//-----------------------------------------------------------------------------
#include "mifaresniff.h"
-#include "apps.h"
+
#include "proxmark3.h"
#include "util.h"
#include "string.h"
#include "crapto1/crapto1.h"
#include "mifareutil.h"
#include "common.h"
+#include "cmd.h"
+#include "BigBuf.h"
+#include "fpgaloader.h"
static int sniffState = SNF_INIT;
sniffSAK = 0;
sniffUIDType = SNF_UID_4;
- return FALSE;
+ return false;
}
bool MfSniffEnd(void){
cmd_send(CMD_ACK,0,0,0,0,0);
LED_B_OFF();
- return FALSE;
+ return false;
}
bool RAMFUNC MfSniffLogic(const uint8_t *data, uint16_t len, uint8_t *parity, uint16_t bitCnt, bool reader) {
memset(sniffATQA, 0x00, 2);
sniffSAK = 0;
sniffState = SNF_ATQA;
+ if (data[0] == 0x40)
+ sniffState = SNF_MAGIC_WUPC2;
}
break;
}
+ case SNF_MAGIC_WUPC2:
+ if ((len == 1) && (reader) && (data[0] == 0x43) ) {
+ sniffState = SNF_CARD_IDLE;
+ }
+ break;
case SNF_ATQA:{
if ((!reader) && (len == 2)) { // ATQA from tag
memcpy(sniffATQA, data, 2);
break;
}
case SNF_UID1:{\r
- if ((reader) && (len == 2) && (data[0] == 0x93) && (data[1] == 0x20)) { // Select ALL from reader
- sniffState = SNF_ANTICOL1;
- }\r
- \r
if ((reader) && (len == 9) && (data[0] == 0x93) && (data[1] == 0x70) && (CheckCrc14443(CRC_14443_A, data, 9))) { // Select 4 Byte UID from reader\r
memcpy(sniffUID + 3, &data[2], 4);\r
sniffState = SNF_SAK;\r
}\r
break;
}\r
- case SNF_ANTICOL1:{
- if ((!reader) && (len == 5) && ((data[0] ^ data[1] ^ data[2] ^ data[3]) == data[4])) { // UID from tag (CL1)
- sniffState = SNF_UID1;
- }
- break;
- }
case SNF_SAK:{
if ((!reader) && (len == 3) && (CheckCrc14443(CRC_14443_A, data, 3))) { // SAK from card?
sniffSAK = data[0];
}
break;
}
- case SNF_ANTICOL2:{
- if ((!reader) && (len == 5) && ((data[0] ^ data[1] ^ data[2] ^ data[3]) == data[4])) { // CL2 UID
- sniffState = SNF_UID2;
- }
- break;
- }
case SNF_UID2:{\r
- if ((reader) && (len == 2) && (data[0] == 0x95) && (data[1] == 0x20)) {\r
- sniffState = SNF_ANTICOL2;\r
- }\r
- \r
if ((reader) && (len == 9) && (data[0] == 0x95) && (data[1] == 0x70) && (CheckCrc14443(CRC_14443_A, data, 9))) {\r
memcpy(sniffUID + 3, &data[2], 4);\r
sniffState = SNF_SAK;\r
sniffBuf[11] = sniffSAK;
sniffBuf[12] = 0xFF;
sniffBuf[13] = 0xFF;
- LogTrace(sniffBuf, 14, 0, 0, NULL, TRUE);
+ LogTrace(sniffBuf, 14, 0, 0, NULL, true);
sniffState = SNF_CARD_CMD;
} // intentionally no break;
case SNF_CARD_CMD:{
- LogTrace(data, len, 0, 0, NULL, reader);
+ LogTrace(data, len, 0, 0, parity, reader);
timerData = GetTickCount();
break;
}
}
- return FALSE;
+ return false;
}
bool RAMFUNC MfSniffSend(uint16_t maxTimeoutMs) {
if (BigBuf_get_traceLen() && (GetTickCount() > timerData + maxTimeoutMs)) {
return intMfSniffSend();
}
- return FALSE;
+ return false;
}
// internal sending function. not a RAMFUNC.
clear_trace();
- return TRUE;
+ return true;
}