Proxmark/proxmark3
1
1
Fork 0
mirror of https://github.com/Proxmark/proxmark3.git synced 2024-09-21 23:36:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7 from marshmellow42/hitag2_tests

Browse source 
attempt hitag2 uid read for lf search
This commit is contained in:
marshmellow42 2016-08-25 13:41:11 -04:00 committed by GitHub
parent ef3f88bca9 f86d6b557a
commit fc249a8e13
4 changed files with 107 additions and 46 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

65
armsrc/hitag2.c
View file

@ -697,6 +697,42 @@ static bool hitag2_test_auth_attempts(byte_t* rx, const size_t rxlen, byte_t* tx
return true; return true;
} }
static bool hitag2_read_uid(byte_t* rx, const size_t rxlen, byte_t* tx, size_t* txlen) {
// Reset the transmission frame length
*txlen = 0;
// Try to find out which command was send by selecting on length (in bits)
switch (rxlen) {
// No answer, try to resurrect
case 0: {
// Just starting or if there is no answer
*txlen = 5;
memcpy(tx,"\xc0",nbytes(*txlen));
} break;
// Received UID
case 32: {
// Check if we received answer tag (at)
if (bAuthenticating) {
bAuthenticating = false;
} else {
// Store the received block
memcpy(tag.sectors[blocknr],rx,4);
blocknr++;
}
if (blocknr > 0) {
//DbpString("Read successful!");
bSuccessful = true;
return false;
}
} break;
// Unexpected response
default: {
Dbprintf("Uknown frame length: %d",rxlen);
return false;
} break;
}
return true;
}
void SnoopHitag(uint32_t type) { void SnoopHitag(uint32_t type) {
int frame_count; int frame_count;
@ -1123,7 +1159,7 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
set_tracing(TRUE); set_tracing(TRUE);
clear_trace(); clear_trace();
DbpString("Starting Hitag reader family"); //DbpString("Starting Hitag reader family");
// Check configuration // Check configuration
switch(htf) { switch(htf) {
@ -1135,7 +1171,6 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
bQuiet = false; bQuiet = false;
bPwd = false; bPwd = false;
} break; } break;
case RHT2F_AUTHENTICATE: { case RHT2F_AUTHENTICATE: {
DbpString("Authenticating using nr,ar pair:"); DbpString("Authenticating using nr,ar pair:");
memcpy(NrAr,htd->auth.NrAr,8); memcpy(NrAr,htd->auth.NrAr,8);
@ -1145,7 +1180,6 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
bAuthenticating = false; bAuthenticating = false;
bQuitTraceFull = true; bQuitTraceFull = true;
} break; } break;
case RHT2F_CRYPTO: { case RHT2F_CRYPTO: {
DbpString("Authenticating using key:"); DbpString("Authenticating using key:");
memcpy(key,htd->crypto.key,6); //HACK; 4 or 6?? I read both in the code. memcpy(key,htd->crypto.key,6); //HACK; 4 or 6?? I read both in the code.
@ -1156,7 +1190,6 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
bAuthenticating = false; bAuthenticating = false;
bQuitTraceFull = true; bQuitTraceFull = true;
} break; } break;
case RHT2F_TEST_AUTH_ATTEMPTS: { case RHT2F_TEST_AUTH_ATTEMPTS: {
Dbprintf("Testing %d authentication attempts",(auth_table_len/8)); Dbprintf("Testing %d authentication attempts",(auth_table_len/8));
auth_table_pos = 0; auth_table_pos = 0;
@ -1165,7 +1198,12 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
bQuiet = false; bQuiet = false;
bCrypto = false; bCrypto = false;
} break; } break;
case RHT2F_UID_ONLY: {
blocknr = 0;
bQuiet = false;
bCrypto = false;
bAuthenticating = false;
} break;
default: { default: {
Dbprintf("Error, unknown function: %d",htf); Dbprintf("Error, unknown function: %d",htf);
return; return;
@ -1222,22 +1260,22 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
// hitagS settings // hitagS settings
reset_sof = 1; reset_sof = 1;
t_wait = 200; t_wait = 200;
DbpString("Configured for hitagS reader"); //DbpString("Configured for hitagS reader");
} else if (htf < 20) { } else if (htf < 20) {
// hitag1 settings // hitag1 settings
reset_sof = 1; reset_sof = 1;
t_wait = 200; t_wait = 200;
DbpString("Configured for hitag1 reader"); //DbpString("Configured for hitag1 reader");
} else if (htf < 30) { } else if (htf < 30) {
// hitag2 settings // hitag2 settings
reset_sof = 4; reset_sof = 4;
t_wait = HITAG_T_WAIT_2; t_wait = HITAG_T_WAIT_2;
DbpString("Configured for hitag2 reader"); //DbpString("Configured for hitag2 reader");
} else { } else {
Dbprintf("Error, unknown hitag reader type: %d",htf); Dbprintf("Error, unknown hitag reader type: %d",htf);
return; return;
} }
uint8_t attempt_count=0;
while(!bStop && !BUTTON_PRESS()) { while(!bStop && !BUTTON_PRESS()) {
// Watchdog hit // Watchdog hit
WDT_HIT(); WDT_HIT();
@ -1272,6 +1310,11 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
case RHT2F_TEST_AUTH_ATTEMPTS: { case RHT2F_TEST_AUTH_ATTEMPTS: {
bStop = !hitag2_test_auth_attempts(rx,rxlen,tx,&txlen); bStop = !hitag2_test_auth_attempts(rx,rxlen,tx,&txlen);
} break; } break;
case RHT2F_UID_ONLY: {
bStop = !hitag2_read_uid(rx, rxlen, tx, &txlen);
attempt_count++; //attempt 3 times to get uid then quit
if (!bStop && attempt_count == 3) bStop = true;
} break;
default: { default: {
Dbprintf("Error, unknown function: %d",htf); Dbprintf("Error, unknown function: %d",htf);
return; return;
@ -1381,7 +1424,7 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
AT91C_BASE_TC1->TC_CCR = AT91C_TC_CLKDIS; AT91C_BASE_TC1->TC_CCR = AT91C_TC_CLKDIS;
AT91C_BASE_TC0->TC_CCR = AT91C_TC_CLKDIS; AT91C_BASE_TC0->TC_CCR = AT91C_TC_CLKDIS;
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
Dbprintf("frame received: %d",frame_count); //Dbprintf("frame received: %d",frame_count);
DbpString("All done"); //DbpString("All done");
cmd_send(CMD_ACK,bSuccessful,0,0,(byte_t*)tag.sectors,48); cmd_send(CMD_ACK,bSuccessful,0,0,(byte_t*)tag.sectors,48);
} }

15
client/cmdlf.c
View file

@ -38,7 +38,7 @@ static int CmdHelp(const char *Cmd);
int usage_lf_cmdread() int usage_lf_cmdread(void)
{ {
PrintAndLog("Usage: lf cmdread d <delay period> z <zero period> o <one period> c <cmdbytes> [H] "); PrintAndLog("Usage: lf cmdread d <delay period> z <zero period> o <one period> c <cmdbytes> [H] ");
PrintAndLog("Options: "); PrintAndLog("Options: ");
@ -430,7 +430,7 @@ int CmdIndalaClone(const char *Cmd)
return 0; return 0;
} }
int usage_lf_read() int usage_lf_read(void)
{ {
PrintAndLog("Usage: lf read"); PrintAndLog("Usage: lf read");
PrintAndLog("Options: "); PrintAndLog("Options: ");
@ -440,7 +440,7 @@ int usage_lf_read()
PrintAndLog("Use 'lf config' to set parameters."); PrintAndLog("Use 'lf config' to set parameters.");
return 0; return 0;
} }
int usage_lf_snoop() int usage_lf_snoop(void)
{ {
PrintAndLog("Usage: lf snoop"); PrintAndLog("Usage: lf snoop");
PrintAndLog("Options: "); PrintAndLog("Options: ");
@ -450,7 +450,7 @@ int usage_lf_snoop()
return 0; return 0;
} }
int usage_lf_config() int usage_lf_config(void)
{ {
PrintAndLog("Usage: lf config [H|<divisor>] [b <bps>] [d <decim>] [a 0|1]"); PrintAndLog("Usage: lf config [H|<divisor>] [b <bps>] [d <decim>] [a 0|1]");
PrintAndLog("Options: "); PrintAndLog("Options: ");
@ -685,7 +685,7 @@ int usage_lf_simpsk(void)
return 0; return 0;
} }
// by marshmellow - sim ask data given clock, fcHigh, fcLow, invert // by marshmellow - sim fsk data given clock, fcHigh, fcLow, invert
// - allow pull data from DemodBuffer // - allow pull data from DemodBuffer
int CmdLFfskSim(const char *Cmd) int CmdLFfskSim(const char *Cmd)
{ {
@ -1180,6 +1180,11 @@ int CmdLFfind(const char *Cmd)
return 1; return 1;
} }
ans=CmdLFHitagReader("26");
if (ans==0) {
return 1;
}
PrintAndLog("\nNo Known Tags Found!\n"); PrintAndLog("\nNo Known Tags Found!\n");
if (testRaw=='u' || testRaw=='U'){ if (testRaw=='u' || testRaw=='U'){
//test unknown tag formats (raw mode) //test unknown tag formats (raw mode)

18
client/cmdlfhitag.c
View file

@ -214,14 +214,19 @@ int CmdLFHitagReader(const char *Cmd) {
} break; } break;
case RHT2F_CRYPTO: { case RHT2F_CRYPTO: {
num_to_bytes(param_get64ex(Cmd,1,0,16),6,htd->crypto.key); num_to_bytes(param_get64ex(Cmd,1,0,16),6,htd->crypto.key);
// num_to_bytes(param_get32ex(Cmd,2,0,16),4,htd->auth.NrAr+4); // num_to_bytes(param_get32ex(Cmd,2,0,16),4,htd->auth.NrAr+4);
} break; } break;
case RHT2F_TEST_AUTH_ATTEMPTS: { case RHT2F_TEST_AUTH_ATTEMPTS: {
// No additional parameters needed // No additional parameters needed
} break; } break;
case RHT2F_UID_ONLY: {
// No additional parameters needed
} break;
default: { default: {
PrintAndLog("Error: unkown reader function %d",htf); PrintAndLog("\nError: unkown reader function %d",htf);
PrintAndLog("Hitag reader functions"); PrintAndLog("");
PrintAndLog("Usage: hitag reader <Reader Function #>");
PrintAndLog("Reader Functions:");
PrintAndLog(" HitagS (0*)"); PrintAndLog(" HitagS (0*)");
PrintAndLog(" 01 <nr> <ar> (Challenge) read all pages from a Hitag S tag"); PrintAndLog(" 01 <nr> <ar> (Challenge) read all pages from a Hitag S tag");
PrintAndLog(" 02 <key> (set to 0 if no authentication is needed) read all pages from a Hitag S tag"); PrintAndLog(" 02 <key> (set to 0 if no authentication is needed) read all pages from a Hitag S tag");
@ -231,6 +236,7 @@ int CmdLFHitagReader(const char *Cmd) {
PrintAndLog(" 22 <nr> <ar> (authentication)"); PrintAndLog(" 22 <nr> <ar> (authentication)");
PrintAndLog(" 23 <key> (authentication) key is in format: ISK high + ISK low"); PrintAndLog(" 23 <key> (authentication) key is in format: ISK high + ISK low");
PrintAndLog(" 25 (test recorded authentications)"); PrintAndLog(" 25 (test recorded authentications)");
PrintAndLog(" 26 just read UID");
return 1; return 1;
} break; } break;
} }
@ -248,6 +254,10 @@ int CmdLFHitagReader(const char *Cmd) {
if (resp.arg[0] == false) return 1; if (resp.arg[0] == false) return 1;
uint32_t id = bytes_to_num(resp.d.asBytes,4); uint32_t id = bytes_to_num(resp.d.asBytes,4);
if (htf == RHT2F_UID_ONLY){
PrintAndLog("Valid Hitag2 tag found - UID: %08x",id);
} else {
char filename[256]; char filename[256];
FILE* pf = NULL; FILE* pf = NULL;
@ -262,6 +272,8 @@ int CmdLFHitagReader(const char *Cmd) {
fclose(pf); fclose(pf);
PrintAndLog("Succesfully saved tag memory to [%s]",filename); PrintAndLog("Succesfully saved tag memory to [%s]",filename);
}
return 0; return 0;
} }

1
include/hitag2.h
View file

@ -22,6 +22,7 @@ typedef enum {
RHT2F_AUTHENTICATE = 22, RHT2F_AUTHENTICATE = 22,
RHT2F_CRYPTO = 23, RHT2F_CRYPTO = 23,
RHT2F_TEST_AUTH_ATTEMPTS = 25, RHT2F_TEST_AUTH_ATTEMPTS = 25,
RHT2F_UID_ONLY = 26
} hitag_function; } hitag_function;
typedef struct { typedef struct {