RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2024-09-20 15:26:13 +08:00
Code Issues Packages Projects Releases Wiki Activity

ADD: @marshmellows42 's fixes for "lf cmdread" and CHANGELOG.md

Browse source 
ADD:  Added the "lf t55x7 wakeup" command. It will send a pwd,  and leave the antenna on.
Process like:
1. lf t55x7 wakeup p 11223344
2. lf search

---
It is still not finished,  will work together with the "lf t55x7 commands" in next step when I figure out the process from the datasheets.
This commit is contained in:
iceman1001 2015-10-20 19:00:02 +02:00
parent b87f99f4bb
commit 9276e859a6
10 changed files with 230 additions and 80 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
CHANGELOG.md
View file

@ -4,10 +4,10 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
## [unreleased][unreleased]
--trying to fix "hf 14b" command to be able to read CALYPSO card. (iceman)
--trying to fix "t55x7" read with password bug. (iceman)
--
### Added
### Added
- `lf t55xx read w` added wake with password then read following stream option to standard t55xx read commands (marshmellow)
- `hf mf eload u` added an ultralight/ntag option. (marshmellow)
- `hf iclass managekeys` to save, load and manage iclass keys. (adjusted most commands to accept a loaded key in memory) (marshmellow)
- `hf iclass readblk` to select, authenticate, and read 1 block from an iclass card (marshmellow)
@ -22,6 +22,10 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
- Added `data hex2bin` and `data bin2hex` for command line conversion between binary and hexadecimal (holiman)
### Changed
- added lf t5xx read with password safety check and warning text
- Adjusted LF FSK demod to account for cross threshold fluctuations (898 count waves will adjust the 9 to 8 now...) more accurate.
- Adjusted timings for t55xx commands. more reliable now.
- `lf cmdread` adjusted input methods and added help text (marshmellow & iceman)
- changed `lf config t <threshold>` to be 0 - 128 and will trigger on + or - threshold value (marshmellow)
- `hf iclass dump` cli options - can now dump AA1 and AA2 with different keys in one run (does not go to muliple pages for the larger tags yet)
- Revised workflow for StandAloneMode14a (Craig Young)
@ -39,7 +43,7 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
### Added
- Add `hf 14b reader` to find and print general info about known 14b tags (marshmellow)
- Add `hf 14b info` to find and print full info about std 14b tags and sri tags (using 14b raw commands in the client) (marshmellow)
- Add `hf 14b info` to find and print info about std 14b tags and sri tags (using 14b raw commands in the client) (marshmellow)
- Add PACE replay functionality (frederikmoellers)
### Fixed

5
armsrc/appmain.c
View file

@ -980,7 +980,7 @@ void UsbPacketReceived(uint8_t *packet, int len)
CopyIndala224toT55x7(c->d.asDwords[0], c->d.asDwords[1], c->d.asDwords[2], c->d.asDwords[3], c->d.asDwords[4], c->d.asDwords[5], c->d.asDwords[6]);
break;
case CMD_T55XX_READ_BLOCK:
T55xxReadBlock(c->arg[1], c->arg[2],c->d.asBytes[0]);
T55xxReadBlock(c->arg[0], c->arg[1], c->arg[2]);
break;
case CMD_T55XX_WRITE_BLOCK:
T55xxWriteBlock(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes[0]);
@ -988,6 +988,9 @@ void UsbPacketReceived(uint8_t *packet, int len)
case CMD_T55XX_READ_TRACE:
T55xxReadTrace();
break;
case CMD_T55XX_WAKEUP:
T55xxWakeUp(c->arg[0]);
break;
case CMD_PCF7931_READ:
ReadPCF7931();
break;

6
armsrc/apps.h
View file

@ -67,9 +67,10 @@ extern uint8_t bits_per_sample ;
extern bool averaging;
void AcquireRawAdcSamples125k(int divisor);
void ModThenAcquireRawAdcSamples125k(int delay_off,int period_0,int period_1,uint8_t *command);
void ModThenAcquireRawAdcSamples125k(uint32_t delay_off, uint32_t period_0, uint32_t period_1, uint8_t *command);
void ReadTItag(void);
void WriteTItag(uint32_t idhi, uint32_t idlo, uint16_t crc);
void AcquireTiType(void);
void AcquireRawBitsTI(void);
void SimulateTagLowFrequency(int period, int gap, int ledcontrol);
@ -88,8 +89,9 @@ void WriteEM410x(uint32_t card, uint32_t id_hi, uint32_t id_lo);
void CopyIndala64toT55x7(int hi, int lo); // Clone Indala 64-bit tag by UID to T55x7
void CopyIndala224toT55x7(int uid1, int uid2, int uid3, int uid4, int uid5, int uid6, int uid7); // Clone Indala 224-bit tag by UID to T55x7
void T55xxWriteBlock(uint32_t Data, uint32_t Block, uint32_t Pwd, uint8_t PwdMode);
void T55xxReadBlock(uint32_t Block, uint32_t Pwd, uint8_t PwdMode );
void T55xxReadBlock(uint16_t arg0, uint8_t Block, uint32_t Pwd);
void T55xxReadTrace(void);
void T55xxWakeUp(uint32_t Pwd);
void TurnReadLFOn();
void EM4xReadWord(uint8_t Address, uint32_t Pwd, uint8_t PwdMode);
void EM4xWriteWord(uint32_t Data, uint8_t Address, uint32_t Pwd, uint8_t PwdMode);

42
armsrc/lfops.c
View file

@ -26,7 +26,7 @@
* @param period_1
* @param command
*/
void ModThenAcquireRawAdcSamples125k(int delay_off, int period_0, int period_1, uint8_t *command)
void ModThenAcquireRawAdcSamples125k(uint32_t delay_off, uint32_t period_0, uint32_t period_1, uint8_t *command)
{
int divisor_used = 95; // 125 KHz
@ -1167,7 +1167,7 @@ void T55xxWriteBlock(uint32_t Data, uint32_t Block, uint32_t Pwd, uint8_t PwdMod
T55xxWriteBit(1);
T55xxWriteBit(0); //Page 0
if (PwdMode == 1){
if (PwdMode){
// Send Pwd
for (i = 0x80000000; i != 0; i >>= 1)
T55xxWriteBit(Pwd & i);
@ -1190,13 +1190,14 @@ void T55xxWriteBlock(uint32_t Data, uint32_t Block, uint32_t Pwd, uint8_t PwdMod
// turn field off
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
cmd_send(CMD_ACK,0,0,0,0,0);
LED_A_OFF();
LED_A_OFF();
LED_B_OFF();
}
// Read one card block in page 0
void T55xxReadBlock(uint32_t Block, uint32_t Pwd, uint8_t PwdMode) {
void T55xxReadBlock(uint16_t arg0, uint8_t Block, uint32_t Pwd) {
LED_A_ON();
uint8_t PwdMode = arg0 & 0xFF;
uint32_t i = 0;
//clear buffer now so it does not interfere with timing later
@ -1208,8 +1209,7 @@ void T55xxReadBlock(uint32_t Block, uint32_t Pwd, uint8_t PwdMode) {
// Set up FPGA, 125kHz
LFSetupFPGAForADC(95, true);
// Trigger T55x7 in mode.
// Trigger T55x7 Direct Access Mode
// Trigger T55x7 Direct Access Mode
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
SpinDelayUs(START_GAP);
@ -1217,11 +1217,12 @@ void T55xxReadBlock(uint32_t Block, uint32_t Pwd, uint8_t PwdMode) {
T55xxWriteBit(1);
T55xxWriteBit(0); //Page 0
if (PwdMode == 1){
if (PwdMode){
// Send Pwd
for (i = 0x80000000; i != 0; i >>= 1)
T55xxWriteBit(Pwd & i);
}
// Send a zero bit separation
T55xxWriteBit(0);
@ -1239,6 +1240,7 @@ void T55xxReadBlock(uint32_t Block, uint32_t Pwd, uint8_t PwdMode) {
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
cmd_send(CMD_ACK,0,0,0,0,0);
LED_A_OFF();
LED_B_OFF();
}
// Read card traceability data (page 1)
@ -1269,6 +1271,30 @@ void T55xxReadTrace(void){
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
cmd_send(CMD_ACK,0,0,0,0,0);
LED_A_OFF();
LED_B_OFF();
}
void T55xxWakeUp(uint32_t Pwd){
LED_B_ON();
uint32_t i = 0;
// Set up FPGA, 125kHz
LFSetupFPGAForADC(95, true);
// Trigger T55x7 Direct Access Mode
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
SpinDelayUs(START_GAP);
// Opcode 10
T55xxWriteBit(1);
T55xxWriteBit(0); //Page 0
// Send Pwd
for (i = 0x80000000; i != 0; i >>= 1)
T55xxWriteBit(Pwd & i);
// Turn field on to read the response
TurnReadLFOn(READ_GAP);
}
/*-------------- Cloning routines -----------*/

9
armsrc/lfsampling.c
View file

@ -266,14 +266,16 @@ void doT55x7Acquisition(void){
if ( bufsize > T55xx_SAMPLES_SIZE )
bufsize = T55xx_SAMPLES_SIZE;
//memset(dest, 0, bufsize);
uint16_t i = 0;
uint16_t nosignal = 0;
bool startFound = false;
bool highFound = false;
uint8_t curSample = 0;
uint8_t firstSample = 0;
for(;;) {
while(!BUTTON_PRESS()) {
WDT_HIT();
if ( nosignal == 0xFFFF ) break;
if (AT91C_BASE_SSC->SSC_SR & AT91C_SSC_TXRDY) {
AT91C_BASE_SSC->SSC_THR = 0x43;
LED_D_ON();
@ -287,6 +289,7 @@ void doT55x7Acquisition(void){
firstSample = curSample;
highFound = true;
} else if (!highFound) {
nosignal++;
continue;
}

63
client/cmdlf.c
View file

@ -36,16 +36,18 @@ static int CmdHelp(const char *Cmd);
int usage_lf_cmdread()
{
PrintAndLog("Usage: lf cmdread <delay off> <zero> <one> <cmdbytes> [H|L]");
PrintAndLog("Usage: lf cmdread d <delay period> z <zero period> o <one period> c <cmdbytes> [H]");
PrintAndLog("Options: ");
PrintAndLog(" h This help");
PrintAndLog(" <delay off> delay offset");
PrintAndLog(" <zero> time period ZERO");
PrintAndLog(" <one> time period ONE");
PrintAndLog(" [H|L] Frequency Low (125 KHz) / High (134 KHz)");
PrintAndLog(" H Freqency High (134 KHz), default is 'Low (125KHz)'");
PrintAndLog(" d <delay> delay OFF period, (dec)");
PrintAndLog(" z <zero> time period ZERO, (dec)");
PrintAndLog(" o <one> time period ONE, (dec)");
PrintAndLog(" c <cmd> Command bytes");
PrintAndLog(" ************* All periods in microseconds (ms)");
PrintAndLog("Examples:");
PrintAndLog(" lf cmdread 80 100 200 11000");
PrintAndLog(" lf cmdread 80 100 100 11000 H");
PrintAndLog(" lf cmdread d 80 z 100 o 200 c 11000");
PrintAndLog(" lf cmdread d 80 z 100 o 100 c 11000 H");
return 0;
}
@ -53,21 +55,38 @@ int usage_lf_cmdread()
int CmdLFCommandRead(const char *Cmd)
{
static char dummy[3] = {0x20,0x00,0x00};
UsbCommand c = {CMD_MOD_THEN_ACQUIRE_RAW_ADC_SAMPLES_125K};
bool errors = FALSE;
uint8_t divisor = 95; //125khz
uint8_t cmdp =0;
while(param_getchar(Cmd, cmdp) != 0x00)
{
uint8_t cmdp = 0;
int strLength = 0;
while(param_getchar(Cmd, cmdp) != 0x00) {
switch(param_getchar(Cmd, cmdp))
{
case 'h':
return usage_lf_cmdread();
case 'H':
divisor = 88;
dummy[1]='h';
cmdp++;
break;
case 'a':
//param_getchar(Cmd, cmdp+1) == '1';
case 'L':
cmdp++;
break;
case 'c':
strLength = param_getstr(Cmd, cmdp+1, (char *)&c.d.asBytes);
cmdp+=2;
break;
case 'd':
c.arg[0] = param_get32ex(Cmd, cmdp+1, 0, 10);
cmdp+=2;
break;
case 'z':
c.arg[1] = param_get32ex(Cmd, cmdp+1, 0, 10);
cmdp+=2;
break;
case 'o':
c.arg[2] = param_get32ex(Cmd, cmdp+1, 0, 10);
cmdp+=2;
break;
default:
@ -78,19 +97,15 @@ int CmdLFCommandRead(const char *Cmd)
if(errors) break;
}
// No args
if(cmdp == 0) errors = 1;
if (cmdp == 0) errors = 1;
//Validations
if(errors) return usage_lf_cmdread();
if (errors) return usage_lf_cmdread();
UsbCommand c = {CMD_MOD_THEN_ACQUIRE_RAW_ADC_SAMPLES_125K};
sscanf(Cmd, "%"lli" %"lli" %"lli" %s %s", &c.arg[0], &c.arg[1], &c.arg[2],(char*)(&c.d.asBytes),(char*)(&dummy+1));
// in case they specified 'h'
strcpy((char *)&c.d.asBytes + strlen((char *)c.d.asBytes), dummy);
// in case they specified 'H'
// added to the end..
strcpy((char *)&c.d.asBytes + strLength, dummy);
PrintAndLog("ICE: %d %s -- %s", strlen((char *)c.d.asBytes) ,dummy, c.d.asBytes);
clearCommandBuffer();
SendCommand(&c);
return 0;
@ -1205,8 +1220,8 @@ int CmdLFfind(const char *Cmd)
static command_t CommandTable[] =
{
{"help", CmdHelp, 1, "This help"},
{"awid", CmdLFAWID, 1, "{ AWID RFIDs... }"},
{"em4x", CmdLFEM4X, 1, "{ EM4X RFIDs... }"},
{"awid", CmdLFAWID, 1, "{ AWID RFIDs... }"},
{"hid", CmdLFHID, 1, "{ HID RFIDs... }"},
{"hitag", CmdLFHitag, 1, "{ HITAG RFIDs... }"},
{"io", CmdLFIO, 1, "{ IOPROX RFIDs... }"},

169
client/cmdlft55xx.c
View file

@ -35,7 +35,7 @@ t55xx_conf_block_t config = { .modulation = DEMOD_ASK, .inverted = FALSE, .offse
int usage_t55xx_config(){
PrintAndLog("Usage: lf t55xx config [d <demodulation>] [i 1] [o <offset>]");
PrintAndLog("Options: ");
PrintAndLog("Options:");
PrintAndLog(" h This help");
PrintAndLog(" b <8|16|32|40|50|64|100|128> Set bitrate");
PrintAndLog(" d <FSK|FSK1|FSK1a|FSK2|FSK2a|ASK|PSK1|PSK2|NRZ|BI|BIa> Set demodulation FSK / ASK / PSK / NRZ / Biphase / Biphase A");
@ -50,30 +50,39 @@ int usage_t55xx_config(){
return 0;
}
int usage_t55xx_read(){
PrintAndLog("Usage: lf t55xx read <block> <password>");
PrintAndLog(" <block>, block number to read. Between 0-7");
PrintAndLog(" <password>, OPTIONAL password (8 hex characters)");
PrintAndLog("Usage: lf t55xx read b <block> p <password> <override_safety> <wakeup>");
PrintAndLog("Options:");
PrintAndLog(" b <block>, block number to read. Between 0-7");
PrintAndLog(" p <password>, OPTIONAL password 4bytes (8 hex symbols)");
PrintAndLog(" o, OPTIONAL override safety check");
PrintAndLog(" w, OPTIONAL wakeup");
PrintAndLog(" ****WARNING****");
PrintAndLog(" Use of read with password on a tag not configured for a pwd");
PrintAndLog(" can damage the tag");
PrintAndLog("");
PrintAndLog("Examples:");
PrintAndLog(" lf t55xx read 0 - read data from block 0");
PrintAndLog(" lf t55xx read 0 feedbeef - read data from block 0 password feedbeef");
PrintAndLog(" lf t55xx read b 0 - read data from block 0");
PrintAndLog(" lf t55xx read b 0 p feedbeef - read data from block 0 password feedbeef");
PrintAndLog(" lf t55xx read b 0 p feedbeef o - read data from block 0 password feedbeef safety check");
PrintAndLog("");
return 0;
}
int usage_t55xx_write(){
PrintAndLog("Usage: lf t55xx wr <block> <data> [password]");
PrintAndLog("Usage: lf t55xx write <block> <data> [password]");
PrintAndLog("Options:");
PrintAndLog(" <block>, block number to write. Between 0-7");
PrintAndLog(" <data>, 4 bytes of data to write (8 hex characters)");
PrintAndLog(" [password], OPTIONAL password 4bytes (8 hex characters)");
PrintAndLog(" <data>, 4 bytes of data to write (8 hex symbols)");
PrintAndLog(" [password], OPTIONAL password 4bytes (8 hex symbols)");
PrintAndLog("");
PrintAndLog("Examples:");
PrintAndLog(" lf t55xx wr 3 11223344 - write 11223344 to block 3");
PrintAndLog(" lf t55xx wr 3 11223344 feedbeef - write 11223344 to block 3 password feedbeef");
PrintAndLog(" lf t55xx write 3 11223344 - write 11223344 to block 3");
PrintAndLog(" lf t55xx write 3 11223344 feedbeef - write 11223344 to block 3 password feedbeef");
PrintAndLog("");
return 0;
}
int usage_t55xx_trace() {
PrintAndLog("Usage: lf t55xx trace [1]");
PrintAndLog("Options:");
PrintAndLog(" [graph buffer data], if set, use Graphbuffer otherwise read data from tag.");
PrintAndLog("");
PrintAndLog("Examples:");
@ -84,6 +93,7 @@ int usage_t55xx_trace() {
}
int usage_t55xx_info() {
PrintAndLog("Usage: lf t55xx info [1]");
PrintAndLog("Options:");
PrintAndLog(" [graph buffer data], if set, use Graphbuffer otherwise read data from tag.");
PrintAndLog("");
PrintAndLog("Examples:");
@ -94,6 +104,7 @@ int usage_t55xx_info() {
}
int usage_t55xx_dump(){
PrintAndLog("Usage: lf t55xx dump <password>");
PrintAndLog("Options:");
PrintAndLog(" <password>, OPTIONAL password 4bytes (8 hex symbols)");
PrintAndLog("");
PrintAndLog("Examples:");
@ -103,7 +114,9 @@ int usage_t55xx_dump(){
return 0;
}
int usage_t55xx_detect(){
PrintAndLog("Usage: lf t55xx detect");
PrintAndLog("Usage: lf t55xx detect [1]");
PrintAndLog("Options:");
PrintAndLog(" [graph buffer data], if set, use Graphbuffer otherwise read data from tag.");
PrintAndLog("");
PrintAndLog("Examples:");
PrintAndLog(" lf t55xx detect");
@ -111,6 +124,17 @@ int usage_t55xx_detect(){
PrintAndLog("");
return 0;
}
int usage_t55xx_wakup(){
PrintAndLog("Usage: lf t55xx wakeup [h] p <password>");
PrintAndLog("This commands send the Answer-On-Request command and leaves the readerfield ON afterwards.");
PrintAndLog("Options:");
PrintAndLog(" h - this help");
PrintAndLog(" p <password> - password 4bytes (8 hex symbols)");
PrintAndLog("");
PrintAndLog("Examples:");
PrintAndLog(" lf t55xx wakeup p 11223344 - send wakeup password");
return 0;
}
static int CmdHelp(const char *Cmd);
@ -216,39 +240,72 @@ int CmdT55xxSetConfig(const char *Cmd) {
}
int CmdT55xxReadBlock(const char *Cmd) {
int block = -1;
int password = 0xFFFFFFFF; //default to blank Block 7
char cmdp = param_getchar(Cmd, 0);
if (cmdp == 'h' || cmdp == 'H') return usage_t55xx_read();
int res = sscanf(Cmd, "%d %x", &block, &password);
if ( res < 1 || res > 2 ) return usage_t55xx_read();
if ((block < 0) | (block > 7)) {
uint8_t block = 255;
uint8_t wake = 0;
uint8_t usepwd = 0;
uint32_t password = 0xFFFFFFFF; //default to blank Block 7
uint8_t override = 0;
uint8_t cmdp = 0;
bool errors = false;
while(param_getchar(Cmd, cmdp) != 0x00 && !errors) {
switch(param_getchar(Cmd, cmdp)) {
case 'h':
case 'H':
return usage_t55xx_read();
case 'b':
case 'B':
errors |= param_getdec(Cmd, cmdp+1, &block);
cmdp+=2;
break;
case 'o':
case 'O':
override = 1;
cmdp++;
break;
case 'p':
case 'P':
password = param_get32ex(Cmd, cmdp+1, 0, 10);
usepwd = 1;
cmdp+=2;
break;
case 'w':
case 'W':
wake = 1;
cmdp++;
break;
default:
PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
errors = true;
break;
}
}
if (errors) return usage_t55xx_read();
if (wake && !usepwd) {
PrintAndLog("Wake command must use a pwd");
return 1;
}
if ((block > 7) && !wake) {
PrintAndLog("Block must be between 0 and 7");
return 1;
}
UsbCommand c = {CMD_T55XX_READ_BLOCK, {0, block, 0}};
c.d.asBytes[0] = 0x0;
UsbCommand c = {CMD_T55XX_READ_BLOCK, {0, block, password}};
//Password mode
if ( res == 2 ) {
if ( usepwd || wake ) {
// try reading the config block and verify that PWD bit is set before doing this!
AquireData( CONFIGURATION_BLOCK );
if ( !tryDetectModulation() ) {
PrintAndLog("Could not detect is PWD bit is set in config block. Exits.");
return 1;
}
//if PWD bit is set, allow to execute read command with password.
if (( config.block0 & T55x7_PWD ) == 1) {
c.arg[2] = password;
c.d.asBytes[0] = 0x1;
} else {
PrintAndLog("PWD bit is NOT set in config block. Reading without password...");
if ( wake || override ) {
c.arg[0] = (wake<<8) & usepwd;
if ( !wake && override )
PrintAndLog("Safety Check Overriden - proceeding despite risk");
} else {
AquireData( CONFIGURATION_BLOCK );
if ( !tryDetectModulation() ) {
PrintAndLog("Safety Check: Could not detect if PWD bit is set in config block. Exits.");
return 1;
} else {
PrintAndLog("Safety Check: PWD bit is NOT set in config block. Reading without password...");
}
}
}
@ -266,7 +323,11 @@ int CmdT55xxReadBlock(const char *Cmd) {
//DemodBufferLen=0;
if (!DecodeT55xxBlock()) return 3;
char blk[10]={0};
if ( wake ) {
sprintf(blk,"wake");
} else {
sprintf(blk,"%d", block);
}
printT55xxBlock(blk);
return 0;
}
@ -1074,6 +1135,36 @@ void t55x7_create_config_block( int tagtype ){
}
int CmdT55xxWakeUp(const char *Cmd) {
uint32_t password = 0xFFFFFFFF; //default to blank Block 7
uint8_t cmdp = 0;
bool errors = false;
while(param_getchar(Cmd, cmdp) != 0x00 && !errors) {
switch(param_getchar(Cmd, cmdp)) {
case 'h':
case 'H':
return usage_t55xx_wakup();
case 'p':
case 'P':
password = param_get32ex(Cmd, cmdp+1, 0, 10);
cmdp+=2;
break;
default:
PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
errors = true;
break;
}
}
if (errors) return usage_t55xx_wakup();
UsbCommand c = {CMD_T55XX_WAKEUP, {password, 0, 0}};
clearCommandBuffer();
SendCommand(&c);
PrintAndLog("Wake up command sent. Try read now");
return 0;
}
/*
uint32_t PackBits(uint8_t start, uint8_t len, uint8_t* bits){
@ -1100,6 +1191,8 @@ static command_t CommandTable[] =
{"info", CmdT55xxInfo, 0, "[1] Show T55xx configuration data (page 0/ blk 0)"},
{"dump", CmdT55xxDump, 0, "[password] Dump T55xx card block 0-7. [optional password]"},
{"special", special, 0, "Show block changes with 64 different offsets"},
{"wakeup", CmdT55xxWakeUp, 0, "Send AOR wakeup command"},
{NULL, NULL, 0, NULL}
};

3
client/hid-flasher/usb_cmd.h
View file

@ -86,6 +86,8 @@ typedef struct{
#define CMD_T55XX_READ_BLOCK 0x0214
#define CMD_T55XX_WRITE_BLOCK 0x0215
#define CMD_T55XX_READ_TRACE 0x0216
#define CMD_T55XX_WAKEUP 0x0224
#define CMD_PCF7931_READ 0x0217
#define CMD_PCF7931_WRITE 0x0223
#define CMD_EM4X_READ_WORD 0x0218
@ -101,6 +103,7 @@ typedef struct{
#define CMD_AWID_DEMOD_FSK 0x0221
#define CMD_VIKING_CLONE_TAG 0x0222
/* CMD_SET_ADC_MUX: ext1 is 0 for lopkd, 1 for loraw, 2 for hipkd, 3 for hiraw */
// For the 13.56 MHz tags

1
client/lualibs/commands.lua
View file

@ -58,6 +58,7 @@ local _commands = {
CMD_PSK_SIM_TAG = 0x0220,
CMD_AWID_DEMOD_FSK = 0x0221,
CMD_VIKING_CLONE_TAG = 0x0222,
CMD_T55XX_WAKEUP = 0x0224,
--/* CMD_SET_ADC_MUX: ext1 is 0 for lopkd, 1 for loraw, 2 for hipkd, 3 for hiraw */

2
include/usb_cmd.h
View file

@ -100,7 +100,7 @@ typedef struct{
#define CMD_PSK_SIM_TAG 0x0220
#define CMD_AWID_DEMOD_FSK 0x0221
#define CMD_VIKING_CLONE_TAG 0x0222
#define CMD_T55XX_WAKEUP 0x0224
/* CMD_SET_ADC_MUX: ext1 is 0 for lopkd, 1 for loraw, 2 for hipkd, 3 for hiraw */