Merge pull request #1433 from AxisRay/new-standalone-mode

Add new standalone mode MFCSIM
2024-09-22 00:06:13 +08:00 · 2021-08-08 10:40:52 +02:00 · 2021-08-08 10:40:52 +02:00 · 886e93d106
parent c162aadeec e1b6e342d9
commit 886e93d106
5 changed files with 127 additions and 2 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file.
 This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...

 ## [unreleased][unreleased]
+ - Add new standalone mode `hf_mfcsim` which can load dump from flash and simulate Mifare Classic 1K card (@axisray)
 - Added support to demodulate Electra tags and column parity check for EM410x (@doegox)
 - Fix demod plot for various demodulations (@doegox)
 - Fix `lf t55xx detect/rdbl/dump` - to override if user set `lf config` and use default values during operation (@iceman1001)
--- a/armsrc/Standalone/Makefile.hal
+++ b/armsrc/Standalone/Makefile.hal
@ -68,6 +68,9 @@ define KNOWN_STANDALONE_DEFINITIONS
 | HF_MATTYRUN     | Mifare sniff/clone                     |
 |                 | - Matías A. Ré Medina                  |
 +----------------------------------------------------------+
+| HF_MFCSIM       | Simulate Mifare Classic 1k card        |
+| (RDV4 only)     | storing in flashmem - Ray Lee          |
+----------------------------------------------------------+
 | HF_MSDSAL       | Read and emulate MSD Visa cards        |
 | (default)       | - Salvador Mendoza                     |
 +----------------------------------------------------------+
@ -86,10 +89,10 @@ define KNOWN_STANDALONE_DEFINITIONS
 endef

 STANDALONE_MODES := LF_SKELETON LF_EM4100EMUL LF_EM4100RSWB LF_EM4100RWC LF_HIDBRUTE LF_HIDFCBRUTE LF_ICEHID LF_PROXBRUTE LF_SAMYRUN LF_THAREXDE LF_NEXID
-STANDALONE_MODES += HF_14ASNIFF HF_AVEFUL HF_BOG HF_COLIN HF_CRAFTBYTE HF_ICECLASS HF_LEGIC HF_MATTYRUN HF_MSDSAL HF_TCPRST HF_TMUDFORD HF_YOUNG HF_REBLAY
+STANDALONE_MODES += HF_14ASNIFF HF_AVEFUL HF_BOG HF_COLIN HF_CRAFTBYTE HF_ICECLASS HF_LEGIC HF_MATTYRUN HF_MFCSIM HF_MSDSAL HF_TCPRST HF_TMUDFORD HF_YOUNG HF_REBLAY
 STANDALONE_MODES_REQ_BT := HF_REBLAY
 STANDALONE_MODES_REQ_SMARTCARD :=
-STANDALONE_MODES_REQ_FLASH := LF_HIDFCBRUTE LF_ICEHID LF_NEXID LF_THAREXDE HF_14ASNIFF HF_BOG HF_COLIN HF_ICECLASS
+STANDALONE_MODES_REQ_FLASH := LF_HIDFCBRUTE LF_ICEHID LF_NEXID LF_THAREXDE HF_14ASNIFF HF_BOG HF_COLIN HF_ICECLASS HF_MFCSIM
 ifneq ($(filter $(STANDALONE),$(STANDALONE_MODES)),)
    STANDALONE_PLATFORM_DEFS += -DWITH_STANDALONE_$(STANDALONE)
    ifneq ($(filter $(STANDALONE),$(STANDALONE_MODES_REQ_SMARTCARD)),)
--- a/armsrc/Standalone/Makefile.inc
+++ b/armsrc/Standalone/Makefile.inc
@ -97,3 +97,7 @@ endif
 ifneq (,$(findstring WITH_STANDALONE_HF_REBLAY,$(APP_CFLAGS)))
    SRC_STANDALONE = hf_reblay.c
 endif
+ # WITH_STANDALONE_HF_MFCSIM
+ifneq (,$(findstring WITH_STANDALONE_HF_MFCSIM,$(APP_CFLAGS)))
+    SRC_STANDALONE = hf_mfcsim.c
+endif
--- a/armsrc/Standalone/hf_mfcsim.c
+++ b/armsrc/Standalone/hf_mfcsim.c
@ -0,0 +1,116 @@
+//-----------------------------------------------------------------------------
+// Ray Lee, 2021
+//
+// This code is licensed to you under the terms of the GNU GPL, version 2 or,
+// at your option, any later version. See the LICENSE.txt file for the text of
+// the license.
+//-----------------------------------------------------------------------------
+// main code for mifare classic simulator aka MFCSIM
+//-----------------------------------------------------------------------------
+#include <inttypes.h>
+#include "ticks.h"
+#include "proxmark3_arm.h"
+#include "BigBuf.h"
+#include "commonutil.h"
+#include "fpgaloader.h"
+#include "util.h"
+#include "dbprint.h"
+#include "spiffs.h"
+#include "standalone.h" // standalone definitions
+#include "appmain.h"
+#include "string.h"
+#include "iso14443a.h"
+#include "mifarecmd.h"
+#include "crc16.h"
+#include "mifaresim.h"  // mifare1ksim
+#include "mifareutil.h"
+
+/*
+ * `hf_mfcsim` simulates mifare classic 1k dumps uploaded to flash.
+ * It requires RDV4 hardware (for flash and battery).
+ *
+ * On entering stand-alone mode, this module will start simulating.
+ * Data is read from bin dump file uploaded to flash memory (hf_mfcsim_dump.bin).
+ * Only support mifare classic 1k
+ *
+ * LEDs:
+ * - LED A: initializing
+ * - LED B: simulating
+ * - LED C blinking: data transmiting
+ *
+ * To upload input file (eml format) to flash:
+ * - mem spiffs upload -s <filename> -d hf_mfcsim_dump.bin
+ * To delete the input file from flash:
+ * - mem spiffs remove -f hf_mfcsim_dump.bin
+ *
+ */
+
+#define HF_MFCSIM_INPUTFILE_SIM         "hf_mfcsim_dump.bin"
+#define DUMP_SIZE                       1024
+
+static uint8_t uid[10];
+
+static bool ecfill_from_file(char *inputfile) {
+
+    if (exists_in_spiffs(inputfile)) {
+
+        uint32_t size = size_in_spiffs(inputfile);
+        uint8_t *mem = BigBuf_malloc(size);
+        if (!mem) {
+            Dbprintf(_RED_("No memory！"));
+        }
+
+        Dbprintf(_YELLOW_("Found dump file %s"), inputfile);
+        rdv40_spiffs_read_as_filetype(inputfile, mem, size, RDV40_SPIFFS_SAFETY_SAFE);
+
+        Dbprintf(_YELLOW_("File size is %d"), size);
+        if (size != DUMP_SIZE) {
+            Dbprintf(_RED_("Only support Mifare Classic 1K! Please check the dumpfile"));
+        }
+
+        Dbprintf(_YELLOW_("Read card data from input file"));
+        emlSetMem(mem, 0, MIFARE_1K_MAXBLOCK);
+        Dbprintf(_YELLOW_("Uploaded to emulator memory"));
+
+    } else {
+        Dbprintf(_RED_("no input file %s"), inputfile);
+        return false;
+    }
+    BigBuf_free();
+    return true;
+}
+
+void ModInfo(void) {
+    DbpString(_YELLOW_("  HF Mifare Classic simulation mode") " - a.k.a MFCSIM");
+}
+
+void RunMod(void) {
+    StandAloneMode();
+    FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
+    Dbprintf(_YELLOW_("Standalone mode MFCSIM started!"));
+
+    LED_A_ON();
+    emlClearMem();
+    Dbprintf(_YELLOW_("Emulator memory initialized"));
+    rdv40_spiffs_lazy_mount();
+    if (!ecfill_from_file(HF_MFCSIM_INPUTFILE_SIM)) {
+        Dbprintf(_RED_("Load data failed!"));
+        return;
+    }
+    Dbprintf(_YELLOW_("Emulator memory filled, simulation ready to start."));
+    Dbprintf(_YELLOW_("Press button to abort simulation at anytime."));
+
+    SpinOff(1000);
+
+    LED_B_ON();
+    Dbprintf(_YELLOW_("Simulation start!"));
+    uint16_t simflags = FLAG_UID_IN_EMUL | FLAG_MF_1K;
+    Mifare1ksim(simflags, 0, uid, 0, 0);
+
+    Dbprintf(_YELLOW_("Simulation end!"));
+    LEDsoff();
+}
+
+
+
+
--- a/doc/md/Use_of_Proxmark/4_Advanced-compilation-parameters.md
+++ b/doc/md/Use_of_Proxmark/4_Advanced-compilation-parameters.md
@ -97,6 +97,7 @@ Here are the supported values you can assign to `STANDALONE` in `Makefile.platfo
 | HF_ICECLASS     | iCLASS 4-1 mode  sim/read & dump/loclass/glitch & config to flashmem - Iceman1001
 | HF_LEGIC        | HF Legic Prime standalone - uhei
 | HF_MATTYRUN     | Mifare sniff/clone - Matías A. Ré Medina
+| HF_MFCSIM       | Simulate Mifare Classic 1k card storing in flashmem - Ray Lee
 | HF_MSDSAL  (def)| EMV Read and emulation - Salvador Mendoza
 | HF_REBLAY       | 14A relay over BT  - Salvador Mendoza
 | HF_TCPRST       | IKEA Rothult ST25TA, Standalone Master Key Dump/Emulation - Nick Draffen