chg: hf 14a sim - uses NG

2025-01-04 07:11:10 +08:00 · 2019-05-26 15:00:49 -04:00 · 2019-05-26 15:00:49 -04:00 · 58bed70ad0
commit 58bed70ad0
parent b05796c7c4
4 changed files with 30 additions and 22 deletions
--- a/armsrc/appmain.c
+++ b/armsrc/appmain.c
@ -1012,7 +1012,7 @@ static void PacketReceived(PacketCommandNG *packet) {

 #ifdef WITH_ISO14443a
        case CMD_SNIFF_ISO_14443a:
-            SniffIso14443a(packet->oldarg[0]);
+            SniffIso14443a(packet->data.asBytes[0]);
            break;
        case CMD_READER_ISO_14443a:
            ReaderIso14443a(packet);
--- a/armsrc/iso14443a.c
+++ b/armsrc/iso14443a.c
@ -626,7 +626,7 @@ void RAMFUNC SniffIso14443a(uint8_t param) {

    if (MF_DBGLEVEL >= MF_DBG_ERROR) {
        Dbprintf("maxDataLen=%d, Uart.state=%x, Uart.len=%d", maxDataLen, Uart.state, Uart.len);
-        Dbprintf("traceLen=%d, Uart.output[0]=%08x", BigBuf_get_traceLen(), (uint32_t)Uart.output[0]);
+        Dbprintf("traceLen=" _YELLOW_("%d")", Uart.output[0]="_YELLOW_("%08x"), BigBuf_get_traceLen(), (uint32_t)Uart.output[0]);
    }
    switch_off();
 }
@ -912,7 +912,7 @@ static bool SimulateIso14443aInit(int tagType, int flags, uint8_t *data, tag_res
        }
        break;
        default: {
-            if (MF_DBGLEVEL >= MF_DBG_ERROR)    Dbprintf("Error: unkown tagtype (%d)", tagType);
+            if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Error: unkown tagtype (%d)", tagType);
            return false;
        }
        break;
@ -957,7 +957,7 @@ static bool SimulateIso14443aInit(int tagType, int flags, uint8_t *data, tag_res
        sak &= 0xFB;
        *cuid = bytes_to_num(data, 4);
    } else {
-        if (MF_DBGLEVEL >= MF_DBG_ERROR)    Dbprintf("[-] ERROR: UID size not defined");
+        if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("[-] ERROR: UID size not defined");
        return false;
    }

@ -1047,7 +1047,7 @@ void SimulateIso14443aTag(uint8_t tagType, uint8_t flags, uint8_t *data) {

    nonces_t ar_nr_nonces[ATTACK_KEY_COUNT]; // for attack types moebius
    memset(ar_nr_nonces, 0x00, sizeof(ar_nr_nonces));
-    uint8_t    moebius_count = 0;
+    uint8_t moebius_count = 0;

    // command buffers
    uint8_t receivedCmd[MAX_FRAME_SIZE] = { 0x00 };
@ -1069,9 +1069,9 @@ void SimulateIso14443aTag(uint8_t tagType, uint8_t flags, uint8_t *data) {
    // free eventually allocated BigBuf memory but keep Emulator Memory
    BigBuf_free_keep_EM();

-
    if (SimulateIso14443aInit(tagType, flags, data, &responses, &cuid, counters, tearings, &pages) == false) {
        BigBuf_free_keep_EM();
+        reply_ng(CMD_SIMULATE_MIFARE_CARD, PM3_EINIT, NULL, 0);
        return;
    }

@ -1095,6 +1095,8 @@ void SimulateIso14443aTag(uint8_t tagType, uint8_t flags, uint8_t *data) {
    int order = ORDER_NONE;
    int lastorder;

+    int retval = PM3_SUCCESS;
+    
    // Just to allow some checks
    int happened = 0;
    int happened2 = 0;
@ -1113,6 +1115,7 @@ void SimulateIso14443aTag(uint8_t tagType, uint8_t flags, uint8_t *data) {
        // Clean receive command buffer
        if (!GetIso14443aCommandFromReader(receivedCmd, receivedCmdPar, &len)) {
            Dbprintf("Emulator stopped.  Trace length: %d ", BigBuf_get_traceLen());
+            retval = PM3_EOPABORTED;
            break;
        }
        p_response = NULL;
@ -1189,8 +1192,8 @@ void SimulateIso14443aTag(uint8_t tagType, uint8_t flags, uint8_t *data) {
                        ar_nr_nonces[index].ar2 = ar;
                        ar_nr_nonces[index].state = SECOND;

-                        // send to client
-                        reply_old(CMD_ACK, CMD_SIMULATE_MIFARE_CARD, 0, 0, &ar_nr_nonces[index], sizeof(nonces_t));
+                        // send to client  (one struct nonces_t)
+                        reply_ng(CMD_SIMULATE_MIFARE_CARD, PM3_SUCCESS, (uint8_t*)&ar_nr_nonces[index], sizeof(nonces_t) );

                        ar_nr_nonces[index].state = EMPTY;
                        ar_nr_nonces[index].sector = 0;
@ -1503,7 +1506,6 @@ void SimulateIso14443aTag(uint8_t tagType, uint8_t flags, uint8_t *data) {
        }
    }

-    reply_old(CMD_ACK, 1, 0, 0, 0, 0);
    switch_off();

    set_tracing(false);
@ -1515,6 +1517,8 @@ void SimulateIso14443aTag(uint8_t tagType, uint8_t flags, uint8_t *data) {
        Dbprintf("-[ Num of received cmd  [%d]", cmdsRecvd);
        Dbprintf("-[ Num of moebius tries [%d]", moebius_count);
    }
+    
+    reply_ng(CMD_SIMULATE_MIFARE_CARD, retval, NULL, 0);
 }

 // prepare a delayed transfer. This simply shifts ToSend[] by a number
--- a/client/cmdhf14a.c
+++ b/client/cmdhf14a.c
@ -414,7 +414,6 @@ int CmdHF14ASim(const char *Cmd) {
    bool setEmulatorMem = false;
    bool verbose = false;
    bool errors = false;
-    nonces_t data[1];

    while (param_getchar(Cmd, cmdp) != 0x00 && !errors) {
        switch (tolower(param_getchar(Cmd, cmdp))) {
@ -491,29 +490,32 @@ int CmdHF14ASim(const char *Cmd) {
    PrintAndLogEx(SUCCESS, "press pm3-button to abort simulation");

    while (!ukbhit()) {
-        if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) continue;
-        if (!(flags & FLAG_NR_AR_ATTACK)) break;
-        if ((resp.oldarg[0] & 0xffff) != CMD_SIMULATE_MIFARE_CARD) break;
-
-        memcpy(data, resp.data.asBytes, sizeof(data));
+        if (WaitForResponseTimeout(CMD_SIMULATE_MIFARE_CARD, &resp, 1500) == 0) continue;
+        if (resp.status != PM3_SUCCESS) break;
+        
+        if ((flags & FLAG_NR_AR_ATTACK) != FLAG_NR_AR_ATTACK) break;
+        
+        nonces_t *data = (nonces_t*)resp.data.asBytes;
        readerAttack(data[0], setEmulatorMem, verbose);
    }
-    showSectorTable();
-    return 0;
+    if (resp.status == PM3_EOPABORTED && ((flags & FLAG_NR_AR_ATTACK) == FLAG_NR_AR_ATTACK) )
+        showSectorTable();
+
+    PrintAndLogEx(INFO, "Done");
+    return PM3_SUCCESS;
 }

 int CmdHF14ASniff(const char *Cmd) {
-    int param = 0;
-    uint8_t ctmp;
-    for (int i = 0; i < 2; i++) {
+    uint8_t param = 0, ctmp;
+    for (uint8_t i = 0; i < 2; i++) {
        ctmp = tolower(param_getchar(Cmd, i));
        if (ctmp == 'h') return usage_hf_14a_sniff();
        if (ctmp == 'c') param |= 0x01;
        if (ctmp == 'r') param |= 0x02;
    }
    clearCommandBuffer();
-    SendCommandMIX(CMD_SNIFF_ISO_14443a, param, 0, 0, NULL, 0);
-    return 0;
+    SendCommandNG(CMD_SNIFF_ISO_14443a, (uint8_t *)&param, sizeof(uint8_t));
+    return PM3_SUCCESS;
 }

 int ExchangeRAW14a(uint8_t *datain, int datainlen, bool activateField, bool leaveSignalON, uint8_t *dataout, int maxdataoutlen, int *dataoutlen) {
--- a/include/pm3_cmd.h
+++ b/include/pm3_cmd.h
@ -494,6 +494,8 @@ typedef struct {
 #define PM3_EFILE             -13
 // Generic TTY error
 #define PM3_ENOTTY            -14
+// Initialization error                 pm3:        error related to trying to initalize the pm3 / fpga for different operations
+#define PM3_EINIT             -15
 // No data                              pm3:        no data available, no host frame available (not really an error)
 #define PM3_ENODATA           -98
 // Quit program                         client:     reserved, order to quit the program