X-Git-Url: http://cvs.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/fff6d2a3ba4bd387517df9c3aaef14ec823e552e..0c97a4562dfc38dbda89277434b077d084e21588:/client/cmdlft55xx.c diff --git a/client/cmdlft55xx.c b/client/cmdlft55xx.c index f034ce5a..de0ade28 100644 --- a/client/cmdlft55xx.c +++ b/client/cmdlft55xx.c @@ -152,13 +152,15 @@ int usage_t55xx_wakup(){ int usage_t55xx_bruteforce(){ PrintAndLog("Usage: lf t55xx bruteforce [i <*.dic>]"); PrintAndLog(" password must be 4 bytes (8 hex symbols)"); + PrintAndLog("This command uses A) bruteforce to scan a number range"); + PrintAndLog(" B) a dictionary attack"); PrintAndLog("Options:"); PrintAndLog(" h - this help"); PrintAndLog(" i <*.dic> - loads a default keys dictionary file <*.dic>"); PrintAndLog(""); PrintAndLog("Examples:"); PrintAndLog(" lf t55xx bruteforce aaaaaaaa bbbbbbbb"); - PrintAndLog(" lf t55xx bruteforce i mykeys.dic"); + PrintAndLog(" lf t55xx bruteforce i default_pwd.dic"); PrintAndLog(""); return 0; } @@ -382,18 +384,22 @@ bool DecodeT55xxBlock(){ ans = ASKDemod(cmdStr, FALSE, FALSE, 1); break; case DEMOD_PSK1: - // skip first 160 samples to allow antenna to settle in (psk gets inverted occasionally otherwise) + // skip first 16 samples to allow antenna to settle in (psk gets inverted occasionally otherwise) + save_restoreGB(1); CmdLtrim("160"); snprintf(cmdStr, sizeof(buf),"%d %d 6", bitRate[config.bitrate], config.inverted ); ans = PSKDemod(cmdStr, FALSE); + save_restoreGB(0); break; case DEMOD_PSK2: //inverted won't affect this case DEMOD_PSK3: //not fully implemented // skip first 160 samples to allow antenna to settle in (psk gets inverted occasionally otherwise) + save_restoreGB(1); CmdLtrim("160"); snprintf(cmdStr, sizeof(buf),"%d 0 6", bitRate[config.bitrate] ); ans = PSKDemod(cmdStr, FALSE); psk1TOpsk2(DemodBuffer, DemodBufferLen); + save_restoreGB(1); break; case DEMOD_NRZ: snprintf(cmdStr, sizeof(buf),"%d %d 1", bitRate[config.bitrate], config.inverted ); @@ -1009,8 +1015,14 @@ int CmdT55xxInfo(const char *Cmd){ if (!DecodeT55xxBlock()) return 1; + // too little space to start with if ( DemodBufferLen < 32) return 1; + // + PrintAndLog("Offset+32 ==%d\n DemodLen == %d", config.offset + 32,DemodBufferLen ); + + + uint8_t si = config.offset; uint32_t bl0 = PackBits(si, 32, DemodBuffer); @@ -1315,7 +1327,7 @@ int CmdT55xxWipe(const char *Cmd) { if (!CmdT55xxWriteBlock(ptrData)) PrintAndLog("Error writing blk %d", blk); - memset(writeData, sizeof(writeData), 0x00); + memset(writeData,0x00, sizeof(writeData)); } return 0; } @@ -1394,6 +1406,12 @@ int CmdT55xxBruteForce(const char *Cmd) { uint64_t testpwd = 0x00; for (uint16_t c = 0; c < keycnt; ++c ) { + if (ukbhit()) { + getchar(); + printf("\naborted via keyboard!\n"); + return 0; + } + testpwd = bytes_to_num(keyBlock + 4*c, 4); PrintAndLog("Testing %08X", testpwd); @@ -1407,7 +1425,7 @@ int CmdT55xxBruteForce(const char *Cmd) { found = tryDetectModulation(); if ( found ) { - PrintAndLog("Found valid password:[%08X]", testpwd); + PrintAndLog("Found valid password: [%08X]", testpwd); return 0; } } @@ -1423,23 +1441,27 @@ int CmdT55xxBruteForce(const char *Cmd) { if ( start_password >= end_password ) return usage_t55xx_bruteforce(); - PrintAndLog("Search password range [%08X -> %08X]", start_password, end_password); + PrintAndLog("Search password range [%08X -> %08X]", start_password, end_password); uint32_t i = start_password; while ((!found) && (i <= end_password)){ + printf("."); + fflush(stdout); + if (ukbhit()) { + getchar(); + printf("\naborted via keyboard!\n"); + return 0; + } + if (!AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, TRUE, i)) { PrintAndLog("Aquireing data from device failed. Quitting"); return 0; } found = tryDetectModulation(); - if (found) - break; - - if ((i % 0x100) == 0) printf("[%08x], ",i); - + if (found) break; i++; } @@ -1448,7 +1470,7 @@ int CmdT55xxBruteForce(const char *Cmd) { if (found) PrintAndLog("Found valid password: [%08x]", i); else - PrintAndLog("Password NOT found. Last tried: [%08x]", i); + PrintAndLog("Password NOT found. Last tried: [%08x]", --i); return 0; }