From 69e312afe78573297567a4cbb9638e15618276e9 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Mon, 4 Jan 2016 10:13:38 +0100 Subject: [PATCH] ADD: added a Q5 parameter for "lf t55xx wipe", the default config blocks is: t55x7 : 000880E0 t5555 (Q5) : 6001F004 --- client/cmdlft55xx.c | 38 ++++++++++++++++++++++++++++---------- client/cmdlft55xx.h | 16 ++++++++++++++++ 2 files changed, 44 insertions(+), 10 deletions(-) diff --git a/client/cmdlft55xx.c b/client/cmdlft55xx.c index fc76e8983..2f8e2e2f5 100644 --- a/client/cmdlft55xx.c +++ b/client/cmdlft55xx.c @@ -166,7 +166,18 @@ int usage_t55xx_bruteforce(){ PrintAndLog(""); return 0; } - +int usage_t55xx_wipe(){ + PrintAndLog("Usage: lf t55xx wipe [h] [Q5]"); + PrintAndLog("This commands wipes a tag, fills blocks 1-7 with zeros and a default configuration block"); + PrintAndLog("Options:"); + PrintAndLog(" h - this help"); + PrintAndLog(" Q5 - indicates to use the T555 (Q5) default configuration block"); + PrintAndLog(""); + PrintAndLog("Examples:"); + PrintAndLog(" lf t55xx wipe - wipes a t55x7 tag, config block 0x000880E0"); + PrintAndLog(" lf t55xx wipe Q5 - wipes a t5555 Q5 tag, config block 0x6001F004"); + return 0; +} static int CmdHelp(const char *Cmd); void printT5xxHeader(uint8_t page){ @@ -1307,7 +1318,7 @@ void t55x7_create_config_block( int tagtype ){ switch (tagtype){ case 0: snprintf(retStr, sizeof(buf),"%08X - T55X7 Default", T55X7_DEFAULT_CONFIG_BLOCK); break; case 1: snprintf(retStr, sizeof(buf),"%08X - T55X7 Raw", T55X7_RAW_CONFIG_BLOCK); break; - //case 2: snprintf(retStr, sizeof(buf),"%08X - Q5 Default", Q5_DEFAULT_CONFIG_BLOCK); break; + case 2: snprintf(retStr, sizeof(buf),"%08X - T5555 Q5 Default", T5555_DEFAULT_CONFIG_BLOCK); break; default: break; } @@ -1334,21 +1345,28 @@ int CmdResetRead(const char *Cmd) { int CmdT55xxWipe(const char *Cmd) { char writeData[20] = {0}; char *ptrData = writeData; - + char cmdp = param_getchar(Cmd, 0); + if ( cmdp == 'h' || cmdp == 'H') return usage_t55xx_wipe(); + + bool Q5 = (cmdp == 'q' || cmdp == 'Q'); + + // Try with the default password to reset block 0 + // With a pwd should work even if pwd bit not set PrintAndLog("\nBeginning Wipe of a T55xx tag (assuming the tag is not password protected)\n"); + + if ( Q5 ){ + snprintf(ptrData,sizeof(writeData),"b 0 d 6001F004 p 0"); + } else { + snprintf(ptrData,sizeof(writeData),"b 0 d 000880E0 p 0"); + } - //try with the default password to reset block 0 (with a pwd should work even if pwd bit not set) - snprintf(ptrData,sizeof(writeData),"b 0 d 000880E0 p 0"); - - if (!CmdT55xxWriteBlock(ptrData)) - PrintAndLog("Error writing blk 0"); + if (!CmdT55xxWriteBlock(ptrData)) PrintAndLog("Error writing blk 0"); for (uint8_t blk = 1; blk<8; blk++) { snprintf(ptrData,sizeof(writeData),"b %d d 0", blk); - if (!CmdT55xxWriteBlock(ptrData)) - PrintAndLog("Error writing blk %d", blk); + if (!CmdT55xxWriteBlock(ptrData)) PrintAndLog("Error writing blk %d", blk); memset(writeData,0x00, sizeof(writeData)); } diff --git a/client/cmdlft55xx.h b/client/cmdlft55xx.h index f3532ce4a..1771742a0 100644 --- a/client/cmdlft55xx.h +++ b/client/cmdlft55xx.h @@ -31,6 +31,22 @@ #define T55X7_IOPROX_CONFIG_BLOCK 0x00147040 // maxblock 2 #define T55X7_bin 0b0010 +#define T5555_DEFAULT_CONFIG_BLOCK 0x6001F004 // data rate 64 , ask, manchester, 2 data blocks? +enum { + T55x7_RAW = 0x00, + T55x7_DEFAULT = 0x00, + T5555_DEFAULT = 0x01, + EM_UNIQUE = 0x0, + FDBX = 0x02, + HID_26 = 0x03, + INDALA_64 = 0x04, + INDALA_224 = 0x05, + GUARDPROXXII = 0x06, + VIKING = 0x07, + NORALSYS = 0x08, + IOPROX = 0x09, +} t55xx_tag; + typedef struct { uint32_t bl1; uint32_t bl2;