]> cvs.zerfleddert.de Git - proxmark3-svn/blobdiff - client/cmdlfhitag.c
ADD: `analyse nuid` - generates NUID 4byte from a UID 7byte. Mifare Classic Ev1...
[proxmark3-svn] / client / cmdlfhitag.c
index 81822eb69875c162c8dae4da20c6198ffe0569a7..b32990cdd340c857c3b2c333c2fcc5f6279ac825 100644 (file)
@@ -18,6 +18,7 @@
 #include "common.h"
 #include "util.h"
 #include "hitag2.h"
+#include "hitagS.h"
 #include "sleep.h"
 #include "cmdmain.h"
 
@@ -27,8 +28,7 @@ size_t nbytes(size_t nbits) {
        return (nbits/8)+((nbits%8)>0);
 }
 
-int CmdLFHitagList(const char *Cmd)
-{
+int CmdLFHitagList(const char *Cmd) {
        uint8_t *got = malloc(USB_CMD_DATA_SIZE);
 
        // Query for the actual size of the trace
@@ -57,13 +57,14 @@ int CmdLFHitagList(const char *Cmd)
        int len = strlen(Cmd);
 
        char filename[FILE_PATH_SIZE]  = { 0x00 };
-       FILE* pf = NULL;
+       FILE* f = NULL;
        
        if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;
        memcpy(filename, Cmd, len);
    
        if (strlen(filename) > 0) {
-               if ((pf = fopen(filename,"wb")) == NULL) {
+               f = fopen(filename,"wb");
+               if (!f) {
                        PrintAndLog("Error: Could not open file [%s]",filename);
                        return 1;
                }
@@ -128,8 +129,8 @@ int CmdLFHitagList(const char *Cmd)
                        (isResponse ? "TAG" : "   "),
                        line);
 
-               if (pf) {
-                       fprintf(pf," +%7d:  %3d: %s %s\n",
+               if (f) {
+                       fprintf(f," +%7d:  %3d: %s %s\n",
                                (prev < 0 ? 0 : (timestamp - prev)),
                                bits,
                                (isResponse ? "TAG" : "   "),
@@ -140,8 +141,8 @@ int CmdLFHitagList(const char *Cmd)
                i += (len + 9);
        }
   
-       if (pf) {
-               fclose(pf);
+       if (f) {
+               fclose(f);
                PrintAndLog("Recorded activity succesfully written to file: %s", filename);
        }
 
@@ -160,7 +161,7 @@ int CmdLFHitagSim(const char *Cmd) {
     
        UsbCommand c = {CMD_SIMULATE_HITAG};
        char filename[FILE_PATH_SIZE] = { 0x00 };
-       FILE* pf;
+       FILE* f;
        bool tag_mem_supplied;
        
        int len = strlen(Cmd);
@@ -168,25 +169,25 @@ int CmdLFHitagSim(const char *Cmd) {
        memcpy(filename, Cmd, len);
 
        if (strlen(filename) > 0) {
-               if ((pf = fopen(filename,"rb+")) == NULL) {
+               f = fopen(filename,"rb+");
+               if (!f) {
                        PrintAndLog("Error: Could not open file [%s]",filename);
                        return 1;
                }
                tag_mem_supplied = true;
-               size_t bytes_read = fread(c.d.asBytes, 48, 1, pf);
+               size_t bytes_read = fread(c.d.asBytes, 48, 1, f);
                if ( bytes_read == 0) {
                        PrintAndLog("Error: File reading error");
-                       fclose(pf);
+                       fclose(f);
                        return 1;
                }
-               fclose(pf);
+               fclose(f);
        } else {
                tag_mem_supplied = false;
        }
 
        // Does the tag comes with memory
        c.arg[0] = (uint32_t)tag_mem_supplied;
-
        clearCommandBuffer();
        SendCommand(&c);
        return 0;
@@ -194,12 +195,20 @@ int CmdLFHitagSim(const char *Cmd) {
 
 int CmdLFHitagReader(const char *Cmd) {
        
-
-       UsbCommand c = {CMD_READER_HITAG};//, {param_get32ex(Cmd,0,0,10),param_get32ex(Cmd,1,0,16),param_get32ex(Cmd,2,0,16),param_get32ex(Cmd,3,0,16)}};
+       UsbCommand c = {CMD_READER_HITAG, {0,0,0} };//, {param_get32ex(Cmd,0,0,10),param_get32ex(Cmd,1,0,16),param_get32ex(Cmd,2,0,16),param_get32ex(Cmd,3,0,16)}};
        hitag_data* htd = (hitag_data*)c.d.asBytes;
-       hitag_function htf = param_get32ex(Cmd,0,0,10);
+       hitag_function htf = param_get32ex(Cmd, 0, 0, 10);
        
        switch (htf) {
+               case 01: { //RHTSF_CHALLENGE
+                       c = (UsbCommand){ CMD_READ_HITAG_S };
+                       num_to_bytes(param_get32ex(Cmd,1,0,16),4,htd->auth.NrAr);
+                       num_to_bytes(param_get32ex(Cmd,2,0,16),4,htd->auth.NrAr+4);
+               } break;
+               case 02: { //RHTSF_KEY
+                       c = (UsbCommand){ CMD_READ_HITAG_S };
+                       num_to_bytes(param_get64ex(Cmd,1,0,16),6,htd->crypto.key);
+               } break;
                case RHT2F_PASSWORD: {
                        num_to_bytes(param_get32ex(Cmd,1,0,16),4,htd->pwd.password);
                } break;
@@ -213,68 +222,189 @@ int CmdLFHitagReader(const char *Cmd) {
                case RHT2F_TEST_AUTH_ATTEMPTS: {
                        // No additional parameters needed
                } break;
+               case RHT2F_UID_ONLY: {
+                       // No additional parameters needed
+               } break;
                default: {
-                       PrintAndLog("Error: unkown reader function %d",htf);
-                       PrintAndLog("Hitag reader functions");
+                       PrintAndLog("\nError: unkown reader function %d",htf);
+                       PrintAndLog("");
+                       PrintAndLog("Usage: hitag reader <Reader Function #>");
+                       PrintAndLog("Reader Functions:");
                        PrintAndLog(" HitagS (0*)");
+                       PrintAndLog("  01 <nr> <ar> (Challenge) read all pages from a Hitag S tag");
+                       PrintAndLog("  02 <key> (set to 0 if no authentication is needed) read all pages from a Hitag S tag");
                        PrintAndLog(" Hitag1 (1*)");
                        PrintAndLog(" Hitag2 (2*)");
                        PrintAndLog("  21 <password> (password mode)");
                        PrintAndLog("  22 <nr> <ar> (authentication)");
                        PrintAndLog("  23 <key> (authentication) key is in format: ISK high + ISK low");
                        PrintAndLog("  25 (test recorded authentications)");
+                       PrintAndLog("  26 just read UID");
                        return 1;
                } break;
        }
 
        // Copy the hitag2 function into the first argument
        c.arg[0] = htf;
-
        clearCommandBuffer();
-       // Send the command to the proxmark
        SendCommand(&c);
-
        UsbCommand resp;
-       WaitForResponse(CMD_ACK,&resp);
+       WaitForResponse(CMD_ACK, &resp);
 
        // Check the return status, stored in the first argument
        if (resp.arg[0] == false) return 1;
 
        uint32_t id = bytes_to_num(resp.d.asBytes,4);
-       char filename[FILE_PATH_SIZE];
-       FILE* pf = NULL;
 
-       sprintf(filename,"%08x_%04x.ht2",id,(rand() & 0xffff));
-       if ((pf = fopen(filename,"wb")) == NULL) {
-               PrintAndLog("Error: Could not open file [%s]",filename);
-               return 1;
+       if (htf == RHT2F_UID_ONLY){
+               PrintAndLog("Valid Hitag2 tag found - UID: %08x",id);
+       } else {
+               char filename[FILE_PATH_SIZE];
+               FILE* f = NULL;
+               sprintf(filename,"%08x_%04x.ht2",id,(rand() & 0xffff));
+               f = fopen(filename,"wb");
+               if (!f) {
+                       PrintAndLog("Error: Could not open file [%s]",filename);
+                       return 1;
+               }
+
+               // Write the 48 tag memory bytes to file and finalize
+               fwrite(resp.d.asBytes, 1, 48, f);
+               fclose(f);
+               PrintAndLog("Succesfully saved tag memory to [%s]",filename);
        }
+       return 0;
+}
 
-       // Write the 48 tag memory bytes to file and finalize
-       fwrite(resp.d.asBytes,1,48,pf);
-       fclose(pf);
+int CmdLFHitagSimS(const char *Cmd) {
+       UsbCommand c = { CMD_SIMULATE_HITAG_S };
+       char filename[FILE_PATH_SIZE] = { 0x00 };
+       FILE* f;
+       bool tag_mem_supplied;
+       int len = strlen(Cmd);
+       if (len > FILE_PATH_SIZE)
+               len = FILE_PATH_SIZE;
+       memcpy(filename, Cmd, len);
+
+       if (strlen(filename) > 0) {
+               f = fopen(filename, "rb+");
+               if (!f) {
+                       PrintAndLog("Error: Could not open file [%s]", filename);
+                       return 1;
+               }
+               tag_mem_supplied = true;
+               size_t bytes_read = fread(c.d.asBytes, 4*64, 1, f);
+               if ( bytes_read == 0) {
+                       PrintAndLog("Error: File reading error");
+                       fclose(f);
+                       return 1;
+               }
+               fclose(f);
+       } else {
+               tag_mem_supplied = false;
+       }
 
-       PrintAndLog("Succesfully saved tag memory to [%s]",filename);
+       // Does the tag comes with memory
+       c.arg[0] = (uint32_t) tag_mem_supplied;
+       clearCommandBuffer();
+       SendCommand(&c);
        return 0;
 }
 
-static command_t CommandTable[] = {
+int CmdLFHitagCheckChallenges(const char *Cmd) {
+       UsbCommand c = { CMD_TEST_HITAGS_TRACES };
+       char filename[FILE_PATH_SIZE] = { 0x00 };
+       FILE* f;
+       bool file_given;
+       int len = strlen(Cmd);
+       if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;
+       memcpy(filename, Cmd, len);
+       
+       if (strlen(filename) > 0) {
+               f = fopen(filename,"rb+");
+               if( !f ) {
+                       PrintAndLog("Error: Could not open file [%s]", filename);
+                       return 1;
+               }
+               file_given = true;
+               size_t bytes_read = fread(c.d.asBytes, 8*60, 1, f);
+               if ( bytes_read == 0) {
+                       PrintAndLog("Error: File reading error");
+                       fclose(f);
+                       return 1;
+        }
+               fclose(f);
+       } else {
+               file_given = false;
+       }
+       
+       //file with all the challenges to try
+       c.arg[0] = (uint32_t)file_given;
+       clearCommandBuffer();
+       SendCommand(&c);
+       return 0;
+}
+
+int CmdLFHitagWP(const char *Cmd) {
+       UsbCommand c = { CMD_WR_HITAG_S };
+       hitag_data* htd = (hitag_data*)c.d.asBytes;
+       hitag_function htf = param_get32ex(Cmd,0,0,10);
+       switch (htf) {
+               case 03: { //WHTSF_CHALLENGE
+                       num_to_bytes(param_get64ex(Cmd,1,0,16),8,htd->auth.NrAr);
+                       c.arg[2]= param_get32ex(Cmd, 2, 0, 10);
+                       num_to_bytes(param_get32ex(Cmd,3,0,16),4,htd->auth.data);
+               } break;
+               case 04: { //WHTSF_KEY
+                       num_to_bytes(param_get64ex(Cmd,1,0,16),6,htd->crypto.key);
+                       c.arg[2]= param_get32ex(Cmd, 2, 0, 10);
+                       num_to_bytes(param_get32ex(Cmd,3,0,16),4,htd->crypto.data);
+
+               } break;
+               default: {
+                       PrintAndLog("Error: unkown writer function %d",htf);
+                       PrintAndLog("Hitag writer functions");
+                       PrintAndLog(" HitagS (0*)");
+                       PrintAndLog("  03 <nr,ar> (Challenge) <page> <byte0...byte3> write page on a Hitag S tag");
+                       PrintAndLog("  04 <key> (set to 0 if no authentication is needed) <page> <byte0...byte3> write page on a Hitag S tag");
+                       PrintAndLog(" Hitag1 (1*)");
+                       PrintAndLog(" Hitag2 (2*)");
+                       return 1;
+               } break;
+       }
+       // Copy the hitag function into the first argument
+       c.arg[0] = htf;
+
+       clearCommandBuffer();
+       SendCommand(&c);
+       UsbCommand resp;
+       WaitForResponse(CMD_ACK,&resp);
+
+       // Check the return status, stored in the first argument
+       if (resp.arg[0] == false) return 1;
+       return 0;
+}
+
+static command_t CommandTable[] = 
+{
        {"help",    CmdHelp,           1, "This help"},
        {"list",    CmdLFHitagList,    1, "<outfile> List Hitag trace history"},
        {"reader",  CmdLFHitagReader,  1, "Act like a Hitag Reader"},
        {"sim",     CmdLFHitagSim,     1, "<infile> Simulate Hitag transponder"},
        {"snoop",   CmdLFHitagSnoop,   1, "Eavesdrop Hitag communication"},
-       {NULL, NULL, 0, NULL}
+  {"writer",                   CmdLFHitagWP,      1, "Act like a Hitag Writer" },
+  {"simS",             CmdLFHitagSimS,    1, "<hitagS.hts> Simulate HitagS transponder" }, 
+  {"checkChallenges",  CmdLFHitagCheckChallenges,   1, "<challenges.cc> test all challenges" }, {
+                               NULL,NULL, 0, NULL }
 };
 
-int CmdLFHitag(const char *Cmd)
-{
+int CmdLFHitag(const char *Cmd) {
+       clearCommandBuffer();
        CmdsParse(CommandTable, Cmd);
        return 0;
 }
 
-int CmdHelp(const char *Cmd)
-{
+int CmdHelp(const char *Cmd) {
        CmdsHelp(CommandTable);
        return 0;
 }
Impressum, Datenschutz