X-Git-Url: http://cvs.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/e3c235654f60acf16d13581d952b4125a774cdcd..7843130a589d29acc2f27a3a96c057e01f881025:/client/cmdhfmf.c diff --git a/client/cmdhfmf.c b/client/cmdhfmf.c index 24d04dc2..d0852ea5 100644 --- a/client/cmdhfmf.c +++ b/client/cmdhfmf.c @@ -1433,27 +1433,60 @@ int CmdHF14AMfCSetUID(const char *Cmd) uint8_t wipeCard = 0; uint8_t uid[8] = {0x00}; uint8_t oldUid[8] = {0x00}; + uint8_t atqa[2] = {0x00}; + uint8_t sak[1] = {0x00}; + uint8_t atqaPresent = 1; int res; - - if (strlen(Cmd) < 1 || param_getchar(Cmd, 0) == 'h') { - PrintAndLog("Usage: hf mf csetuid "); - PrintAndLog("sample: hf mf csetuid 01020304 w"); - PrintAndLog("Set UID for magic Chinese card (only works with!!!)"); - PrintAndLog("If you want wipe card then add 'w' into command line. \n"); + char ctmp; + int argi=0; + + if (strlen(Cmd) < 1 || param_getchar(Cmd, argi) == 'h') { + PrintAndLog("Usage: hf mf csetuid [ATQA 4 hex symbols SAK 2 hex symbols] [w]"); + PrintAndLog("sample: hf mf csetuid 01020304"); + PrintAndLog("sample: hf mf csetuid 01020304 0004 08 w"); + PrintAndLog("Set UID, ATQA, and SAK for magic Chinese card (only works with such cards)"); + PrintAndLog("If you also want to wipe the card then add 'w' at the end of the command line."); return 0; - } + } - if (param_getchar(Cmd, 0) && param_gethex(Cmd, 0, uid, 8)) { + if (param_getchar(Cmd, argi) && param_gethex(Cmd, argi, uid, 8)) { PrintAndLog("UID must include 8 HEX symbols"); return 1; } + argi++; + + ctmp = param_getchar(Cmd, argi); + if (ctmp == 'w' || ctmp == 'W') { + wipeCard = 1; + atqaPresent = 0; + } + + if (atqaPresent) { + if (param_getchar(Cmd, argi)) { + if (param_gethex(Cmd, argi, atqa, 4)) { + PrintAndLog("ATQA must include 4 HEX symbols"); + return 1; + } + argi++; + if (!param_getchar(Cmd, argi) || param_gethex(Cmd, argi, sak, 2)) { + PrintAndLog("SAK must include 2 HEX symbols"); + return 1; + } + argi++; + } else + atqaPresent = 0; + } + + if(!wipeCard) { + ctmp = param_getchar(Cmd, argi); + if (ctmp == 'w' || ctmp == 'W') { + wipeCard = 1; + } + } - char ctmp = param_getchar(Cmd, 1); - if (ctmp == 'w' || ctmp == 'W') wipeCard = 1; - PrintAndLog("--wipe card:%s uid:%s", (wipeCard)?"YES":"NO", sprint_hex(uid, 4)); - res = mfCSetUID(uid, oldUid, wipeCard); + res = mfCSetUID(uid, (atqaPresent)?atqa:NULL, (atqaPresent)?sak:NULL, oldUid, wipeCard); if (res) { PrintAndLog("Can't set UID. error=%d", res); return 1; @@ -1765,15 +1798,16 @@ int CmdHF14AMfSniff(const char *Cmd){ int res = 0; int len = 0; int blockLen = 0; - int num = 0; int pckNum = 0; - uint8_t uid[7] = {0x00}; + int num = 0; + uint8_t uid[7]; uint8_t uid_len; uint8_t atqa[2] = {0x00}; uint8_t sak; bool isTag; - uint8_t buf[3000] = {0x00}; - uint8_t * bufPtr = buf; + uint8_t *buf = NULL; + uint16_t bufsize = 0; + uint8_t *bufPtr = NULL; char ctmp = param_getchar(Cmd, 0); if ( ctmp == 'h' || ctmp == 'H' ) { @@ -1816,32 +1850,47 @@ int CmdHF14AMfSniff(const char *Cmd){ break; } - UsbCommand resp; - if (WaitForResponseTimeout(CMD_ACK,&resp,2000)) { + UsbCommand resp; + if (WaitForResponseTimeout(CMD_ACK,&resp,2000)) { res = resp.arg[0] & 0xff; - len = resp.arg[1]; - num = resp.arg[2]; - - if (res == 0) return 0; - if (res == 1) { - if (num ==0) { + uint16_t traceLen = resp.arg[1]; + len = resp.arg[2]; + + if (res == 0) return 0; // we are done + + if (res == 1) { // there is (more) data to be transferred + if (pckNum == 0) { // first packet, (re)allocate necessary buffer + if (traceLen > bufsize) { + uint8_t *p; + if (buf == NULL) { // not yet allocated + p = malloc(traceLen); + } else { // need more memory + p = realloc(buf, traceLen); + } + if (p == NULL) { + PrintAndLog("Cannot allocate memory for trace"); + free(buf); + return 2; + } + buf = p; + } bufPtr = buf; - memset(buf, 0x00, 3000); + bufsize = traceLen; + memset(buf, 0x00, traceLen); } memcpy(bufPtr, resp.d.asBytes, len); bufPtr += len; pckNum++; } - if (res == 2) { + + if (res == 2) { // received all data, start displaying blockLen = bufPtr - buf; bufPtr = buf; printf(">\n"); PrintAndLog("received trace len: %d packages: %d", blockLen, pckNum); - num = 0; while (bufPtr - buf < blockLen) { - bufPtr += 6; + bufPtr += 6; // skip (void) timing information len = *((uint16_t *)bufPtr); - if(len & 0x8000) { isTag = true; len &= 0x7fff; @@ -1850,12 +1899,10 @@ int CmdHF14AMfSniff(const char *Cmd){ } bufPtr += 2; if ((len == 14) && (bufPtr[0] == 0xff) && (bufPtr[1] == 0xff) && (bufPtr[12] == 0xff) && (bufPtr[13] == 0xff)) { - memcpy(uid, bufPtr + 2, 7); memcpy(atqa, bufPtr + 2 + 7, 2); uid_len = (atqa[0] & 0xC0) == 0x40 ? 7 : 4; sak = bufPtr[11]; - PrintAndLog("tag select uid:%s atqa:0x%02x%02x sak:0x%02x", sprint_hex(uid + (7 - uid_len), uid_len), atqa[1], @@ -1873,18 +1920,21 @@ int CmdHF14AMfSniff(const char *Cmd){ AddLogHex(logHexFileName, isTag ? "TAG: ":"RDR: ", bufPtr, len); if (wantDecrypt) mfTraceDecode(bufPtr, len, wantSaveToEmlFile); + num++; } bufPtr += len; bufPtr += ((len-1)/8+1); // ignore parity - num++; } + pckNum = 0; } } // resp not NULL } // while (true) - + + free(buf); return 0; } + static command_t CommandTable[] = { {"help", CmdHelp, 1, "This help"},