]>
cvs.zerfleddert.de Git - proxmark3-svn/blob - client/cmdlfgproxii.c
06bd53eb11ecee5ecc326a26618652200ecef08f
1 //-----------------------------------------------------------------------------
3 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
4 // at your option, any later version. See the LICENSE.txt file for the text of
6 //-----------------------------------------------------------------------------
7 // Low frequency G Prox II tag commands
8 //-----------------------------------------------------------------------------
12 #include "cmdlfgproxii.h"
13 #include "proxmark3.h"
17 #include "cmdparser.h"
22 static int CmdHelp(const char *Cmd
);
25 //attempts to demodulate and identify a G_Prox_II verex/chubb card
26 //WARNING: if it fails during some points it will destroy the DemodBuffer data
27 // but will leave the GraphBuffer intact.
28 //if successful it will push askraw data back to demod buffer ready for emulation
29 int CmdG_Prox_II_Demod(const char *Cmd
)
31 if (!ASKbiphaseDemod(Cmd
, false)){
32 if (g_debugMode
) PrintAndLog("Error gProxII: ASKbiphaseDemod failed 1st try");
35 size_t size
= DemodBufferLen
;
36 //call lfdemod.c demod for gProxII
37 int ans
= gProxII_Demod(DemodBuffer
, &size
);
39 if (g_debugMode
) PrintAndLog("Error gProxII_Demod");
42 //got a good demod of 96 bits
43 uint8_t ByteStream
[8] = {0x00};
45 size_t startIdx
= ans
+ 6; //start after 6 bit preamble
47 uint8_t bits_no_spacer
[90];
48 //so as to not mess with raw DemodBuffer copy to a new sample array
49 memcpy(bits_no_spacer
, DemodBuffer
+ startIdx
, 90);
50 // remove the 18 (90/5=18) parity bits (down to 72 bits (96-6-18=72))
51 size_t bitLen
= removeParity(bits_no_spacer
, 0, 5, 3, 90); //source, startloc, paritylen, ptype, length_to_run
53 if (g_debugMode
) PrintAndLog("Error gProxII: spacer removal did not produce 72 bits: %u, start: %u", bitLen
, startIdx
);
56 // get key and then get all 8 bytes of payload decoded
57 xorKey
= (uint8_t)bytebits_to_byteLSBF(bits_no_spacer
, 8);
58 for (size_t idx
= 0; idx
< 8; idx
++) {
59 ByteStream
[idx
] = ((uint8_t)bytebits_to_byteLSBF(bits_no_spacer
+8 + (idx
*8),8)) ^ xorKey
;
60 if (g_debugMode
) PrintAndLog("byte %u after xor: %02x", (unsigned int)idx
, ByteStream
[idx
]);
62 //now ByteStream contains 8 Bytes (64 bits) of decrypted raw tag data
64 uint8_t fmtLen
= ByteStream
[0]>>2;
67 //get raw 96 bits to print
68 uint32_t raw1
= bytebits_to_byte(DemodBuffer
+ans
,32);
69 uint32_t raw2
= bytebits_to_byte(DemodBuffer
+ans
+32, 32);
70 uint32_t raw3
= bytebits_to_byte(DemodBuffer
+ans
+64, 32);
73 FC
= ((ByteStream
[3] & 0x7F)<<7) | (ByteStream
[4]>>1);
74 Card
= ((ByteStream
[4]&1)<<19) | (ByteStream
[5]<<11) | (ByteStream
[6]<<3) | (ByteStream
[7]>>5);
75 PrintAndLog("G-Prox-II Found: FmtLen %d, FC %u, Card %u", (int)fmtLen
, FC
, Card
);
76 } else if(fmtLen
==26){
77 FC
= ((ByteStream
[3] & 0x7F)<<1) | (ByteStream
[4]>>7);
78 Card
= ((ByteStream
[4]&0x7F)<<9) | (ByteStream
[5]<<1) | (ByteStream
[6]>>7);
79 PrintAndLog("G-Prox-II Found: FmtLen %d, FC %u, Card %u", (int)fmtLen
, FC
, Card
);
81 PrintAndLog("Unknown G-Prox-II Fmt Found: FmtLen %d",(int)fmtLen
);
82 PrintAndLog("Decoded Raw: %s", sprint_hex(ByteStream
, 8));
84 PrintAndLog("Raw: %08x%08x%08x", raw1
,raw2
,raw3
);
85 setDemodBuf(DemodBuffer
+ans
, 96, 0);
89 //see ASKDemod for what args are accepted
90 int CmdG_Prox_II_Read(const char *Cmd
) {
93 // get samples silently
94 getSamples("10000",false);
95 // demod and output viking ID
96 return CmdG_Prox_II_Demod(Cmd
);
99 static command_t CommandTable
[] = {
100 {"help", CmdHelp
, 1, "This help"},
101 {"demod", CmdG_Prox_II_Demod
, 1, "Demodulate a G Prox II tag from the GraphBuffer"},
102 {"read", CmdG_Prox_II_Read
, 0, "Attempt to read and Extract tag data from the antenna"},
103 {NULL
, NULL
, 0, NULL
}
106 int CmdLF_G_Prox_II(const char *Cmd
) {
107 CmdsParse(CommandTable
, Cmd
);
111 int CmdHelp(const char *Cmd
) {
112 CmdsHelp(CommandTable
);