]> cvs.zerfleddert.de Git - proxmark3-svn/blob - client/cmdlf.c
projects / proxmark3-svn / blob
? search:


5b91d2e88e07ccaafe7f52a7ddb7941455d563c0
[proxmark3-svn] / client / cmdlf.c
1 //-----------------------------------------------------------------------------
2 // Copyright (C) 2010 iZsh <izsh at fail0verflow.com>
3 //
4 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
5 // at your option, any later version. See the LICENSE.txt file for the text of
6 // the license.
7 //-----------------------------------------------------------------------------
8 // Low frequency commands
9 //-----------------------------------------------------------------------------
10
11 #include <stdio.h>
12 #include <stdlib.h>
13 #include <string.h>
14 #include <limits.h>
15 #include <stdbool.h>
16 #include <stdint.h>
17 #include "proxmark3.h"
18 #include "cmdlf.h"
19 #include "lfdemod.h" // for psk2TOpsk1
20 #include "util.h" // for parsing cli command utils
21 #include "ui.h" // for show graph controls
22 #include "graph.h" // for graph data
23 #include "cmdparser.h" // for getting cli commands included in cmdmain.h
24 #include "cmdmain.h" // for sending cmds to device
25 #include "data.h" // for GetFromBigBuf
26 #include "cmddata.h" // for `lf search`
27 #include "cmdlfawid.h" // for awid menu
28 #include "cmdlfem4x.h" // for em4x menu
29 #include "cmdlfhid.h" // for hid menu
30 #include "cmdlfhitag.h" // for hitag menu
31 #include "cmdlfio.h" // for ioprox menu
32 #include "cmdlft55xx.h" // for t55xx menu
33 #include "cmdlfti.h" // for ti menu
34 #include "cmdlfpresco.h" // for presco menu
35 #include "cmdlfpcf7931.h"// for pcf7931 menu
36 #include "cmdlfpyramid.h"// for pyramid menu
37 #include "cmdlfviking.h" // for viking menu
38 #include "cmdlfcotag.h" // for COTAG menu
39 #include "cmdlfvisa2000.h" // for VISA2000 menu
40 #include "cmdlfindala.h" // for indala menu
41 #include "cmdlfgproxii.h"// for gproxii menu
42 #include "cmdlffdx.h" // for fdx-b menu
43 #include "cmdlfparadox.h"// for paradox menu
44 #include "cmdlfnexwatch.h"//for nexwatch menu
45 #include "cmdlfjablotron.h" //for jablotron menu
46 #include "cmdlfnoralsy.h"// for noralsy menu
47 #include "cmdlfsecurakey.h"//for securakey menu
48
49 bool g_lf_threshold_set = false;
50 static int CmdHelp(const char *Cmd);
51
52
53
54 int usage_lf_cmdread(void)
55 {
56 PrintAndLog("Usage: lf cmdread d <delay period> z <zero period> o <one period> c <cmdbytes> [H] ");
57 PrintAndLog("Options: ");
58 PrintAndLog(" h This help");
59 PrintAndLog(" L Low frequency (125 KHz)");
60 PrintAndLog(" H High frequency (134 KHz)");
61 PrintAndLog(" d <delay> delay OFF period");
62 PrintAndLog(" z <zero> time period ZERO");
63 PrintAndLog(" o <one> time period ONE");
64 PrintAndLog(" c <cmd> Command bytes");
65 PrintAndLog(" ************* All periods in microseconds");
66 PrintAndLog("Examples:");
67 PrintAndLog(" lf cmdread d 80 z 100 o 200 c 11000");
68 PrintAndLog(" lf cmdread d 80 z 100 o 100 c 11000 H");
69 return 0;
70 }
71
72 /* send a command before reading */
73 int CmdLFCommandRead(const char *Cmd)
74 {
75 static char dummy[3] = {0x20,0x00,0x00};
76 UsbCommand c = {CMD_MOD_THEN_ACQUIRE_RAW_ADC_SAMPLES_125K};
77 bool errors = false;
78 //uint8_t divisor = 95; //125khz
79 uint8_t cmdp = 0;
80 while(param_getchar(Cmd, cmdp) != 0x00)
81 {
82 switch(param_getchar(Cmd, cmdp))
83 {
84 case 'h':
85 return usage_lf_cmdread();
86 case 'H':
87 //divisor = 88;
88 dummy[1]='h';
89 cmdp++;
90 break;
91 case 'L':
92 cmdp++;
93 break;
94 case 'c':
95 param_getstr(Cmd, cmdp+1, (char *)&c.d.asBytes);
96 cmdp+=2;
97 break;
98 case 'd':
99 c.arg[0] = param_get32ex(Cmd, cmdp+1, 0, 10);
100 cmdp+=2;
101 break;
102 case 'z':
103 c.arg[1] = param_get32ex(Cmd, cmdp+1, 0, 10);
104 cmdp+=2;
105 break;
106 case 'o':
107 c.arg[2] = param_get32ex(Cmd, cmdp+1, 0, 10);
108 cmdp+=2;
109 break;
110 default:
111 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
112 errors = 1;
113 break;
114 }
115 if(errors) break;
116 }
117 // No args
118 if(cmdp == 0) errors = 1;
119
120 //Validations
121 if(errors) return usage_lf_cmdread();
122
123 // in case they specified 'H'
124 strcpy((char *)&c.d.asBytes + strlen((char *)c.d.asBytes), dummy);
125
126 clearCommandBuffer();
127 SendCommand(&c);
128 return 0;
129 }
130
131 int CmdFlexdemod(const char *Cmd)
132 {
133 int i;
134 for (i = 0; i < GraphTraceLen; ++i) {
135 if (GraphBuffer[i] < 0) {
136 GraphBuffer[i] = -1;
137 } else {
138 GraphBuffer[i] = 1;
139 }
140 }
141
142 #define LONG_WAIT 100
143 int start;
144 for (start = 0; start < GraphTraceLen - LONG_WAIT; start++) {
145 int first = GraphBuffer[start];
146 for (i = start; i < start + LONG_WAIT; i++) {
147 if (GraphBuffer[i] != first) {
148 break;
149 }
150 }
151 if (i == (start + LONG_WAIT)) {
152 break;
153 }
154 }
155 if (start == GraphTraceLen - LONG_WAIT) {
156 PrintAndLog("nothing to wait for");
157 return 0;
158 }
159
160 GraphBuffer[start] = 2;
161 GraphBuffer[start+1] = -2;
162 uint8_t bits[64] = {0x00};
163
164 int bit, sum;
165 i = start;
166 for (bit = 0; bit < 64; bit++) {
167 sum = 0;
168 for (int j = 0; j < 16; j++) {
169 sum += GraphBuffer[i++];
170 }
171
172 bits[bit] = (sum > 0) ? 1 : 0;
173
174 PrintAndLog("bit %d sum %d", bit, sum);
175 }
176
177 for (bit = 0; bit < 64; bit++) {
178 int j;
179 int sum = 0;
180 for (j = 0; j < 16; j++) {
181 sum += GraphBuffer[i++];
182 }
183 if (sum > 0 && bits[bit] != 1) {
184 PrintAndLog("oops1 at %d", bit);
185 }
186 if (sum < 0 && bits[bit] != 0) {
187 PrintAndLog("oops2 at %d", bit);
188 }
189 }
190
191 // HACK writing back to graphbuffer.
192 GraphTraceLen = 32*64;
193 i = 0;
194 int phase = 0;
195 for (bit = 0; bit < 64; bit++) {
196
197 phase = (bits[bit] == 0) ? 0 : 1;
198
199 int j;
200 for (j = 0; j < 32; j++) {
201 GraphBuffer[i++] = phase;
202 phase = !phase;
203 }
204 }
205
206 RepaintGraphWindow();
207 return 0;
208 }
209
210 int usage_lf_read(void)
211 {
212 PrintAndLog("Usage: lf read");
213 PrintAndLog("Options: ");
214 PrintAndLog(" h This help");
215 PrintAndLog(" s silent run no printout");
216 PrintAndLog(" [# samples] # samples to collect (optional)");
217 PrintAndLog("Use 'lf config' to set parameters.");
218 return 0;
219 }
220 int usage_lf_snoop(void)
221 {
222 PrintAndLog("Usage: lf snoop");
223 PrintAndLog("Options: ");
224 PrintAndLog(" h This help");
225 PrintAndLog("This function takes no arguments. ");
226 PrintAndLog("Use 'lf config' to set parameters.");
227 return 0;
228 }
229
230 int usage_lf_config(void)
231 {
232 PrintAndLog("Usage: lf config [H|<divisor>] [b <bps>] [d <decim>] [a 0|1]");
233 PrintAndLog("Options: ");
234 PrintAndLog(" h This help");
235 PrintAndLog(" L Low frequency (125 KHz)");
236 PrintAndLog(" H High frequency (134 KHz)");
237 PrintAndLog(" q <divisor> Manually set divisor. 88-> 134KHz, 95-> 125 Hz");
238 PrintAndLog(" b <bps> Sets resolution of bits per sample. Default (max): 8");
239 PrintAndLog(" d <decim> Sets decimation. A value of N saves only 1 in N samples. Default: 1");
240 PrintAndLog(" a [0|1] Averaging - if set, will average the stored sample value when decimating. Default: 1");
241 PrintAndLog(" t <threshold> Sets trigger threshold. 0 means no threshold (range: 0-128)");
242 PrintAndLog("Examples:");
243 PrintAndLog(" lf config b 8 L");
244 PrintAndLog(" Samples at 125KHz, 8bps.");
245 PrintAndLog(" lf config H b 4 d 3");
246 PrintAndLog(" Samples at 134KHz, averages three samples into one, stored with ");
247 PrintAndLog(" a resolution of 4 bits per sample.");
248 PrintAndLog(" lf read");
249 PrintAndLog(" Performs a read (active field)");
250 PrintAndLog(" lf snoop");
251 PrintAndLog(" Performs a snoop (no active field)");
252 return 0;
253 }
254
255 int CmdLFSetConfig(const char *Cmd)
256 {
257
258 uint8_t divisor = 0;//Frequency divisor
259 uint8_t bps = 0; // Bits per sample
260 uint8_t decimation = 0; //How many to keep
261 bool averaging = 1; // Defaults to true
262 bool errors = false;
263 int trigger_threshold =-1;//Means no change
264 uint8_t unsigned_trigg = 0;
265
266 uint8_t cmdp =0;
267 while(param_getchar(Cmd, cmdp) != 0x00)
268 {
269 switch(param_getchar(Cmd, cmdp))
270 {
271 case 'h':
272 return usage_lf_config();
273 case 'H':
274 divisor = 88;
275 cmdp++;
276 break;
277 case 'L':
278 divisor = 95;
279 cmdp++;
280 break;
281 case 'q':
282 errors |= param_getdec(Cmd,cmdp+1,&divisor);
283 cmdp+=2;
284 break;
285 case 't':
286 errors |= param_getdec(Cmd,cmdp+1,&unsigned_trigg);
287 cmdp+=2;
288 if(!errors) {
289 trigger_threshold = unsigned_trigg;
290 if (trigger_threshold > 0) g_lf_threshold_set = true;
291 }
292 break;
293 case 'b':
294 errors |= param_getdec(Cmd,cmdp+1,&bps);
295 cmdp+=2;
296 break;
297 case 'd':
298 errors |= param_getdec(Cmd,cmdp+1,&decimation);
299 cmdp+=2;
300 break;
301 case 'a':
302 averaging = param_getchar(Cmd,cmdp+1) == '1';
303 cmdp+=2;
304 break;
305 default:
306 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
307 errors = 1;
308 break;
309 }
310 if(errors) break;
311 }
312 if(cmdp == 0)
313 {
314 errors = 1;// No args
315 }
316
317 //Validations
318 if(errors)
319 {
320 return usage_lf_config();
321 }
322 //Bps is limited to 8, so fits in lower half of arg1
323 if(bps >> 4) bps = 8;
324
325 sample_config config = {
326 decimation,bps,averaging,divisor,trigger_threshold
327 };
328 //Averaging is a flag on high-bit of arg[1]
329 UsbCommand c = {CMD_SET_LF_SAMPLING_CONFIG};
330 memcpy(c.d.asBytes,&config,sizeof(sample_config));
331 clearCommandBuffer();
332 SendCommand(&c);
333 return 0;
334 }
335
336 bool lf_read(bool silent, uint32_t samples) {
337 if (offline) return false;
338 UsbCommand c = {CMD_ACQUIRE_RAW_ADC_SAMPLES_125K, {silent,samples,0}};
339 clearCommandBuffer();
340 //And ship it to device
341 SendCommand(&c);
342
343 UsbCommand resp;
344 if (g_lf_threshold_set) {
345 WaitForResponse(CMD_ACK,&resp);
346 } else {
347 if ( !WaitForResponseTimeout(CMD_ACK,&resp,2500) ) {
348 PrintAndLog("command execution time out");
349 return false;
350 }
351 }
352 getSamples(resp.arg[0], silent);
353
354 return true;
355 }
356
357 int CmdLFRead(const char *Cmd)
358 {
359 uint8_t cmdp = 0;
360 bool silent = false;
361 if (param_getchar(Cmd, cmdp) == 'h')
362 {
363 return usage_lf_read();
364 }
365 if (param_getchar(Cmd, cmdp) == 's') {
366 silent = true; //suppress print
367 cmdp++;
368 }
369 uint32_t samples = param_get32ex(Cmd, cmdp, 0, 10);
370 return lf_read(silent, samples);
371 }
372
373 int CmdLFSnoop(const char *Cmd)
374 {
375 uint8_t cmdp =0;
376 if(param_getchar(Cmd, cmdp) == 'h')
377 {
378 return usage_lf_snoop();
379 }
380
381 UsbCommand c = {CMD_LF_SNOOP_RAW_ADC_SAMPLES};
382 clearCommandBuffer();
383 SendCommand(&c);
384 WaitForResponse(CMD_ACK,NULL);
385 getSamples(0, true);
386
387 return 0;
388 }
389
390 static void ChkBitstream(const char *str)
391 {
392 int i;
393
394 /* convert to bitstream if necessary */
395 for (i = 0; i < (int)(GraphTraceLen / 2); i++){
396 if (GraphBuffer[i] > 1 || GraphBuffer[i] < 0) {
397 CmdGetBitStream("");
398 break;
399 }
400 }
401 }
402 //Attempt to simulate any wave in buffer (one bit per output sample)
403 // converts GraphBuffer to bitstream (based on zero crossings) if needed.
404 int CmdLFSim(const char *Cmd)
405 {
406 int i,j;
407 static int gap;
408
409 sscanf(Cmd, "%i", &gap);
410
411 // convert to bitstream if necessary
412
413 ChkBitstream(Cmd);
414
415 //can send only 512 bits at a time (1 byte sent per bit...)
416 printf("Sending [%d bytes]", GraphTraceLen);
417 for (i = 0; i < GraphTraceLen; i += USB_CMD_DATA_SIZE) {
418 UsbCommand c={CMD_DOWNLOADED_SIM_SAMPLES_125K, {i, 0, 0}};
419
420 for (j = 0; j < USB_CMD_DATA_SIZE; j++) {
421 c.d.asBytes[j] = GraphBuffer[i+j];
422 }
423 SendCommand(&c);
424 WaitForResponse(CMD_ACK,NULL);
425 printf(".");
426 }
427
428 printf("\n");
429 PrintAndLog("Starting to simulate");
430 UsbCommand c = {CMD_SIMULATE_TAG_125K, {GraphTraceLen, gap, 0}};
431 clearCommandBuffer();
432 SendCommand(&c);
433 return 0;
434 }
435
436 int usage_lf_simfsk(void)
437 {
438 //print help
439 PrintAndLog("Usage: lf simfsk [c <clock>] [i] [H <fcHigh>] [L <fcLow>] [d <hexdata>]");
440 PrintAndLog("Options: ");
441 PrintAndLog(" h This help");
442 PrintAndLog(" c <clock> Manually set clock - can autodetect if using DemodBuffer");
443 PrintAndLog(" i invert data");
444 PrintAndLog(" H <fcHigh> Manually set the larger Field Clock");
445 PrintAndLog(" L <fcLow> Manually set the smaller Field Clock");
446 //PrintAndLog(" s TBD- -to enable a gap between playback repetitions - default: no gap");
447 PrintAndLog(" d <hexdata> Data to sim as hex - omit to sim from DemodBuffer");
448 PrintAndLog("\n NOTE: if you set one clock manually set them all manually");
449 return 0;
450 }
451
452 int usage_lf_simask(void)
453 {
454 //print help
455 PrintAndLog("Usage: lf simask [c <clock>] [i] [b|m|r] [s] [d <raw hex to sim>]");
456 PrintAndLog("Options: ");
457 PrintAndLog(" h This help");
458 PrintAndLog(" c <clock> Manually set clock - can autodetect if using DemodBuffer");
459 PrintAndLog(" i invert data");
460 PrintAndLog(" b sim ask/biphase");
461 PrintAndLog(" m sim ask/manchester - Default");
462 PrintAndLog(" r sim ask/raw");
463 PrintAndLog(" s add t55xx Sequence Terminator gap - default: no gaps (only manchester)");
464 PrintAndLog(" d <hexdata> Data to sim as hex - omit to sim from DemodBuffer");
465 return 0;
466 }
467
468 int usage_lf_simpsk(void)
469 {
470 //print help
471 PrintAndLog("Usage: lf simpsk [1|2|3] [c <clock>] [i] [r <carrier>] [d <raw hex to sim>]");
472 PrintAndLog("Options: ");
473 PrintAndLog(" h This help");
474 PrintAndLog(" c <clock> Manually set clock - can autodetect if using DemodBuffer");
475 PrintAndLog(" i invert data");
476 PrintAndLog(" 1 set PSK1 (default)");
477 PrintAndLog(" 2 set PSK2");
478 PrintAndLog(" 3 set PSK3");
479 PrintAndLog(" r <carrier> 2|4|8 are valid carriers: default = 2");
480 PrintAndLog(" d <hexdata> Data to sim as hex - omit to sim from DemodBuffer");
481 return 0;
482 }
483
484 // by marshmellow - sim fsk data given clock, fcHigh, fcLow, invert
485 // - allow pull data from DemodBuffer
486 int CmdLFfskSim(const char *Cmd)
487 {
488 //might be able to autodetect FCs and clock from Graphbuffer if using demod buffer
489 // otherwise will need FChigh, FClow, Clock, and bitstream
490 uint8_t fcHigh=0, fcLow=0, clk=0;
491 uint8_t invert=0;
492 bool errors = false;
493 char hexData[32] = {0x00}; // store entered hex data
494 uint8_t data[255] = {0x00};
495 int dataLen = 0;
496 uint8_t cmdp = 0;
497 while(param_getchar(Cmd, cmdp) != 0x00)
498 {
499 switch(param_getchar(Cmd, cmdp))
500 {
501 case 'h':
502 return usage_lf_simfsk();
503 case 'i':
504 invert = 1;
505 cmdp++;
506 break;
507 case 'c':
508 errors |= param_getdec(Cmd,cmdp+1,&clk);
509 cmdp+=2;
510 break;
511 case 'H':
512 errors |= param_getdec(Cmd,cmdp+1,&fcHigh);
513 cmdp+=2;
514 break;
515 case 'L':
516 errors |= param_getdec(Cmd,cmdp+1,&fcLow);
517 cmdp+=2;
518 break;
519 //case 's':
520 // separator=1;
521 // cmdp++;
522 // break;
523 case 'd':
524 dataLen = param_getstr(Cmd, cmdp+1, hexData);
525 if (dataLen==0) {
526 errors=true;
527 } else {
528 dataLen = hextobinarray((char *)data, hexData);
529 }
530 if (dataLen==0) errors=true;
531 if (errors) PrintAndLog ("Error getting hex data");
532 cmdp+=2;
533 break;
534 default:
535 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
536 errors = true;
537 break;
538 }
539 if(errors) break;
540 }
541 if(cmdp == 0 && DemodBufferLen == 0)
542 {
543 errors = true;// No args
544 }
545
546 //Validations
547 if(errors)
548 {
549 return usage_lf_simfsk();
550 }
551
552 if (dataLen == 0){ //using DemodBuffer
553 if (clk==0 || fcHigh==0 || fcLow==0){ //manual settings must set them all
554 uint8_t ans = fskClocks(&fcHigh, &fcLow, &clk, 0);
555 if (ans==0){
556 if (!fcHigh) fcHigh=10;
557 if (!fcLow) fcLow=8;
558 if (!clk) clk=50;
559 }
560 }
561 } else {
562 setDemodBuf(data, dataLen, 0);
563 }
564
565 //default if not found
566 if (clk == 0) clk = 50;
567 if (fcHigh == 0) fcHigh = 10;
568 if (fcLow == 0) fcLow = 8;
569
570 uint16_t arg1, arg2;
571 arg1 = fcHigh << 8 | fcLow;
572 arg2 = invert << 8 | clk;
573 size_t size = DemodBufferLen;
574 if (size > USB_CMD_DATA_SIZE) {
575 PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
576 size = USB_CMD_DATA_SIZE;
577 }
578 UsbCommand c = {CMD_FSK_SIM_TAG, {arg1, arg2, size}};
579
580 memcpy(c.d.asBytes, DemodBuffer, size);
581 clearCommandBuffer();
582 SendCommand(&c);
583 return 0;
584 }
585
586 // by marshmellow - sim ask data given clock, invert, manchester or raw, separator
587 // - allow pull data from DemodBuffer
588 int CmdLFaskSim(const char *Cmd)
589 {
590 //autodetect clock from Graphbuffer if using demod buffer
591 // needs clock, invert, manchester/raw as m or r, separator as s, and bitstream
592 uint8_t encoding = 1, separator = 0;
593 uint8_t clk=0, invert=0;
594 bool errors = false;
595 char hexData[32] = {0x00};
596 uint8_t data[255]= {0x00}; // store entered hex data
597 int dataLen = 0;
598 uint8_t cmdp = 0;
599 while(param_getchar(Cmd, cmdp) != 0x00)
600 {
601 switch(param_getchar(Cmd, cmdp))
602 {
603 case 'h':
604 return usage_lf_simask();
605 case 'i':
606 invert = 1;
607 cmdp++;
608 break;
609 case 'c':
610 errors |= param_getdec(Cmd,cmdp+1,&clk);
611 cmdp+=2;
612 break;
613 case 'b':
614 encoding=2; //biphase
615 cmdp++;
616 break;
617 case 'm':
618 encoding=1;
619 cmdp++;
620 break;
621 case 'r':
622 encoding=0;
623 cmdp++;
624 break;
625 case 's':
626 separator=1;
627 cmdp++;
628 break;
629 case 'd':
630 dataLen = param_getstr(Cmd, cmdp+1, hexData);
631 if (dataLen==0) {
632 errors=true;
633 } else {
634 dataLen = hextobinarray((char *)data, hexData);
635 }
636 if (dataLen==0) errors=true;
637 if (errors) PrintAndLog ("Error getting hex data, datalen: %d",dataLen);
638 cmdp+=2;
639 break;
640 default:
641 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
642 errors = true;
643 break;
644 }
645 if(errors) break;
646 }
647 if(cmdp == 0 && DemodBufferLen == 0)
648 {
649 errors = true;// No args
650 }
651
652 //Validations
653 if(errors)
654 {
655 return usage_lf_simask();
656 }
657 if (dataLen == 0){ //using DemodBuffer
658 if (clk == 0) clk = GetAskClock("0", false, false);
659 } else {
660 setDemodBuf(data, dataLen, 0);
661 }
662 if (clk == 0) clk = 64;
663 if (encoding == 0) clk = clk/2; //askraw needs to double the clock speed
664 uint16_t arg1, arg2;
665 size_t size=DemodBufferLen;
666 arg1 = clk << 8 | encoding;
667 arg2 = invert << 8 | separator;
668 if (size > USB_CMD_DATA_SIZE) {
669 PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
670 size = USB_CMD_DATA_SIZE;
671 }
672 UsbCommand c = {CMD_ASK_SIM_TAG, {arg1, arg2, size}};
673 PrintAndLog("preparing to sim ask data: %d bits", size);
674 memcpy(c.d.asBytes, DemodBuffer, size);
675 clearCommandBuffer();
676 SendCommand(&c);
677 return 0;
678 }
679
680 // by marshmellow - sim psk data given carrier, clock, invert
681 // - allow pull data from DemodBuffer or parameters
682 int CmdLFpskSim(const char *Cmd)
683 {
684 //might be able to autodetect FC and clock from Graphbuffer if using demod buffer
685 //will need carrier, Clock, and bitstream
686 uint8_t carrier=0, clk=0;
687 uint8_t invert=0;
688 bool errors = false;
689 char hexData[32] = {0x00}; // store entered hex data
690 uint8_t data[255] = {0x00};
691 int dataLen = 0;
692 uint8_t cmdp = 0;
693 uint8_t pskType = 1;
694 while(param_getchar(Cmd, cmdp) != 0x00)
695 {
696 switch(param_getchar(Cmd, cmdp))
697 {
698 case 'h':
699 return usage_lf_simpsk();
700 case 'i':
701 invert = 1;
702 cmdp++;
703 break;
704 case 'c':
705 errors |= param_getdec(Cmd,cmdp+1,&clk);
706 cmdp+=2;
707 break;
708 case 'r':
709 errors |= param_getdec(Cmd,cmdp+1,&carrier);
710 cmdp+=2;
711 break;
712 case '1':
713 pskType=1;
714 cmdp++;
715 break;
716 case '2':
717 pskType=2;
718 cmdp++;
719 break;
720 case '3':
721 pskType=3;
722 cmdp++;
723 break;
724 case 'd':
725 dataLen = param_getstr(Cmd, cmdp+1, hexData);
726 if (dataLen==0) {
727 errors=true;
728 } else {
729 dataLen = hextobinarray((char *)data, hexData);
730 }
731 if (dataLen==0) errors=true;
732 if (errors) PrintAndLog ("Error getting hex data");
733 cmdp+=2;
734 break;
735 default:
736 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
737 errors = true;
738 break;
739 }
740 if (errors) break;
741 }
742 if (cmdp == 0 && DemodBufferLen == 0)
743 {
744 errors = true;// No args
745 }
746
747 //Validations
748 if (errors)
749 {
750 return usage_lf_simpsk();
751 }
752 if (dataLen == 0){ //using DemodBuffer
753 PrintAndLog("Getting Clocks");
754 if (clk==0) clk = GetPskClock("", false, false);
755 PrintAndLog("clk: %d",clk);
756 if (!carrier) carrier = GetPskCarrier("", false, false);
757 PrintAndLog("carrier: %d", carrier);
758 } else {
759 setDemodBuf(data, dataLen, 0);
760 }
761
762 if (clk <= 0) clk = 32;
763 if (carrier == 0) carrier = 2;
764 if (pskType != 1){
765 if (pskType == 2){
766 //need to convert psk2 to psk1 data before sim
767 psk2TOpsk1(DemodBuffer, DemodBufferLen);
768 } else {
769 PrintAndLog("Sorry, PSK3 not yet available");
770 }
771 }
772 uint16_t arg1, arg2;
773 arg1 = clk << 8 | carrier;
774 arg2 = invert;
775 size_t size=DemodBufferLen;
776 if (size > USB_CMD_DATA_SIZE) {
777 PrintAndLog("DemodBuffer too long for current implementation - length: %d - max: %d", size, USB_CMD_DATA_SIZE);
778 size=USB_CMD_DATA_SIZE;
779 }
780 UsbCommand c = {CMD_PSK_SIM_TAG, {arg1, arg2, size}};
781 PrintAndLog("DEBUG: Sending DemodBuffer Length: %d", size);
782 memcpy(c.d.asBytes, DemodBuffer, size);
783 clearCommandBuffer();
784 SendCommand(&c);
785
786 return 0;
787 }
788
789 int CmdLFSimBidir(const char *Cmd)
790 {
791 // Set ADC to twice the carrier for a slight supersampling
792 // HACK: not implemented in ARMSRC.
793 PrintAndLog("Not implemented yet.");
794 UsbCommand c = {CMD_LF_SIMULATE_BIDIR, {47, 384, 0}};
795 SendCommand(&c);
796 return 0;
797 }
798
799 int CmdVchDemod(const char *Cmd)
800 {
801 // Is this the entire sync pattern, or does this also include some
802 // data bits that happen to be the same everywhere? That would be
803 // lovely to know.
804 static const int SyncPattern[] = {
805 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
806 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
807 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
808 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
809 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
810 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
811 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
812 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
813 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
814 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
815 };
816
817 // So first, we correlate for the sync pattern, and mark that.
818 int bestCorrel = 0, bestPos = 0;
819 int i;
820 // It does us no good to find the sync pattern, with fewer than
821 // 2048 samples after it...
822 for (i = 0; i < (GraphTraceLen-2048); i++) {
823 int sum = 0;
824 int j;
825 for (j = 0; j < arraylen(SyncPattern); j++) {
826 sum += GraphBuffer[i+j]*SyncPattern[j];
827 }
828 if (sum > bestCorrel) {
829 bestCorrel = sum;
830 bestPos = i;
831 }
832 }
833 PrintAndLog("best sync at %d [metric %d]", bestPos, bestCorrel);
834
835 char bits[257];
836 bits[256] = '\0';
837
838 int worst = INT_MAX;
839 int worstPos = 0;
840
841 for (i = 0; i < 2048; i += 8) {
842 int sum = 0;
843 int j;
844 for (j = 0; j < 8; j++) {
845 sum += GraphBuffer[bestPos+i+j];
846 }
847 if (sum < 0) {
848 bits[i/8] = '.';
849 } else {
850 bits[i/8] = '1';
851 }
852 if(abs(sum) < worst) {
853 worst = abs(sum);
854 worstPos = i;
855 }
856 }
857 PrintAndLog("bits:");
858 PrintAndLog("%s", bits);
859 PrintAndLog("worst metric: %d at pos %d", worst, worstPos);
860
861 if (strcmp(Cmd, "clone")==0) {
862 GraphTraceLen = 0;
863 char *s;
864 for(s = bits; *s; s++) {
865 int j;
866 for(j = 0; j < 16; j++) {
867 GraphBuffer[GraphTraceLen++] = (*s == '1') ? 1 : 0;
868 }
869 }
870 RepaintGraphWindow();
871 }
872 return 0;
873 }
874
875
876 //by marshmellow
877 int CheckChipType(char cmdp) {
878 uint32_t wordData = 0;
879
880 //check for em4x05/em4x69 chips first
881 save_restoreGB(1);
882 save_restoreDB(1);
883 if ((!offline && (cmdp != '1')) && EM4x05Block0Test(&wordData)) {
884 PrintAndLog("\nValid EM4x05/EM4x69 Chip Found\nTry lf em 4x05... commands\n");
885 save_restoreGB(0);
886 save_restoreDB(0);
887 return 1;
888 }
889
890 //TODO check for t55xx chip...
891
892 if ((!offline && (cmdp != '1')) && tryDetectP1(true)) {
893 PrintAndLog("\nValid T55xx Chip Found\nTry lf t55xx ... commands\n");
894 save_restoreGB(0);
895 save_restoreDB(0);
896 return 1;
897 }
898 save_restoreGB(0);
899 save_restoreDB(0);
900 return 0;
901 }
902
903 //by marshmellow
904 int CmdLFfind(const char *Cmd)
905 {
906 uint32_t wordData = 0;
907 int ans=0;
908 size_t minLength = 1000;
909 char cmdp = param_getchar(Cmd, 0);
910 char testRaw = param_getchar(Cmd, 1);
911 if (strlen(Cmd) > 3 || cmdp == 'h' || cmdp == 'H') {
912 PrintAndLog("Usage: lf search <0|1> [u]");
913 PrintAndLog(" <use data from Graphbuffer> , if not set, try reading data from tag.");
914 PrintAndLog(" [Search for Unknown tags] , if not set, reads only known tags.");
915 PrintAndLog("");
916 PrintAndLog(" sample: lf search = try reading data from tag & search for known tags");
917 PrintAndLog(" : lf search 1 = use data from GraphBuffer & search for known tags");
918 PrintAndLog(" : lf search u = try reading data from tag & search for known and unknown tags");
919 PrintAndLog(" : lf search 1 u = use data from GraphBuffer & search for known and unknown tags");
920
921 return 0;
922 }
923
924 if (!offline && (cmdp != '1')) {
925 lf_read(true, 30000);
926 } else if (GraphTraceLen < minLength) {
927 PrintAndLog("Data in Graphbuffer was too small.");
928 return 0;
929 }
930 if (cmdp == 'u' || cmdp == 'U') testRaw = 'u';
931
932 PrintAndLog("NOTE: some demods output possible binary\n if it finds something that looks like a tag");
933 PrintAndLog("False Positives ARE possible\n");
934 PrintAndLog("\nChecking for known tags:\n");
935
936 size_t testLen = minLength;
937 // only run if graphbuffer is just noise as it should be for hitag/cotag
938 if (graphJustNoise(GraphBuffer, testLen)) {
939 // only run these tests if we are in online mode
940 if (!offline && (cmdp != '1')) {
941 // test for em4x05 in reader talk first mode.
942 if (EM4x05Block0Test(&wordData)) {
943 PrintAndLog("\nValid EM4x05/EM4x69 Chip Found\nUse lf em 4x05readword/dump commands to read\n");
944 return 1;
945 }
946 ans=CmdLFHitagReader("26");
947 if (ans==0) {
948 return 1;
949 }
950 ans=CmdCOTAGRead("");
951 if (ans>0) {
952 PrintAndLog("\nValid COTAG ID Found!");
953 return 1;
954 }
955 }
956 return 0;
957 }
958
959 // TODO test for modulation then only test formats that use that modulation
960
961 ans=CmdFSKdemodIO("");
962 if (ans>0) {
963 PrintAndLog("\nValid IO Prox ID Found!");
964 return CheckChipType(cmdp);
965 }
966
967 ans=CmdFSKdemodPyramid("");
968 if (ans>0) {
969 PrintAndLog("\nValid Pyramid ID Found!");
970 return CheckChipType(cmdp);
971 }
972
973 ans=CmdFSKdemodParadox("");
974 if (ans>0) {
975 PrintAndLog("\nValid Paradox ID Found!");
976 return CheckChipType(cmdp);
977 }
978
979 ans=CmdFSKdemodAWID("");
980 if (ans>0) {
981 PrintAndLog("\nValid AWID ID Found!");
982 return CheckChipType(cmdp);
983 }
984
985 ans=CmdFSKdemodHID("");
986 if (ans>0) {
987 PrintAndLog("\nValid HID Prox ID Found!");
988 return CheckChipType(cmdp);
989 }
990
991 ans=CmdAskEM410xDemod("");
992 if (ans>0) {
993 PrintAndLog("\nValid EM410x ID Found!");
994 return CheckChipType(cmdp);
995 }
996
997 ans=CmdVisa2kDemod("");
998 if (ans>0) {
999 PrintAndLog("\nValid Visa2000 ID Found!");
1000 return CheckChipType(cmdp);
1001 }
1002
1003 ans=CmdG_Prox_II_Demod("");
1004 if (ans>0) {
1005 PrintAndLog("\nValid G Prox II ID Found!");
1006 return CheckChipType(cmdp);
1007 }
1008
1009 ans=CmdFdxDemod(""); //biphase
1010 if (ans>0) {
1011 PrintAndLog("\nValid FDX-B ID Found!");
1012 return CheckChipType(cmdp);
1013 }
1014
1015 ans=EM4x50Read("", false); //ask
1016 if (ans>0) {
1017 PrintAndLog("\nValid EM4x50 ID Found!");
1018 return 1;
1019 }
1020
1021 ans=CmdJablotronDemod("");
1022 if (ans>0) {
1023 PrintAndLog("\nValid Jablotron ID Found!");
1024 return CheckChipType(cmdp);
1025 }
1026
1027 ans=CmdNoralsyDemod("");
1028 if (ans>0) {
1029 PrintAndLog("\nValid Noralsy ID Found!");
1030 return CheckChipType(cmdp);
1031 }
1032
1033 ans=CmdSecurakeyDemod("");
1034 if (ans>0) {
1035 PrintAndLog("\nValid Securakey ID Found!");
1036 return CheckChipType(cmdp);
1037 }
1038
1039 ans=CmdVikingDemod("");
1040 if (ans>0) {
1041 PrintAndLog("\nValid Viking ID Found!");
1042 return CheckChipType(cmdp);
1043 }
1044
1045 ans=CmdIndalaDecode(""); //psk
1046 if (ans>0) {
1047 PrintAndLog("\nValid Indala ID Found!");
1048 return CheckChipType(cmdp);
1049 }
1050
1051 ans=CmdPSKNexWatch("");
1052 if (ans>0) {
1053 PrintAndLog("\nValid NexWatch ID Found!");
1054 return CheckChipType(cmdp);
1055 }
1056
1057 PrintAndLog("\nNo Known Tags Found!\n");
1058 if (testRaw=='u' || testRaw=='U') {
1059 ans=CheckChipType(cmdp);
1060 //test unknown tag formats (raw mode)0
1061 PrintAndLog("\nChecking for Unknown tags:\n");
1062 ans=AutoCorrelate(4000, false, false);
1063 if (ans > 0) PrintAndLog("Possible Auto Correlation of %d repeating samples",ans);
1064 ans=GetFskClock("",false,false);
1065 if (ans != 0) { //fsk
1066 ans=FSKrawDemod("",true);
1067 if (ans>0) {
1068 PrintAndLog("\nUnknown FSK Modulated Tag Found!");
1069 return 1;
1070 }
1071 }
1072 bool st = true;
1073 ans=ASKDemod_ext("0 0 0",true,false,1,&st);
1074 if (ans>0) {
1075 PrintAndLog("\nUnknown ASK Modulated and Manchester encoded Tag Found!");
1076 PrintAndLog("\nif it does not look right it could instead be ASK/Biphase - try 'data rawdemod ab'");
1077 return 1;
1078 }
1079 ans=CmdPSK1rawDemod("");
1080 if (ans>0) {
1081 PrintAndLog("Possible unknown PSK1 Modulated Tag Found above!\n\nCould also be PSK2 - try 'data rawdemod p2'");
1082 PrintAndLog("\nCould also be PSK3 - [currently not supported]");
1083 PrintAndLog("\nCould also be NRZ - try 'data nrzrawdemod'");
1084 return 1;
1085 }
1086 PrintAndLog("\nNo Data Found!\n");
1087 }
1088 return 0;
1089 }
1090
1091 static command_t CommandTable[] =
1092 {
1093 {"help", CmdHelp, 1, "This help"},
1094 {"awid", CmdLFAWID, 1, "{ AWID RFIDs... }"},
1095 {"cotag", CmdLFCOTAG, 1, "{ COTAG CHIPs... }"},
1096 {"em", CmdLFEM4X, 1, "{ EM4X CHIPs & RFIDs... }"},
1097 {"fdx", CmdLFFdx, 1, "{ FDX-B RFIDs... }"},
1098 {"gproxii", CmdLF_G_Prox_II, 1, "{ G Prox II RFIDs... }"},
1099 {"hid", CmdLFHID, 1, "{ HID RFIDs... }"},
1100 {"hitag", CmdLFHitag, 1, "{ Hitag CHIPs... }"},
1101 {"io", CmdLFIO, 1, "{ ioProx RFIDs... }"},
1102 {"indala", CmdLFINDALA, 1, "{ Indala RFIDs... }"},
1103 {"jablotron", CmdLFJablotron, 1, "{ Jablotron RFIDs... }"},
1104 {"nexwatch", CmdLFNexWatch, 1, "{ NexWatch RFIDs... }"},
1105 {"noralsy", CmdLFNoralsy, 1, "{ Noralsy RFIDs... }"},
1106 {"paradox", CmdLFParadox, 1, "{ Paradox RFIDs... }"},
1107 {"presco", CmdLFPresco, 1, "{ Presco RFIDs... }"},
1108 {"pcf7931", CmdLFPCF7931, 1, "{ PCF7931 CHIPs... }"},
1109 {"pyramid", CmdLFPyramid, 1, "{ Farpointe/Pyramid RFIDs... }"},
1110 {"securakey", CmdLFSecurakey, 1, "{ Securakey RFIDs... }"},
1111 {"t55xx", CmdLFT55XX, 1, "{ T55xx CHIPs... }"},
1112 {"ti", CmdLFTI, 1, "{ TI CHIPs... }"},
1113 {"viking", CmdLFViking, 1, "{ Viking RFIDs... }"},
1114 {"visa2000", CmdLFVisa2k, 1, "{ Visa2000 RFIDs... }"},
1115 {"cmdread", CmdLFCommandRead, 0, "<d period> <z period> <o period> <c command> ['H'] -- Modulate LF reader field to send command before read (all periods in microseconds) (option 'H' for 134)"},
1116 {"config", CmdLFSetConfig, 0, "Set config for LF sampling, bit/sample, decimation, frequency"},
1117 {"flexdemod", CmdFlexdemod, 1, "Demodulate samples for FlexPass"},
1118 {"read", CmdLFRead, 0, "['s' silent] Read 125/134 kHz LF ID-only tag. Do 'lf read h' for help"},
1119 {"search", CmdLFfind, 1, "[offline] ['u'] Read and Search for valid known tag (in offline mode it you can load first then search) - 'u' to search for unknown tags"},
1120 {"sim", CmdLFSim, 0, "[GAP] -- Simulate LF tag from buffer with optional GAP (in microseconds)"},
1121 {"simask", CmdLFaskSim, 0, "[clock] [invert <1|0>] [biphase/manchester/raw <'b'|'m'|'r'>] [msg separator 's'] [d <hexdata>] -- Simulate LF ASK tag from demodbuffer or input"},
1122 {"simfsk", CmdLFfskSim, 0, "[c <clock>] [i] [H <fcHigh>] [L <fcLow>] [d <hexdata>] -- Simulate LF FSK tag from demodbuffer or input"},
1123 {"simpsk", CmdLFpskSim, 0, "[1|2|3] [c <clock>] [i] [r <carrier>] [d <raw hex to sim>] -- Simulate LF PSK tag from demodbuffer or input"},
1124 {"simbidir", CmdLFSimBidir, 0, "Simulate LF tag (with bidirectional data transmission between reader and tag)"},
1125 {"snoop", CmdLFSnoop, 0, "['l'|'h'|<divisor>] [trigger threshold]-- Snoop LF (l:125khz, h:134khz)"},
1126 {"vchdemod", CmdVchDemod, 1, "['clone'] -- Demodulate samples for VeriChip"},
1127 {NULL, NULL, 0, NULL}
1128 };
1129
1130 int CmdLF(const char *Cmd)
1131 {
1132 CmdsParse(CommandTable, Cmd);
1133 return 0;
1134 }
1135
1136 int CmdHelp(const char *Cmd)
1137 {
1138 CmdsHelp(CommandTable);
1139 return 0;
1140 }
Proxmark3 GIT tracking
Impressum, Datenschutz