RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-01-10 10:11:58 +08:00
Code Issues Projects Releases Packages Wiki Activity

Enable support to clone HID on EM4x05

Browse source
This commit is contained in:
Philippe Teuwen 2022-04-30 00:08:10 +02:00
parent c1c093af62
commit 7f37958144
2 changed files with 22 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
CHANGELOG.md
View file

@ -4,7 +4,7 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
## [unreleased][unreleased]
- Fixed support to clone Pyramic, Paradox and Awid on EM4x05 (@doegox)
- Added support to clone Viking and EM410x on EM4x05 (@doegox)
- Added support to clone HID, Viking and EM410x on EM4x05 (@doegox)
- Fixed `lf config --reset` - averaging is set to 1 rather than 0 (@wh201906)
- Added standalone mode for sniffing 14b (@jacopo-j)
- Fixed `hf 14a apdu` - now don't skip first P2 iteration (@iceman1001)

53
armsrc/lfops.c
View file

@ -2237,10 +2237,22 @@ static void WriteT55xx(const uint32_t *blockdata, uint8_t startblock, uint8_t nu
}
static void WriteEM4x05(uint32_t *blockdata, uint8_t startblock, uint8_t numblocks) {
for (uint8_t i = numblocks + startblock; i > startblock; i--) {
if (i - 1 > 4) {
blockdata[i - 1 - startblock] = reflect(blockdata[i - 1 - startblock], 32);
if (g_dbglevel == DBG_DEBUG) {
Dbprintf("# | data ( EM4x05 )");
Dbprintf("--+----------------");
}
for (uint8_t i = startblock; i < startblock + numblocks; i++) {
if (i > 4) {
blockdata[i - startblock] = reflect(blockdata[i - startblock], 32);
}
if (g_dbglevel == DBG_DEBUG) {
Dbprintf("%i | %08x", i, blockdata[i - startblock]);
}
}
if (g_dbglevel == DBG_DEBUG) {
Dbprintf("--+----------------");
}
for (uint8_t i = numblocks + startblock; i > startblock; i--) {
EM4xWriteWord(i - 1, blockdata[i - 1 - startblock], 0, 0, false);
}
}
@ -2287,23 +2299,16 @@ void CopyHIDtoT55x7(uint32_t hi2, uint32_t hi, uint32_t lo, uint8_t longFMT, boo
if (q5) {
data[0] = T5555_SET_BITRATE(50) | T5555_MODULATION_FSK2 | T5555_INVERT_OUTPUT | last_block << T5555_MAXBLOCK_SHIFT;
} else if (em) {
// Note: data rate 50 is not supported by EM4x05
data[0] = (EM4x05_SET_BITRATE(50) | EM4x05_MODULATION_FSK2 | EM4x05_INVERT | EM4x05_SET_NUM_BLOCKS(last_block));
data[0] = (EM4x05_SET_BITRATE(50) | EM4x05_MODULATION_FSK2 | EM4x05_SET_NUM_BLOCKS(last_block));
// EM4x05_INVERT not available on EM4305, so let's invert manually
for (uint8_t i = 1; i <= last_block ; i++) {
data[i] = data[i] ^ 0xFFFFFFFF;
}
}
if (ledcontrol) LED_D_ON();
if (em) {
if (g_dbglevel == DBG_DEBUG) {
Dbprintf("# | data ( EM4x05 )");
Dbprintf("--+----------------");
Dbprintf("4 | %08x", data[0]);
Dbprintf("5 | %08x", data[1]);
Dbprintf("6 | %08x", data[2]);
Dbprintf("7 | %08x", data[3]);
Dbprintf("--+----------------");
}
Dbprintf("Clone HID Prox to EM4x05 is untested and disabled until verified");
//WriteEM4x05(data, 4, last_block + 1);
WriteEM4x05(data, 4, last_block + 1);
} else {
WriteT55xx(data, 0, last_block + 1, ledcontrol);
}
@ -2326,14 +2331,6 @@ void CopyVikingtoT55xx(uint8_t *blocks, bool q5, bool em, bool ledcontrol) {
// Program the data blocks for supplied ID and the block 0 config
if (em) {
if (g_dbglevel == DBG_DEBUG) {
Dbprintf("# | data ( EM4x05 )");
Dbprintf("--+----------------");
Dbprintf("4 | %08x", data[0]);
Dbprintf("5 | %08x", data[1]);
Dbprintf("6 | %08x", data[2]);
Dbprintf("--+----------------");
}
WriteEM4x05(data, 4, 3);
} else {
WriteT55xx(data, 0, 3, ledcontrol);
@ -2428,14 +2425,6 @@ int copy_em410x_to_t55xx(uint8_t card, uint8_t clock, uint32_t id_hi, uint32_t i
data[0] = T5555_SET_BITRATE(clock) | T5555_MODULATION_MANCHESTER | (2 << T5555_MAXBLOCK_SHIFT);
}
if (card == 2) {
if (g_dbglevel == DBG_DEBUG) {
Dbprintf("# | data ( EM4x05 )");
Dbprintf("--+----------------");
Dbprintf("4 | %08x", data[0]);
Dbprintf("5 | %08x", data[1]);
Dbprintf("6 | %08x", data[2]);
Dbprintf("--+----------------");
}
WriteEM4x05(data, 4, 3);
} else {
WriteT55xx(data, 0, 3, ledcontrol);