int usage_t55xx_config(){\r
PrintAndLog("Usage: lf t55xx config [d <demodulation>] [i 1] [o <offset>] [Q5]");\r
PrintAndLog("Options:");\r
int usage_t55xx_config(){\r
PrintAndLog("Usage: lf t55xx config [d <demodulation>] [i 1] [o <offset>] [Q5]");\r
PrintAndLog("Options:");\r
- PrintAndLog(" h This help");\r
- PrintAndLog(" b <8|16|32|40|50|64|100|128> Set bitrate");\r
- PrintAndLog(" d <FSK|FSK1|FSK1a|FSK2|FSK2a|ASK|PSK1|PSK2|NRZ|BI|BIa> Set demodulation FSK / ASK / PSK / NRZ / Biphase / Biphase A");\r
- PrintAndLog(" i [1] Invert data signal, defaults to normal");\r
- PrintAndLog(" o [offset] Set offset, where data should start decode in bitstream");\r
- PrintAndLog(" Q5 Set as Q5(T5555) chip instead of T55x7");\r
- PrintAndLog(" ST Set Sequence Terminator on");\r
+ PrintAndLog(" h - This help");\r
+ PrintAndLog(" b <8|16|32|40|50|64|100|128> - Set bitrate");\r
+ PrintAndLog(" d <FSK|FSK1|FSK1a|FSK2|FSK2a|ASK|PSK1|PSK2|NRZ|BI|BIa> - Set demodulation FSK / ASK / PSK / NRZ / Biphase / Biphase A");\r
+ PrintAndLog(" i [1] - Invert data signal, defaults to normal");\r
+ PrintAndLog(" o [offset] - Set offset, where data should start decode in bitstream");\r
+ PrintAndLog(" Q5 - Set as Q5(T5555) chip instead of T55x7");\r
+ PrintAndLog(" ST - Set Sequence Terminator on");\r
int usage_t55xx_trace() {\r
PrintAndLog("Usage: lf t55xx trace [1]");\r
PrintAndLog("Options:");\r
int usage_t55xx_trace() {\r
PrintAndLog("Usage: lf t55xx trace [1]");\r
PrintAndLog("Options:");\r
int usage_t55xx_info() {\r
PrintAndLog("Usage: lf t55xx info [1]");\r
PrintAndLog("Options:");\r
int usage_t55xx_info() {\r
PrintAndLog("Usage: lf t55xx info [1]");\r
PrintAndLog("Options:");\r
int usage_t55xx_bruteforce(){\r
PrintAndLog("This command uses A) bruteforce to scan a number range");\r
PrintAndLog(" B) a dictionary attack");\r
int usage_t55xx_bruteforce(){\r
PrintAndLog("This command uses A) bruteforce to scan a number range");\r
PrintAndLog(" B) a dictionary attack");\r
PrintAndLog(" password must be 4 bytes (8 hex symbols)");\r
PrintAndLog("Options:");\r
PrintAndLog(" h - this help");\r
PrintAndLog(" password must be 4 bytes (8 hex symbols)");\r
PrintAndLog("Options:");\r
PrintAndLog(" h - this help");\r
PrintAndLog(" default password is 51243648, used by many cloners");\r
PrintAndLog("Options:");\r
PrintAndLog(" h - this help");\r
PrintAndLog(" default password is 51243648, used by many cloners");\r
PrintAndLog("Options:");\r
PrintAndLog(" h - this help");\r
\r
void printT5xxHeader(uint8_t page){\r
PrintAndLog("Reading Page %d:", page); \r
\r
void printT5xxHeader(uint8_t page){\r
PrintAndLog("Reading Page %d:", page); \r
- PrintAndLog("blk | hex data | binary");\r
- PrintAndLog("----+----------+---------------------------------"); \r
+ PrintAndLog("blk | hex data | binary | ascii");\r
+ PrintAndLog("----+----------+---------------------------------+-------"); \r
return (bool) ASKDemod("64 0 1", FALSE, FALSE, 1);\r
}\r
\r
return (bool) ASKDemod("64 0 1", FALSE, FALSE, 1);\r
}\r
\r
+// sanity check. Don't use proxmark if it is offline and you didn't specify useGraphbuf\r
+static int SanityOfflineCheck( bool useGraphBuffer ){\r
+ if ( !useGraphBuffer && offline) {\r
+ PrintAndLog("Your proxmark3 device is offline. Specify [1] to use graphbuffer data instead");\r
+ return 0;\r
+ }\r
+ return 1;\r
+}\r
if ( !useGB) {\r
if ( !AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password) )\r
if ( !useGB) {\r
if ( !AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password) )\r
}\r
\r
if ( !tryDetectModulation() )\r
PrintAndLog("Could not detect modulation automatically. Try setting it manually with \'lf t55xx config\'");\r
\r
}\r
\r
if ( !tryDetectModulation() )\r
PrintAndLog("Could not detect modulation automatically. Try setting it manually with \'lf t55xx config\'");\r
\r
if ( ASKDemod_ext("0 0 1", FALSE, FALSE, 1, &tests[hits].ST) && test(DEMOD_ASK, &tests[hits].offset, &bitRate, clk, &tests[hits].Q5)) {\r
tests[hits].modulation = DEMOD_ASK;\r
tests[hits].bitrate = bitRate;\r
if ( ASKDemod_ext("0 0 1", FALSE, FALSE, 1, &tests[hits].ST) && test(DEMOD_ASK, &tests[hits].offset, &bitRate, clk, &tests[hits].Q5)) {\r
tests[hits].modulation = DEMOD_ASK;\r
tests[hits].bitrate = bitRate;\r
if ( ASKDemod_ext("0 1 1", FALSE, FALSE, 1, &tests[hits].ST) && test(DEMOD_ASK, &tests[hits].offset, &bitRate, clk, &tests[hits].Q5)) {\r
tests[hits].modulation = DEMOD_ASK;\r
tests[hits].bitrate = bitRate;\r
if ( ASKDemod_ext("0 1 1", FALSE, FALSE, 1, &tests[hits].ST) && test(DEMOD_ASK, &tests[hits].offset, &bitRate, clk, &tests[hits].Q5)) {\r
tests[hits].modulation = DEMOD_ASK;\r
tests[hits].bitrate = bitRate;\r
bits[i - config.offset] = DemodBuffer[i];\r
\r
blockData = PackBits(0, 32, bits);\r
bits[i - config.offset] = DemodBuffer[i];\r
\r
blockData = PackBits(0, 32, bits);\r
- PrintAndLog(" %s | %08X | %s", blockNum, blockData, sprint_bin(bits,32));\r
+ PrintAndLog(" %s | %08X | %s | %s", blockNum, blockData, sprint_bin(bits,32), sprint_ascii(bytes,4));\r
}\r
\r
int special(const char *Cmd) {\r
uint32_t blockData = 0;\r
uint8_t bits[32] = {0x00};\r
\r
}\r
\r
int special(const char *Cmd) {\r
uint32_t blockData = 0;\r
uint8_t bits[32] = {0x00};\r
\r
- PrintAndLog("OFFSET | DATA | BINARY");\r
- PrintAndLog("----------------------------------------------------");\r
+ PrintAndLog("OFFSET | DATA | BINARY | ASCII");\r
+ PrintAndLog("-------+-------+------------------------------------+------");\r
uint32_t password = 0; \r
if (strlen(Cmd) > 1 || cmdp == 'h' || cmdp == 'H') return usage_t55xx_trace();\r
\r
uint32_t password = 0; \r
if (strlen(Cmd) > 1 || cmdp == 'h' || cmdp == 'H') return usage_t55xx_trace();\r
\r
if ( !AquireData( T55x7_PAGE1, REGULAR_READ_MODE_BLOCK, pwdmode, password ) )\r
if ( !AquireData( T55x7_PAGE1, REGULAR_READ_MODE_BLOCK, pwdmode, password ) )\r
}\r
\r
t5555_tracedata_t data = {.bl1 = bl1, .bl2 = bl2, .icr = 0, .lotidc = '?', .lotid = 0, .wafer = 0, .dw =0};\r
}\r
\r
t5555_tracedata_t data = {.bl1 = bl1, .bl2 = bl2, .icr = 0, .lotidc = '?', .lotid = 0, .wafer = 0, .dw =0};\r
data.acl = PackBits(si, 8, DemodBuffer); si += 8;\r
if ( data.acl != 0xE0 ) {\r
PrintAndLog("The modulation is most likely wrong since the ACL is not 0xE0. ");\r
data.acl = PackBits(si, 8, DemodBuffer); si += 8;\r
if ( data.acl != 0xE0 ) {\r
PrintAndLog("The modulation is most likely wrong since the ACL is not 0xE0. ");\r
if ( !AquireData( T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, pwdmode, password ) )\r
return 1;\r
if ( !AquireData( T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, pwdmode, password ) )\r
return 1;\r
\r
int AquireData( uint8_t page, uint8_t block, bool pwdmode, uint32_t password ){\r
// arg0 bitmodes:\r
\r
int AquireData( uint8_t page, uint8_t block, bool pwdmode, uint32_t password ){\r
// arg0 bitmodes:\r
uint8_t arg0 = (page<<1) | pwdmode;\r
UsbCommand c = {CMD_T55XX_READ_BLOCK, {arg0, block, password}};\r
uint8_t arg0 = (page<<1) | pwdmode;\r
UsbCommand c = {CMD_T55XX_READ_BLOCK, {arg0, block, password}};\r
- uint8_t got[12000];\r
- GetFromBigBuf(got,sizeof(got),0);\r
- WaitForResponse(CMD_ACK,NULL);\r
+ //uint8_t got[12288];\r
+ uint8_t got[7679];\r
+ GetFromBigBuf(got, sizeof(got), 0);\r
+ if ( !WaitForResponseTimeout(CMD_ACK, NULL, 8000) ) {\r
+ PrintAndLog("command execution time out");\r
+ return 0;\r
+ }\r
if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;\r
memcpy(filename, Cmd+2, len);\r
\r
if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;\r
memcpy(filename, Cmd+2, len);\r
\r
testpwd = bytes_to_num(keyBlock + 4*c, 4);\r
\r
PrintAndLog("Testing %08X", testpwd);\r
testpwd = bytes_to_num(keyBlock + 4*c, 4);\r
\r
PrintAndLog("Testing %08X", testpwd);\r
if ( !AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, TRUE, testpwd)) {\r
PrintAndLog("Aquireing data from device failed. Quitting");\r
free(keyBlock);\r
if ( !AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, TRUE, testpwd)) {\r
PrintAndLog("Aquireing data from device failed. Quitting");\r
free(keyBlock);\r
PrintAndLog("Trying password %08x", password);\r
if (!AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, TRUE, password)) {\r
PrintAndLog("Aquireing data from device failed. Quitting");\r
PrintAndLog("Trying password %08x", password);\r
if (!AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, TRUE, password)) {\r
PrintAndLog("Aquireing data from device failed. Quitting");\r
\r
static command_t CommandTable[] = {\r
{"help", CmdHelp, 1, "This help"},\r
\r
static command_t CommandTable[] = {\r
{"help", CmdHelp, 1, "This help"},\r
- {"bruteforce",CmdT55xxBruteForce,0, "<start password> <end password> [i <*.dic>] Simple bruteforce attack to find password"},\r
+ {"bruteforce", CmdT55xxBruteForce,0, "<start password> <end password> [i <*.dic>] Simple bruteforce attack to find password"},\r
{"config", CmdT55xxSetConfig, 1, "Set/Get T55XX configuration (modulation, inverted, offset, rate)"},\r
{"detect", CmdT55xxDetect, 1, "[1] Try detecting the tag modulation from reading the configuration block."},\r
{"dump", CmdT55xxDump, 0, "[password] [o] Dump T55xx card block 0-7. Optional [password], [override]"},\r
{"config", CmdT55xxSetConfig, 1, "Set/Get T55XX configuration (modulation, inverted, offset, rate)"},\r
{"detect", CmdT55xxDetect, 1, "[1] Try detecting the tag modulation from reading the configuration block."},\r
{"dump", CmdT55xxDump, 0, "[password] [o] Dump T55xx card block 0-7. Optional [password], [override]"},\r