ADD: Marshmellows fixes for "lf t55xx" and "lf cmdread" ref: https://github.com...

author iceman1001 <iceman@iuse.se>

Sun, 21 Feb 2016 16:44:25 +0000 (17:44 +0100)

committer iceman1001 <iceman@iuse.se>

Sun, 21 Feb 2016 16:44:25 +0000 (17:44 +0100)
author iceman1001 <iceman@iuse.se>
Sun, 21 Feb 2016 16:44:25 +0000 (17:44 +0100)
committer iceman1001 <iceman@iuse.se>
Sun, 21 Feb 2016 16:44:25 +0000 (17:44 +0100)
diff --git a/CHANGELOG.md b/CHANGELOG.md

index 3b6882d0d0dbe919c5b90a7983a2141b64505ab1..65e161c42e5c20a79afa67588431b3f0b69e22ea 100644 (file)
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -20,6 +20,7 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
    - Updated the Reveng 1.30 sourcecode to 1.31 from Reveng projecthomepage (iceman)
  
  ### Added
    - Updated the Reveng 1.30 sourcecode to 1.31 from Reveng projecthomepage (iceman)
  
  ### Added
+- Added a LF ASK Sequence Terminator detection option to the standard ask demod - and applied it to `lf search u`, `lf t55xx detect`, and `data rawdemod am s` (marshmellow)
  - `lf awid bruteforce <facilitycode>` - Simple bruteforce attack against a AWID reader.
  - `lf t55xx bruteforce <start password> <end password> [i <*.dic>]` - Simple bruteforce attack to find password - (iceman and others)
  - `lf viking clone`- clone viking tag to t55x7 or Q5 from 4byte hex ID input 
  - `lf awid bruteforce <facilitycode>` - Simple bruteforce attack against a AWID reader.
  - `lf t55xx bruteforce <start password> <end password> [i <*.dic>]` - Simple bruteforce attack to find password - (iceman and others)
  - `lf viking clone`- clone viking tag to t55x7 or Q5 from 4byte hex ID input 
diff --git a/armsrc/BigBuf.c b/armsrc/BigBuf.c

index b3a9a1321ca0f9f4dfc492dcc4af01f55f7271bf..851cf390e795faf4c6d3b3f58411e6d9966a2d5b 100644 (file)
--- a/armsrc/BigBuf.c
+++ b/armsrc/BigBuf.c
@@ -27,7 +27,7 @@ static uint16_t BigBuf_hi = BIGBUF_SIZE;
  static uint8_t *emulator_memory = NULL;
  
  // trace related variables
  static uint8_t *emulator_memory = NULL;
  
  // trace related variables
-static uint16_t traceLen;
+static uint16_t traceLen = 0;
  int tracing = 1; //Last global one.. todo static?
  
  // get the address of BigBuf
  int tracing = 1; //Last global one.. todo static?
  
  // get the address of BigBuf
@@ -61,6 +61,10 @@ void BigBuf_Clear_ext(bool verbose)
                 Dbprintf("Buffer cleared (%i bytes)",BIGBUF_SIZE);
  }
  
                 Dbprintf("Buffer cleared (%i bytes)",BIGBUF_SIZE);
  }
  
+void BigBuf_Clear_keep_EM(void)
+{
+       memset(BigBuf,0,BigBuf_hi);
+}
  
  // allocate a chunk of memory from BigBuf. We allocate high memory first. The unallocated memory
  // at the beginning of BigBuf is always for traces/samples
  
  // allocate a chunk of memory from BigBuf. We allocate high memory first. The unallocated memory
  // at the beginning of BigBuf is always for traces/samples
@@ -239,6 +243,7 @@ int LogTraceHitag(const uint8_t * btBytes, int iBits, int iSamples, uint32_t dwP
         return TRUE;
  }
  
         return TRUE;
  }
  
+
  // Emulator memory
  uint8_t emlSet(uint8_t *data, uint32_t offset, uint32_t length){
         uint8_t* mem = BigBuf_get_EM_addr();
  // Emulator memory
  uint8_t emlSet(uint8_t *data, uint32_t offset, uint32_t length){
         uint8_t* mem = BigBuf_get_EM_addr();
diff --git a/armsrc/BigBuf.h b/armsrc/BigBuf.h

index 3f1b05c2f65929fa89802496dc87e0a5841c9759..347c1a4cbbd219ab28f6a97ef42ad80b675921b0 100644 (file)
--- a/armsrc/BigBuf.h
+++ b/armsrc/BigBuf.h
@@ -26,6 +26,7 @@ extern uint8_t *BigBuf_get_EM_addr(void);
  extern uint16_t BigBuf_max_traceLen(void);
  extern void BigBuf_Clear(void);
  extern void BigBuf_Clear_ext(bool verbose);
  extern uint16_t BigBuf_max_traceLen(void);
  extern void BigBuf_Clear(void);
  extern void BigBuf_Clear_ext(bool verbose);
+extern void BigBuf_Clear_keep_EM(void);
  extern uint8_t *BigBuf_malloc(uint16_t);
  extern void BigBuf_free(void);
  extern void BigBuf_free_keep_EM(void);
  extern uint8_t *BigBuf_malloc(uint16_t);
  extern void BigBuf_free(void);
  extern void BigBuf_free_keep_EM(void);
diff --git a/armsrc/lfops.c b/armsrc/lfops.c

index 2f757f1f6704d0ba0686fa82e81557d9bef87199..2e2cfd5727cd27017cd3aa5a282b27250b99232d 100644 (file)
--- a/armsrc/lfops.c
+++ b/armsrc/lfops.c
@@ -17,7 +17,7 @@
  #include "lfdemod.h"
  #include "lfsampling.h"
  #include "protocols.h"
  #include "lfdemod.h"
  #include "lfsampling.h"
  #include "protocols.h"
-#include "usb_cdc.h" //test
+#include "usb_cdc.h" // for usb_poll_validate_length
  
  /**
   * Function to do a modulation and then get samples.
  
  /**
   * Function to do a modulation and then get samples.
@@ -37,6 +37,8 @@ void ModThenAcquireRawAdcSamples125k(uint32_t delay_off, uint32_t period_0, uint
  
         sample_config sc = { 0,0,1, divisor_used, 0};
         setSamplingConfig(&sc);
  
         sample_config sc = { 0,0,1, divisor_used, 0};
         setSamplingConfig(&sc);
+       //clear read buffer
+       BigBuf_Clear_keep_EM();
  
         /* Make sure the tag is reset */
         FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
  
         /* Make sure the tag is reset */
         FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
@@ -725,6 +727,9 @@ void CmdHIDdemodFSK(int findone, int *high, int *low, int ledcontrol)
         // Configure to go in 125Khz listen mode
         LFSetupFPGAForADC(95, true);
  
         // Configure to go in 125Khz listen mode
         LFSetupFPGAForADC(95, true);
  
+       //clear read buffer
+       BigBuf_Clear_keep_EM();
+
         while(!BUTTON_PRESS() && !usb_poll_validate_length()) {
  
                 WDT_HIT();
         while(!BUTTON_PRESS() && !usb_poll_validate_length()) {
  
                 WDT_HIT();
@@ -815,6 +820,8 @@ void CmdAWIDdemodFSK(int findone, int *high, int *low, int ledcontrol)
         uint8_t *dest = BigBuf_get_addr();
         size_t size; 
         int idx=0;
         uint8_t *dest = BigBuf_get_addr();
         size_t size; 
         int idx=0;
+       //clear read buffer
+       BigBuf_Clear_keep_EM();
         // Configure to go in 125Khz listen mode
         LFSetupFPGAForADC(95, true);
  
         // Configure to go in 125Khz listen mode
         LFSetupFPGAForADC(95, true);
  
@@ -905,6 +912,8 @@ void CmdEM410xdemod(int findone, int *high, int *low, int ledcontrol)
         int clk=0, invert=0, errCnt=0, maxErr=20;
         uint32_t hi=0;
         uint64_t lo=0;
         int clk=0, invert=0, errCnt=0, maxErr=20;
         uint32_t hi=0;
         uint64_t lo=0;
+       //clear read buffer
+       BigBuf_Clear_keep_EM();
         // Configure to go in 125Khz listen mode
         LFSetupFPGAForADC(95, true);
  
         // Configure to go in 125Khz listen mode
         LFSetupFPGAForADC(95, true);
  
@@ -966,7 +975,11 @@ void CmdIOdemodFSK(int findone, int *high, int *low, int ledcontrol)
         uint16_t number=0;
         uint8_t crc = 0;
         uint16_t calccrc = 0;
         uint16_t number=0;
         uint8_t crc = 0;
         uint16_t calccrc = 0;
-       // Configure to go in 125Khz listen mode
+
+       //clear read buffer
+       BigBuf_Clear_keep_EM();
+       
+// Configure to go in 125Khz listen mode
         LFSetupFPGAForADC(95, true);
  
         while(!BUTTON_PRESS() && !usb_poll_validate_length()) {
         LFSetupFPGAForADC(95, true);
  
         while(!BUTTON_PRESS() && !usb_poll_validate_length()) {
@@ -1095,7 +1108,7 @@ void T55xxWriteBit(int bit) {
  void T55xxResetRead(void) {
         LED_A_ON();
         //clear buffer now so it does not interfere with timing later
  void T55xxResetRead(void) {
         LED_A_ON();
         //clear buffer now so it does not interfere with timing later
-       BigBuf_Clear_ext(false);
+       BigBuf_Clear_keep_EM();
  
         // Set up FPGA, 125kHz
         LFSetupFPGAForADC(95, true);
  
         // Set up FPGA, 125kHz
         LFSetupFPGAForADC(95, true);
@@ -1602,7 +1615,7 @@ void EM4xReadWord(uint8_t Address, uint32_t Pwd, uint8_t PwdMode) {
         uint16_t bufsize = BigBuf_max_traceLen();
         uint32_t i = 0;
  
         uint16_t bufsize = BigBuf_max_traceLen();
         uint32_t i = 0;
  
-       //clear buffer now so it does not interfere with timing later
+       // Clear destination buffer before sending the command
         BigBuf_Clear_ext(false);
         
         //If password mode do login
         BigBuf_Clear_ext(false);
         
         //If password mode do login
diff --git a/armsrc/lfsampling.c b/armsrc/lfsampling.c

index 3a502eb683318e4ebb36b754191ffc8b7bf710ea..8a6e6b052f72c04d2d4fa9f782fe435ceb6172e6 100644 (file)
--- a/armsrc/lfsampling.c
+++ b/armsrc/lfsampling.c
@@ -10,7 +10,7 @@
  #include "apps.h"
  #include "util.h"
  #include "string.h"
  #include "apps.h"
  #include "util.h"
  #include "string.h"
-
+#include "usb_cdc.h" // for usb_poll_validate_length
  #include "lfsampling.h"
  
  sample_config config = { 1, 8, 1, 95, 0 } ;
  #include "lfsampling.h"
  
  sample_config config = { 1, 8, 1, 95, 0 } ;
@@ -103,7 +103,6 @@ void LFSetupFPGAForADC(int divisor, bool lf_field)
         FpgaSetupSsc();
  }
  
         FpgaSetupSsc();
  }
  
-
  /**
   * Does the sample acquisition. If threshold is specified, the actual sampling
   * is not commenced until the threshold has been reached.
  /**
   * Does the sample acquisition. If threshold is specified, the actual sampling
   * is not commenced until the threshold has been reached.
@@ -125,7 +124,7 @@ uint32_t DoAcquisition(uint8_t decimation, uint32_t bits_per_sample, bool averag
         uint8_t *dest = BigBuf_get_addr();
      uint16_t bufsize = BigBuf_max_traceLen();
  
         uint8_t *dest = BigBuf_get_addr();
      uint16_t bufsize = BigBuf_max_traceLen();
  
-       BigBuf_Clear_ext(false);
+       //BigBuf_Clear_ext(false);        //creates issues with cmdread (marshmellow)
  
         if(bits_per_sample < 1) bits_per_sample = 1;
         if(bits_per_sample > 8) bits_per_sample = 8;
  
         if(bits_per_sample < 1) bits_per_sample = 1;
         if(bits_per_sample > 8) bits_per_sample = 8;
diff --git a/armsrc/pcf7931.c b/armsrc/pcf7931.c

index 4d45a69cfe5e94fc721286f6e06cdaf2ebca5b5e..24a871aa117d9ff87f8beb6cfd1849ed96f327ba 100644 (file)
--- a/armsrc/pcf7931.c
+++ b/armsrc/pcf7931.c
@@ -28,6 +28,8 @@ int DemodPCF7931(uint8_t **outBlocks) {
         int num_blocks = 0;
         int lmin=128, lmax=128;
         uint8_t dir;
         int num_blocks = 0;
         int lmin=128, lmax=128;
         uint8_t dir;
+       //clear read buffer
+       BigBuf_Clear_keep_EM();
  
         LFSetupFPGAForADC(95, true);
         DoAcquisition_default(0, true);
  
         LFSetupFPGAForADC(95, true);
         DoAcquisition_default(0, true);
diff --git a/client/cmddata.c b/client/cmddata.c

index d1a685e64be139484d87ba6f6a35b2ef192323ce..2c12e2bb9391da3248f6cc720656c2ff7d51f5c0 100644 (file)
--- a/client/cmddata.c
+++ b/client/cmddata.c
@@ -613,7 +613,7 @@ int CmdG_Prox_II_Demod(const char *Cmd)
                 if ((idx+1) % 5 == 0){
                         //spacer bit - should be 0
                         if (DemodBuffer[startIdx+idx] != 0) {
                 if ((idx+1) % 5 == 0){
                         //spacer bit - should be 0
                         if (DemodBuffer[startIdx+idx] != 0) {
-                               if (g_debugMode) PrintAndLog("Error spacer not 0: %d, pos: %d",DemodBuffer[startIdx+idx],startIdx+idx);
+                               if (g_debugMode) PrintAndLog("Error spacer not 0: %u, pos: %u", (unsigned int)DemodBuffer[startIdx+idx],(unsigned int)(startIdx+idx));
                                 return 0;
                         }
                         continue;
                                 return 0;
                         }
                         continue;
@@ -628,14 +628,14 @@ int CmdG_Prox_II_Demod(const char *Cmd)
                 ByteStream[ByteCnt] = ByteStream[ByteCnt] | (DemodBuffer[startIdx+idx]<<bitCnt);
                 bitCnt++;
                 if (bitCnt % 8 == 0){
                 ByteStream[ByteCnt] = ByteStream[ByteCnt] | (DemodBuffer[startIdx+idx]<<bitCnt);
                 bitCnt++;
                 if (bitCnt % 8 == 0){
-                       if (g_debugMode) PrintAndLog("byte %d: %02x",ByteCnt,ByteStream[ByteCnt]);
+                       if (g_debugMode) PrintAndLog("byte %u: %02x", (unsigned int)ByteCnt, ByteStream[ByteCnt]);
                         bitCnt=0;
                         ByteCnt++;
                 }
         }
         for (uint8_t i = 0; i < ByteCnt; i++){
                 ByteStream[i] ^= xorKey; //xor
                         bitCnt=0;
                         ByteCnt++;
                 }
         }
         for (uint8_t i = 0; i < ByteCnt; i++){
                 ByteStream[i] ^= xorKey; //xor
-               if (g_debugMode) PrintAndLog("byte %d after xor: %02x", i, ByteStream[i]);
+               if (g_debugMode) PrintAndLog("byte %u after xor: %02x", (unsigned int)i, ByteStream[i]);
         }
         //now ByteStream contains 64 bytes of decrypted raw tag data
         // 
         }
         //now ByteStream contains 64 bytes of decrypted raw tag data
         // 
diff --git a/client/cmdlft55xx.c b/client/cmdlft55xx.c

index 2efe0c22d07a011e0cc2ce7ef9a12357f9ae023b..bc30d7e3b18546192c2a04bb068d16212b33983d 100644 (file)
--- a/client/cmdlft55xx.c
+++ b/client/cmdlft55xx.c
@@ -1397,21 +1397,18 @@ int CmdT55xxBruteForce(const char *Cmd) {
         char buf[9];\r
         char filename[FILE_PATH_SIZE]={0};\r
         int     keycnt = 0;\r
         char buf[9];\r
         char filename[FILE_PATH_SIZE]={0};\r
         int     keycnt = 0;\r
-       int c;\r
+       int ch;\r
         uint8_t stKeyBlock = 20;\r
         uint8_t *keyBlock = NULL, *p = NULL;\r
         uint8_t stKeyBlock = 20;\r
         uint8_t *keyBlock = NULL, *p = NULL;\r
-       keyBlock = calloc(stKeyBlock, 6);\r
-       if (keyBlock == NULL) return 1;\r
-       \r
      uint32_t start_password = 0x00000000; //start password\r
      uint32_t end_password   = 0xFFFFFFFF; //end   password\r
      bool found = false;\r
  \r
      char cmdp = param_getchar(Cmd, 0);\r
      uint32_t start_password = 0x00000000; //start password\r
      uint32_t end_password   = 0xFFFFFFFF; //end   password\r
      bool found = false;\r
  \r
      char cmdp = param_getchar(Cmd, 0);\r
-    if (cmdp == 'h' || cmdp == 'H') {\r
-               free(keyBlock);\r
-               return usage_t55xx_bruteforce();\r
-       }\r
+       if (cmdp == 'h' || cmdp == 'H') return usage_t55xx_bruteforce();\r
+\r
+       keyBlock = calloc(stKeyBlock, 6);\r
+       if (keyBlock == NULL) return 1;\r
  \r
         if (cmdp == 'i' || cmdp == 'I') {\r
         \r
  \r
         if (cmdp == 'i' || cmdp == 'I') {\r
         \r
@@ -1472,8 +1469,8 @@ int CmdT55xxBruteForce(const char *Cmd) {
                 for (uint16_t c = 0; c < keycnt; ++c ) {\r
         \r
                         if (ukbhit()) {\r
                 for (uint16_t c = 0; c < keycnt; ++c ) {\r
         \r
                         if (ukbhit()) {\r
-                               c = getchar();\r
-                               (void)c;\r
+                               ch = getchar();\r
+                               (void)ch;\r
                                 printf("\naborted via keyboard!\n");\r
                                 free(keyBlock);\r
                                 return 0;\r
                                 printf("\naborted via keyboard!\n");\r
                                 free(keyBlock);\r
                                 return 0;\r
@@ -1523,8 +1520,8 @@ int CmdT55xxBruteForce(const char *Cmd) {
                 printf(".");\r
                 fflush(stdout);\r
                 if (ukbhit()) {\r
                 printf(".");\r
                 fflush(stdout);\r
                 if (ukbhit()) {\r
-                       c = getchar();\r
-                       (void)c;\r
+                       ch = getchar();\r
+                       (void)ch;\r
                         printf("\naborted via keyboard!\n");\r
                         free(keyBlock);\r
                         return 0;\r
                         printf("\naborted via keyboard!\n");\r
                         free(keyBlock);\r
                         return 0;\r
diff --git a/client/graph.c b/client/graph.c

index 062798482821c0873df2db766e39e8413f22dd84..c22b7a3d9d44ef22db1d69c465639e8ed673bab8 100644 (file)
--- a/client/graph.c
+++ b/client/graph.c
@@ -143,7 +143,11 @@ int GetAskClock(const char str[], bool printAns, bool verbose)
                         PrintAndLog("Failed to copy from graphbuffer");
                 return -1;
         }
                         PrintAndLog("Failed to copy from graphbuffer");
                 return -1;
         }
-       int start = DetectASKClock(grph, size, &clock, 20);
+       bool st = DetectST(grph, &size, &clock);
+       int start = 0;
+       if (st == false) {
+               start = DetectASKClock(grph, size, &clock, 20);
+       }
         // Only print this message if we're not looping something
         if (printAns){
                 PrintAndLog("Auto-detected clock rate: %d, Best Starting Position: %d", clock, start);
         // Only print this message if we're not looping something
         if (printAns){
                 PrintAndLog("Auto-detected clock rate: %d, Best Starting Position: %d", clock, start);
author	iceman1001 <iceman@iuse.se>
	Sun, 21 Feb 2016 16:44:25 +0000 (17:44 +0100)
committer	iceman1001 <iceman@iuse.se>
	Sun, 21 Feb 2016 16:44:25 +0000 (17:44 +0100)
CHANGELOG.md		patch \| blob \| blame \| history
armsrc/BigBuf.c		patch \| blob \| blame \| history
armsrc/BigBuf.h		patch \| blob \| blame \| history
armsrc/lfops.c		patch \| blob \| blame \| history
armsrc/lfsampling.c		patch \| blob \| blame \| history
armsrc/pcf7931.c		patch \| blob \| blame \| history
client/cmddata.c		patch \| blob \| blame \| history
client/cmdlft55xx.c		patch \| blob \| blame \| history
client/graph.c		patch \| blob \| blame \| history