From 6fae3b7b0e4d7aa9ddcdea76f82e53999968be93 Mon Sep 17 00:00:00 2001 From: Ray Lee Date: Sat, 7 Aug 2021 22:19:08 +0800 Subject: [PATCH 1/3] add new standalone mode MFCSIM --- armsrc/Standalone/Makefile.hal | 7 +- armsrc/Standalone/Makefile.inc | 4 ++ armsrc/Standalone/hf_mfcsim.c | 116 +++++++++++++++++++++++++++++++++ 3 files changed, 125 insertions(+), 2 deletions(-) create mode 100644 armsrc/Standalone/hf_mfcsim.c diff --git a/armsrc/Standalone/Makefile.hal b/armsrc/Standalone/Makefile.hal index f82a11cf7..d6bba3965 100644 --- a/armsrc/Standalone/Makefile.hal +++ b/armsrc/Standalone/Makefile.hal @@ -83,13 +83,16 @@ define KNOWN_STANDALONE_DEFINITIONS | HF_YOUNG | Mifare sniff/simulation | | | - Craig Young | +----------------------------------------------------------+ +| HF_MFCSIM | Mifare Classic simulation | +| | - Ray Lee | ++----------------------------------------------------------+ endef STANDALONE_MODES := LF_SKELETON LF_EM4100EMUL LF_EM4100RSWB LF_EM4100RWC LF_HIDBRUTE LF_HIDFCBRUTE LF_ICEHID LF_PROXBRUTE LF_SAMYRUN LF_THAREXDE LF_NEXID -STANDALONE_MODES += HF_14ASNIFF HF_AVEFUL HF_BOG HF_COLIN HF_CRAFTBYTE HF_ICECLASS HF_LEGIC HF_MATTYRUN HF_MSDSAL HF_TCPRST HF_TMUDFORD HF_YOUNG HF_REBLAY +STANDALONE_MODES += HF_14ASNIFF HF_AVEFUL HF_BOG HF_COLIN HF_CRAFTBYTE HF_ICECLASS HF_LEGIC HF_MATTYRUN HF_MSDSAL HF_TCPRST HF_TMUDFORD HF_YOUNG HF_REBLAY HF_MFCSIM STANDALONE_MODES_REQ_BT := HF_REBLAY STANDALONE_MODES_REQ_SMARTCARD := -STANDALONE_MODES_REQ_FLASH := LF_HIDFCBRUTE LF_ICEHID LF_NEXID LF_THAREXDE HF_14ASNIFF HF_BOG HF_COLIN HF_ICECLASS +STANDALONE_MODES_REQ_FLASH := LF_HIDFCBRUTE LF_ICEHID LF_NEXID LF_THAREXDE HF_14ASNIFF HF_BOG HF_COLIN HF_ICECLASS HF_MFCSIM ifneq ($(filter $(STANDALONE),$(STANDALONE_MODES)),) STANDALONE_PLATFORM_DEFS += -DWITH_STANDALONE_$(STANDALONE) ifneq ($(filter $(STANDALONE),$(STANDALONE_MODES_REQ_SMARTCARD)),) diff --git a/armsrc/Standalone/Makefile.inc b/armsrc/Standalone/Makefile.inc index cd742ae9c..f79bb8925 100644 --- a/armsrc/Standalone/Makefile.inc +++ b/armsrc/Standalone/Makefile.inc @@ -97,3 +97,7 @@ endif ifneq (,$(findstring WITH_STANDALONE_HF_REBLAY,$(APP_CFLAGS))) SRC_STANDALONE = hf_reblay.c endif + # WITH_STANDALONE_HF_MFCSIM +ifneq (,$(findstring WITH_STANDALONE_HF_MFCSIM,$(APP_CFLAGS))) + SRC_STANDALONE = hf_mfcsim.c +endif diff --git a/armsrc/Standalone/hf_mfcsim.c b/armsrc/Standalone/hf_mfcsim.c new file mode 100644 index 000000000..3fc321916 --- /dev/null +++ b/armsrc/Standalone/hf_mfcsim.c @@ -0,0 +1,116 @@ +//----------------------------------------------------------------------------- +// RayCN, 2021 +// +// This code is licensed to you under the terms of the GNU GPL, version 2 or, +// at your option, any later version. See the LICENSE.txt file for the text of +// the license. +//----------------------------------------------------------------------------- +// main code for mifare classic simulator aka MFCSIM +//----------------------------------------------------------------------------- +#include +#include "ticks.h" +#include "proxmark3_arm.h" +#include "BigBuf.h" +#include "commonutil.h" +#include "fpgaloader.h" +#include "util.h" +#include "dbprint.h" +#include "spiffs.h" +#include "standalone.h" // standalone definitions +#include "appmain.h" +#include "string.h" +#include "iso14443a.h" +#include "mifarecmd.h" +#include "crc16.h" +#include "mifaresim.h" // mifare1ksim +#include "mifareutil.h" + +/* + * `hf_mfcsim` simulates mifare classic 1k dumps uploaded to flash. + * It requires RDV4 hardware (for flash and battery). + * + * On entering stand-alone mode, this module will start simulating. + * Data is read from bin dump file uploaded to flash memory (hf_mfcsim_dump_1.bin). + * Only support mifare classic 1k + * + * LEDs: + * - LED A: initializing + * - LED B: simulating + * - LED C blinking: data transmiting + * + * To upload input file (eml format) to flash: + * - mem spiffs upload -s -d hf_mfcsim_dump_1.bin + * To delete the input file from flash: + * - mem spiffs remove -f hf_mfcsim_dump_1.bin + * + */ + +#define HF_MFCSIM_INPUTFILE_SIM "hf_mfcsim_dump_1.bin" +#define DUMP_SIZE 1024 + +static uint8_t uid[10]; + +static bool ecfill_from_file(char *inputfile) { + + if (exists_in_spiffs(inputfile)) { + + uint32_t size = size_in_spiffs(inputfile); + uint8_t *mem = BigBuf_malloc(size); + if (!mem) { + Dbprintf(_RED_("No memory!")); + } + + Dbprintf(_YELLOW_("Found dump file %s"), inputfile); + rdv40_spiffs_read_as_filetype(inputfile, mem, size, RDV40_SPIFFS_SAFETY_SAFE); + + Dbprintf(_YELLOW_("File size is %d"), size); + if (size != DUMP_SIZE) { + Dbprintf(_RED_("Only support Mifare Classic 1K! Please check the dumpfile")); + } + + Dbprintf(_YELLOW_("Read card data from input file")); + emlSetMem(mem, 0, MIFARE_1K_MAXBLOCK); + Dbprintf(_YELLOW_("Uploaded to emulator memory")); + + } else { + Dbprintf(_RED_("no input file %s"), inputfile); + return false; + } + BigBuf_free(); + return true; +} + +void ModInfo(void) { + DbpString(_YELLOW_(" HF Mifare Classic simulation mode") " - a.k.a MFCSIM"); +} + +void RunMod(void) { + StandAloneMode(); + FpgaDownloadAndGo(FPGA_BITSTREAM_HF); + Dbprintf(_YELLOW_("Standalone mode MFCSIM started!")); + + LED_A_ON(); + emlClearMem(); + Dbprintf(_YELLOW_("Emulator memory initialized")); + rdv40_spiffs_lazy_mount(); + if (!ecfill_from_file(HF_MFCSIM_INPUTFILE_SIM)) { + Dbprintf(_RED_("Load data failed!")); + return; + } + Dbprintf(_YELLOW_("Emulator memory filled, simulation ready to start.")); + Dbprintf(_YELLOW_("Press button to abort simulation at anytime.")); + + SpinOff(1000); + + LED_B_ON(); + Dbprintf(_YELLOW_("Simulation start!")); + uint16_t simflags = FLAG_UID_IN_EMUL | FLAG_MF_1K; + Mifare1ksim(simflags, 0, uid, 0, 0); + + Dbprintf(_YELLOW_("Simulation end!")); + LEDsoff(); +} + + + + From 77116b3952d544121355a26f8b44e2c327232a1c Mon Sep 17 00:00:00 2001 From: Ray Lee Date: Sun, 8 Aug 2021 15:12:22 +0800 Subject: [PATCH 2/3] update Changelog and document --- CHANGELOG.md | 1 + doc/md/Use_of_Proxmark/4_Advanced-compilation-parameters.md | 1 + 2 files changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 41d6b5eec..3158744d0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file. This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... ## [unreleased][unreleased] + - Add new standalone mode `hf_mfcsim` which can load dump from flash and simulate Mifare Classic 1K card (@axisray) - Added support to demodulate Electra tags and column parity check for EM410x (@doegox) - Fix demod plot for various demodulations (@doegox) - Fix `lf t55xx detect/rdbl/dump` - to override if user set `lf config` and use default values during operation (@iceman1001) diff --git a/doc/md/Use_of_Proxmark/4_Advanced-compilation-parameters.md b/doc/md/Use_of_Proxmark/4_Advanced-compilation-parameters.md index 38931c3ca..a313560f8 100644 --- a/doc/md/Use_of_Proxmark/4_Advanced-compilation-parameters.md +++ b/doc/md/Use_of_Proxmark/4_Advanced-compilation-parameters.md @@ -102,6 +102,7 @@ Here are the supported values you can assign to `STANDALONE` in `Makefile.platfo | HF_TCPRST | IKEA Rothult ST25TA, Standalone Master Key Dump/Emulation - Nick Draffen | HF_TMUDFORD | Read and emulate ISO15693 card UID - Tim Mudford | HF_YOUNG | Mifare sniff/simulation - Craig Young +| HF_MFCSIM | Mifare Classic simulation - Ray Lee By default `STANDALONE=HF_MSDSAL`. From e1b6e342d944928b01f68dc557a973ad70e09790 Mon Sep 17 00:00:00 2001 From: Ray Lee Date: Sun, 8 Aug 2021 16:11:57 +0800 Subject: [PATCH 3/3] follow alphabetic order --- armsrc/Standalone/Makefile.hal | 8 ++++---- armsrc/Standalone/hf_mfcsim.c | 10 +++++----- .../4_Advanced-compilation-parameters.md | 2 +- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/armsrc/Standalone/Makefile.hal b/armsrc/Standalone/Makefile.hal index d6bba3965..c7879987a 100644 --- a/armsrc/Standalone/Makefile.hal +++ b/armsrc/Standalone/Makefile.hal @@ -68,6 +68,9 @@ define KNOWN_STANDALONE_DEFINITIONS | HF_MATTYRUN | Mifare sniff/clone | | | - Matías A. Ré Medina | +----------------------------------------------------------+ +| HF_MFCSIM | Simulate Mifare Classic 1k card | +| (RDV4 only) | storing in flashmem - Ray Lee | ++----------------------------------------------------------+ | HF_MSDSAL | Read and emulate MSD Visa cards | | (default) | - Salvador Mendoza | +----------------------------------------------------------+ @@ -83,13 +86,10 @@ define KNOWN_STANDALONE_DEFINITIONS | HF_YOUNG | Mifare sniff/simulation | | | - Craig Young | +----------------------------------------------------------+ -| HF_MFCSIM | Mifare Classic simulation | -| | - Ray Lee | -+----------------------------------------------------------+ endef STANDALONE_MODES := LF_SKELETON LF_EM4100EMUL LF_EM4100RSWB LF_EM4100RWC LF_HIDBRUTE LF_HIDFCBRUTE LF_ICEHID LF_PROXBRUTE LF_SAMYRUN LF_THAREXDE LF_NEXID -STANDALONE_MODES += HF_14ASNIFF HF_AVEFUL HF_BOG HF_COLIN HF_CRAFTBYTE HF_ICECLASS HF_LEGIC HF_MATTYRUN HF_MSDSAL HF_TCPRST HF_TMUDFORD HF_YOUNG HF_REBLAY HF_MFCSIM +STANDALONE_MODES += HF_14ASNIFF HF_AVEFUL HF_BOG HF_COLIN HF_CRAFTBYTE HF_ICECLASS HF_LEGIC HF_MATTYRUN HF_MFCSIM HF_MSDSAL HF_TCPRST HF_TMUDFORD HF_YOUNG HF_REBLAY STANDALONE_MODES_REQ_BT := HF_REBLAY STANDALONE_MODES_REQ_SMARTCARD := STANDALONE_MODES_REQ_FLASH := LF_HIDFCBRUTE LF_ICEHID LF_NEXID LF_THAREXDE HF_14ASNIFF HF_BOG HF_COLIN HF_ICECLASS HF_MFCSIM diff --git a/armsrc/Standalone/hf_mfcsim.c b/armsrc/Standalone/hf_mfcsim.c index 3fc321916..9c16c2c50 100644 --- a/armsrc/Standalone/hf_mfcsim.c +++ b/armsrc/Standalone/hf_mfcsim.c @@ -1,5 +1,5 @@ //----------------------------------------------------------------------------- -// RayCN, 2021 +// Ray Lee, 2021 // // This code is licensed to you under the terms of the GNU GPL, version 2 or, // at your option, any later version. See the LICENSE.txt file for the text of @@ -30,7 +30,7 @@ * It requires RDV4 hardware (for flash and battery). * * On entering stand-alone mode, this module will start simulating. - * Data is read from bin dump file uploaded to flash memory (hf_mfcsim_dump_1.bin). + * Data is read from bin dump file uploaded to flash memory (hf_mfcsim_dump.bin). * Only support mifare classic 1k * * LEDs: @@ -39,13 +39,13 @@ * - LED C blinking: data transmiting * * To upload input file (eml format) to flash: - * - mem spiffs upload -s -d hf_mfcsim_dump_1.bin + * - mem spiffs upload -s -d hf_mfcsim_dump.bin * To delete the input file from flash: - * - mem spiffs remove -f hf_mfcsim_dump_1.bin + * - mem spiffs remove -f hf_mfcsim_dump.bin * */ -#define HF_MFCSIM_INPUTFILE_SIM "hf_mfcsim_dump_1.bin" +#define HF_MFCSIM_INPUTFILE_SIM "hf_mfcsim_dump.bin" #define DUMP_SIZE 1024 static uint8_t uid[10]; diff --git a/doc/md/Use_of_Proxmark/4_Advanced-compilation-parameters.md b/doc/md/Use_of_Proxmark/4_Advanced-compilation-parameters.md index a313560f8..ee2d10d4b 100644 --- a/doc/md/Use_of_Proxmark/4_Advanced-compilation-parameters.md +++ b/doc/md/Use_of_Proxmark/4_Advanced-compilation-parameters.md @@ -97,12 +97,12 @@ Here are the supported values you can assign to `STANDALONE` in `Makefile.platfo | HF_ICECLASS | iCLASS 4-1 mode sim/read & dump/loclass/glitch & config to flashmem - Iceman1001 | HF_LEGIC | HF Legic Prime standalone - uhei | HF_MATTYRUN | Mifare sniff/clone - Matías A. Ré Medina +| HF_MFCSIM | Simulate Mifare Classic 1k card storing in flashmem - Ray Lee | HF_MSDSAL (def)| EMV Read and emulation - Salvador Mendoza | HF_REBLAY | 14A relay over BT - Salvador Mendoza | HF_TCPRST | IKEA Rothult ST25TA, Standalone Master Key Dump/Emulation - Nick Draffen | HF_TMUDFORD | Read and emulate ISO15693 card UID - Tim Mudford | HF_YOUNG | Mifare sniff/simulation - Craig Young -| HF_MFCSIM | Mifare Classic simulation - Ray Lee By default `STANDALONE=HF_MSDSAL`.