]> cvs.zerfleddert.de Git - proxmark3-svn/commitdiff
MERGED: @holimans changes
authoriceman1001 <iceman@iuse.se>
Wed, 22 Jul 2015 21:00:52 +0000 (23:00 +0200)
committericeman1001 <iceman@iuse.se>
Wed, 22 Jul 2015 21:00:52 +0000 (23:00 +0200)
MERGED: @piwi changes
MERGED: @marshmellows changes.

I'm not even gonna try write up all that stuff..

ADD: changed some commands inside the "Hf 14a sim" on deviceside.
ADD: @mobeius "two nonce" version for mfkey32.   It is also inside the "hf 14a sim" with the "x" parameter.

37 files changed:
CHANGELOG.md
armsrc/BigBuf.c
armsrc/BigBuf.h
armsrc/Makefile
armsrc/appmain.c
armsrc/apps.h
armsrc/des.c
armsrc/desfire_crypto.c
armsrc/fpgaloader.c
armsrc/fpgaloader.h
armsrc/iso14443a.c
armsrc/iso14443a.h
armsrc/iso14443b.c
armsrc/legicrf.c
armsrc/lfops.c
armsrc/lfsampling.c
armsrc/lfsampling.h
armsrc/mifarecmd.h
armsrc/mifaresniff.h
armsrc/mifareutil.h
bootrom/bootrom.c
client/cmdhf14a.c
client/cmdhfmfu.c
client/cmdhw.c
client/cmdlfawid.c
client/flash.c
client/flasher.c
client/hid-flasher/usb_cmd.h
client/lualibs/commands.lua
client/scripts/mifare_autopwn.lua
common/iso14443crc.c
common/iso14443crc.h
common/iso15693tools.c
common/legic_prng.c
common/usb_cdc.c
common/usb_cdc.h
include/usb_cmd.h

index cb2df85ec14cd6667193a43dc3ac9a02af90be56..5b7247c2aa83d7b9fb43ac62681e0a3a5985316e 100644 (file)
@@ -5,16 +5,22 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
 ## [unreleased][unreleased]
 
 ### Added
+- ISO14443a stand-alone operation with ARM CFLAG="WITH_ISO14443a_StandAlone". This code can read & emulate two banks of 14a tag UIDs and write to "magic" cards  (Craig Young) 
 - AWID26 command context added as 'lf awid' containing realtime demodulation as well as cloning/simulation based on tag numbers (Craig Young)
+- Added 'hw status'. This command makes the ARM print out some runtime information. (holiman) 
+- Added 'hw ping'. This command just sends a usb packets and checks if the pm3 is responsive. Can be used to abort certain operations which supports abort over usb. (holiman)
 
 ### Changed
 - Changed lf config's `threshold` to a graph (signed) metric and it will trigger on + or - value set to. (example: set to 50 and recording would begin at first graphed value of >= 50 or <= -50) (marshmellow)
 - EPA functions (`hf epa`) now support both ISO 14443-A and 14443-B cards (frederikmoellers)
+- 'hw version' only talks to ARM at startup, after that the info is cached. (pwpiwi)
 
 ## [2.2.0][2015-07-12]
 
+### Changed
+- Added `hf 14b raw -s` option to auto select a 14b std tag before raw command 
 - Changed `hf 14b write` to `hf 14b sriwrite` as it only applied to sri tags (marshmellow)
-- Added `hf 14b reader` to `hf search` (marshmellow)
+- Added `hf 14b info` to `hf search` (marshmellow)
 - Added compression of fpga config and data, *BOOTROM REFLASH REQUIRED* (piwi)
 - Implemented better detection of mifare-tags that are not vulnerable to classic attacks (`hf mf mifare`, `hf mf nested`) (piwi)
 
index e8cf8028e9551e5716e6b19c22dee4ac9b4964d0..3499d7c76b7221854e274a14e637f4c31c347f51 100644 (file)
@@ -88,6 +88,16 @@ void BigBuf_free_keep_EM(void)
        }
 }
 
+void BigBuf_print_status(void)
+{
+       Dbprintf("Memory");
+       Dbprintf("  BIGBUF_SIZE.............%d", BIGBUF_SIZE);
+       Dbprintf("  BigBuf_hi  .............%d", BigBuf_hi);
+       Dbprintf("Tracing");
+       Dbprintf("  tracing ................%d", tracing);
+       Dbprintf("  traceLen ...............%d", traceLen);
+}
+
 
 // return the maximum trace length (i.e. the unallocated size of BigBuf)
 uint16_t BigBuf_max_traceLen(void)
@@ -168,8 +178,12 @@ bool RAMFUNC LogTrace(const uint8_t *btBytes, uint16_t iLen, uint32_t timestamp_
        traceLen += iLen;
 
        // parity bytes
-       if (parity != NULL && iLen != 0) {
+       if (iLen != 0) {
+               if (parity != NULL) {
                        memcpy(trace + traceLen, parity, num_paritybytes);
+               } else {
+                       memset(trace + traceLen, 0x00, num_paritybytes);
+               }
        }
        traceLen += num_paritybytes;
 
@@ -218,6 +232,7 @@ int LogTraceHitag(const uint8_t * btBytes, int iBits, int iSamples, uint32_t dwP
 
        return TRUE;
 }
+
 // Emulator memory
 uint8_t emlSet(uint8_t *data, uint32_t offset, uint32_t length){
        uint8_t* mem = BigBuf_get_EM_addr();
index 0e2f174479b5db5a2110fe057f80bf5dba31d638..b859ffda9f1c4ab78f591fc8deaee4741f83046e 100644 (file)
@@ -28,9 +28,9 @@ extern void BigBuf_Clear(void);
 extern uint8_t *BigBuf_malloc(uint16_t);
 extern void BigBuf_free(void);
 extern void BigBuf_free_keep_EM(void);
-
+extern void BigBuf_print_status(void);
 extern uint16_t BigBuf_get_traceLen(void);
-extern void clear_trace();
+extern void clear_trace(void);
 extern void set_tracing(bool enable);
 extern bool RAMFUNC LogTrace(const uint8_t *btBytes, uint16_t iLen, uint32_t timestamp_start, uint32_t timestamp_end, uint8_t *parity, bool readerToTag);
 extern int LogTraceHitag(const uint8_t * btBytes, int iBits, int iSamples, uint32_t dwParity, int bReader);
index 16b984293bd35ae31ea25661151c9fba01820f0e..3559e4826efcd83e2865298200eec16589fa6afe 100644 (file)
@@ -10,7 +10,7 @@ APP_INCLUDES = apps.h
 
 #remove one of the following defines and comment out the relevant line
 #in the next section to remove that particular feature from compilation  
-APP_CFLAGS     = -DWITH_LF -DWITH_ISO15693 -DWITH_ISO14443a -DWITH_ISO14443b -DWITH_ICLASS -DWITH_LEGICRF -DWITH_HITAG  -DWITH_CRC -DON_DEVICE \
+APP_CFLAGS     = -DWITH_ISO14443a_StandAlone -DWITH_LF -DWITH_ISO15693 -DWITH_ISO14443a -DWITH_ISO14443b -DWITH_ICLASS -DWITH_LEGICRF -DWITH_HITAG  -DWITH_CRC -DON_DEVICE \
                                -fno-strict-aliasing -ffunction-sections -fdata-sections
 #-DWITH_LCD 
 
index 6996c82edcf5e350060f0af10f769c6d13b6a8e0..03e6eba2f1f630b37e338adb2f0aebb8800e0d17 100644 (file)
 #include <hitag2.h>
 #include "lfsampling.h"
 #include "BigBuf.h"
+#include "mifareutil.h"
 #ifdef WITH_LCD
  #include "LCD.h"
 #endif
 
+// Craig Young - 14a stand-alone code
+#ifdef WITH_ISO14443a_StandAlone
+ #include "iso14443a.h"
+#endif
+
 #define abs(x) ( ((x)<0) ? -(x) : (x) )
 
 //=============================================================================
@@ -39,7 +45,7 @@
 
 #define TOSEND_BUFFER_SIZE (9*MAX_FRAME_SIZE + 1 + 1 + 2)  // 8 data bits and 1 parity bit per payload byte, 1 correction bit, 1 SOC bit, 2 EOC bits 
 uint8_t ToSend[TOSEND_BUFFER_SIZE];
-int ToSendMax;
+int ToSendMax = 0;
 static int ToSendBit;
 struct common_area common_area __attribute__((section(".commonarea")));
 
@@ -180,7 +186,7 @@ void MeasureAntennaTuning(void)
        int i, adcval = 0, peak = 0, peakv = 0, peakf = 0; //ptr = 0 
        int vLf125 = 0, vLf134 = 0, vHf = 0;    // in mV
 
-  LED_B_ON();
+       LED_B_ON();
 
 /*
  * Sweeps the useful LF range of the proxmark from
@@ -212,17 +218,17 @@ void MeasureAntennaTuning(void)
 
        for (i=18; i >= 0; i--) LF_Results[i] = 0;
        
-  LED_A_ON();
+       LED_A_ON();
        // Let the FPGA drive the high-frequency antenna around 13.56 MHz.
-       FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
+       FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
        FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_READER_RX_XCORR);
        SpinDelay(20);
        vHf = (MAX_ADC_HF_VOLTAGE * AvgAdc(ADC_CHAN_HF)) >> 10;
 
        cmd_send(CMD_MEASURED_ANTENNA_TUNING, vLf125 | (vLf134<<16), vHf, peakf | (peakv<<16), LF_Results, 256);
        FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
-  LED_A_OFF();
-  LED_B_OFF();
+       LED_A_OFF();
+       LED_B_OFF();
   return;
 }
 
@@ -292,19 +298,27 @@ void SendVersion(void)
        uint32_t compressed_data_section_size = common_area.arg1;
        cmd_send(CMD_ACK, *(AT91C_DBGU_CIDR), text_and_rodata_section_size + compressed_data_section_size, 0, VersionString, strlen(VersionString));
 }
-
-#ifdef WITH_LF
-// samy's sniff and repeat routine
-void SamyRun()
+/**
+  * Prints runtime information about the PM3.
+**/
+void SendStatus(void)
 {
-       DbpString("Stand-alone mode! No PC necessary.");
-       FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
+       BigBuf_print_status();
+       Fpga_print_status();
+       printConfig(); //LF Sampling config
+       Dbprintf("Various");
+       Dbprintf("  MF_DBGLEVEL......%d", MF_DBGLEVEL);
+       Dbprintf("  ToSendMax........%d",ToSendMax);
+       Dbprintf("  ToSendBit........%d",ToSendBit);
+}
 
-       // 3 possible options? no just 2 for now
-#define OPTS 2
+#if defined(WITH_ISO14443a_StandAlone) || defined(WITH_LF)
 
-       int high[OPTS], low[OPTS];
+#define OPTS 2
 
+void StandAloneMode()
+{
+       DbpString("Stand-alone mode! No PC necessary.");
        // Oooh pretty -- notify user we're in elite samy mode now
        LED(LED_RED,    200);
        LED(LED_ORANGE, 200);
@@ -316,6 +330,216 @@ void SamyRun()
        LED(LED_ORANGE, 200);
        LED(LED_RED,    200);
 
+}
+
+#endif
+
+
+
+#ifdef WITH_ISO14443a_StandAlone
+void StandAloneMode14a()
+{
+       StandAloneMode();
+       FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
+
+       int selected = 0;
+       int playing = 0;
+       int cardRead[OPTS] = {0};
+       uint8_t readUID[10] = {0};
+       uint32_t uid_1st[OPTS]={0};
+       uint32_t uid_2nd[OPTS]={0};
+
+       LED(selected + 1, 0);
+
+       for (;;)
+       {
+               usb_poll();
+               WDT_HIT();
+
+               // Was our button held down or pressed?
+               int button_pressed = BUTTON_HELD(1000);
+               SpinDelay(300);
+
+               // Button was held for a second, begin recording
+               if (button_pressed > 0 && cardRead[selected] == 0)
+               {
+                       LEDsoff();
+                       LED(selected + 1, 0);
+                       LED(LED_RED2, 0);
+
+                       // record
+                       Dbprintf("Enabling iso14443a reader mode for [Bank: %u]...", selected);
+
+                       // wait for button to be released
+                       while(BUTTON_PRESS())
+                               WDT_HIT();
+                       /* need this delay to prevent catching some weird data */
+                       SpinDelay(500);
+                       /* Code for reading from 14a tag */
+                       uint8_t uid[10]  ={0};
+                       uint32_t cuid;
+                       iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD);
+
+                       for ( ; ; )
+                       {
+                               WDT_HIT();
+                               if (!iso14443a_select_card(uid, NULL, &cuid))
+                                       continue;
+                               else
+                               {
+                                       Dbprintf("Read UID:"); Dbhexdump(10,uid,0);
+                                       memcpy(readUID,uid,10*sizeof(uint8_t));
+                                       uint8_t *dst = (uint8_t *)&uid_1st[selected];
+                                       // Set UID byte order
+                                       for (int i=0; i<4; i++)
+                                               dst[i] = uid[3-i];
+                                       dst = (uint8_t *)&uid_2nd[selected];
+                                       for (int i=0; i<4; i++)
+                                               dst[i] = uid[7-i];
+                                       break;
+                               }
+                       }
+                       LEDsoff();
+                       LED(LED_GREEN,  200);
+                       LED(LED_ORANGE, 200);
+                       LED(LED_GREEN,  200);
+                       LED(LED_ORANGE, 200);
+
+                       LEDsoff();
+                       LED(selected + 1, 0);
+                       // Finished recording
+
+                       // If we were previously playing, set playing off
+                       // so next button push begins playing what we recorded
+                       playing = 0;
+
+                       cardRead[selected] = 1;
+
+               }
+               /* MF UID clone */
+               else if (button_pressed > 0 && cardRead[selected] == 1)
+               {
+                                       LEDsoff();
+                                       LED(selected + 1, 0);
+                                       LED(LED_ORANGE, 250);
+
+
+                                       // record
+                                       Dbprintf("Preparing to Clone card [Bank: %x]; uid: %08x", selected, uid_1st[selected]);
+
+                                       // wait for button to be released
+                                       while(BUTTON_PRESS())
+                                       {
+                                               // Delay cloning until card is in place
+                                               WDT_HIT();
+                                       }
+                                       Dbprintf("Starting clone. [Bank: %u]", selected);
+                                       // need this delay to prevent catching some weird data
+                                       SpinDelay(500);
+                                       // Begin clone function here:
+                                       /* Example from client/mifarehost.c for commanding a block write for "magic Chinese" cards:
+                                                       UsbCommand c = {CMD_MIFARE_CSETBLOCK, {wantWipe, params & (0xFE | (uid == NULL ? 0:1)), blockNo}};
+                                                       memcpy(c.d.asBytes, data, 16);
+                                                       SendCommand(&c);
+
+                                               Block read is similar:
+                                                       UsbCommand c = {CMD_MIFARE_CGETBLOCK, {params, 0, blockNo}};
+                                               We need to imitate that call with blockNo 0 to set a uid.
+
+                                               The get and set commands are handled in this file:
+                                                       // Work with "magic Chinese" card
+                                                       case CMD_MIFARE_CSETBLOCK:
+                                                                       MifareCSetBlock(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);
+                                                                       break;
+                                                       case CMD_MIFARE_CGETBLOCK:
+                                                                       MifareCGetBlock(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);
+                                                                                                       //
+                                                                       break;
+
+                                               mfCSetUID provides example logic for UID set workflow:
+                                                       -Read block0 from card in field with MifareCGetBlock()
+                                                       -Configure new values without replacing reserved bytes
+                                                                       memcpy(block0, uid, 4); // Copy UID bytes from byte array
+                                                                       // Mifare UID BCC
+                                                                       block0[4] = block0[0]^block0[1]^block0[2]^block0[3]; // BCC on byte 5
+                                                                       Bytes 5-7 are reserved SAK and ATQA for mifare classic
+                                                       -Use mfCSetBlock(0, block0, oldUID, wantWipe, CSETBLOCK_SINGLE_OPER) to write it
+                                       */
+                                       uint8_t oldBlock0[16] = {0}, newBlock0[16] = {0}, testBlock0[16] = {0};
+                                       // arg0 = Flags == CSETBLOCK_SINGLE_OPER=0x1F, arg1=returnSlot, arg2=blockNo
+                                       MifareCGetBlock(0x1F, 1, 0, oldBlock0);
+                                       Dbprintf("UID from target tag: %02X%02X%02X%02X", oldBlock0[0],oldBlock0[1],oldBlock0[2],oldBlock0[3]);
+                                       memcpy(newBlock0,oldBlock0,16);
+                                       // Copy uid_1st for bank (2nd is for longer UIDs not supported if classic)
+
+                                       newBlock0[0] = uid_1st[selected]>>24;
+                                       newBlock0[1] = 0xFF & (uid_1st[selected]>>16);
+                                       newBlock0[2] = 0xFF & (uid_1st[selected]>>8);
+                                       newBlock0[3] = 0xFF & (uid_1st[selected]);
+                                       newBlock0[4] = newBlock0[0]^newBlock0[1]^newBlock0[2]^newBlock0[3];
+                                       // arg0 = needWipe, arg1 = workFlags, arg2 = blockNo, datain
+                                       MifareCSetBlock(0, 0xFF,0, newBlock0);
+                                       MifareCGetBlock(0x1F, 1, 0, testBlock0);
+                                       if (memcmp(testBlock0,newBlock0,16)==0)
+                                       {
+                                               DbpString("Cloned successfull!");
+                                               cardRead[selected] = 0; // Only if the card was cloned successfully should we clear it
+                                       }
+                                       LEDsoff();
+                                       LED(selected + 1, 0);
+                                       // Finished recording
+
+                                       // If we were previously playing, set playing off
+                                       // so next button push begins playing what we recorded
+                                       playing = 0;
+
+               }
+               // Change where to record (or begin playing)
+               else if (button_pressed && cardRead[selected])
+               {
+                       // Next option if we were previously playing
+                       if (playing)
+                               selected = (selected + 1) % OPTS;
+                       playing = !playing;
+
+                       LEDsoff();
+                       LED(selected + 1, 0);
+
+                       // Begin transmitting
+                       if (playing)
+                       {
+                               LED(LED_GREEN, 0);
+                               DbpString("Playing");
+                               while (!BUTTON_HELD(500)) { // Loop simulating tag until the button is held a half-sec
+                                               Dbprintf("Simulating ISO14443a tag with uid[0]: %08x, uid[1]: %08x [Bank: %u]", uid_1st[selected],uid_2nd[selected],selected);
+                                               SimulateIso14443aTag(1,uid_1st[selected],uid_2nd[selected],NULL);
+                                       }
+                               //cardRead[selected] = 1;
+                               Dbprintf("Done playing [Bank: %u]",selected);
+
+                               /* We pressed a button so ignore it here with a delay */
+                               SpinDelay(300);
+
+                               // when done, we're done playing, move to next option
+                               selected = (selected + 1) % OPTS;
+                               playing = !playing;
+                               LEDsoff();
+                               LED(selected + 1, 0);
+                       }
+                       else
+                               while(BUTTON_PRESS())
+                                       WDT_HIT();
+               }
+       }
+}
+#elif WITH_LF
+// samy's sniff and repeat routine
+void SamyRun()
+{
+       StandAloneMode();
+       FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
+
+       int high[OPTS], low[OPTS];
        int selected = 0;
        int playing = 0;
        int cardRead = 0;
@@ -439,8 +663,8 @@ void SamyRun()
                }
        }
 }
-#endif
 
+#endif
 /*
 OBJECTIVE
 Listen and detect an external reader. Determine the best location
@@ -667,6 +891,7 @@ void UsbPacketReceived(uint8_t *packet, int len)
                        break;
                case CMD_T55XX_WRITE_BLOCK:
                        T55xxWriteBlock(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes[0]);
+                       cmd_send(CMD_ACK,0,0,0,0,0);
                        break;
                case CMD_T55XX_READ_TRACE:
                        T55xxReadTrace();
@@ -954,7 +1179,12 @@ void UsbPacketReceived(uint8_t *packet, int len)
                case CMD_VERSION:
                        SendVersion();
                        break;
-
+               case CMD_STATUS:
+                       SendStatus();
+                       break;
+               case CMD_PING:
+                       cmd_send(CMD_ACK,0,0,0,0,0);
+                       break;
 #ifdef WITH_LCD
                case CMD_LCD_RESET:
                        LCDReset();
@@ -1053,8 +1283,16 @@ void  __attribute__((noreturn)) AppMain(void)
                WDT_HIT();
 
 #ifdef WITH_LF
+#ifndef WITH_ISO14443a_StandAlone
                if (BUTTON_HELD(1000) > 0)
                        SamyRun();
+#endif
+#endif
+#ifdef WITH_ISO14443a
+#ifdef WITH_ISO14443a_StandAlone
+               if (BUTTON_HELD(1000) > 0)
+                       StandAloneMode14a();
+#endif
 #endif
        }
 }
index a2812428b400f0f00ccfefa4a6f74efd52152cf7..bb777eab552c292fd1b384e7d3fc354736bedf56 100644 (file)
 #include <stdint.h>
 #include <stddef.h>
 #include <stdlib.h>
-#include <sys/types.h>
-#include <string.h>
-#include <strings.h>
-#include "../common/crc32.h"
-#include "../common/lfdemod.h"
+#include <sys/types.h> 
+#include "common.h"
+#include "crc32.h"
+#include "lfdemod.h"
 #include "BigBuf.h"
 #include "fpgaloader.h"
 #include "hitag2.h"
index 172b32358dbf38aa96f30a25dcd0e118105d1634..e72ebb2af5b18a138bb4f97d8e0f5771a8f86150 100644 (file)
@@ -409,7 +409,6 @@ void tdes_dec(void* out, void* in, const uint8_t* key){
 
        uint8_t i;
        unsigned char temp[8];
-
        uint8_t* tin = (uint8_t*) in;
        uint8_t* tout = (uint8_t*) out;
        
@@ -432,6 +431,7 @@ void tdes_dec(void* out, void* in, const uint8_t* key){
        }
  }
 
+
 /******************************************************************************/
 
 
index 9ea07371f9d2fa84d5e13abfbbd304a2e84674e6..8bb8034838afb89e82fad9e7378e0dda11c9636f 100644 (file)
@@ -27,9 +27,8 @@
  */
 #include "desfire_crypto.h"
 
-static void      xor (const uint8_t *ivect, uint8_t *data, const size_t len);
-
-static size_t    key_macing_length (desfirekey_t key);
+static void xor (const uint8_t *ivect, uint8_t *data, const size_t len);
+static size_t key_macing_length (desfirekey_t key);
 
 static void xor (const uint8_t *ivect, uint8_t *data, const size_t len) {
     for (size_t i = 0; i < len; i++) {
index f85065507e69c7de0463ee7e65fe27fe7e45be52..b4117e82c113c23889c0bc8044266d1f14da56e7 100644 (file)
@@ -560,3 +560,11 @@ void SetAdcMuxFor(uint32_t whichGpio)
 
        HIGH(whichGpio);
 }
+
+void Fpga_print_status(void)
+{
+       Dbprintf("Fgpa");
+       if(downloaded_bitstream == FPGA_BITSTREAM_HF) Dbprintf("  mode.............HF");
+       else if(downloaded_bitstream == FPGA_BITSTREAM_LF) Dbprintf("  mode.............LF");
+       else Dbprintf("  mode.............%d", downloaded_bitstream);
+}
index 0bad38094b62d355dc6cd13fb427b8c3c9310876..52d6c67780388ab6f94b1893c337139af9f729de 100644 (file)
@@ -17,6 +17,7 @@ void FpgaGatherVersion(int bitstream_version, char *dst, int len);
 void FpgaSetupSsc(void);
 void SetupSpi(int mode);
 bool FpgaSetupSscDma(uint8_t *buf, int len);
+void Fpga_print_status();
 #define FpgaDisableSscDma(void)        AT91C_BASE_PDC_SSC->PDC_PTCR = AT91C_PDC_RXTDIS;
 #define FpgaEnableSscDma(void) AT91C_BASE_PDC_SSC->PDC_PTCR = AT91C_PDC_RXTEN;
 void SetAdcMuxFor(uint32_t whichGpio);
index 9b7efaf6834bb5e4e98b4ca72be5470348c35607..38688a07f9d9bb4eb260406fc799164fd04baf1a 100644 (file)
@@ -565,16 +565,18 @@ void RAMFUNC SniffIso14443a(uint8_t param) {
        // param:
        // bit 0 - trigger from first card answer
        // bit 1 - trigger from first reader 7-bit request
-       
        LEDsoff();
 
-
        iso14443a_setup(FPGA_HF_ISO14443A_SNIFFER);
        
        // Allocate memory from BigBuf for some buffers
        // free all previous allocations first
        BigBuf_free();
-
+       
+       // init trace buffer
+       clear_trace();
+       set_tracing(TRUE);
+       
        // The command (reader -> tag) that we're receiving.
        uint8_t *receivedCmd = BigBuf_malloc(MAX_FRAME_SIZE);
        uint8_t *receivedCmdPar = BigBuf_malloc(MAX_PARITY_SIZE);
@@ -586,10 +588,6 @@ void RAMFUNC SniffIso14443a(uint8_t param) {
        // The DMA buffer, used to stream samples from the FPGA
        uint8_t *dmaBuf = BigBuf_malloc(DMA_BUFFER_SIZE);
 
-       // init trace buffer
-       clear_trace();
-       set_tracing(TRUE);
-
        uint8_t *data = dmaBuf;
        uint8_t previous_data = 0;
        int maxDataLen = 0;
@@ -715,12 +713,11 @@ void RAMFUNC SniffIso14443a(uint8_t param) {
                }
        } // main cycle
 
-       DbpString("COMMAND FINISHED");
-
        FpgaDisableSscDma();
+       LEDsoff();
+
        Dbprintf("maxDataLen=%d, Uart.state=%x, Uart.len=%d", maxDataLen, Uart.state, Uart.len);
        Dbprintf("traceLen=%d, Uart.output[0]=%08x", BigBuf_get_traceLen(), (uint32_t)Uart.output[0]);
-       LEDsoff();
 }
 
 //-----------------------------------------------------------------------------
@@ -1276,6 +1273,16 @@ void SimulateIso14443aTag(int tagType, int flags, int uid_2nd, byte_t* data)
                                                                ar_nr_responses[8], // AR2
                                                                ar_nr_responses[9]  // NR2
                                                        );
+                                                       Dbprintf("../tools/mfkey/mfkey32v2 %06x%08x %08x %08x %08x %08x %08x %08x",
+                                                               ar_nr_responses[0], // UID1
+                                                               ar_nr_responses[1], // UID2
+                                                               ar_nr_responses[2], // NT1
+                                                               ar_nr_responses[3], // AR1
+                                                               ar_nr_responses[4], // NR1
+                                                               ar_nr_responses[7], // NT2
+                                                               ar_nr_responses[8], // AR2
+                                                               ar_nr_responses[9]  // NR2
+                                                               );
                                        }
                                        uint8_t len = ar_nr_collected*5*4;
                                        cmd_send(CMD_ACK,CMD_SIMULATE_MIFARE_CARD,len,0,&ar_nr_responses,len);
@@ -1298,9 +1305,15 @@ void SimulateIso14443aTag(int tagType, int flags, int uid_2nd, byte_t* data)
                else {
                        // Check for ISO 14443A-4 compliant commands, look at left nibble
                        switch (receivedCmd[0]) {
-
+                               case 0x02:
+                               case 0x03: {  // IBlock (command no CID)
+                                       dynamic_response_info.response[0] = receivedCmd[0];
+                                       dynamic_response_info.response[1] = 0x90;
+                                       dynamic_response_info.response[2] = 0x00;
+                                       dynamic_response_info.response_n = 3;
+                               } break;
                                case 0x0B:
-                               case 0x0A: { // IBlock (command)
+                               case 0x0A: { // IBlock (command CID)
                                  dynamic_response_info.response[0] = receivedCmd[0];
                                  dynamic_response_info.response[1] = 0x00;
                                  dynamic_response_info.response[2] = 0x90;
@@ -1320,15 +1333,17 @@ void SimulateIso14443aTag(int tagType, int flags, int uid_2nd, byte_t* data)
                                  dynamic_response_info.response_n = 2;
                                } break;
                                  
-                               case 0xBA: { //
-                                 memcpy(dynamic_response_info.response,"\xAB\x00",2);
-                                 dynamic_response_info.response_n = 2;
+                               case 0xBA: { // ping / pong
+                                       dynamic_response_info.response[0] = 0xAB;
+                                       dynamic_response_info.response[1] = 0x00;
+                                       dynamic_response_info.response_n = 2;
                                } break;
 
                                case 0xCA:
                                case 0xC2: { // Readers sends deselect command
-                                 memcpy(dynamic_response_info.response,"\xCA\x00",2);
-                                 dynamic_response_info.response_n = 2;
+                                       dynamic_response_info.response[0] = 0xCA;
+                                       dynamic_response_info.response[1] = 0x00;
+                                       dynamic_response_info.response_n = 2;
                                } break;
 
                                default: {
@@ -1815,7 +1830,6 @@ static int GetIso14443aAnswerFromTag(uint8_t *receivedResponse, uint8_t *receive
        }
 }
 
-
 void ReaderTransmitBitsPar(uint8_t* frame, uint16_t bits, uint8_t *par, uint32_t *timing)
 {
        CodeIso14443aBitsAsReaderPar(frame, bits, par);
@@ -1831,13 +1845,11 @@ void ReaderTransmitBitsPar(uint8_t* frame, uint16_t bits, uint8_t *par, uint32_t
        }
 }
 
-
 void ReaderTransmitPar(uint8_t* frame, uint16_t len, uint8_t *par, uint32_t *timing)
 {
   ReaderTransmitBitsPar(frame, len*8, par, timing);
 }
 
-
 void ReaderTransmitBits(uint8_t* frame, uint16_t len, uint32_t *timing)
 {
   // Generate parity and redirect
@@ -1846,7 +1858,6 @@ void ReaderTransmitBits(uint8_t* frame, uint16_t len, uint32_t *timing)
   ReaderTransmitBitsPar(frame, len, par, timing);
 }
 
-
 void ReaderTransmit(uint8_t* frame, uint16_t len, uint32_t *timing)
 {
   // Generate parity and redirect
@@ -2914,6 +2925,16 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
                                        ar_nr_responses[8], // AR2
                                        ar_nr_responses[9]  // NR2
                                        );
+                       Dbprintf("../tools/mfkey/mfkey32v2 %06x%08x %08x %08x %08x %08x %08x %08x",
+                                       ar_nr_responses[0], // UID1
+                                       ar_nr_responses[1], // UID2
+                                       ar_nr_responses[2], // NT1
+                                       ar_nr_responses[3], // AR1
+                                       ar_nr_responses[4], // NR1
+                                       ar_nr_responses[7], // NT2
+                                       ar_nr_responses[8], // AR2
+                                       ar_nr_responses[9]  // NR2
+                                       );
                } else {
                        Dbprintf("Failed to obtain two AR/NR pairs!");
                        if(ar_nr_collected > 0 ) {
@@ -3067,6 +3088,7 @@ void RAMFUNC SniffMifare(uint8_t param) {
 
                                        // And reset the Miller decoder including its (now outdated) input buffer
                                        UartInit(receivedCmd, receivedCmdPar);
+                                       // why not UartReset?
                                }
                                TagIsActive = (Demod.state != DEMOD_UNSYNCD);
                        }
@@ -3081,11 +3103,8 @@ void RAMFUNC SniffMifare(uint8_t param) {
 
        } // main cycle
 
-       DbpString("COMMAND FINISHED");
-
        FpgaDisableSscDma();
        MfSniffEnd();
-       
-       Dbprintf("maxDataLen=%x, Uart.state=%x, Uart.len=%x", maxDataLen, Uart.state, Uart.len);
        LEDsoff();
+       Dbprintf("maxDataLen=%x, Uart.state=%x, Uart.len=%x", maxDataLen, Uart.state, Uart.len);
 }
index 3344de4327a5a7d8fba8e2edb595547d54c39e64..81871dc7128230dd82c48ff36a6de471920b1c2b 100644 (file)
@@ -12,8 +12,8 @@
 
 #ifndef __ISO14443A_H
 #define __ISO14443A_H
-#include "../include/common.h"
-#include "../include/mifare.h"
+#include "common.h"
+#include "mifare.h"
 #include "mifaresniff.h"
 
 typedef struct {
index daa219cea399520b889554b8f2a874146c452ed7..fb8b4d66bd9e9aa67386cf156687e688f9eb9839 100644 (file)
@@ -525,6 +525,7 @@ static struct {
  *          false if we are still waiting for some more
  *
  */
+ #define abs(x) ( ((x)<0) ? -(x) : (x) )
 static RAMFUNC int Handle14443bSamplesDemod(int ci, int cq)
 {
        int v = 0;
index d11436ec72c21905bf89c19764012b3148e80536..074a0f7896333bc5ece3020bb63aaa989029eecc 100644 (file)
@@ -8,14 +8,14 @@
 // LEGIC RF simulation code
 //-----------------------------------------------------------------------------
 
-#include "../include/proxmark3.h"
+#include "proxmark3.h"
 #include "apps.h"
 #include "util.h"
 #include "string.h"
 
 #include "legicrf.h"
-#include "../include/legic_prng.h"
-#include "../common/crc.h"
+#include "legic_prng.h"
+#include "crc.h"
 
 static struct legic_frame {
        int bits;
index b10b0c030aa885d1fbe59a0c3b2a0193edda45e2..0cdd12d5002de72196c2ac1fe15617e45f3c69bd 100644 (file)
@@ -402,7 +402,7 @@ void SimulateTagLowFrequency(int period, int gap, int ledcontrol)
        for(;;) {
                //wait until SSC_CLK goes HIGH
                while(!(AT91C_BASE_PIOA->PIO_PDSR & GPIO_SSC_CLK)) {
-                       if(BUTTON_PRESS() || usb_poll()) {
+                       if(BUTTON_PRESS() || (usb_poll_validate_length() )) {
                                DbpString("Stopped");
                                return;
                        }
index f858dc1c4e00eb7bc5a209af632c886b7412f9c3..635934ef64fee23bf631c3f7c53c5902df239dab 100644 (file)
@@ -17,7 +17,7 @@ sample_config config = { 1, 8, 1, 95, 0 } ;
 
 void printConfig()
 {
-       Dbprintf("Sampling config: ");
+       Dbprintf("LF Sampling config: ");
        Dbprintf("  [q] divisor:           %d ", config.divisor);
        Dbprintf("  [b] bps:               %d ", config.bits_per_sample);
        Dbprintf("  [d] decimation:        %d ", config.decimation);
index 6c671ec8ca7a295b49a2d9200401a3ca69d49753..7d3925cddfff0d70e7032da25b3284276abd3e0d 100644 (file)
@@ -56,4 +56,8 @@ void LFSetupFPGAForADC(int divisor, bool lf_field);
 void setSamplingConfig(sample_config *sc);
 
 sample_config * getSamplingConfig();
+
+void printConfig();
+
+
 #endif // LFSAMPLING_H
index 2c5a7e3fcf6484d3783dac57d0b7c9e0634a438f..3c00a3437b25fc9c48764f96b996a8b2fca86e76 100644 (file)
 #ifndef __MIFARECMD_H\r
 #define __MIFARECMD_H\r
 \r
-#include "../include/proxmark3.h"\r
+#include "proxmark3.h"\r
 #include "apps.h"\r
 #include "util.h"\r
 #include "string.h"\r
 \r
-#include "../common/iso14443crc.h"\r
+#include "iso14443crc.h"\r
 #include "iso14443a.h"\r
 #include "crapto1.h"\r
 #include "mifareutil.h"\r
-#include "../include/common.h"\r
+#include "common.h"\r
+\r
 \r
 #endif
\ No newline at end of file
index aa2a860f7bcf174b69769f1db4c3d4cc40d651ef..22daffee7b04ec74247b493c99addeb9088e4859 100644 (file)
 #ifndef __MIFARESNIFF_H\r
 #define __MIFARESNIFF_H\r
 \r
-#include "../include/proxmark3.h"\r
+#include "proxmark3.h"\r
 #include "apps.h"\r
 #include "util.h"\r
 #include "string.h"\r
 \r
-#include "../common/iso14443crc.h"\r
+#include "iso14443crc.h"\r
 #include "iso14443a.h"\r
 #include "crapto1.h"\r
 #include "mifareutil.h"\r
-#include "../include/common.h"\r
+#include "common.h"\r
 \r
 #define SNF_INIT                               0\r
 #define SNF_NO_FIELD           1\r
index 679b68d694334aeb01edd7be039b24ea718f3740..bf965d40757272bdfcabb7fd8808a2497befd48b 100644 (file)
@@ -8,6 +8,7 @@
 //-----------------------------------------------------------------------------\r
 // code for work with mifare cards.\r
 //-----------------------------------------------------------------------------\r
+#include "crapto1.h"\r
 \r
 #ifndef __MIFAREUTIL_H\r
 #define __MIFAREUTIL_H\r
index 7f4aa17811290496b314434b1e54b5bc082b6fb6..b522a1640365ad74adcbbd83cacfb646070494eb 100644 (file)
@@ -148,7 +148,7 @@ void UsbPacketReceived(uint8_t *packet, int len) {
         while(!((sr = AT91C_BASE_EFC0->EFC_FSR) & AT91C_MC_FRDY));
         if(sr & (AT91C_MC_LOCKE | AT91C_MC_PROGE)) {
           dont_ack = 1;
-          cmd_send(CMD_NACK,0,0,0,0,0);
+          cmd_send(CMD_NACK,sr,0,0,0,0);
         }
       }
     } break;
index 8d6afadd8feb59d9863f60886ba42c4ec21fd136..8a6e6afdd03009be5e6bf26416d51a56470a66e2 100644 (file)
@@ -549,6 +549,7 @@ int CmdHF14ASim(const char *Cmd)
                                int len = (resp.arg[1] > sizeof(data)) ? sizeof(data) : resp.arg[1];
                                memcpy(data, resp.d.asBytes, len);
                                tryMfk32(uid, data, key);
+                               tryMfk32_moebius(uid, data, key);
                                //tryMfk64(uid, data, key);
                                PrintAndLog("--");
                        }
@@ -726,6 +727,7 @@ int CmdHF14ACmdRaw(const char *cmd) {
     c.arg[1] = (datalen & 0xFFFF) | (numbits << 16);
     memcpy(c.d.asBytes,data,datalen);
 
+       clearCommandBuffer();
     SendCommand(&c);
 
     if (reply) {
index 3b577061b9cacf49ecf60815bd083754c96a23fd..41ee59c11e413595879d0ea93a704621b342e2c6 100644 (file)
@@ -1813,13 +1813,13 @@ int CmdHF14AMfuGenDiverseKeys(const char *Cmd){
 
 int CmdHF14AMfuELoad(const char *Cmd)
 {
-       FILE * f;
-       char filename[FILE_PATH_SIZE];
-       char *fnameptr = filename;
-       char buf[64] = {0x00};
-       uint8_t buf8[64] = {0x00};
-       int i, len, blockNum, numBlocks;
-       int nameParamNo = 1;
+       //FILE * f;
+       //char filename[FILE_PATH_SIZE];
+       //char *fnameptr = filename;
+       //char buf[64] = {0x00};
+       //uint8_t buf8[64] = {0x00};
+       //int i, len, blockNum, numBlocks;
+       //int nameParamNo = 1;
        
        char ctmp = param_getchar(Cmd, 0);
                
index 0152f35443945537609dd3ee35aad0de78b5b339..5f25241cafe1f91a80e1cc2a41c8936511901d52 100644 (file)
@@ -405,22 +405,45 @@ int CmdTune(const char *Cmd)
 int CmdVersion(const char *Cmd)
 {
 
+       clearCommandBuffer();
   UsbCommand c = {CMD_VERSION};
        static UsbCommand resp = {0, {0, 0, 0}};
-       
+
        if (resp.arg[0] == 0 && resp.arg[1] == 0) { // no cached information available
   SendCommand(&c);
-               if (WaitForResponseTimeout(CMD_ACK,&resp,1000) && Cmd != NULL) {
-                       PrintAndLog("Prox/RFID mark3 RFID instrument");
-                       PrintAndLog((char*)resp.d.asBytes);
-                       lookupChipID(resp.arg[0], resp.arg[1]);
-               }
-       } else if (Cmd != NULL) {
+       if (WaitForResponseTimeout(CMD_ACK,&resp,1000)) {
                PrintAndLog("Prox/RFID mark3 RFID instrument");
                PrintAndLog((char*)resp.d.asBytes);
                lookupChipID(resp.arg[0], resp.arg[1]);
        }
-       
+       } else {
+               PrintAndLog("[[[ Cached information ]]]\n");
+               PrintAndLog("Prox/RFID mark3 RFID instrument");
+               PrintAndLog((char*)resp.d.asBytes);
+               lookupChipID(resp.arg[0], resp.arg[1]);
+               PrintAndLog("");
+       }
+       return 0;
+}
+
+int CmdStatus(const char *Cmd)
+{
+       UsbCommand c = {CMD_STATUS};
+       SendCommand(&c);
+       return 0;
+}
+
+int CmdPing(const char *Cmd)
+{
+       clearCommandBuffer();
+       UsbCommand resp;
+       UsbCommand c = {CMD_PING};
+       SendCommand(&c);
+       if (WaitForResponseTimeout(CMD_ACK,&resp,1000)) {
+               PrintAndLog("Ping successfull");
+       }else{
+               PrintAndLog("Ping failed");
+       }
   return 0;
 }
 
@@ -437,6 +460,8 @@ static command_t CommandTable[] =
   {"setmux",        CmdSetMux,      0, "<loraw|hiraw|lopkd|hipkd> -- Set the ADC mux to a specific value"},
   {"tune",          CmdTune,        0, "Measure antenna tuning"},
   {"version",       CmdVersion,     0, "Show version information about the connected Proxmark"},
+       {"status",        CmdStatus,      0, "Show runtime status information about the connected Proxmark"},
+       {"ping",          CmdPing,        0, "Test if the pm3 is responsive"},
   {NULL, NULL, 0, NULL}
 };
 
index 233eb72c9a511cd2fc89efe66862926968d5784c..5fdbf65498fa46cdafc9a5b92f37c399621f35a1 100644 (file)
@@ -16,7 +16,7 @@
 #include "cmdparser.h"  // CmdsParse, CmdsHelp
 #include "cmdlfawid.h"  // AWID function declarations
 #include "lfdemod.h"    // parityTest
-
+#include "cmdmain.h"
 static int CmdHelp(const char *Cmd);
 
 
@@ -69,6 +69,7 @@ int CmdAWIDDemodFSK(const char *Cmd)
   if (Cmd[0]=='h' || Cmd[0] == 'H') return usage_lf_awid_fskdemod();
   UsbCommand c={CMD_AWID_DEMOD_FSK};
   c.arg[0]=findone;
+  clearCommandBuffer();
   SendCommand(&c);
   return 0;   
 }
@@ -167,17 +168,18 @@ int CmdAWIDSim(const char *Cmd)
   c.arg[2] = 96; // Bitstream length: 96-bits == 12 bytes
   for (i=0; i < 96; i++)
     c.d.asBytes[i] = (BS[i/8] & (1<<(7-(i%8))))?1:0;
-  SendCommand(&c);
+  clearCommandBuffer();
+    SendCommand(&c);
   return 0;
 }
 
 int CmdAWIDClone(const char *Cmd)
 {
+clearCommandBuffer();
   uint32_t fc=0,cn=0,blocks[4] = {0x00107060, 0, 0, 0x11111111}, i=0;
   uint8_t BitStream[12];
   uint8_t *BS=BitStream;
-  UsbCommand c;
-  
+       UsbCommand c, resp;
 
   if (sscanf(Cmd, "%u %u", &fc, &cn ) != 2) {
     return usage_lf_awid_clone();
@@ -206,6 +208,11 @@ int CmdAWIDClone(const char *Cmd)
       c.arg[1] = i;
       c.arg[2] = 0;
       SendCommand(&c);
+                       if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000)){
+                               PrintAndLog("Error occurred, device did not respond during write operation.");
+                               return -1;
+                       }
+
     }
   }
   return 0;
index 4e222ece2c213a3c898f8ecfb60890256dc3e63a..d2163d9a0c1334c6f6636c27a5bb88005adacde9 100644 (file)
@@ -17,6 +17,7 @@
 #include "elf.h"
 #include "proxendian.h"
 #include "usb_cmd.h"
+#include "at91sam7s512.h"
 
 void SendCommand(UsbCommand* txcmd);
 void ReceiveCommand(UsbCommand* rxcmd);
@@ -352,12 +353,11 @@ static int enter_bootloader(char *serial_port_name)
        return -1;
 }
 
-static int wait_for_ack(void)
+static int wait_for_ack(UsbCommand *ack)
 {
-  UsbCommand ack;
-       ReceiveCommand(&ack);
-       if (ack.cmd != CMD_ACK) {
-               printf("Error: Unexpected reply 0x%04"llx" (expected ACK)\n", ack.cmd);
+       ReceiveCommand(ack);
+       if (ack->cmd != CMD_ACK) {
+               printf("Error: Unexpected reply 0x%04"llx" (expected ACK)\n", ack->cmd);
                return -1;
        }
        return 0;
@@ -389,7 +389,7 @@ int flash_start_flashing(int enable_bl_writes,char *serial_port_name)
                        c.arg[2] = 0;
                }
                SendCommand(&c);
-               return wait_for_ack();
+               return wait_for_ack(&c);
        } else {
                fprintf(stderr, "Note: Your bootloader does not understand the new START_FLASH command\n");
                fprintf(stderr, "      It is recommended that you update your bootloader\n\n");
@@ -409,7 +409,18 @@ static int write_block(uint32_t address, uint8_t *data, uint32_t length)
        c.arg[0] = address;
        memcpy(c.d.asBytes, block_buf, length);
   SendCommand(&c);
-  return wait_for_ack();
+       int ret = wait_for_ack(&c);
+       if (ret && c.arg[0]) {
+               uint32_t lock_bits = c.arg[0] >> 16;
+               bool lock_error = c.arg[0] & AT91C_MC_LOCKE;
+               bool prog_error = c.arg[0] & AT91C_MC_PROGE;
+               bool security_bit = c.arg[0] & AT91C_MC_SECURITY;
+               printf("%s", lock_error?"       Lock Error\n":"");
+               printf("%s", prog_error?"       Invalid Command or bad Keyword\n":"");
+               printf("%s", security_bit?"       Security Bit is set!\n":"");
+               printf("       Lock Bits:      0x%04x\n", lock_bits);
+       }
+       return ret;
 }
 
 // Write a file's segments to Flash
index e982ecf19141f474e3f90a858b80848c55d22f74..c273c1f383b759c76a008669d91f1300c30134e7 100644 (file)
@@ -13,7 +13,7 @@
 #include "proxmark3.h"
 #include "flash.h"
 #include "uart.h"
-#include "../include/usb_cmd.h"
+#include "usb_cmd.h"
 
 #ifdef _WIN32
 # define unlink(x)
index 9a84186c9f5f9f2bcb19d7ebdf43a5eda1c595c1..dfada01dfbe9be0f4a3b7a56f846f60f4687b18b 100644 (file)
@@ -50,6 +50,9 @@ typedef struct {
 #define CMD_BUFF_CLEAR                                                    0x0105
 #define CMD_READ_MEM                                                      0x0106
 #define CMD_VERSION                                                       0x0107
+#define CMD_STATUS                                                                                                               0x0108
+#define CMD_PING                                                                                                                 0x0109
 
 // For low-frequency tags
 #define CMD_READ_TI_TYPE                                                  0x0202
index 1407f4be1b9f065079fbb8d449df81c533350b6a..1d4bd806fbaf45452aa044692135f2ab07ee9fa2 100644 (file)
@@ -20,7 +20,8 @@ local _commands = {
        CMD_BUFF_CLEAR =                                                     0x0105,
        CMD_READ_MEM =                                                       0x0106,
        CMD_VERSION =                                                        0x0107,
-
+       CMD_STATUS =                                                         0x0108,
+       CMD_PING =                                                           0x0109,
        --// For low-frequency tags
        CMD_READ_TI_TYPE =                                                   0x0202,
        CMD_WRITE_TI_TYPE =                                                  0x0203,
index eb98ffbf753809d64188a47448286e5760735498..9cc865f0172f41ab099bf8ebd7836c72cb72a7cc 100644 (file)
@@ -88,10 +88,33 @@ function mfcrack_inner()
        while not core.ukbhit() do              
                local result = core.WaitForResponseTimeout(cmds.CMD_ACK,1000)
                if result then
-                       -- Unpacking the three arg-parameters
-                       local count,cmd,isOK = bin.unpack('LL',result)
 
-                       if isOK ~= 1 then return nil, "Error occurred" end
+                       --[[
+                       I don't understand, they cmd and args are defined as uint32_t, however, 
+                       looking at the returned data, they all look like 64-bit things: 
+
+                       print("result", bin.unpack("HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH", result))
+
+                       FF      00      00      00      00      00      00      00      <-- 64 bits of data
+                       FE      FF      FF      FF      00      00      00      00      <-- 64 bits of data
+                       00      00      00      00      00      00      00      00      <-- 64 bits of data
+                       00      00      00      00      00      00      00      00      <-- 64 bits of data
+                       04      7F      12      E2      00             <-- this is where 'data' starts
+
+                       So below I use LI to pick out the "FEFF FFFF", don't know why it works.. 
+                       --]]
+                       -- Unpacking the arg-parameters
+                       local count,cmd,isOK = bin.unpack('LI',result)
+                       --print("response", isOK)--FF FF FF FF
+                       if isOK == 0xFFFFFFFF then
+                               return nil, "Button pressed. Aborted."
+                       elseif isOK == 0xFFFFFFFE then
+                               return nil, "Card is not vulnerable to Darkside attack (doesn't send NACK on authentication requests). You can try 'script run mfkeys' or 'hf mf chk' to test various known keys."
+                       elseif isOK == 0xFFFFFFFD then
+                               return nil, "Card is not vulnerable to Darkside attack (its random number generator is not predictable). You can try 'script run mfkeys' or 'hf mf chk' to test various known keys."
+                       elseif isOK ~= 1 then 
+                               return nil, "Error occurred" 
+                       end
 
 
                        -- The data-part is left
index 851546ae239df0d728ecd73bf0367fae1c82e0fe..a6def1a91be2df84675660c67ec636ecc3ba4b55 100644 (file)
@@ -6,7 +6,7 @@
 // ISO14443 CRC calculation code.
 //-----------------------------------------------------------------------------
 
-#include "../common/iso14443crc.h"
+#include "iso14443crc.h"
 
 static unsigned short UpdateCrc14443(unsigned char ch, unsigned short *lpwCrc)
 {
index 80941116332a81430091eadb7c08b5cc39d57a91..87347714dbe6be95f1570320efe2512e0f79d05f 100644 (file)
@@ -8,7 +8,7 @@
 
 #ifndef __ISO14443CRC_H
 #define __ISO14443CRC_H
-#include "../include/common.h"
+#include "common.h"
 
 //-----------------------------------------------------------------------------
 // Routines to compute the CRCs (two different flavours, just for confusion)
index 0ec5492b996d8897513b34e3a85b7f2adf9fd3d8..26e636ca7b0c27d90dee14bf3f79d70168fd546c 100644 (file)
@@ -7,7 +7,7 @@
 //-----------------------------------------------------------------------------
 
 
-#include "../include/proxmark3.h"
+#include "proxmark3.h"
 #include <stdint.h>
 #include <stdlib.h>
 //#include "iso15693tools.h"
index 322429ad716266924d72507ce02c248ac654dd38..4f3b1ffee1167ab51a067502451cb4e634c88cef 100644 (file)
@@ -6,7 +6,7 @@
 // LEFIC's obfuscation function
 //-----------------------------------------------------------------------------
 
-#include "../include/legic_prng.h"
+#include "legic_prng.h"
 
 struct lfsr {
   uint8_t  a;
index ccbb3c50e91389a4d733e25f75c7f94e50e77ef5..3c6e928238d11b285e66375ce1ffff2bb28946e2 100644 (file)
@@ -293,6 +293,22 @@ bool usb_poll()
   return (pUdp->UDP_CSR[AT91C_EP_OUT] & btReceiveBank);\r
 }\r
 \r
+/**\r
+       In github PR #129, some users appears to get a false positive from\r
+       usb_poll, which returns true, but the usb_read operation\r
+       still returns 0.\r
+       This check is basically the same as above, but also checks\r
+       that the length available to read is non-zero, thus hopefully fixes the\r
+       bug.\r
+**/\r
+bool usb_poll_validate_length()\r
+{\r
+\r
+       if (!usb_check()) return false;\r
+       if (!(pUdp->UDP_CSR[AT91C_EP_OUT] & btReceiveBank)) return false;\r
+       return (pUdp->UDP_CSR[AT91C_EP_OUT] >> 16) >  0;\r
+}\r
+\r
 //*----------------------------------------------------------------------------\r
 //* \fn    usb_read\r
 //* \brief Read available data from Endpoint OUT\r
index 59e73a478f6f37334c681068ed5b22b7bb258b9d..c42da8db90d1717c7c0188c84c29cb652c753d66 100644 (file)
@@ -41,6 +41,7 @@ void usb_disable();
 void usb_enable();\r
 bool usb_check();\r
 bool usb_poll();\r
+bool usb_poll_validate_length();\r
 uint32_t usb_read(byte_t* data, size_t len);\r
 uint32_t usb_write(const byte_t* data, const size_t len);\r
 \r
index bbdf69d549049583aa128ff07b44cda2839c9cb0..353c6120fd26aae4343fde9b3a5aba987e034566 100644 (file)
@@ -60,6 +60,8 @@ typedef struct{
 #define CMD_BUFF_CLEAR                                                    0x0105
 #define CMD_READ_MEM                                                      0x0106
 #define CMD_VERSION                                                       0x0107
+#define CMD_STATUS                                                                                                               0x0108
+#define CMD_PING                                                                                                                 0x0109
 
 // For low-frequency tags
 #define CMD_READ_TI_TYPE                                                  0x0202
Impressum, Datenschutz