RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-02-28 10:05:13 +08:00
Code Issues Projects Releases Packages Wiki Activity

FIX: 'lf gprox sim' - now correctly simulates gProx

Browse source
This commit is contained in:
iceman1001 2017-08-09 19:59:03 +02:00
parent a4dd4eb5b5
commit 7b050e9afe
2 changed files with 56 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
client/cmdlffdx.c
View file

@ -62,7 +62,6 @@ int usage_lf_fdx_sim(void) {
return 0; return 0;
} }
// Ask/Biphase Demod then try to locate an ISO 11784/85 ID // Ask/Biphase Demod then try to locate an ISO 11784/85 ID
// BitStream must contain previously askrawdemod and biphasedemoded data // BitStream must contain previously askrawdemod and biphasedemoded data
int detectFDXB(uint8_t *dest, size_t *size) { int detectFDXB(uint8_t *dest, size_t *size) {
@ -378,6 +377,7 @@ int CmdFdxSim(const char *Cmd) {
verify_values(countryid, animalid); verify_values(countryid, animalid);
// 32, no STT, BIPHASE INVERTED == diphase
uint8_t clk = 32, encoding = 2, separator = 0, invert = 1; uint8_t clk = 32, encoding = 2, separator = 0, invert = 1;
uint16_t arg1, arg2; uint16_t arg1, arg2;
size_t size = 128; size_t size = 128;

93
client/cmdlfguard.c
View file

@ -140,19 +140,24 @@ int GetGuardBits(uint8_t fmtlen, uint32_t fc, uint32_t cn, uint8_t *guardBits) {
// by marshmellow // by marshmellow
// demod gProxIIDemod // demod gProxIIDemod
// error returns as -x // error returns as -x
// success returns start position in BitStream // success returns start position in bitstream
// BitStream must contain previously askrawdemod and biphasedemoded data // Bitstream must contain previously askrawdemod and biphasedemoded data
int detectGProxII(uint8_t BitStream[], size_t *size) { int detectGProxII(uint8_t *bits, size_t *size) {
size_t startIdx=0;
size_t startIdx = 0;
uint8_t preamble[] = {1,1,1,1,1,0}; uint8_t preamble[] = {1,1,1,1,1,0};
if (!preambleSearch(BitStream, preamble, sizeof(preamble), size, &startIdx)) // sanity check
return -3; //preamble not found if ( *size < sizeof(preamble) ) return -1;
if (!preambleSearch(bits, preamble, sizeof(preamble), size, &startIdx))
return -2; //preamble not found
if (*size != 96) return -2; //should have found 96 bits //gProxII should be 96 bits
if (*size != 96) return -3;
//check first 6 spacer bits to verify format //check first 6 spacer bits to verify format
if (!BitStream[startIdx+5] && !BitStream[startIdx+10] && !BitStream[startIdx+15] && !BitStream[startIdx+20] && !BitStream[startIdx+25] && !BitStream[startIdx+30]){ if (!bits[startIdx+5] && !bits[startIdx+10] && !bits[startIdx+15] && !bits[startIdx+20] && !bits[startIdx+25] && !bits[startIdx+30]){
//confirmed proper separator bits found //confirmed proper separator bits found
//return start position //return start position
return (int) startIdx; return (int) startIdx;
@ -166,30 +171,46 @@ int detectGProxII(uint8_t BitStream[], size_t *size) {
// but will leave the GraphBuffer intact. // but will leave the GraphBuffer intact.
//if successful it will push askraw data back to demod buffer ready for emulation //if successful it will push askraw data back to demod buffer ready for emulation
int CmdGuardDemod(const char *Cmd) { int CmdGuardDemod(const char *Cmd) {
if (!ASKbiphaseDemod(Cmd, false)){
if (g_debugMode) PrintAndLog("DEBUG: Error - gProxII ASKbiphaseDemod failed 1st try"); //Differential Biphase
//get binary from ask wave
if (!ASKbiphaseDemod("0 64 0 0", false)) {
if (g_debugMode) PrintAndLog("DEBUG: Error - gProxII ASKbiphaseDemod failed");
return 0; return 0;
} }
size_t size = DemodBufferLen; size_t size = DemodBufferLen;
//call lfdemod.c demod for gProxII
int ans = detectGProxII(DemodBuffer, &size); int preambleIndex = detectGProxII(DemodBuffer, &size);
if (ans < 0){ if (preambleIndex < 0){
if (g_debugMode) PrintAndLog("DEBUG: Error - gProxII demod"); if (g_debugMode){
if (preambleIndex == -1)
PrintAndLog("DEBUG: Error - gProxII too few bits found");
else if (preambleIndex == -2)
PrintAndLog("DEBUG: Error - gProxII preamble not found");
else if (preambleIndex == -3)
PrintAndLog("DEBUG: Error - gProxII size not correct: %d", size);
else if (preambleIndex == -3)
PrintAndLog("DEBUG: Error - gProxII wrong spacerbits");
else
PrintAndLog("DEBUG: Error - gProxII ans: %d", preambleIndex);
}
return 0; return 0;
} }
//got a good demod of 96 bits //got a good demod of 96 bits
uint8_t ByteStream[8] = {0x00}; uint8_t ByteStream[8] = {0x00};
uint8_t xorKey = 0; uint8_t xorKey = 0;
size_t startIdx = ans + 6; //start after 6 bit preamble size_t startIdx = preambleIndex + 6; //start after 6 bit preamble
uint8_t bits_no_spacer[90]; uint8_t bits_no_spacer[90];
//so as to not mess with raw DemodBuffer copy to a new sample array //so as to not mess with raw DemodBuffer copy to a new sample array
memcpy(bits_no_spacer, DemodBuffer + startIdx, 90); memcpy(bits_no_spacer, DemodBuffer + startIdx, 90);
// remove the 18 (90/5=18) parity bits (down to 72 bits (96-6-18=72)) // remove the 18 (90/5=18) parity bits (down to 72 bits (96-6-18=72))
size_t bitLen = removeParity(bits_no_spacer, 0, 5, 3, 90); //source, startloc, paritylen, ptype, length_to_run size_t len = removeParity(bits_no_spacer, 0, 5, 3, 90); //source, startloc, paritylen, ptype, length_to_run
if (bitLen != 72) { if (len != 72) {
if (g_debugMode) if (g_debugMode)
PrintAndLog("DEBUG: Error - gProxII spacer removal did not produce 72 bits: %u, start: %u", bitLen, startIdx); PrintAndLog("DEBUG: Error - gProxII spacer removal did not produce 72 bits: %u, start: %u", len, startIdx);
return 0; return 0;
} }
// get key and then get all 8 bytes of payload decoded // get key and then get all 8 bytes of payload decoded
@ -198,15 +219,18 @@ int CmdGuardDemod(const char *Cmd) {
ByteStream[idx] = ((uint8_t)bytebits_to_byteLSBF(bits_no_spacer+8 + (idx*8),8)) ^ xorKey; ByteStream[idx] = ((uint8_t)bytebits_to_byteLSBF(bits_no_spacer+8 + (idx*8),8)) ^ xorKey;
if (g_debugMode) PrintAndLog("DEBUG: gProxII byte %u after xor: %02x", (unsigned int)idx, ByteStream[idx]); if (g_debugMode) PrintAndLog("DEBUG: gProxII byte %u after xor: %02x", (unsigned int)idx, ByteStream[idx]);
} }
setDemodBuf(DemodBuffer, 96, preambleIndex);
setClockGrid(g_DemodClock, g_DemodStartIdx + (preambleIndex*g_DemodClock));
//ByteStream contains 8 Bytes (64 bits) of decrypted raw tag data //ByteStream contains 8 Bytes (64 bits) of decrypted raw tag data
uint8_t fmtLen = ByteStream[0]>>2; uint8_t fmtLen = ByteStream[0] >> 2;
uint32_t FC = 0; uint32_t FC = 0;
uint32_t Card = 0; uint32_t Card = 0;
//get raw 96 bits to print //get raw 96 bits to print
uint32_t raw1 = bytebits_to_byte(DemodBuffer+ans,32); uint32_t raw1 = bytebits_to_byte(DemodBuffer,32);
uint32_t raw2 = bytebits_to_byte(DemodBuffer+ans+32, 32); uint32_t raw2 = bytebits_to_byte(DemodBuffer + 32, 32);
uint32_t raw3 = bytebits_to_byte(DemodBuffer+ans+64, 32); uint32_t raw3 = bytebits_to_byte(DemodBuffer + 64, 32);
bool unknown = false; bool unknown = false;
switch(fmtLen) { switch(fmtLen) {
case 36: case 36:
@ -226,8 +250,6 @@ int CmdGuardDemod(const char *Cmd) {
else else
PrintAndLog("Unknown G-Prox-II Fmt Found: Format Len: %u, Raw: %08x%08x%08x", fmtLen, raw1, raw2, raw3); PrintAndLog("Unknown G-Prox-II Fmt Found: Format Len: %u, Raw: %08x%08x%08x", fmtLen, raw1, raw2, raw3);
setDemodBuf(DemodBuffer, 96, ans);
setClockGrid(g_DemodClock, g_DemodStartIdx + (ans*g_DemodClock));
return 1; return 1;
} }
@ -291,17 +313,19 @@ int CmdGuardClone(const char *Cmd) {
int CmdGuardSim(const char *Cmd) { int CmdGuardSim(const char *Cmd) {
// Guard uses: clk: 64, invert: 0, encoding: 2 (ASK Biphase)
uint8_t clock = 64, encoding = 2, separator = 0, invert = 0;
uint32_t facilitycode = 0, cardnumber = 0, fc = 0, cn = 0, fmtlen = 0;
char cmdp = param_getchar(Cmd, 0); char cmdp = param_getchar(Cmd, 0);
if (strlen(Cmd) == 0 || cmdp == 'h' || cmdp == 'H') return usage_lf_guard_sim(); if (strlen(Cmd) == 0 || cmdp == 'h' || cmdp == 'H') return usage_lf_guard_sim();
uint32_t facilitycode = 0, cardnumber = 0, fc = 0, cn = 0, fmtlen = 0;
uint8_t clock = 64, encoding = 2, separator = 0, invert = 0;
uint8_t bs[96];
memset(bs, 0x00, sizeof(bs));
if (sscanf(Cmd, "%u %u %u", &fmtlen, &fc, &cn ) != 3) return usage_lf_guard_sim(); if (sscanf(Cmd, "%u %u %u", &fmtlen, &fc, &cn ) != 3) return usage_lf_guard_sim();
uint8_t bs[96];
size_t size = sizeof(bs);
memset(bs, 0x00, size);
fmtlen &= 0x7F; fmtlen &= 0x7F;
facilitycode = (fc & 0x000000FF); facilitycode = (fc & 0x000000FF);
cardnumber = (cn & 0x0000FFFF); cardnumber = (cn & 0x0000FFFF);
@ -313,19 +337,12 @@ int CmdGuardSim(const char *Cmd) {
PrintAndLog("Simulating Guardall - Facility Code: %u, CardNumber: %u", facilitycode, cardnumber ); PrintAndLog("Simulating Guardall - Facility Code: %u, CardNumber: %u", facilitycode, cardnumber );
// Guard uses: clk: 64, invert: 0, encoding: 2 (ASK Biphase)
uint64_t arg1, arg2; uint64_t arg1, arg2;
arg1 = (clock << 8) | encoding; arg1 = (clock << 8) | encoding;
arg2 = (invert << 8) | separator; arg2 = (invert << 8) | separator;
uint8_t rawbytes[12];
size_t size = sizeof(rawbytes);
for (uint8_t i=0; i < size; ++i){
rawbytes[i] = bytebits_to_byte( bs + (i*8), 8);
}
UsbCommand c = {CMD_ASK_SIM_TAG, {arg1, arg2, size}}; UsbCommand c = {CMD_ASK_SIM_TAG, {arg1, arg2, size}};
memcpy(c.d.asBytes, rawbytes, size ); memcpy(c.d.asBytes, bs, size );
clearCommandBuffer(); clearCommandBuffer();
SendCommand(&c); SendCommand(&c);
return 0; return 0;