2010-02-21 08:47:22 +08:00
//-----------------------------------------------------------------------------
// Copyright (C) 2010 iZsh <izsh at fail0verflow.com>
//
// This code is licensed to you under the terms of the GNU GPL, version 2 or,
// at your option, any later version. See the LICENSE.txt file for the text of
// the license.
//-----------------------------------------------------------------------------
// Low frequency EM4x commands
//-----------------------------------------------------------------------------
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
# include <stdio.h>
2010-02-25 04:34:13 +08:00
# include <string.h>
2012-07-11 01:52:17 +08:00
# include <inttypes.h>
2017-03-24 10:32:38 +08:00
# include "cmdlfem4x.h"
2012-12-05 07:39:18 +08:00
# include "proxmark3.h"
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
# include "ui.h"
2015-01-05 22:51:27 +08:00
# include "util.h"
2017-03-12 22:06:27 +08:00
# include "data.h"
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
# include "graph.h"
# include "cmdparser.h"
# include "cmddata.h"
# include "cmdlf.h"
2017-02-13 12:59:44 +08:00
# include "cmdmain.h"
2015-04-03 00:48:52 +08:00
# include "lfdemod.h"
2017-04-01 00:14:28 +08:00
# include "protocols.h"
2015-06-15 12:44:57 +08:00
2017-03-22 06:42:11 +08:00
uint64_t g_em410xId = 0 ;
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
static int CmdHelp ( const char * Cmd ) ;
2014-12-30 04:32:53 +08:00
int CmdEMdemodASK ( const char * Cmd )
{
2015-01-05 22:51:27 +08:00
char cmdp = param_getchar ( Cmd , 0 ) ;
2015-04-07 11:17:30 +08:00
int findone = ( cmdp = = ' 1 ' ) ? 1 : 0 ;
2015-04-03 00:48:52 +08:00
UsbCommand c = { CMD_EM410X_DEMOD } ;
c . arg [ 0 ] = findone ;
SendCommand ( & c ) ;
return 0 ;
2014-12-30 04:32:53 +08:00
}
2017-03-22 06:42:11 +08:00
//by marshmellow
//print 64 bit EM410x ID in multiple formats
void printEM410x ( uint32_t hi , uint64_t id )
{
if ( id | | hi ) {
uint64_t iii = 1 ;
uint64_t id2lo = 0 ;
uint32_t ii = 0 ;
uint32_t i = 0 ;
for ( ii = 5 ; ii > 0 ; ii - - ) {
for ( i = 0 ; i < 8 ; i + + ) {
id2lo = ( id2lo < < 1LL ) | ( ( id & ( iii < < ( i + ( ( ii - 1 ) * 8 ) ) ) ) > > ( i + ( ( ii - 1 ) * 8 ) ) ) ;
}
}
if ( hi ) {
//output 88 bit em id
PrintAndLog ( " \n EM TAG ID : %06X%016 " PRIX64 , hi , id ) ;
} else {
//output 40 bit em id
PrintAndLog ( " \n EM TAG ID : %010 " PRIX64 , id ) ;
PrintAndLog ( " \n Possible de-scramble patterns " ) ;
PrintAndLog ( " Unique TAG ID : %010 " PRIX64 , id2lo ) ;
PrintAndLog ( " HoneyWell IdentKey { " ) ;
PrintAndLog ( " DEZ 8 : %08 " PRIu64 , id & 0xFFFFFF ) ;
PrintAndLog ( " DEZ 10 : %010 " PRIu64 , id & 0xFFFFFFFF ) ;
PrintAndLog ( " DEZ 5.5 : %05lld.%05 " PRIu64 , ( id > > 16LL ) & 0xFFFF , ( id & 0xFFFF ) ) ;
PrintAndLog ( " DEZ 3.5A : %03lld.%05 " PRIu64 , ( id > > 32ll ) , ( id & 0xFFFF ) ) ;
PrintAndLog ( " DEZ 3.5B : %03lld.%05 " PRIu64 , ( id & 0xFF000000 ) > > 24 , ( id & 0xFFFF ) ) ;
PrintAndLog ( " DEZ 3.5C : %03lld.%05 " PRIu64 , ( id & 0xFF0000 ) > > 16 , ( id & 0xFFFF ) ) ;
PrintAndLog ( " DEZ 14/IK2 : %014 " PRIu64 , id ) ;
PrintAndLog ( " DEZ 15/IK3 : %015 " PRIu64 , id2lo ) ;
PrintAndLog ( " DEZ 20/ZK : %02 " PRIu64 " %02 " PRIu64 " %02 " PRIu64 " %02 " PRIu64 " %02 " PRIu64 " %02 " PRIu64 " %02 " PRIu64 " %02 " PRIu64 " %02 " PRIu64 " %02 " PRIu64 ,
( id2lo & 0xf000000000 ) > > 36 ,
( id2lo & 0x0f00000000 ) > > 32 ,
( id2lo & 0x00f0000000 ) > > 28 ,
( id2lo & 0x000f000000 ) > > 24 ,
( id2lo & 0x0000f00000 ) > > 20 ,
( id2lo & 0x00000f0000 ) > > 16 ,
( id2lo & 0x000000f000 ) > > 12 ,
( id2lo & 0x0000000f00 ) > > 8 ,
( id2lo & 0x00000000f0 ) > > 4 ,
( id2lo & 0x000000000f )
) ;
uint64_t paxton = ( ( ( id > > 32 ) < < 24 ) | ( id & 0xffffff ) ) + 0x143e00 ;
PrintAndLog ( " } \n Other : %05 " PRIu64 " _%03 " PRIu64 " _%08 " PRIu64 " " , ( id & 0xFFFF ) , ( ( id > > 16LL ) & 0xFF ) , ( id & 0xFFFFFF ) ) ;
PrintAndLog ( " Pattern Paxton : % " PRIu64 " [0x% " PRIX64 " ] " , paxton , paxton ) ;
uint32_t p1id = ( id & 0xFFFFFF ) ;
uint8_t arr [ 32 ] = { 0x00 } ;
int i = 0 ;
int j = 23 ;
for ( ; i < 24 ; + + i , - - j ) {
arr [ i ] = ( p1id > > i ) & 1 ;
}
uint32_t p1 = 0 ;
p1 | = arr [ 23 ] < < 21 ;
p1 | = arr [ 22 ] < < 23 ;
p1 | = arr [ 21 ] < < 20 ;
p1 | = arr [ 20 ] < < 22 ;
p1 | = arr [ 19 ] < < 18 ;
p1 | = arr [ 18 ] < < 16 ;
p1 | = arr [ 17 ] < < 19 ;
p1 | = arr [ 16 ] < < 17 ;
p1 | = arr [ 15 ] < < 13 ;
p1 | = arr [ 14 ] < < 15 ;
p1 | = arr [ 13 ] < < 12 ;
p1 | = arr [ 12 ] < < 14 ;
p1 | = arr [ 11 ] < < 6 ;
p1 | = arr [ 10 ] < < 2 ;
p1 | = arr [ 9 ] < < 7 ;
p1 | = arr [ 8 ] < < 1 ;
p1 | = arr [ 7 ] < < 0 ;
p1 | = arr [ 6 ] < < 8 ;
p1 | = arr [ 5 ] < < 11 ;
p1 | = arr [ 4 ] < < 3 ;
p1 | = arr [ 3 ] < < 10 ;
p1 | = arr [ 2 ] < < 4 ;
p1 | = arr [ 1 ] < < 5 ;
p1 | = arr [ 0 ] < < 9 ;
PrintAndLog ( " Pattern 1 : %d [0x%X] " , p1 , p1 ) ;
uint16_t sebury1 = id & 0xFFFF ;
uint8_t sebury2 = ( id > > 16 ) & 0x7F ;
uint32_t sebury3 = id & 0x7FFFFF ;
PrintAndLog ( " Pattern Sebury : %d %d %d [0x%X 0x%X 0x%X] " , sebury1 , sebury2 , sebury3 , sebury1 , sebury2 , sebury3 ) ;
}
}
return ;
}
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
/* Read the ID of an EM410x tag.
* Format :
* 1111 1111 1 < - - standard non - repeatable header
* XXXX [ row parity bit ] < - - 10 rows of 5 bits for our 40 bit tag ID
* . . . .
* CCCC < - - each bit here is parity for the 10 bits above in corresponding column
* 0 < - - stop bit , end of tag
*/
2017-03-22 06:42:11 +08:00
int AskEm410xDecode ( bool verbose , uint32_t * hi , uint64_t * lo )
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
{
2017-03-22 06:42:11 +08:00
size_t idx = 0 ;
2017-04-08 05:28:12 +08:00
uint8_t BitStream [ 512 ] = { 0 } ;
size_t BitLen = sizeof ( BitStream ) ;
if ( ! getDemodBuf ( BitStream , & BitLen ) ) return 0 ;
if ( Em410xDecode ( BitStream , & BitLen , & idx , hi , lo ) ) {
2017-03-22 06:42:11 +08:00
//set GraphBuffer for clone or sim command
2017-04-13 02:35:07 +08:00
setDemodBuf ( DemodBuffer , ( BitLen = = 40 ) ? 64 : 128 , idx + 1 ) ;
2017-04-13 05:55:31 +08:00
setClockGrid ( g_DemodClock , g_DemodStartIdx + ( ( idx + 1 ) * g_DemodClock ) ) ;
2017-04-08 05:28:12 +08:00
if ( g_debugMode ) {
2017-03-22 06:42:11 +08:00
PrintAndLog ( " DEBUG: idx: %d, Len: %d, Printing Demod Buffer: " , idx , BitLen ) ;
printDemodBuff ( ) ;
}
2017-04-08 05:28:12 +08:00
if ( verbose ) {
2017-03-22 06:42:11 +08:00
PrintAndLog ( " EM410x pattern found: " ) ;
printEM410x ( * hi , * lo ) ;
g_em410xId = * lo ;
}
return 1 ;
}
return 0 ;
}
//askdemod then call Em410xdecode
int AskEm410xDemod ( const char * Cmd , uint32_t * hi , uint64_t * lo , bool verbose )
{
bool st = true ;
if ( ! ASKDemod_ext ( Cmd , false , false , 1 , & st ) ) return 0 ;
return AskEm410xDecode ( verbose , hi , lo ) ;
}
//by marshmellow
//takes 3 arguments - clock, invert and maxErr as integers
//attempts to demodulate ask while decoding manchester
//prints binary found and saves in graphbuffer for further commands
int CmdAskEM410xDemod ( const char * Cmd )
{
char cmdp = param_getchar ( Cmd , 0 ) ;
if ( strlen ( Cmd ) > 10 | | cmdp = = ' h ' | | cmdp = = ' H ' ) {
PrintAndLog ( " Usage: lf em 410xdemod [clock] <0|1> [maxError] " ) ;
PrintAndLog ( " [set clock as integer] optional, if not set, autodetect. " ) ;
PrintAndLog ( " <invert>, 1 for invert output " ) ;
PrintAndLog ( " [set maximum allowed errors], default = 100. " ) ;
PrintAndLog ( " " ) ;
PrintAndLog ( " sample: lf em 410xdemod = demod an EM410x Tag ID from GraphBuffer " ) ;
PrintAndLog ( " : lf em 410xdemod 32 = demod an EM410x Tag ID from GraphBuffer using a clock of RF/32 " ) ;
PrintAndLog ( " : lf em 410xdemod 32 1 = demod an EM410x Tag ID from GraphBuffer using a clock of RF/32 and inverting data " ) ;
PrintAndLog ( " : lf em 410xdemod 1 = demod an EM410x Tag ID from GraphBuffer while inverting data " ) ;
PrintAndLog ( " : lf em 410xdemod 64 1 0 = demod an EM410x Tag ID from GraphBuffer using a clock of RF/64 and inverting data and allowing 0 demod errors " ) ;
2015-04-03 00:48:52 +08:00
return 0 ;
}
2017-03-22 06:42:11 +08:00
uint64_t lo = 0 ;
uint32_t hi = 0 ;
return AskEm410xDemod ( Cmd , & hi , & lo , true ) ;
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
}
2017-02-24 14:02:25 +08:00
int usage_lf_em410x_sim ( void ) {
PrintAndLog ( " Simulating EM410x tag " ) ;
PrintAndLog ( " " ) ;
PrintAndLog ( " Usage: lf em 410xsim [h] <uid> <clock> " ) ;
PrintAndLog ( " Options: " ) ;
PrintAndLog ( " h - this help " ) ;
PrintAndLog ( " uid - uid (10 HEX symbols) " ) ;
PrintAndLog ( " clock - clock (32|64) (optional) " ) ;
PrintAndLog ( " samples: " ) ;
PrintAndLog ( " lf em 410xsim 0F0368568B " ) ;
PrintAndLog ( " lf em 410xsim 0F0368568B 32 " ) ;
return 0 ;
}
2015-03-23 03:28:48 +08:00
// emulate an EM410X tag
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
int CmdEM410xSim ( const char * Cmd )
{
2015-01-05 22:51:27 +08:00
int i , n , j , binary [ 4 ] , parity [ 4 ] ;
char cmdp = param_getchar ( Cmd , 0 ) ;
uint8_t uid [ 5 ] = { 0x00 } ;
2017-02-24 14:02:25 +08:00
if ( cmdp = = ' h ' | | cmdp = = ' H ' ) return usage_lf_em410x_sim ( ) ;
2015-11-08 10:02:30 +08:00
/* clock is 64 in EM410x tags */
2015-11-10 12:09:26 +08:00
uint8_t clock = 64 ;
2015-01-05 22:51:27 +08:00
if ( param_gethex ( Cmd , 0 , uid , 10 ) ) {
PrintAndLog ( " UID must include 10 HEX symbols " ) ;
return 0 ;
}
2015-11-10 12:09:26 +08:00
param_getdec ( Cmd , 1 , & clock ) ;
2015-11-08 10:02:30 +08:00
PrintAndLog ( " Starting simulating UID %02X%02X%02X%02X%02X clock: %d " , uid [ 0 ] , uid [ 1 ] , uid [ 2 ] , uid [ 3 ] , uid [ 4 ] , clock ) ;
2015-01-05 22:51:27 +08:00
PrintAndLog ( " Press pm3-button to about simulation " ) ;
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
2015-04-03 00:48:52 +08:00
/* clear our graph */
ClearGraph ( 0 ) ;
/* write 9 start bits */
for ( i = 0 ; i < 9 ; i + + )
AppendGraph ( 0 , clock , 1 ) ;
/* for each hex char */
parity [ 0 ] = parity [ 1 ] = parity [ 2 ] = parity [ 3 ] = 0 ;
for ( i = 0 ; i < 10 ; i + + )
{
/* read each hex char */
sscanf ( & Cmd [ i ] , " %1x " , & n ) ;
for ( j = 3 ; j > = 0 ; j - - , n / = 2 )
binary [ j ] = n % 2 ;
/* append each bit */
AppendGraph ( 0 , clock , binary [ 0 ] ) ;
AppendGraph ( 0 , clock , binary [ 1 ] ) ;
AppendGraph ( 0 , clock , binary [ 2 ] ) ;
AppendGraph ( 0 , clock , binary [ 3 ] ) ;
/* append parity bit */
AppendGraph ( 0 , clock , binary [ 0 ] ^ binary [ 1 ] ^ binary [ 2 ] ^ binary [ 3 ] ) ;
/* keep track of column parity */
parity [ 0 ] ^ = binary [ 0 ] ;
parity [ 1 ] ^ = binary [ 1 ] ;
parity [ 2 ] ^ = binary [ 2 ] ;
parity [ 3 ] ^ = binary [ 3 ] ;
}
/* parity columns */
AppendGraph ( 0 , clock , parity [ 0 ] ) ;
AppendGraph ( 0 , clock , parity [ 1 ] ) ;
AppendGraph ( 0 , clock , parity [ 2 ] ) ;
AppendGraph ( 0 , clock , parity [ 3 ] ) ;
/* stop bit */
AppendGraph ( 1 , clock , 0 ) ;
2015-01-05 22:51:27 +08:00
2015-04-03 00:48:52 +08:00
CmdLFSim ( " 0 " ) ; //240 start_gap.
return 0 ;
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
}
2015-01-05 22:51:27 +08:00
/* Function is equivalent of lf read + data samples + em410xread
* looped until an EM410x tag is detected
*
* Why is CmdSamples ( " 16000 " ) ?
* TBD : Auto - grow sample size based on detected sample rate . IE : If the
* rate gets lower , then grow the number of samples
* Changed by martin , 4000 x 4 = 16000 ,
* see http : //www.proxmark.org/forum/viewtopic.php?pid=7235#p7235
2017-03-22 06:42:11 +08:00
*
* EDIT - - capture enough to get 2 complete preambles at the slowest data rate known to be used ( rf / 64 ) ( 64 * 64 * 2 + 9 = 8201 ) marshmellow
2015-01-05 22:51:27 +08:00
*/
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
int CmdEM410xWatch ( const char * Cmd )
{
2015-01-05 22:51:27 +08:00
do {
if ( ukbhit ( ) ) {
printf ( " \n aborted via keyboard! \n " ) ;
break ;
}
2017-04-08 05:28:12 +08:00
lf_read ( true , 8201 ) ;
2017-03-22 06:42:11 +08:00
} while ( ! CmdAskEM410xDemod ( " " ) ) ;
2015-03-23 03:28:48 +08:00
2015-01-05 22:51:27 +08:00
return 0 ;
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
}
2015-04-03 00:48:52 +08:00
//currently only supports manchester modulations
2015-01-08 07:17:40 +08:00
int CmdEM410xWatchnSpoof ( const char * Cmd )
{
CmdEM410xWatch ( Cmd ) ;
2017-03-22 06:42:11 +08:00
PrintAndLog ( " # Replaying captured ID: %010 " PRIx64 , g_em410xId ) ;
2015-03-24 04:29:50 +08:00
CmdLFaskSim ( " " ) ;
return 0 ;
2015-01-08 07:17:40 +08:00
}
2015-04-03 11:55:12 +08:00
int CmdEM410xWrite ( const char * Cmd )
{
uint64_t id = 0xFFFFFFFFFFFFFFFF ; // invalid id value
int card = 0xFF ; // invalid card value
unsigned int clock = 0 ; // invalid clock value
2017-02-27 10:44:40 +08:00
sscanf ( Cmd , " % " SCNx64 " %d %d " , & id , & card , & clock ) ;
2015-04-03 11:55:12 +08:00
// Check ID
if ( id = = 0xFFFFFFFFFFFFFFFF ) {
PrintAndLog ( " Error! ID is required. \n " ) ;
return 0 ;
}
if ( id > = 0x10000000000 ) {
PrintAndLog ( " Error! Given EM410x ID is longer than 40 bits. \n " ) ;
return 0 ;
}
// Check Card
if ( card = = 0xFF ) {
PrintAndLog ( " Error! Card type required. \n " ) ;
return 0 ;
}
if ( card < 0 ) {
PrintAndLog ( " Error! Bad card type selected. \n " ) ;
return 0 ;
}
// Check Clock
2015-11-04 09:18:16 +08:00
// Default: 64
if ( clock = = 0 )
clock = 64 ;
// Allowed clock rates: 16, 32, 40 and 64
if ( ( clock ! = 16 ) & & ( clock ! = 32 ) & & ( clock ! = 64 ) & & ( clock ! = 40 ) ) {
PrintAndLog ( " Error! Clock rate %d not valid. Supported clock rates are 16, 32, 40 and 64. \n " , clock ) ;
2015-04-03 11:55:12 +08:00
return 0 ;
}
if ( card = = 1 ) {
PrintAndLog ( " Writing %s tag with UID 0x%010 " PRIx64 " (clock rate: %d) " , " T55x7 " , id , clock ) ;
// NOTE: We really should pass the clock in as a separate argument, but to
// provide for backwards-compatibility for older firmware, and to avoid
// having to add another argument to CMD_EM410X_WRITE_TAG, we just store
// the clock rate in bits 8-15 of the card value
2015-11-04 09:18:16 +08:00
card = ( card & 0xFF ) | ( ( clock < < 8 ) & 0xFF00 ) ;
} else if ( card = = 0 ) {
2015-04-03 11:55:12 +08:00
PrintAndLog ( " Writing %s tag with UID 0x%010 " PRIx64 , " T5555 " , id , clock ) ;
2015-11-04 09:18:16 +08:00
card = ( card & 0xFF ) | ( ( clock < < 8 ) & 0xFF00 ) ;
} else {
2015-04-03 11:55:12 +08:00
PrintAndLog ( " Error! Bad card type selected. \n " ) ;
return 0 ;
}
UsbCommand c = { CMD_EM410X_WRITE_TAG , { card , ( uint32_t ) ( id > > 32 ) , ( uint32_t ) id } } ;
SendCommand ( & c ) ;
return 0 ;
}
2017-02-20 09:47:45 +08:00
//**************** Start of EM4x50 Code ************************
2015-04-03 00:48:52 +08:00
bool EM_EndParityTest ( uint8_t * BitStream , size_t size , uint8_t rows , uint8_t cols , uint8_t pType )
{
if ( rows * cols > size ) return false ;
uint8_t colP = 0 ;
2015-04-07 11:17:30 +08:00
//assume last col is a parity and do not test
2015-04-03 00:48:52 +08:00
for ( uint8_t colNum = 0 ; colNum < cols - 1 ; colNum + + ) {
for ( uint8_t rowNum = 0 ; rowNum < rows ; rowNum + + ) {
colP ^ = BitStream [ ( rowNum * cols ) + colNum ] ;
}
if ( colP ! = pType ) return false ;
}
return true ;
}
bool EM_ByteParityTest ( uint8_t * BitStream , size_t size , uint8_t rows , uint8_t cols , uint8_t pType )
{
if ( rows * cols > size ) return false ;
uint8_t rowP = 0 ;
//assume last row is a parity row and do not test
for ( uint8_t rowNum = 0 ; rowNum < rows - 1 ; rowNum + + ) {
for ( uint8_t colNum = 0 ; colNum < cols ; colNum + + ) {
rowP ^ = BitStream [ ( rowNum * cols ) + colNum ] ;
}
if ( rowP ! = pType ) return false ;
}
return true ;
}
uint32_t OutputEM4x50_Block ( uint8_t * BitStream , size_t size , bool verbose , bool pTest )
{
if ( size < 45 ) return 0 ;
uint32_t code = bytebits_to_byte ( BitStream , 8 ) ;
code = code < < 8 | bytebits_to_byte ( BitStream + 9 , 8 ) ;
code = code < < 8 | bytebits_to_byte ( BitStream + 18 , 8 ) ;
code = code < < 8 | bytebits_to_byte ( BitStream + 27 , 8 ) ;
if ( verbose | | g_debugMode ) {
for ( uint8_t i = 0 ; i < 5 ; i + + ) {
2015-04-07 11:17:30 +08:00
if ( i = = 4 ) PrintAndLog ( " " ) ; //parity byte spacer
2015-04-03 00:48:52 +08:00
PrintAndLog ( " %d%d%d%d%d%d%d%d %d -> 0x%02x " ,
BitStream [ i * 9 ] ,
BitStream [ i * 9 + 1 ] ,
BitStream [ i * 9 + 2 ] ,
BitStream [ i * 9 + 3 ] ,
BitStream [ i * 9 + 4 ] ,
BitStream [ i * 9 + 5 ] ,
BitStream [ i * 9 + 6 ] ,
BitStream [ i * 9 + 7 ] ,
BitStream [ i * 9 + 8 ] ,
bytebits_to_byte ( BitStream + i * 9 , 8 )
) ;
}
if ( pTest )
PrintAndLog ( " Parity Passed " ) ;
else
PrintAndLog ( " Parity Failed " ) ;
}
return code ;
}
2017-02-13 12:59:44 +08:00
/* Read the transmitted data of an EM4x50 tag from the graphbuffer
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
* Format :
*
* XXXXXXXX [ row parity bit ( even ) ] < - 8 bits plus parity
* XXXXXXXX [ row parity bit ( even ) ] < - 8 bits plus parity
* XXXXXXXX [ row parity bit ( even ) ] < - 8 bits plus parity
* XXXXXXXX [ row parity bit ( even ) ] < - 8 bits plus parity
* CCCCCCCC < - column parity bits
* 0 < - stop bit
* LW < - Listen Window
*
* This pattern repeats for every block of data being transmitted .
* Transmission starts with two Listen Windows ( LW - a modulated
* pattern of 320 cycles each ( 32 / 32 / 128 / 64 / 64 ) ) .
*
* Note that this data may or may not be the UID . It is whatever data
* is stored in the blocks defined in the control word First and Last
* Word Read values . UID is stored in block 32.
*/
2015-04-07 11:17:30 +08:00
//completed by Marshmellow
2015-04-03 00:48:52 +08:00
int EM4x50Read ( const char * Cmd , bool verbose )
{
2015-04-07 11:17:30 +08:00
uint8_t fndClk [ ] = { 8 , 16 , 32 , 40 , 50 , 64 , 128 } ;
2015-04-03 00:48:52 +08:00
int clk = 0 ;
int invert = 0 ;
int tol = 0 ;
int i , j , startblock , skip , block , start , end , low , high , minClk ;
2015-04-07 11:17:30 +08:00
bool complete = false ;
2015-04-03 00:48:52 +08:00
int tmpbuff [ MAX_GRAPH_TRACE_LEN / 64 ] ;
uint32_t Code [ 6 ] ;
char tmp [ 6 ] ;
char tmp2 [ 20 ] ;
2015-04-07 12:53:06 +08:00
int phaseoff ;
2015-04-07 11:17:30 +08:00
high = low = 0 ;
2015-04-03 00:48:52 +08:00
memset ( tmpbuff , 0 , MAX_GRAPH_TRACE_LEN / 64 ) ;
2015-04-07 11:17:30 +08:00
// get user entry if any
sscanf ( Cmd , " %i %i " , & clk , & invert ) ;
// save GraphBuffer - to restore it later
save_restoreGB ( 1 ) ;
2015-04-03 00:48:52 +08:00
// first get high and low values
2015-04-07 11:17:30 +08:00
for ( i = 0 ; i < GraphTraceLen ; i + + ) {
2015-04-03 00:48:52 +08:00
if ( GraphBuffer [ i ] > high )
high = GraphBuffer [ i ] ;
else if ( GraphBuffer [ i ] < low )
low = GraphBuffer [ i ] ;
}
2015-04-07 11:17:30 +08:00
i = 0 ;
j = 0 ;
minClk = 255 ;
// get to first full low to prime loop and skip incomplete first pulse
while ( ( GraphBuffer [ i ] < high ) & & ( i < GraphTraceLen ) )
+ + i ;
while ( ( GraphBuffer [ i ] > low ) & & ( i < GraphTraceLen ) )
+ + i ;
skip = i ;
// populate tmpbuff buffer with pulse lengths
while ( i < GraphTraceLen ) {
2015-04-03 00:48:52 +08:00
// measure from low to low
2015-04-07 11:17:30 +08:00
while ( ( GraphBuffer [ i ] > low ) & & ( i < GraphTraceLen ) )
2015-04-03 00:48:52 +08:00
+ + i ;
start = i ;
2015-04-07 11:17:30 +08:00
while ( ( GraphBuffer [ i ] < high ) & & ( i < GraphTraceLen ) )
2015-04-03 00:48:52 +08:00
+ + i ;
2015-04-07 11:17:30 +08:00
while ( ( GraphBuffer [ i ] > low ) & & ( i < GraphTraceLen ) )
2015-04-03 00:48:52 +08:00
+ + i ;
if ( j > = ( MAX_GRAPH_TRACE_LEN / 64 ) ) {
break ;
}
tmpbuff [ j + + ] = i - start ;
2015-04-07 11:17:30 +08:00
if ( i - start < minClk & & i < GraphTraceLen ) {
minClk = i - start ;
}
2015-04-03 00:48:52 +08:00
}
// set clock
2015-04-07 11:17:30 +08:00
if ( ! clk ) {
2015-04-03 00:48:52 +08:00
for ( uint8_t clkCnt = 0 ; clkCnt < 7 ; clkCnt + + ) {
tol = fndClk [ clkCnt ] / 8 ;
2015-04-07 11:17:30 +08:00
if ( minClk > = fndClk [ clkCnt ] - tol & & minClk < = fndClk [ clkCnt ] + 1 ) {
2015-04-03 00:48:52 +08:00
clk = fndClk [ clkCnt ] ;
break ;
}
}
2015-04-07 11:17:30 +08:00
if ( ! clk ) return 0 ;
2015-04-03 11:55:12 +08:00
} else tol = clk / 8 ;
2015-04-03 00:48:52 +08:00
// look for data start - should be 2 pairs of LW (pulses of clk*3,clk*2)
2015-04-07 11:17:30 +08:00
start = - 1 ;
for ( i = 0 ; i < j - 4 ; + + i ) {
2015-04-03 00:48:52 +08:00
skip + = tmpbuff [ i ] ;
2015-04-07 11:17:30 +08:00
if ( tmpbuff [ i ] > = clk * 3 - tol & & tmpbuff [ i ] < = clk * 3 + tol ) //3 clocks
if ( tmpbuff [ i + 1 ] > = clk * 2 - tol & & tmpbuff [ i + 1 ] < = clk * 2 + tol ) //2 clocks
if ( tmpbuff [ i + 2 ] > = clk * 3 - tol & & tmpbuff [ i + 2 ] < = clk * 3 + tol ) //3 clocks
if ( tmpbuff [ i + 3 ] > = clk - tol ) //1.5 to 2 clocks - depends on bit following
2015-04-03 00:48:52 +08:00
{
start = i + 4 ;
break ;
}
}
2015-04-07 11:17:30 +08:00
startblock = i + 4 ;
2015-04-03 00:48:52 +08:00
// skip over the remainder of LW
2015-04-07 12:53:06 +08:00
skip + = tmpbuff [ i + 1 ] + tmpbuff [ i + 2 ] + clk ;
if ( tmpbuff [ i + 3 ] > clk )
phaseoff = tmpbuff [ i + 3 ] - clk ;
else
phaseoff = 0 ;
2015-04-03 00:48:52 +08:00
// now do it again to find the end
end = skip ;
2015-04-07 11:17:30 +08:00
for ( i + = 3 ; i < j - 4 ; + + i ) {
2015-04-03 00:48:52 +08:00
end + = tmpbuff [ i ] ;
2015-04-07 11:17:30 +08:00
if ( tmpbuff [ i ] > = clk * 3 - tol & & tmpbuff [ i ] < = clk * 3 + tol ) //3 clocks
if ( tmpbuff [ i + 1 ] > = clk * 2 - tol & & tmpbuff [ i + 1 ] < = clk * 2 + tol ) //2 clocks
if ( tmpbuff [ i + 2 ] > = clk * 3 - tol & & tmpbuff [ i + 2 ] < = clk * 3 + tol ) //3 clocks
if ( tmpbuff [ i + 3 ] > = clk - tol ) //1.5 to 2 clocks - depends on bit following
2015-04-03 00:48:52 +08:00
{
complete = true ;
break ;
}
}
end = i ;
// report back
if ( verbose | | g_debugMode ) {
if ( start > = 0 ) {
2015-04-07 11:17:30 +08:00
PrintAndLog ( " \n Note: one block = 50 bits (32 data, 12 parity, 6 marker) " ) ;
2015-04-03 00:48:52 +08:00
} else {
2015-04-07 11:17:30 +08:00
PrintAndLog ( " No data found!, clock tried:%d " , clk ) ;
2015-04-03 00:48:52 +08:00
PrintAndLog ( " Try again with more samples. " ) ;
2015-04-07 11:17:30 +08:00
PrintAndLog ( " or after a 'data askedge' command to clean up the read " ) ;
2015-04-03 00:48:52 +08:00
return 0 ;
}
} else if ( start < 0 ) return 0 ;
2015-04-07 11:17:30 +08:00
start = skip ;
2015-04-03 00:48:52 +08:00
snprintf ( tmp2 , sizeof ( tmp2 ) , " %d %d 1000 %d " , clk , invert , clk * 47 ) ;
// get rid of leading crap
2015-04-07 11:17:30 +08:00
snprintf ( tmp , sizeof ( tmp ) , " %i " , skip ) ;
2015-04-03 00:48:52 +08:00
CmdLtrim ( tmp ) ;
bool pTest ;
2015-04-07 11:17:30 +08:00
bool AllPTest = true ;
2015-04-03 00:48:52 +08:00
// now work through remaining buffer printing out data blocks
block = 0 ;
i = startblock ;
2015-04-07 11:17:30 +08:00
while ( block < 6 ) {
2015-04-03 00:48:52 +08:00
if ( verbose | | g_debugMode ) PrintAndLog ( " \n Block %i: " , block ) ;
skip = phaseoff ;
// look for LW before start of next block
2015-04-07 11:17:30 +08:00
for ( ; i < j - 4 ; + + i ) {
2015-04-03 00:48:52 +08:00
skip + = tmpbuff [ i ] ;
if ( tmpbuff [ i ] > = clk * 3 - tol & & tmpbuff [ i ] < = clk * 3 + tol )
if ( tmpbuff [ i + 1 ] > = clk - tol )
break ;
}
2015-04-07 12:53:06 +08:00
if ( i > = j - 4 ) break ; //next LW not found
2015-04-03 00:48:52 +08:00
skip + = clk ;
2015-04-07 12:53:06 +08:00
if ( tmpbuff [ i + 1 ] > clk )
phaseoff = tmpbuff [ i + 1 ] - clk ;
else
phaseoff = 0 ;
2015-04-03 00:48:52 +08:00
i + = 2 ;
2015-04-08 13:07:39 +08:00
if ( ASKDemod ( tmp2 , false , false , 1 ) < 1 ) {
2015-04-07 11:17:30 +08:00
save_restoreGB ( 0 ) ;
return 0 ;
}
2015-04-03 00:48:52 +08:00
//set DemodBufferLen to just one block
DemodBufferLen = skip / clk ;
//test parities
pTest = EM_ByteParityTest ( DemodBuffer , DemodBufferLen , 5 , 9 , 0 ) ;
pTest & = EM_EndParityTest ( DemodBuffer , DemodBufferLen , 5 , 9 , 0 ) ;
AllPTest & = pTest ;
//get output
2015-04-07 11:17:30 +08:00
Code [ block ] = OutputEM4x50_Block ( DemodBuffer , DemodBufferLen , verbose , pTest ) ;
if ( g_debugMode ) PrintAndLog ( " \n skipping %d samples, bits:%d " , skip , skip / clk ) ;
2015-04-03 00:48:52 +08:00
//skip to start of next block
snprintf ( tmp , sizeof ( tmp ) , " %i " , skip ) ;
CmdLtrim ( tmp ) ;
block + + ;
2015-04-07 11:17:30 +08:00
if ( i > = end ) break ; //in case chip doesn't output 6 blocks
2015-04-03 00:48:52 +08:00
}
//print full code:
if ( verbose | | g_debugMode | | AllPTest ) {
2015-04-07 12:53:06 +08:00
if ( ! complete ) {
PrintAndLog ( " *** Warning! " ) ;
PrintAndLog ( " Partial data - no end found! " ) ;
PrintAndLog ( " Try again with more samples. " ) ;
}
2015-04-07 11:17:30 +08:00
PrintAndLog ( " Found data at sample: %i - using clock: %i " , start , clk ) ;
end = block ;
for ( block = 0 ; block < end ; block + + ) {
2015-04-03 00:48:52 +08:00
PrintAndLog ( " Block %d: %08x " , block , Code [ block ] ) ;
}
2015-04-07 12:53:06 +08:00
if ( AllPTest ) {
2015-04-03 00:48:52 +08:00
PrintAndLog ( " Parities Passed " ) ;
2015-04-07 12:53:06 +08:00
} else {
2015-04-03 00:48:52 +08:00
PrintAndLog ( " Parities Failed " ) ;
2015-04-07 11:17:30 +08:00
PrintAndLog ( " Try cleaning the read samples with 'data askedge' " ) ;
2015-04-07 12:53:06 +08:00
}
2015-04-03 00:48:52 +08:00
}
//restore GraphBuffer
save_restoreGB ( 0 ) ;
return ( int ) AllPTest ;
}
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
int CmdEM4x50Read ( const char * Cmd )
{
2015-04-03 00:48:52 +08:00
return EM4x50Read ( Cmd , true ) ;
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
}
2017-02-20 09:47:45 +08:00
//**************** Start of EM4x05/EM4x69 Code ************************
2017-02-13 12:59:44 +08:00
int usage_lf_em_read ( void ) {
PrintAndLog ( " Read EM4x05/EM4x69. Tag must be on antenna. " ) ;
PrintAndLog ( " " ) ;
2017-02-17 14:33:27 +08:00
PrintAndLog ( " Usage: lf em 4x05readword [h] <address> <pwd> " ) ;
2017-02-13 12:59:44 +08:00
PrintAndLog ( " Options: " ) ;
PrintAndLog ( " h - this help " ) ;
PrintAndLog ( " address - memory address to read. (0-15) " ) ;
PrintAndLog ( " pwd - password (hex) (optional) " ) ;
PrintAndLog ( " samples: " ) ;
2017-02-17 14:33:27 +08:00
PrintAndLog ( " lf em 4x05readword 1 " ) ;
PrintAndLog ( " lf em 4x05readword 1 11223344 " ) ;
2017-02-13 12:59:44 +08:00
return 0 ;
}
2017-02-15 12:42:55 +08:00
2017-02-20 09:47:45 +08:00
// for command responses from em4x05 or em4x69
// download samples from device and copy them to the Graphbuffer
bool downloadSamplesEM ( ) {
// 8 bit preamble + 32 bit word response (max clock (128) * 40bits = 5120 samples)
uint8_t got [ 6000 ] ;
GetFromBigBuf ( got , sizeof ( got ) , 0 ) ;
if ( ! WaitForResponseTimeout ( CMD_ACK , NULL , 4000 ) ) {
PrintAndLog ( " command execution time out " ) ;
return false ;
2017-02-15 12:42:55 +08:00
}
2017-02-20 09:47:45 +08:00
setGraphBuf ( got , sizeof ( got ) ) ;
return true ;
2017-02-17 14:33:27 +08:00
}
bool EM4x05testDemodReadData ( uint32_t * word , bool readCmd ) {
2017-02-22 12:00:43 +08:00
// em4x05/em4x69 command response preamble is 00001010
2017-02-20 09:47:45 +08:00
// skip first two 0 bits as they might have been missed in the demod
uint8_t preamble [ ] = { 0 , 0 , 1 , 0 , 1 , 0 } ;
2017-02-17 14:33:27 +08:00
size_t startIdx = 0 ;
2017-02-22 12:00:43 +08:00
// set size to 20 to only test first 14 positions for the preamble or less if not a read command
size_t size = ( readCmd ) ? 20 : 11 ;
// sanity check
size = ( size > DemodBufferLen ) ? DemodBufferLen : size ;
// test preamble
2017-02-24 02:53:40 +08:00
if ( ! preambleSearchEx ( DemodBuffer , preamble , sizeof ( preamble ) , & size , & startIdx , true ) ) {
2017-02-17 14:33:27 +08:00
if ( g_debugMode ) PrintAndLog ( " DEBUG: Error - EM4305 preamble not found :: %d " , startIdx ) ;
return false ;
}
2017-02-20 09:47:45 +08:00
// if this is a readword command, get the read bytes and test the parities
2017-02-17 14:33:27 +08:00
if ( readCmd ) {
2017-02-20 09:47:45 +08:00
if ( ! EM_EndParityTest ( DemodBuffer + startIdx + sizeof ( preamble ) , 45 , 5 , 9 , 0 ) ) {
if ( g_debugMode ) PrintAndLog ( " DEBUG: Error - End Parity check failed " ) ;
return false ;
}
2017-02-24 02:53:40 +08:00
// test for even parity bits and remove them. (leave out the end row of parities so 36 bits)
if ( removeParity ( DemodBuffer , startIdx + sizeof ( preamble ) , 9 , 0 , 36 ) = = 0 ) {
2017-02-17 14:33:27 +08:00
if ( g_debugMode ) PrintAndLog ( " DEBUG: Error - Parity not detected " ) ;
return false ;
}
2017-02-24 02:53:40 +08:00
setDemodBuf ( DemodBuffer , 32 , 0 ) ;
2017-04-13 05:55:31 +08:00
setClockGrid ( 0 , 0 ) ;
2017-02-20 09:47:45 +08:00
* word = bytebits_to_byteLSBF ( DemodBuffer , 32 ) ;
2017-02-17 14:33:27 +08:00
}
return true ;
2017-02-15 12:42:55 +08:00
}
2017-02-16 12:27:15 +08:00
// FSK, PSK, ASK/MANCHESTER, ASK/BIPHASE, ASK/DIPHASE
// should cover 90% of known used configs
// the rest will need to be manually demoded for now...
2017-02-17 14:33:27 +08:00
int demodEM4x05resp ( uint32_t * word , bool readCmd ) {
2017-02-15 12:42:55 +08:00
int ans = 0 ;
// test for FSK wave (easiest to 99% ID)
2017-02-20 10:31:46 +08:00
if ( GetFskClock ( " " , false , false ) ) {
2017-02-15 12:42:55 +08:00
//valid fsk clocks found
ans = FSKrawDemod ( " 0 0 " , false ) ;
if ( ! ans ) {
2017-02-20 09:47:45 +08:00
if ( g_debugMode ) PrintAndLog ( " DEBUG: Error - EM4305: FSK Demod failed, ans: %d " , ans ) ;
2017-02-15 12:42:55 +08:00
} else {
2017-02-17 14:33:27 +08:00
if ( EM4x05testDemodReadData ( word , readCmd ) ) {
return 1 ;
2017-02-15 12:42:55 +08:00
}
}
}
2017-02-16 12:27:15 +08:00
// PSK clocks should be easy to detect ( but difficult to demod a non-repeating pattern... )
2017-02-20 10:31:46 +08:00
ans = GetPskClock ( " " , false , false ) ;
2017-02-18 03:40:40 +08:00
if ( ans > 0 ) {
//try psk1
2017-02-20 10:31:46 +08:00
ans = PSKDemod ( " 0 0 6 " , false ) ;
2017-02-16 12:27:15 +08:00
if ( ! ans ) {
2017-02-20 09:47:45 +08:00
if ( g_debugMode ) PrintAndLog ( " DEBUG: Error - EM4305: PSK1 Demod failed, ans: %d " , ans ) ;
2017-02-16 12:27:15 +08:00
} else {
2017-02-17 14:33:27 +08:00
if ( EM4x05testDemodReadData ( word , readCmd ) ) {
return 1 ;
2017-02-18 03:40:40 +08:00
} else {
//try psk2
psk1TOpsk2 ( DemodBuffer , DemodBufferLen ) ;
if ( EM4x05testDemodReadData ( word , readCmd ) ) {
return 1 ;
}
}
//try psk1 inverted
2017-02-20 10:31:46 +08:00
ans = PSKDemod ( " 0 1 6 " , false ) ;
2017-02-18 03:40:40 +08:00
if ( ! ans ) {
2017-02-20 09:47:45 +08:00
if ( g_debugMode ) PrintAndLog ( " DEBUG: Error - EM4305: PSK1 Demod failed, ans: %d " , ans ) ;
2017-02-18 03:40:40 +08:00
} else {
if ( EM4x05testDemodReadData ( word , readCmd ) ) {
return 1 ;
} else {
//try psk2
psk1TOpsk2 ( DemodBuffer , DemodBufferLen ) ;
if ( EM4x05testDemodReadData ( word , readCmd ) ) {
return 1 ;
}
}
2017-02-16 12:27:15 +08:00
}
}
2017-02-15 12:42:55 +08:00
}
2017-02-20 09:47:45 +08:00
// manchester is more common than biphase... try first
2017-02-18 03:40:40 +08:00
bool stcheck = false ;
// try manchester - NOTE: ST only applies to T55x7 tags.
ans = ASKDemod_ext ( " 0,0,1 " , false , false , 1 , & stcheck ) ;
if ( ! ans ) {
2017-02-20 09:47:45 +08:00
if ( g_debugMode ) PrintAndLog ( " DEBUG: Error - EM4305: ASK/Manchester Demod failed, ans: %d " , ans ) ;
2017-02-18 03:40:40 +08:00
} else {
if ( EM4x05testDemodReadData ( word , readCmd ) ) {
return 1 ;
2017-02-15 12:42:55 +08:00
}
}
2017-02-18 03:40:40 +08:00
//try biphase
2017-02-20 10:31:46 +08:00
ans = ASKbiphaseDemod ( " 0 0 1 " , false ) ;
2017-02-18 03:40:40 +08:00
if ( ! ans ) {
2017-02-20 09:47:45 +08:00
if ( g_debugMode ) PrintAndLog ( " DEBUG: Error - EM4305: ASK/biphase Demod failed, ans: %d " , ans ) ;
2017-02-18 03:40:40 +08:00
} else {
if ( EM4x05testDemodReadData ( word , readCmd ) ) {
return 1 ;
2017-02-15 12:42:55 +08:00
}
}
2017-02-18 03:40:40 +08:00
//try diphase (differential biphase or inverted)
2017-02-20 10:31:46 +08:00
ans = ASKbiphaseDemod ( " 0 1 1 " , false ) ;
2017-02-18 03:40:40 +08:00
if ( ! ans ) {
2017-02-20 09:47:45 +08:00
if ( g_debugMode ) PrintAndLog ( " DEBUG: Error - EM4305: ASK/biphase Demod failed, ans: %d " , ans ) ;
2017-02-18 03:40:40 +08:00
} else {
if ( EM4x05testDemodReadData ( word , readCmd ) ) {
return 1 ;
2017-02-16 12:27:15 +08:00
}
2017-02-18 03:40:40 +08:00
}
2017-02-15 12:42:55 +08:00
return - 1 ;
}
2017-02-20 22:50:00 +08:00
int EM4x05ReadWord_ext ( uint8_t addr , uint32_t pwd , bool usePwd , uint32_t * wordData ) {
2017-02-13 12:59:44 +08:00
UsbCommand c = { CMD_EM4X_READ_WORD , { addr , pwd , usePwd } } ;
clearCommandBuffer ( ) ;
2015-04-03 00:48:52 +08:00
SendCommand ( & c ) ;
2017-02-13 12:59:44 +08:00
UsbCommand resp ;
if ( ! WaitForResponseTimeout ( CMD_ACK , & resp , 2500 ) ) {
PrintAndLog ( " Command timed out " ) ;
return - 1 ;
}
2017-02-20 09:47:45 +08:00
if ( ! downloadSamplesEM ( ) ) {
2017-02-15 12:42:55 +08:00
return - 1 ;
2017-02-13 12:59:44 +08:00
}
2017-02-15 12:42:55 +08:00
int testLen = ( GraphTraceLen < 1000 ) ? GraphTraceLen : 1000 ;
if ( graphJustNoise ( GraphBuffer , testLen ) ) {
PrintAndLog ( " no tag not found " ) ;
return - 1 ;
}
2017-02-16 12:27:15 +08:00
//attempt demod:
2017-02-20 22:50:00 +08:00
return demodEM4x05resp ( wordData , true ) ;
}
int EM4x05ReadWord ( uint8_t addr , uint32_t pwd , bool usePwd ) {
2017-02-17 14:33:27 +08:00
uint32_t wordData = 0 ;
2017-02-20 22:50:00 +08:00
int success = EM4x05ReadWord_ext ( addr , pwd , usePwd , & wordData ) ;
2017-02-20 09:47:45 +08:00
if ( success = = 1 )
2017-02-22 23:41:40 +08:00
PrintAndLog ( " %s Address %02d | %08X " , ( addr > 13 ) ? " Lock " : " Got " , addr , wordData ) ;
2017-02-20 09:47:45 +08:00
else
2017-02-20 22:50:00 +08:00
PrintAndLog ( " Read Address %02d | failed " , addr ) ;
2017-02-20 09:47:45 +08:00
2017-02-17 14:33:27 +08:00
return success ;
}
int CmdEM4x05ReadWord ( const char * Cmd ) {
uint8_t addr ;
uint32_t pwd ;
bool usePwd = false ;
uint8_t ctmp = param_getchar ( Cmd , 0 ) ;
if ( strlen ( Cmd ) = = 0 | | ctmp = = ' H ' | | ctmp = = ' h ' ) return usage_lf_em_read ( ) ;
addr = param_get8ex ( Cmd , 0 , 50 , 10 ) ;
// for now use default input of 1 as invalid (unlikely 1 will be a valid password...)
pwd = param_get32ex ( Cmd , 1 , 1 , 16 ) ;
if ( ( addr > 15 ) ) {
PrintAndLog ( " Address must be between 0 and 15 " ) ;
return 1 ;
}
2017-02-20 09:47:45 +08:00
if ( pwd = = 1 ) {
2017-02-17 14:33:27 +08:00
PrintAndLog ( " Reading address %02u " , addr ) ;
2017-02-20 09:47:45 +08:00
} else {
2017-02-17 14:33:27 +08:00
usePwd = true ;
PrintAndLog ( " Reading address %02u | password %08X " , addr , pwd ) ;
}
2017-02-18 03:48:19 +08:00
2017-02-20 09:47:45 +08:00
return EM4x05ReadWord ( addr , pwd , usePwd ) ;
2013-03-01 01:04:23 +08:00
}
2017-02-17 14:33:27 +08:00
int usage_lf_em_dump ( void ) {
PrintAndLog ( " Dump EM4x05/EM4x69. Tag must be on antenna. " ) ;
PrintAndLog ( " " ) ;
PrintAndLog ( " Usage: lf em 4x05dump [h] <pwd> " ) ;
PrintAndLog ( " Options: " ) ;
PrintAndLog ( " h - this help " ) ;
PrintAndLog ( " pwd - password (hex) (optional) " ) ;
PrintAndLog ( " samples: " ) ;
PrintAndLog ( " lf em 4x05dump " ) ;
PrintAndLog ( " lf em 4x05dump 11223344 " ) ;
return 0 ;
}
int CmdEM4x05dump ( const char * Cmd ) {
uint8_t addr = 0 ;
uint32_t pwd ;
bool usePwd = false ;
uint8_t ctmp = param_getchar ( Cmd , 0 ) ;
if ( ctmp = = ' H ' | | ctmp = = ' h ' ) return usage_lf_em_dump ( ) ;
// for now use default input of 1 as invalid (unlikely 1 will be a valid password...)
pwd = param_get32ex ( Cmd , 0 , 1 , 16 ) ;
if ( pwd ! = 1 ) {
usePwd = true ;
}
int success = 1 ;
for ( ; addr < 16 ; addr + + ) {
if ( addr = = 2 ) {
if ( usePwd ) {
2017-02-20 10:31:46 +08:00
PrintAndLog ( " PWD Address %02u | %08X " , addr , pwd ) ;
2017-02-17 14:33:27 +08:00
} else {
2017-02-20 10:31:46 +08:00
PrintAndLog ( " PWD Address 02 | cannot read " ) ;
2017-02-17 14:33:27 +08:00
}
} else {
success & = EM4x05ReadWord ( addr , pwd , usePwd ) ;
}
}
return success ;
}
2017-02-13 12:59:44 +08:00
int usage_lf_em_write ( void ) {
PrintAndLog ( " Write EM4x05/EM4x69. Tag must be on antenna. " ) ;
PrintAndLog ( " " ) ;
2017-04-01 00:14:28 +08:00
PrintAndLog ( " Usage: lf em 4x05writeword [h] a <address> d <data> p <pwd> [s] [i] " ) ;
2017-02-13 12:59:44 +08:00
PrintAndLog ( " Options: " ) ;
2017-04-01 00:14:28 +08:00
PrintAndLog ( " h - this help " ) ;
PrintAndLog ( " a <address> - memory address to write to. (0-15) " ) ;
PrintAndLog ( " d <data> - data to write (hex) " ) ;
PrintAndLog ( " p <pwd> - password (hex) (optional) " ) ;
PrintAndLog ( " s - swap the data bit order before write " ) ;
PrintAndLog ( " i - invert the data bits before write " ) ;
2017-02-13 12:59:44 +08:00
PrintAndLog ( " samples: " ) ;
2017-04-01 00:14:28 +08:00
PrintAndLog ( " lf em 4x05writeword a 5 d 11223344 " ) ;
PrintAndLog ( " lf em 4x05writeword a 5 p deadc0de d 11223344 s i " ) ;
2017-02-13 12:59:44 +08:00
return 0 ;
}
2017-02-16 12:27:15 +08:00
2017-04-01 00:52:30 +08:00
// note: em4x05 doesn't have a way to invert data output so we must invert the data prior to writing
// it if invertion is needed. (example FSK2a vs FSK)
// also em4x05 requires swapping word data when compared to the data used for t55xx chips.
2017-04-01 00:14:28 +08:00
int EM4x05WriteWord ( uint8_t addr , uint32_t data , uint32_t pwd , bool usePwd , bool swap , bool invert ) {
if ( swap ) data = SwapBits ( data , 32 ) ;
2017-03-15 02:42:01 +08:00
2017-04-01 00:14:28 +08:00
if ( invert ) data ^ = 0xFFFFFFFF ;
2017-03-15 02:42:01 +08:00
2017-02-17 14:33:27 +08:00
if ( ( addr > 15 ) ) {
2017-02-13 12:59:44 +08:00
PrintAndLog ( " Address must be between 0 and 15 " ) ;
2017-04-01 00:22:30 +08:00
return - 1 ;
2015-04-03 00:48:52 +08:00
}
2017-04-01 00:14:28 +08:00
if ( ! usePwd ) {
PrintAndLog ( " Writing address %d data %08X " , addr , data ) ;
} else {
2017-03-15 02:42:01 +08:00
PrintAndLog ( " Writing address %d data %08X using password %08X " , addr , data , pwd ) ;
2017-02-13 12:59:44 +08:00
}
2017-03-15 02:42:01 +08:00
2017-02-13 12:59:44 +08:00
uint16_t flag = ( addr < < 8 ) | usePwd ;
2017-03-15 02:42:01 +08:00
2017-02-13 12:59:44 +08:00
UsbCommand c = { CMD_EM4X_WRITE_WORD , { flag , data , pwd } } ;
clearCommandBuffer ( ) ;
2015-04-03 00:48:52 +08:00
SendCommand ( & c ) ;
2017-03-15 02:42:01 +08:00
UsbCommand resp ;
2017-02-17 14:33:27 +08:00
if ( ! WaitForResponseTimeout ( CMD_ACK , & resp , 2000 ) ) {
2017-02-13 12:59:44 +08:00
PrintAndLog ( " Error occurred, device did not respond during write operation. " ) ;
return - 1 ;
}
2017-02-20 09:47:45 +08:00
if ( ! downloadSamplesEM ( ) ) {
return - 1 ;
2017-02-13 12:59:44 +08:00
}
2017-03-15 02:42:01 +08:00
//check response for 00001010 for write confirmation!
2017-02-16 12:27:15 +08:00
//attempt demod:
2017-02-17 14:33:27 +08:00
uint32_t dummy = 0 ;
int result = demodEM4x05resp ( & dummy , false ) ;
2017-02-16 12:27:15 +08:00
if ( result = = 1 ) {
PrintAndLog ( " Write Verified " ) ;
2017-02-22 12:00:43 +08:00
} else {
PrintAndLog ( " Write could not be verified " ) ;
2017-02-16 12:27:15 +08:00
}
return result ;
2013-03-01 01:04:23 +08:00
}
2017-04-01 00:14:28 +08:00
int CmdEM4x05WriteWord ( const char * Cmd ) {
bool errors = false ;
bool usePwd = false ;
uint32_t data = 0xFFFFFFFF ;
uint32_t pwd = 0xFFFFFFFF ;
bool swap = false ;
bool invert = false ;
uint8_t addr = 16 ; // default to invalid address
2017-04-01 00:52:30 +08:00
bool gotData = false ;
2017-04-01 00:14:28 +08:00
char cmdp = 0 ;
while ( param_getchar ( Cmd , cmdp ) ! = 0x00 )
{
switch ( param_getchar ( Cmd , cmdp ) )
{
case ' h ' :
case ' H ' :
return usage_lf_em_write ( ) ;
case ' a ' :
case ' A ' :
addr = param_get8ex ( Cmd , cmdp + 1 , 16 , 10 ) ;
cmdp + = 2 ;
break ;
case ' d ' :
case ' D ' :
data = param_get32ex ( Cmd , cmdp + 1 , 0 , 16 ) ;
2017-04-01 00:52:30 +08:00
gotData = true ;
2017-04-01 00:14:28 +08:00
cmdp + = 2 ;
break ;
case ' i ' :
case ' I ' :
invert = true ;
cmdp + + ;
break ;
case ' p ' :
case ' P ' :
pwd = param_get32ex ( Cmd , cmdp + 1 , 1 , 16 ) ;
if ( pwd = = 1 ) {
PrintAndLog ( " invalid pwd " ) ;
errors = true ;
}
usePwd = true ;
cmdp + = 2 ;
break ;
case ' s ' :
case ' S ' :
swap = true ;
cmdp + + ;
break ;
default :
PrintAndLog ( " Unknown parameter '%c' " , param_getchar ( Cmd , cmdp ) ) ;
errors = true ;
break ;
}
if ( errors ) break ;
}
//Validations
if ( errors ) return usage_lf_em_write ( ) ;
if ( strlen ( Cmd ) = = 0 ) return usage_lf_em_write ( ) ;
2017-04-01 00:52:30 +08:00
if ( ! gotData ) {
PrintAndLog ( " You must enter the data you want to write " ) ;
return usage_lf_em_write ( ) ;
}
2017-04-01 00:14:28 +08:00
return EM4x05WriteWord ( addr , data , pwd , usePwd , swap , invert ) ;
}
2017-02-22 00:06:19 +08:00
void printEM4x05config ( uint32_t wordData ) {
2017-04-01 00:14:28 +08:00
uint16_t datarate = EM4x05_GET_BITRATE ( wordData ) ;
2017-02-22 00:06:19 +08:00
uint8_t encoder = ( ( wordData > > 6 ) & 0xF ) ;
char enc [ 14 ] ;
memset ( enc , 0 , sizeof ( enc ) ) ;
uint8_t PSKcf = ( wordData > > 10 ) & 0x3 ;
char cf [ 10 ] ;
memset ( cf , 0 , sizeof ( cf ) ) ;
uint8_t delay = ( wordData > > 12 ) & 0x3 ;
char cdelay [ 33 ] ;
memset ( cdelay , 0 , sizeof ( cdelay ) ) ;
2017-04-01 00:14:28 +08:00
uint8_t numblks = EM4x05_GET_NUM_BLOCKS ( wordData ) ;
uint8_t LWR = numblks + 5 - 1 ; //last word read
2017-02-22 00:06:19 +08:00
switch ( encoder ) {
case 0 : snprintf ( enc , sizeof ( enc ) , " NRZ " ) ; break ;
case 1 : snprintf ( enc , sizeof ( enc ) , " Manchester " ) ; break ;
case 2 : snprintf ( enc , sizeof ( enc ) , " Biphase " ) ; break ;
case 3 : snprintf ( enc , sizeof ( enc ) , " Miller " ) ; break ;
case 4 : snprintf ( enc , sizeof ( enc ) , " PSK1 " ) ; break ;
case 5 : snprintf ( enc , sizeof ( enc ) , " PSK2 " ) ; break ;
case 6 : snprintf ( enc , sizeof ( enc ) , " PSK3 " ) ; break ;
case 7 : snprintf ( enc , sizeof ( enc ) , " Unknown " ) ; break ;
case 8 : snprintf ( enc , sizeof ( enc ) , " FSK1 " ) ; break ;
case 9 : snprintf ( enc , sizeof ( enc ) , " FSK2 " ) ; break ;
default : snprintf ( enc , sizeof ( enc ) , " Unknown " ) ; break ;
}
switch ( PSKcf ) {
case 0 : snprintf ( cf , sizeof ( cf ) , " RF/2 " ) ; break ;
case 1 : snprintf ( cf , sizeof ( cf ) , " RF/8 " ) ; break ;
case 2 : snprintf ( cf , sizeof ( cf ) , " RF/4 " ) ; break ;
case 3 : snprintf ( cf , sizeof ( cf ) , " unknown " ) ; break ;
}
switch ( delay ) {
case 0 : snprintf ( cdelay , sizeof ( cdelay ) , " no delay " ) ; break ;
case 1 : snprintf ( cdelay , sizeof ( cdelay ) , " BP/8 or 1/8th bit period delay " ) ; break ;
case 2 : snprintf ( cdelay , sizeof ( cdelay ) , " BP/4 or 1/4th bit period delay " ) ; break ;
case 3 : snprintf ( cdelay , sizeof ( cdelay ) , " no delay " ) ; break ;
}
2017-04-01 00:14:28 +08:00
uint8_t readLogin = ( wordData & EM4x05_READ_LOGIN_REQ ) > > 18 ;
uint8_t readHKL = ( wordData & EM4x05_READ_HK_LOGIN_REQ ) > > 19 ;
uint8_t writeLogin = ( wordData & EM4x05_WRITE_LOGIN_REQ ) > > 20 ;
uint8_t writeHKL = ( wordData & EM4x05_WRITE_HK_LOGIN_REQ ) > > 21 ;
uint8_t raw = ( wordData & EM4x05_READ_AFTER_WRITE ) > > 22 ;
uint8_t disable = ( wordData & EM4x05_DISABLE_ALLOWED ) > > 23 ;
uint8_t rtf = ( wordData & EM4x05_READER_TALK_FIRST ) > > 24 ;
uint8_t pigeon = ( wordData & ( 1 < < 26 ) ) > > 26 ;
2017-02-22 00:06:19 +08:00
PrintAndLog ( " ConfigWord: %08X (Word 4) \n " , wordData ) ;
2017-04-01 00:14:28 +08:00
PrintAndLog ( " Config Breakdown: " ) ;
2017-02-22 23:41:40 +08:00
PrintAndLog ( " Data Rate: %02u | RF/%u " , wordData & 0x3F , datarate ) ;
2017-02-22 00:06:19 +08:00
PrintAndLog ( " Encoder: %u | %s " , encoder , enc ) ;
PrintAndLog ( " PSK CF: %u | %s " , PSKcf , cf ) ;
PrintAndLog ( " Delay: %u | %s " , delay , cdelay ) ;
2017-04-01 00:14:28 +08:00
PrintAndLog ( " LastWordR: %02u | Address of last word for default read - meaning %u blocks are output " , LWR , numblks ) ;
PrintAndLog ( " ReadLogin: %u | Read Login is %s " , readLogin , readLogin ? " Required " : " Not Required " ) ;
PrintAndLog ( " ReadHKL: %u | Read Housekeeping Words Login is %s " , readHKL , readHKL ? " Required " : " Not Required " ) ;
PrintAndLog ( " WriteLogin: %u | Write Login is %s " , writeLogin , writeLogin ? " Required " : " Not Required " ) ;
PrintAndLog ( " WriteHKL: %u | Write Housekeeping Words Login is %s " , writeHKL , writeHKL ? " Required " : " Not Required " ) ;
PrintAndLog ( " R.A.W.: %u | Read After Write is %s " , raw , raw ? " On " : " Off " ) ;
PrintAndLog ( " Disable: %u | Disable Command is %s " , disable , disable ? " Accepted " : " Not Accepted " ) ;
PrintAndLog ( " R.T.F.: %u | Reader Talk First is %s " , rtf , rtf ? " Enabled " : " Disabled " ) ;
PrintAndLog ( " Pigeon: %u | Pigeon Mode is %s \n " , pigeon , pigeon ? " Enabled " : " Disabled " ) ;
2017-02-22 00:06:19 +08:00
}
2017-02-20 22:50:00 +08:00
void printEM4x05info ( uint8_t chipType , uint8_t cap , uint16_t custCode , uint32_t serial ) {
switch ( chipType ) {
2017-02-22 00:06:19 +08:00
case 9 : PrintAndLog ( " \n Chip Type: %u | EM4305 " , chipType ) ; break ;
case 4 : PrintAndLog ( " Chip Type: %u | Unknown " , chipType ) ; break ;
case 2 : PrintAndLog ( " Chip Type: %u | EM4469 " , chipType ) ; break ;
2017-02-20 22:50:00 +08:00
//add more here when known
2017-02-22 00:06:19 +08:00
default : PrintAndLog ( " Chip Type: %u Unknown " , chipType ) ; break ;
2017-02-20 22:50:00 +08:00
}
switch ( cap ) {
2017-02-22 00:06:19 +08:00
case 3 : PrintAndLog ( " Cap Type: %u | 330pF " , cap ) ; break ;
case 2 : PrintAndLog ( " Cap Type: %u | %spF " , cap , ( chipType = = 2 ) ? " 75 " : " 210 " ) ; break ;
case 1 : PrintAndLog ( " Cap Type: %u | 250pF " , cap ) ; break ;
case 0 : PrintAndLog ( " Cap Type: %u | no resonant capacitor " , cap ) ; break ;
default : PrintAndLog ( " Cap Type: %u | unknown " , cap ) ; break ;
2017-02-20 22:50:00 +08:00
}
2017-02-22 00:06:19 +08:00
PrintAndLog ( " Cust Code: %03u | %s " , custCode , ( custCode = = 0x200 ) ? " Default " : " Unknown " ) ;
2017-02-20 22:50:00 +08:00
if ( serial ! = 0 ) {
2017-02-22 00:06:19 +08:00
PrintAndLog ( " \n Serial #: %08X \n " , serial ) ;
2017-02-20 22:50:00 +08:00
}
}
2017-02-22 12:00:43 +08:00
void printEM4x05ProtectionBits ( uint32_t wordData ) {
2017-02-22 23:41:40 +08:00
for ( uint8_t i = 0 ; i < 15 ; i + + ) {
PrintAndLog ( " Word: %02u | %s " , i , ( ( ( 1 < < i ) & wordData ) | | i < 2 ) ? " Is Write Locked " : " Is Not Write Locked " ) ;
if ( i = = 14 ) {
PrintAndLog ( " Word: %02u | %s " , i + 1 , ( ( ( 1 < < i ) & wordData ) | | i < 2 ) ? " Is Write Locked " : " Is Not Write Locked " ) ;
}
2017-02-22 12:00:43 +08:00
}
}
2017-02-20 22:50:00 +08:00
//quick test for EM4x05/EM4x69 tag
bool EM4x05Block0Test ( uint32_t * wordData ) {
if ( EM4x05ReadWord_ext ( 0 , 0 , false , wordData ) = = 1 ) {
return true ;
}
return false ;
}
int CmdEM4x05info ( const char * Cmd ) {
//uint8_t addr = 0;
2017-02-22 00:06:19 +08:00
uint32_t pwd ;
2017-02-20 22:50:00 +08:00
uint32_t wordData = 0 ;
2017-02-22 00:06:19 +08:00
bool usePwd = false ;
2017-02-20 22:50:00 +08:00
uint8_t ctmp = param_getchar ( Cmd , 0 ) ;
if ( ctmp = = ' H ' | | ctmp = = ' h ' ) return usage_lf_em_dump ( ) ;
// for now use default input of 1 as invalid (unlikely 1 will be a valid password...)
2017-02-22 00:06:19 +08:00
pwd = param_get32ex ( Cmd , 0 , 1 , 16 ) ;
2017-02-20 22:50:00 +08:00
2017-02-22 00:06:19 +08:00
if ( pwd ! = 1 ) {
usePwd = true ;
}
2017-02-20 22:50:00 +08:00
2017-02-22 00:06:19 +08:00
// read word 0 (chip info)
// block 0 can be read even without a password.
2017-02-20 22:50:00 +08:00
if ( ! EM4x05Block0Test ( & wordData ) )
return - 1 ;
uint8_t chipType = ( wordData > > 1 ) & 0xF ;
uint8_t cap = ( wordData > > 5 ) & 3 ;
uint16_t custCode = ( wordData > > 9 ) & 0x3FF ;
2017-02-22 00:06:19 +08:00
// read word 1 (serial #) doesn't need pwd
2017-02-20 22:50:00 +08:00
wordData = 0 ;
if ( EM4x05ReadWord_ext ( 1 , 0 , false , & wordData ) ! = 1 ) {
//failed, but continue anyway...
}
printEM4x05info ( chipType , cap , custCode , wordData ) ;
2017-02-22 00:06:19 +08:00
// read word 4 (config block)
2017-02-20 22:50:00 +08:00
// needs password if one is set
2017-02-22 00:06:19 +08:00
wordData = 0 ;
if ( EM4x05ReadWord_ext ( 4 , pwd , usePwd , & wordData ) ! = 1 ) {
//failed
2017-04-01 00:14:28 +08:00
PrintAndLog ( " Config block read failed - might be password protected. " ) ;
2017-02-22 00:06:19 +08:00
return 0 ;
}
printEM4x05config ( wordData ) ;
2017-02-22 12:00:43 +08:00
// read word 14 and 15 to see which is being used for the protection bits
wordData = 0 ;
if ( EM4x05ReadWord_ext ( 14 , pwd , usePwd , & wordData ) ! = 1 ) {
//failed
return 0 ;
}
// if status bit says this is not the used protection word
if ( ! ( wordData & 0x8000 ) ) {
if ( EM4x05ReadWord_ext ( 15 , pwd , usePwd , & wordData ) ! = 1 ) {
//failed
return 0 ;
}
}
if ( ! ( wordData & 0x8000 ) ) {
//something went wrong
return 0 ;
}
printEM4x05ProtectionBits ( wordData ) ;
2017-02-22 00:06:19 +08:00
return 1 ;
2017-02-20 22:50:00 +08:00
}
2012-03-07 21:44:53 +08:00
static command_t CommandTable [ ] =
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
{
2017-03-22 06:42:11 +08:00
{ " help " , CmdHelp , 1 , " This help " } ,
{ " 410xread " , CmdEMdemodASK , 0 , " [findone] -- Extract ID from EM410x tag (option 0 for continuous loop, 1 for only 1 tag) " } ,
{ " 410xdemod " , CmdAskEM410xDemod , 1 , " [clock] [invert<0|1>] [maxErr] -- Demodulate an EM410x tag from GraphBuffer (args optional) " } ,
{ " 410xsim " , CmdEM410xSim , 0 , " <UID> [clock rate] -- Simulate EM410x tag " } ,
2017-02-17 14:33:27 +08:00
{ " 410xwatch " , CmdEM410xWatch , 0 , " ['h'] -- Watches for EM410x 125/134 kHz tags (option 'h' for 134) " } ,
{ " 410xspoof " , CmdEM410xWatchnSpoof , 0 , " ['h'] --- Watches for EM410x 125/134 kHz tags, and replays them. (option 'h' for 134) " } ,
{ " 410xwrite " , CmdEM410xWrite , 0 , " <UID> <'0' T5555> <'1' T55x7> [clock rate] -- Write EM410x UID to T5555(Q5) or T55x7 tag, optionally setting clock rate " } ,
2017-03-22 06:42:11 +08:00
{ " 4x05dump " , CmdEM4x05dump , 0 , " (pwd) -- Read EM4x05/EM4x69 all word data " } ,
{ " 4x05info " , CmdEM4x05info , 0 , " (pwd) -- Get info from EM4x05/EM4x69 tag " } ,
{ " 4x05readword " , CmdEM4x05ReadWord , 0 , " <Word> (pwd) -- Read EM4x05/EM4x69 word data " } ,
2017-02-20 22:50:00 +08:00
{ " 4x05writeword " , CmdEM4x05WriteWord , 0 , " <Word> <data> (pwd) -- Write EM4x05/EM4x69 word data " } ,
2017-03-22 06:42:11 +08:00
{ " 4x50read " , CmdEM4x50Read , 1 , " demod data from EM4x50 tag from the graph buffer " } ,
2015-04-03 00:48:52 +08:00
{ NULL , NULL , 0 , NULL }
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
} ;
int CmdLFEM4X ( const char * Cmd )
{
2015-04-03 00:48:52 +08:00
CmdsParse ( CommandTable , Cmd ) ;
return 0 ;
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
}
int CmdHelp ( const char * Cmd )
{
2015-04-03 00:48:52 +08:00
CmdsHelp ( CommandTable ) ;
return 0 ;
Client cleanup and restructuring. Stage 1...
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
2010-02-04 09:27:07 +08:00
}