ADD: got tired of always writing wrong "hf 14a list", so I hooked it back up to call the "hf list" with argument. Things becomes smoother that way.
for(;;) {
//wait until SSC_CLK goes HIGH
while(!(AT91C_BASE_PIOA->PIO_PDSR & GPIO_SSC_CLK)) {
- if(BUTTON_PRESS() || usb_poll_validate_length() ) {
+ if(BUTTON_PRESS() || !usb_poll_validate_length() ) {
DbpString("Stopped");
return;
}
//wait until SSC_CLK goes LOW
while(AT91C_BASE_PIOA->PIO_PDSR & GPIO_SSC_CLK) {
- if( BUTTON_PRESS() || usb_poll_validate_length() ) {
+ if( BUTTON_PRESS() || !usb_poll_validate_length() ) {
DbpString("Stopped");
return;
}
\r
void MifareEMemSet(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain){\r
FpgaDownloadAndGo(FPGA_BITSTREAM_HF);\r
- //emlSetMem(datain, arg0, arg1); // data, block num, blocks count \r
+ if (arg2==0) arg2 = 16; // backwards compat... default bytewidth\r
emlSetMem_xt(datain, arg0, arg1, arg2); // data, block num, blocks count, block byte width\r
}\r
\r
if(!iso14443a_select_card(uid, NULL, &cuid, true, 0)) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card");\r
OnErrorMagic(MAGIC_UID);\r
- };\r
- };\r
+ }\r
+ }\r
\r
// wipe tag, fill it with zeros\r
if (workFlags & MAGIC_WIPE){\r
if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("wupC1 error");\r
OnErrorMagic(MAGIC_WIPE);\r
- };\r
+ }\r
\r
ReaderTransmit(wipeC, sizeof(wipeC), NULL);\r
if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("wipeC error");\r
OnErrorMagic(MAGIC_WIPE);\r
- };\r
- }; \r
+ }\r
+ } \r
\r
// write block\r
if (workFlags & MAGIC_WUPC) {\r
if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("wupC1 error");\r
OnErrorMagic(MAGIC_WUPC);\r
- };\r
+ }\r
\r
ReaderTransmit(wupC2, sizeof(wupC2), NULL);\r
if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("wupC2 error");\r
OnErrorMagic(MAGIC_WUPC);\r
- };\r
+ }\r
}\r
\r
if ((mifare_sendcmd_short(NULL, 0, ISO14443A_CMD_WRITEBLOCK, blockNo, receivedAnswer, receivedAnswerPar, NULL) != 1) || (receivedAnswer[0] != 0x0a)) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("write block send command error");\r
OnErrorMagic(4);\r
- };\r
+ }\r
\r
memcpy(data, datain, 16);\r
AppendCrc14443a(data, 16);\r
if ((ReaderReceive(receivedAnswer, receivedAnswerPar) != 1) || (receivedAnswer[0] != 0x0a)) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("write block send data error");\r
OnErrorMagic(0);\r
- }; \r
+ } \r
\r
if (workFlags & MAGIC_OFF) \r
mifare_classic_halt_ex(NULL);\r
if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("wupC1 error");\r
OnErrorMagic(MAGIC_WUPC);\r
- };\r
+ }\r
\r
ReaderTransmit(wupC2, sizeof(wupC2), NULL);\r
if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("wupC2 error");\r
OnErrorMagic(MAGIC_WUPC);\r
- };\r
+ }\r
}\r
\r
// read block \r
if ((mifare_sendcmd_short(NULL, 0, ISO14443A_CMD_READBLOCK, blockNo, receivedAnswer, receivedAnswerPar, NULL) != 18)) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("read block send command error");\r
OnErrorMagic(0);\r
- };\r
+ }\r
\r
memcpy(data, receivedAnswer, sizeof(data));\r
\r
void MifareCIdent(){\r
\r
// variables\r
- byte_t isOK = 1; \r
+ bool isOK = true; \r
uint8_t receivedAnswer[1];\r
uint8_t receivedAnswerPar[1];\r
\r
ReaderTransmitBitsPar(wupC1,7,0, NULL);\r
if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
- isOK = 0;\r
- };\r
+ isOK = false;\r
+ }\r
\r
ReaderTransmit(wupC2, sizeof(wupC2), NULL);\r
if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
- isOK = 0;\r
- };\r
+ isOK = false;\r
+ }\r
\r
// removed the if, since some magic tags misbehavies and send an answer to it.\r
mifare_classic_halt(NULL, 0);\r
//set defaults
//set options from parameters entered with the command
- rfLen = param_get8ex(Cmd, 0, 0, 10);
- invert = param_get8ex(Cmd, 1, 0, 10);
- fchigh = param_get8ex(Cmd, 2, 0, 10);
- fclow = param_get8ex(Cmd, 3, 0, 10);
-
+ rfLen = param_get8(Cmd, 0);
+ invert = param_get8(Cmd, 1);
+ fchigh = param_get8(Cmd, 2);
+ fclow = param_get8(Cmd, 3);
if (strlen(Cmd)>0 && strlen(Cmd)<=2) {
if (rfLen==1){
invert = 1; //if invert option only is used
size_t BitLen = getFromGraphBuf(BitStream);
if (BitLen==0) return 0;
//get field clock lengths
- uint16_t fcs=0;
+ uint8_t fc1=0, fc2=0, rf1=0;
if (!fchigh || !fclow) {
- fcs = countFC(BitStream, BitLen, 1);
- if (!fcs) {
- fchigh = 10;
- fclow = 8;
- } else {
- fchigh = (fcs >> 8) & 0x00FF;
- fclow = fcs & 0x00FF;
+ uint8_t ans = fskClocks(&fc1, &fc2, &rf1, false);
+ if (ans == 0) {
+ if (g_debugMode) PrintAndLog("\nError: cannot detect valid fsk field clocks");
+ return 0; // can't detect field clock
}
+ fchigh = fc1;
+ fclow = fc2;
+ if (rfLen == 0) rfLen = rf1;
}
//get bit clock length
if (!rfLen){
#include "mifare.h"
#include "cmdhfmfu.h"
#include "nonce2key/nonce2key.h"
+#include "cmdhf.h"
#define llx PRIx64
int CmdHF14AList(const char *Cmd)
{
- PrintAndLog("Deprecated command, use 'hf list 14a' instead");
+ //PrintAndLog("Deprecated command, use 'hf list 14a' instead");
+ CmdHFList("14a");
return 0;
}
#include "protocols.h"
#include "usb_cmd.h"
#include "cmdhfmfu.h"
+#include "cmdhf.h"
#define llX PRIx64
}
int CmdHFiClassList(const char *Cmd) {
- PrintAndLog("Deprecated command, use 'hf list iclass' instead");
+ //PrintAndLog("Deprecated command, use 'hf list iclass' instead");
+ CmdHFList("iclass");
return 0;
}
PrintAndLog("Usage: hf mfu eload u <file name w/o `.eml`> [numblocks]");
PrintAndLog(" Options:");
PrintAndLog(" h : this help");
- PrintAndLog(" u : UL");
- PrintAndLog(" numblocks : number of blocks to load from eml file");
+ PrintAndLog(" u : UL (required)");
+ PrintAndLog(" [filename] : without `.eml` (required)");
+ PrintAndLog(" numblocks : number of blocks to load from eml file (optional)");
PrintAndLog("");
PrintAndLog(" sample: hf mfu eload u filename");
PrintAndLog(" hf mfu eload u filename 57");
- return 0;
+ return 0;
}
int usage_hf_mfu_sim(void) {
PrintAndLog("\nEmulating Ultralight tag from emulator memory\n");
PrintAndLog("\nBe sure to load the emulator memory first!\n");
PrintAndLog("Usage: hf mfu sim t 7 u <uid>");
- PrintAndLog(" Options : ");
- PrintAndLog(" h : this help");
- PrintAndLog(" t : 7 = NTAG or Ultralight sim");
- PrintAndLog(" u : 4 or 7 byte UID");
+ PrintAndLog(" Options:");
+ PrintAndLog(" h : this help");
+ PrintAndLog(" t 7 : 7 = NTAG or Ultralight sim (required)");
+ PrintAndLog(" u <uid> : 4 or 7 byte UID (optional)");
PrintAndLog("\n sample : hf mfu sim t 7");
PrintAndLog(" : hf mfu sim t 7 u 1122344556677\n");
+
return 0;
}
// add keys to block dump
if (hasAuthKey) {
- if (!swapEndian){
- authKeyPtr = SwapEndian64(authenticationkey, dataLen, (dataLen == 16) ? 8 : 4);
- } else {
- authKeyPtr = authenticationkey;
- }
-
if (tagtype & UL_C){ //add 4 pages
memcpy(data + Pages*4, authKeyPtr, dataLen);
Pages += dataLen/4;
uint8_t get_pack[] = {0,0};
iso14a_card_select_t card;
//attempt to read pack
- if (!ul_auth_select( &card, tagtype, true, authKeyPtr, get_pack, sizeof(get_pack))) {
+ if (!ul_auth_select( &card, tagtype, hasAuthKey, authKeyPtr, get_pack, sizeof(get_pack))) {
//reset pack
get_pack[0]=0;
get_pack[1]=0;
PrintAndLog("GetVer-2| %s| | %.4s", sprint_hex(dump_file_data+4, 4), dump_file_data+4);
PrintAndLog("TBD | 00 00 | | ");
PrintAndLog("Tearing | %s| | %.3s", sprint_hex(dump_file_data+10, 3), dump_file_data+10);
- PrintAndLog("Pack | %s | | %.2s", sprint_hex(dump_file_data+13, 2), dump_file_data+13);
+ PrintAndLog("Pack | %s | | %.2s", sprint_hex(dump_file_data+13, 2), dump_file_data+13);
PrintAndLog("TBD | 00 | | ");
PrintAndLog("Sig-1 | %s| | %.4s", sprint_hex(dump_file_data+16, 4), dump_file_data+16);
PrintAndLog("Sig-2 | %s| | %.4s", sprint_hex(dump_file_data+20, 4), dump_file_data+20);
fwrite( dump_file_data, 1, Pages*4 + DUMP_PREFIX_LENGTH, fout );
fclose(fout);
- PrintAndLog("Dumped %d pages, wrote %d bytes to %s", Pages+12, (Pages+12)*4, filename);
+ PrintAndLog("Dumped %d pages, wrote %d bytes to %s", Pages+(DUMP_PREFIX_LENGTH/4), Pages*4 + DUMP_PREFIX_LENGTH, filename);
return 0;
}
UsbCommand resp;
if (WaitForResponseTimeout(CMD_ACK,&resp,1500) ) {
- if ( (resp.arg[0] & 0xff) == 1)
+ if ( (resp.arg[0] & 0xff) == 1) {
PrintAndLog("Ultralight-C new password: %s", sprint_hex(pwd,16));
- else{
+ } else {
PrintAndLog("Failed writing at block %d", resp.arg[1] & 0xff);
return 1;
}
- }
- else {
+ } else {
PrintAndLog("command execution time out");
return 1;
}
#include "proxmark3.h"
#include "iso14443crc.h"
#include "protocols.h"
+#include "cmdhf.h"
#define TOPAZ_MAX_MEMORY 2048
uint8_t *dynamic_reserved_areas;
} topaz_tag;
-
static void topaz_switch_on_field(void)
{
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_SELECT | ISO14A_NO_DISCONNECT | ISO14A_TOPAZMODE, 0, 0}};
}
-int CmdHFTopazReader(const char *Cmd)
-{
+int CmdHFTopazReader(const char *Cmd) {
int status;
uint8_t atqa[2];
uint8_t rid_response[8];
return 0;
}
-
-int CmdHFTopazSim(const char *Cmd)
-{
+int CmdHFTopazSim(const char *Cmd) {
PrintAndLog("not yet implemented");
return 0;
}
-
-int CmdHFTopazCmdRaw(const char *Cmd)
-{
+int CmdHFTopazCmdRaw(const char *Cmd) {
PrintAndLog("not yet implemented");
return 0;
}
+int CmdHFTopazList(const char *Cmd) {
+ CmdHFList("topaz");
+ return 0;
+}
static int CmdHelp(const char *Cmd);
-
static command_t CommandTable[] =
{
{"help", CmdHelp, 1, "This help"},
{"sim", CmdHFTopazSim, 0, "<UID> -- Simulate Topaz tag"},
{"sniff", CmdHF14ASniff, 0, "Sniff Topaz reader-tag communication"},
{"raw", CmdHFTopazCmdRaw, 0, "Send raw hex data to tag"},
+ {"list", CmdHFTopazList, 0, "[Deprecated] List Topaz history"},
{NULL, NULL, 0, NULL}
};
-
int CmdHFTopaz(const char *Cmd) {
// flush
WaitForResponseTimeout(CMD_ACK,NULL,100);
#define CMDHFTOPAZ_H__
int CmdHFTopaz(const char *Cmd);
+int CmdHFTopazReader(const char *Cmd);
+int CmdHFTopazSim(const char *Cmd);
+int CmdHFTopazCmdRaw(const char *Cmd);
+int CmdHFTopazList(const char *Cmd);
#endif
return 0;\r
}\r
int usage_t55xx_bruteforce(){\r
- PrintAndLog("Usage: lf t55xx bruteforce <start password> <end password> [i <*.dic>]");\r
- PrintAndLog(" password must be 4 bytes (8 hex symbols)");\r
PrintAndLog("This command uses A) bruteforce to scan a number range");\r
PrintAndLog(" B) a dictionary attack");\r
+ PrintAndLog("Usage: lf t55xx bruteforce <start password> <end password> [i <*.dic>]");\r
+ PrintAndLog(" password must be 4 bytes (8 hex symbols)");\r
PrintAndLog("Options:");\r
PrintAndLog(" h - this help");\r
+ PrintAndLog(" <start_pwd> - 4 byte hex value to start pwd search at");\r
+ PrintAndLog(" <end_pwd> - 4 byte hex value to end pwd search at");\r
PrintAndLog(" i <*.dic> - loads a default keys dictionary file <*.dic>");\r
PrintAndLog("");\r
PrintAndLog("Examples:");\r
uint8_t bitRate = 0;\r
uint8_t rates[9] = {8,16,32,40,50,64,100,128,0};\r
uint8_t cmdp = 0;\r
- config.Q5 = FALSE;\r
bool errors = FALSE;\r
while(param_getchar(Cmd, cmdp) != 0x00 && !errors)\r
{\r
ans = ASKDemod(cmdStr, FALSE, FALSE, 1);\r
break;\r
case DEMOD_PSK1:\r
- // skip first 16 samples to allow antenna to settle in (psk gets inverted occasionally otherwise)\r
+ // skip first 160 samples to allow antenna to settle in (psk gets inverted occasionally otherwise)\r
save_restoreGB(1);\r
CmdLtrim("160");\r
snprintf(cmdStr, sizeof(buf),"%d %d 6", bitRate[config.bitrate], config.inverted );\r
ans = PSKDemod(cmdStr, FALSE);\r
+ //undo trim samples\r
save_restoreGB(0);\r
break;\r
case DEMOD_PSK2: //inverted won't affect this\r
snprintf(cmdStr, sizeof(buf),"%d 0 6", bitRate[config.bitrate] );\r
ans = PSKDemod(cmdStr, FALSE);\r
psk1TOpsk2(DemodBuffer, DemodBufferLen);\r
- save_restoreGB(1);\r
+ //undo trim samples\r
+ save_restoreGB(0);\r
break;\r
case DEMOD_NRZ:\r
snprintf(cmdStr, sizeof(buf),"%d %d 1", bitRate[config.bitrate], config.inverted );\r
}\r
\r
int CmdT55xxDetect(const char *Cmd){\r
-\r
bool errors = FALSE;\r
bool useGB = FALSE;\r
bool usepwd = FALSE;\r
t55xx_conf_block_t tests[15];\r
int bitRate=0;\r
uint8_t fc1 = 0, fc2 = 0, clk=0;\r
- save_restoreGB(1);\r
\r
if (GetFskClock("", FALSE, FALSE)){ \r
fskClocks(&fc1, &fc2, &clk, FALSE);\r
tests[hits].modulation = DEMOD_FSK1;\r
else if (fc1 == 10 && fc2 == 8)\r
tests[hits].modulation = DEMOD_FSK2a;\r
-\r
tests[hits].bitrate = bitRate;\r
tests[hits].inverted = TRUE;\r
tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
}\r
}\r
//undo trim from ask\r
- save_restoreGB(0);\r
+ //save_restoreGB(0);\r
clk = GetNrzClock("", FALSE, FALSE);\r
if (clk>0) {\r
if ( NRZrawDemod("0 0 1", FALSE) && test(DEMOD_NRZ, &tests[hits].offset, &bitRate, clk, &tests[hits].Q5)) {\r
}\r
}\r
\r
- //undo trim from nrz\r
- save_restoreGB(0);\r
+ // allow undo\r
// skip first 160 samples to allow antenna to settle in (psk gets inverted occasionally otherwise)\r
+ save_restoreGB(1);\r
CmdLtrim("160");\r
clk = GetPskClock("", FALSE, FALSE);\r
if (clk>0) {\r
}\r
} // inverse waves does not affect this demod\r
}\r
+ //undo trim samples\r
+ save_restoreGB(0);\r
} \r
- save_restoreGB(0); \r
if ( hits == 1) {\r
config.modulation = tests[0].modulation;\r
config.bitrate = tests[0].bitrate;\r
config.inverted = tests[0].inverted;\r
config.offset = tests[0].offset;\r
config.block0 = tests[0].block0;\r
+ config.Q5 = tests[0].Q5;\r
printConfiguration( config );\r
return TRUE;\r
}\r
return FALSE;\r
}\r
\r
+int convertQ5bitRate(uint8_t bitRateRead) {\r
+ uint8_t expected[] = {8, 16, 32, 40, 50, 64, 100, 128};\r
+ for (int i=0; i<8; i++)\r
+ if (expected[i] == bitRateRead)\r
+ return i;\r
+\r
+ return -1;\r
+}\r
+\r
bool testQ5(uint8_t mode, uint8_t *offset, int *fndBitRate, uint8_t clk){\r
\r
if ( DemodBufferLen < 64 ) return FALSE;\r
uint8_t safer = PackBits(si, 4, DemodBuffer); si += 4; //master key\r
uint8_t resv = PackBits(si, 8, DemodBuffer); si += 8;\r
// 2nibble must be zeroed.\r
- if (safer != 0x6) continue;\r
+ if (safer != 0x6 && safer != 0x9) continue;\r
if ( resv > 0x00) continue;\r
//uint8_t pageSel = PackBits(si, 1, DemodBuffer); si += 1;\r
//uint8_t fastWrite = PackBits(si, 1, DemodBuffer); si += 1;\r
si += 1+1;\r
- int bitRate = PackBits(si, 5, DemodBuffer)*2 + 2; si += 5; //bit rate\r
+ int bitRate = PackBits(si, 6, DemodBuffer)*2 + 2; si += 6; //bit rate\r
if (bitRate > 128 || bitRate < 8) continue;\r
\r
//uint8_t AOR = PackBits(si, 1, DemodBuffer); si += 1; \r
//test modulation\r
if (!testQ5Modulation(mode, modread)) continue;\r
if (bitRate != clk) continue;\r
- *fndBitRate = bitRate;\r
+ *fndBitRate = convertQ5bitRate(bitRate);\r
+ if (*fndBitRate < 0) continue;\r
*offset = idx;\r
\r
return TRUE;\r
\r
char *retStr = buf;\r
switch (id){\r
- case 0: \r
- snprintf(retStr,sizeof(buf),"%d - RF/8",id);\r
- break;\r
- case 1:\r
- snprintf(retStr,sizeof(buf),"%d - RF/16",id);\r
- break;\r
- case 2: \r
- snprintf(retStr,sizeof(buf),"%d - RF/32",id);\r
- break;\r
- case 3:\r
- snprintf(retStr,sizeof(buf),"%d - RF/40",id);\r
- break;\r
- case 4:\r
- snprintf(retStr,sizeof(buf),"%d - RF/50",id);\r
- break;\r
- case 5:\r
- snprintf(retStr,sizeof(buf),"%d - RF/64",id);\r
- break;\r
- case 6:\r
- snprintf(retStr,sizeof(buf),"%d - RF/100",id);\r
- break;\r
- case 7:\r
- snprintf(retStr,sizeof(buf),"%d - RF/128",id);\r
- break;\r
- default:\r
- snprintf(retStr,sizeof(buf),"%d - (Unknown)",id);\r
- break;\r
+ case 0: snprintf(retStr,sizeof(buf),"%d - RF/8",id); break;\r
+ case 1: snprintf(retStr,sizeof(buf),"%d - RF/16",id); break;\r
+ case 2: snprintf(retStr,sizeof(buf),"%d - RF/32",id); break;\r
+ case 3: snprintf(retStr,sizeof(buf),"%d - RF/40",id); break;\r
+ case 4: snprintf(retStr,sizeof(buf),"%d - RF/50",id); break;\r
+ case 5: snprintf(retStr,sizeof(buf),"%d - RF/64",id); break;\r
+ case 6: snprintf(retStr,sizeof(buf),"%d - RF/100",id); break;\r
+ case 7: snprintf(retStr,sizeof(buf),"%d - RF/128",id); break;\r
+ default: snprintf(retStr,sizeof(buf),"%d - (Unknown)",id); break;\r
}\r
-\r
return buf;\r
}\r
\r
\r
static command_t CommandTable[] = {\r
{"help", CmdHelp, 1, "This help"},\r
- {"bruteforce", CmdT55xxBruteForce,0, "Simple bruteforce attack to find password"},\r
+ {"bruteforce",CmdT55xxBruteForce,0, "<start password> <end password> [i <*.dic>] Simple bruteforce attack to find password"},\r
{"config", CmdT55xxSetConfig, 1, "Set/Get T55XX configuration (modulation, inverted, offset, rate)"},\r
{"detect", CmdT55xxDetect, 1, "[1] Try detecting the tag modulation from reading the configuration block."},\r
{"dump", CmdT55xxDump, 0, "[password] [o] Dump T55xx card block 0-7. Optional [password], [override]"},\r
for (size_t out_index=0; out_index < max_len; out_index++) {
// set character
sprintf(tmp++, "%u", data[in_index]);
- // check if a line break is needed
+ // check if a line break is needed and we have room to print it in our array
if ( (breaks > 0) && !((in_index+1) % breaks) && (out_index+1 != max_len) ) {
// increment and print line break
out_index++;
// up to 64 bytes or 512 bits
uint8_t *SwapEndian64(const uint8_t *src, const size_t len, const uint8_t blockSize){
static uint8_t buf[64];
- //uint8_t buf[64];
memset(buf, 0x00, 64);
uint8_t *tmp = buf;
for (uint8_t block=0; block < (uint8_t)(len/blockSize); block++){
projects / proxmark3-svn / commitdiff