From aaa4c7ac4fd5df216ff1ae39f0996833fab6de7c Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sat, 12 Dec 2020 13:37:21 +0100 Subject: [PATCH 1/2] magic doc --- doc/magic_cards_notes.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/doc/magic_cards_notes.md b/doc/magic_cards_notes.md index 4f9cb2f68..9e4cdce12 100644 --- a/doc/magic_cards_notes.md +++ b/doc/magic_cards_notes.md @@ -426,6 +426,12 @@ Note: it seems some cards only accept the "change UID" command. It accepts direct read of block0 (and only block0) without prior auth. +Writing to block 0 has some side-effects: + +* It changes also the UID. Changing the UID *does not* change block 0. +* ATQA and SAK bytes are automatically replaced by fixed values. +* On 4-byte UID cards, BCC byte is automatically corrected. + ### Characteristics * UID: 4b and 7b versions @@ -452,6 +458,8 @@ Equivalent: ``` # change just UID: hf 14a raw -s -c -t 2000 90FBCCCC07 11223344556677 +# read block0: +hf 14a raw -s -c 3000 # write block0: hf 14a raw -s -c -t 2000 90F0CCCC10 041219c3219316984200e32000000000 # lock (uid/block0?) forever: From 7cd80611d3d354d247c5251e52362826bd0f2402 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sat, 12 Dec 2020 14:46:40 +0100 Subject: [PATCH 2/2] #makestyleday --- armsrc/Standalone/lf_tharexde.c | 20 ++--- armsrc/em4x50.c | 82 ++++++++--------- armsrc/em4x70.c | 153 ++++++++++++++++---------------- armsrc/iso15693.c | 34 +++---- armsrc/lfsampling.c | 2 +- client/src/cmdhf14a.c | 36 ++++---- client/src/cmdhficlass.c | 16 ++-- client/src/cmdhfmfp.c | 2 +- client/src/cmdlfawid.c | 4 +- client/src/cmdlfdestron.c | 6 +- client/src/cmdlfem410x.c | 24 ++--- client/src/cmdlfem4x05.c | 30 +++---- client/src/cmdlfem4x50.c | 108 +++++++++++----------- client/src/cmdlfem4x70.c | 36 ++++---- client/src/cmdlffdxb.c | 12 +-- client/src/cmdlfgallagher.c | 2 +- client/src/cmdlfguard.c | 14 +-- client/src/cmdlfhid.c | 12 +-- client/src/cmdlfindala.c | 28 +++--- client/src/cmdlfio.c | 12 +-- client/src/cmdlfjablotron.c | 4 +- client/src/cmdlfmotorola.c | 2 +- client/src/cmdlfnedap.c | 34 +++---- client/src/cmdlfpcf7931.c | 4 +- client/src/cmdlft55xx.c | 2 +- client/src/cmdlft55xx.h | 2 +- client/src/cmdlfti.c | 4 +- common/commonutil.c | 2 +- common/lfdemod.c | 4 +- doc/commands.md | 71 +++++++-------- 30 files changed, 381 insertions(+), 381 deletions(-) diff --git a/armsrc/Standalone/lf_tharexde.c b/armsrc/Standalone/lf_tharexde.c index 887100855..f5195513c 100644 --- a/armsrc/Standalone/lf_tharexde.c +++ b/armsrc/Standalone/lf_tharexde.c @@ -88,7 +88,7 @@ static int get_input_data_from_file(uint32_t *words, char *inputfile) { uint32_t size = size_in_spiffs(inputfile); uint8_t *mem = BigBuf_malloc(size); - + Dbprintf(_YELLOW_("found input file %s"), inputfile); rdv40_spiffs_read_as_filetype(inputfile, mem, size, RDV40_SPIFFS_SAFETY_SAFE); @@ -153,7 +153,7 @@ void RunMod(void) { if (button_pressed == BUTTON_SINGLE_CLICK) { SpinUp(100); - + switch (state) { case STATE_SIM: @@ -168,7 +168,7 @@ void RunMod(void) { default: break; } - + state_change = true; } else if (button_pressed == BUTTON_HOLD) { @@ -261,9 +261,9 @@ void RunMod(void) { log_exists = exists_in_spiffs(LF_EM4X50BRUTE_LOGFILE); now = get_input_data_from_file(passwords, LF_EM4X50BRUTE_INPUTFILE); - + if (now == 2) { - + // print some information int no_iter = passwords[1] - passwords[0] + 1; int dur_s = no_iter / EM4X50_PWD_SPEED; @@ -277,7 +277,7 @@ void RunMod(void) { no_iter, passwords[0], passwords[1]); Dbprintf(_YELLOW_("estimated duration: %ih%im%is"), dur_h, dur_m, dur_s); - + } else { Dbprintf(_RED_("error in input data")); break; @@ -287,7 +287,7 @@ void RunMod(void) { } pwd_found = em4x50_standalone_brute(passwords[0], passwords[1], &pwd); - + if (pwd_found == PM3_ETIMEOUT) { // timeout -> no EM4x50 tag on reader? @@ -313,15 +313,15 @@ void RunMod(void) { strcat((char *)entry, "\n"); append(LF_EM4X50BRUTE_LOGFILE, entry, strlen((char *)entry)); - + } else { - + // stopped -> write to logfile sprintf((char *)entry, "stopped search - last password: 0x%08"PRIx32, pwd); Dbprintf(_YELLOW_("%s"), entry); strcat((char *)entry, "\n"); append(LF_EM4X50BRUTE_LOGFILE, entry, strlen((char *)entry)); - + // replace start password by last tested password in // inputfile (spiffs) so that brute forcing process will // be continued when envoking brute force mode again diff --git a/armsrc/em4x50.c b/armsrc/em4x50.c index 36923b6a5..8d977c91d 100644 --- a/armsrc/em4x50.c +++ b/armsrc/em4x50.c @@ -37,11 +37,11 @@ #define EM4X50_T_TAG_WAITING_FOR_SIGNAL 75 #define EM4X50_T_WAITING_FOR_DBLLIW 1550 #define EM4X50_T_WAITING_FOR_SNGLLIW 140 // this value seems to be - // critical; - // if it's too low - // (e.g. < 120) some cards - // are no longer readable - // although they're ok +// critical; +// if it's too low +// (e.g. < 120) some cards +// are no longer readable +// although they're ok #define EM4X50_TAG_TOLERANCE 8 #define EM4X50_TAG_WORD 45 @@ -65,18 +65,18 @@ static void wait_timer(uint32_t period) { // extract and check parities // return result of parity check and extracted plain data static bool extract_parities(uint64_t word, uint32_t *data) { - + uint8_t row_parities = 0x0, col_parities = 0x0; uint8_t row_parities_calculated = 0x0, col_parities_calculated = 0x0; - + *data = 0x0; - + // extract plain data (32 bits) from raw word (45 bits) for (int i = 0; i < 4; i++) { *data <<= 8; *data |= (word >> ((4 - i) * 9 + 1)) & 0xFF; } - + // extract row parities (4 bits + stop bit) from raw word (45 bits) for (int i = 0; i < 5; i++) { row_parities <<= 1; @@ -106,7 +106,7 @@ static bool extract_parities(uint64_t word, uint32_t *data) { col_parities_calculated ^= (*data >> ((3 - j) * 8 + (7 - i))) & 0x1; } } - + if ((row_parities == row_parities_calculated) && (col_parities == col_parities_calculated)) return true; @@ -191,7 +191,7 @@ static bool get_signalproperties(void) { // about 2 samples per bit period wait_timer(T0 * EM4X50_T_TAG_HALF_PERIOD); - + // ignore first samples if ((i > SIGNAL_IGNORE_FIRST_SAMPLES) && (AT91C_BASE_SSC->SSC_RHR > noise)) { signal_found = true; @@ -229,7 +229,7 @@ static bool get_signalproperties(void) { gLow = sample_ref - pct * (sample_max_mean - sample_ref) / 100; LED_A_OFF(); - + return true; } @@ -290,7 +290,7 @@ static uint32_t get_pulse_length(void) { // check if pulse length corresponds to given length static bool check_pulse_length(uint32_t pl, int length) { - return ((pl >= T0 * (length - EM4X50_TAG_TOLERANCE)) && (pl <= T0 * (length + EM4X50_TAG_TOLERANCE))); + return ((pl >= T0 * (length - EM4X50_TAG_TOLERANCE)) && (pl <= T0 * (length + EM4X50_TAG_TOLERANCE))); } // send single bit according to EM4x50 application note and datasheet @@ -346,12 +346,12 @@ static void em4x50_reader_send_byte_with_parity(uint8_t byte) { // word hast be sent in msb notation static void em4x50_reader_send_word(const uint32_t word) { uint8_t bytes[4] = {0x0, 0x0, 0x0, 0x0}; - + for (int i = 0; i < 4; i++) { bytes[i] = (word >> (24 - (8 * i))) & 0xFF; em4x50_reader_send_byte_with_parity(bytes[i]); } - + // send column parities em4x50_reader_send_byte(bytes[0] ^ bytes[1] ^ bytes[2] ^ bytes[3]); @@ -362,7 +362,7 @@ static void em4x50_reader_send_word(const uint32_t word) { // find single listen window static bool find_single_listen_window(void) { int cnt_pulses = 0; - + LED_B_ON(); while (cnt_pulses < EM4X50_T_WAITING_FOR_SNGLLIW) { @@ -392,7 +392,7 @@ static bool find_single_listen_window(void) { // -> 34 words + 34 single listen windows -> about 1600 pulses static int find_double_listen_window(bool bcommand) { int cnt_pulses = 0; - + LED_B_ON(); while (cnt_pulses < EM4X50_T_WAITING_FOR_DBLLIW) { @@ -452,7 +452,7 @@ static int find_double_listen_window(bool bcommand) { cnt_pulses++; } - LED_B_OFF(); + LED_B_OFF(); return PM3_EFAILED; } @@ -480,7 +480,7 @@ static bool check_ack(bool bliw) { if (BUTTON_PRESS()) return false; - + if (check_pulse_length(get_pulse_length(), 2 * EM4X50_T_TAG_FULL_PERIOD)) { // The received signal is either ACK or NAK. @@ -531,9 +531,9 @@ static int get_word_from_bitstream(uint32_t *data) { int cnt = 0; uint32_t pl = 0; uint64_t word = 0x0; - + LED_C_ON(); - + *data = 0x0; // initial bit value depends on last pulse length of listen window @@ -561,7 +561,7 @@ static int get_word_from_bitstream(uint32_t *data) { cnt++; word <<= 1; - + pl = get_pulse_length(); if (check_pulse_length(pl, EM4X50_T_TAG_FULL_PERIOD)) { @@ -612,9 +612,9 @@ static int get_word_from_bitstream(uint32_t *data) { return (extract_parities(word, data)) ? --cnt : 0; } } - + LED_C_OFF(); - + return PM3_EOPABORTED; } @@ -696,7 +696,7 @@ bool em4x50_sim_send_word(uint32_t word) { // word has tobe sent in msb, not lsb word = reflect32(word); - + // 4 bytes each with even row parity bit for (int i = 0; i < 4; i++) { if (em4x50_sim_send_byte_with_parity((word >> ((3 - i) * 8)) & 0xFF) == false) { @@ -776,7 +776,7 @@ static bool login(uint32_t password) { // send password em4x50_reader_send_word(password); - + wait_timer(T0 * EM4X50_T_TAG_TPP); // check if ACK is returned @@ -799,7 +799,7 @@ static bool brute(uint32_t start, uint32_t stop, uint32_t *pwd) { for (*pwd = start; *pwd <= stop; (*pwd)++) { if (login(*pwd) == PM3_SUCCESS) { - + pwd_found = true; // to be safe login 5 more times @@ -809,11 +809,11 @@ static bool brute(uint32_t start, uint32_t stop, uint32_t *pwd) { break; } } - + if (pwd_found) break; } - + // print password every 500 iterations if ((++cnt % 500) == 0) { @@ -827,10 +827,10 @@ static bool brute(uint32_t start, uint32_t stop, uint32_t *pwd) { // print data Dbprintf("|%8i | 0x%08x | 0x%08x |", cnt, reflect32(*pwd), *pwd); } - + if (BUTTON_PRESS()) break; - + } // print footer @@ -852,7 +852,7 @@ void em4x50_login(uint32_t *password) { reply_ng(CMD_LF_EM4X50_LOGIN, status, NULL, 0); } -// envoke password search +// envoke password search void em4x50_brute(em4x50_data_t *etd) { em4x50_setup_read(); @@ -903,7 +903,7 @@ void em4x50_chk(uint8_t *filename) { pwd = 0x0; for (int j = 0; j < 4; j++) pwd |= (*(pwds + 4 * i + j)) << ((3 - j) * 8); - + if ((status = login(pwd)) == PM3_SUCCESS) break; } @@ -1063,7 +1063,7 @@ void em4x50_reader(void) { // writes to specified static int write(uint32_t word, uint32_t addresses) { - + if (request_receive_mode() == PM3_SUCCESS) { // send write command @@ -1079,7 +1079,7 @@ static int write(uint32_t word, uint32_t addresses) { reply_ng(CMD_LF_EM4X50_WRITE, PM3_ETEAROFF, NULL, 0); return PM3_ETEAROFF; } else { - + // wait for T0 * EM4X50_T_TAG_TWA (write access time) wait_timer(T0 * EM4X50_T_TAG_TWA); @@ -1175,7 +1175,7 @@ void em4x50_write(em4x50_data_t *etd) { // if password is given renew login after reset if (etd->pwd_given) status = login(etd->password1); - + if (status == PM3_SUCCESS) { // call a selective read @@ -1225,11 +1225,11 @@ void em4x50_sim(uint8_t *filename) { int status = PM3_SUCCESS; uint8_t *em4x50_mem = BigBuf_get_EM_addr(); uint32_t words[EM4X50_NO_WORDS] = {0x0}; - + #ifdef WITH_FLASH if (strlen((char *)filename) != 0) { - + BigBuf_free(); int changed = rdv40_spiffs_lazy_mount(); @@ -1246,7 +1246,7 @@ void em4x50_sim(uint8_t *filename) { for (int i = 0; i < EM4X50_NO_WORDS; i++) words[i] = reflect32(bytes_to_num(em4x50_mem + (i * 4), 4)); - + // only if valid em4x50 data (e.g. uid == serial) if (words[EM4X50_DEVICE_SERIAL] != words[EM4X50_DEVICE_ID]) { @@ -1261,7 +1261,7 @@ void em4x50_sim(uint8_t *filename) { // iceman, will need a usb cmd check to break as well while (BUTTON_PRESS() == false) { - + WDT_HIT(); em4x50_sim_send_listen_window(); for (int i = fwr; i <= lwr; i++) { @@ -1277,7 +1277,7 @@ void em4x50_sim(uint8_t *filename) { } else { status = PM3_ENODATA; } - + BigBuf_free(); lf_finalize(); reply_ng(CMD_LF_EM4X50_SIM, status, NULL, 0); diff --git a/armsrc/em4x70.c b/armsrc/em4x70.c index 0b6cf36e6..a1f04ed6d 100644 --- a/armsrc/em4x70.c +++ b/armsrc/em4x70.c @@ -70,7 +70,7 @@ static int em4x70_receive(uint8_t *bits); static bool find_listen_window(bool command); static void init_tag(void) { - memset(tag.data, 0x00, sizeof(tag.data)/sizeof(tag.data[0])); + memset(tag.data, 0x00, sizeof(tag.data) / sizeof(tag.data[0])); } static void EM4170_setup_read(void) { @@ -114,7 +114,7 @@ static bool get_signalproperties(void) { uint8_t sample_max_mean = 0; uint8_t sample_max[no_periods]; uint32_t sample_max_sum = 0; - + memset(sample_max, 0x00, sizeof(sample_max)); // wait until signal/noise > 1 (max. 32 periods) @@ -158,7 +158,7 @@ static bool get_signalproperties(void) { gLow = sample_ref - pct * (sample_max_mean - sample_ref) / 100; // Basic sanity check - if(gHigh - gLow < EM4X70_MIN_AMPLITUDE) { + if (gHigh - gLow < EM4X70_MIN_AMPLITUDE) { return false; } @@ -168,9 +168,9 @@ static bool get_signalproperties(void) { /** * get_pulse_length - * + * * Times falling edge pulses - */ + */ static uint32_t get_pulse_length(void) { uint8_t sample; @@ -178,7 +178,7 @@ static uint32_t get_pulse_length(void) { do { sample = (uint8_t)AT91C_BASE_SSC->SSC_RHR; - }while (IS_HIGH(sample) && !IS_TIMEOUT(timeout)); + } while (IS_HIGH(sample) && !IS_TIMEOUT(timeout)); if (IS_TIMEOUT(timeout)) return 0; @@ -188,7 +188,7 @@ static uint32_t get_pulse_length(void) { do { sample = (uint8_t)AT91C_BASE_SSC->SSC_RHR; - }while (IS_LOW(sample) && !IS_TIMEOUT(timeout)); + } while (IS_LOW(sample) && !IS_TIMEOUT(timeout)); if (IS_TIMEOUT(timeout)) return 0; @@ -196,7 +196,7 @@ static uint32_t get_pulse_length(void) { timeout = (TICKS_PER_FC * 3 * EM4X70_T_TAG_FULL_PERIOD) + GetTicks(); do { sample = (uint8_t)AT91C_BASE_SSC->SSC_RHR; - }while (IS_HIGH(sample) && !IS_TIMEOUT(timeout)); + } while (IS_HIGH(sample) && !IS_TIMEOUT(timeout)); if (IS_TIMEOUT(timeout)) return 0; @@ -206,10 +206,10 @@ static uint32_t get_pulse_length(void) { /** * get_pulse_invert_length - * + * * Times rising edge pules * TODO: convert to single function with get_pulse_length() - */ + */ static uint32_t get_pulse_invert_length(void) { uint8_t sample; @@ -217,7 +217,7 @@ static uint32_t get_pulse_invert_length(void) { do { sample = (uint8_t)AT91C_BASE_SSC->SSC_RHR; - }while (IS_LOW(sample) && !IS_TIMEOUT(timeout)); + } while (IS_LOW(sample) && !IS_TIMEOUT(timeout)); if (IS_TIMEOUT(timeout)) return 0; @@ -227,7 +227,7 @@ static uint32_t get_pulse_invert_length(void) { do { sample = (uint8_t)AT91C_BASE_SSC->SSC_RHR; - }while (IS_HIGH(sample) && !IS_TIMEOUT(timeout)); + } while (IS_HIGH(sample) && !IS_TIMEOUT(timeout)); if (IS_TIMEOUT(timeout)) return 0; @@ -235,7 +235,7 @@ static uint32_t get_pulse_invert_length(void) { timeout = GetTicks() + (TICKS_PER_FC * 3 * EM4X70_T_TAG_FULL_PERIOD); do { sample = (uint8_t)AT91C_BASE_SSC->SSC_RHR; - }while (IS_LOW(sample) && !IS_TIMEOUT(timeout)); + } while (IS_LOW(sample) && !IS_TIMEOUT(timeout)); if (IS_TIMEOUT(timeout)) return 0; @@ -279,9 +279,9 @@ static void em4x70_send_bit(bool bit) { /** * em4x70_send_nibble - * + * * sends 4 bits of data + 1 bit of parity (with_parity) - * + * */ static void em4x70_send_nibble(uint8_t nibble, bool with_parity) { int parity = 0; @@ -289,16 +289,16 @@ static void em4x70_send_nibble(uint8_t nibble, bool with_parity) { // Non automotive EM4x70 based tags are 3 bits + 1 parity. // So drop the MSB and send a parity bit instead after the command - if(command_parity) + if (command_parity) msb_bit = 1; - + for (int i = msb_bit; i < 4; i++) { int bit = (nibble >> (3 - i)) & 1; em4x70_send_bit(bit); parity ^= bit; } - if(with_parity) + if (with_parity) em4x70_send_bit(parity); } @@ -313,8 +313,8 @@ static void em4x70_send_word(const uint16_t word) { // Split into nibbles uint8_t nibbles[4]; uint8_t j = 0; - for(int i = 0; i < 2; i++) { - uint8_t byte = (word >> (8*i)) & 0xff; + for (int i = 0; i < 2; i++) { + uint8_t byte = (word >> (8 * i)) & 0xff; nibbles[j++] = (byte >> 4) & 0xf; nibbles[j++] = byte & 0xf; } @@ -369,13 +369,13 @@ static int send_pin(const uint32_t pin) { em4x70_send_nibble(EM4X70_COMMAND_PIN, true); // --> Send TAG ID (bytes 4-7) - for(int i=0; i < 4; i++) { - em4x70_send_byte(tag.data[7-i]); + for (int i = 0; i < 4; i++) { + em4x70_send_byte(tag.data[7 - i]); } // --> Send PIN - for(int i=0; i < 4 ; i++) { - em4x70_send_byte((pin>>(i*8)) & 0xff); + for (int i = 0; i < 4 ; i++) { + em4x70_send_byte((pin >> (i * 8)) & 0xff); } // Wait TWALB (write access lock bits) @@ -389,7 +389,7 @@ static int send_pin(const uint32_t pin) { // <-- Receive header + ID uint8_t tag_id[64]; int num = em4x70_receive(tag_id); - if(num < 32) { + if (num < 32) { Dbprintf("Invalid ID Received"); return PM3_ESOFT; } @@ -415,7 +415,7 @@ static int write(const uint16_t word, const uint8_t address) { // send data word em4x70_send_word(word); - // Wait TWA + // Wait TWA WaitTicks(TICKS_PER_FC * EM4X70_T_TAG_TWA); // look for ACK sequence @@ -435,9 +435,9 @@ static int write(const uint16_t word, const uint8_t address) { static bool find_listen_window(bool command) { - + int cnt = 0; - while(cnt < EM4X70_T_WAITING_FOR_SNGLLIW) { + while (cnt < EM4X70_T_WAITING_FOR_SNGLLIW) { /* 80 ( 64 + 16 ) 80 ( 64 + 16 ) @@ -445,26 +445,25 @@ static bool find_listen_window(bool command) { 96 ( 64 + 32 ) 64 ( 32 + 16 +16 )*/ - if ( check_pulse_length(get_pulse_invert_length(), 80) && - check_pulse_length(get_pulse_invert_length(), 80) && - check_pulse_length(get_pulse_length(), 96) && - check_pulse_length(get_pulse_length(), 64) ) - { + if (check_pulse_length(get_pulse_invert_length(), 80) && + check_pulse_length(get_pulse_invert_length(), 80) && + check_pulse_length(get_pulse_length(), 96) && + check_pulse_length(get_pulse_length(), 64)) { - if(command) { - /* Here we are after the 64 duration edge. - * em4170 says we need to wait about 48 RF clock cycles. - * depends on the delay between tag and us - * - * I've found between 4-5 quarter periods (32-40) works best - */ - WaitTicks(TICKS_PER_FC * 4 * EM4X70_T_TAG_QUARTER_PERIOD); - // Send RM Command - em4x70_send_bit(0); - em4x70_send_bit(0); - } - return true; + if (command) { + /* Here we are after the 64 duration edge. + * em4170 says we need to wait about 48 RF clock cycles. + * depends on the delay between tag and us + * + * I've found between 4-5 quarter periods (32-40) works best + */ + WaitTicks(TICKS_PER_FC * 4 * EM4X70_T_TAG_QUARTER_PERIOD); + // Send RM Command + em4x70_send_bit(0); + em4x70_send_bit(0); } + return true; + } cnt++; } @@ -472,17 +471,17 @@ static bool find_listen_window(bool command) { } static void bits2bytes(const uint8_t *bits, int length, uint8_t *out) { - - if(length%8 != 0) { + + if (length % 8 != 0) { Dbprintf("Should have a multiple of 8 bits, was sent %d", length); } - + int num_bytes = length / 8; // We should have a multiple of 8 here - for(int i=1; i <= num_bytes; i++) { - out[num_bytes-i] = bits2byte(bits, 8); + for (int i = 1; i <= num_bytes; i++) { + out[num_bytes - i] = bits2byte(bits, 8); bits += 8; - } + } } static uint8_t bits2byte(const uint8_t *bits, int length) { @@ -501,16 +500,16 @@ static uint8_t bits2byte(const uint8_t *bits, int length) { } static bool send_command_and_read(uint8_t command, uint8_t resp_len_bits, uint8_t *out_bytes) { - + int retries = EM4X70_COMMAND_RETRIES; - while(retries) { + while (retries) { retries--; - if(find_listen_window(true)) { + if (find_listen_window(true)) { uint8_t bits[EM4X70_MAX_RECEIVE_LENGTH] = {0}; em4x70_send_nibble(command, command_parity); int len = em4x70_receive(bits); - if(len < resp_len_bits) { + if (len < resp_len_bits) { Dbprintf("Invalid data received length: %d", len); return false; } @@ -525,9 +524,9 @@ static bool send_command_and_read(uint8_t command, uint8_t resp_len_bits, uint8_ /** * em4x70_read_id - * + * * read pre-programmed ID (4 bytes) - */ + */ static bool em4x70_read_id(void) { return send_command_and_read(EM4X70_COMMAND_ID, 32, &tag.data[4]); @@ -536,7 +535,7 @@ static bool em4x70_read_id(void) { /** * em4x70_read_um1 - * + * * read user memory 1 (4 bytes including lock bits) */ static bool em4x70_read_um1(void) { @@ -548,7 +547,7 @@ static bool em4x70_read_um1(void) { /** * em4x70_read_um2 - * + * * read user memory 2 (8 bytes) */ static bool em4x70_read_um2(void) { @@ -573,28 +572,28 @@ static int em4x70_receive(uint8_t *bits) { // Read out the header // 12 Manchester 1's (may miss some during settle period) // 4 Manchester 0's - + // Skip a few leading 1's as it could be noisy WaitTicks(TICKS_PER_FC * 3 * EM4X70_T_TAG_FULL_PERIOD); // wait until we get the transition from 1's to 0's which is 1.5 full windows int pulse_count = 0; - while(pulse_count < 12){ + while (pulse_count < 12) { pl = get_pulse_invert_length(); pulse_count++; - if(check_pulse_length(pl, 3 * EM4X70_T_TAG_HALF_PERIOD)) { + if (check_pulse_length(pl, 3 * EM4X70_T_TAG_HALF_PERIOD)) { foundheader = true; break; } } - if(!foundheader) { + if (!foundheader) { Dbprintf("Failed to find read header"); return 0; } // Skip next 3 0's, header check consumes the first 0 - for(int i = 0; i < 3; i++) { + for (int i = 0; i < 3; i++) { get_pulse_invert_length(); } @@ -602,7 +601,7 @@ static int em4x70_receive(uint8_t *bits) { // between two listen windows only pulse lengths of 1, 1.5 and 2 are possible while (bit_pos < EM4X70_MAX_RECEIVE_LENGTH) { - if(edge) + if (edge) pl = get_pulse_length(); else pl = get_pulse_invert_length(); @@ -615,7 +614,7 @@ static int em4x70_receive(uint8_t *bits) { } else if (check_pulse_length(pl, 3 * EM4X70_T_TAG_HALF_PERIOD)) { // pulse length = 1.5 -> flip edge detection - if(edge) { + if (edge) { bits[bit_pos++] = 0; bits[bit_pos++] = 0; edge = 0; @@ -628,7 +627,7 @@ static int em4x70_receive(uint8_t *bits) { } else if (check_pulse_length(pl, 2 * EM4X70_T_TAG_FULL_PERIOD)) { // pulse length of 2 - if(edge) { + if (edge) { bits[bit_pos++] = 0; bits[bit_pos++] = 1; } else { @@ -636,8 +635,8 @@ static int em4x70_receive(uint8_t *bits) { bits[bit_pos++] = 0; } - } else if ( (edge && check_pulse_length(pl, 3 * EM4X70_T_TAG_FULL_PERIOD)) || - (!edge && check_pulse_length(pl, 80))) { + } else if ((edge && check_pulse_length(pl, 3 * EM4X70_T_TAG_FULL_PERIOD)) || + (!edge && check_pulse_length(pl, 80))) { // LIW detected (either invert or normal) return --bit_pos; @@ -651,7 +650,7 @@ static int em4x70_receive(uint8_t *bits) { void em4x70_info(em4x70_data_t *etd) { uint8_t status = 0; - + // Support tags with and without command parity bits command_parity = etd->parity; @@ -680,11 +679,11 @@ void em4x70_write(em4x70_data_t *etd) { // Find the Tag if (get_signalproperties() && find_EM4X70_Tag()) { - + // Write status = write(etd->word, etd->address) == PM3_SUCCESS; - if(status) { + if (status) { // Read Tag after writing em4x70_read_id(); em4x70_read_um1(); @@ -709,15 +708,15 @@ void em4x70_unlock(em4x70_data_t *etd) { // Find the Tag if (get_signalproperties() && find_EM4X70_Tag()) { - + // Read ID (required for send_pin command) - if(em4x70_read_id()) { - + if (em4x70_read_id()) { + // Send PIN status = send_pin(etd->pin) == PM3_SUCCESS; // If the write succeeded, read the rest of the tag - if(status) { + if (status) { // Read Tag // ID doesn't change em4x70_read_um1(); diff --git a/armsrc/iso15693.c b/armsrc/iso15693.c index b6d1b7ed8..ef4695e20 100644 --- a/armsrc/iso15693.c +++ b/armsrc/iso15693.c @@ -1727,7 +1727,7 @@ void SimTagIso15693(uint8_t *uid) { if ((cmd_len >= 5) && (cmd[0] & ISO15_REQ_INVENTORY) && (cmd[1] == ISO15_CMD_INVENTORY)) { bool slow = !(cmd[0] & ISO15_REQ_DATARATE_HIGH); uint32_t response_time = reader_eof_time + DELAY_ISO15693_VCD_TO_VICC_SIM; - + // Build INVENTORY command uint8_t resp_inv[CMD_INV_RESP] = {0}; @@ -1743,30 +1743,30 @@ void SimTagIso15693(uint8_t *uid) { resp_inv[7] = uid[2]; resp_inv[8] = uid[1]; resp_inv[9] = uid[0]; - + // CRC AddCrc15(resp_inv, 10); CodeIso15693AsTag(resp_inv, CMD_INV_RESP); - + tosend_t *ts = get_tosend(); - + TransmitTo15693Reader(ts->buf, ts->max, &response_time, 0, slow); LogTrace_ISO15693(resp_inv, CMD_INV_RESP, response_time * 32, (response_time * 32) + (ts->max * 32 * 64), NULL, false); chip_state = SELECTED; } - + // GET_SYSTEM_INFO if ((cmd[1] == ISO15_CMD_SYSINFO)) { bool slow = !(cmd[0] & ISO15_REQ_DATARATE_HIGH); uint32_t response_time = reader_eof_time + DELAY_ISO15693_VCD_TO_VICC_SIM; - + // Build GET_SYSTEM_INFO command uint8_t resp_sysinfo[CMD_SYSINFO_RESP] = {0}; - + resp_sysinfo[0] = 0; // Response flags. resp_sysinfo[1] = 0x0F; // Information flags (0x0F - DSFID, AFI, Mem size, IC) - + // 64-bit UID resp_sysinfo[2] = uid[7]; resp_sysinfo[3] = uid[6]; @@ -1776,42 +1776,42 @@ void SimTagIso15693(uint8_t *uid) { resp_sysinfo[7] = uid[2]; resp_sysinfo[8] = uid[1]; resp_sysinfo[9] = uid[0]; - + resp_sysinfo[10] = 0; // DSFID resp_sysinfo[11] = 0; // AFI resp_sysinfo[12] = 0x1B; // Memory size. resp_sysinfo[13] = 0x03; // Memory size. resp_sysinfo[14] = 0x01; // IC reference. - + // CRC AddCrc15(resp_sysinfo, 15); CodeIso15693AsTag(resp_sysinfo, CMD_SYSINFO_RESP); - + tosend_t *ts = get_tosend(); - + TransmitTo15693Reader(ts->buf, ts->max, &response_time, 0, slow); LogTrace_ISO15693(resp_sysinfo, CMD_SYSINFO_RESP, response_time * 32, (response_time * 32) + (ts->max * 32 * 64), NULL, false); } - + // READ_BLOCK if ((cmd[1] == ISO15_CMD_READ)) { bool slow = !(cmd[0] & ISO15_REQ_DATARATE_HIGH); uint32_t response_time = reader_eof_time + DELAY_ISO15693_VCD_TO_VICC_SIM; - + // Build GET_SYSTEM_INFO command uint8_t resp_readblock[CMD_READBLOCK_RESP] = {0}; - + resp_readblock[0] = 0; // Response flags. resp_readblock[1] = 0; // Block data. resp_readblock[2] = 0; // Block data. resp_readblock[3] = 0; // Block data. resp_readblock[4] = 0; // Block data. - + // CRC AddCrc15(resp_readblock, 5); CodeIso15693AsTag(resp_readblock, CMD_READBLOCK_RESP); - + tosend_t *ts = get_tosend(); TransmitTo15693Reader(ts->buf, ts->max, &response_time, 0, slow); diff --git a/armsrc/lfsampling.c b/armsrc/lfsampling.c index 7a42367dc..ef1d128cc 100644 --- a/armsrc/lfsampling.c +++ b/armsrc/lfsampling.c @@ -515,7 +515,7 @@ void doCotagAcquisition(void) { if (BUTTON_PRESS()) break; - + if (checker == 4000) { if (data_available()) break; diff --git a/client/src/cmdhf14a.c b/client/src/cmdhf14a.c index 576979aad..9957e8ed3 100644 --- a/client/src/cmdhf14a.c +++ b/client/src/cmdhf14a.c @@ -2135,7 +2135,7 @@ static int CmdHf14AFuzzapdu(const char *Cmd) { "Tag must be on antenna before running.", "hf 14a apdufuzz\n" "hf 14a apdufuzz --cla 80\n" - ); + ); void *argtable[] = { arg_param_begin, @@ -2143,7 +2143,7 @@ static int CmdHf14AFuzzapdu(const char *Cmd) { arg_str0(NULL, "ins", "", "start INSTRUCTION value (1 hex byte)"), arg_str0(NULL, "p1", "", "start P1 value (1 hex byte)"), arg_str0(NULL, "p2", "", "start P2 value (1 hex byte)"), - arg_str0(NULL, "le", "", "start LENGTH value (1 hex byte)"), + arg_str0(NULL, "le", "", "start LENGTH value (1 hex byte)"), arg_lit0("v", "verbose", "verbose output"), arg_param_end }; @@ -2152,7 +2152,7 @@ static int CmdHf14AFuzzapdu(const char *Cmd) { int cla_len = 0; uint8_t cla[1] = {0}; CLIGetHexWithReturn(ctx, 1, cla, &cla_len); - + int ins_len = 0; uint8_t ins[1] = {0}; CLIGetHexWithReturn(ctx, 2, ins, &ins_len); @@ -2176,12 +2176,12 @@ static int CmdHf14AFuzzapdu(const char *Cmd) { bool keep_field_on = true; uint8_t a = cla[0]; - uint8_t b = ins[0]; + uint8_t b = ins[0]; uint8_t c = p1[0]; uint8_t d = p2[0]; - uint8_t e = le[0]; + uint8_t e = le[0]; - PrintAndLogEx(SUCCESS, "Starting the apdu fuzzer [ CLA " _GREEN_("%02X") " INS " _GREEN_("%02X") " P1 " _GREEN_("%02X") " P2 " _GREEN_("%02X") " LE " _GREEN_("%02x")" ]", a,b,c,d,e); + PrintAndLogEx(SUCCESS, "Starting the apdu fuzzer [ CLA " _GREEN_("%02X") " INS " _GREEN_("%02X") " P1 " _GREEN_("%02X") " P2 " _GREEN_("%02X") " LE " _GREEN_("%02x")" ]", a, b, c, d, e); PrintAndLogEx(INFO, "Press " _GREEN_("") " to exit"); uint8_t response[PM3_CMD_DATA_SIZE]; @@ -2210,7 +2210,7 @@ static int CmdHf14AFuzzapdu(const char *Cmd) { } uint8_t foo[5] = {a, b, c, d, e}; - int foo_n = sizeof(foo); + int foo_n = sizeof(foo); if (verbose) { PrintAndLogEx(INFO, "%s", sprint_hex(foo, sizeof(foo))); @@ -2218,34 +2218,34 @@ static int CmdHf14AFuzzapdu(const char *Cmd) { res = ExchangeAPDU14a(foo, foo_n, activate_field, keep_field_on, response, sizeof(response), &resplen); if (res) { e++; - continue; + continue; } uint16_t sw = get_sw(response, resplen); if (sw != 0x6a86 && - sw != 0x6986 && - sw != 0x6d00 - ) { - PrintAndLogEx(INFO, "%02X %02X %02X %02X %02X (%04x - %s)", a,b,c,d,e, sw, GetAPDUCodeDescription(sw >> 8, sw & 0xff)); + sw != 0x6986 && + sw != 0x6d00 + ) { + PrintAndLogEx(INFO, "%02X %02X %02X %02X %02X (%04x - %s)", a, b, c, d, e, sw, GetAPDUCodeDescription(sw >> 8, sw & 0xff)); } e++; if (verbose) { - PrintAndLogEx(INFO, "Status: %02X %02X %02X %02X %02X", a,b,c,d,e); + PrintAndLogEx(INFO, "Status: %02X %02X %02X %02X %02X", a, b, c, d, e); } } while (e); d++; - PrintAndLogEx(INFO, "Status: %02X %02X %02X %02X %02X", a,b,c,d,e); + PrintAndLogEx(INFO, "Status: %02X %02X %02X %02X %02X", a, b, c, d, e); } while (d); c++; - PrintAndLogEx(INFO, "Status: %02X %02X %02X %02X %02X", a,b,c,d,e); + PrintAndLogEx(INFO, "Status: %02X %02X %02X %02X %02X", a, b, c, d, e); } while (c); b++; - PrintAndLogEx(INFO, "Status: %02X %02X %02X %02X %02X", a,b,c,d,e); + PrintAndLogEx(INFO, "Status: %02X %02X %02X %02X %02X", a, b, c, d, e); } while (b); a++; - PrintAndLogEx(INFO, "Status: %02X %02X %02X %02X %02X", a,b,c,d,e); - } while(a); + PrintAndLogEx(INFO, "Status: %02X %02X %02X %02X %02X", a, b, c, d, e); + } while (a); out: PrintAndLogEx(SUCCESS, "time: %" PRIu64 " seconds\n", (msclock() - t1) / 1000); diff --git a/client/src/cmdhficlass.c b/client/src/cmdhficlass.c index 075a5562e..0d182d9c3 100644 --- a/client/src/cmdhficlass.c +++ b/client/src/cmdhficlass.c @@ -624,7 +624,7 @@ static int CmdHFiClassReader(const char *Cmd) { CLIParserInit(&ctx, "hf iclass reader", "Act as a iCLASS reader. Look for iCLASS tags until Enter or the pm3 button is pressed", "hf iclass reader -@ -> continuous reader mode" - ); + ); void *argtable[] = { arg_param_begin, @@ -1700,7 +1700,7 @@ static int CmdHFiClassRestore(const char *Cmd) { "hf iclass restore -f hf-iclass-AA162D30F8FF12F1-dump.bin --first 6 --last 18 --ki 0\n" "hf iclass restore -f hf-iclass-AA162D30F8FF12F1-dump.bin --first 6 --last 18 --ki 0 --elite\n" "hf iclass restore -f hf-iclass-AA162D30F8FF12F1-dump.bin --first 6 --last 18 -k 1122334455667788 --elite\n" - ); + ); void *argtable[] = { arg_param_begin, @@ -3318,12 +3318,12 @@ static int CmdHFiClassPermuteKey(const char *Cmd) { static int CmdHFiClassEncode(const char *Cmd) { - CLIParserContext *ctx; + CLIParserContext *ctx; CLIParserInit(&ctx, "hf iclass encode", "Encode binary wiegand to block 7", "hf iclass encode --bin 10001111100000001010100011 --ki 0 -> FC 31 CN 337\n" "hf iclass encode --bin 10001111100000001010100011 --ki 0 --elite -> FC 31 CN 337, writing w elite key" - ); + ); void *argtable[] = { arg_param_begin, @@ -3422,7 +3422,7 @@ static int CmdHFiClassEncode(const char *Cmd) { } // add binary sentinel bit. pushBit(&bout, 1); - + // convert binary string to hex bytes for (int i = 0; i < bin_len; i++) { char c = bin[i]; @@ -3449,11 +3449,11 @@ static int CmdHFiClassEncode(const char *Cmd) { int isok = PM3_SUCCESS; // write - for (uint8_t i=0; i<4; i++) { - isok = iclass_write_block(6 + i, credential + (i*8), key, use_credit_key, elite, rawkey, false, false, auth); + for (uint8_t i = 0; i < 4; i++) { + isok = iclass_write_block(6 + i, credential + (i * 8), key, use_credit_key, elite, rawkey, false, false, auth); switch (isok) { case PM3_SUCCESS: - PrintAndLogEx(SUCCESS, "Write block %d/0x0%x ( " _GREEN_("ok") " ) --> " _YELLOW_("%s"), 6 + i, 6 + i, sprint_hex_inrow(credential + (i*8), 8)); + PrintAndLogEx(SUCCESS, "Write block %d/0x0%x ( " _GREEN_("ok") " ) --> " _YELLOW_("%s"), 6 + i, 6 + i, sprint_hex_inrow(credential + (i * 8), 8)); break; default: PrintAndLogEx(SUCCESS, "Write block %d/0x0%x ( " _RED_("fail") " )", 6 + i, 6 + i); diff --git a/client/src/cmdhfmfp.c b/client/src/cmdhfmfp.c index 46d7bf0cf..ab41bcf41 100644 --- a/client/src/cmdhfmfp.c +++ b/client/src/cmdhfmfp.c @@ -276,7 +276,7 @@ static int CmdHFMFPInfo(const char *Cmd) { arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); - + PrintAndLogEx(NORMAL, ""); PrintAndLogEx(INFO, "--- " _CYAN_("Tag Information") " ---------------------------"); PrintAndLogEx(INFO, "-------------------------------------------------------------"); diff --git a/client/src/cmdlfawid.c b/client/src/cmdlfawid.c index 6591e1364..c54c3cd1d 100644 --- a/client/src/cmdlfawid.c +++ b/client/src/cmdlfawid.c @@ -510,7 +510,7 @@ static int CmdAWIDBrute(const char *Cmd) { break; } - + // truncate card number if ((cn & 0xFFFF) != cn) { cn &= 0xFFFF; @@ -550,7 +550,7 @@ static int CmdAWIDBrute(const char *Cmd) { if (cn > 1) { if (down > 1) { if (sendTry(fmtlen, fc, --down, delay, bits, size, verbose) != PM3_SUCCESS) { - return PM3_ESOFT; + return PM3_ESOFT; } } } diff --git a/client/src/cmdlfdestron.c b/client/src/cmdlfdestron.c index ec5e67a28..13f7a6398 100644 --- a/client/src/cmdlfdestron.c +++ b/client/src/cmdlfdestron.c @@ -190,9 +190,9 @@ static int CmdDestronClone(const char *Cmd) { blocks[1] = (blocks[1] & 0xFFFF) | 0xAAE20000; PrintAndLogEx(INFO, "Preparing to clone Destron tag to " _YELLOW_("%s") " with ID: " _YELLOW_("%s") - , cardtype - , sprint_hex_inrow(data, datalen) - ); + , cardtype + , sprint_hex_inrow(data, datalen) + ); print_blocks(blocks, ARRAYLEN(blocks)); diff --git a/client/src/cmdlfem410x.c b/client/src/cmdlfem410x.c index 790e3e070..c8b11a9db 100644 --- a/client/src/cmdlfem410x.c +++ b/client/src/cmdlfem410x.c @@ -118,7 +118,7 @@ void printEM410x(uint32_t hi, uint64_t id, bool verbose) { if (hi) { PrintAndLogEx(SUCCESS, "EM 410x ID "_GREEN_("%06X%016" PRIX64), hi, id); } else { - PrintAndLogEx(SUCCESS, "EM 410x ID "_GREEN_("%010" PRIX64), id); + PrintAndLogEx(SUCCESS, "EM 410x ID "_GREEN_("%010" PRIX64), id); } return; } @@ -395,7 +395,7 @@ static int CmdEM410xReader(const char *Cmd) { // emulate an EM410X tag static int CmdEM410xSim(const char *Cmd) { - + CLIParserContext *ctx; CLIParserInit(&ctx, "lf em 410x sim", "Enables simulation of EM 410x card.\n" @@ -433,7 +433,7 @@ static int CmdEM410xSim(const char *Cmd) { return PM3_SUCCESS; } -static int CmdEM410xBrute(const char *Cmd) { +static int CmdEM410xBrute(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "lf em 410x brute", "bruteforcing by emulating EM 410x tag", @@ -452,10 +452,10 @@ static int CmdEM410xBrute(const char *Cmd) { }; CLIExecWithReturn(ctx, Cmd, argtable, false); - // clock default 64 in EM410x + // clock default 64 in EM410x uint32_t clk = arg_get_u32_def(ctx, 1, 64); - // default pause time: 1 second + // default pause time: 1 second uint32_t delay = arg_get_u32_def(ctx, 2, 1000); int fnlen = 0; @@ -467,7 +467,7 @@ static int CmdEM410xBrute(const char *Cmd) { PrintAndLogEx(ERR, "Error: Please specify a filename"); return PM3_EINVARG; } - + uint32_t uidcnt = 0; uint8_t stUidBlock = 20; uint8_t *p = NULL; @@ -543,10 +543,10 @@ static int CmdEM410xBrute(const char *Cmd) { memcpy(testuid, uidblock + 5 * c, 5); PrintAndLogEx(INFO, "Bruteforce %d / %d: simulating UID " _YELLOW_("%s") - , c + 1 - , uidcnt - , sprint_hex_inrow(testuid, sizeof(testuid)) - ); + , c + 1 + , uidcnt + , sprint_hex_inrow(testuid, sizeof(testuid)) + ); em410x_construct_emul_graph(testuid, clk); @@ -585,7 +585,7 @@ static int CmdEM410xClone(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "lf em 410x clone", "Writes EM410x ID to a T55x7 or Q5/T5555 tag", - "lf em 410x clone --id 0F0368568B -> write id to T55x7 tag\n" + "lf em 410x clone --id 0F0368568B -> write id to T55x7 tag\n" "lf em 410x clone --id 0F0368568B --q5 -> write id to Q5/T5555 tag" ); @@ -598,7 +598,7 @@ static int CmdEM410xClone(const char *Cmd) { }; CLIExecWithReturn(ctx, Cmd, argtable, false); - // clock default 64 in EM410x + // clock default 64 in EM410x uint32_t clk = arg_get_u32_def(ctx, 1, 64); int uid_len = 0; uint8_t uid[5] = {0}; diff --git a/client/src/cmdlfem4x05.c b/client/src/cmdlfem4x05.c index 0f968d23d..c0dc8c2ee 100644 --- a/client/src/cmdlfem4x05.c +++ b/client/src/cmdlfem4x05.c @@ -773,7 +773,7 @@ int CmdEM4x05Write(const char *Cmd) { void *argtable[] = { arg_param_begin, arg_int0("a", "addr", "", "memory address to write to. (0-13)"), - arg_str1("d", "data", "", "data to write, 4 bytes hex"), + arg_str1("d", "data", "", "data to write, 4 bytes hex"), arg_str0("p", "pwd", "", "optional - password, 4 bytes hex"), arg_lit0(NULL, "po", "protect operation"), arg_param_end @@ -784,14 +784,14 @@ int CmdEM4x05Write(const char *Cmd) { uint64_t inputpwd = arg_get_u64_hexstr_def(ctx, 3, 0xFFFFFFFFFFFFFFFF); bool protect_operation = arg_get_lit(ctx, 4); CLIParserFree(ctx); - + if ((addr > 13) && (protect_operation == false)) { PrintAndLogEx(WARNING, "Address must be between 0 and 13"); return PM3_EINVARG; } - bool use_pwd = false; - uint32_t pwd = ( inputpwd != 0xFFFFFFFFFFFFFFFF) ? (inputpwd & 0xFFFFFFFF) : 0; + bool use_pwd = false; + uint32_t pwd = (inputpwd != 0xFFFFFFFFFFFFFFFF) ? (inputpwd & 0xFFFFFFFF) : 0; if (pwd == 0xFFFFFFFF) { if (protect_operation) PrintAndLogEx(INFO, "Writing protection words data %08X", data); @@ -807,14 +807,14 @@ int CmdEM4x05Write(const char *Cmd) { int res = PM3_SUCCESS; // set Protect Words - if (protect_operation) { + if (protect_operation) { res = em4x05_protect(pwd, use_pwd, data); - if ( res != PM3_SUCCESS) { + if (res != PM3_SUCCESS) { return res; } } else { res = em4x05_write_word_ext(addr, pwd, use_pwd, data); - if ( res != PM3_SUCCESS) { + if (res != PM3_SUCCESS) { return res; } } @@ -888,25 +888,25 @@ int CmdEM4x05Wipe(const char *Cmd) { bool use_pwd = false; uint32_t pwd = 0; - if ( inputpwd != 0xFFFFFFFFFFFFFFFF) { + if (inputpwd != 0xFFFFFFFFFFFFFFFF) { pwd = (inputpwd & 0xFFFFFFFF); use_pwd = true; } // block 0 : User Data or Chip Info int res = em4x05_write_word_ext(0, pwd, use_pwd, chip_info); - if ( res != PM3_SUCCESS) { + if (res != PM3_SUCCESS) { return res; } // block 1 : UID - this should be read only for EM4205 and EM4305 not sure about others res = em4x05_write_word_ext(1, pwd, use_pwd, chip_UID); - if ( res != PM3_SUCCESS) { + if (res != PM3_SUCCESS) { PrintAndLogEx(INFO, "UID block write failed"); } // block 2 : password res = em4x05_write_word_ext(2, pwd, use_pwd, block_data); - if ( res != PM3_SUCCESS) { + if (res != PM3_SUCCESS) { return res; } @@ -914,20 +914,20 @@ int CmdEM4x05Wipe(const char *Cmd) { pwd = block_data; // block 3 : user data res = em4x05_write_word_ext(3, pwd, use_pwd, block_data); - if ( res != PM3_SUCCESS) { + if (res != PM3_SUCCESS) { return res; } // block 4 : config res = em4x05_write_word_ext(4, pwd, use_pwd, config); - if ( res != PM3_SUCCESS) { + if (res != PM3_SUCCESS) { return res; } // Remainder of user/data blocks for (addr = 5; addr < 14; addr++) {// Clear user data blocks res = em4x05_write_word_ext(addr, pwd, use_pwd, block_data); - if ( res != PM3_SUCCESS) { + if (res != PM3_SUCCESS) { return res; } } @@ -2146,4 +2146,4 @@ static int CmdHelp(const char *Cmd) { int CmdLFEM4X05(const char *Cmd) { clearCommandBuffer(); return CmdsParse(CommandTable, Cmd); -} \ No newline at end of file +} diff --git a/client/src/cmdlfem4x50.c b/client/src/cmdlfem4x50.c index ccdf30394..09df8cfe6 100644 --- a/client/src/cmdlfem4x50.c +++ b/client/src/cmdlfem4x50.c @@ -28,7 +28,7 @@ static void prepare_result(const uint8_t *data, int fwr, int lwr, em4x50_word_t // restructure received result in "em4x50_word_t" structure for (int i = fwr; i <= lwr; i++) { for (int j = 0; j < 4; j++) { - words[i].byte[j] = data[i * 4 + (3 - j)]; + words[i].byte[j] = data[i * 4 + (3 - j)]; } } } @@ -131,7 +131,7 @@ static int em4x50_load_file(const char *filename, uint8_t *data, size_t data_len int res = 0; uint32_t serial = 0x0, device_id = 0x0; - + if (str_endswith(filename, ".eml")) res = loadFileEML(filename, data, bytes_read) != PM3_SUCCESS; else if (str_endswith(filename, ".json")) @@ -202,7 +202,7 @@ int CmdEM4x50ELoad(const char *Cmd) { // upload to emulator memory PrintAndLogEx(INFO, "Uploading dump " _YELLOW_("%s") " to emulator memory", filename); em4x50_seteml(data, 0, DUMP_FILESIZE); - + PrintAndLogEx(INFO, "Done"); return PM3_SUCCESS; } @@ -236,7 +236,7 @@ int CmdEM4x50ESave(const char *Cmd) { PrintAndLogEx(WARNING, "Fail, transfer from device time-out"); return PM3_ETIMEOUT; } - + // valid em4x50 data? uint32_t serial = bytes_to_num(data + 4 * EM4X50_DEVICE_SERIAL, 4); uint32_t device_id = bytes_to_num(data + 4 * EM4X50_DEVICE_ID, 4); @@ -244,7 +244,7 @@ int CmdEM4x50ESave(const char *Cmd) { PrintAndLogEx(WARNING, "No valid em4x50 data in flash memory."); return PM3_ENODATA; } - + // user supplied filename? if (fnlen == 0) { PrintAndLogEx(INFO, "Using UID as filename"); @@ -272,7 +272,7 @@ int CmdEM4x50Login(const char *Cmd) { arg_param_end }; - CLIExecWithReturn(ctx, Cmd, argtable, true); + CLIExecWithReturn(ctx, Cmd, argtable, true); int pwd_len = 0; uint8_t pwd[4] = {0x0}; CLIGetHexWithReturn(ctx, 1, pwd, &pwd_len); @@ -281,7 +281,7 @@ int CmdEM4x50Login(const char *Cmd) { if (pwd_len != 4) { PrintAndLogEx(FAILED, "password length must be 4 bytes"); return PM3_EINVARG; - } + } uint32_t password = BYTES2UINT32(pwd); @@ -315,30 +315,30 @@ int CmdEM4x50Brute(const char *Cmd) { arg_param_end }; - CLIExecWithReturn(ctx, Cmd, argtable, true); + CLIExecWithReturn(ctx, Cmd, argtable, true); int first_len = 0; - uint8_t first[4] = {0,0,0,0}; + uint8_t first[4] = {0, 0, 0, 0}; CLIGetHexWithReturn(ctx, 1, first, &first_len); int last_len = 0; - uint8_t last[4] = {0,0,0,0}; + uint8_t last[4] = {0, 0, 0, 0}; CLIGetHexWithReturn(ctx, 2, last, &last_len); CLIParserFree(ctx); if (first_len != 4) { PrintAndLogEx(FAILED, "password length must be 4 bytes"); return PM3_EINVARG; - } - if (last_len != 4) { - PrintAndLogEx(FAILED, "password length must be 4 bytes"); - return PM3_EINVARG; - } + } + if (last_len != 4) { + PrintAndLogEx(FAILED, "password length must be 4 bytes"); + return PM3_EINVARG; + } em4x50_data_t etd; etd.password1 = BYTES2UINT32(first); etd.password2 = BYTES2UINT32(last); // 27 passwords/second (empirical value) - const int speed = 27; + const int speed = 27; // print some information int no_iter = etd.password2 - etd.password1 + 1; @@ -348,10 +348,10 @@ int CmdEM4x50Brute(const char *Cmd) { dur_s -= dur_h * 3600 + dur_m * 60; PrintAndLogEx(INFO, "Trying %i passwords in range [0x%08x, 0x%08x]" - , no_iter - , etd.password1 - , etd.password2 - ); + , no_iter + , etd.password1 + , etd.password2 + ); PrintAndLogEx(INFO, "Estimated duration: %ih%im%is", dur_h, dur_m, dur_s); // start @@ -390,7 +390,7 @@ int CmdEM4x50Chk(const char *Cmd) { char filename[FILE_PATH_SIZE] = {0}; CLIParamStrToBuf(arg_get_str(ctx, 1), (uint8_t *)filename, FILE_PATH_SIZE, &fnlen); CLIParserFree(ctx); - + if (IfPm3Flash() == false) { PrintAndLogEx(WARNING, "no flash memory available"); return PM3_EFLASH; @@ -410,17 +410,17 @@ int CmdEM4x50Chk(const char *Cmd) { int res = loadFileDICTIONARY(filename, data, &datalen, 4, &key_count); if (res || !key_count) return PM3_EFILE; - + PrintAndLogEx(INFO, "You can cancel this operation by pressing the pm3 button"); int status = PM3_EFAILED; int keyblock = 2000; // block with 2000 bytes -> 500 keys uint8_t destfn[32] = "em4x50_chk.bin"; - PacketResponseNG resp; + PacketResponseNG resp; int bytes_remaining = datalen; while (bytes_remaining > 0) { - + PrintAndLogEx(INPLACE, "Remaining keys: %i ", bytes_remaining / 4); // upload to flash. @@ -434,7 +434,7 @@ int CmdEM4x50Chk(const char *Cmd) { clearCommandBuffer(); SendCommandNG(CMD_LF_EM4X50_CHK, destfn, sizeof(destfn)); WaitForResponseTimeoutW(CMD_LF_EM4X50_CHK, &resp, -1, false); - + status = resp.status; if ((status == PM3_SUCCESS) || (status == PM3_EOPABORTED)) break; @@ -444,7 +444,7 @@ int CmdEM4x50Chk(const char *Cmd) { } PrintAndLogEx(NORMAL, ""); - + // print response if (status == PM3_SUCCESS) { PrintAndLogEx(SUCCESS, "Key " _GREEN_("found: %02x %02x %02x %02x"), @@ -452,7 +452,7 @@ int CmdEM4x50Chk(const char *Cmd) { resp.data.asBytes[2], resp.data.asBytes[1], resp.data.asBytes[0] - ); + ); } else { PrintAndLogEx(FAILED, "No key found"); } @@ -536,7 +536,7 @@ int CmdEM4x50Read(const char *Cmd) { }; CLIExecWithReturn(ctx, Cmd, argtable, true); - + int addr = arg_get_int_def(ctx, 1, 0); int pwd_len = 0; uint8_t pwd[4] = {0x0}; @@ -545,7 +545,7 @@ int CmdEM4x50Read(const char *Cmd) { if (addr <= 0 || addr >= EM4X50_NO_WORDS) { return PM3_EINVARG; - } + } em4x50_data_t etd; @@ -587,11 +587,11 @@ int CmdEM4x50Info(const char *Cmd) { CLIExecWithReturn(ctx, Cmd, argtable, true); int pwd_len = 0; - uint8_t pwd[4] = {0x0}; + uint8_t pwd[4] = {0x0}; CLIGetHexWithReturn(ctx, 1, pwd, &pwd_len); CLIParserFree(ctx); - em4x50_data_t etd = {.pwd_given = false}; + em4x50_data_t etd = {.pwd_given = false}; if (pwd_len) { if (pwd_len != 4) { PrintAndLogEx(FAILED, "password length must be 4 bytes instead of %d", pwd_len); @@ -610,7 +610,7 @@ int CmdEM4x50Info(const char *Cmd) { return PM3_ETIMEOUT; } - if ( resp.status == PM3_SUCCESS) + if (resp.status == PM3_SUCCESS) print_info_result(resp.data.asBytes); else PrintAndLogEx(FAILED, "Reading tag " _RED_("failed")); @@ -666,7 +666,7 @@ int CmdEM4x50Reader(const char *Cmd) { PrintAndLogEx(INFO, _GREEN_(" %s") "| %s", sprint_hex(words[i].byte, 4), r); } - + PrintAndLogEx(INFO, "-------------+-------------"); } } while (cm && !kbd_enter_pressed()); @@ -771,11 +771,11 @@ int CmdEM4x50Write(const char *Cmd) { arg_str0("p", "pwd", "", "password, 4 bytes, lsb"), arg_param_end }; - + CLIExecWithReturn(ctx, Cmd, argtable, true); int addr = arg_get_int_def(ctx, 1, 0); - + int word_len = 0; uint8_t word[4] = {0x0}; CLIGetHexWithReturn(ctx, 2, word, &word_len); @@ -784,18 +784,18 @@ int CmdEM4x50Write(const char *Cmd) { uint8_t pwd[4] = {0x0}; CLIGetHexWithReturn(ctx, 3, pwd, &pwd_len); CLIParserFree(ctx); - + if (addr <= 0 || addr >= EM4X50_NO_WORDS) { PrintAndLogEx(FAILED, "address has to be within range [0, 31]"); return PM3_EINVARG; - } - + } + if (word_len != 4) { PrintAndLogEx(FAILED, "word/data length must be 4 bytes instead of %d", word_len); return PM3_EINVARG; } - em4x50_data_t etd = {.pwd_given = false}; + em4x50_data_t etd = {.pwd_given = false}; if (pwd_len) { if (pwd_len != 4) { PrintAndLogEx(FAILED, "password length must be 4 bytes instead of %d", pwd_len); @@ -853,7 +853,7 @@ int CmdEM4x50WritePwd(const char *Cmd) { arg_str1("n", "new", "", "new password, 4 hex bytes, lsb"), arg_param_end }; - + CLIExecWithReturn(ctx, Cmd, argtable, true); int pwd_len = 0; uint8_t pwd[4] = {0x0}; @@ -865,7 +865,7 @@ int CmdEM4x50WritePwd(const char *Cmd) { CLIParserFree(ctx); - em4x50_data_t etd; + em4x50_data_t etd; if (pwd_len != 4) { PrintAndLogEx(FAILED, "password length must be 4 bytes instead of %d", pwd_len); return PM3_EINVARG; @@ -898,9 +898,9 @@ int CmdEM4x50WritePwd(const char *Cmd) { } PrintAndLogEx(SUCCESS, "Writing new password %s (%s)" - , sprint_hex_inrow(npwd, sizeof(npwd)) - , _GREEN_("ok") - ); + , sprint_hex_inrow(npwd, sizeof(npwd)) + , _GREEN_("ok") + ); return PM3_SUCCESS; } @@ -919,7 +919,7 @@ int CmdEM4x50Wipe(const char *Cmd) { arg_param_end }; - CLIExecWithReturn(ctx, Cmd, argtable, true); + CLIExecWithReturn(ctx, Cmd, argtable, true); int pwd_len = 0; uint8_t pwd[4] = {0x0}; CLIGetHexWithReturn(ctx, 1, pwd, &pwd_len); @@ -935,7 +935,7 @@ int CmdEM4x50Wipe(const char *Cmd) { etd.password1 = BYTES2UINT32(pwd); etd.pwd_given = true; - + // clear password PacketResponseNG resp; clearCommandBuffer(); @@ -954,13 +954,13 @@ int CmdEM4x50Wipe(const char *Cmd) { // from now on new password 0x0 etd.password1 = 0x0; - + // clear data (words 1 to 31) for (int i = 1; i < EM4X50_DEVICE_SERIAL; i++) { // no login necessary for blocks 3 to 31 etd.pwd_given = (i <= EM4X50_CONTROL); - + PrintAndLogEx(INPLACE, "Wiping block %i", i); etd.addresses = i << 8 | i; @@ -971,7 +971,7 @@ int CmdEM4x50Wipe(const char *Cmd) { return PM3_ETIMEOUT; } - if ( resp.status != PM3_SUCCESS) { + if (resp.status != PM3_SUCCESS) { PrintAndLogEx(NORMAL, ""); PrintAndLogEx(FAILED, "Wiping data " _RED_("failed")); return PM3_ESOFT; @@ -1002,7 +1002,7 @@ int CmdEM4x50Restore(const char *Cmd) { arg_param_end }; - CLIExecWithReturn(ctx, Cmd, argtable, true); + CLIExecWithReturn(ctx, Cmd, argtable, true); int uidLen = 0; uint8_t uid[4] = {0x0}; @@ -1057,7 +1057,7 @@ int CmdEM4x50Restore(const char *Cmd) { etd.addresses = i << 8 | i; etd.word = reflect32(BYTES2UINT32((data + 4 * i))); - + PacketResponseNG resp; clearCommandBuffer(); SendCommandNG(CMD_LF_EM4X50_WRITE, (uint8_t *)&etd, sizeof(etd)); @@ -1074,7 +1074,7 @@ int CmdEM4x50Restore(const char *Cmd) { } } - PrintAndLogEx(NORMAL, ""); + PrintAndLogEx(NORMAL, ""); PrintAndLogEx(INFO, "Done"); return PM3_SUCCESS; } @@ -1118,10 +1118,10 @@ static command_t CommandTable[] = { {"login", CmdEM4x50Login, IfPm3EM4x50, "login into EM4x50"}, {"rdbl", CmdEM4x50Read, IfPm3EM4x50, "read word data from EM4x50"}, {"wrbl", CmdEM4x50Write, IfPm3EM4x50, "write word data to EM4x50"}, - {"writepwd",CmdEM4x50WritePwd, IfPm3EM4x50, "change password of EM4x50"}, + {"writepwd", CmdEM4x50WritePwd, IfPm3EM4x50, "change password of EM4x50"}, {"wipe", CmdEM4x50Wipe, IfPm3EM4x50, "wipe EM4x50 tag"}, {"reader", CmdEM4x50Reader, IfPm3EM4x50, "show standard read mode data of EM4x50"}, - {"restore",CmdEM4x50Restore, IfPm3EM4x50, "restore EM4x50 dump to tag"}, + {"restore", CmdEM4x50Restore, IfPm3EM4x50, "restore EM4x50 dump to tag"}, {"sim", CmdEM4x50Sim, IfPm3EM4x50, "simulate EM4x50 tag"}, {"eload", CmdEM4x50ELoad, IfPm3EM4x50, "upload dump of EM4x50 to flash memory"}, {"esave", CmdEM4x50ESave, IfPm3EM4x50, "save flash memory to file"}, diff --git a/client/src/cmdlfem4x70.c b/client/src/cmdlfem4x70.c index 2c845b377..4db2aa650 100644 --- a/client/src/cmdlfem4x70.c +++ b/client/src/cmdlfem4x70.c @@ -31,26 +31,26 @@ static void print_info_result(uint8_t *data) { // data section PrintAndLogEx(NORMAL, ""); PrintAndLogEx(INFO, _YELLOW_("EM4x70 data:")); - - for(int i=1; i <= 32; i+=2) { - PrintAndLogEx(NORMAL, "%02X %02X", data[32-i], data[32-i-1]); + + for (int i = 1; i <= 32; i += 2) { + PrintAndLogEx(NORMAL, "%02X %02X", data[32 - i], data[32 - i - 1]); } PrintAndLogEx(NORMAL, "Tag ID: %02X %02X %02X %02X", data[7], data[6], data[5], data[4]); - PrintAndLogEx(NORMAL, "Lockbit 0: %d %s", (data[3] & 0x40) ? 1:0, (data[3] & 0x40) ? "LOCKED":"UNLOCKED"); - PrintAndLogEx(NORMAL, "Lockbit 1: %d", (data[3] & 0x80) ? 1:0); + PrintAndLogEx(NORMAL, "Lockbit 0: %d %s", (data[3] & 0x40) ? 1 : 0, (data[3] & 0x40) ? "LOCKED" : "UNLOCKED"); + PrintAndLogEx(NORMAL, "Lockbit 1: %d", (data[3] & 0x80) ? 1 : 0); PrintAndLogEx(NORMAL, ""); } int em4x70_info(void) { - + em4x70_data_t edata = { .parity = false // TODO: try both? or default to true }; clearCommandBuffer(); SendCommandNG(CMD_LF_EM4X70_INFO, (uint8_t *)&edata, sizeof(edata)); - + PacketResponseNG resp; if (!WaitForResponseTimeout(CMD_LF_EM4X70_INFO, &resp, TIMEOUT)) { PrintAndLogEx(WARNING, "(em4x70) timeout while waiting for reply."); @@ -87,7 +87,7 @@ int CmdEM4x70Info(const char *Cmd) { " V4070 and EM4170 do require parity bit.", "lf em 4x70 info\n" "lf em 4x70 info --par -> adds parity bit to command\n" - ); + ); void *argtable[] = { arg_param_begin, @@ -128,7 +128,7 @@ int CmdEM4x70Write(const char *Cmd) { "Write EM4x70\n", "lf em 4x70 write -b 15 -d c0de -> write 'c0de' to block 15\n" "lf em 4x70 write -b 15 -d c0de --par -> adds parity bit to commands\n" - ); + ); void *argtable[] = { arg_param_begin, @@ -139,11 +139,11 @@ int CmdEM4x70Write(const char *Cmd) { }; CLIExecWithReturn(ctx, Cmd, argtable, true); - + etd.parity = arg_get_lit(ctx, 1); - + int addr = arg_get_int(ctx, 2); - + int word_len = 0; uint8_t word[2] = {0x0}; CLIGetHexWithReturn(ctx, 3, word, &word_len); @@ -153,8 +153,8 @@ int CmdEM4x70Write(const char *Cmd) { if (addr < 0 || addr >= EM4X70_NUM_BLOCKS) { PrintAndLogEx(FAILED, "block has to be within range [0, 15]"); return PM3_EINVARG; - } - + } + if (word_len != 2) { PrintAndLogEx(FAILED, "word/data length must be 2 bytes instead of %d", word_len); return PM3_EINVARG; @@ -195,7 +195,7 @@ int CmdEM4x70Unlock(const char *Cmd) { " 00000000\n", "lf em 4x70 unlock -p 11223344 -> Unlock with PIN\n" "lf em 4x70 unlock -p 11223344 --par -> Unlock with PIN using parity commands\n" - ); + ); void *argtable[] = { arg_param_begin, @@ -205,12 +205,12 @@ int CmdEM4x70Unlock(const char *Cmd) { }; CLIExecWithReturn(ctx, Cmd, argtable, true); - + etd.parity = arg_get_lit(ctx, 1); - + int pin_len = 0; uint8_t pin[4] = {0x0}; - + CLIGetHexWithReturn(ctx, 2, pin, &pin_len); CLIParserFree(ctx); diff --git a/client/src/cmdlffdxb.c b/client/src/cmdlffdxb.c index f44182483..529f63019 100644 --- a/client/src/cmdlffdxb.c +++ b/client/src/cmdlffdxb.c @@ -727,7 +727,7 @@ static int CmdFdxBClone(const char *Cmd) { } uint32_t extended = 0; - bool has_extended = false; + bool has_extended = false; if (extended_len) { extended = bytes_to_num(edata, extended_len); has_extended = true; @@ -773,10 +773,10 @@ static int CmdFdxBClone(const char *Cmd) { free(bs); PrintAndLogEx(INFO, "Preparing to clone FDX-B to " _YELLOW_("%s") " with animal ID: " _GREEN_("%04u-%"PRIu64) - , cardtype - , country_code - , national_code - ); + , cardtype + , country_code + , national_code + ); print_blocks(blocks, ARRAYLEN(blocks)); int res; @@ -820,7 +820,7 @@ static int CmdFdxBSim(const char *Cmd) { CLIParserFree(ctx); uint32_t extended = 0; - bool has_extended = false; + bool has_extended = false; if (extended_len) { extended = bytes_to_num(edata, extended_len); has_extended = true; diff --git a/client/src/cmdlfgallagher.c b/client/src/cmdlfgallagher.c index cf0488877..12b6b9b49 100644 --- a/client/src/cmdlfgallagher.c +++ b/client/src/cmdlfgallagher.c @@ -233,7 +233,7 @@ static int CmdGallagherClone(const char *Cmd) { static int CmdGallagherSim(const char *Cmd) { - CLIParserContext *ctx; + CLIParserContext *ctx; CLIParserInit(&ctx, "lf gallagher sim", "Enables simulation of GALLAGHER card with specified card number.\n" "Simulation runs until the button is pressed or another USB command is issued.\n", diff --git a/client/src/cmdlfguard.c b/client/src/cmdlfguard.c index ec49b46c5..929079158 100644 --- a/client/src/cmdlfguard.c +++ b/client/src/cmdlfguard.c @@ -226,10 +226,10 @@ static int CmdGuardClone(const char *Cmd) { free(bs); PrintAndLogEx(INFO, "Preparing to clone Guardall to " _YELLOW_("%s") " with Facility Code: " _GREEN_("%u") " Card Number: " _GREEN_("%u") - , cardtype - , facilitycode - , cardnumber - ); + , cardtype + , facilitycode + , cardnumber + ); print_blocks(blocks, ARRAYLEN(blocks)); int res; @@ -281,9 +281,9 @@ static int CmdGuardSim(const char *Cmd) { } PrintAndLogEx(SUCCESS, "Simulating Guardall Prox - Facility Code: " _YELLOW_("%u") " CardNumber: " _YELLOW_("%u") - , facilitycode - , cardnumber - ); + , facilitycode + , cardnumber + ); // Guard uses: clk: 64, invert: 0, encoding: 2 (ASK Biphase) lf_asksim_t *payload = calloc(1, sizeof(lf_asksim_t) + sizeof(bs)); diff --git a/client/src/cmdlfhid.c b/client/src/cmdlfhid.c index 3e10def56..108550539 100644 --- a/client/src/cmdlfhid.c +++ b/client/src/cmdlfhid.c @@ -60,16 +60,16 @@ static int sendTry(uint8_t format_idx, wiegand_card_t *card, uint32_t delay, boo if (HIDPack(format_idx, card, &packed) == false) { PrintAndLogEx(WARNING, "The card data could not be encoded in the selected format."); - return PM3_ESOFT; + return PM3_ESOFT; } if (verbose) { PrintAndLogEx(INFO, "Trying FC: " _YELLOW_("%u") " CN: " _YELLOW_("%"PRIu64) " Issue level: " _YELLOW_("%u") " OEM: " _YELLOW_("%u") - , card->FacilityCode - , card->CardNumber - , card->IssueLevel - , card->OEM - ); + , card->FacilityCode + , card->CardNumber + , card->IssueLevel + , card->OEM + ); } lf_hidsim_t payload; diff --git a/client/src/cmdlfindala.c b/client/src/cmdlfindala.c index df2bd4f46..da2662af1 100644 --- a/client/src/cmdlfindala.c +++ b/client/src/cmdlfindala.c @@ -250,7 +250,7 @@ static int CmdIndalaDemod(const char *Cmd) { "lf indala demod --clock 32 -> demod a Indala tag from GraphBuffer using a clock of RF/32\n" "lf indala demod --clock 32 -i -> demod a Indala tag from GraphBuffer using a clock of RF/32 and inverting data\n" "lf indala demod --clock 64 -i --maxerror 0 -> demod a Indala tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors" - ); + ); void *argtable[] = { arg_param_begin, @@ -281,7 +281,7 @@ static int CmdIndalaDemodAlt(const char *Cmd) { "It's now considered obsolete but remains because it has sometimes its advantages.", "lf indala altdemod\n" "lf indala altdemod --long -> demod a Indala tag from GraphBuffer as 224 bit long format" - ); + ); void *argtable[] = { arg_param_begin, @@ -583,9 +583,9 @@ static int CmdIndalaSim(const char *Cmd) { // lf simpsk 1 c 32 r 2 d 0102030405060708 PrintAndLogEx(SUCCESS, "Simulating " _YELLOW_("%s") " Indala raw " _YELLOW_("%s") - , (is_long_uid) ? "224b" : "64b" - , sprint_hex_inrow(raw, raw_len) - ); + , (is_long_uid) ? "224b" : "64b" + , sprint_hex_inrow(raw, raw_len) + ); PrintAndLogEx(SUCCESS, "Press pm3-button to abort simulation or run another command"); // indala PSK, clock 32, carrier 0 @@ -665,7 +665,7 @@ static int CmdIndalaClone(const char *Cmd) { uint8_t max = 0; uint32_t blocks[8] = {0}; char cardtype[16] = {"T55x7"}; - + if (is_long_uid) { blocks[0] = T55x7_BITRATE_RF_32 | T55x7_MODULATION_PSK2 | (7 << T55x7_MAXBLOCK_SHIFT); @@ -673,7 +673,7 @@ static int CmdIndalaClone(const char *Cmd) { blocks[0] = T5555_FIXED | T5555_SET_BITRATE(32) | T5555_MODULATION_PSK2 | (7 << T5555_MAXBLOCK_SHIFT); snprintf(cardtype, sizeof(cardtype), "Q5/T5555"); } - + if (em) { blocks[0] = EM4305_INDALA_224_CONFIG_BLOCK; snprintf(cardtype, sizeof(cardtype), "EM4305/4469"); @@ -691,9 +691,9 @@ static int CmdIndalaClone(const char *Cmd) { // 224 BIT UID // config for Indala (RF/32;PSK2 with RF/2;Maxblock=7) PrintAndLogEx(INFO, "Preparing to clone Indala 224bit to " _YELLOW_("%s") " raw " _GREEN_("%s") - , cardtype - , sprint_hex_inrow(raw, raw_len) - ); + , cardtype + , sprint_hex_inrow(raw, raw_len) + ); } else { @@ -737,7 +737,7 @@ static int CmdIndalaClone(const char *Cmd) { blocks[0] = T5555_FIXED | T5555_SET_BITRATE(32) | T5555_MODULATION_PSK1 | (2 << T5555_MAXBLOCK_SHIFT); snprintf(cardtype, sizeof(cardtype), "Q5/T5555"); } - + if (em) { blocks[0] = EM4305_INDALA_64_CONFIG_BLOCK; snprintf(cardtype, sizeof(cardtype), "EM4305/4469"); @@ -749,9 +749,9 @@ static int CmdIndalaClone(const char *Cmd) { // config for Indala 64 format (RF/32;PSK1 with RF/2;Maxblock=2) PrintAndLogEx(INFO, "Preparing to clone Indala 64bit to " _YELLOW_("%s") " raw " _GREEN_("%s") - , cardtype - , sprint_hex_inrow(raw, raw_len) - ); + , cardtype + , sprint_hex_inrow(raw, raw_len) + ); } print_blocks(blocks, max); diff --git a/client/src/cmdlfio.c b/client/src/cmdlfio.c index 3adc0ed90..fd9ce6d1d 100644 --- a/client/src/cmdlfio.c +++ b/client/src/cmdlfio.c @@ -318,12 +318,12 @@ static int CmdIOProxClone(const char *Cmd) { blocks[2] = bytebits_to_byte(bits + 32, 32); PrintAndLogEx(INFO, "Preparing to clone ioProx to " _YELLOW_("%s") " with Version: " _GREEN_("%u") " FC: " _GREEN_("%u (0x%02x)") " CN: " _GREEN_("%u") - , cardtype - , version - , fc - , fc - , cn - ); + , cardtype + , version + , fc + , fc + , cn + ); print_blocks(blocks, ARRAYLEN(blocks)); int res; diff --git a/client/src/cmdlfjablotron.c b/client/src/cmdlfjablotron.c index 7e1f81557..6e8a35d2c 100644 --- a/client/src/cmdlfjablotron.c +++ b/client/src/cmdlfjablotron.c @@ -219,11 +219,11 @@ static int CmdJablotronClone(const char *Cmd) { free(bits); - uint64_t id = getJablontronCardId(fullcode); + uint64_t id = getJablontronCardId(fullcode); PrintAndLogEx(INFO, "Preparing to clone Jablotron to " _YELLOW_("%s") " with FullCode: " _GREEN_("%"PRIx64)" id: " _GREEN_("%"PRIx64), cardtype, fullcode, id); print_blocks(blocks, ARRAYLEN(blocks)); - + int res; if (em) { res = em4x05_clone_tag(blocks, ARRAYLEN(blocks), 0, false); diff --git a/client/src/cmdlfmotorola.c b/client/src/cmdlfmotorola.c index 3f2ce059c..336bdf7b2 100644 --- a/client/src/cmdlfmotorola.c +++ b/client/src/cmdlfmotorola.c @@ -264,7 +264,7 @@ static int CmdMotorolaSim(const char *Cmd) { }; CLIExecWithReturn(ctx, Cmd, argtable, true); CLIParserFree(ctx); - + // PSK sim. PrintAndLogEx(INFO, " PSK1 at 66 kHz... Interesting."); PrintAndLogEx(INFO, " To be implemented, feel free to contribute!"); diff --git a/client/src/cmdlfnedap.c b/client/src/cmdlfnedap.c index 1e87c85bf..20cb5eec5 100644 --- a/client/src/cmdlfnedap.c +++ b/client/src/cmdlfnedap.c @@ -145,13 +145,13 @@ int demodNedap(bool verbose) { badgeId = r1 * 10000 + r2 * 1000 + r3 * 100 + r4 * 10 + r5; PrintAndLogEx(SUCCESS, "NEDAP (%s) - ID: " _YELLOW_("%05u") " subtype: " _YELLOW_("%1u")" customer code: " _YELLOW_("%u / 0x%03X") " Raw: " _YELLOW_("%s") - , (size == 128) ? "128b" : "64b" - , badgeId - , subtype - , customerCode - , customerCode - , sprint_hex_inrow(data, size / 8) - ); + , (size == 128) ? "128b" : "64b" + , badgeId + , subtype + , customerCode + , customerCode + , sprint_hex_inrow(data, size / 8) + ); PrintAndLogEx(DEBUG, "Checksum (%s) 0x%04X", _GREEN_("ok"), checksum); } else { @@ -373,7 +373,7 @@ static int CmdLFNedapClone(const char *Cmd) { arg_u64_0(NULL, "st", "", "optional - sub type (default 5)"), arg_u64_1(NULL, "cc", "", "customer code (0-4095)"), arg_u64_1(NULL, "id", "", "ID (0-99999)"), - arg_lit0("l", "long", "optional - long (128), default to short (64)"), + arg_lit0("l", "long", "optional - long (128), default to short (64)"), arg_lit0(NULL, "q5", "optional - specify writing to Q5/T5555 tag"), arg_lit0(NULL, "em", "optional - specify writing to EM4305/4469 tag"), arg_param_end @@ -395,17 +395,17 @@ static int CmdLFNedapClone(const char *Cmd) { } if (sub_type > 0xF) { PrintAndLogEx(FAILED, "out-of-range, valid subtype is between 0-15"); - return PM3_EINVARG; + return PM3_EINVARG; } if (customer_code > 0xFFF) { PrintAndLogEx(FAILED, "out-of-range, valid customer code is between 0-4095"); - return PM3_EINVARG; + return PM3_EINVARG; } if (id > 99999) { PrintAndLogEx(FAILED, "out-of-range, id max value is 99999"); - return PM3_EINVARG; + return PM3_EINVARG; } PrintAndLogEx(SUCCESS, "NEDAP (%s) - ID: " _GREEN_("%05u") " subtype: " _GREEN_("%1u") " customer code: " _GREEN_("%u / 0x%03X") @@ -454,7 +454,7 @@ static int CmdLFNedapClone(const char *Cmd) { NedapGen(sub_type, customer_code, id, is_long, data); for (uint8_t i = 1; i < max ; i++) { - blocks[i] = bytes_to_num (data + ((i - 1) * 4), 4); + blocks[i] = bytes_to_num(data + ((i - 1) * 4), 4); } PrintAndLogEx(SUCCESS, "Preparing to clone NEDAP to " _YELLOW_("%s") " tag", cardtype); @@ -492,7 +492,7 @@ static int CmdLFNedapSim(const char *Cmd) { arg_u64_0(NULL, "st", "", "optional - sub type (default 5)"), arg_u64_1(NULL, "cc", "", "customer code (0-4095)"), arg_u64_1(NULL, "id", "", "ID (0-99999)"), - arg_lit0("l", "long", "optional - long (128), default to short (64)"), + arg_lit0("l", "long", "optional - long (128), default to short (64)"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -502,20 +502,20 @@ static int CmdLFNedapSim(const char *Cmd) { uint32_t id = arg_get_u32_def(ctx, 3, 0); bool is_long = arg_get_lit(ctx, 4); CLIParserFree(ctx); - + if (sub_type > 0xF) { PrintAndLogEx(FAILED, "out-of-range, valid subtype is between 0-15"); - return PM3_EINVARG; + return PM3_EINVARG; } if (customer_code > 0xFFF) { PrintAndLogEx(FAILED, "out-of-range, valid customer code is between 0-4095"); - return PM3_EINVARG; + return PM3_EINVARG; } if (id > 99999) { PrintAndLogEx(FAILED, "out-of-range, id max value is 99999"); - return PM3_EINVARG; + return PM3_EINVARG; } PrintAndLogEx(SUCCESS, "NEDAP (%s) - ID: " _GREEN_("%05u") " subtype: " _GREEN_("%1u") " customer code: " _GREEN_("%u / 0x%03X") diff --git a/client/src/cmdlfpcf7931.c b/client/src/cmdlfpcf7931.c index 48a029e2b..bd744f8ba 100644 --- a/client/src/cmdlfpcf7931.c +++ b/client/src/cmdlfpcf7931.c @@ -125,7 +125,7 @@ static int CmdLFPCF7931Config(const char *Cmd) { } if (pwd_len) { - memcpy(configPcf.Pwd, pwd, sizeof(configPcf.Pwd)); + memcpy(configPcf.Pwd, pwd, sizeof(configPcf.Pwd)); } if (delay != -1) { configPcf.InitDelay = (delay & 0xFFFF); @@ -134,7 +134,7 @@ static int CmdLFPCF7931Config(const char *Cmd) { configPcf.OffsetWidth = (ow & 0xFFFF); } if (op != 0xFFFF) { - configPcf.OffsetPosition =(op & 0xFFFF); + configPcf.OffsetPosition = (op & 0xFFFF); } pcf7931_printConfig(); diff --git a/client/src/cmdlft55xx.c b/client/src/cmdlft55xx.c index a3f5ca20b..d67770ba3 100644 --- a/client/src/cmdlft55xx.c +++ b/client/src/cmdlft55xx.c @@ -2806,7 +2806,7 @@ char *GetModelStrFromCID(uint32_t cid) { } char *GetConfigBlock0Source(uint8_t id) { - + static char buf[40]; char *retStr = buf; diff --git a/client/src/cmdlft55xx.h b/client/src/cmdlft55xx.h index 90fbaa85d..d87194b25 100644 --- a/client/src/cmdlft55xx.h +++ b/client/src/cmdlft55xx.h @@ -129,7 +129,7 @@ typedef struct { notSet = 0x00, autoDetect = 0x01, userSet = 0x02, - tagRead = 0x03, + tagRead = 0x03, } block0Status; enum { RF_8 = 0x00, diff --git a/client/src/cmdlfti.c b/client/src/cmdlfti.c index b02ad2e34..3e8138332 100644 --- a/client/src/cmdlfti.c +++ b/client/src/cmdlfti.c @@ -330,7 +330,7 @@ static int CmdTIWrite(const char *Cmd) { arg_param_begin, arg_str1("r", "raw", "", "raw hex data. 8 bytes max"), arg_str0(NULL, "crc", "", "optional - crc"), - arg_param_end + arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -354,7 +354,7 @@ static int CmdTIWrite(const char *Cmd) { payload.crc = bytes_to_num(crc, crc_len); clearCommandBuffer(); - SendCommandNG(CMD_LF_TI_WRITE, (uint8_t*)&payload, sizeof(payload)); + SendCommandNG(CMD_LF_TI_WRITE, (uint8_t *)&payload, sizeof(payload)); PrintAndLogEx(SUCCESS, "Done"); PrintAndLogEx(HINT, "Hint: try " _YELLOW_("`lf ti reader`") " to verify"); return PM3_SUCCESS; diff --git a/common/commonutil.c b/common/commonutil.c index 70114bba1..802f362d8 100644 --- a/common/commonutil.c +++ b/common/commonutil.c @@ -109,7 +109,7 @@ uint32_t reflect32(uint32_t b) { // swap bytes v = ((v >> 8) & 0x00FF00FF) | ((v & 0x00FF00FF) << 8); // swap 2-byte long pairs - v = ( v >> 16 ) | ( v << 16); + v = (v >> 16) | (v << 16); return v; } diff --git a/common/lfdemod.c b/common/lfdemod.c index 24de41676..171417143 100644 --- a/common/lfdemod.c +++ b/common/lfdemod.c @@ -1082,8 +1082,8 @@ int DetectPSKClock(uint8_t *dest, size_t size, int clock, size_t *firstPhaseShif if (g_debugMode == 2) prnt("DEBUG PSK: firstFullWave: %zu, waveLen: %d", firstFullWave, fullWaveLen); // Avoid autodetect if user selected a clock - for(uint8_t validClk = 1; validClk < 8; validClk++) { - if(clock == clk[validClk]) return(clock); + for (uint8_t validClk = 1; validClk < 8; validClk++) { + if (clock == clk[validClk]) return (clock); } //test each valid clock from greatest to smallest to see which lines up diff --git a/doc/commands.md b/doc/commands.md index 44489d546..58578c26e 100644 --- a/doc/commands.md +++ b/doc/commands.md @@ -38,7 +38,6 @@ Check column "offline" for their availability. |`analyse nuid `|Y |`create NUID from 7byte UID` |`analyse demodbuff `|Y |`Load binary string to demodbuffer` |`analyse freq `|Y |`Calc wave lengths` -|`analyse foo `|Y |`muxer` ### data @@ -143,6 +142,7 @@ Check column "offline" for their availability. |`hf 14a raw `|N |`Send raw hex data to tag` |`hf 14a antifuzz `|N |`Fuzzing the anticollision phase. Warning! Readers may react strange` |`hf 14a config `|N |`Configure 14a settings (use with caution)` +|`hf 14a apdufuzz `|N |`Fuzz APDU - CLA/INS/P1P2` ### hf 14b @@ -248,28 +248,29 @@ Check column "offline" for their availability. |command |offline |description |------- |------- |----------- -|`hf iclass help `|Y |`This help` -|`hf iclass dump `|N |`[options..] Dump Picopass / iCLASS tag to file` -|`hf iclass info `|Y |` Tag information` -|`hf iclass list `|Y |` List iclass history` -|`hf iclass rdbl `|N |`[options..] Read Picopass / iCLASS block` -|`hf iclass reader `|N |` Act like an Picopass / iCLASS reader` -|`hf iclass restore `|N |`[options..] Restore a dump file onto a Picopass / iCLASS tag` -|`hf iclass sniff `|N |` Eavesdrop Picopass / iCLASS communication` -|`hf iclass wrbl `|N |`[options..] Write Picopass / iCLASS block` -|`hf iclass chk `|N |`[options..] Check keys` -|`hf iclass loclass `|Y |`[options..] Use loclass to perform bruteforce reader attack` -|`hf iclass lookup `|Y |`[options..] Uses authentication trace to check for key in dictionary file` -|`hf iclass sim `|N |`[options..] Simulate iCLASS tag` -|`hf iclass eload `|N |`[f ] Load Picopass / iCLASS dump file into emulator memory` -|`hf iclass esave `|N |`[f ] Save emulator memory to file` -|`hf iclass eview `|N |`[options..] View emulator memory` -|`hf iclass calcnewkey `|Y |`[options..] Calc diversified keys (blocks 3 & 4) to write new keys` -|`hf iclass encrypt `|Y |`[options..] Encrypt given block data` -|`hf iclass decrypt `|Y |`[options..] Decrypt given block data or tag dump file` -|`hf iclass managekeys `|Y |`[options..] Manage keys to use with iclass commands` -|`hf iclass permutekey `|N |` Permute function from 'heart of darkness' paper` -|`hf iclass view `|Y |`[options..] Display content from tag dump file` +|`hf iclass help `|Y |` This help` +|`hf iclass dump `|N |`[*] Dump Picopass / iCLASS tag to file` +|`hf iclass info `|Y |` Tag information` +|`hf iclass list `|Y |` List iclass history` +|`hf iclass rdbl `|N |`[*] Read Picopass / iCLASS block` +|`hf iclass reader `|N |` Act like an Picopass / iCLASS reader` +|`hf iclass restore `|N |`[*] Restore a dump file onto a Picopass / iCLASS tag` +|`hf iclass sniff `|N |` Eavesdrop Picopass / iCLASS communication` +|`hf iclass wrbl `|N |`[*] Write Picopass / iCLASS block` +|`hf iclass chk `|N |`[*] Check keys` +|`hf iclass loclass `|Y |`[*] Use loclass to perform bruteforce reader attack` +|`hf iclass lookup `|Y |`[*] Uses authentication trace to check for key in dictionary file` +|`hf iclass sim `|N |`[*] Simulate iCLASS tag` +|`hf iclass eload `|N |`[*] Load Picopass / iCLASS dump file into emulator memory` +|`hf iclass esave `|N |`[*] Save emulator memory to file` +|`hf iclass eview `|N |`[.] View emulator memory` +|`hf iclass calcnewkey `|Y |`[*] Calc diversified keys (blocks 3 & 4) to write new keys` +|`hf iclass encode `|Y |`[*] Encode binary wiegand to block 7` +|`hf iclass encrypt `|Y |`[*] Encrypt given block data` +|`hf iclass decrypt `|Y |`[*] Decrypt given block data or tag dump file` +|`hf iclass managekeys `|Y |`[*] Manage keys to use with iclass commands` +|`hf iclass permutekey `|N |` Permute function from 'heart of darkness' paper` +|`hf iclass view `|Y |`[*] Display content from tag dump file` ### hf legic @@ -577,10 +578,10 @@ Check column "offline" for their availability. |command |offline |description |------- |------- |----------- |`lf em help `|Y |`This help` -|`lf em 410x `|Y |`EM 410x commands...` -|`lf em 4x05 `|Y |`EM 4x05 commands...` -|`lf em 4x50 `|Y |`EM 4x50 commands...` -|`lf em 4x70 `|Y |`EM 4x70 commands...` +|`lf em 410x `|Y |`EM 4102 commands...` +|`lf em 4x05 `|Y |`EM 4205 / 4305 / 4369 / 4469 commands...` +|`lf em 4x50 `|Y |`EM 4350 / 4450 commands...` +|`lf em 4x70 `|Y |`EM 4070 / 4170 commands...` ### lf fdxb @@ -672,9 +673,9 @@ Check column "offline" for their availability. |command |offline |description |------- |------- |----------- |`lf indala help `|Y |`this help` -|`lf indala demod `|Y |`demodulate an indala tag (PSK1) from GraphBuffer` -|`lf indala altdemod `|Y |`alternative method to Demodulate samples for Indala 64 bit UID (option '224' for 224 bit)` -|`lf indala reader `|N |`read an Indala Prox tag from the antenna` +|`lf indala demod `|Y |`demodulate an Indala tag (PSK1) from GraphBuffer` +|`lf indala altdemod `|Y |`alternative method to demodulate samples for Indala 64 bit UID (option '224' for 224 bit)` +|`lf indala reader `|N |`read an Indala tag from the antenna` |`lf indala clone `|N |`clone Indala tag to T55x7 or Q5/T5555` |`lf indala sim `|N |`simulate Indala tag` @@ -686,10 +687,10 @@ Check column "offline" for their availability. |command |offline |description |------- |------- |----------- |`lf io help `|Y |`this help` -|`lf io demod `|Y |`demodulate an IOProx tag from the GraphBuffer` +|`lf io demod `|Y |`demodulate an ioProx tag from the GraphBuffer` |`lf io reader `|N |`attempt to read and extract tag data` -|`lf io clone `|N |`clone IOProx tag to T55x7 or Q5/T5555` -|`lf io sim `|N |`simulate IOProx tag` +|`lf io clone `|N |`clone ioProx tag to T55x7 or Q5/T5555` +|`lf io sim `|N |`simulate ioProx tag` |`lf io watch `|N |`continuously watch for cards. Reader mode` @@ -1001,7 +1002,7 @@ Check column "offline" for their availability. |------- |------- |----------- |`wiegand help `|Y |`This help` |`wiegand list `|Y |`List available wiegand formats` -|`wiegand encode `|Y |`Encode to wiegand raw hex` -|`wiegand decode `|Y |`Convert raw hex to decoded wiegand format` +|`wiegand encode `|Y |`Encode to wiegand raw hex (currently for HID Prox)` +|`wiegand decode `|Y |`Convert raw hex to decoded wiegand format (currently for HID Prox)`