X-Git-Url: http://cvs.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/52eeaef568ac6855f701c51a48d71a393cee3df9..a0a61c91ccefed75187e810cca0e3bcb319ecdcf:/client/cmdhf14a.c diff --git a/client/cmdhf14a.c b/client/cmdhf14a.c index 9f40e754..abb786f4 100644 --- a/client/cmdhf14a.c +++ b/client/cmdhf14a.c @@ -64,7 +64,7 @@ const manufactureName manufactureMapping[] = { { 0x17, "KSW Microtec GmbH Germany" }, { 0x18, "ZMD AG Germany" }, { 0x19, "XICOR, Inc. USA" }, - { 0x1A, "Sony Corporation Japan Identifier Company Country" }, + { 0x1A, "Sony Corporation Japan" }, { 0x1B, "Malaysia Microelectronic Solutions Sdn. Bhd Malaysia" }, { 0x1C, "Emosyn USA" }, { 0x1D, "Shanghai Fudan Microelectronics Co. Ltd. P.R. China" }, @@ -94,7 +94,7 @@ const manufactureName manufactureMapping[] = { { 0x35, "Fraunhofer Institute for Photonic Microsystems Germany" }, { 0x36, "IDS Microchip AG Switzerland" }, { 0x37, "Kovio USA" }, - { 0x38, "HMT Microelectronic Ltd Switzerland Identifier Company Country" }, + { 0x38, "HMT Microelectronic Ltd Switzerland" }, { 0x39, "Silicon Craft Technology Thailand" }, { 0x3A, "Advanced Film Device Inc. Japan" }, { 0x3B, "Nitecrest Ltd UK" }, @@ -106,7 +106,7 @@ const manufactureName manufactureMapping[] = { { 0x41, "Renesas Electronics Corporation Japan" }, { 0x42, "3Alogics Inc Korea" }, { 0x43, "Top TroniQ Asia Limited Hong Kong" }, - { 0x44, "Gentag Inc (USA) USA" }, + { 0x44, "Gentag Inc. USA" }, { 0x00, "no tag-info available" } // must be the last entry }; @@ -143,6 +143,7 @@ int usage_hf_14a_sim(void) { // PrintAndLog(" u : 4, 7 or 10 byte UID"); PrintAndLog(" u : 4, 7 byte UID"); PrintAndLog(" x : (Optional) performs the 'reader attack', nr/ar attack against a legitimate reader"); + PrintAndLog(" v : (Optional) show maths used for cracking reader. Useful for debugging."); PrintAndLog("\n sample : hf 14a sim t 1 u 11223344 x"); PrintAndLog(" : hf 14a sim t 1 u 11223344"); PrintAndLog(" : hf 14a sim t 1 u 11223344556677"); @@ -179,11 +180,12 @@ int CmdHF14AList(const char *Cmd) { } int CmdHF14AReader(const char *Cmd) { + UsbCommand cDisconnect = {CMD_READER_ISO_14443a, {0,0,0}}; UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0}}; clearCommandBuffer(); SendCommand(&c); UsbCommand resp; - WaitForResponse(CMD_ACK,&resp); + WaitForResponse(CMD_ACK, &resp); iso14a_card_select_t card; memcpy(&card, (iso14a_card_select_t *)resp.d.asBytes, sizeof(iso14a_card_select_t)); @@ -192,22 +194,14 @@ int CmdHF14AReader(const char *Cmd) { if(select_status == 0) { if (Cmd[0] != 's') PrintAndLog("iso14443a card select failed"); - // disconnect - c.arg[0] = 0; - c.arg[1] = 0; - c.arg[2] = 0; - SendCommand(&c); + SendCommand(&cDisconnect); return 0; } if(select_status == 3) { PrintAndLog("Card doesn't support standard iso14443-3 anticollision"); PrintAndLog("ATQA : %02x %02x", card.atqa[1], card.atqa[0]); - // disconnect - c.arg[0] = 0; - c.arg[1] = 0; - c.arg[2] = 0; - SendCommand(&c); + SendCommand(&cDisconnect); return 0; } @@ -218,13 +212,13 @@ int CmdHF14AReader(const char *Cmd) { switch (card.sak) { case 0x00: - //***************************************test**************** + // ******** is card of the MFU type (UL/ULC/NTAG/ etc etc) ul_switch_off_field(); uint32_t tagT = GetHF14AMfU_Type(); ul_print_type(tagT, 0); - //reconnect for further tests + // reconnect for further tests c.arg[0] = ISO14A_CONNECT | ISO14A_NO_DISCONNECT; c.arg[1] = 0; c.arg[2] = 0; @@ -233,7 +227,7 @@ int CmdHF14AReader(const char *Cmd) { SendCommand(&c); UsbCommand resp; - WaitForResponse(CMD_ACK,&resp); + WaitForResponse(CMD_ACK, &resp); memcpy(&card, (iso14a_card_select_t *)resp.d.asBytes, sizeof(iso14a_card_select_t)); @@ -243,27 +237,6 @@ int CmdHF14AReader(const char *Cmd) { ul_switch_off_field(); return 0; } - - /* orig - // check if the tag answers to GETVERSION (0x60) - c.arg[0] = ISO14A_RAW | ISO14A_APPEND_CRC | ISO14A_NO_DISCONNECT; - c.arg[1] = 1; - c.arg[2] = 0; - c.d.asBytes[0] = 0x60; - SendCommand(&c); - WaitForResponse(CMD_ACK,&resp); - - uint8_t version[10] = {0}; - memcpy(version, resp.d.asBytes, resp.arg[0] < sizeof(version) ? resp.arg[0] : sizeof(version)); - uint8_t len = resp.arg[0] & 0xff; - switch ( len){ - // todo, identify "Magic UL-C tags". // they usually have a static nonce response to 0x1A command. - // UL-EV1, size, check version[6] == 0x0b (smaller) 0x0b * 4 == 48 - case 0x0A:PrintAndLog("TYPE : NXP MIFARE Ultralight EV1 %d bytes", (version[6] == 0xB) ? 48 : 128); break; - case 0x01:PrintAndLog("TYPE : NXP MIFARE Ultralight C");break; - case 0x00:PrintAndLog("TYPE : NXP MIFARE Ultralight");break; - } - */ break; case 0x01: PrintAndLog("TYPE : NXP TNP3xxx Activision Game Appliance"); break; case 0x04: PrintAndLog("TYPE : NXP MIFARE (various !DESFire !DESFire EV1)"); break; @@ -379,59 +352,29 @@ int CmdHF14AReader(const char *Cmd) { PrintAndLog(" %02x -> Length is %d bytes", card.ats[pos + 1], card.ats[pos + 1]); switch (card.ats[pos + 2] & 0xf0) { - case 0x10: - PrintAndLog(" 1x -> MIFARE DESFire"); - break; - case 0x20: - PrintAndLog(" 2x -> MIFARE Plus"); - break; + case 0x10: PrintAndLog(" 1x -> MIFARE DESFire"); break; + case 0x20: PrintAndLog(" 2x -> MIFARE Plus"); break; } switch (card.ats[pos + 2] & 0x0f) { - case 0x00: - PrintAndLog(" x0 -> <1 kByte"); - break; - case 0x01: - PrintAndLog(" x1 -> 1 kByte"); - break; - case 0x02: - PrintAndLog(" x2 -> 2 kByte"); - break; - case 0x03: - PrintAndLog(" x3 -> 4 kByte"); - break; - case 0x04: - PrintAndLog(" x4 -> 8 kByte"); - break; + case 0x00: PrintAndLog(" x0 -> <1 kByte"); break; + case 0x01: PrintAndLog(" x1 -> 1 kByte"); break; + case 0x02: PrintAndLog(" x2 -> 2 kByte"); break; + case 0x03: PrintAndLog(" x3 -> 4 kByte"); break; + case 0x04: PrintAndLog(" x4 -> 8 kByte"); break; } switch (card.ats[pos + 3] & 0xf0) { - case 0x00: - PrintAndLog(" 0x -> Engineering sample"); - break; - case 0x20: - PrintAndLog(" 2x -> Released"); - break; + case 0x00: PrintAndLog(" 0x -> Engineering sample"); break; + case 0x20: PrintAndLog(" 2x -> Released"); break; } switch (card.ats[pos + 3] & 0x0f) { - case 0x00: - PrintAndLog(" x0 -> Generation 1"); - break; - case 0x01: - PrintAndLog(" x1 -> Generation 2"); - break; - case 0x02: - PrintAndLog(" x2 -> Generation 3"); - break; + case 0x00: PrintAndLog(" x0 -> Generation 1"); break; + case 0x01: PrintAndLog(" x1 -> Generation 2"); break; + case 0x02: PrintAndLog(" x2 -> Generation 3"); break; } switch (card.ats[pos + 4] & 0x0f) { - case 0x00: - PrintAndLog(" x0 -> Only VCSL supported"); - break; - case 0x01: - PrintAndLog(" x1 -> VCS, VCSL, and SVC supported"); - break; - case 0x0E: - PrintAndLog(" xE -> no VCS command supported"); - break; + case 0x00: PrintAndLog(" x0 -> Only VCSL supported"); break; + case 0x01: PrintAndLog(" x1 -> VCS, VCSL, and SVC supported"); break; + case 0x0E: PrintAndLog(" xE -> no VCS command supported"); break; } } } @@ -454,11 +397,7 @@ int CmdHF14AReader(const char *Cmd) { PrintAndLog("Answers to magic commands (GEN1): %s", (isOK ? "YES" : "NO") ); // disconnect - c.cmd = CMD_READER_ISO_14443a; - c.arg[0] = 0; - c.arg[1] = 0; - c.arg[2] = 0; - SendCommand(&c); + SendCommand(&cDisconnect); return select_status; } @@ -509,6 +448,7 @@ int CmdHF14ASim(const char *Cmd) { uint8_t uid[10] = {0,0,0,0,0,0,0,0,0,0}; int uidlen = 0; bool useUIDfromEML = TRUE; + bool verbose = false; while(param_getchar(Cmd, cmdp) != 0x00) { switch(param_getchar(Cmd, cmdp)) { @@ -539,6 +479,11 @@ int CmdHF14ASim(const char *Cmd) { } cmdp += 2; break; + case 'v': + case 'V': + verbose = true; + cmdp++; + break; case 'x': case 'X': flags |= FLAG_NR_AR_ATTACK; @@ -575,7 +520,7 @@ int CmdHF14ASim(const char *Cmd) { if ( (resp.arg[0] & 0xffff) != CMD_SIMULATE_MIFARE_CARD ) break; memcpy( data, resp.d.asBytes, sizeof(data) ); - readerAttack(data, TRUE); + readerAttack(data, TRUE, verbose); } return 0; } @@ -717,14 +662,17 @@ int CmdHF14ACmdRaw(const char *cmd) { c.arg[2] = 13560000 / 1000 / (8*16) * timeout; // timeout in ETUs (time to transfer 1 bit, approx. 9.4 us) } - if(power) + if(power) { c.arg[0] |= ISO14A_NO_DISCONNECT; - - if(datalen>0) + } + + if(datalen>0) { c.arg[0] |= ISO14A_RAW; - - if(topazmode) + } + + if(topazmode) { c.arg[0] |= ISO14A_TOPAZMODE; + } // Max buffer is USB_CMD_DATA_SIZE datalen = (datalen > USB_CMD_DATA_SIZE) ? USB_CMD_DATA_SIZE : datalen;