RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2024-09-20 15:26:13 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into standalone-mfc-rewrite

Browse source 
Signed-off-by: Iceman <iceman@iuse.se>
This commit is contained in:
Iceman 2024-05-12 17:19:00 +02:00 committed by GitHub
parent 8c2f8f53b9 d714902fc0
commit 7b64e0ca34
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
8 changed files with 143 additions and 113 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
.github/workflows/macos.yml vendored
View file

@ -21,6 +21,10 @@ jobs:
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Set Git http.postBuffer to something high - name: Set Git http.postBuffer to something high
run: git config --global http.postBuffer 524288000 run: git config --global http.postBuffer 524288000
@ -39,10 +43,7 @@ jobs:
continue-on-error: true continue-on-error: true
- name: Install Python dependencies - name: Install Python dependencies
run: | run: pip install -r tools/requirements.txt
python3 -m pip install --upgrade pip
python3 -m pip install setuptools ansicolors sslcrypto
if [ -f requirements.txt ]; then python3 -m pip install -r requirements.txt; fi
- name: make clean - name: make clean
run: make clean run: make clean
@ -61,6 +62,10 @@ jobs:
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Set Git http.postBuffer to something high - name: Set Git http.postBuffer to something high
run: git config --global http.postBuffer 524288000 run: git config --global http.postBuffer 524288000
@ -79,10 +84,7 @@ jobs:
continue-on-error: true continue-on-error: true
- name: Install Python dependencies - name: Install Python dependencies
run: | run: pip install -r tools/requirements.txt
python3 -m pip install --upgrade pip
python3 -m pip install setuptools ansicolors sslcrypto
if [ -f requirements.txt ]; then python3 -m pip install -r requirements.txt; fi
- name: make clean - name: make clean
run: make clean run: make clean
@ -102,6 +104,10 @@ jobs:
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Set Git http.postBuffer to something high - name: Set Git http.postBuffer to something high
run: git config --global http.postBuffer 524288000 run: git config --global http.postBuffer 524288000
@ -120,10 +126,7 @@ jobs:
continue-on-error: true continue-on-error: true
- name: Install Python dependencies - name: Install Python dependencies
run: | run: pip install -r tools/requirements.txt
python3 -m pip install --upgrade pip
python3 -m pip install setuptools ansicolors sslcrypto
if [ -f requirements.txt ]; then python3 -m pip install -r requirements.txt; fi
- name: Prepare Build Folders - name: Prepare Build Folders
run: | run: |

30
.github/workflows/ubuntu.yml vendored
View file

@ -22,6 +22,10 @@ jobs:
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Update apt repos - name: Update apt repos
run: sudo apt-get update run: sudo apt-get update
@ -29,11 +33,7 @@ jobs:
run: sudo apt-get install -yqq make autoconf build-essential ca-certificates pkg-config libreadline-dev gcc-arm-none-eabi libnewlib-dev qtbase5-dev libbz2-dev liblz4-dev libbluetooth-dev libpython3-dev python3 python3-dev libpython3-all-dev liblua5.2-dev liblua5.2-0 lua5.2 sed libssl-dev libgd-dev run: sudo apt-get install -yqq make autoconf build-essential ca-certificates pkg-config libreadline-dev gcc-arm-none-eabi libnewlib-dev qtbase5-dev libbz2-dev liblz4-dev libbluetooth-dev libpython3-dev python3 python3-dev libpython3-all-dev liblua5.2-dev liblua5.2-0 lua5.2 sed libssl-dev libgd-dev
- name: Install Python dependencies - name: Install Python dependencies
run: | run: pip install -r tools/requirements.txt
python3 -m pip install --upgrade pip
python3 -m pip install setuptools
python3 -m pip install ansicolors sslcrypto
if [ -f requirements.txt ]; then python3 -m pip install -r requirements.txt; fi
- name: make clean - name: make clean
run: make clean run: make clean
@ -52,6 +52,10 @@ jobs:
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Update apt repos - name: Update apt repos
run: sudo apt-get update run: sudo apt-get update
@ -59,11 +63,7 @@ jobs:
run: sudo apt-get install -yqq make autoconf build-essential ca-certificates pkg-config libreadline-dev gcc-arm-none-eabi libnewlib-dev qtbase5-dev libbz2-dev liblz4-dev libbluetooth-dev libpython3-dev python3 python3-dev libpython3-all-dev liblua5.2-dev liblua5.2-0 lua5.2 sed libssl-dev libgd-dev run: sudo apt-get install -yqq make autoconf build-essential ca-certificates pkg-config libreadline-dev gcc-arm-none-eabi libnewlib-dev qtbase5-dev libbz2-dev liblz4-dev libbluetooth-dev libpython3-dev python3 python3-dev libpython3-all-dev liblua5.2-dev liblua5.2-0 lua5.2 sed libssl-dev libgd-dev
- name: Install Python dependencies - name: Install Python dependencies
run: | run: pip install -r tools/requirements.txt
python3 -m pip install --upgrade pip
python3 -m pip install setuptools
python3 -m pip install ansicolors sslcrypto
if [ -f requirements.txt ]; then python3 -m pip install -r requirements.txt; fi
- name: make clean - name: make clean
run: make clean run: make clean
@ -83,6 +83,10 @@ jobs:
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Update apt repos - name: Update apt repos
run: sudo apt-get update run: sudo apt-get update
@ -90,11 +94,7 @@ jobs:
run: sudo apt-get install -yqq make autoconf build-essential ca-certificates pkg-config libreadline-dev gcc-arm-none-eabi libnewlib-dev qtbase5-dev libbz2-dev liblz4-dev libbluetooth-dev libpython3-dev python3 python3-dev libpython3-all-dev liblua5.2-dev liblua5.2-0 lua5.2 sed libssl-dev libgd-dev run: sudo apt-get install -yqq make autoconf build-essential ca-certificates pkg-config libreadline-dev gcc-arm-none-eabi libnewlib-dev qtbase5-dev libbz2-dev liblz4-dev libbluetooth-dev libpython3-dev python3 python3-dev libpython3-all-dev liblua5.2-dev liblua5.2-0 lua5.2 sed libssl-dev libgd-dev
- name: Install Python dependencies - name: Install Python dependencies
run: | run: pip install -r tools/requirements.txt
python3 -m pip install --upgrade pip
python3 -m pip install setuptools
python3 -m pip install ansicolors sslcrypto
if [ -f requirements.txt ]; then python3 -m pip install -r requirements.txt; fi
- name: Prepare Build Folders - name: Prepare Build Folders
run: | run: |

3
CHANGELOG.md
View file

@ -3,6 +3,8 @@ All notable changes to this project will be documented in this file.
This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...
## [unreleased][unreleased] ## [unreleased][unreleased]
- Changed standalone mode HF_MATTYRUN - support more card sizes, user dictionaries, improved emulation (@michaelroland)
- Added AIDs `002000` and `FF30FF` from Metrolinx Presto Card (@RunTheBot)
- Added `lf hitag crack2` - WIP. Trying to add the second attack vector against Hitag2 (@iceman1001) - Added `lf hitag crack2` - WIP. Trying to add the second attack vector against Hitag2 (@iceman1001)
- Changed `hf 14b reader --plot` - made the anticollision signal trace download optional (@iceman1001) - Changed `hf 14b reader --plot` - made the anticollision signal trace download optional (@iceman1001)
- Added `lf_hitag_crypto.trace` - trace file of a complete read out of a Hitag2 in crypto mode (@iceman1001) - Added `lf_hitag_crypto.trace` - trace file of a complete read out of a Hitag2 in crypto mode (@iceman1001)
@ -32,7 +34,6 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
- Changed `data load` - now shows loaded number as comma printed. (@iceman1001) - Changed `data load` - now shows loaded number as comma printed. (@iceman1001)
- Updated `/tools/hitag2crack/common/OpenCL-Headers/CL` with latest from KhronosGroup github page (@iceman1001) - Updated `/tools/hitag2crack/common/OpenCL-Headers/CL` with latest from KhronosGroup github page (@iceman1001)
- Fixed `lf hitag list` - improved HITAG2 protocol annotation (@iceman1001) - Fixed `lf hitag list` - improved HITAG2 protocol annotation (@iceman1001)
- Changed standalone mode HF_MATTYRUN - support more card sizes, user dictionaries, improved emulation (@michaelroland)
## [Zenith.4.18340][2024-03-20] ## [Zenith.4.18340][2024-03-20]
- Changed `hf mf info` - some detections (@iceman1001) - Changed `hf mf info` - some detections (@iceman1001)

93
armsrc/em4x70.c
View file

@ -581,11 +581,6 @@ static bool send_command_and_read(uint8_t command, uint8_t *bytes, size_t length
Dbprintf("Invalid data received length: %d, expected %d", len, out_length_bits); Dbprintf("Invalid data received length: %d, expected %d", len, out_length_bits);
return false; return false;
} }
// TODO: Figure out why getting an extra bit (quite often) here
// e.g., write block and info commands both reach here and output:
// [#] Should have a multiple of 8 bits, was sent 33
// [#] Should have a multiple of 8 bits, was sent 65
// Extra bits are currently just dropped, with no ill effect noticed.
bits2bytes(bits, len, bytes); bits2bytes(bits, len, bytes);
return true; return true;
} }
@ -617,7 +612,6 @@ static bool em4x70_read_um1(void) {
} }
/** /**
* em4x70_read_um2 * em4x70_read_um2
* *
@ -725,7 +719,7 @@ static int em4x70_receive(uint8_t *bits, size_t length) {
void em4x70_info(const em4x70_data_t *etd, bool ledcontrol) { void em4x70_info(const em4x70_data_t *etd, bool ledcontrol) {
uint8_t status = 0; bool success = false;
// Support tags with and without command parity bits // Support tags with and without command parity bits
command_parity = etd->parity; command_parity = etd->parity;
@ -736,20 +730,27 @@ void em4x70_info(const em4x70_data_t *etd, bool ledcontrol) {
// Find the Tag // Find the Tag
if (get_signalproperties() && find_em4x70_tag()) { if (get_signalproperties() && find_em4x70_tag()) {
// Read ID, UM1 and UM2 // Read ID, UM1 and UM2
status = em4x70_read_id() && em4x70_read_um1() && em4x70_read_um2(); success = em4x70_read_id() && em4x70_read_um1() && em4x70_read_um2();
} }
StopTicks(); StopTicks();
lf_finalize(ledcontrol); lf_finalize(ledcontrol);
int status = success ? PM3_SUCCESS : PM3_ESOFT;
reply_ng(CMD_LF_EM4X70_INFO, status, tag.data, sizeof(tag.data)); reply_ng(CMD_LF_EM4X70_INFO, status, tag.data, sizeof(tag.data));
} }
void em4x70_write(const em4x70_data_t *etd, bool ledcontrol) { void em4x70_write(const em4x70_data_t *etd, bool ledcontrol) {
int status = PM3_ESOFT;
uint8_t status = 0;
command_parity = etd->parity; command_parity = etd->parity;
// Disable to prevent sending corrupted data to the tag.
if (command_parity) {
Dbprintf("Use of `--par` option with `lf em 4x70 write` is disabled to prevent corrupting tag data");
reply_ng(CMD_LF_EM4X70_WRITE, PM3_ENOTIMPL, NULL, 0);
return;
}
init_tag(); init_tag();
em4x70_setup_read(); em4x70_setup_read();
@ -757,16 +758,15 @@ void em4x70_write(const em4x70_data_t *etd, bool ledcontrol) {
if (get_signalproperties() && find_em4x70_tag()) { if (get_signalproperties() && find_em4x70_tag()) {
// Write // Write
status = write(etd->word, etd->address) == PM3_SUCCESS; status = write(etd->word, etd->address);
if (status) { if (status == PM3_SUCCESS) {
// Read Tag after writing // Read Tag after writing
if (em4x70_read_id()) { if (em4x70_read_id()) {
em4x70_read_um1(); em4x70_read_um1();
em4x70_read_um2(); em4x70_read_um2();
} }
} }
} }
StopTicks(); StopTicks();
@ -776,7 +776,7 @@ void em4x70_write(const em4x70_data_t *etd, bool ledcontrol) {
void em4x70_unlock(const em4x70_data_t *etd, bool ledcontrol) { void em4x70_unlock(const em4x70_data_t *etd, bool ledcontrol) {
uint8_t status = 0; int status = PM3_ESOFT;
command_parity = etd->parity; command_parity = etd->parity;
@ -790,10 +790,10 @@ void em4x70_unlock(const em4x70_data_t *etd, bool ledcontrol) {
if (em4x70_read_id()) { if (em4x70_read_id()) {
// Send PIN // Send PIN
status = send_pin(etd->pin) == PM3_SUCCESS; status = send_pin(etd->pin);
// If the write succeeded, read the rest of the tag // If the write succeeded, read the rest of the tag
if (status) { if (status == PM3_SUCCESS) {
// Read Tag // Read Tag
// ID doesn't change // ID doesn't change
em4x70_read_um1(); em4x70_read_um1();
@ -809,11 +809,19 @@ void em4x70_unlock(const em4x70_data_t *etd, bool ledcontrol) {
void em4x70_auth(const em4x70_data_t *etd, bool ledcontrol) { void em4x70_auth(const em4x70_data_t *etd, bool ledcontrol) {
uint8_t status = 0; int status = PM3_ESOFT;
uint8_t response[3] = {0}; uint8_t response[3] = {0};
command_parity = etd->parity; command_parity = etd->parity;
// Disable to prevent sending corrupted data to the tag.
if (command_parity) {
Dbprintf("Use of `--par` option with `lf em 4x70 auth` is disabled to prevent corrupting tag data");
reply_ng(CMD_LF_EM4X70_WRITE, PM3_ENOTIMPL, NULL, 0);
return;
}
init_tag(); init_tag();
em4x70_setup_read(); em4x70_setup_read();
@ -821,7 +829,7 @@ void em4x70_auth(const em4x70_data_t *etd, bool ledcontrol) {
if (get_signalproperties() && find_em4x70_tag()) { if (get_signalproperties() && find_em4x70_tag()) {
// Authenticate and get tag response // Authenticate and get tag response
status = authenticate(etd->rnd, etd->frnd, response) == PM3_SUCCESS; status = authenticate(etd->rnd, etd->frnd, response);
} }
StopTicks(); StopTicks();
@ -830,11 +838,18 @@ void em4x70_auth(const em4x70_data_t *etd, bool ledcontrol) {
} }
void em4x70_brute(const em4x70_data_t *etd, bool ledcontrol) { void em4x70_brute(const em4x70_data_t *etd, bool ledcontrol) {
uint8_t status = 0; int status = PM3_ESOFT;
uint8_t response[2] = {0}; uint8_t response[2] = {0};
command_parity = etd->parity; command_parity = etd->parity;
// Disable to prevent sending corrupted data to the tag.
if (command_parity) {
Dbprintf("Use of `--par` option with `lf em 4x70 brute` is disabled to prevent corrupting tag data");
reply_ng(CMD_LF_EM4X70_WRITE, PM3_ENOTIMPL, NULL, 0);
return;
}
init_tag(); init_tag();
em4x70_setup_read(); em4x70_setup_read();
@ -842,7 +857,7 @@ void em4x70_brute(const em4x70_data_t *etd, bool ledcontrol) {
if (get_signalproperties() && find_em4x70_tag()) { if (get_signalproperties() && find_em4x70_tag()) {
// Bruteforce partial key // Bruteforce partial key
status = bruteforce(etd->address, etd->rnd, etd->frnd, etd->start_key, response) == PM3_SUCCESS; status = bruteforce(etd->address, etd->rnd, etd->frnd, etd->start_key, response);
} }
StopTicks(); StopTicks();
@ -852,10 +867,17 @@ void em4x70_brute(const em4x70_data_t *etd, bool ledcontrol) {
void em4x70_write_pin(const em4x70_data_t *etd, bool ledcontrol) { void em4x70_write_pin(const em4x70_data_t *etd, bool ledcontrol) {
uint8_t status = 0; int status = PM3_ESOFT;
command_parity = etd->parity; command_parity = etd->parity;
// Disable to prevent sending corrupted data to the tag.
if (command_parity) {
Dbprintf("Use of `--par` option with `lf em 4x70 setpin` is disabled to prevent corrupting tag data");
reply_ng(CMD_LF_EM4X70_WRITE, PM3_ENOTIMPL, NULL, 0);
return;
}
init_tag(); init_tag();
em4x70_setup_read(); em4x70_setup_read();
@ -865,17 +887,19 @@ void em4x70_write_pin(const em4x70_data_t *etd, bool ledcontrol) {
// Read ID (required for send_pin command) // Read ID (required for send_pin command)
if (em4x70_read_id()) { if (em4x70_read_id()) {
// Write new PIN // Write the pin
if ((write((etd->pin) & 0xFFFF, EM4X70_PIN_WORD_UPPER) == PM3_SUCCESS) && status = write((etd->pin) & 0xFFFF, EM4X70_PIN_WORD_UPPER);
(write((etd->pin >> 16) & 0xFFFF, EM4X70_PIN_WORD_LOWER) == PM3_SUCCESS)) { if (status == PM3_SUCCESS) {
status = write((etd->pin >> 16) & 0xFFFF, EM4X70_PIN_WORD_LOWER);
}
if (status == PM3_SUCCESS) {
// Now Try to authenticate using the new PIN // Now Try to authenticate using the new PIN
// Send PIN // Send PIN
status = send_pin(etd->pin) == PM3_SUCCESS; status = send_pin(etd->pin);
// If the write succeeded, read the rest of the tag // If the write succeeded, read the rest of the tag
if (status) { if (status == PM3_SUCCESS) {
// Read Tag // Read Tag
// ID doesn't change // ID doesn't change
em4x70_read_um1(); em4x70_read_um1();
@ -892,10 +916,17 @@ void em4x70_write_pin(const em4x70_data_t *etd, bool ledcontrol) {
void em4x70_write_key(const em4x70_data_t *etd, bool ledcontrol) { void em4x70_write_key(const em4x70_data_t *etd, bool ledcontrol) {
uint8_t status = 0; int status = PM3_ESOFT;
command_parity = etd->parity; command_parity = etd->parity;
// Disable to prevent sending corrupted data to the tag.
if (command_parity) {
Dbprintf("Use of `--par` option with `lf em 4x70 setkey` is disabled to prevent corrupting tag data");
reply_ng(CMD_LF_EM4X70_WRITE, PM3_ENOTIMPL, NULL, 0);
return;
}
init_tag(); init_tag();
em4x70_setup_read(); em4x70_setup_read();
@ -904,15 +935,15 @@ void em4x70_write_key(const em4x70_data_t *etd, bool ledcontrol) {
// Read ID to ensure we can write to card // Read ID to ensure we can write to card
if (em4x70_read_id()) { if (em4x70_read_id()) {
status = 1; status = PM3_SUCCESS;
// Write each crypto block // Write each crypto block
for (int i = 0; i < 6; i++) { for (int i = 0; i < 6; i++) {
uint16_t key_word = (etd->crypt_key[(i * 2) + 1] << 8) + etd->crypt_key[i * 2]; uint16_t key_word = (etd->crypt_key[(i * 2) + 1] << 8) + etd->crypt_key[i * 2];
// Write each word, abort if any failure occurs // Write each word, abort if any failure occurs
if (write(key_word, 9 - i) != PM3_SUCCESS) { status = write(key_word, 9 - i);
status = 0; if (status != PM3_SUCCESS) {
break; break;
} }
} }

16
client/resources/aid_desfire.json
View file

@ -567,5 +567,21 @@
"Name": "Prima FlexAir Access Control", "Name": "Prima FlexAir Access Control",
"Description": "FIDs: 00 - DRM, 01 - Access Event Log, 04 - Access Permissions", "Description": "FIDs: 00 - DRM, 01 - Access Event Log, 04 - Access Permissions",
"Type": "pacs" "Type": "pacs"
},
{
"AID": "FF30FF",
"Vendor": "Metrolinx",
"Country": "CA",
"Name": "Presto Card",
"Description": "",
"Type": "transport"
},
{
"AID": "002000",
"Vendor": "Metrolinx",
"Country": "CA",
"Name": "Presto Card",
"Description": "",
"Type": "transport"
} }
] ]

61
client/src/cmdlfem4x70.c
View file

@ -225,14 +225,10 @@ static int get_em4x70_info(const em4x70_cmd_input_info_t *opts, em4x70_tag_info_
if (WaitForResponseTimeout(CMD_LF_EM4X70_INFO, &resp, TIMEOUT) == false) { if (WaitForResponseTimeout(CMD_LF_EM4X70_INFO, &resp, TIMEOUT) == false) {
return PM3_ETIMEOUT; return PM3_ETIMEOUT;
} }
if (resp.status == PM3_SUCCESS) {
//iceman: prefer to have specific return code check.
// like resp.status != PM3_SUCCESS if looking for failure
if (resp.status) {
memcpy(data_out, resp.data.asBytes, sizeof(em4x70_tag_info_t)); memcpy(data_out, resp.data.asBytes, sizeof(em4x70_tag_info_t));
return PM3_SUCCESS;
} }
return PM3_ESOFT; return resp.status;
} }
static int writeblock_em4x70(const em4x70_cmd_input_writeblock_t *opts, em4x70_tag_info_t *data_out) { static int writeblock_em4x70(const em4x70_cmd_input_writeblock_t *opts, em4x70_tag_info_t *data_out) {
@ -251,14 +247,10 @@ static int writeblock_em4x70(const em4x70_cmd_input_writeblock_t *opts, em4x70_t
if (WaitForResponseTimeout(CMD_LF_EM4X70_WRITE, &resp, TIMEOUT) == false) { if (WaitForResponseTimeout(CMD_LF_EM4X70_WRITE, &resp, TIMEOUT) == false) {
return PM3_ETIMEOUT; return PM3_ETIMEOUT;
} }
if (resp.status == PM3_SUCCESS) {
//iceman: prefer to have specific return code check.
// like resp.status != PM3_SUCCESS if looking for failure
if (resp.status) {
memcpy(data_out, resp.data.asBytes, sizeof(em4x70_tag_info_t)); memcpy(data_out, resp.data.asBytes, sizeof(em4x70_tag_info_t));
return PM3_SUCCESS;
} }
return PM3_ESOFT; return resp.status;
} }
static int auth_em4x70(const em4x70_cmd_input_auth_t *opts, em4x70_cmd_output_auth_t *data_out) { static int auth_em4x70(const em4x70_cmd_input_auth_t *opts, em4x70_cmd_output_auth_t *data_out) {
@ -276,20 +268,15 @@ static int auth_em4x70(const em4x70_cmd_input_auth_t *opts, em4x70_cmd_output_au
if (WaitForResponseTimeout(CMD_LF_EM4X70_AUTH, &resp, TIMEOUT) == false) { if (WaitForResponseTimeout(CMD_LF_EM4X70_AUTH, &resp, TIMEOUT) == false) {
return PM3_ETIMEOUT; return PM3_ETIMEOUT;
} }
if (resp.status == PM3_SUCCESS) {
//iceman: prefer to have specific return code check.
// like resp.status != PM3_SUCCESS if looking for failure
if (resp.status) {
// Response is 20-bit from tag // Response is 20-bit from tag
// HACKHACK -- It appears the byte order differs from what is expected? // HACKHACK -- It appears the byte order differs from what is expected?
data_out->grn.grn[0] = resp.data.asBytes[2]; data_out->grn.grn[0] = resp.data.asBytes[2];
data_out->grn.grn[1] = resp.data.asBytes[1]; data_out->grn.grn[1] = resp.data.asBytes[1];
data_out->grn.grn[2] = resp.data.asBytes[0]; data_out->grn.grn[2] = resp.data.asBytes[0];
//memcpy(data_out, &resp.data.asBytes[0], sizeof(ID48LIB_GRN)); //memcpy(data_out, &resp.data.asBytes[0], sizeof(ID48LIB_GRN));
return PM3_SUCCESS;
} }
return PM3_ESOFT; return resp.status;
} }
static int setkey_em4x70(const em4x70_cmd_input_setkey_t *opts) { static int setkey_em4x70(const em4x70_cmd_input_setkey_t *opts) {
@ -305,13 +292,7 @@ static int setkey_em4x70(const em4x70_cmd_input_setkey_t *opts) {
if (WaitForResponseTimeout(CMD_LF_EM4X70_SETKEY, &resp, TIMEOUT) == false) { if (WaitForResponseTimeout(CMD_LF_EM4X70_SETKEY, &resp, TIMEOUT) == false) {
return PM3_ETIMEOUT; return PM3_ETIMEOUT;
} }
return resp.status;
//iceman: prefer to have specific return code check.
// like resp.status != PM3_SUCCESS if looking for failure
if (resp.status) {
return PM3_SUCCESS;
}
return PM3_ESOFT;
} }
static int brute_em4x70(const em4x70_cmd_input_brute_t *opts, em4x70_cmd_output_brute_t *data_out) { static int brute_em4x70(const em4x70_cmd_input_brute_t *opts, em4x70_cmd_output_brute_t *data_out) {
@ -346,14 +327,10 @@ static int brute_em4x70(const em4x70_cmd_input_brute_t *opts, em4x70_cmd_output_
} }
if (WaitForResponseTimeout(CMD_LF_EM4X70_BRUTE, &resp, TIMEOUT)) { if (WaitForResponseTimeout(CMD_LF_EM4X70_BRUTE, &resp, TIMEOUT)) {
if (resp.status == PM3_SUCCESS) {
//iceman: prefer to have specific return code check.
// like resp.status != PM3_SUCCESS if looking for failure
if (resp.status) {
memcpy(data_out, resp.data.asBytes, sizeof(em4x70_cmd_output_brute_t)); memcpy(data_out, resp.data.asBytes, sizeof(em4x70_cmd_output_brute_t));
return PM3_SUCCESS;
} }
return PM3_ESOFT; return resp.status;
} }
// NOTE: It takes about 11 seconds per 0x0100 authentication attempts. // NOTE: It takes about 11 seconds per 0x0100 authentication attempts.
@ -383,15 +360,10 @@ static int unlock_em4x70(const em4x70_cmd_input_unlock_t *opts, em4x70_tag_info_
if (WaitForResponseTimeout(CMD_LF_EM4X70_UNLOCK, &resp, TIMEOUT) == false) { if (WaitForResponseTimeout(CMD_LF_EM4X70_UNLOCK, &resp, TIMEOUT) == false) {
return PM3_ETIMEOUT; return PM3_ETIMEOUT;
} }
if (resp.status == PM3_SUCCESS) {
//iceman: prefer to have specific return code check.
// like resp.status != PM3_SUCCESS if looking for failure
if (resp.status) {
memcpy(data_out, resp.data.asBytes, sizeof(em4x70_tag_info_t)); memcpy(data_out, resp.data.asBytes, sizeof(em4x70_tag_info_t));
return PM3_SUCCESS;
} }
return PM3_ESOFT; return resp.status;
} }
static int setpin_em4x70(const em4x70_cmd_input_setpin_t *opts, em4x70_tag_info_t *data_out) { static int setpin_em4x70(const em4x70_cmd_input_setpin_t *opts, em4x70_tag_info_t *data_out) {
@ -408,14 +380,10 @@ static int setpin_em4x70(const em4x70_cmd_input_setpin_t *opts, em4x70_tag_info_
if (WaitForResponseTimeout(CMD_LF_EM4X70_SETPIN, &resp, TIMEOUT) == false) { if (WaitForResponseTimeout(CMD_LF_EM4X70_SETPIN, &resp, TIMEOUT) == false) {
return PM3_ETIMEOUT; return PM3_ETIMEOUT;
} }
if (resp.status == PM3_SUCCESS) {
//iceman: prefer to have specific return code check.
// like resp.status != PM3_SUCCESS if looking for failure
if (resp.status) {
memcpy(data_out, resp.data.asBytes, sizeof(em4x70_tag_info_t)); memcpy(data_out, resp.data.asBytes, sizeof(em4x70_tag_info_t));
return PM3_SUCCESS;
} }
return PM3_ESOFT; return resp.status;
} }
static int recover_em4x70(const em4x70_cmd_input_recover_t *opts, em4x70_cmd_output_recover_t *data_out) { static int recover_em4x70(const em4x70_cmd_input_recover_t *opts, em4x70_cmd_output_recover_t *data_out) {
@ -716,6 +684,7 @@ int CmdEM4x70Auth(const char *Cmd) {
" If F(RN) is correct based on the tag key, the tag will give a 20-bit response\n", " If F(RN) is correct based on the tag key, the tag will give a 20-bit response\n",
"lf em 4x70 auth --rnd 45F54ADA252AAC --frn 4866BB70 --> (using pm3 test key)\n" "lf em 4x70 auth --rnd 45F54ADA252AAC --frn 4866BB70 --> (using pm3 test key)\n"
"lf em 4x70 auth --rnd 3FFE1FB6CC513F --frn F355F1A0 --> (using research paper key)\n" "lf em 4x70 auth --rnd 3FFE1FB6CC513F --frn F355F1A0 --> (using research paper key)\n"
"lf em 4x70 auth --rnd 7D5167003571F8 --frn 982DBCC0 --> (autorecovery test key)\n"
); );
void *argtable[] = { void *argtable[] = {
@ -813,6 +782,7 @@ int CmdEM4x70SetKey(const char *Cmd) {
"Write new 96-bit key to tag\n", "Write new 96-bit key to tag\n",
"lf em 4x70 setkey -k F32AA98CF5BE4ADFA6D3480B (pm3 test key)\n" "lf em 4x70 setkey -k F32AA98CF5BE4ADFA6D3480B (pm3 test key)\n"
"lf em 4x70 setkey -k A090A0A02080000000000000 (research paper key)\n" "lf em 4x70 setkey -k A090A0A02080000000000000 (research paper key)\n"
"lf em 4x70 setkey -k 022A028C02BE000102030405 (autorecovery test key)\n"
); );
void *argtable[] = { void *argtable[] = {
@ -1137,6 +1107,7 @@ static int CmdEM4x70AutoRecover_ParseArgs(const char *Cmd, em4x70_cmd_input_reco
, ,
"lf em 4x70 autorecover --rnd 45F54ADA252AAC --frn 4866BB70 --grn 9BD180 (pm3 test key)\n" "lf em 4x70 autorecover --rnd 45F54ADA252AAC --frn 4866BB70 --grn 9BD180 (pm3 test key)\n"
"lf em 4x70 autorecover --rnd 3FFE1FB6CC513F --frn F355F1A0 --grn 609D60 (research paper key)\n" "lf em 4x70 autorecover --rnd 3FFE1FB6CC513F --frn F355F1A0 --grn 609D60 (research paper key)\n"
"lf em 4x70 autorecover --rnd 7D5167003571F8 --frn 982DBCC0 --grn 36C0E0 (autorecovery test key)\n"
); );
void *argtable[] = { void *argtable[] = {

22
client/src/proxguiqt.cpp
View file

@ -1268,14 +1268,22 @@ void Plot::wheelEvent(QWheelEvent *event) {
void Plot::mouseMoveEvent(QMouseEvent *event) { void Plot::mouseMoveEvent(QMouseEvent *event) {
int x = event->x(); int x = event->x();
x -= WIDTH_AXES;
x = (int)(x / g_GraphPixelsPerPoint);
x += g_GraphStart;
if ((event->buttons() & Qt::LeftButton)) { //Only run the marker place code if a mouse button is pressed
g_MarkerA.pos = x; if((event->buttons() & Qt::LeftButton) || (event->buttons() & Qt::RightButton)) {
} else if (event->buttons() & Qt::RightButton) { x -= WIDTH_AXES;
g_MarkerB.pos = x; x = (int)(x / g_GraphPixelsPerPoint);
x += g_GraphStart;
if(x > (int)g_GraphTraceLen) x = 0; // Set to 0 if the number is stupidly big
else if(x < (int)g_GraphStart) x = (int)g_GraphStart; // Bounds checking for the start of the Graph Window
else if(x > (int)g_GraphStop) x = (int)g_GraphStop; // Bounds checking for the end of the Graph Window
if ((event->buttons() & Qt::LeftButton)) { // True for left click, false otherwise
g_MarkerA.pos = x;
} else {
g_MarkerB.pos = x;
}
} }
this->update(); this->update();

2
tools/pm3_tests.sh
View file

@ -414,7 +414,7 @@ while true; do
if ! CheckExecute "nfc decode test - signature" "$CLIENTBIN -c 'nfc decode -d 03FF010194113870696C65742E65653A656B616172743A3266195F26063132303832325904202020205F28033233335F2701316E1B5A13333038363439303039303030323636343030355304EBF2CE704103000000AC536967010200803A2448FCA7D354A654A81BD021150D1A152D1DF4D7A55D2B771F12F094EAB6E5E10F2617A2F8DAD4FD38AFF8EA39B71C19BD42618CDA86EE7E144636C8E0E7CFC4096E19C3680E09C78A0CDBC05DA2D698E551D5D709717655E56FE3676880B897D2C70DF5F06ECE07C71435255144F8EE41AF110E7B180DA0E6C22FB8FDEF61800025687474703A2F2F70696C65742E65652F6372742F33303836343930302D303030312E637274FE'" "30864900-0001.crt"; then break; fi if ! CheckExecute "nfc decode test - signature" "$CLIENTBIN -c 'nfc decode -d 03FF010194113870696C65742E65653A656B616172743A3266195F26063132303832325904202020205F28033233335F2701316E1B5A13333038363439303039303030323636343030355304EBF2CE704103000000AC536967010200803A2448FCA7D354A654A81BD021150D1A152D1DF4D7A55D2B771F12F094EAB6E5E10F2617A2F8DAD4FD38AFF8EA39B71C19BD42618CDA86EE7E144636C8E0E7CFC4096E19C3680E09C78A0CDBC05DA2D698E551D5D709717655E56FE3676880B897D2C70DF5F06ECE07C71435255144F8EE41AF110E7B180DA0E6C22FB8FDEF61800025687474703A2F2F70696C65742E65652F6372742F33303836343930302D303030312E637274FE'" "30864900-0001.crt"; then break; fi
echo -e "\n${C_BLUE}Testing LF:${C_NC}" echo -e "\n${C_BLUE}Testing LF:${C_NC}"
if ! CheckExecute "lf hitag2 test" "$CLIENTBIN -c 'lf hitag selftest'" "Tests \( ok"; then break; fi if ! CheckExecute "lf hitag2 test" "$CLIENTBIN -c 'lf hitag test'" "Tests \( ok"; then break; fi
if ! CheckExecute "lf cotag demod test" "$CLIENTBIN -c 'data load -f traces/lf_cotag_220_8331.pm3; data norm; data cthreshold -u 50 -d -20; data envelope; data raw --ar -c 272; lf cotag demod'" \ if ! CheckExecute "lf cotag demod test" "$CLIENTBIN -c 'data load -f traces/lf_cotag_220_8331.pm3; data norm; data cthreshold -u 50 -d -20; data envelope; data raw --ar -c 272; lf cotag demod'" \
"COTAG Found: FC 220, CN: 8331 Raw: FFB841170363FFFE00001E7F00000000"; then break; fi "COTAG Found: FC 220, CN: 8331 Raw: FFB841170363FFFE00001E7F00000000"; then break; fi
if ! CheckExecute "lf AWID test" "$CLIENTBIN -c 'data load -f traces/lf_AWID-15-259.pm3;lf search -1'" "AWID ID found"; then break; fi if ! CheckExecute "lf AWID test" "$CLIENTBIN -c 'data load -f traces/lf_AWID-15-259.pm3;lf search -1'" "AWID ID found"; then break; fi