- Updated the Reveng 1.30 sourcecode to 1.31 from Reveng projecthomepage (iceman)
### Added
+- Added a LF ASK Sequence Terminator detection option to the standard ask demod - and applied it to `lf search u`, `lf t55xx detect`, and `data rawdemod am s` (marshmellow)
- `lf awid bruteforce <facilitycode>` - Simple bruteforce attack against a AWID reader.
- `lf t55xx bruteforce <start password> <end password> [i <*.dic>]` - Simple bruteforce attack to find password - (iceman and others)
- `lf viking clone`- clone viking tag to t55x7 or Q5 from 4byte hex ID input
static uint8_t *emulator_memory = NULL;
// trace related variables
-static uint16_t traceLen;
+static uint16_t traceLen = 0;
int tracing = 1; //Last global one.. todo static?
// get the address of BigBuf
Dbprintf("Buffer cleared (%i bytes)",BIGBUF_SIZE);
}
+void BigBuf_Clear_keep_EM(void)
+{
+ memset(BigBuf,0,BigBuf_hi);
+}
// allocate a chunk of memory from BigBuf. We allocate high memory first. The unallocated memory
// at the beginning of BigBuf is always for traces/samples
return TRUE;
}
+
// Emulator memory
uint8_t emlSet(uint8_t *data, uint32_t offset, uint32_t length){
uint8_t* mem = BigBuf_get_EM_addr();
extern uint16_t BigBuf_max_traceLen(void);
extern void BigBuf_Clear(void);
extern void BigBuf_Clear_ext(bool verbose);
+extern void BigBuf_Clear_keep_EM(void);
extern uint8_t *BigBuf_malloc(uint16_t);
extern void BigBuf_free(void);
extern void BigBuf_free_keep_EM(void);
#include "lfdemod.h"
#include "lfsampling.h"
#include "protocols.h"
-#include "usb_cdc.h" //test
+#include "usb_cdc.h" // for usb_poll_validate_length
/**
* Function to do a modulation and then get samples.
sample_config sc = { 0,0,1, divisor_used, 0};
setSamplingConfig(&sc);
+ //clear read buffer
+ BigBuf_Clear_keep_EM();
/* Make sure the tag is reset */
FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
// Configure to go in 125Khz listen mode
LFSetupFPGAForADC(95, true);
+ //clear read buffer
+ BigBuf_Clear_keep_EM();
+
while(!BUTTON_PRESS() && !usb_poll_validate_length()) {
WDT_HIT();
uint8_t *dest = BigBuf_get_addr();
size_t size;
int idx=0;
+ //clear read buffer
+ BigBuf_Clear_keep_EM();
// Configure to go in 125Khz listen mode
LFSetupFPGAForADC(95, true);
int clk=0, invert=0, errCnt=0, maxErr=20;
uint32_t hi=0;
uint64_t lo=0;
+ //clear read buffer
+ BigBuf_Clear_keep_EM();
// Configure to go in 125Khz listen mode
LFSetupFPGAForADC(95, true);
uint16_t number=0;
uint8_t crc = 0;
uint16_t calccrc = 0;
- // Configure to go in 125Khz listen mode
+
+ //clear read buffer
+ BigBuf_Clear_keep_EM();
+
+// Configure to go in 125Khz listen mode
LFSetupFPGAForADC(95, true);
while(!BUTTON_PRESS() && !usb_poll_validate_length()) {
void T55xxResetRead(void) {
LED_A_ON();
//clear buffer now so it does not interfere with timing later
- BigBuf_Clear_ext(false);
+ BigBuf_Clear_keep_EM();
// Set up FPGA, 125kHz
LFSetupFPGAForADC(95, true);
uint16_t bufsize = BigBuf_max_traceLen();
uint32_t i = 0;
- //clear buffer now so it does not interfere with timing later
+ // Clear destination buffer before sending the command
BigBuf_Clear_ext(false);
//If password mode do login
#include "apps.h"
#include "util.h"
#include "string.h"
-
+#include "usb_cdc.h" // for usb_poll_validate_length
#include "lfsampling.h"
sample_config config = { 1, 8, 1, 95, 0 } ;
FpgaSetupSsc();
}
-
/**
* Does the sample acquisition. If threshold is specified, the actual sampling
* is not commenced until the threshold has been reached.
uint8_t *dest = BigBuf_get_addr();
uint16_t bufsize = BigBuf_max_traceLen();
- BigBuf_Clear_ext(false);
+ //BigBuf_Clear_ext(false); //creates issues with cmdread (marshmellow)
if(bits_per_sample < 1) bits_per_sample = 1;
if(bits_per_sample > 8) bits_per_sample = 8;
int num_blocks = 0;
int lmin=128, lmax=128;
uint8_t dir;
+ //clear read buffer
+ BigBuf_Clear_keep_EM();
LFSetupFPGAForADC(95, true);
DoAcquisition_default(0, true);
if ((idx+1) % 5 == 0){
//spacer bit - should be 0
if (DemodBuffer[startIdx+idx] != 0) {
- if (g_debugMode) PrintAndLog("Error spacer not 0: %d, pos: %d",DemodBuffer[startIdx+idx],startIdx+idx);
+ if (g_debugMode) PrintAndLog("Error spacer not 0: %u, pos: %u", (unsigned int)DemodBuffer[startIdx+idx],(unsigned int)(startIdx+idx));
return 0;
}
continue;
ByteStream[ByteCnt] = ByteStream[ByteCnt] | (DemodBuffer[startIdx+idx]<<bitCnt);
bitCnt++;
if (bitCnt % 8 == 0){
- if (g_debugMode) PrintAndLog("byte %d: %02x",ByteCnt,ByteStream[ByteCnt]);
+ if (g_debugMode) PrintAndLog("byte %u: %02x", (unsigned int)ByteCnt, ByteStream[ByteCnt]);
bitCnt=0;
ByteCnt++;
}
}
for (uint8_t i = 0; i < ByteCnt; i++){
ByteStream[i] ^= xorKey; //xor
- if (g_debugMode) PrintAndLog("byte %d after xor: %02x", i, ByteStream[i]);
+ if (g_debugMode) PrintAndLog("byte %u after xor: %02x", (unsigned int)i, ByteStream[i]);
}
//now ByteStream contains 64 bytes of decrypted raw tag data
//
char buf[9];\r
char filename[FILE_PATH_SIZE]={0};\r
int keycnt = 0;\r
- int c;\r
+ int ch;\r
uint8_t stKeyBlock = 20;\r
uint8_t *keyBlock = NULL, *p = NULL;\r
- keyBlock = calloc(stKeyBlock, 6);\r
- if (keyBlock == NULL) return 1;\r
- \r
uint32_t start_password = 0x00000000; //start password\r
uint32_t end_password = 0xFFFFFFFF; //end password\r
bool found = false;\r
\r
char cmdp = param_getchar(Cmd, 0);\r
- if (cmdp == 'h' || cmdp == 'H') {\r
- free(keyBlock);\r
- return usage_t55xx_bruteforce();\r
- }\r
+ if (cmdp == 'h' || cmdp == 'H') return usage_t55xx_bruteforce();\r
+\r
+ keyBlock = calloc(stKeyBlock, 6);\r
+ if (keyBlock == NULL) return 1;\r
\r
if (cmdp == 'i' || cmdp == 'I') {\r
\r
for (uint16_t c = 0; c < keycnt; ++c ) {\r
\r
if (ukbhit()) {\r
- c = getchar();\r
- (void)c;\r
+ ch = getchar();\r
+ (void)ch;\r
printf("\naborted via keyboard!\n");\r
free(keyBlock);\r
return 0;\r
printf(".");\r
fflush(stdout);\r
if (ukbhit()) {\r
- c = getchar();\r
- (void)c;\r
+ ch = getchar();\r
+ (void)ch;\r
printf("\naborted via keyboard!\n");\r
free(keyBlock);\r
return 0;\r
PrintAndLog("Failed to copy from graphbuffer");
return -1;
}
- int start = DetectASKClock(grph, size, &clock, 20);
+ bool st = DetectST(grph, &size, &clock);
+ int start = 0;
+ if (st == false) {
+ start = DetectASKClock(grph, size, &clock, 20);
+ }
// Only print this message if we're not looping something
if (printAns){
PrintAndLog("Auto-detected clock rate: %d, Best Starting Position: %d", clock, start);