2012-09-18 21:52:50 +08:00
|
|
|
//-----------------------------------------------------------------------------
|
|
|
|
|
// Copyright (C) 2012 Roel Verdult
|
|
|
|
|
//
|
|
|
|
|
// This code is licensed to you under the terms of the GNU GPL, version 2 or,
|
|
|
|
|
// at your option, any later version. See the LICENSE.txt file for the text of
|
|
|
|
|
// the license.
|
|
|
|
|
//-----------------------------------------------------------------------------
|
|
|
|
|
// Low frequency Hitag support
|
|
|
|
|
//-----------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <string.h>
|
2012-12-05 07:39:18 +08:00
|
|
|
#include "proxmark3.h"
|
2012-09-18 21:52:50 +08:00
|
|
|
#include "ui.h"
|
|
|
|
|
#include "cmdparser.h"
|
|
|
|
|
#include "common.h"
|
|
|
|
|
#include "util.h"
|
2017-07-30 15:17:48 +08:00
|
|
|
#include "parity.h"
|
2012-09-18 21:52:50 +08:00
|
|
|
#include "hitag2.h"
|
2016-03-05 02:06:47 +08:00
|
|
|
#include "hitagS.h"
|
2017-07-30 15:17:48 +08:00
|
|
|
#include "util_posix.h"
|
2018-09-07 03:43:20 +08:00
|
|
|
#include "comms.h"
|
2017-10-31 05:20:08 +08:00
|
|
|
#include "cmddata.h"
|
2012-09-18 21:52:50 +08:00
|
|
|
|
|
|
|
|
static int CmdHelp(const char *Cmd);
|
|
|
|
|
|
2019-03-10 18:20:22 +08:00
|
|
|
size_t nbytes(size_t nbits) {
|
2019-03-10 07:00:59 +08:00
|
|
|
return (nbits / 8) + ((nbits % 8) > 0);
|
2013-03-11 23:07:23 +08:00
|
|
|
}
|
|
|
|
|
|
2019-03-12 06:12:31 +08:00
|
|
|
int usage_hitag_reader(void) {
|
2019-03-10 21:44:21 +08:00
|
|
|
PrintAndLogEx(NORMAL, "Usage: lf hitag reader [h] <reader function #>");
|
|
|
|
|
PrintAndLogEx(NORMAL, "Options:");
|
|
|
|
|
PrintAndLogEx(NORMAL, " h This help");
|
|
|
|
|
PrintAndLogEx(NORMAL, " HitagS (0*)");
|
|
|
|
|
PrintAndLogEx(NORMAL, " 01 <nr> <ar> Challenge, read all pages from a Hitag S tag");
|
|
|
|
|
PrintAndLogEx(NORMAL, " 02 <key> Set to 0 if no authentication is needed. Read all pages from a Hitag S tag");
|
|
|
|
|
PrintAndLogEx(NORMAL, " Hitag1 (1*)");
|
|
|
|
|
PrintAndLogEx(NORMAL, " Hitag2 (2*)");
|
|
|
|
|
PrintAndLogEx(NORMAL, " 21 <password> Password mode");
|
|
|
|
|
PrintAndLogEx(NORMAL, " 22 <nr> <ar> Authentication");
|
|
|
|
|
PrintAndLogEx(NORMAL, " 23 <key> Authentication, key is in format: ISK high + ISK low");
|
|
|
|
|
PrintAndLogEx(NORMAL, " 25 Test recorded authentications");
|
2019-03-12 06:12:31 +08:00
|
|
|
PrintAndLogEx(NORMAL, " 26 Just read UID");
|
2019-03-10 21:44:21 +08:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2019-03-10 18:20:22 +08:00
|
|
|
int CmdLFHitagList(const char *Cmd) {
|
2019-03-10 06:35:06 +08:00
|
|
|
uint8_t *got = calloc(USB_CMD_DATA_SIZE, sizeof(uint8_t));
|
2019-03-10 07:00:59 +08:00
|
|
|
if (!got) {
|
2019-03-10 06:35:06 +08:00
|
|
|
PrintAndLogEx(WARNING, "Cannot allocate memory for trace");
|
|
|
|
|
return 2;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Query for the actual size of the trace
|
|
|
|
|
UsbCommand response;
|
2019-03-10 07:00:59 +08:00
|
|
|
if (!GetFromDevice(BIG_BUF, got, USB_CMD_DATA_SIZE, 0, &response, 2500, false)) {
|
2019-03-10 06:35:06 +08:00
|
|
|
PrintAndLogEx(WARNING, "command execution time out");
|
|
|
|
|
free(got);
|
|
|
|
|
return 2;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uint16_t traceLen = response.arg[2];
|
|
|
|
|
if (traceLen > USB_CMD_DATA_SIZE) {
|
|
|
|
|
uint8_t *p = realloc(got, traceLen);
|
|
|
|
|
if (p == NULL) {
|
|
|
|
|
PrintAndLogEx(WARNING, "Cannot allocate memory for trace");
|
|
|
|
|
free(got);
|
|
|
|
|
return 2;
|
|
|
|
|
}
|
|
|
|
|
got = p;
|
2019-03-10 07:00:59 +08:00
|
|
|
if (!GetFromDevice(BIG_BUF, got, traceLen, 0, NULL, 2500, false)) {
|
2019-03-10 06:35:06 +08:00
|
|
|
PrintAndLogEx(WARNING, "command execution time out");
|
|
|
|
|
free(got);
|
|
|
|
|
return 2;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
PrintAndLogEx(NORMAL, "recorded activity (TraceLen = %d bytes):");
|
|
|
|
|
PrintAndLogEx(NORMAL, " ETU :nbits: who bytes");
|
|
|
|
|
PrintAndLogEx(NORMAL, "---------+-----+----+-----------");
|
|
|
|
|
|
|
|
|
|
int i = 0;
|
|
|
|
|
int prev = -1;
|
|
|
|
|
int len = strlen(Cmd);
|
|
|
|
|
|
|
|
|
|
char filename[FILE_PATH_SIZE] = { 0x00 };
|
2019-03-10 07:00:59 +08:00
|
|
|
FILE *f = NULL;
|
2019-03-10 06:35:06 +08:00
|
|
|
|
|
|
|
|
if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;
|
|
|
|
|
|
|
|
|
|
memcpy(filename, Cmd, len);
|
|
|
|
|
|
|
|
|
|
if (strlen(filename) > 0) {
|
2019-03-10 07:00:59 +08:00
|
|
|
f = fopen(filename, "wb");
|
2019-03-10 06:35:06 +08:00
|
|
|
if (!f) {
|
2019-03-10 07:00:59 +08:00
|
|
|
PrintAndLogEx(WARNING, "Error: Could not open file [%s]", filename);
|
2019-03-10 06:35:06 +08:00
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for (;;) {
|
|
|
|
|
|
2019-03-10 07:00:59 +08:00
|
|
|
if (i >= traceLen) { break; }
|
2019-03-10 06:35:06 +08:00
|
|
|
|
|
|
|
|
bool isResponse;
|
2019-03-10 07:00:59 +08:00
|
|
|
int timestamp = *((uint32_t *)(got + i));
|
2019-03-10 06:35:06 +08:00
|
|
|
if (timestamp & 0x80000000) {
|
|
|
|
|
timestamp &= 0x7fffffff;
|
|
|
|
|
isResponse = 1;
|
|
|
|
|
} else {
|
|
|
|
|
isResponse = 0;
|
|
|
|
|
}
|
|
|
|
|
|
2019-03-10 07:00:59 +08:00
|
|
|
int parityBits = *((uint32_t *)(got + i + 4));
|
2019-03-10 06:35:06 +08:00
|
|
|
// 4 bytes of additional information...
|
|
|
|
|
// maximum of 32 additional parity bit information
|
|
|
|
|
//
|
|
|
|
|
// TODO:
|
|
|
|
|
// at each quarter bit period we can send power level (16 levels)
|
|
|
|
|
// or each half bit period in 256 levels.
|
|
|
|
|
|
2019-03-10 07:00:59 +08:00
|
|
|
int bits = got[i + 8];
|
|
|
|
|
int len = nbytes(got[i + 8]);
|
2019-03-10 06:35:06 +08:00
|
|
|
|
|
|
|
|
if (len > 100) {
|
2019-03-10 07:00:59 +08:00
|
|
|
break;
|
2019-03-10 06:35:06 +08:00
|
|
|
}
|
|
|
|
|
if (i + len > traceLen) { break;}
|
|
|
|
|
|
2019-03-10 07:00:59 +08:00
|
|
|
uint8_t *frame = (got + i + 9);
|
2019-03-10 06:35:06 +08:00
|
|
|
|
|
|
|
|
// Break and stick with current result if buffer was not completely full
|
|
|
|
|
if (frame[0] == 0x44 && frame[1] == 0x44 && frame[3] == 0x44) { break; }
|
|
|
|
|
|
|
|
|
|
char line[1000] = "";
|
|
|
|
|
int j;
|
|
|
|
|
for (j = 0; j < len; j++) {
|
|
|
|
|
|
2019-03-10 07:00:59 +08:00
|
|
|
//if((parityBits >> (len - j - 1)) & 0x01) {
|
|
|
|
|
if (isResponse && (oddparity8(frame[j]) != ((parityBits >> (len - j - 1)) & 0x01))) {
|
|
|
|
|
sprintf(line + (j * 4), "%02x! ", frame[j]);
|
|
|
|
|
} else {
|
|
|
|
|
sprintf(line + (j * 4), "%02x ", frame[j]);
|
|
|
|
|
}
|
2019-03-10 06:35:06 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
PrintAndLogEx(NORMAL, " +%7d: %3d: %s %s",
|
2019-03-10 07:00:59 +08:00
|
|
|
(prev < 0 ? 0 : (timestamp - prev)),
|
|
|
|
|
bits,
|
|
|
|
|
(isResponse ? "TAG" : " "),
|
|
|
|
|
line);
|
2019-03-10 06:35:06 +08:00
|
|
|
|
|
|
|
|
if (f) {
|
2019-03-10 07:00:59 +08:00
|
|
|
fprintf(f, " +%7d: %3d: %s %s\n",
|
|
|
|
|
(prev < 0 ? 0 : (timestamp - prev)),
|
|
|
|
|
bits,
|
|
|
|
|
(isResponse ? "TAG" : " "),
|
|
|
|
|
line);
|
2019-03-10 06:35:06 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
prev = timestamp;
|
|
|
|
|
i += (len + 9);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (f) {
|
|
|
|
|
fclose(f);
|
|
|
|
|
PrintAndLogEx(NORMAL, "Recorded activity succesfully written to file: %s", filename);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
free(got);
|
|
|
|
|
return 0;
|
2012-09-18 21:52:50 +08:00
|
|
|
}
|
|
|
|
|
|
2019-03-10 18:20:22 +08:00
|
|
|
int CmdLFHitagSnoop(const char *Cmd) {
|
2019-03-10 06:35:06 +08:00
|
|
|
UsbCommand c = {CMD_SNOOP_HITAG};
|
|
|
|
|
clearCommandBuffer();
|
|
|
|
|
SendCommand(&c);
|
|
|
|
|
return 0;
|
2012-09-18 21:52:50 +08:00
|
|
|
}
|
|
|
|
|
|
2019-03-10 18:20:22 +08:00
|
|
|
int CmdLFHitagSim(const char *Cmd) {
|
2019-03-09 15:59:13 +08:00
|
|
|
|
2019-03-10 06:35:06 +08:00
|
|
|
UsbCommand c = {CMD_SIMULATE_HITAG};
|
|
|
|
|
char filename[FILE_PATH_SIZE] = { 0x00 };
|
2019-03-10 07:00:59 +08:00
|
|
|
FILE *f;
|
2019-03-10 06:35:06 +08:00
|
|
|
bool tag_mem_supplied;
|
|
|
|
|
|
|
|
|
|
int len = strlen(Cmd);
|
|
|
|
|
if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;
|
|
|
|
|
memcpy(filename, Cmd, len);
|
|
|
|
|
|
|
|
|
|
if (strlen(filename) > 0) {
|
2019-03-10 07:00:59 +08:00
|
|
|
f = fopen(filename, "rb+");
|
2019-03-10 06:35:06 +08:00
|
|
|
if (!f) {
|
2019-03-10 07:00:59 +08:00
|
|
|
PrintAndLogEx(WARNING, "Error: Could not open file [%s]", filename);
|
2019-03-10 06:35:06 +08:00
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
tag_mem_supplied = true;
|
|
|
|
|
size_t bytes_read = fread(c.d.asBytes, 1, 48, f);
|
2019-03-10 07:00:59 +08:00
|
|
|
if (bytes_read == 48) {
|
2019-03-10 06:35:06 +08:00
|
|
|
PrintAndLogEx(WARNING, "Error: File reading error");
|
|
|
|
|
fclose(f);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
fclose(f);
|
|
|
|
|
} else {
|
|
|
|
|
tag_mem_supplied = false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Does the tag comes with memory
|
|
|
|
|
c.arg[0] = (uint32_t)tag_mem_supplied;
|
|
|
|
|
clearCommandBuffer();
|
|
|
|
|
SendCommand(&c);
|
|
|
|
|
return 0;
|
2012-09-18 21:52:50 +08:00
|
|
|
}
|
|
|
|
|
|
2019-03-10 18:20:22 +08:00
|
|
|
int CmdLFHitagReader(const char *Cmd) {
|
2019-03-09 15:59:13 +08:00
|
|
|
|
2019-03-10 21:44:21 +08:00
|
|
|
UsbCommand c = {CMD_READER_HITAG, {0, 0, 0} };
|
2019-03-10 07:00:59 +08:00
|
|
|
hitag_data *htd = (hitag_data *)c.d.asBytes;
|
2019-03-10 06:35:06 +08:00
|
|
|
hitag_function htf = param_get32ex(Cmd, 0, 0, 10);
|
|
|
|
|
|
|
|
|
|
switch (htf) {
|
2019-03-10 21:44:21 +08:00
|
|
|
case RHTSF_CHALLENGE: {
|
2019-03-10 06:35:06 +08:00
|
|
|
c.cmd = CMD_READ_HITAG_S;
|
|
|
|
|
num_to_bytes(param_get32ex(Cmd, 1, 0, 16), 4, htd->auth.NrAr);
|
2019-03-10 07:00:59 +08:00
|
|
|
num_to_bytes(param_get32ex(Cmd, 2, 0, 16), 4, htd->auth.NrAr + 4);
|
2019-03-12 06:12:31 +08:00
|
|
|
break;
|
2019-03-10 21:44:21 +08:00
|
|
|
}
|
|
|
|
|
case RHTSF_KEY: {
|
2019-03-10 06:35:06 +08:00
|
|
|
c.cmd = CMD_READ_HITAG_S;
|
|
|
|
|
num_to_bytes(param_get64ex(Cmd, 1, 0, 16), 6, htd->crypto.key);
|
2019-03-12 06:12:31 +08:00
|
|
|
break;
|
2019-03-10 21:44:21 +08:00
|
|
|
}
|
2019-03-10 06:35:06 +08:00
|
|
|
case RHT2F_PASSWORD: {
|
|
|
|
|
num_to_bytes(param_get32ex(Cmd, 1, 0, 16), 4, htd->pwd.password);
|
2019-03-12 06:12:31 +08:00
|
|
|
break;
|
2019-03-10 21:44:21 +08:00
|
|
|
}
|
2019-03-10 06:35:06 +08:00
|
|
|
case RHT2F_AUTHENTICATE: {
|
|
|
|
|
num_to_bytes(param_get32ex(Cmd, 1, 0, 16), 4, htd->auth.NrAr);
|
2019-03-10 07:00:59 +08:00
|
|
|
num_to_bytes(param_get32ex(Cmd, 2, 0, 16), 4, htd->auth.NrAr + 4);
|
2019-03-12 06:12:31 +08:00
|
|
|
break;
|
2019-03-10 21:44:21 +08:00
|
|
|
}
|
2019-03-10 06:35:06 +08:00
|
|
|
case RHT2F_CRYPTO: {
|
|
|
|
|
num_to_bytes(param_get64ex(Cmd, 1, 0, 16), 6, htd->crypto.key);
|
2019-03-12 06:12:31 +08:00
|
|
|
break;
|
2019-03-10 21:44:21 +08:00
|
|
|
}
|
2019-03-10 06:35:06 +08:00
|
|
|
case RHT2F_TEST_AUTH_ATTEMPTS: {
|
|
|
|
|
// No additional parameters needed
|
2019-03-10 21:44:21 +08:00
|
|
|
break;
|
|
|
|
|
}
|
2019-03-10 06:35:06 +08:00
|
|
|
case RHT2F_UID_ONLY: {
|
|
|
|
|
// No additional parameters needed
|
2019-03-10 21:44:21 +08:00
|
|
|
break;
|
|
|
|
|
}
|
2019-03-10 06:35:06 +08:00
|
|
|
default: {
|
|
|
|
|
PrintAndLogEx(NORMAL, "\nError: unkown reader function %d", htf);
|
2019-03-10 21:44:21 +08:00
|
|
|
return usage_hitag_reader();
|
2019-03-10 07:00:59 +08:00
|
|
|
}
|
2019-03-10 06:35:06 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
c.arg[0] = htf;
|
|
|
|
|
clearCommandBuffer();
|
|
|
|
|
SendCommand(&c);
|
|
|
|
|
UsbCommand resp;
|
2019-03-10 07:00:59 +08:00
|
|
|
if (!WaitForResponseTimeout(CMD_ACK, &resp, 4000)) {
|
2019-03-10 06:35:06 +08:00
|
|
|
PrintAndLogEx(WARNING, "timeout while waiting for reply.");
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (resp.arg[0] == false) {
|
|
|
|
|
PrintAndLogEx(DEBUG, "DEBUG: Error - hitag failed");
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uint32_t id = bytes_to_num(resp.d.asBytes, 4);
|
|
|
|
|
|
2019-03-10 07:00:59 +08:00
|
|
|
if (htf == RHT2F_UID_ONLY) {
|
2019-03-10 06:35:06 +08:00
|
|
|
PrintAndLogEx(NORMAL, "Valid Hitag2 tag found - UID: %08x", id);
|
|
|
|
|
} else {
|
|
|
|
|
char filename[FILE_PATH_SIZE];
|
2019-03-10 07:00:59 +08:00
|
|
|
FILE *f = NULL;
|
2019-03-10 06:35:06 +08:00
|
|
|
sprintf(filename, "%08x_%04x.ht2", id, (rand() & 0xffff));
|
|
|
|
|
f = fopen(filename, "wb");
|
|
|
|
|
if (!f) {
|
|
|
|
|
PrintAndLogEx(WARNING, "Error: Could not open file [%s]", filename);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Write the 48 tag memory bytes to file and finalize
|
|
|
|
|
fwrite(resp.d.asBytes, 1, 48, f);
|
|
|
|
|
fclose(f);
|
|
|
|
|
PrintAndLogEx(NORMAL, "Succesfully saved tag memory to [%s]", filename);
|
|
|
|
|
}
|
|
|
|
|
return 0;
|
2012-09-18 21:52:50 +08:00
|
|
|
}
|
|
|
|
|
|
2019-03-10 18:20:22 +08:00
|
|
|
int CmdLFHitagSimS(const char *Cmd) {
|
2019-03-10 06:35:06 +08:00
|
|
|
UsbCommand c = { CMD_SIMULATE_HITAG_S };
|
|
|
|
|
char filename[FILE_PATH_SIZE] = { 0x00 };
|
2019-03-10 07:00:59 +08:00
|
|
|
FILE *f;
|
2019-03-10 06:35:06 +08:00
|
|
|
bool tag_mem_supplied;
|
|
|
|
|
int len = strlen(Cmd);
|
|
|
|
|
if (len > FILE_PATH_SIZE)
|
|
|
|
|
len = FILE_PATH_SIZE;
|
|
|
|
|
memcpy(filename, Cmd, len);
|
|
|
|
|
|
|
|
|
|
if (strlen(filename) > 0) {
|
|
|
|
|
f = fopen(filename, "rb+");
|
|
|
|
|
if (!f) {
|
|
|
|
|
PrintAndLogEx(WARNING, "Error: Could not open file [%s]", filename);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
tag_mem_supplied = true;
|
2019-03-10 07:00:59 +08:00
|
|
|
size_t bytes_read = fread(c.d.asBytes, 1, 4 * 64, f);
|
|
|
|
|
if (bytes_read == 4 * 64) {
|
2019-03-10 06:35:06 +08:00
|
|
|
PrintAndLogEx(WARNING, "Error: File reading error");
|
|
|
|
|
fclose(f);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
fclose(f);
|
|
|
|
|
} else {
|
|
|
|
|
tag_mem_supplied = false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Does the tag comes with memory
|
|
|
|
|
c.arg[0] = (uint32_t) tag_mem_supplied;
|
|
|
|
|
clearCommandBuffer();
|
|
|
|
|
SendCommand(&c);
|
|
|
|
|
return 0;
|
2016-03-05 02:06:47 +08:00
|
|
|
}
|
|
|
|
|
|
2019-03-10 18:20:22 +08:00
|
|
|
int CmdLFHitagCheckChallenges(const char *Cmd) {
|
2019-03-10 06:35:06 +08:00
|
|
|
UsbCommand c = { CMD_TEST_HITAGS_TRACES };
|
|
|
|
|
char filename[FILE_PATH_SIZE] = { 0x00 };
|
2019-03-10 07:00:59 +08:00
|
|
|
FILE *f;
|
2019-03-10 06:35:06 +08:00
|
|
|
bool file_given;
|
|
|
|
|
int len = strlen(Cmd);
|
|
|
|
|
if (len > FILE_PATH_SIZE)
|
|
|
|
|
len = FILE_PATH_SIZE;
|
|
|
|
|
memcpy(filename, Cmd, len);
|
|
|
|
|
|
|
|
|
|
if (strlen(filename) > 0) {
|
2019-03-10 07:00:59 +08:00
|
|
|
f = fopen(filename, "rb+");
|
|
|
|
|
if (!f) {
|
2019-03-10 06:35:06 +08:00
|
|
|
PrintAndLogEx(WARNING, "Error: Could not open file [%s]", filename);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
file_given = true;
|
2019-03-10 07:00:59 +08:00
|
|
|
size_t bytes_read = fread(c.d.asBytes, 1, 8 * 60, f);
|
|
|
|
|
if (bytes_read == 8 * 60) {
|
2019-03-10 06:35:06 +08:00
|
|
|
PrintAndLogEx(WARNING, "Error: File reading error");
|
|
|
|
|
fclose(f);
|
|
|
|
|
return 1;
|
2016-03-05 02:06:47 +08:00
|
|
|
}
|
2019-03-10 06:35:06 +08:00
|
|
|
fclose(f);
|
|
|
|
|
} else {
|
|
|
|
|
file_given = false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//file with all the challenges to try
|
|
|
|
|
c.arg[0] = (uint32_t)file_given;
|
|
|
|
|
clearCommandBuffer();
|
|
|
|
|
SendCommand(&c);
|
|
|
|
|
return 0;
|
2016-03-05 02:06:47 +08:00
|
|
|
}
|
|
|
|
|
|
2019-03-10 18:20:22 +08:00
|
|
|
int CmdLFHitagWP(const char *Cmd) {
|
2019-03-10 06:35:06 +08:00
|
|
|
UsbCommand c = { CMD_WR_HITAG_S };
|
2019-03-10 07:00:59 +08:00
|
|
|
hitag_data *htd = (hitag_data *)c.d.asBytes;
|
2019-03-10 06:35:06 +08:00
|
|
|
hitag_function htf = param_get32ex(Cmd, 0, 0, 10);
|
|
|
|
|
switch (htf) {
|
|
|
|
|
case 03: { //WHTSF_CHALLENGE
|
|
|
|
|
num_to_bytes(param_get64ex(Cmd, 1, 0, 16), 8, htd->auth.NrAr);
|
2019-03-10 07:00:59 +08:00
|
|
|
c.arg[2] = param_get32ex(Cmd, 2, 0, 10);
|
2019-03-10 06:35:06 +08:00
|
|
|
num_to_bytes(param_get32ex(Cmd, 3, 0, 16), 4, htd->auth.data);
|
2019-03-10 07:00:59 +08:00
|
|
|
}
|
|
|
|
|
break;
|
2019-03-10 06:35:06 +08:00
|
|
|
case 04:
|
2019-03-10 07:00:59 +08:00
|
|
|
case 24: {
|
|
|
|
|
//WHTSF_KEY
|
2019-03-10 06:35:06 +08:00
|
|
|
num_to_bytes(param_get64ex(Cmd, 1, 0, 16), 6, htd->crypto.key);
|
2019-03-10 07:00:59 +08:00
|
|
|
c.arg[2] = param_get32ex(Cmd, 2, 0, 10);
|
2019-03-10 06:35:06 +08:00
|
|
|
num_to_bytes(param_get32ex(Cmd, 3, 0, 16), 4, htd->crypto.data);
|
|
|
|
|
|
2019-03-10 07:00:59 +08:00
|
|
|
}
|
|
|
|
|
break;
|
2019-03-10 06:35:06 +08:00
|
|
|
default: {
|
|
|
|
|
PrintAndLogEx(WARNING, "Error: unkown writer function %d", htf);
|
|
|
|
|
PrintAndLogEx(NORMAL, "Hitag writer functions");
|
|
|
|
|
PrintAndLogEx(NORMAL, " HitagS (0*)");
|
|
|
|
|
PrintAndLogEx(NORMAL, " 03 <nr,ar> (Challenge) <page> <byte0...byte3> write page on a Hitag S tag");
|
|
|
|
|
PrintAndLogEx(NORMAL, " 04 <key> (set to 0 if no authentication is needed) <page> <byte0...byte3> write page on a Hitag S tag");
|
|
|
|
|
PrintAndLogEx(NORMAL, " Hitag1 (1*)");
|
|
|
|
|
PrintAndLogEx(NORMAL, " Hitag2 (2*)");
|
|
|
|
|
return 1;
|
2019-03-10 07:00:59 +08:00
|
|
|
}
|
|
|
|
|
break;
|
2019-03-10 06:35:06 +08:00
|
|
|
}
|
|
|
|
|
// Copy the hitag function into the first argument
|
|
|
|
|
c.arg[0] = htf;
|
|
|
|
|
|
|
|
|
|
clearCommandBuffer();
|
|
|
|
|
SendCommand(&c);
|
|
|
|
|
UsbCommand resp;
|
|
|
|
|
WaitForResponse(CMD_ACK, &resp);
|
|
|
|
|
|
|
|
|
|
// Check the return status, stored in the first argument
|
|
|
|
|
if (resp.arg[0] == false) return 1;
|
|
|
|
|
return 0;
|
2016-04-24 00:23:46 +08:00
|
|
|
}
|
2016-03-05 02:06:47 +08:00
|
|
|
|
2017-08-10 00:33:30 +08:00
|
|
|
static command_t CommandTable[] = {
|
2019-03-10 06:35:06 +08:00
|
|
|
{"help", CmdHelp, 1, "This help"},
|
|
|
|
|
{"list", CmdLFHitagList, 1, "<outfile> List Hitag trace history"},
|
|
|
|
|
{"reader", CmdLFHitagReader, 1, "Act like a Hitag Reader"},
|
|
|
|
|
{"sim", CmdLFHitagSim, 1, "<infile> Simulate Hitag transponder"},
|
|
|
|
|
{"simS", CmdLFHitagSimS, 1, "<hitagS.hts> Simulate HitagS transponder" },
|
|
|
|
|
{"snoop", CmdLFHitagSnoop, 1, "Eavesdrop Hitag communication"},
|
|
|
|
|
{"writer", CmdLFHitagWP, 1, "Act like a Hitag Writer" },
|
|
|
|
|
{"check_challenges", CmdLFHitagCheckChallenges, 1, "<challenges.cc> test all challenges" },
|
2019-03-10 07:00:59 +08:00
|
|
|
{ NULL, NULL, 0, NULL }
|
2012-09-18 21:52:50 +08:00
|
|
|
};
|
|
|
|
|
|
2019-03-10 18:20:22 +08:00
|
|
|
int CmdLFHitag(const char *Cmd) {
|
2019-03-10 06:35:06 +08:00
|
|
|
clearCommandBuffer();
|
|
|
|
|
CmdsParse(CommandTable, Cmd);
|
|
|
|
|
return 0;
|
2012-09-18 21:52:50 +08:00
|
|
|
}
|
|
|
|
|
|
2019-03-10 18:20:22 +08:00
|
|
|
int CmdHelp(const char *Cmd) {
|
2019-03-10 06:35:06 +08:00
|
|
|
CmdsHelp(CommandTable);
|
|
|
|
|
return 0;
|
2012-09-18 21:52:50 +08:00
|
|
|
}
|
