modCnt = 0; + uint8_t clk = arg2 & 0xFF; + uint8_t invert = (arg2 >> 8) & 1; + + for (i=0; i> 8) & 0xFF; + uint8_t manchester = arg1 & 1; + uint8_t separator = arg2 & 1; + uint8_t invert = (arg2 >> 8) & 1; + for (i=0; i> 8; + uint8_t carrier = arg1 & 0xFF; + uint8_t invert = arg2 & 0xFF; + uint8_t curPhase = 0; + for (i=0; i high) @@ -178,9 +198,9 @@ int Cmdaskdemod(const char *Cmd) * down) */ //[marhsmellow] change == to >= for high and <= for low for fuzz - if ((GraphBuffer[i] == high) && (GraphBuffer[i - 1] == c)) { + if ((GraphBuffer[i] >= high) && (GraphBuffer[i - 1] == c)) { GraphBuffer[i] = 1 - c; - } else if ((GraphBuffer[i] == low) && (GraphBuffer[i - 1] == (1 - c))){ + } else if ((GraphBuffer[i] <= low) && (GraphBuffer[i - 1] == (1 - c))){ GraphBuffer[i] = c; } else { /* No transition */ @@ -191,6 +211,23 @@ int Cmdaskdemod(const char *Cmd) return 0; } +//this function strictly converts >1 to 1 and <1 to 0 for each sample in the graphbuffer +int CmdGetBitStream(const char *Cmd) +{ + int i; + CmdHpf(Cmd); + for (i = 0; i < GraphTraceLen; i++) { + if (GraphBuffer[i] >= 1) { + GraphBuffer[i] = 1; + } else { + GraphBuffer[i] = 0; + } + } + RepaintGraphWindow(); + return 0; +} + + //by marshmellow void printBitStream(uint8_t BitStream[], uint32_t bitLen) { @@ -506,9 +543,33 @@ int CmdBiphaseDecodeRaw(const char *Cmd) PrintAndLog("Biphase Decoded using offset: %d - # errors:%d - data:",offset,errCnt); printBitStream(BitStream, size); PrintAndLog("\nif bitstream does not look right try offset=1"); + if (offset == 1) setDemodBuf(DemodBuffer,DemodBufferLen-1,1); //remove first bit from raw demod return 1; } +// set demod buffer back to raw after biphase demod +void setBiphaseDemodBuf(uint8_t *BitStream, size_t size) +{ + uint8_t rawStream[512]={0x00}; + size_t i=0; + uint8_t curPhase=0; + if (size > 256) { + PrintAndLog("ERROR - Biphase Demod Buffer overrun"); + return; + } + for (size_t idx=0; idx>2; + uint32_t FC = 0; + uint32_t Card = 0; + uint32_t raw1 = bytebits_to_byte(DemodBuffer+ans,32); + uint32_t raw2 = bytebits_to_byte(DemodBuffer+ans+32, 32); + uint32_t raw3 = bytebits_to_byte(DemodBuffer+ans+64, 32); + + if (fmtLen==36){ + FC = ((ByteStream[3] & 0x7F)<<7) | (ByteStream[4]>>1); + Card = ((ByteStream[4]&1)<<19) | (ByteStream[5]<<11) | (ByteStream[6]<<3) | (ByteStream[7]>>5); + PrintAndLog("G-Prox-II Found: FmtLen %d, FC %d, Card %d",fmtLen,FC,Card); + } else if(fmtLen==26){ + FC = ((ByteStream[3] & 0x7F)<<1) | (ByteStream[4]>>7); + Card = ((ByteStream[4]&0x7F)<<9) | (ByteStream[5]<<1) | (ByteStream[6]>>7); + PrintAndLog("G-Prox-II Found: FmtLen %d, FC %d, Card %d",fmtLen,FC,Card); + } else { + PrintAndLog("Unknown G-Prox-II Fmt Found: FmtLen %d",fmtLen); + } + PrintAndLog("Raw: %08x%08x%08x", raw1,raw2,raw3); + setBiphaseDemodBuf(DemodBuffer+ans, 96); + return 1; +} + //by marshmellow - see ASKrawDemod int Cmdaskrawdemod(const char *Cmd) { @@ -840,9 +995,9 @@ int FSKrawDemod(const char *Cmd, bool verbose) //raw fsk demod no manchester decoding no start bit finding just get binary from wave //set defaults int rfLen = 0; - int invert=0; - int fchigh=0; - int fclow=0; + int invert = 0; + int fchigh = 0; + int fclow = 0; //set options from parameters entered with the command sscanf(Cmd, "%i %i %i %i", &rfLen, &invert, &fchigh, &fclow); @@ -861,7 +1016,7 @@ int FSKrawDemod(const char *Cmd, bool verbose) uint16_t fcs=0; uint8_t dummy=0; if (fchigh==0 || fclow == 0){ - fcs=countFC(BitStream, BitLen, &dummy); + fcs = countFC(BitStream, BitLen, &dummy); if (fcs==0){ fchigh=10; fclow=8; @@ -886,6 +1041,7 @@ int FSKrawDemod(const char *Cmd, bool verbose) PrintAndLog("FSK decoded bitstream:"); printBitStream(BitStream,size); } + return 1; } else{ if (verbose) PrintAndLog("no FSK data found"); @@ -1043,7 +1199,7 @@ int CmdFSKdemodParadox(const char *Cmd) uint32_t rawLo = bytebits_to_byte(BitStream+idx+64,32); uint32_t rawHi = bytebits_to_byte(BitStream+idx+32,32); uint32_t rawHi2 = bytebits_to_byte(BitStream+idx,32); - + PrintAndLog("Paradox TAG ID: %x%08x - FC: %d - Card: %d - Checksum: %02x - RAW: %08x%08x%08x", hi>>10, (hi & 0x3)<<26 | (lo>>10), fc, cardnum, (lo>>2) & 0xFF, rawHi2, rawHi, rawLo); setDemodBuf(BitStream,BitLen,idx); @@ -1495,9 +1651,14 @@ int PSKDemod(const char *Cmd, bool verbose) } uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0}; size_t BitLen = getFromGraphBuf(BitStream); - if (BitLen==0) return 0; + if (BitLen==0) return -1; + uint8_t carrier=countPSK_FC(BitStream, BitLen); + if (carrier!=2 && carrier!=4 && carrier!=8){ + //invalid carrier + return -1; + } int errCnt=0; - errCnt = pskRawDemod(BitStream, &BitLen,&clk,&invert); + errCnt = pskRawDemod(BitStream, &BitLen, &clk, &invert); if (errCnt > maxErr){ if (g_debugMode==1 && verbose) PrintAndLog("Too many errors found, clk: %d, invert: %d, numbits: %d, errCnt: %d",clk,invert,BitLen,errCnt); return -1; @@ -1638,7 +1799,7 @@ int NRZrawDemod(const char *Cmd, bool verbose) // Now output the bitstream to the scrollback by line of 16 bits printDemodBuff(); } - return 1; + return 1; } int CmdNRZrawDemod(const char *Cmd) @@ -1650,11 +1811,11 @@ int CmdNRZrawDemod(const char *Cmd) PrintAndLog(" , 1 for invert output"); PrintAndLog(" [set maximum allowed errors], default = 100."); PrintAndLog(""); - PrintAndLog(" sample: data nrzrawdemod = demod a nrz/direct tag from GraphBuffer"); - PrintAndLog(" : data nrzrawdemod 32 = demod a nrz/direct tag from GraphBuffer using a clock of RF/32"); - PrintAndLog(" : data nrzrawdemod 32 1 = demod a nrz/direct tag from GraphBuffer using a clock of RF/32 and inverting data"); - PrintAndLog(" : data nrzrawdemod 1 = demod a nrz/direct tag from GraphBuffer while inverting data"); - PrintAndLog(" : data nrzrawdemod 64 1 0 = demod a nrz/direct tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors"); + PrintAndLog(" sample: data rawdemod nr = demod a nrz/direct tag from GraphBuffer"); + PrintAndLog(" : data rawdemod nr 32 = demod a nrz/direct tag from GraphBuffer using a clock of RF/32"); + PrintAndLog(" : data rawdemod nr 32 1 = demod a nrz/direct tag from GraphBuffer using a clock of RF/32 and inverting data"); + PrintAndLog(" : data rawdemod nr 1 = demod a nrz/direct tag from GraphBuffer while inverting data"); + PrintAndLog(" : data rawdemod nr 64 1 0 = demod a nrz/direct tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors"); return 0; } return NRZrawDemod(Cmd, TRUE); @@ -1674,11 +1835,11 @@ int CmdPSK1rawDemod(const char *Cmd) PrintAndLog(" , 1 for invert output"); PrintAndLog(" [set maximum allowed errors], default = 100."); PrintAndLog(""); - PrintAndLog(" sample: data psk1rawdemod = demod a psk1 tag from GraphBuffer"); - PrintAndLog(" : data psk1rawdemod 32 = demod a psk1 tag from GraphBuffer using a clock of RF/32"); - PrintAndLog(" : data psk1rawdemod 32 1 = demod a psk1 tag from GraphBuffer using a clock of RF/32 and inverting data"); - PrintAndLog(" : data psk1rawdemod 1 = demod a psk1 tag from GraphBuffer while inverting data"); - PrintAndLog(" : data psk1rawdemod 64 1 0 = demod a psk1 tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors"); + PrintAndLog(" sample: data rawdemod p1 = demod a psk1 tag from GraphBuffer"); + PrintAndLog(" : data rawdemod p1 32 = demod a psk1 tag from GraphBuffer using a clock of RF/32"); + PrintAndLog(" : data rawdemod p1 32 1 = demod a psk1 tag from GraphBuffer using a clock of RF/32 and inverting data"); + PrintAndLog(" : data rawdemod p1 1 = demod a psk1 tag from GraphBuffer while inverting data"); + PrintAndLog(" : data rawdemod p1 64 1 0 = demod a psk1 tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors"); return 0; } errCnt = PSKDemod(Cmd, TRUE); @@ -1708,14 +1869,14 @@ int CmdPSK2rawDemod(const char *Cmd) PrintAndLog(" , 1 for invert output"); PrintAndLog(" [set maximum allowed errors], default = 100."); PrintAndLog(""); - PrintAndLog(" sample: data psk2rawdemod = demod a psk2 tag from GraphBuffer, autodetect clock"); - PrintAndLog(" : data psk2rawdemod 32 = demod a psk2 tag from GraphBuffer using a clock of RF/32"); - PrintAndLog(" : data psk2rawdemod 32 1 = demod a psk2 tag from GraphBuffer using a clock of RF/32 and inverting output"); - PrintAndLog(" : data psk2rawdemod 1 = demod a psk2 tag from GraphBuffer, autodetect clock and invert output"); - PrintAndLog(" : data psk2rawdemod 64 1 0 = demod a psk2 tag from GraphBuffer using a clock of RF/64, inverting output and allowing 0 demod errors"); + PrintAndLog(" sample: data rawdemod p2 = demod a psk2 tag from GraphBuffer, autodetect clock"); + PrintAndLog(" : data rawdemod p2 32 = demod a psk2 tag from GraphBuffer using a clock of RF/32"); + PrintAndLog(" : data rawdemod p2 32 1 = demod a psk2 tag from GraphBuffer using a clock of RF/32 and inverting output"); + PrintAndLog(" : data rawdemod p2 1 = demod a psk2 tag from GraphBuffer, autodetect clock and invert output"); + PrintAndLog(" : data rawdemod p2 64 1 0 = demod a psk2 tag from GraphBuffer using a clock of RF/64, inverting output and allowing 0 demod errors"); return 0; } - errCnt=PSKDemod(Cmd, 1); + errCnt=PSKDemod(Cmd, TRUE); if (errCnt<0){ if (g_debugMode) PrintAndLog("Error demoding: %d",errCnt); return 0; @@ -1834,6 +1995,7 @@ int CmdHide(const char *Cmd) return 0; } +//zero mean GraphBuffer int CmdHpf(const char *Cmd) { int i; @@ -2423,6 +2585,7 @@ static command_t CommandTable[] = //{"askdemod", Cmdaskdemod, 1, "<0 or 1> -- Attempt to demodulate simple ASK tags"}, {"askedgedetect", CmdAskEdgeDetect, 1, "[threshold] Adjust Graph for manual ask demod using length of sample differences to detect the edge of a wave (default = 25)"}, {"askem410xdemod",CmdAskEM410xDemod, 1, "[clock] [invert<0|1>] [maxErr] -- Demodulate an EM410x tag from GraphBuffer (args optional)"}, + {"askgproxiidemod",CmdG_Prox_II_Demod,1, "Demodulate a G Prox II tag from GraphBuffer"}, //{"askmandemod", Cmdaskmandemod, 1, "[clock] [invert<0|1>] [maxErr] -- Attempt to demodulate ASK/Manchester tags and output binary (args optional)"}, //{"askrawdemod", Cmdaskrawdemod, 1, "[clock] [invert<0|1>] -- Attempt to demodulate ASK tags and output bin (args optional)"}, {"autocorr", CmdAutoCorr, 1, " -- Autocorrelation over window"}, @@ -2440,6 +2603,7 @@ static command_t CommandTable[] = {"fskpyramiddemod",CmdFSKdemodPyramid,1, "Demodulate a Pyramid FSK tag from GraphBuffer"}, {"fskparadoxdemod",CmdFSKdemodParadox,1, "Demodulate a Paradox FSK tag from GraphBuffer"}, //{"fskrawdemod", CmdFSKrawdemod, 1, "[clock rate] [invert] [rchigh] [rclow] Demodulate graph window from FSK to bin (clock = 50)(invert = 1|0)(rchigh = 10)(rclow=8)"}, + {"getbitstream", CmdGetBitStream, 1, "Convert GraphBuffer's >=1 values to 1 and <1 to 0"}, {"grid", CmdGrid, 1, " -- overlay grid on graph window, use zero value to turn off either"}, {"hexsamples", CmdHexsamples, 0, " [] -- Dump big buffer as hex bytes"}, {"hide", CmdHide, 1, "Hide graph window"}, @@ -2455,6 +2619,7 @@ static command_t CommandTable[] = //{"nrzrawdemod", CmdNRZrawDemod, 1, "[clock] [invert<0|1>] [maxErr] -- Attempt to demodulate nrz tags and output binary (args optional)"}, {"plot", CmdPlot, 1, "Show graph window (hit 'h' in window for keystroke help)"}, //{"pskdetectclock",CmdDetectPSKClockRate, 1, "Detect ASK, PSK, or NRZ clock rate"}, + {"printdemodbuffer",CmdPrintDemodBuff,1, "[x] -- print the data in the DemodBuffer - 'x' for hex output"}, {"pskindalademod",CmdIndalaDecode, 1, "[clock] [invert<0|1>] -- Demodulate an indala tag (PSK1) from GraphBuffer (args optional)"}, //{"psk1rawdemod", CmdPSK1rawDemod, 1, "[clock] [invert<0|1>] [maxErr] -- Attempt to demodulate psk1 tags and output binary (args optional)"}, //{"psk2rawdemod", CmdPSK2rawDemod, 1, "[clock] [invert<0|1>] [maxErr] -- Attempt to demodulate psk2 tags and output binary (args optional)"}, diff --git a/client/cmddata.h b/client/cmddata.h index c7dbf297..48bd0d91 100644 --- a/client/cmddata.h +++ b/client/cmddata.h @@ -14,12 +14,14 @@ command_t * CmdDataCommands(); int CmdData(const char *Cmd); +void printDemodBuff(void); +void printBitStream(uint8_t BitStream[], uint32_t bitLen); void setDemodBuf(uint8_t *buff, size_t size, size_t startIdx); -void printDemodBuff(); int CmdAmp(const char *Cmd); int Cmdaskdemod(const char *Cmd); int CmdAskEM410xDemod(const char *Cmd); +int CmdG_Prox_II_Demod(const char *Cmd); int Cmdaskrawdemod(const char *Cmd); int Cmdaskmandemod(const char *Cmd); int CmdAutoCorr(const char *Cmd); @@ -39,6 +41,7 @@ int CmdFSKrawdemod(const char *Cmd); int CmdPSK1rawDemod(const char *Cmd); int CmdPSK2rawDemod(const char *Cmd); int CmdGrid(const char *Cmd); +int CmdGetBitStream(const char *Cmd); int CmdHexsamples(const char *Cmd); int CmdHide(const char *Cmd); int CmdHpf(const char *Cmd); diff --git a/client/cmdlf.c b/client/cmdlf.c index 849b96ef..9d62b2a8 100644 --- a/client/cmdlf.c +++ b/client/cmdlf.c @@ -28,6 +28,7 @@ #include "cmdlft55xx.h" #include "cmdlfpcf7931.h" #include "cmdlfio.h" +#include "lfdemod.h" static int CmdHelp(const char *Cmd); @@ -514,11 +515,11 @@ int CmdLFSnoop(const char *Cmd) static void ChkBitstream(const char *str) { int i; - + /* convert to bitstream if necessary */ for (i = 0; i < (int)(GraphTraceLen / 2); i++){ if (GraphBuffer[i] > 1 || GraphBuffer[i] < 0) { - CmdBitstream(str); + CmdGetBitStream(""); break; } } @@ -526,33 +527,379 @@ static void ChkBitstream(const char *str) //appears to attempt to simulate manchester int CmdLFSim(const char *Cmd) { - int i,j; + int i,j; static int gap; sscanf(Cmd, "%i", &gap); /* convert to bitstream if necessary */ + ChkBitstream(Cmd); - printf("Sending [%d bytes]", GraphTraceLen); - for (i = 0; i < GraphTraceLen; i += USB_CMD_DATA_SIZE) { + //can send 512 bits at a time (1 byte sent per bit...) + printf("Sending [%d bytes]", GraphTraceLen); + for (i = 0; i < GraphTraceLen; i += USB_CMD_DATA_SIZE) { UsbCommand c={CMD_DOWNLOADED_SIM_SAMPLES_125K, {i, 0, 0}}; - for (j = 0; j < USB_CMD_DATA_SIZE; j++) { + for (j = 0; j < USB_CMD_DATA_SIZE; j++) { c.d.asBytes[j] = GraphBuffer[i+j]; } SendCommand(&c); WaitForResponse(CMD_ACK,NULL); - printf("."); + printf("."); } - printf("\n"); - PrintAndLog("Starting to simulate"); + printf("\n"); + PrintAndLog("Starting to simulate"); UsbCommand c = {CMD_SIMULATE_TAG_125K, {GraphTraceLen, gap, 0}}; SendCommand(&c); return 0; } +int usage_lf_simfsk(void) +{ + //print help + PrintAndLog("Usage: lf simfsk [c ] [i] [H ] [L ] [d ]"); + PrintAndLog("Options: "); + PrintAndLog(" h This help"); + PrintAndLog(" c Manually set clock - can autodetect if using DemodBuffer"); + PrintAndLog(" i invert data"); + PrintAndLog(" H Manually set the larger Field Clock"); + PrintAndLog(" L Manually set the smaller Field Clock"); + //PrintAndLog(" s TBD- -to enable a gap between playback repetitions - default: no gap"); + PrintAndLog(" d Data to sim as hex - omit to sim from DemodBuffer"); + PrintAndLog("\n NOTE: if you set one clock manually set them all manually"); + return 0; +} + +int usage_lf_simask(void) +{ + //print help + PrintAndLog("Usage: lf simask [c ] [i] [m|r] [s] [d ]"); + PrintAndLog("Options: "); + PrintAndLog(" h This help"); + PrintAndLog(" c Manually set clock - can autodetect if using DemodBuffer"); + PrintAndLog(" i invert data"); + PrintAndLog(" m sim ask/manchester"); + PrintAndLog(" r sim ask/raw"); + PrintAndLog(" s TBD- -to enable a gap between playback repetitions - default: no gap"); + PrintAndLog(" d Data to sim as hex - omit to sim from DemodBuffer"); + return 0; +} + +int usage_lf_simpsk(void) +{ + //print help + PrintAndLog("Usage: lf simpsk [1|2|3] [c ] [i] [r ] [d ]"); + PrintAndLog("Options: "); + PrintAndLog(" h This help"); + PrintAndLog(" c Manually set clock - can autodetect if using DemodBuffer"); + PrintAndLog(" i invert data"); + PrintAndLog(" 1 set PSK1 (default)"); + PrintAndLog(" 2 set PSK2"); + PrintAndLog(" 3 set PSK3"); + PrintAndLog(" r 2|4|8 are valid carriers: default = 2"); + PrintAndLog(" d Data to sim as hex - omit to sim from DemodBuffer"); + return 0; +} + +// by marshmellow - sim ask data given clock, fcHigh, fcLow, invert +// - allow pull data from DemodBuffer +int CmdLFfskSim(const char *Cmd) +{ + //might be able to autodetect FC and clock from Graphbuffer if using demod buffer + //will need FChigh, FClow, Clock, and bitstream + uint8_t fcHigh=0, fcLow=0, clk=0; + uint8_t invert=0; + bool errors = FALSE; + char hexData[32] = {0x00}; // store entered hex data + uint8_t data[255] = {0x00}; + int dataLen = 0; + uint8_t cmdp = 0; + while(param_getchar(Cmd, cmdp) != 0x00) + { + switch(param_getchar(Cmd, cmdp)) + { + case 'h': + return usage_lf_simfsk(); + case 'i': + invert = 1; + cmdp++; + break; + case 'c': + errors |= param_getdec(Cmd,cmdp+1,&clk); + cmdp+=2; + break; + case 'H': + errors |= param_getdec(Cmd,cmdp+1,&fcHigh); + cmdp+=2; + break; + case 'L': + errors |= param_getdec(Cmd,cmdp+1,&fcLow); + cmdp+=2; + break; + //case 's': + // separator=1; + // cmdp++; + // break; + case 'd': + dataLen = param_getstr(Cmd, cmdp+1, hexData); + if (dataLen==0) { + errors=TRUE; + } else { + dataLen = hextobinarray((char *)data, hexData); + } + if (dataLen==0) errors=TRUE; + if (errors) PrintAndLog ("Error getting hex data"); + cmdp+=2; + break; + default: + PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp)); + errors = TRUE; + break; + } + if(errors) break; + } + if(cmdp == 0 && DemodBufferLen == 0) + { + errors = TRUE;// No args + } + + //Validations + if(errors) + { + return usage_lf_simfsk(); + } + + if (dataLen == 0){ //using DemodBuffer + if (clk==0 || fcHigh==0 || fcLow==0){ //manual settings must set them all + uint8_t ans = fskClocks(&fcHigh, &fcLow, &clk, 0); + if (ans==0){ + if (!fcHigh) fcHigh=10; + if (!fcLow) fcLow=8; + if (!clk) clk=50; + } + } + } else { + setDemodBuf(data, dataLen, 0); + } + if (clk == 0) clk = 50; + if (fcHigh == 0) fcHigh = 10; + if (fcLow == 0) fcLow = 8; + + uint16_t arg1, arg2; + arg1 = fcHigh << 8 | fcLow; + arg2 = invert << 8 | clk; + size_t size = DemodBufferLen; + if (size > USB_CMD_DATA_SIZE) { + PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE); + size = USB_CMD_DATA_SIZE; + } + UsbCommand c = {CMD_FSK_SIM_TAG, {arg1, arg2, size}}; + + memcpy(c.d.asBytes, DemodBuffer, size); + SendCommand(&c); + return 0; +} + +// by marshmellow - sim ask data given clock, invert, manchester or raw, separator +// - allow pull data from DemodBuffer +int CmdLFaskSim(const char *Cmd) +{ + //autodetect clock from Graphbuffer if using demod buffer + //will need clock, invert, manchester/raw as m or r, separator as s, and bitstream + uint8_t manchester = 1, separator = 0; + //char cmdp = Cmd[0], par3='m', par4=0; + uint8_t clk=0, invert=0; + bool errors = FALSE; + char hexData[32] = {0x00}; + uint8_t data[255]= {0x00}; // store entered hex data + int dataLen = 0; + uint8_t cmdp = 0; + while(param_getchar(Cmd, cmdp) != 0x00) + { + switch(param_getchar(Cmd, cmdp)) + { + case 'h': + return usage_lf_simask(); + case 'i': + invert = 1; + cmdp++; + break; + case 'c': + errors |= param_getdec(Cmd,cmdp+1,&clk); + cmdp+=2; + break; + case 'm': + manchester=1; + cmdp++; + break; + case 'r': + manchester=0; + cmdp++; + break; + case 's': + separator=1; + cmdp++; + break; + case 'd': + dataLen = param_getstr(Cmd, cmdp+1, hexData); + if (dataLen==0) { + errors=TRUE; + } else { + dataLen = hextobinarray((char *)data, hexData); + } + if (dataLen==0) errors=TRUE; + if (errors) PrintAndLog ("Error getting hex data, datalen: %d",dataLen); + cmdp+=2; + break; + default: + PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp)); + errors = TRUE; + break; + } + if(errors) break; + } + if(cmdp == 0 && DemodBufferLen == 0) + { + errors = TRUE;// No args + } + + //Validations + if(errors) + { + return usage_lf_simask(); + } + if (dataLen == 0){ //using DemodBuffer + if (clk == 0) clk = GetAskClock("0", false, false); + } else { + setDemodBuf(data, dataLen, 0); + } + if (clk == 0) clk = 64; + if (manchester == 0) clk = clk/2; //askraw needs to double the clock speed + uint16_t arg1, arg2; + size_t size=DemodBufferLen; + arg1 = clk << 8 | manchester; + arg2 = invert << 8 | separator; + if (size > USB_CMD_DATA_SIZE) { + PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE); + size = USB_CMD_DATA_SIZE; + } + UsbCommand c = {CMD_ASK_SIM_TAG, {arg1, arg2, size}}; + PrintAndLog("preparing to sim ask data: %d bits", size); + memcpy(c.d.asBytes, DemodBuffer, size); + SendCommand(&c); + return 0; +} + +// by marshmellow - sim psk data given carrier, clock, invert +// - allow pull data from DemodBuffer or parameters +int CmdLFpskSim(const char *Cmd) +{ + //might be able to autodetect FC and clock from Graphbuffer if using demod buffer + //will need carrier, Clock, and bitstream + uint8_t carrier=0, clk=0; + uint8_t invert=0; + bool errors = FALSE; + char hexData[32] = {0x00}; // store entered hex data + uint8_t data[255] = {0x00}; + int dataLen = 0; + uint8_t cmdp = 0; + uint8_t pskType = 1; + while(param_getchar(Cmd, cmdp) != 0x00) + { + switch(param_getchar(Cmd, cmdp)) + { + case 'h': + return usage_lf_simpsk(); + case 'i': + invert = 1; + cmdp++; + break; + case 'c': + errors |= param_getdec(Cmd,cmdp+1,&clk); + cmdp+=2; + break; + case 'r': + errors |= param_getdec(Cmd,cmdp+1,&carrier); + cmdp+=2; + break; + case '1': + pskType=1; + cmdp++; + break; + case '2': + pskType=2; + cmdp++; + break; + case '3': + pskType=3; + cmdp++; + break; + case 'd': + dataLen = param_getstr(Cmd, cmdp+1, hexData); + if (dataLen==0) { + errors=TRUE; + } else { + dataLen = hextobinarray((char *)data, hexData); + } + if (dataLen==0) errors=TRUE; + if (errors) PrintAndLog ("Error getting hex data"); + cmdp+=2; + break; + default: + PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp)); + errors = TRUE; + break; + } + if (errors) break; + } + if (cmdp == 0 && DemodBufferLen == 0) + { + errors = TRUE;// No args + } + + //Validations + if (errors) + { + return usage_lf_simpsk(); + } + if (dataLen == 0){ //using DemodBuffer + PrintAndLog("Getting Clocks"); + if (clk==0) clk = GetPskClock("", FALSE, FALSE); + PrintAndLog("clk: %d",clk); + if (!carrier) carrier = GetPskCarrier("", FALSE, FALSE); + PrintAndLog("carrier: %d", carrier); + } else { + setDemodBuf(data, dataLen, 0); + } + + if (clk <= 0) clk = 32; + if (carrier == 0) carrier = 2; + if (pskType != 1){ + if (pskType == 2){ + //need to convert psk2 to psk1 data before sim + psk2TOpsk1(DemodBuffer, DemodBufferLen); + } else { + PrintAndLog("Sorry, PSK3 not yet available"); + } + } + uint16_t arg1, arg2; + arg1 = clk << 8 | carrier; + arg2 = invert; + size_t size=DemodBufferLen; + if (size > USB_CMD_DATA_SIZE) { + PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE); + size=USB_CMD_DATA_SIZE; + } + UsbCommand c = {CMD_PSK_SIM_TAG, {arg1, arg2, size}}; + PrintAndLog("DEBUG: Sending DemodBuffer Length: %d", size); + memcpy(c.d.asBytes, DemodBuffer, size); + SendCommand(&c); + + return 0; +} + int CmdLFSimBidir(const char *Cmd) { // Set ADC to twice the carrier for a slight supersampling @@ -564,6 +911,7 @@ int CmdLFSimBidir(const char *Cmd) } /* simulate an LF Manchester encoded tag with specified bitstream, clock rate and inter-id gap */ +/* int CmdLFSimManchester(const char *Cmd) { static int clock, gap; @@ -584,7 +932,7 @@ int CmdLFSimManchester(const char *Cmd) CmdLFSim(gapstring); return 0; } - +*/ int CmdVchDemod(const char *Cmd) { @@ -728,6 +1076,11 @@ int CmdLFfind(const char *Cmd) PrintAndLog("\nValid EM410x ID Found!"); return 1; } + ans=CmdG_Prox_II_Demod(""); + if (ans>0) { + PrintAndLog("\nValid G Prox II ID Found!"); + return 1; + } PrintAndLog("\nNo Known Tags Found!\n"); if (testRaw=='u' || testRaw=='U'){ //test unknown tag formats (raw mode) @@ -777,8 +1130,11 @@ static command_t CommandTable[] = {"read", CmdLFRead, 0, "Read 125/134 kHz LF ID-only tag. Do 'lf read h' for help"}, {"search", CmdLFfind, 1, "[offline] ['u'] Read and Search for valid known tag (in offline mode it you can load first then search) - 'u' to search for unknown tags"}, {"sim", CmdLFSim, 0, "[GAP] -- Simulate LF tag from buffer with optional GAP (in microseconds)"}, + {"simask", CmdLFaskSim, 0, "[clock] [invert <1|0>] [manchester/raw <'m'|'r'>] [msg separator 's'] [d ] -- Simulate LF ASK tag from demodbuffer or input"}, + {"simfsk", CmdLFfskSim, 0, "[c ] [i] [H ] [L ] [d ] -- Simulate LF FSK tag from demodbuffer or input"}, + {"simpsk", CmdLFpskSim, 0, "[1|2|3] [c ] [i] [r ] [d ] -- Simulate LF PSK tag from demodbuffer or input"}, {"simbidir", CmdLFSimBidir, 0, "Simulate LF tag (with bidirectional data transmission between reader and tag)"}, - {"simman", CmdLFSimManchester, 0, " [GAP] Simulate arbitrary Manchester LF tag"}, + //{"simman", CmdLFSimManchester, 0, " [GAP] Simulate arbitrary Manchester LF tag"}, {"snoop", CmdLFSnoop, 0, "['l'|'h'|] [trigger threshold]-- Snoop LF (l:125khz, h:134khz)"}, {"vchdemod", CmdVchDemod, 1, "['clone'] -- Demodulate samples for VeriChip"}, {NULL, NULL, 0, NULL} diff --git a/client/cmdlf.h b/client/cmdlf.h index e298d659..254d8807 100644 --- a/client/cmdlf.h +++ b/client/cmdlf.h @@ -19,8 +19,11 @@ int CmdIndalaDemod(const char *Cmd); int CmdIndalaClone(const char *Cmd); int CmdLFRead(const char *Cmd); int CmdLFSim(const char *Cmd); +int CmdLFaskSim(const char *Cmd); +int CmdLFfskSim(const char *Cmd); +int CmdLFpskSim(const char *Cmd); int CmdLFSimBidir(const char *Cmd); -int CmdLFSimManchester(const char *Cmd); +//int CmdLFSimManchester(const char *Cmd); int CmdLFSnoop(const char *Cmd); int CmdVchDemod(const char *Cmd); int CmdLFfind(const char *Cmd); diff --git a/client/cmdlfem4x.c b/client/cmdlfem4x.c index 232d5635..f6671bcd 100644 --- a/client/cmdlfem4x.c +++ b/client/cmdlfem4x.c @@ -266,7 +266,7 @@ int CmdEM410xSim(const char *Cmd) /* stop bit */ AppendGraph(1, clock, 0); - CmdLFSim("240"); //240 start_gap. + CmdLFSim("0"); //240 start_gap. return 0; } diff --git a/client/graph.c b/client/graph.c index 11dbc4d5..190dfe8f 100644 --- a/client/graph.c +++ b/client/graph.c @@ -18,16 +18,16 @@ int GraphBuffer[MAX_GRAPH_TRACE_LEN]; int GraphTraceLen; -/* write a bit to the graph */ +/* write a manchester bit to the graph */ void AppendGraph(int redraw, int clock, int bit) { int i; - + //set first half the clock bit (all 1's or 0's for a 0 or 1 bit) for (i = 0; i < (int)(clock / 2); ++i) - GraphBuffer[GraphTraceLen++] = bit ^ 1; - + GraphBuffer[GraphTraceLen++] = bit ; + //set second half of the clock bit (all 0's or 1's for a 0 or 1 bit) for (i = (int)(clock / 2); i < clock; ++i) - GraphBuffer[GraphTraceLen++] = bit; + GraphBuffer[GraphTraceLen++] = bit ^ 1; if (redraw) RepaintGraphWindow(); @@ -134,6 +134,26 @@ int GetAskClock(const char str[], bool printAns, bool verbose) return clock; } +uint8_t GetPskCarrier(const char str[], bool printAns, bool verbose) +{ + uint8_t carrier=0; + uint8_t grph[MAX_GRAPH_TRACE_LEN]={0}; + size_t size = getFromGraphBuf(grph); + if ( size == 0 ) { + if (verbose) + PrintAndLog("Failed to copy from graphbuffer"); + return 0; + } + //uint8_t countPSK_FC(uint8_t *BitStream, size_t size) + + carrier = countPSK_FC(grph,size); + // Only print this message if we're not looping something + if (printAns){ + PrintAndLog("Auto-detected PSK carrier rate: %d", carrier); + } + return carrier; +} + int GetPskClock(const char str[], bool printAns, bool verbose) { int clock; @@ -193,6 +213,22 @@ uint8_t GetFskClock(const char str[], bool printAns, bool verbose) clock = 0; if (clock != 0) return (uint8_t)clock; + + uint8_t fc1=0, fc2=0, rf1=0; + uint8_t ans = fskClocks(&fc1, &fc2, &rf1, verbose); + if (ans == 0) return 0; + if ((fc1==10 && fc2==8) || (fc1==8 && fc2==5)){ + if (printAns) PrintAndLog("Detected Field Clocks: FC/%d, FC/%d - Bit Clock: RF/%d", fc1, fc2, rf1); + return rf1; + } + if (verbose){ + PrintAndLog("DEBUG: unknown fsk field clock detected"); + PrintAndLog("Detected Field Clocks: FC/%d, FC/%d - Bit Clock: RF/%d", fc1, fc2, rf1); + } + return 0; +} +uint8_t fskClocks(uint8_t *fc1, uint8_t *fc2, uint8_t *rf1, bool verbose) +{ uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0}; size_t size = getFromGraphBuf(BitStream); if (size==0) return 0; @@ -202,22 +238,13 @@ uint8_t GetFskClock(const char str[], bool printAns, bool verbose) if (verbose) PrintAndLog("DEBUG: No data found"); return 0; } - uint8_t fc1, fc2; - fc1 = (ans >> 8) & 0xFF; - fc2 = ans & 0xFF; + *fc1 = (ans >> 8) & 0xFF; + *fc2 = ans & 0xFF; - uint8_t rf1 = detectFSKClk(BitStream, size, fc1, fc2); - if (rf1==0) { + *rf1 = detectFSKClk(BitStream, size, *fc1, *fc2); + if (*rf1==0) { if (verbose) PrintAndLog("DEBUG: Clock detect error"); return 0; } - if ((fc1==10 && fc2==8) || (fc1==8 && fc2==5)){ - if (printAns) PrintAndLog("Detected Field Clocks: FC/%d, FC/%d - Bit Clock: RF/%d", fc1, fc2, rf1); - return rf1; - } - if (verbose){ - PrintAndLog("DEBUG: unknown fsk field clock detected"); - PrintAndLog("Detected Field Clocks: FC/%d, FC/%d - Bit Clock: RF/%d", fc1, fc2, rf1); - } - return 0; + return 1; } diff --git a/client/graph.h b/client/graph.h index e4872afc..8f810669 100644 --- a/client/graph.h +++ b/client/graph.h @@ -18,8 +18,10 @@ int ClearGraph(int redraw); size_t getFromGraphBuf(uint8_t *buff); int GetAskClock(const char str[], bool printAns, bool verbose); int GetPskClock(const char str[], bool printAns, bool verbose); +uint8_t GetPskCarrier(const char str[], bool printAns, bool verbose); uint8_t GetNrzClock(const char str[], bool printAns, bool verbose); uint8_t GetFskClock(const char str[], bool printAns, bool verbose); +uint8_t fskClocks(uint8_t *fc1, uint8_t *fc2, uint8_t *rf1, bool verbose); void setGraphBuf(uint8_t *buff, size_t size); bool HasGraphData(); diff --git a/client/hid-flasher/usb_cmd.h b/client/hid-flasher/usb_cmd.h index a7552b3e..c5b91f99 100644 --- a/client/hid-flasher/usb_cmd.h +++ b/client/hid-flasher/usb_cmd.h @@ -71,6 +71,19 @@ typedef struct { #define CMD_INDALA_CLONE_TAG 0x0212 // for 224 bits UID #define CMD_INDALA_CLONE_TAG_L 0x0213 +#define CMD_T55XX_READ_BLOCK 0x0214 +#define CMD_T55XX_WRITE_BLOCK 0x0215 +#define CMD_T55XX_READ_TRACE 0x0216 +#define CMD_PCF7931_READ 0x0217 +#define CMD_EM4X_READ_WORD 0x0218 +#define CMD_EM4X_WRITE_WORD 0x0219 +#define CMD_IO_DEMOD_FSK 0x021A +#define CMD_IO_CLONE_TAG 0x021B +#define CMD_EM410X_DEMOD 0x021c +#define CMD_SET_LF_SAMPLING_CONFIG 0x021d +#define CMD_FSK_SIM_TAG 0x021E +#define CMD_ASK_SIM_TAG 0x021F +#define CMD_PSK_SIM_TAG 0x0220 /* CMD_SET_ADC_MUX: ext1 is 0 for lopkd, 1 for loraw, 2 for hipkd, 3 for hiraw */ diff --git a/client/lualibs/commands.lua b/client/lualibs/commands.lua index 6f309001..ef9b8f18 100644 --- a/client/lualibs/commands.lua +++ b/client/lualibs/commands.lua @@ -48,8 +48,13 @@ local _commands = { CMD_EM4X_READ_WORD = 0x0218, CMD_EM4X_WRITE_WORD = 0x0219, CMD_IO_DEMOD_FSK = 0x021A, - CMD_IO_CLONE_TAG = 0x021B, - CMD_EM410X_DEMOD = 0x021c, + CMD_IO_CLONE_TAG = 0x021B, + CMD_EM410X_DEMOD = 0x021c, + CMD_SET_LF_SAMPLING_CONFIG = 0x021d, + CMD_FSK_SIM_TAG = 0x021E, + CMD_ASK_SIM_TAG = 0x021F, + CMD_PSK_SIM_TAG = 0x0220, + --/* CMD_SET_ADC_MUX: ext1 is 0 for lopkd, 1 for loraw, 2 for hipkd, 3 for hiraw */ --// For the 13.56 MHz tags @@ -214,4 +219,4 @@ function Command:getBytes() local arg1, arg2, arg3 = self.arg1, self.arg2, self.arg3 return bin.pack("LLLLH",cmd, arg1, arg2, arg3,data); end -return _commands \ No newline at end of file +return _commands diff --git a/common/lfdemod.c b/common/lfdemod.c index 47e63ef6..a42566ad 100644 --- a/common/lfdemod.c +++ b/common/lfdemod.c @@ -25,7 +25,7 @@ uint8_t justNoise(uint8_t *BitStream, size_t size) } //by marshmellow -//get high and low with passed in fuzz factor. also return noise test = 1 for passed or 0 for only noise +//get high and low values of a wave with passed in fuzz factor. also return noise test = 1 for passed or 0 for only noise int getHiLo(uint8_t *BitStream, size_t size, int *high, int *low, uint8_t fuzzHi, uint8_t fuzzLo) { *high=0; @@ -108,6 +108,7 @@ uint64_t Em410xDecode(uint8_t *BitStream, size_t *size, size_t *startIdx) errChk = 0; break; } + //set uint64 with ID from BitStream for (uint8_t ii=0; ii<4; ii++){ lo = (lo << 1LL) | (BitStream[(i*5)+ii+idx]); } @@ -353,7 +354,6 @@ void askAmp(uint8_t *BitStream, size_t size) //by marshmellow //takes 3 arguments - clock, invert and maxErr as integers //attempts to demodulate ask only -//prints binary found and saves in graphbuffer for further commands int askrawdemod(uint8_t *BinStream, size_t *size, int *clk, int *invert, int maxErr, uint8_t amp) { uint32_t i; @@ -500,6 +500,28 @@ int askrawdemod(uint8_t *BinStream, size_t *size, int *clk, int *invert, int max } return bestErrCnt; } + +// demod gProxIIDemod +// error returns as -x +// success returns start position in BitStream +// BitStream must contain previously askrawdemod and biphasedemoded data +int gProxII_Demod(uint8_t BitStream[], size_t *size) +{ + size_t startIdx=0; + uint8_t preamble[] = {1,1,1,1,1,0}; + + uint8_t errChk = preambleSearch(BitStream, preamble, sizeof(preamble), size, &startIdx); + if (errChk == 0) return -3; //preamble not found + if (*size != 96) return -2; //should have found 96 bits + //check first 6 spacer bits to verify format + if (!BitStream[startIdx+5] && !BitStream[startIdx+10] && !BitStream[startIdx+15] && !BitStream[startIdx+20] && !BitStream[startIdx+25] && !BitStream[startIdx+30]){ + //confirmed proper separator bits found + //return start position + return (int) startIdx; + } + return -5; +} + //translate wave to 11111100000 (1 for each short wave 0 for each long wave) size_t fsk_wave_demod(uint8_t * dest, size_t size, uint8_t fchigh, uint8_t fclow) { @@ -1067,6 +1089,21 @@ void psk1TOpsk2(uint8_t *BitStream, size_t size) return; } +// by marshmellow +// convert psk2 demod to psk1 demod +// from only transition waves are 1s to phase shifts change bit +void psk2TOpsk1(uint8_t *BitStream, size_t size) +{ + uint8_t phase=0; + for (size_t i=0; i= dest[i+2]){ if (waveStart == 0) { diff --git a/common/lfdemod.h b/common/lfdemod.h index 2880ff82..23525a48 100644 --- a/common/lfdemod.h +++ b/common/lfdemod.h @@ -22,12 +22,14 @@ int ManchesterEncode(uint8_t *BitStream, size_t size); int manrawdecode(uint8_t *BitStream, size_t *size); int BiphaseRawDecode(uint8_t * BitStream, size_t *size, int offset, int invert); int askrawdemod(uint8_t *BinStream, size_t *size, int *clk, int *invert, int maxErr, uint8_t amp); +int gProxII_Demod(uint8_t BitStream[], size_t *size); int HIDdemodFSK(uint8_t *dest, size_t *size, uint32_t *hi2, uint32_t *hi, uint32_t *lo); int IOdemodFSK(uint8_t *dest, size_t size); int fskdemod(uint8_t *dest, size_t size, uint8_t rfLen, uint8_t invert, uint8_t fchigh, uint8_t fclow); uint32_t bytebits_to_byte(uint8_t* src, size_t numbits); int nrzRawDemod(uint8_t *dest, size_t *size, int *clk, int *invert, int maxErr); void psk1TOpsk2(uint8_t *BitStream, size_t size); +void psk2TOpsk1(uint8_t *BitStream, size_t size); int DetectNRZClock(uint8_t dest[], size_t size, int clock); int indala26decode(uint8_t *bitStream, size_t *size, uint8_t *invert); void pskCleanWave(uint8_t *bitStream, size_t size); diff --git a/include/usb_cmd.h b/include/usb_cmd.h index ec162b4e..c3951320 100644 --- a/include/usb_cmd.h +++ b/include/usb_cmd.h @@ -89,9 +89,12 @@ typedef struct{ #define CMD_EM4X_WRITE_WORD 0x0219 #define CMD_IO_DEMOD_FSK 0x021A #define CMD_IO_CLONE_TAG 0x021B -#define CMD_EM410X_DEMOD 0x021c +#define CMD_EM410X_DEMOD 0x021c // Sampling configuration for LF reader/snooper #define CMD_SET_LF_SAMPLING_CONFIG 0x021d +#define CMD_FSK_SIM_TAG 0x021E +#define CMD_ASK_SIM_TAG 0x021F +#define CMD_PSK_SIM_TAG 0x0220 /* CMD_SET_ADC_MUX: ext1 is 0 for lopkd, 1 for loraw, 2 for hipkd, 3 for hiraw */