]> cvs.zerfleddert.de Git - proxmark3-svn/blobdiff - armsrc/iso14443a.c
projects / proxmark3-svn / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
ADD: 'hf mfu info' now prints following settings:
[proxmark3-svn] / armsrc / iso14443a.c
diff --git a/armsrc/iso14443a.c b/armsrc/iso14443a.c
index 22ada94f8ec9b876356d4398a3cb84413e6e3919..d7a86a0990f3dc27de105411add47973e4f3b78c 100644 (file)
--- a/armsrc/iso14443a.c
+++ b/armsrc/iso14443a.c
@@ -1,4 +1,4 @@
-//-----------------------------------------------------------------------------
+ //-----------------------------------------------------------------------------
 // Merlok - June 2011, 2012
 // Gerhard de Koning Gans - May 2008
 // Hagen Fritsch - June 2010
@@ -939,7 +939,7 @@ bool prepare_allocated_tag_modulation(tag_response_info_t* response_info) {
 //-----------------------------------------------------------------------------
 void SimulateIso14443aTag(int tagType, int flags, byte_t* data)
 {
-
+       uint32_t counters[] = {0,0,0};
        //Here, we collect UID,NT,AR,NR,UID2,NT2,AR2,NR2
        // This can be used in a reader-only attack.
        // (it can also be retrieved via 'hf 14a list', but hey...
@@ -1183,7 +1183,7 @@ void SimulateIso14443aTag(int tagType, int flags, byte_t* data)
                                // We already responded, do not send anything with the EmSendCmd14443aRaw() that is called below
                                p_response = NULL;
                        }
-               } else if(receivedCmd[0] == 0x3A) {     // Received a FAST READ (ranged read) -- just returns all zeros.
+               } else if(receivedCmd[0] == 0x3A) {     // Received a FAST READ (ranged read)
                                
                                uint8_t emdata[MAX_FRAME_SIZE];
                                int start =  receivedCmd[1] * 4;
@@ -1203,15 +1203,19 @@ void SimulateIso14443aTag(int tagType, int flags, byte_t* data)
                                AppendCrc14443a(data, sizeof(data)-2);
                                EmSendCmdEx(data,sizeof(data),false);
                                p_response = NULL;                                      
-               } else if(receivedCmd[0] == 0x39 && tagType == 7) {     // Received a READ COUNTER -- 
-                               uint8_t data[] =  {0x00,0x00,0x00,0x14,0xa5};
-                               EmSendCmdEx(data,sizeof(data),false);                           
-                               p_response = NULL;
-               } else if(receivedCmd[0] == 0xA5 && tagType == 7) {     // Received a INC COUNTER -- 
+               } else if (receivedCmd[0] == 0x39 && tagType == 7) {    // Received a READ COUNTER -- 
+                       uint8_t counter = receivedCmd[1];
+                       uint32_t value = counters[counter];
+                       uint8_t data[] =  {0x00,0x00,0x00,0x14,0xa5};
+                       AppendCrc14443a(data, sizeof(data)-2);
+                       EmSendCmdEx(data,sizeof(data),false);                           
+                       p_response = NULL;
+               } else if (receivedCmd[0] == 0xA5 && tagType == 7) {    // Received a INC COUNTER -- 
                        // number of counter
-                       //uint8_t counter = receivedCmd[1];
-                       //uint32_t val = bytes_to_num(receivedCmd+2,4);
-                       
+                       uint8_t counter = receivedCmd[1];
+                       uint32_t val = bytes_to_num(receivedCmd+2,4);
+                       counters[counter] = val;
+               
                        // send ACK
                        uint8_t ack[] = {0x0a};
                        EmSendCmdEx(ack,sizeof(ack),false);
@@ -1436,7 +1440,7 @@ void PrepareDelayedTransfer(uint16_t delay)
        uint8_t bitmask = 0;
        uint8_t bits_to_shift = 0;
        uint8_t bits_shifted = 0;
-       
+
        delay &= 0x07;
        if (delay) {
                for (uint16_t i = 0; i < delay; i++) {
@@ -2543,8 +2547,8 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
        uint8_t rATQA[] = {0x04, 0x00}; // Mifare classic 1k 4BUID
        uint8_t rUIDBCC1[] = {0xde, 0xad, 0xbe, 0xaf, 0x62};
        uint8_t rUIDBCC2[] = {0xde, 0xad, 0xbe, 0xaf, 0x62}; // !!!
-       //uint8_t rSAK[] = {0x08, 0xb6, 0xdd}; // Mifare Classic
-       uint8_t rSAK[] = {0x09, 0x3f, 0xcc };  // Mifare Mini 
+       uint8_t rSAK[] = {0x08, 0xb6, 0xdd}; // Mifare Classic
+       //uint8_t rSAK[] = {0x09, 0x3f, 0xcc };  // Mifare Mini 
        uint8_t rSAK1[] = {0x04, 0xda, 0x17};
 
        uint8_t rAUTH_NT[] = {0x01, 0x01, 0x01, 0x01};
Proxmark3 GIT tracking
Impressum, Datenschutz