}\r
}\r
\r
+static void CmdReset(char *str)\r
+{\r
+ UsbCommand c;\r
+ c.cmd = CMD_HARDWARE_RESET;\r
+ SendCommand(&c, FALSE);\r
+}\r
+\r
+\r
static void CmdQuit(char *str)\r
{\r
exit(0);\r
c.ext1 = atoi(str);\r
SendCommand(&c, FALSE);\r
}\r
+
+
+/* New command to read the contents of a SRI512 tag
+ * SRI512 tags are ISO14443-B modulated memory tags,
+ * this command just dumps the contents of the memory/
+ */
+static void CmdSri512read(char *str)
+{
+ UsbCommand c;\r
+ c.cmd = CMD_READ_SRI512_TAG;\r
+ c.ext1 = atoi(str);\r
+ SendCommand(&c, FALSE);
+}
\r
// ## New command\r
static void CmdHi14areader(char *str)\r
{\r
// The sampling rate is 106.353 ksps/s, for T = 18.8 us\r
\r
- // SOF defined as \r
+ // SOF defined as\r
// 1) Unmodulated time of 56.64us\r
// 2) 24 pulses of 423.75khz\r
// 3) logic '1' (unmodulated for 18.88us followed by 8 pulses of 423.75khz)\r
1, 1, 1, 1\r
};\r
\r
- // EOF defined as \r
+ // EOF defined as\r
// 1) logic '0' (8 pulses of 423.75khz followed by unmodulated for 18.88us)\r
// 2) 24 pulses of 423.75khz\r
// 3) Unmodulated time of 56.64us\r
* routine, feel free to improve...
*
* 1st argument: clock rate (as number of samples per clock rate)
+ * Typical values can be 64, 32, 128...
*/
static void Cmdmanchesterdemod(char *str) {
- int i;
+ int i, j;\r
+ int bit;\r
int clock;
int lastval;
+ int low = 0;\r
+ int high = 0;\r
+ int hithigh, hitlow, first;\r
int lc = 0;
int bitidx = 0;
- int bitidx2;
-
+ int bit2idx = 0;
+ int warnings = 0;\r
sscanf(str, "%i", &clock);
+ if (!clock)\r
+ {\r
+ PrintToScrollback("You must provide a clock rate.");\r
+ return;\r
+ }\r
int tolerance = clock/4;
- /* Holds the decoded bitstream. */
- int BitStream[MAX_GRAPH_TRACE_LEN*2];
- int BitStream2[MAX_GRAPH_TRACE_LEN];
+ /* Holds the decoded bitstream: each clock period contains 2 bits */
+ /* later simplified to 1 bit after manchester decoding. */
+ /* Add 10 bits to allow for noisy / uncertain traces without aborting */
+ /* int BitStream[GraphTraceLen*2/clock+10]; */
+ /* But it does not work if compiling on WIndows: therefore we just allocate a */
+ /* large array */
+ int BitStream[MAX_GRAPH_TRACE_LEN];
+
+ /* Detect high and lows */\r
+ for (i = 0; i < GraphTraceLen; i++)\r
+ {\r
+ if (GraphBuffer[i] > high)\r
+ high = GraphBuffer[i];\r
+ else if (GraphBuffer[i] < low)\r
+ low = GraphBuffer[i];\r
+ }\r
+\r
/* Detect first transition */
- /* Lo-Hi (arbitrary) */
- for(i=1;i<GraphTraceLen;i++) {
- if (GraphBuffer[i-1]<GraphBuffer[i]) {
+ /* Lo-Hi (arbitrary) */
+ for (i = 0; i < GraphTraceLen; i++)\r
+ {\r
+ if (GraphBuffer[i] == low)\r
+ {\r
+// BitStream[0]=0; // Previous state = 0;\r
lastval = i;
- BitStream[0]=0; // Previous state = 0;
break;
}
}
+//PrintToScrollback("cool %d %d %d %d", low, high, lastval, GraphBuffer[i]);\r
+\r
+ /* If we're not working with 1/0s, demod based off clock */\r
+ if (high != 1)\r
+ {\r
+ bit = 0;\r
+ for (i = 0; i < (GraphTraceLen / clock); i++)\r
+ {\r
+ hithigh = 0;\r
+ hitlow = 0;\r
+ first = 1;\r
+\r
+ /* Find out if we hit both high and low peaks */\r
+ for (j = 0; j < clock; j++)\r
+ {\r
+ if (GraphBuffer[(i * clock) + j] == high)\r
+ hithigh = 1;\r
+ else if (GraphBuffer[(i * clock) + j] == low)\r
+ hitlow = 1;\r
+\r
+ /* it doesn't count if it's the first part of our read\r
+ because it's really just trailing from the last sequence */\r
+ if (first && (hithigh || hitlow))\r
+ hithigh = hitlow = 0;\r
+ else\r
+ first = 0;\r
+\r
+ if (hithigh && hitlow)\r
+ break;\r
+ }\r
+\r
+ /* If we didn't hit both high and low peaks, we had a bit transition */\r
+ if (!hithigh || !hitlow)\r
+ bit ^= 1;\r
+\r
+ BitStream[bit2idx++] = bit;\r
+ }\r
+ }\r
+\r
+ /* standard 1/0 bitstream */\r
+ else\r
+ {\r
/* Then detect duration between 2 successive transitions */
- /* At this stage, GraphTrace is either 0 or 1 */
- for(bitidx = 1 ;i<GraphTraceLen;i++) {
- if (GraphBuffer[i-1] != GraphBuffer[i]) {
+ for (bitidx = 1; i < GraphTraceLen; i++)\r
+ {\r
+ if (GraphBuffer[i-1] != GraphBuffer[i])\r
+ {\r
lc = i-lastval;
lastval = i;
+\r
+ // Error check: if bitidx becomes too large, we do not
+ // have a Manchester encoded bitstream or the clock is really
+ // wrong!
+ if (bitidx > (GraphTraceLen*2/clock+8) ) {
+ PrintToScrollback("Error: the clock you gave is probably wrong, aborting.");
+ return;
+ }
// Then switch depending on lc length:
// Tolerance is 1/4 of clock rate (arbitrary)
- if ((lc-clock/2) < tolerance) {
- // Short pulse
+ if (abs(lc-clock/2) < tolerance) {
+ // Short pulse : either "1" or "0"
BitStream[bitidx++]=GraphBuffer[i-1];
- } else if ((lc-clock) < tolerance) {
- // Long pulse
+ } else if (abs(lc-clock) < tolerance) {
+ // Long pulse: either "11" or "00"
BitStream[bitidx++]=GraphBuffer[i-1];
BitStream[bitidx++]=GraphBuffer[i-1];
} else {
// Error
- PrintToScrollback("Warning: Manchester decode error for pulse width detection.");
+ warnings++;\r
+ PrintToScrollback("Warning: Manchester decode error for pulse width detection.");
PrintToScrollback("(too many of those messages mean either the stream is not Manchester encoded, or clock is wrong)");
+\r
+ if (warnings > 100)\r
+ {\r
+ PrintToScrollback("Error: too many detection errors, aborting.");\r
+ return;\r
+ }\r
}
}
}
// At this stage, we now have a bitstream of "01" ("1") or "10" ("0"), parse it into final decoded bitstream
- for (bitidx2 = 0; bitidx2<bitidx; bitidx2 += 2) {
- if ((BitStream[bitidx2] == 0) && (BitStream[bitidx2+1] == 1)) {
- BitStream2[bitidx2/2] = 1;
- } else if ((BitStream[bitidx2] == 1) && (BitStream[bitidx2+1] == 0)) {
- BitStream2[bitidx2/2] = 0;
+ // Actually, we overwrite BitStream with the new decoded bitstream, we just need to be careful
+ // to stop output at the final bitidx2 value, not bitidx
+ for (i = 0; i < bitidx; i += 2) {
+ if ((BitStream[i] == 0) && (BitStream[i+1] == 1)) {
+ BitStream[bit2idx++] = 1;
+ } else if ((BitStream[i] == 1) && (BitStream[i+1] == 0)) {
+ BitStream[bit2idx++] = 0;
} else {
- // We cannot end up in this stage, this means we are unsynchronized,
+ // We cannot end up in this state, this means we are unsynchronized,
// move up 1 bit:
- bitidx2++;
+ i++;
+ warnings++;\r
PrintToScrollback("Unsynchronized, resync...");
PrintToScrollback("(too many of those messages mean the stream is not Manchester encoded)");
+\r
+ if (warnings > 100)\r
+ {\r
+ PrintToScrollback("Error: too many decode errors, aborting.");\r
+ return;\r
+ }\r
}
}
- PrintToScrollback("Manchester decoded bitstream \n---------");
+ }\r
+\r
+ PrintToScrollback("Manchester decoded bitstream");\r
// Now output the bitstream to the scrollback by line of 16 bits
- for (i = 0; i<bitidx/2; i+=16) {
+ for (i = 0; i < (bit2idx-16); i+=16) {
PrintToScrollback("%i %i %i %i %i %i %i %i %i %i %i %i %i %i %i %i",
- BitStream2[i],
- BitStream2[i+1],
- BitStream2[i+2],
- BitStream2[i+3],
- BitStream2[i+4],
- BitStream2[i+5],
- BitStream2[i+6],
- BitStream2[i+7],
- BitStream2[i+8],
- BitStream2[i+9],
- BitStream2[i+10],
- BitStream2[i+11],
- BitStream2[i+12],
- BitStream2[i+13],
- BitStream2[i+14],
- BitStream2[i+15]);
+ BitStream[i],
+ BitStream[i+1],
+ BitStream[i+2],
+ BitStream[i+3],
+ BitStream[i+4],
+ BitStream[i+5],
+ BitStream[i+6],
+ BitStream[i+7],
+ BitStream[i+8],
+ BitStream[i+9],
+ BitStream[i+10],
+ BitStream[i+11],
+ BitStream[i+12],
+ BitStream[i+13],
+ BitStream[i+14],
+ BitStream[i+15]);
}
}
}\r
}\r
\r
+\r
+\r
static void CmdTest(char *str)\r
{\r
}\r
+
+/*
+ * Sets the divisor for LF frequency clock: lets the user choose any LF frequency below
+ * 600kHz.
+ */
+static void CmdSetDivisor(char *str)\r
+{\r
+ UsbCommand c;\r
+ c.cmd = CMD_SET_LF_DIVISOR;\r
+ c.ext1 = atoi(str);\r
+ if (( c.ext1<0) || (c.ext1>255)) {\r
+ PrintToScrollback("divisor must be between 19 and 255");\r
+ } else {\r
+ SendCommand(&c, FALSE);\r
+ PrintToScrollback("Divisor set, expected freq=%dHz", 12000000/(c.ext1+1));\r
+ }\r
+}\r
\r
+static void CmdSweepLF(char *str)\r
+{\r
+ UsbCommand c;\r
+ c.cmd = CMD_SWEEP_LF;\r
+ SendCommand(&c, FALSE);\r
+}\r
+
+
typedef void HandlerFunction(char *cmdline);\r
\r
static struct {\r
- char *name;\r
- HandlerFunction *handler;\r
- char *docString;\r
+ char *name;\r
+ HandlerFunction *handler;\r
+ int offline; // 1 if the command can be used when in offline mode\r
+ char *docString;
} CommandTable[] = {\r
- "tune", CmdTune, "measure antenna tuning",\r
- "tiread", CmdTiread, "read a TI-type 134 kHz tag",\r
- "tibits", CmdTibits, "get raw bits for TI-type LF tag",\r
- "tidemod", CmdTidemod, "demod raw bits for TI-type LF tag",\r
- "vchdemod", CmdVchdemod, "demod samples for VeriChip",\r
- "plot", CmdPlot, "show graph window",\r
- "hide", CmdHide, "hide graph window",\r
- "losim", CmdLosim, "simulate LF tag",\r
- "loread", CmdLoread, "read (125/134 kHz) LF ID-only tag",\r
- "losamples", CmdLosamples, "get raw samples for LF tag",\r
- "hisamples", CmdHisamples, "get raw samples for HF tag",\r
- "hisampless", CmdHisampless, "get signed raw samples, HF tag",\r
- "hisamplest", CmdHi14readt, "get samples HF, for testing",\r
- "higet", CmdHi14read_sim, "get samples HF, 'analog'",\r
- "bitsamples", CmdBitsamples, "get raw samples as bitstring",\r
- "hexsamples", CmdHexsamples, "dump big buffer as hex bytes",\r
- "hi15read", CmdHi15read, "read HF tag (ISO 15693)",\r
- "hi15reader", CmdHi15reader, "act like an ISO15693 reader", // new command greg\r
- "hi15sim", CmdHi15tag, "fake an ISO15693 tag", // new command greg\r
- "hi14read", CmdHi14read, "read HF tag (ISO 14443)",\r
- "hi14areader", CmdHi14areader, "act like an ISO14443 Type A reader", // ## New reader command\r
- "hi15demod", CmdHi15demod, "demod ISO15693 from tag",\r
- "hi14bdemod", CmdHi14bdemod, "demod ISO14443 Type B from tag",\r
- "autocorr", CmdAutoCorr, "autocorrelation over window",\r
- "norm", CmdNorm, "normalize max/min to +/-500",\r
- "dec", CmdDec, "decimate",\r
- "hpf", CmdHpf, "remove DC offset from trace",\r
- "zerocrossings", CmdZerocrossings, "count time between zero-crossings",\r
- "ltrim", CmdLtrim, "trim from left of trace",\r
- "scale", CmdScale, "set cursor display scale",\r
- "flexdemod", CmdFlexdemod, "demod samples for FlexPass",\r
- "indalademod", CmdIndalademod, "demod samples for Indala",\r
- "save", CmdSave, "save trace (from graph window)",\r
- "load", CmdLoad, "load trace (to graph window",\r
- "hisimlisten", CmdHisimlisten, "get HF samples as fake tag",\r
- "hi14sim", CmdHi14sim, "fake ISO 14443 tag",\r
- "hi14asim", CmdHi14asim, "fake ISO 14443a tag", // ## Simulate 14443a tag\r
- "hi14snoop", CmdHi14snoop, "eavesdrop ISO 14443",\r
- "hi14asnoop", CmdHi14asnoop, "eavesdrop ISO 14443 Type A", // ## New snoop command\r
- "hi14list", CmdHi14list, "list ISO 14443 history",\r
- "hi14alist", CmdHi14alist, "list ISO 14443a history", // ## New list command\r
- "hiddemod", CmdHiddemod, "HID Prox Card II (not optimal)",\r
- "hidfskdemod", CmdHIDdemodFSK, "HID FSK demodulator",\r
- "askdemod", Cmdaskdemod, "Attempt to demodulate simple ASK tags",
- "hidsimtag", CmdHIDsimTAG, "HID tag simulator",
- "mandemod", Cmdmanchesterdemod, "Try a Manchester demodulation on a binary stream",
- "fpgaoff", CmdFPGAOff, "set FPGA off", // ## FPGA Control\r
- "lcdreset", CmdLcdReset, "Hardware reset LCD",\r
- "lcd", CmdLcd, "Send command/data to LCD",\r
- "test", CmdTest, "Placeholder command for testing new code",\r
- "quit", CmdQuit, "quit program"\r
+ "tune", CmdTune,0, "measure antenna tuning",\r
+ "tiread", CmdTiread,0, "read a TI-type 134 kHz tag",\r
+ "tibits", CmdTibits,0, "get raw bits for TI-type LF tag",\r
+ "tidemod", CmdTidemod,0, "demod raw bits for TI-type LF tag",\r
+ "vchdemod", CmdVchdemod,0, "demod samples for VeriChip",\r
+ "plot", CmdPlot,1, "show graph window",\r
+ "hide", CmdHide,1, "hide graph window",\r
+ "losim", CmdLosim,0, "simulate LF tag",\r
+ "loread", CmdLoread,0, "read (125/134 kHz) LF ID-only tag",\r
+ "losamples", CmdLosamples,0, "get raw samples for LF tag",\r
+ "hisamples", CmdHisamples,0, "get raw samples for HF tag",\r
+ "hisampless", CmdHisampless,0, "get signed raw samples, HF tag",\r
+ "hisamplest", CmdHi14readt,0, "get samples HF, for testing",\r
+ "higet", CmdHi14read_sim,0, "get samples HF, 'analog'",\r
+ "bitsamples", CmdBitsamples,0, "get raw samples as bitstring",\r
+ "hexsamples", CmdHexsamples,0, "dump big buffer as hex bytes",\r
+ "hi15read", CmdHi15read,0, "read HF tag (ISO 15693)",\r
+ "hi15reader", CmdHi15reader,0, "act like an ISO15693 reader", // new command greg\r
+ "hi15sim", CmdHi15tag,0, "fake an ISO15693 tag", // new command greg\r
+ "hi14read", CmdHi14read,0, "read HF tag (ISO 14443)",\r
+ "sri512read", CmdSri512read,0, "Read contents of a SRI512 tag",\r
+ "hi14areader", CmdHi14areader,0, "act like an ISO14443 Type A reader", // ## New reader command\r
+ "hi15demod", CmdHi15demod,1, "demod ISO15693 from tag",\r
+ "hi14bdemod", CmdHi14bdemod,1, "demod ISO14443 Type B from tag",\r
+ "autocorr", CmdAutoCorr,1, "autocorrelation over window",\r
+ "norm", CmdNorm,1, "normalize max/min to +/-500",\r
+ "dec", CmdDec,1, "decimate",\r
+ "hpf", CmdHpf,1, "remove DC offset from trace",\r
+ "zerocrossings", CmdZerocrossings,1, "count time between zero-crossings",\r
+ "ltrim", CmdLtrim,1, "trim from left of trace",\r
+ "scale", CmdScale,1, "set cursor display scale",\r
+ "flexdemod", CmdFlexdemod,1, "demod samples for FlexPass",\r
+ "save", CmdSave,1, "save trace (from graph window)",\r
+ "load", CmdLoad,1, "load trace (to graph window",\r
+ "hisimlisten", CmdHisimlisten,0, "get HF samples as fake tag",\r
+ "hi14sim", CmdHi14sim,0, "fake ISO 14443 tag",\r
+ "hi14asim", CmdHi14asim,0, "fake ISO 14443a tag", // ## Simulate 14443a tag\r
+ "hi14snoop", CmdHi14snoop,0, "eavesdrop ISO 14443",\r
+ "hi14asnoop", CmdHi14asnoop,0, "eavesdrop ISO 14443 Type A", // ## New snoop command\r
+ "hi14list", CmdHi14list,0, "list ISO 14443 history",\r
+ "hi14alist", CmdHi14alist,0, "list ISO 14443a history", // ## New list command\r
+ "hiddemod", CmdHiddemod,1, "HID Prox Card II (not optimal)",\r
+ "hidfskdemod", CmdHIDdemodFSK,0, "HID FSK demodulator",\r
+ "indalademod", CmdIndalademod,0, "demod samples for Indala",\r
+ "askdemod", Cmdaskdemod,1, "Attempt to demodulate simple ASK tags",\r
+ "hidsimtag", CmdHIDsimTAG,0, "HID tag simulator",\r
+ "mandemod", Cmdmanchesterdemod,1, "Try a Manchester demodulation on a binary stream",\r
+ "fpgaoff", CmdFPGAOff,0, "set FPGA off", // ## FPGA Control\r
+ "lcdreset", CmdLcdReset,0, "Hardware reset LCD",\r
+ "lcd", CmdLcd,0, "Send command/data to LCD",\r
+ "setlfdivisor", CmdSetDivisor,0, "Drive LF antenna at 12Mhz/(divisor+1)",\r
+ "sweeplf", CmdSweepLF,0, "Sweep through LF freq range and store results in buffer",\r
+ "reset", CmdReset,0, "Reset the Proxmark3",\r
+ "quit", CmdQuit,1, "quit program"\r
};\r
\r
+\r
//-----------------------------------------------------------------------------\r
// Entry point into our code: called whenever the user types a command and\r
// then presses Enter, which the full command line that they typed.\r
PrintToScrollback("> %s", cmd);\r
\r
if(strcmp(cmd, "help")==0) {\r
+ if (offline) PrintToScrollback("Operating in OFFLINE mode (no device connected)");\r
PrintToScrollback("\r\nAvailable commands:");\r
for(i = 0; i < sizeof(CommandTable) / sizeof(CommandTable[0]); i++) {\r
+ if (offline && (CommandTable[i].offline==0)) continue;\r
char line[256];\r
memset(line, ' ', sizeof(line));\r
strcpy(line+2, CommandTable[i].name);\r
while(*cmd == ' ') {\r
cmd++;\r
}\r
+ if (offline && (CommandTable[i].offline==0)) {\r
+ PrintToScrollback("Offline mode, cannot use this command.");\r
+ return;\r
+ }\r
(CommandTable[i].handler)(cmd);\r
return;\r
}\r