-int CmdHF14AMfSniff(const char *Cmd){\r
-\r
- bool wantLogToFile = 0;\r
- bool wantDecrypt = 0;\r
- //bool wantSaveToEml = 0; TODO\r
- bool wantSaveToEmlFile = 0;\r
-\r
- //var \r
- int tmpchar;\r
- int res = 0;\r
- int len = 0;\r
- int blockLen = 0;\r
- int pckNum = 0;\r
- int num = 0;\r
- uint8_t uid[7];\r
- uint8_t uid_len;\r
- uint8_t atqa[2] = {0x00};\r
- uint8_t sak;\r
- bool isTag;\r
- uint8_t *buf = NULL;\r
- uint16_t bufsize = 0;\r
- uint8_t *bufPtr = NULL;\r
- \r
- char ctmp = param_getchar(Cmd, 0);\r
- if ( ctmp == 'h' || ctmp == 'H' ) {\r
- PrintAndLog("It continuously gets data from the field and saves it to: log, emulator, emulator file.");\r
- PrintAndLog("You can specify:");\r
- PrintAndLog(" l - save encrypted sequence to logfile `uid.log`");\r
- PrintAndLog(" d - decrypt sequence and put it to log file `uid.log`");\r
- PrintAndLog(" n/a e - decrypt sequence, collect read and write commands and save the result of the sequence to emulator memory");\r
- PrintAndLog(" f - decrypt sequence, collect read and write commands and save the result of the sequence to emulator dump file `uid.eml`");\r
- PrintAndLog("Usage: hf mf sniff [l][d][e][f]");\r
- PrintAndLog(" sample: hf mf sniff l d e");\r
- return 0;\r
- } \r
- \r
- for (int i = 0; i < 4; i++) {\r
- ctmp = param_getchar(Cmd, i);\r
- if (ctmp == 'l' || ctmp == 'L') wantLogToFile = true;\r
- if (ctmp == 'd' || ctmp == 'D') wantDecrypt = true;\r
- //if (ctmp == 'e' || ctmp == 'E') wantSaveToEml = true; TODO\r
- if (ctmp == 'f' || ctmp == 'F') wantSaveToEmlFile = true;\r
- }\r
- \r
- printf("-------------------------------------------------------------------------\n");\r
- printf("Executing command. \n");\r
- printf("Press the key on the proxmark3 device to abort both proxmark3 and client.\n");\r
- printf("Press the key on pc keyboard to abort the client.\n");\r
- printf("-------------------------------------------------------------------------\n");\r
-\r
- UsbCommand c = {CMD_MIFARE_SNIFFER, {0, 0, 0}};\r
- clearCommandBuffer();\r
- SendCommand(&c);\r
-\r
- // wait cycle\r
- while (true) {\r
- printf(".");\r
- fflush(stdout);\r
- if (ukbhit()) {\r
- tmpchar = getchar();\r
- (void)tmpchar;\r
- printf("\naborted via keyboard!\n");\r
- break;\r
- }\r
- \r
- UsbCommand resp;\r
- if (WaitForResponseTimeout(CMD_ACK,&resp,2000)) {\r
- res = resp.arg[0] & 0xff;\r
- uint16_t traceLen = resp.arg[1];\r
- len = resp.arg[2];\r
-\r
- if (res == 0) {\r
- free(buf);\r
- return 0; // we are done\r
- }\r
-\r
- if (res == 1) { // there is (more) data to be transferred\r
- if (pckNum == 0) { // first packet, (re)allocate necessary buffer\r
- if (traceLen > bufsize) {\r
- uint8_t *p;\r
- if (buf == NULL) { // not yet allocated\r
- p = malloc(traceLen);\r
- } else { // need more memory\r
- p = realloc(buf, traceLen);\r
- }\r
- if (p == NULL) {\r
- PrintAndLog("Cannot allocate memory for trace");\r
- free(buf);\r
- return 2;\r
- }\r
- buf = p;\r
- }\r
- bufPtr = buf;\r
- bufsize = traceLen;\r
- memset(buf, 0x00, traceLen);\r
- }\r
- if (bufPtr == NULL) {\r
- PrintAndLog("Cannot allocate memory for trace");\r
- free(buf);\r
- return 2;\r
- }\r
- memcpy(bufPtr, resp.d.asBytes, len);\r
- bufPtr += len;\r
- pckNum++;\r
- }\r
-\r
- if (res == 2) { // received all data, start displaying\r
- blockLen = bufPtr - buf;\r
- bufPtr = buf;\r
- printf(">\n");\r
- PrintAndLog("received trace len: %d packages: %d", blockLen, pckNum);\r
- while (bufPtr - buf < blockLen) {\r
- bufPtr += 6; // skip (void) timing information\r
- len = *((uint16_t *)bufPtr);\r
- if(len & 0x8000) {\r
- isTag = true;\r
- len &= 0x7fff;\r
- } else {\r
- isTag = false;\r
- }\r
- bufPtr += 2;\r
- if ((len == 14) && (bufPtr[0] == 0xff) && (bufPtr[1] == 0xff) && (bufPtr[12] == 0xff) && (bufPtr[13] == 0xff)) {\r
- memcpy(uid, bufPtr + 2, 7);\r
- memcpy(atqa, bufPtr + 2 + 7, 2);\r
- uid_len = (atqa[0] & 0xC0) == 0x40 ? 7 : 4;\r
- sak = bufPtr[11];\r
- PrintAndLog("tag select uid:%s atqa:0x%02x%02x sak:0x%02x", \r
- sprint_hex(uid + (7 - uid_len), uid_len),\r
- atqa[1], \r
- atqa[0], \r
- sak);\r
- if (wantLogToFile || wantDecrypt) {\r
- FillFileNameByUID(logHexFileName, uid + (7 - uid_len), ".log", uid_len);\r
- AddLogCurrentDT(logHexFileName);\r
- } \r
- if (wantDecrypt) \r
- mfTraceInit(uid, atqa, sak, wantSaveToEmlFile);\r
- } else {\r
- PrintAndLog("%s(%d):%s", isTag ? "TAG":"RDR", num, sprint_hex(bufPtr, len));\r
- if (wantLogToFile) \r
- AddLogHex(logHexFileName, isTag ? "TAG: ":"RDR: ", bufPtr, len);\r
- if (wantDecrypt) \r
- mfTraceDecode(bufPtr, len, wantSaveToEmlFile);\r
- num++; \r
- }\r
- bufPtr += len;\r
- bufPtr += ((len-1)/8+1); // ignore parity\r
- }\r
- pckNum = 0;\r
- }\r
- } // resp not NULL\r
- } // while (true)\r
-\r
- free(buf);\r
- return 0;\r
-}\r
-\r