attempt hitag2 uid read for lf search

author marshmellow42 <marshmellowrf@gmail.com>

Thu, 4 Aug 2016 17:51:37 +0000 (13:51 -0400)

committer marshmellow42 <marshmellowrf@gmail.com>

Thu, 4 Aug 2016 17:51:37 +0000 (13:51 -0400)
author marshmellow42 <marshmellowrf@gmail.com>
Thu, 4 Aug 2016 17:51:37 +0000 (13:51 -0400)
committer marshmellow42 <marshmellowrf@gmail.com>
Thu, 4 Aug 2016 17:51:37 +0000 (13:51 -0400)
diff --git a/armsrc/hitag2.c b/armsrc/hitag2.c

index 46432d835b284f06ff785dbe21f1cc5bc924e84e..c565511ce620525c0501d0118ef8590ec87d4756 100644 (file)
--- a/armsrc/hitag2.c
+++ b/armsrc/hitag2.c
@@ -697,6 +697,42 @@ static bool hitag2_test_auth_attempts(byte_t* rx, const size_t rxlen, byte_t* tx
         return true;
  }
  
         return true;
  }
  
+static bool hitag2_read_uid(byte_t* rx, const size_t rxlen, byte_t* tx, size_t* txlen) {
+       // Reset the transmission frame length
+       *txlen = 0;
+
+       // Try to find out which command was send by selecting on length (in bits)
+       switch (rxlen) {
+               // No answer, try to resurrect
+               case 0: {
+                       // Just starting or if there is no answer
+                       *txlen = 5;
+                       memcpy(tx,"\xc0",nbytes(*txlen));
+               } break;
+               // Received UID
+               case 32: {
+                       // Check if we received answer tag (at)
+                       if (bAuthenticating) {
+                               bAuthenticating = false;
+                       } else {
+                               // Store the received block
+                               memcpy(tag.sectors[blocknr],rx,4);
+                               blocknr++;
+                       }
+                       if (blocknr > 0) {
+                               //DbpString("Read successful!");
+                               bSuccessful = true;
+                               return false;
+                       }
+               } break;
+               // Unexpected response
+               default: {
+                       Dbprintf("Uknown frame length: %d",rxlen);
+                       return false;
+               } break;
+       }
+       return true;
+}
  
  void SnoopHitag(uint32_t type) {
         int frame_count;
  
  void SnoopHitag(uint32_t type) {
         int frame_count;
@@ -1123,19 +1159,18 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
         set_tracing(TRUE);
         clear_trace();
  
         set_tracing(TRUE);
         clear_trace();
  
-       DbpString("Starting Hitag reader family");
+       //DbpString("Starting Hitag reader family");
  
         // Check configuration
         switch(htf) {
                 case RHT2F_PASSWORD: {
                         Dbprintf("List identifier in password mode");
                         memcpy(password,htd->pwd.password,4);
  
         // Check configuration
         switch(htf) {
                 case RHT2F_PASSWORD: {
                         Dbprintf("List identifier in password mode");
                         memcpy(password,htd->pwd.password,4);
-               blocknr = 0;
+                       blocknr = 0;
                         bQuitTraceFull = false;
                         bQuiet = false;
                         bPwd = false;
                 } break;
                         bQuitTraceFull = false;
                         bQuiet = false;
                         bPwd = false;
                 } break;
-      
                 case RHT2F_AUTHENTICATE: {
                         DbpString("Authenticating using nr,ar pair:");
                         memcpy(NrAr,htd->auth.NrAr,8);
                 case RHT2F_AUTHENTICATE: {
                         DbpString("Authenticating using nr,ar pair:");
                         memcpy(NrAr,htd->auth.NrAr,8);
@@ -1145,7 +1180,6 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
                         bAuthenticating = false;
                         bQuitTraceFull = true;
                 } break;
                         bAuthenticating = false;
                         bQuitTraceFull = true;
                 } break;
-      
                 case RHT2F_CRYPTO: {
                         DbpString("Authenticating using key:");
                         memcpy(key,htd->crypto.key,6);    //HACK; 4 or 6??  I read both in the code.
                 case RHT2F_CRYPTO: {
                         DbpString("Authenticating using key:");
                         memcpy(key,htd->crypto.key,6);    //HACK; 4 or 6??  I read both in the code.
@@ -1156,7 +1190,6 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
                         bAuthenticating = false;
                         bQuitTraceFull = true;
                 } break;
                         bAuthenticating = false;
                         bQuitTraceFull = true;
                 } break;
-
                 case RHT2F_TEST_AUTH_ATTEMPTS: {
                         Dbprintf("Testing %d authentication attempts",(auth_table_len/8));
                         auth_table_pos = 0;
                 case RHT2F_TEST_AUTH_ATTEMPTS: {
                         Dbprintf("Testing %d authentication attempts",(auth_table_len/8));
                         auth_table_pos = 0;
@@ -1165,7 +1198,12 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
                         bQuiet = false;
                         bCrypto = false;
                 } break;
                         bQuiet = false;
                         bCrypto = false;
                 } break;
-                       
+               case RHT2F_UID_ONLY: {
+                       blocknr = 0;
+                       bQuiet = false;
+                       bCrypto = false;
+                       bAuthenticating = false;
+               } break;
                 default: {
                         Dbprintf("Error, unknown function: %d",htf);
                         return;
                 default: {
                         Dbprintf("Error, unknown function: %d",htf);
                         return;
@@ -1222,22 +1260,22 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
      // hitagS settings
      reset_sof = 1;
      t_wait = 200;
      // hitagS settings
      reset_sof = 1;
      t_wait = 200;
-    DbpString("Configured for hitagS reader");
+    //DbpString("Configured for hitagS reader");
    } else if (htf < 20) {
      // hitag1 settings
      reset_sof = 1;
      t_wait = 200;
    } else if (htf < 20) {
      // hitag1 settings
      reset_sof = 1;
      t_wait = 200;
-    DbpString("Configured for hitag1 reader");
+    //DbpString("Configured for hitag1 reader");
    } else if (htf < 30) {
      // hitag2 settings
      reset_sof = 4;
      t_wait = HITAG_T_WAIT_2;
    } else if (htf < 30) {
      // hitag2 settings
      reset_sof = 4;
      t_wait = HITAG_T_WAIT_2;
-    DbpString("Configured for hitag2 reader");
+    //DbpString("Configured for hitag2 reader");
         } else {
      Dbprintf("Error, unknown hitag reader type: %d",htf);
      return;
    }
         } else {
      Dbprintf("Error, unknown hitag reader type: %d",htf);
      return;
    }
-               
+       uint8_t attempt_count=0;
         while(!bStop && !BUTTON_PRESS()) {
                 // Watchdog hit
                 WDT_HIT();
         while(!bStop && !BUTTON_PRESS()) {
                 // Watchdog hit
                 WDT_HIT();
@@ -1272,6 +1310,11 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
                         case RHT2F_TEST_AUTH_ATTEMPTS: {
                                 bStop = !hitag2_test_auth_attempts(rx,rxlen,tx,&txlen);
                         } break;
                         case RHT2F_TEST_AUTH_ATTEMPTS: {
                                 bStop = !hitag2_test_auth_attempts(rx,rxlen,tx,&txlen);
                         } break;
+                       case RHT2F_UID_ONLY: {
+                               bStop = !hitag2_read_uid(rx, rxlen, tx, &txlen);
+                               attempt_count++; //attempt 3 times to get uid then quit
+                               if (!bStop && attempt_count == 3) bStop = true;
+                       } break;
                         default: {
                                 Dbprintf("Error, unknown function: %d",htf);
                                 return;
                         default: {
                                 Dbprintf("Error, unknown function: %d",htf);
                                 return;
@@ -1381,7 +1424,7 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
         AT91C_BASE_TC1->TC_CCR = AT91C_TC_CLKDIS;
         AT91C_BASE_TC0->TC_CCR = AT91C_TC_CLKDIS;
         FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
         AT91C_BASE_TC1->TC_CCR = AT91C_TC_CLKDIS;
         AT91C_BASE_TC0->TC_CCR = AT91C_TC_CLKDIS;
         FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
-       Dbprintf("frame received: %d",frame_count);
-  DbpString("All done");
+       //Dbprintf("frame received: %d",frame_count);
+  //DbpString("All done");
    cmd_send(CMD_ACK,bSuccessful,0,0,(byte_t*)tag.sectors,48);
  }
    cmd_send(CMD_ACK,bSuccessful,0,0,(byte_t*)tag.sectors,48);
  }
diff --git a/client/cmdlf.c b/client/cmdlf.c

index 016f0fe288ba5ca051916d5a775fb009594178d2..dcb64166df3dc69988d4e046d2ca347eff6bd611 100644 (file)
--- a/client/cmdlf.c
+++ b/client/cmdlf.c
@@ -38,7 +38,7 @@ static int CmdHelp(const char *Cmd);
  
  
  
  
  
  
-int usage_lf_cmdread()
+int usage_lf_cmdread(void)
  {
         PrintAndLog("Usage: lf cmdread d <delay period> z <zero period> o <one period> c <cmdbytes> [H] ");
         PrintAndLog("Options:        ");
  {
         PrintAndLog("Usage: lf cmdread d <delay period> z <zero period> o <one period> c <cmdbytes> [H] ");
         PrintAndLog("Options:        ");
@@ -430,7 +430,7 @@ int CmdIndalaClone(const char *Cmd)
         return 0;
  }
  
         return 0;
  }
  
-int usage_lf_read()
+int usage_lf_read(void)
  {
         PrintAndLog("Usage: lf read");
         PrintAndLog("Options:        ");
  {
         PrintAndLog("Usage: lf read");
         PrintAndLog("Options:        ");
@@ -440,7 +440,7 @@ int usage_lf_read()
         PrintAndLog("Use 'lf config' to set parameters.");
         return 0;
  }
         PrintAndLog("Use 'lf config' to set parameters.");
         return 0;
  }
-int usage_lf_snoop()
+int usage_lf_snoop(void)
  {
         PrintAndLog("Usage: lf snoop");
         PrintAndLog("Options:        ");
  {
         PrintAndLog("Usage: lf snoop");
         PrintAndLog("Options:        ");
@@ -450,7 +450,7 @@ int usage_lf_snoop()
         return 0;
  }
  
         return 0;
  }
  
-int usage_lf_config()
+int usage_lf_config(void)
  {
         PrintAndLog("Usage: lf config [H|<divisor>] [b <bps>] [d <decim>] [a 0|1]");
         PrintAndLog("Options:        ");
  {
         PrintAndLog("Usage: lf config [H|<divisor>] [b <bps>] [d <decim>] [a 0|1]");
         PrintAndLog("Options:        ");
@@ -685,7 +685,7 @@ int usage_lf_simpsk(void)
         return 0;
  }
  
         return 0;
  }
  
-// by marshmellow - sim ask data given clock, fcHigh, fcLow, invert 
+// by marshmellow - sim fsk data given clock, fcHigh, fcLow, invert 
  // - allow pull data from DemodBuffer
  int CmdLFfskSim(const char *Cmd)
  {
  // - allow pull data from DemodBuffer
  int CmdLFfskSim(const char *Cmd)
  {
@@ -1180,6 +1180,11 @@ int CmdLFfind(const char *Cmd)
                 return 1;
         }
  
                 return 1;
         }
  
+       ans=CmdLFHitagReader("26");
+       if (ans==0) {
+               return 1;
+       }
+
         PrintAndLog("\nNo Known Tags Found!\n");
         if (testRaw=='u' || testRaw=='U'){
                 //test unknown tag formats (raw mode)
         PrintAndLog("\nNo Known Tags Found!\n");
         if (testRaw=='u' || testRaw=='U'){
                 //test unknown tag formats (raw mode)
diff --git a/client/cmdlfhitag.c b/client/cmdlfhitag.c

index 07247364c0751a498836871fca7fab1cf193994e..ad8fd33bf4886077b1b43ee62009e08e58af697c 100644 (file)
--- a/client/cmdlfhitag.c
+++ b/client/cmdlfhitag.c
@@ -214,14 +214,19 @@ int CmdLFHitagReader(const char *Cmd) {
                 } break;
                 case RHT2F_CRYPTO: {
                         num_to_bytes(param_get64ex(Cmd,1,0,16),6,htd->crypto.key);
                 } break;
                 case RHT2F_CRYPTO: {
                         num_to_bytes(param_get64ex(Cmd,1,0,16),6,htd->crypto.key);
-//                     num_to_bytes(param_get32ex(Cmd,2,0,16),4,htd->auth.NrAr+4);
+                       //                      num_to_bytes(param_get32ex(Cmd,2,0,16),4,htd->auth.NrAr+4);
                 } break;
                 case RHT2F_TEST_AUTH_ATTEMPTS: {
                         // No additional parameters needed
                 } break;
                 } break;
                 case RHT2F_TEST_AUTH_ATTEMPTS: {
                         // No additional parameters needed
                 } break;
+               case RHT2F_UID_ONLY: {
+                       // No additional parameters needed
+               } break;
                 default: {
                 default: {
-                       PrintAndLog("Error: unkown reader function %d",htf);
-                       PrintAndLog("Hitag reader functions");
+                       PrintAndLog("\nError: unkown reader function %d",htf);
+                       PrintAndLog("");
+                       PrintAndLog("Usage: hitag reader <Reader Function #>");
+                       PrintAndLog("Reader Functions:");
                         PrintAndLog(" HitagS (0*)");
                         PrintAndLog("  01 <nr> <ar> (Challenge) read all pages from a Hitag S tag");
                         PrintAndLog("  02 <key> (set to 0 if no authentication is needed) read all pages from a Hitag S tag");
                         PrintAndLog(" HitagS (0*)");
                         PrintAndLog("  01 <nr> <ar> (Challenge) read all pages from a Hitag S tag");
                         PrintAndLog("  02 <key> (set to 0 if no authentication is needed) read all pages from a Hitag S tag");
@@ -231,6 +236,7 @@ int CmdLFHitagReader(const char *Cmd) {
                         PrintAndLog("  22 <nr> <ar> (authentication)");
                         PrintAndLog("  23 <key> (authentication) key is in format: ISK high + ISK low");
                         PrintAndLog("  25 (test recorded authentications)");
                         PrintAndLog("  22 <nr> <ar> (authentication)");
                         PrintAndLog("  23 <key> (authentication) key is in format: ISK high + ISK low");
                         PrintAndLog("  25 (test recorded authentications)");
+                       PrintAndLog("  26 just read UID");
                         return 1;
                 } break;
         }
                         return 1;
                 } break;
         }
@@ -238,32 +244,38 @@ int CmdLFHitagReader(const char *Cmd) {
         // Copy the hitag2 function into the first argument
         c.arg[0] = htf;
  
         // Copy the hitag2 function into the first argument
         c.arg[0] = htf;
  
-  // Send the command to the proxmark
-  SendCommand(&c);
-  
-  UsbCommand resp;
-  WaitForResponse(CMD_ACK,&resp);
-  
-  // Check the return status, stored in the first argument
-  if (resp.arg[0] == false) return 1;
-    
-  uint32_t id = bytes_to_num(resp.d.asBytes,4);
-  char filename[256];
-  FILE* pf = NULL;
-
-  sprintf(filename,"%08x_%04x.ht2",id,(rand() & 0xffff));
-  if ((pf = fopen(filename,"wb")) == NULL) {
-    PrintAndLog("Error: Could not open file [%s]",filename);
-    return 1;
-  }
-  
-  // Write the 48 tag memory bytes to file and finalize
-  fwrite(resp.d.asBytes,1,48,pf);
-  fclose(pf);
+       // Send the command to the proxmark
+       SendCommand(&c);
  
  
-  PrintAndLog("Succesfully saved tag memory to [%s]",filename);
-  
-  return 0;
+       UsbCommand resp;
+       WaitForResponse(CMD_ACK,&resp);
+
+       // Check the return status, stored in the first argument
+       if (resp.arg[0] == false) return 1;
+       
+       uint32_t id = bytes_to_num(resp.d.asBytes,4);
+               
+       if (htf == RHT2F_UID_ONLY){
+               PrintAndLog("Valid Hitag2 tag found - UID: %08x",id);
+       } else {
+               char filename[256];
+               FILE* pf = NULL;
+
+               sprintf(filename,"%08x_%04x.ht2",id,(rand() & 0xffff));
+               if ((pf = fopen(filename,"wb")) == NULL) {
+                 PrintAndLog("Error: Could not open file [%s]",filename);
+                 return 1;
+               }
+
+               // Write the 48 tag memory bytes to file and finalize
+               fwrite(resp.d.asBytes,1,48,pf);
+               fclose(pf);
+
+               PrintAndLog("Succesfully saved tag memory to [%s]",filename);
+       }
+
+
+       return 0;
  }
  
  
  }
  
  
diff --git a/include/hitag2.h b/include/hitag2.h

index 284b5ecbec822381066eede41cad710906d98cc0..00447623043f8524ea989e43227f0e67606e9f0c 100644 (file)
--- a/include/hitag2.h
+++ b/include/hitag2.h
@@ -14,14 +14,15 @@
  #define _HITAG2_H_
  
  typedef enum {
  #define _HITAG2_H_
  
  typedef enum {
-       RHTSF_CHALLENGE           = 01,
-       RHTSF_KEY                 = 02,
+       RHTSF_CHALLENGE           = 01,
+       RHTSF_KEY                 = 02,
         WHTSF_CHALLENGE           = 03,
         WHTSF_KEY                 = 04,
         RHT2F_PASSWORD            = 21,
         RHT2F_AUTHENTICATE        = 22,
         RHT2F_CRYPTO              = 23,
         RHT2F_TEST_AUTH_ATTEMPTS  = 25,
         WHTSF_CHALLENGE           = 03,
         WHTSF_KEY                 = 04,
         RHT2F_PASSWORD            = 21,
         RHT2F_AUTHENTICATE        = 22,
         RHT2F_CRYPTO              = 23,
         RHT2F_TEST_AUTH_ATTEMPTS  = 25,
+       RHT2F_UID_ONLY            = 26
  } hitag_function;
  
  typedef struct {
  } hitag_function;
  
  typedef struct {
author	marshmellow42 <marshmellowrf@gmail.com>
	Thu, 4 Aug 2016 17:51:37 +0000 (13:51 -0400)
committer	marshmellow42 <marshmellowrf@gmail.com>
	Thu, 4 Aug 2016 17:51:37 +0000 (13:51 -0400)
armsrc/hitag2.c		patch \| blob \| blame \| history
client/cmdlf.c		patch \| blob \| blame \| history
client/cmdlfhitag.c		patch \| blob \| blame \| history
include/hitag2.h		patch \| blob \| blame \| history