From f02a02cb14c60e754a2f746a1fc8f2947bb1de4d Mon Sep 17 00:00:00 2001 From: netvader <5840601+netvader@users.noreply.github.com> Date: Fri, 9 Aug 2019 16:55:33 +0200 Subject: [PATCH 01/37] Update bt_manual_v10.md I've tried to write a blueshark tutorial for android, I hope that's fine? --- doc/bt_manual_v10.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/doc/bt_manual_v10.md b/doc/bt_manual_v10.md index 1cc8d3690..5f140976f 100644 --- a/doc/bt_manual_v10.md +++ b/doc/bt_manual_v10.md @@ -193,7 +193,17 @@ After reboot you can go ahead to pairing your Proxmark3 RDV4 Blue Shark: ```sh ./proxmark /dev/tty.PM3_RDV40-DevB ``` +#### Android +#### (2) Fast connection using dedicated Bluetooth (HC-06 Master + CP2102) adapter under Android with Termux + + 1. Make sure you already followed this tutorial https://github.com/RfidResearchGroup/proxmark3/blob/master/doc/termux_notes.md#setup and have Termux with an running Proxmark3 client ready. You need additional the `cp210x` serial usb driver enabled and working, like the `USB_ACM` driver to communicate wireless. + 2. Insert the Bluetooth adapter with an fitting USB-C/Micro-USB converter into your Android USB port and a serial port `/dev/ttyUSB0` will be created. To see if it's working, run `tsudo ls /dev/ttyU*` and it should list `/dev/ttyUSB0`. + 3. The adapter will search automatically and establish the connection to BlueShark. The adapter will remember the device that was first connected and after that the same device will be connected. After the connection is established, the blue state LED on add-on will turn on solid. + 4. If you see this, congratulations, you can run your Proxmark3 client in Termux with `tsudo proxmark3/client/proxmark3 /dev/ttyUSB0` + +##### Notes +If you bought your Bluetooth adapter somewhere else, make sure to set the baud rate to 115200 `AT+BAUD8` and PIN `AT+PIN1234` correctly ### 6. OTHER NOTES From cb39be8c47e1d391a74a259aee97bbee3dd0a6a4 Mon Sep 17 00:00:00 2001 From: "Colin J. Brigato" Date: Mon, 12 Aug 2019 12:39:16 +0200 Subject: [PATCH 02/37] Fixes Compilation on OSX --- client/comms.c | 1 + 1 file changed, 1 insertion(+) diff --git a/client/comms.c b/client/comms.c index d42bd09fb..8d2c8f733 100644 --- a/client/comms.c +++ b/client/comms.c @@ -19,6 +19,7 @@ #include "ui.h" #include "crc16.h" #include "util_posix.h" // msclock +#include "util_darwin.h" // en/dis-ableNapp(); //#define COMMS_DEBUG //#define COMMS_DEBUG_RAW From 01ce580e7b535ae3c5da1f656c4a0d5aa5639123 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Mon, 12 Aug 2019 18:58:16 +0200 Subject: [PATCH 03/37] make btpin & btfactory accessible in BTADDON builds --- client/cmdmain.c | 2 +- client/cmdparser.c | 5 +++++ client/cmdparser.h | 1 + 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/client/cmdmain.c b/client/cmdmain.c index 618f04c73..eba34b2ca 100644 --- a/client/cmdmain.c +++ b/client/cmdmain.c @@ -102,7 +102,7 @@ static command_t CommandTable[] = { {"sc", CmdSmartcard, IfPm3Smartcard, "{ Smart card ISO7816 commands... }"}, {"script", CmdScript, AlwaysAvailable, "{ Scripting commands }"}, {"trace", CmdTrace, AlwaysAvailable, "{ Trace manipulation... }"}, - {"usart", CmdUsart, IfPm3FpcUsartDevFromUsb, "{ USART commands... }"}, + {"usart", CmdUsart, IfPm3FpcUsartFromUsb, "{ USART commands... }"}, {"quit", CmdQuit, AlwaysAvailable, ""}, {"exit", CmdQuit, AlwaysAvailable, "Exit program"}, {NULL, NULL, NULL, NULL} diff --git a/client/cmdparser.c b/client/cmdparser.c index d9ece2310..768941e10 100644 --- a/client/cmdparser.c +++ b/client/cmdparser.c @@ -72,6 +72,11 @@ bool IfPm3FpcUsartDevFromUsb(void) { return !conn.send_via_fpc_usart; } +bool IfPm3FpcUsartFromUsb(void) { + // true if FPC USART Host or developer support and if talking from USB-CDC interface + return IfPm3FpcUsartHostFromUsb() || IfPm3FpcUsartDevFromUsb(); +} + bool IfPm3Lf(void) { if (!IfPm3Present()) return false; diff --git a/client/cmdparser.h b/client/cmdparser.h index 284142780..b98aef9d4 100644 --- a/client/cmdparser.h +++ b/client/cmdparser.h @@ -30,6 +30,7 @@ bool IfPm3FpcUsart(void); bool IfPm3FpcUsartHost(void); bool IfPm3FpcUsartHostFromUsb(void); bool IfPm3FpcUsartDevFromUsb(void); +bool IfPm3FpcUsartFromUsb(void); bool IfPm3Lf(void); bool IfPm3Hitag(void); bool IfPm3Hfsniff(void); From ce76d34fa763a446a0a46389df9d0a6e18f051b7 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Mon, 12 Aug 2019 16:24:33 -0400 Subject: [PATCH 04/37] add: cheatsheet (@scund00r) --- doc/cheatsheet.md | 227 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 227 insertions(+) create mode 100644 doc/cheatsheet.md diff --git a/doc/cheatsheet.md b/doc/cheatsheet.md new file mode 100644 index 000000000..30dfa5b6b --- /dev/null +++ b/doc/cheatsheet.md @@ -0,0 +1,227 @@ +# Cheatsheet + +## Generic + +Identify High Frequency cards +``` +pm3 --> hf search +``` + +Identify Low Frequency cards +``` +pm3 --> lf search +``` + +Measure antenna characteristics, LF/HF voltage should be around 20-45+ V +``` +pm3 --> hw tune +``` + +Check versioning +``` +pm3 --> hw version +``` + +## iClass + +Reverse permute iClass master key +``` +Options +--- +r reverse permuted key + +pm3 --> hf iclass permute r 3F90EBF0910F7B6F +``` + +iClass Reader +``` +pm3 --> hf iclass reader +``` + +Dump iClass card contents +``` +Options +--- +k : *Access Key as 16 hex symbols or 1 hex to select key from memory + +pm3 --> hf iclass dump k AFA785A7DAB33378 +``` + +Read iClass Block +``` +Options +--- +b : The block number as 2 hex symbols +k : Access Key as 16 hex symbols or 1 hex to select key from memory + +pm3 --> hf iclass readblk b 7 k AFA785A7DAB33378 +``` + +Write to iClass Block +``` +Options +--- +b : The block number as 2 hex symbols +d : Set the Data to write as 16 hex symbols +k : Access Key as 16 hex symbols or 1 hex to select key from memory + +pm3 --> hf iclass writeblk b 07 d 6ce099fe7e614fd0 k AFA785A7DAB33378 +``` + +Print keystore +``` +Options +--- +p : print keys loaded into memory + +pm3 --> hf iclass managekeys p +``` + +Add key to keystore [0-7] +``` +Options +--- +n : specify the keyNbr to set in memory +k : set a key in memory + +pm3 --> hf iclass managekeys n 0 k AFA785A7DAB33378 +``` + +Encrypt iClass Block +``` +pm3 --> hf iclass encryptblk 0000000f2aa3dba8 +``` + +Load iClass dump into memory for simulation +``` +Options +--- +f : load iclass tag-dump filename + +pm3 --> hf iclass eload f iclass_tagdump-db883702f8ff12e0.bin +``` + +Simulate iClass +``` +Options +--- +0 simulate the given CSN +1 simulate default CSN +3 Full simulation using emulator memory (see 'hf iclass eload') + +pm3 --> hf iclass sim 3 +``` + +Clone iClass Legacy Sequence +``` +pm3 --> hf iclass readblk b 7 k AFA785A7DAB33378 +pm3 --> hf iclass writeblk b 07 d 6ce099fe7e614fd0 k AFA785A7DAB33378 +``` + +Simulate iClass Sequence +``` +pm3 --> hf iclass dump k AFA785A7DAB33378 +pm3 --> hf iclass eload f iclass_tagdump-db883702f8ff12e0.bin +pm3 --> hf iclass sim 3 +``` + +Extract custom iClass key (loclass attack) +``` +Options +--- +f : specify a filename to clone from +k : Access Key as 16 hex symbols or 1 hex to select key from memory +e : If 'e' is specified, elite computations applied to key + +pm3 --> hf iclass sim 2 +pm3 --> hf iclass loclass f iclass_mac_attack.bin +pm3 --> hf iclass dump k e +``` + +## Mifare + +Check for default keys +``` +Options +--- +<*card memory> [t|d|s|ss] +* - all sectors +card memory - 0 - MINI(320 bytes), 1 - 1K, 2 - 2K, 4 - 4K +d - write keys to binary file + +pm3 --> hf mf chk *1 ? d default_keys.dic +``` + +Dump Mifare card contents +``` +Options +--- +: 0 = 320 bytes (Mifare Mini), 1 = 1K (default), 2 = 2K, 4 = 4K +k : key filename, if no given, UID will be used as filename" +f : data filename, if no given, UID will be used as filename + +pm3 --> hf mf dump 1 +pm3 --> hf mf dump 1 k hf-mf-A29558E4-key.bin f hf-mf-A29558E4-data.bin +``` + +Convert .bin to .eml +``` +Options +--- +i ????????????? + +pm3 --> script run dumptoemul -i dumpdata.bin +``` + +Write to Mifare block +``` +Options +--- + + +pm3 --> hf mf wrbl 0 A FFFFFFFFFFFF d3a2859f6b880400c801002000000016 +``` + +Run Hardnested attack +``` +Options +--- + [known target key (12 hex symbols)] [w] [s] +w : Acquire nonces and write them to binary file nonces.bin + +pm3 --> hf mf hardnested 0 A 8829da9daf76 0 A w +``` + +Load Mifare emul dump file into memory for simulation +``` +Options +--- + +[card memory]: 0 = 320 bytes (Mifare Mini), 1 = 1K (default), 2 = 2K, 4 = 4K, u = UL + +pm3 --> hf mf eload 353C2AA6 +pm3 --> hf mf eload 1 353C2AA6 +``` + +Simulate Mifare +``` +u : (Optional) UID 4,7 or 10 bytes. If not specified, the UID 4B from emulator memory will be used + +pm3 --> hf mf sim u 353c2aa6 +``` + +Simulate Mifare Sequence +``` +pm3 --> hf mf chk *1 ? d default_keys.dic +pm3 --> hf mf dump 1 +pm3 --> script run dumptoemul -i dumpdata.bin +pm3 --> hf mf eload 353C2AA6 +pm3 --> hf mf sim u 353c2aa6 +``` + +Clone Mifare 1K Sequence +``` +pm3 --> hf mf chk *1 ? d default_keys.dic +pm3 --> hf mf dump +pm3 --> hf mf restore 1 u 4A6CE843 k hf-mf-A29558E4-key.bin f hf-mf-A29558E4-data.bin +``` From 0cd8dbb10acb0ed752d6128c8ddd2bfbc32fb600 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Mon, 12 Aug 2019 16:30:43 -0400 Subject: [PATCH 05/37] textual --- CHANGELOG.md | 5 +++++ README.md | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 90f193bd7..a6aab7919 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,11 @@ All notable changes to this project will be documented in this file. This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... ## [unreleased][unreleased] + - Add cheat sheet for easy operations of the Proxmark3 (scund00r) + - Chg commands are now in green in the helptext list (@iceman1001) + - Fix 'script run ndefdump' - better exit messages when failing (@iceman1001) + - Fix 'hf iclass dump' - now also saves in EML format (@iceman1001) + - Fix 'hf iclass sim 3' - now works on legacy readers and legacy SE readers (@iceman1001) - Rework hitag2 read/write help (@ViRb3) - Add 'lf nedap' - encoding / decoding (anon) - Add client option `-i` to stay in interactive mode after a script or command (@DidierStevens/@doegox) diff --git a/README.md b/README.md index 50813868e..1af5d2157 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ Note that it also supports other Proxmark3 platforms as well! |[Why didn't you base it on official PM3 Master?](#why-didnt-you-base-it-on-official-pm3-master)| [Homebrew (Mac OS X) & Upgrading HomeBrew Tap Formula](/doc/md/Installation_Instructions/Mac-OS-X-Homebrew-Installation-Instructions.md) | [First Use and Verification](/doc/md/Use_of_Proxmark/2_Configuration-and-Verification.md)| |[PM3 GUI](#pm3-gui)|[Setup and build for Windows](/doc/md/Installation_Instructions/Windows-Installation-Instructions.md)|[Commands & Features](/doc/md/Use_of_Proxmark/3_Commands-and-Features.md)| |[Issues](#issues)|[Blue shark manual](/doc/bt_manual_v10.md) |[Advanced compilation parameters](/doc/md/Use_of_Proxmark/4_Advanced-compilation-parameters.md)| -|[Notes on UART](/doc/uart_notes.md)||| +|[Notes on UART](/doc/uart_notes.md)||[Command Cheat sheet](/doc/cheatsheet.md)| |[Notes on Frame format](/doc/new_frame_format.md)||| |[Notes on external flash](/doc/ext_flash_notes.md)||| |[Notes on Termux / Android](/doc/termux_notes.md)||| From d4f2edef43dd9a7805058c2512e05f04a1d38627 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Mon, 12 Aug 2019 16:31:27 -0400 Subject: [PATCH 06/37] follow status pattern --- proxmark3.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/proxmark3.sh b/proxmark3.sh index 4cd6d76bc..07d2a27d5 100755 --- a/proxmark3.sh +++ b/proxmark3.sh @@ -7,7 +7,7 @@ PM3PATH=$(dirname "$0") cd "$PM3PATH" || exit 1 function wait4proxmark_Linux { - echo >&2 "Waiting for Proxmark to appear..." + echo >&2 "[=] Waiting for Proxmark to appear..." while true; do PM3=$(find /dev/pm3-* /dev/ttyACM* 2>/dev/null | head -1) if [[ $PM3 != "" ]]; then @@ -19,7 +19,7 @@ function wait4proxmark_Linux { } function wait4proxmark_macOS { - echo >&2 "Waiting for Proxmark to appear..." + echo >&2 "[=] Waiting for Proxmark to appear..." while true; do PM3=$(find /dev/pm3-* /dev/cu.usbmodem* 2>/dev/null | head -1) if [[ $PM3 != "" ]]; then @@ -31,7 +31,7 @@ function wait4proxmark_macOS { } function wait4proxmark_Windows { - echo >&2 "Waiting for Proxmark to appear..." + echo >&2 "[=] Waiting for Proxmark to appear..." while true; do device=$(wmic path Win32_SerialPort where "PNPDeviceID like '%VID_9AC4&PID_4B8F%'" get DeviceID,PNPDeviceID 2>/dev/null | awk 'NR==2') if [[ $device != "" ]]; then @@ -44,7 +44,7 @@ function wait4proxmark_Windows { } function wait4proxmark_WSL { - echo >&2 "Waiting for Proxmark to appear..." + echo >&2 "[=] Waiting for Proxmark to appear..." while true; do device=$(wmic.exe path Win32_SerialPort where "PNPDeviceID like '%VID_9AC4&PID_4B8F%'" get DeviceID,PNPDeviceID 2>/dev/null | awk 'NR==2') if [[ $device != "" ]]; then @@ -55,7 +55,7 @@ function wait4proxmark_WSL { sleep .1 done if [ -e "$PM3" ] && [ ! -w "$PM3" ]; then - echo "We need to give current user read/write access to $PM3" + echo "[!!] We need to give current user read/write access to $PM3" sudo chmod 666 "$PM3" fi echo "$PM3" @@ -72,7 +72,7 @@ elif [ "$SCRIPT" = "flash-fullimage.sh" ]; then elif [ "$SCRIPT" = "flash-bootrom.sh" ]; then CMD() { client/flasher "$1" -b "$BOOTIMAGE"; } else - echo "Script ran under unknown name, abort: $SCRIPT" + echo "[!!] Script ran under unknown name, abort: $SCRIPT" exit 1 fi HOSTOS=$(uname | awk '{print toupper($0)}') @@ -87,11 +87,11 @@ elif [ "$HOSTOS" = "DARWIN" ]; then elif [[ "$HOSTOS" =~ MINGW(32|64)_NT* ]]; then PORT=$(wait4proxmark_Windows) else - echo "Host OS not recognized, abort: $HOSTOS" + echo "[!!] Host OS not recognized, abort: $HOSTOS" exit 1 fi if [ "$PORT" = "" ]; then - echo "No port, abort" + echo "[!!] No port, abort" exit 1 fi From bbc324f9fe467220378cfa380285f33ded0c5c7f Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Mon, 12 Aug 2019 16:31:57 -0400 Subject: [PATCH 07/37] follow status pattern --- client/flash.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/client/flash.c b/client/flash.c index ca2f012bb..84e1d687b 100644 --- a/client/flash.c +++ b/client/flash.c @@ -448,7 +448,7 @@ int flash_start_flashing(int enable_bl_writes, char *serial_port_name, uint32_t int mem_avail = chipid_to_mem_avail(chipinfo); if (mem_avail != 0) { - PrintAndLogEx(NORMAL, "Available memory on this board: "_YELLOW_("%uK") "bytes\n", mem_avail); + PrintAndLogEx(INFO, "Available memory on this board: "_YELLOW_("%uK") "bytes\n", mem_avail); if (mem_avail > 256) { if (BL_VERSION_MAJOR(version) < BL_VERSION_MAJOR(BL_VERSION_1_0_0)) { PrintAndLogEx(ERR, _RED_("====================== OBS ! ======================")); @@ -460,7 +460,7 @@ int flash_start_flashing(int enable_bl_writes, char *serial_port_name, uint32_t } } } else { - PrintAndLogEx(NORMAL, "Available memory on this board: "_RED_("UNKNOWN")"\n"); + PrintAndLogEx(INFO, "Available memory on this board: "_RED_("UNKNOWN")"\n"); PrintAndLogEx(ERR, _RED_("====================== OBS ! ======================================")); PrintAndLogEx(ERR, _RED_("Note: Your bootloader does not understand the new " _YELLOW_("CHIP_INFO") _RED_("command"))); flash_suggest_update_bootloader(); From de1093d5d911d8cb4951e70ad129178c3d76fc43 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Mon, 12 Aug 2019 16:32:27 -0400 Subject: [PATCH 08/37] textual --- client/cmdlfnedap.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/client/cmdlfnedap.c b/client/cmdlfnedap.c index b7f9891a5..3a4ebd131 100644 --- a/client/cmdlfnedap.c +++ b/client/cmdlfnedap.c @@ -411,11 +411,11 @@ static int CmdLfNedapGen(const char *Cmd) { } PrintAndLogEx(SUCCESS, - "Tag (%s) ; subtype : %1u , customer : %03x , ID : %05u" - , isLong ? "long (128b)" : "short (64b)" + "Tag - subtype: %1u , customer code: %03x , ID: %05u | %s" , subType , customerCode , id + , isLong ? "(128b)" : "(64b)" ); NedapGen(subType, customerCode, id, isLong, data); @@ -467,7 +467,7 @@ int CmdLFNedapClone(const char *Cmd) { } PrintAndLogEx(SUCCESS, "Preparing to clone NEDAP to T55x7"); - print_blocks(blocks, 5); + print_blocks(blocks, max); PacketResponseNG resp; @@ -491,9 +491,9 @@ int CmdLFNedapClone(const char *Cmd) { return PM3_ETIMEOUT; } } - // TODO info correct? - PrintAndLogEx(INFO, "The block 0 was changed (eXtended) which can be hard to detect. Configure it manually with"); - PrintAndLogEx(INFO, _YELLOW_("`lf t55xx config b 64 d BI i 1 o 32`")); + PrintAndLogEx(NORMAL, "\n"); + PrintAndLogEx(INFO, "The block 0 was changed (eXtended) which can be hard to detect."); + PrintAndLogEx(INFO, " Configure it manually " _YELLOW_("`lf t55xx config b 64 d BI i 1 o 32`")); return PM3_SUCCESS; } From 5acc77bc9556b807fae016326a19e2587020bfd7 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Mon, 12 Aug 2019 16:33:27 -0400 Subject: [PATCH 09/37] chg: mem spiffs info - text output --- armsrc/spiffs.c | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/armsrc/spiffs.c b/armsrc/spiffs.c index de6e9e226..df827b4e3 100644 --- a/armsrc/spiffs.c +++ b/armsrc/spiffs.c @@ -533,16 +533,21 @@ void rdv40_spiffs_safe_print_fsinfo() { rdv40_spiffs_fsinfo fsinfo; rdv40_spiffs_getfsinfo(&fsinfo, RDV40_SPIFFS_SAFETY_SAFE); DbpString(_BLUE_("Flash Memory FileSystem Info (SPIFFS)")); - Dbprintf("-------------------------------------"); - Dbprintf("* Filesystem Logical Block Size.........%d bytes", fsinfo.blockSize); - Dbprintf("* Filesystem Logical Page Size..........%d bytes", fsinfo.pageSize); - Dbprintf("--"); - Dbprintf("* Filesystem Max Open Files.............%d file descriptors", fsinfo.maxOpenFiles); - Dbprintf("* Filesystem Max Path Length............%d chars", fsinfo.maxPathLength); - Dbprintf("--"); - Dbprintf("Filesystem\tSize\tUsed\tAvailable\tUse%\tMounted on"); - Dbprintf("spiffs\t%dB\t%dB\t%dB\t\t%d%\t/", fsinfo.totalBytes, fsinfo.usedBytes, fsinfo.freeBytes, - fsinfo.usedPercent); +// Dbprintf("-------------------------------------"); + Dbprintf(" Logical Block Size........." _YELLOW_("%d")"bytes", fsinfo.blockSize); + Dbprintf(" Logical Page Size.........." _YELLOW_("%d")"bytes", fsinfo.pageSize); + Dbprintf(""); + Dbprintf(" Max Open Files............." _YELLOW_("%d")"file descriptors", fsinfo.maxOpenFiles); + Dbprintf(" Max Path Length............" _YELLOW_("%d")"chars", fsinfo.maxPathLength); +// DbpString(_BLUE_("Details")); + DbpString(""); + Dbprintf(" Filesystem\tSize\tUsed\tAvailable\tUse%\tMounted on"); + Dbprintf(" spiffs \t%d B\t%d B\t%d B\t\t"_YELLOW_("%d%")"\t/" + , fsinfo.totalBytes + , fsinfo.usedBytes + , fsinfo.freeBytes + , fsinfo.usedPercent + ); } // this function is safe and WILL rollback since it is only a PRINTING function, From 3fa7992940015bf8b61fa0ba76c2774c60052226 Mon Sep 17 00:00:00 2001 From: Alex Dib Date: Tue, 13 Aug 2019 18:48:56 +1000 Subject: [PATCH 10/37] Updated Cheatsheet --- doc/cheatsheet.md | 228 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 228 insertions(+) diff --git a/doc/cheatsheet.md b/doc/cheatsheet.md index 30dfa5b6b..8770b7551 100644 --- a/doc/cheatsheet.md +++ b/doc/cheatsheet.md @@ -138,6 +138,19 @@ pm3 --> hf iclass loclass f iclass_mac_attack.bin pm3 --> hf iclass dump k e ``` +Verify custom iClass key +``` +Options +--- +f : Dictionary file with default iclass keys +u : CSN +p : EPURSE +m : macs +e : elite + +pm3 --> hf iclass lookup u 010a0ffff7ff12e0 p feffffffffffffff m 66348979153c41b9 f default_iclass_keys.dic e +``` + ## Mifare Check for default keys @@ -225,3 +238,218 @@ pm3 --> hf mf chk *1 ? d default_keys.dic pm3 --> hf mf dump pm3 --> hf mf restore 1 u 4A6CE843 k hf-mf-A29558E4-key.bin f hf-mf-A29558E4-data.bin ``` + +## HID Prox + +Read HID Prox card +``` +pm3 --> lf hid read +``` + +Demodulate HID Prox card +``` +pm3 --> lf hid demod +``` + +Convert Site & Facility code to Wiegand +``` +Options +--- + +OEM : OEM number / site code +FC : facility code +CN : card number + +pm3 --> lf hid wiegand 0 56 150 +``` + +Simulate Prox card +``` + +pm3 --> lf hid sim 200670012d +``` + +Clone Prox to T5577 card +``` +pm3 --> lf hid clone 200670012d +``` + +Brute force HID reader +``` +Options +--- +a : 26|33|34|35|37|40|44|84"); +f : 8-bit value HID facility code"); +c : (optional) cardnumber to start with, max 65535"); +d : delay betweens attempts in ms. Default 1000ms"); +v : verbose logging, show all tries"); + +pm3 --> lf hid brute a 26 f 224 +pm3 --> lf hid brute v a 26 f 21 c 200 d 2000 +``` + +## Indala + +Read Indala card +``` +pm3 --> lf indala read +``` + +Demodulate Indala card +``` +pm3 --> lf indala demod +``` + +Simulate Indala card +``` +Options +--- + : 64/224 UID + +pm3 --> lf indala sim a0000000c2c436c1 +``` + +Clone to T55x7 card +``` +Options +--- + : 64/224 UID + +pm3 --> lf indala clone a0000000c2c436c1 +``` + +## Hitag + +Read Hitag information +``` +pm3 --> lf hitag info +``` + +Act as Hitag reader +``` +Options +--- +HitagS: +01 : Read all pages, challenge mode +02 : Read all pages, crypto mode. Set key=0 for no auth + +Hitag2: +21 : Read all pages, password mode. Default: 4D494B52 (\"MIKR\") +22 : Read all pages, challenge mode +23 : Read all pages, crypto mode. Key format: ISK high + ISK low. Default: 4F4E4D494B52 ("ONMIKR") +25 : Test recorded authentications +26 : Just read UID + +pm3 --> lf hitag 26 +pm3 --> lf hitag 21 4D494B52 +``` + +Sniff Hitag traffic +``` +pm3 --> lf hitag sniff +pm3 --> lf hitag list +``` + +Simulate Hitag +``` +pm3 --> lf hitag sim c378181c_a8f7.ht2 +``` + +Write to Hitag block +``` +Options +--- +HitagS: +03 : Write page, challenge mode +04 : Write page, crypto mode. Set key=0 for no auth + +Hitag2: +24 : Write page, crypto mode. Key format: ISK high + ISK low. +27 : Write page, password mode. Default: 4D494B52 ("MIKR") + +pm3 --> lf hitag writer 24 499602D2 1 00000000 +``` + +Simulate Hitag2 sequence +``` +pm3 --> lf hitag reader 21 56713368 +pm3 --> lf hitag sim c378181c_a8f7.ht2 +``` + +## T55XX + +Detect T55XX card +``` +pm3 --> lf t55xx detect +``` + +Configure demodulation +``` +Options +--- + : Set demodulation +EM is ASK +HID Prox is FSK +Indala is PSK + +pm3 --> lf t55xx config FSK +``` + +Write to T55xx block +``` +b : block number to write. Between 0-7 +d : 4 bytes of data to write (8 hex characters) + +pm3 --> lf t55xx wr b 0 d 00081040 +``` + +Wipe a T55xx tag and set defaults +``` +lf t55xx wipe +``` + +## Data + +Get raw samples [512-40000] +``` +data samples +``` + +Save samples to file +``` +data save +``` + +Load samples from file +``` +data load +``` + +## Lua Scripts + +List Lua Scripts + +``` +script list +``` + +Convert .bin to .eml +``` +Options +--- +i : Specifies the dump-file (input). If omitted, 'dumpdata.bin' is used + +script run dumptoemul -i xxxxxxxxxxxxxx.bin +``` + +Format Mifare card +``` +Options +--- +k : the current six byte key with write access +n : the new key that will be written to the card +a : the new access bytes that will be written to the card +x : execute the commands aswell. + +script run formatMifare -k FFFFFFFFFFFF -n FFFFFFFFFFFF -x +``` From 91db687bfe05651c23a7b7a08a6ec6f091d6a1b8 Mon Sep 17 00:00:00 2001 From: Iceman Date: Tue, 13 Aug 2019 15:58:37 +0200 Subject: [PATCH 11/37] Update cheatsheet.md --- doc/cheatsheet.md | 29 ++++++++++++++++++++--------- 1 file changed, 20 insertions(+), 9 deletions(-) diff --git a/doc/cheatsheet.md b/doc/cheatsheet.md index 8770b7551..65f2d3d79 100644 --- a/doc/cheatsheet.md +++ b/doc/cheatsheet.md @@ -1,6 +1,17 @@ # Cheatsheet -## Generic +[Generic](#generic-id) +[iClass](#iclass-id) +[Mifare](#mifare-id) +[HID Prox](#prox-id) +[Indala](#indala-id) +[Hitag](#hitag-id) +[T55XX](#t55xx-id) +[Data](#data-id) +[Lua Scripts](#lua-id) + + +## Generic {#generic-id} Identify High Frequency cards ``` @@ -22,7 +33,7 @@ Check versioning pm3 --> hw version ``` -## iClass +## iClass {#iclass-id} Reverse permute iClass master key ``` @@ -151,7 +162,7 @@ e : elite pm3 --> hf iclass lookup u 010a0ffff7ff12e0 p feffffffffffffff m 66348979153c41b9 f default_iclass_keys.dic e ``` -## Mifare +## Mifare {#mifare-id} Check for default keys ``` @@ -239,7 +250,7 @@ pm3 --> hf mf dump pm3 --> hf mf restore 1 u 4A6CE843 k hf-mf-A29558E4-key.bin f hf-mf-A29558E4-data.bin ``` -## HID Prox +## HID Prox {#prox-id} Read HID Prox card ``` @@ -288,7 +299,7 @@ pm3 --> lf hid brute a 26 f 224 pm3 --> lf hid brute v a 26 f 21 c 200 d 2000 ``` -## Indala +## Indala {#indala-id} Read Indala card ``` @@ -318,7 +329,7 @@ Options pm3 --> lf indala clone a0000000c2c436c1 ``` -## Hitag +## Hitag {#hitag-id} Read Hitag information ``` @@ -376,7 +387,7 @@ pm3 --> lf hitag reader 21 56713368 pm3 --> lf hitag sim c378181c_a8f7.ht2 ``` -## T55XX +## T55XX {#t55xx-id} Detect T55XX card ``` @@ -408,7 +419,7 @@ Wipe a T55xx tag and set defaults lf t55xx wipe ``` -## Data +## Data {#data-id} Get raw samples [512-40000] ``` @@ -425,7 +436,7 @@ Load samples from file data load ``` -## Lua Scripts +## Lua Scripts {#lua-id} List Lua Scripts From c3cb746a7e4296983296156670f2df3ceb62e952 Mon Sep 17 00:00:00 2001 From: Iceman Date: Tue, 13 Aug 2019 16:02:22 +0200 Subject: [PATCH 12/37] Update cheatsheet.md --- doc/cheatsheet.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/doc/cheatsheet.md b/doc/cheatsheet.md index 65f2d3d79..5221def92 100644 --- a/doc/cheatsheet.md +++ b/doc/cheatsheet.md @@ -1,17 +1,17 @@ # Cheatsheet -[Generic](#generic-id) -[iClass](#iclass-id) -[Mifare](#mifare-id) +[Generic](#Generic) +[iClass](#iClass) +[Mifare](#Mifare) [HID Prox](#prox-id) [Indala](#indala-id) [Hitag](#hitag-id) -[T55XX](#t55xx-id) -[Data](#data-id) -[Lua Scripts](#lua-id) +[T55XX](#T55XX) +[Data](#Data) +[Lua Scripts](#Lua Scripts) -## Generic {#generic-id} +## Generic Identify High Frequency cards ``` @@ -33,7 +33,7 @@ Check versioning pm3 --> hw version ``` -## iClass {#iclass-id} +## iClass Reverse permute iClass master key ``` @@ -162,7 +162,7 @@ e : elite pm3 --> hf iclass lookup u 010a0ffff7ff12e0 p feffffffffffffff m 66348979153c41b9 f default_iclass_keys.dic e ``` -## Mifare {#mifare-id} +## Mifare Check for default keys ``` @@ -387,7 +387,7 @@ pm3 --> lf hitag reader 21 56713368 pm3 --> lf hitag sim c378181c_a8f7.ht2 ``` -## T55XX {#t55xx-id} +## T55XX Detect T55XX card ``` @@ -419,7 +419,7 @@ Wipe a T55xx tag and set defaults lf t55xx wipe ``` -## Data {#data-id} +## Data Get raw samples [512-40000] ``` @@ -436,7 +436,7 @@ Load samples from file data load ``` -## Lua Scripts {#lua-id} +## Lua Scripts List Lua Scripts From 084ea32d11bc6e66ef49b1b35969119bb1402ab8 Mon Sep 17 00:00:00 2001 From: Iceman Date: Tue, 13 Aug 2019 16:03:54 +0200 Subject: [PATCH 13/37] Update cheatsheet.md --- doc/cheatsheet.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/doc/cheatsheet.md b/doc/cheatsheet.md index 5221def92..6a0ce2581 100644 --- a/doc/cheatsheet.md +++ b/doc/cheatsheet.md @@ -1,14 +1,14 @@ # Cheatsheet -[Generic](#Generic) -[iClass](#iClass) -[Mifare](#Mifare) -[HID Prox](#prox-id) -[Indala](#indala-id) -[Hitag](#hitag-id) -[T55XX](#T55XX) -[Data](#Data) -[Lua Scripts](#Lua Scripts) +- [Generic](#Generic) +- [iClass](#iClass) +- [Mifare](#Mifare) +- [HID Prox](#HID-Prox) +- [Indala](#Indala) +- [Hitag](#Hitag) +- [T55XX](#T55XX) +- [Data](#Data) +- [Lua Scripts](#Lua-Scripts) ## Generic From 1da98c7aa6f72c1424069256534bc87a8512b1d2 Mon Sep 17 00:00:00 2001 From: Iceman Date: Tue, 13 Aug 2019 16:04:47 +0200 Subject: [PATCH 14/37] Update cheatsheet.md --- doc/cheatsheet.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/cheatsheet.md b/doc/cheatsheet.md index 6a0ce2581..3fcaf9876 100644 --- a/doc/cheatsheet.md +++ b/doc/cheatsheet.md @@ -250,7 +250,7 @@ pm3 --> hf mf dump pm3 --> hf mf restore 1 u 4A6CE843 k hf-mf-A29558E4-key.bin f hf-mf-A29558E4-data.bin ``` -## HID Prox {#prox-id} +## HID Prox Read HID Prox card ``` @@ -299,7 +299,7 @@ pm3 --> lf hid brute a 26 f 224 pm3 --> lf hid brute v a 26 f 21 c 200 d 2000 ``` -## Indala {#indala-id} +## Indala Read Indala card ``` @@ -329,7 +329,7 @@ Options pm3 --> lf indala clone a0000000c2c436c1 ``` -## Hitag {#hitag-id} +## Hitag Read Hitag information ``` From 961f98c125e6cce26fd593987b209c21669df245 Mon Sep 17 00:00:00 2001 From: cjbrigato Date: Tue, 13 Aug 2019 15:58:08 +0200 Subject: [PATCH 15/37] SPIFFS : FIXES FS corruption against high numbero f current losses, high number of files manipulation. FIXES LOG_BLOCK erasing handlers. FIXES Garbage Collector. Overall, SPIFFS should now be WAY MORE resilient to any form of misbehavior. In case of corrupted filesystem (should still be readable !), spamming 'mem spiffs check' from the client will ensure at least 2 new free 4k blocks each tile (if number of LOG_PAGE available is enough) and in the same pass will move/reorganize the LOG_PAGES of contextual blocks. Yiha --- armsrc/Standalone/hf_colin.c | 41 +++++++++------------ armsrc/appmain.c | 9 +++++ armsrc/spiffs.c | 71 ++++++++++++++++++------------------ armsrc/spiffs.h | 10 +++-- armsrc/spiffs_cache.c | 8 ++-- armsrc/spiffs_config.h | 21 +++++++++-- client/cmdflashmemspiffs.c | 8 ++++ include/pm3_cmd.h | 1 + 8 files changed, 100 insertions(+), 69 deletions(-) diff --git a/armsrc/Standalone/hf_colin.c b/armsrc/Standalone/hf_colin.c index a45dd71c3..4fe898a18 100644 --- a/armsrc/Standalone/hf_colin.c +++ b/armsrc/Standalone/hf_colin.c @@ -8,27 +8,8 @@ //----------------------------------------------------------------------------- // main code for HF Mifare aka ColinRun by Colin Brigato //----------------------------------------------------------------------------- -#include "standalone.h" // standalone definitions -#include // for bool -#include -#include #include "hf_colin.h" -#include "appmain.h" -#include "fpgaloader.h" -#include "dbprint.h" -#include "ticks.h" -#include "commonutil.h" -#include "crc16.h" -#include "BigBuf.h" #include "frozen.h" -#include "proxmark3_arm.h" -#include "mifaresim.h" // mifare1ksim -#include "mifareutil.h" -#include "iso14443a.h" -#include "util.h" -#include "vtsend.h" -#include "spiffs.h" -#include "string.h" #define MF1KSZ 1024 #define MF1KSZSIZE 64 @@ -720,8 +701,10 @@ readysim: SpinOff(100); LED_C_ON(); - uint16_t flags; - switch (p_card.uidlen) { + DBGLEVEL = DBG_NONE; + + //uint16_t flags=0; + /*switch (p_card.uidlen) { case 10: flags = FLAG_10B_UID_IN_DATA; break; @@ -734,13 +717,23 @@ readysim: default: flags = FLAG_UID_IN_EMUL; break; - } + }*/ // Use UID, SAK, ATQA from EMUL, if uid not defined // if ((flags & (FLAG_4B_UID_IN_DATA | FLAG_7B_UID_IN_DATA | FLAG_10B_UID_IN_DATA)) == 0) { - flags |= FLAG_UID_IN_EMUL; + //flags |= FLAG_UID_IN_EMUL; //} - Mifare1ksim(flags | FLAG_MF_1K, 0, cjuid, 0, 0); + //flags |= FLAG_MF_1K; + //if ((flags & (FLAG_4B_UID_IN_DATA | FLAG_7B_UID_IN_DATA | FLAG_10B_UID_IN_DATA)) == 0) { + // flags |= FLAG_UID_IN_EMUL; + //} + //flags = 0x10; + uint16_t flags = 0; + flags = 16; + DbprintfEx(FLAG_NEWLINE,"\n\n\n\n\n\n\n\nn\n\nn\n\n\nflags: %d (0x%02x)",flags,flags); + cjSetCursLeft(); + SpinOff(1000); + Mifare1ksim(flags , 0, cjuid); LED_C_OFF(); SpinOff(50); vtsend_cursor_position_restore(NULL); diff --git a/armsrc/appmain.c b/armsrc/appmain.c index f163e579b..c54ff7255 100644 --- a/armsrc/appmain.c +++ b/armsrc/appmain.c @@ -1518,6 +1518,10 @@ static void PacketReceived(PacketCommandNG *packet) { test_spiffs(); break; } + case CMD_SPIFFS_CHECK: { + rdv40_spiffs_check(); + break; + } case CMD_SPIFFS_MOUNT: { rdv40_spiffs_lazy_mount(); break; @@ -1901,6 +1905,11 @@ void __attribute__((noreturn)) AppMain(void) { #ifdef WITH_FLASH // If flash is not present, BUSY_TIMEOUT kicks in, let's do it after USB loadT55xxConfig(); + + // + // Enforce a spiffs check/garbage collection at boot so we are likely to never + // fall under the 2 contigous free blocks availables + rdv40_spiffs_check(); #endif for (;;) { diff --git a/armsrc/spiffs.c b/armsrc/spiffs.c index df827b4e3..18f20187c 100644 --- a/armsrc/spiffs.c +++ b/armsrc/spiffs.c @@ -22,9 +22,11 @@ // case, will ensure a flush by rollbacking to previous Unmounted state #define RDV40_SPIFFS_CACHE_SZ ((LOG_PAGE_SIZE + 32) * 4) #define SPIFFS_FD_SIZE (32) -#define RDV40_SPIFFS_MAX_FD (2) +#define RDV40_SPIFFS_MAX_FD (3) #define RDV40_SPIFFS_FDBUF_SZ (SPIFFS_FD_SIZE * RDV40_SPIFFS_MAX_FD) +#define RDV40_LLERASE_BLOCKSIZE (64*1024) + #define RDV40_SPIFFS_LAZY_HEADER \ int changed = 0; \ if ((level == RDV40_SPIFFS_SAFETY_LAZY) || (level == RDV40_SPIFFS_SAFETY_SAFE)) { \ @@ -43,12 +45,6 @@ RDV40_SPIFFS_SAFE_FOOTER #include "spiffs.h" -#include "flashmem.h" -#include "dbprint.h" -#include "printf.h" -#include "common.h" -#include "string.h" -#include "BigBuf.h" ///// FLASH LEVEL R/W/E operations for feeding SPIFFS Driver///////////////// static s32_t rdv40_spiffs_llread(u32_t addr, u32_t size, u8_t *dst) { @@ -70,28 +66,29 @@ static s32_t rdv40_spiffs_llwrite(u32_t addr, u32_t size, u8_t *src) { static s32_t rdv40_spiffs_llerase(u32_t addr, u32_t size) { + + uint8_t erased = 0; + if (!FlashInit()) { return 130; } - - uint32_t bytes_erased = 0, bytes_remaining = size; - while (bytes_remaining > 0) { - - addr += bytes_erased; + if (DBGLEVEL > 2) Dbprintf("LLERASEDBG : Orig addr : %d\n", addr); + uint8_t block, sector = 0; + block = addr / RDV40_LLERASE_BLOCKSIZE; + if (block){ + addr = addr - (block*RDV40_LLERASE_BLOCKSIZE); + } + if (DBGLEVEL > 2) Dbprintf("LLERASEDBG : Result addr : %d\n", addr); + sector = addr / SPIFFS_CFG_LOG_BLOCK_SZ; Flash_CheckBusy(BUSY_TIMEOUT); Flash_WriteEnable(); - FlashSendByte(SECTORERASE); - Flash_TransferAdresse(addr); - FlashSendLastByte(0); - - bytes_remaining -= 4096; - bytes_erased += 4096; - } + if (DBGLEVEL > 2) Dbprintf("LLERASEDBG : block : %d, sector : %d \n", block, sector); + erased = Flash_Erase4k(block, sector); Flash_CheckBusy(BUSY_TIMEOUT); FlashStop(); - return SPIFFS_OK; + return SPIFFS_OK == erased ; } //////////////////////////////////////////////////////////////////////////////// @@ -162,6 +159,15 @@ int rdv40_spiffs_unmount() { } return ret; } + +int rdv40_spiffs_check() { + rdv40_spiffs_lazy_mount(); + SPIFFS_check(&fs); + SPIFFS_gc_quick(&fs,0); + rdv40_spiffs_lazy_unmount(); + rdv40_spiffs_lazy_mount(); + return SPIFFS_gc(&fs,8192) == SPIFFS_OK; +} //////////////////////////////////////////////////////////////////////////////// ///// Base RDV40_SPIFFS_SAFETY_NORMAL operations//////////////////////////////// @@ -533,21 +539,16 @@ void rdv40_spiffs_safe_print_fsinfo() { rdv40_spiffs_fsinfo fsinfo; rdv40_spiffs_getfsinfo(&fsinfo, RDV40_SPIFFS_SAFETY_SAFE); DbpString(_BLUE_("Flash Memory FileSystem Info (SPIFFS)")); -// Dbprintf("-------------------------------------"); - Dbprintf(" Logical Block Size........." _YELLOW_("%d")"bytes", fsinfo.blockSize); - Dbprintf(" Logical Page Size.........." _YELLOW_("%d")"bytes", fsinfo.pageSize); - Dbprintf(""); - Dbprintf(" Max Open Files............." _YELLOW_("%d")"file descriptors", fsinfo.maxOpenFiles); - Dbprintf(" Max Path Length............" _YELLOW_("%d")"chars", fsinfo.maxPathLength); -// DbpString(_BLUE_("Details")); - DbpString(""); - Dbprintf(" Filesystem\tSize\tUsed\tAvailable\tUse%\tMounted on"); - Dbprintf(" spiffs \t%d B\t%d B\t%d B\t\t"_YELLOW_("%d%")"\t/" - , fsinfo.totalBytes - , fsinfo.usedBytes - , fsinfo.freeBytes - , fsinfo.usedPercent - ); + Dbprintf("-------------------------------------"); + Dbprintf("* Filesystem Logical Block Size.........%d bytes", fsinfo.blockSize); + Dbprintf("* Filesystem Logical Page Size..........%d bytes", fsinfo.pageSize); + Dbprintf("--"); + Dbprintf("* Filesystem Max Open Files.............%d file descriptors", fsinfo.maxOpenFiles); + Dbprintf("* Filesystem Max Path Length............%d chars", fsinfo.maxPathLength); + Dbprintf("--"); + Dbprintf("Filesystem\tSize\tUsed\tAvailable\tUse%\tMounted on"); + Dbprintf("spiffs\t%dB\t%dB\t%dB\t\t%d%\t/", fsinfo.totalBytes, fsinfo.usedBytes, fsinfo.freeBytes, + fsinfo.usedPercent); } // this function is safe and WILL rollback since it is only a PRINTING function, diff --git a/armsrc/spiffs.h b/armsrc/spiffs.h index 29e8215b0..d75335e40 100644 --- a/armsrc/spiffs.h +++ b/armsrc/spiffs.h @@ -7,8 +7,9 @@ #ifndef SPIFFS_H_ #define SPIFFS_H_ - -#include "common.h" +#if defined(__cplusplus) +extern "C" { +#endif #include "spiffs_config.h" @@ -32,7 +33,7 @@ typedef struct rdv40_spiffs_fsinfo { int rdv40_spiffs_read_as_filetype(char *filename, uint8_t *dst, uint32_t size, RDV40SpiFFSSafetyLevel level); - +int rdv40_spiffs_check(); int rdv40_spiffs_lazy_unmount(); int rdv40_spiffs_lazy_mount(); int rdv40_spiffs_lazy_mount_rollback(int changed); @@ -853,5 +854,8 @@ u32_t SPIFFS_buffer_bytes_for_cache(spiffs *fs, u32_t num_pages); #if SPIFFS_CACHE #endif +#if defined(__cplusplus) +} +#endif #endif /* SPIFFS_H_ */ diff --git a/armsrc/spiffs_cache.c b/armsrc/spiffs_cache.c index f86133be4..98acc4c2f 100644 --- a/armsrc/spiffs_cache.c +++ b/armsrc/spiffs_cache.c @@ -39,17 +39,17 @@ static s32_t spiffs_cache_page_free(spiffs *fs, int ix, u8_t write_back) { (cp->flags & SPIFFS_CACHE_FLAG_TYPE_WR) == 0 && (cp->flags & SPIFFS_CACHE_FLAG_DIRTY)) { u8_t *mem = spiffs_get_cache_page(fs, cache, ix); - SPIFFS_CACHE_DBG("CACHE_FREE: write cache page "_SPIPRIi" pix "_SPIPRIpg"\n", ix, cp->pix); + SPIFFS_CACHE_DBG("CACHE_FREE: write cache page "_SPIPRIi" pix "_SPIPRIpg"\n", ix, cp->ucache.spix.pix); res = SPIFFS_HAL_WRITE(fs, SPIFFS_PAGE_TO_PADDR(fs, cp->ucache.spix.pix), SPIFFS_CFG_LOG_PAGE_SZ(fs), mem); } #if SPIFFS_CACHE_WR if (cp->flags & SPIFFS_CACHE_FLAG_TYPE_WR) { - SPIFFS_CACHE_DBG("CACHE_FREE: free cache page "_SPIPRIi" objid "_SPIPRIid"\n", ix, cp->obj_id); + SPIFFS_CACHE_DBG("CACHE_FREE: free cache page "_SPIPRIi" objid "_SPIPRIid"\n", ix, cp->ucache.swrc.obj_id); } else #endif { - SPIFFS_CACHE_DBG("CACHE_FREE: free cache page "_SPIPRIi" pix "_SPIPRIpg"\n", ix, cp->pix); + SPIFFS_CACHE_DBG("CACHE_FREE: free cache page "_SPIPRIi" pix "_SPIPRIpg"\n", ix, cp->ucache.spix.pix); } cache->cpage_use_map &= ~(1 << ix); cp->flags = 0; @@ -156,7 +156,7 @@ s32_t spiffs_phys_rd( if (cp) { cp->flags = SPIFFS_CACHE_FLAG_WRTHRU; cp->ucache.spix.pix = SPIFFS_PADDR_TO_PAGE(fs, addr); - SPIFFS_CACHE_DBG("CACHE_ALLO: allocated cache page "_SPIPRIi" for pix "_SPIPRIpg "\n", cp->ix, cp->pix); + SPIFFS_CACHE_DBG("CACHE_ALLO: allocated cache page "_SPIPRIi" for pix "_SPIPRIpg "\n", cp->ix, cp->ucache.spix.pix); s32_t res2 = SPIFFS_HAL_READ(fs, addr - SPIFFS_PADDR_TO_PAGE_OFFSET(fs, addr), diff --git a/armsrc/spiffs_config.h b/armsrc/spiffs_config.h index 6fe1f48c6..7710a65a8 100644 --- a/armsrc/spiffs_config.h +++ b/armsrc/spiffs_config.h @@ -8,7 +8,22 @@ #ifndef SPIFFS_CONFIG_H_ #define SPIFFS_CONFIG_H_ -#include "common.h" +// ----------- 8< ------------ +// Following includes are for the linux test build of spiffs +// These may/should/must be removed/altered/replaced in your target +//#include +//#include +// +#include "printf.h" +#include "string.h" +#include "flashmem.h" + +void Dbprintf(const char *fmt, ...); + +//#include +//#include +// ----------- >8 ------------ + typedef int s32_t; typedef uint32_t u32_t; @@ -26,7 +41,7 @@ typedef uint8_t u8_t; #endif // Set spiffs debug output call for garbage collecting. #ifndef SPIFFS_GC_DBG -#define SPIFFS_GC_DBG(_f, ...) +#define SPIFFS_GC_DBG(_f, ...) //Dbprintf(_f, ## __VA_ARGS__) #define SPIFFS_GC_DBGF(str) SPIFFS_GC_DBG(str,NULL) #endif // Set spiffs debug output call for caching. @@ -36,7 +51,7 @@ typedef uint8_t u8_t; #endif // Set spiffs debug output call for system consistency checks. #ifndef SPIFFS_CHECK_DBG -#define SPIFFS_CHECK_DBG(_f, ...) //SPIFFS_CHECK_DBG(_f, ## __VA_ARGS__) +#define SPIFFS_CHECK_DBG(_f, ...) //Dbprintf(_f, ## __VA_ARGS__) #define SPIFFS_CHECK_DBGF(str) SPIFFS_CHECK_DBG(str,NULL) #endif // Set spiffs debug output call for all api invocations. diff --git a/client/cmdflashmemspiffs.c b/client/cmdflashmemspiffs.c index a3f9b950a..f53e17915 100644 --- a/client/cmdflashmemspiffs.c +++ b/client/cmdflashmemspiffs.c @@ -39,6 +39,13 @@ static int CmdFlashMemSpiFFSTest(const char *Cmd) { return PM3_SUCCESS; } +static int CmdFlashMemSpiFFSCheck(const char *Cmd) { + (void)Cmd; // Cmd is not used so far + clearCommandBuffer(); + SendCommandNG(CMD_SPIFFS_CHECK, NULL, 0); + return PM3_SUCCESS; +} + static int CmdFlashMemSpiFFSTree(const char *Cmd) { (void)Cmd; // Cmd is not used so far clearCommandBuffer(); @@ -439,6 +446,7 @@ static command_t CommandTable[] = { "copy", CmdFlashMemSpiFFSCopy, IfPm3Flash, "Copy a file to another (destructively) in SPIFFS FileSystem in FlashMEM (spiffs)" }, + {"check", CmdFlashMemSpiFFSCheck, IfPm3Flash, "Check/try to defrag faulty/fragmented Filesystem"}, {"dump", CmdFlashMemSpiFFSDump, IfPm3Flash, "Dump a file from SPIFFS FileSystem in FlashMEM (spiffs)"}, {"info", CmdFlashMemSpiFFSInfo, IfPm3Flash, "Print filesystem info and usage statistics (spiffs)"}, {"load", CmdFlashMemSpiFFSLoad, IfPm3Flash, "Upload file into SPIFFS Filesystem (spiffs)"}, diff --git a/include/pm3_cmd.h b/include/pm3_cmd.h index 3d7b156bd..742f45f6e 100644 --- a/include/pm3_cmd.h +++ b/include/pm3_cmd.h @@ -299,6 +299,7 @@ typedef struct { #define CMD_SPIFFS_PRINT_FSINFO 0x2133 #define CMD_SPIFFS_DOWNLOAD 0x2134 #define CMD_SPIFFS_DOWNLOADED 0x2135 +#define CMD_SPIFFS_CHECK 0x3000 // more ? From 0ace6bffb821c13b07cabd95ec74f69308cace17 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Tue, 13 Aug 2019 17:16:43 +0200 Subject: [PATCH 16/37] missing includes for spiffs --- armsrc/appmain.h | 1 - armsrc/spiffs.c | 2 ++ 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/armsrc/appmain.h b/armsrc/appmain.h index fa35714e3..141c943f9 100644 --- a/armsrc/appmain.h +++ b/armsrc/appmain.h @@ -34,7 +34,6 @@ void __attribute__((noreturn)) AppMain(void); uint16_t AvgAdc(int ch); -void print_result(char *name, uint8_t *buf, size_t len); //void PrintToSendBuffer(void); void ToSendStuffBit(int b); void ToSendReset(void); diff --git a/armsrc/spiffs.c b/armsrc/spiffs.c index 18f20187c..e642a0e29 100644 --- a/armsrc/spiffs.c +++ b/armsrc/spiffs.c @@ -45,6 +45,8 @@ RDV40_SPIFFS_SAFE_FOOTER #include "spiffs.h" +#include "BigBuf.h" +#include "dbprint.h" ///// FLASH LEVEL R/W/E operations for feeding SPIFFS Driver///////////////// static s32_t rdv40_spiffs_llread(u32_t addr, u32_t size, u8_t *dst) { From 763c94334b7f61dc06e962f9386f3d72650736e2 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Tue, 13 Aug 2019 17:27:52 +0200 Subject: [PATCH 17/37] add missing includes and fix mf1ksim usage in hf_colin standalone mode --- armsrc/Standalone/hf_colin.c | 18 +++++++++++++++++- armsrc/Standalone/hf_colin.h | 4 ++++ armsrc/iso14443a.h | 1 + 3 files changed, 22 insertions(+), 1 deletion(-) diff --git a/armsrc/Standalone/hf_colin.c b/armsrc/Standalone/hf_colin.c index 4fe898a18..21df29b9d 100644 --- a/armsrc/Standalone/hf_colin.c +++ b/armsrc/Standalone/hf_colin.c @@ -8,7 +8,23 @@ //----------------------------------------------------------------------------- // main code for HF Mifare aka ColinRun by Colin Brigato //----------------------------------------------------------------------------- + +#include "standalone.h" // standalone definitions + #include "hf_colin.h" +#include "proxmark3_arm.h" +#include "appmain.h" +#include "fpgaloader.h" +#include "dbprint.h" +#include "ticks.h" +#include "util.h" +#include "commonutil.h" +#include "BigBuf.h" +#include "iso14443a.h" +#include "mifareutil.h" +#include "mifaresim.h" +#include "vtsend.h" +#include "spiffs.h" #include "frozen.h" #define MF1KSZ 1024 @@ -733,7 +749,7 @@ readysim: DbprintfEx(FLAG_NEWLINE,"\n\n\n\n\n\n\n\nn\n\nn\n\n\nflags: %d (0x%02x)",flags,flags); cjSetCursLeft(); SpinOff(1000); - Mifare1ksim(flags , 0, cjuid); + Mifare1ksim(flags , 0, cjuid, 0, 0); LED_C_OFF(); SpinOff(50); vtsend_cursor_position_restore(NULL); diff --git a/armsrc/Standalone/hf_colin.h b/armsrc/Standalone/hf_colin.h index ca65a6df4..a4b870abc 100644 --- a/armsrc/Standalone/hf_colin.h +++ b/armsrc/Standalone/hf_colin.h @@ -9,6 +9,10 @@ // StandAlone Mod //----------------------------------------------------------------------------- +#include +#include +#include + #ifndef FALSE #define FALSE 0 #endif diff --git a/armsrc/iso14443a.h b/armsrc/iso14443a.h index e4ea7f0df..1bea3a1b9 100644 --- a/armsrc/iso14443a.h +++ b/armsrc/iso14443a.h @@ -16,6 +16,7 @@ #include "common.h" #include "mifare.h" // struct #include "pm3_cmd.h" +#include "crc16.h" // compute_crc // When the PM acts as tag and is receiving it takes // 2 ticks delay in the RF part (for the first falling edge), From 3771c150f0345b85e1109197306bf2269db9c1b6 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Tue, 13 Aug 2019 17:42:03 +0200 Subject: [PATCH 18/37] make style --- armsrc/Standalone/hf_colin.c | 4 ++-- armsrc/appmain.c | 2 +- armsrc/spiffs.c | 36 ++++++++++++++++++------------------ 3 files changed, 21 insertions(+), 21 deletions(-) diff --git a/armsrc/Standalone/hf_colin.c b/armsrc/Standalone/hf_colin.c index 21df29b9d..265b7e3c9 100644 --- a/armsrc/Standalone/hf_colin.c +++ b/armsrc/Standalone/hf_colin.c @@ -746,10 +746,10 @@ readysim: //flags = 0x10; uint16_t flags = 0; flags = 16; - DbprintfEx(FLAG_NEWLINE,"\n\n\n\n\n\n\n\nn\n\nn\n\n\nflags: %d (0x%02x)",flags,flags); + DbprintfEx(FLAG_NEWLINE, "\n\n\n\n\n\n\n\nn\n\nn\n\n\nflags: %d (0x%02x)", flags, flags); cjSetCursLeft(); SpinOff(1000); - Mifare1ksim(flags , 0, cjuid, 0, 0); + Mifare1ksim(flags, 0, cjuid, 0, 0); LED_C_OFF(); SpinOff(50); vtsend_cursor_position_restore(NULL); diff --git a/armsrc/appmain.c b/armsrc/appmain.c index c54ff7255..b593c826b 100644 --- a/armsrc/appmain.c +++ b/armsrc/appmain.c @@ -1906,7 +1906,7 @@ void __attribute__((noreturn)) AppMain(void) { // If flash is not present, BUSY_TIMEOUT kicks in, let's do it after USB loadT55xxConfig(); - // + // // Enforce a spiffs check/garbage collection at boot so we are likely to never // fall under the 2 contigous free blocks availables rdv40_spiffs_check(); diff --git a/armsrc/spiffs.c b/armsrc/spiffs.c index e642a0e29..cb4412264 100644 --- a/armsrc/spiffs.c +++ b/armsrc/spiffs.c @@ -74,18 +74,18 @@ static s32_t rdv40_spiffs_llerase(u32_t addr, u32_t size) { if (!FlashInit()) { return 130; } - if (DBGLEVEL > 2) Dbprintf("LLERASEDBG : Orig addr : %d\n", addr); - uint8_t block, sector = 0; - block = addr / RDV40_LLERASE_BLOCKSIZE; - if (block){ - addr = addr - (block*RDV40_LLERASE_BLOCKSIZE); - } - if (DBGLEVEL > 2) Dbprintf("LLERASEDBG : Result addr : %d\n", addr); - sector = addr / SPIFFS_CFG_LOG_BLOCK_SZ; - Flash_CheckBusy(BUSY_TIMEOUT); - Flash_WriteEnable(); - if (DBGLEVEL > 2) Dbprintf("LLERASEDBG : block : %d, sector : %d \n", block, sector); - erased = Flash_Erase4k(block, sector); + if (DBGLEVEL > 2) Dbprintf("LLERASEDBG : Orig addr : %d\n", addr); + uint8_t block, sector = 0; + block = addr / RDV40_LLERASE_BLOCKSIZE; + if (block) { + addr = addr - (block * RDV40_LLERASE_BLOCKSIZE); + } + if (DBGLEVEL > 2) Dbprintf("LLERASEDBG : Result addr : %d\n", addr); + sector = addr / SPIFFS_CFG_LOG_BLOCK_SZ; + Flash_CheckBusy(BUSY_TIMEOUT); + Flash_WriteEnable(); + if (DBGLEVEL > 2) Dbprintf("LLERASEDBG : block : %d, sector : %d \n", block, sector); + erased = Flash_Erase4k(block, sector); Flash_CheckBusy(BUSY_TIMEOUT); FlashStop(); @@ -163,12 +163,12 @@ int rdv40_spiffs_unmount() { } int rdv40_spiffs_check() { - rdv40_spiffs_lazy_mount(); - SPIFFS_check(&fs); - SPIFFS_gc_quick(&fs,0); - rdv40_spiffs_lazy_unmount(); - rdv40_spiffs_lazy_mount(); - return SPIFFS_gc(&fs,8192) == SPIFFS_OK; + rdv40_spiffs_lazy_mount(); + SPIFFS_check(&fs); + SPIFFS_gc_quick(&fs, 0); + rdv40_spiffs_lazy_unmount(); + rdv40_spiffs_lazy_mount(); + return SPIFFS_gc(&fs, 8192) == SPIFFS_OK; } //////////////////////////////////////////////////////////////////////////////// From 847b6bcc3370e89894ca6236caeec434752a76de Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Tue, 13 Aug 2019 17:51:11 +0200 Subject: [PATCH 19/37] remove tabs --- Makefile | 11 ++++++++--- doc/cheatsheet.md | 2 +- fpga/fpga_lf.v | 14 +++++++------- fpga/lo_adc.v | 20 ++++++++++---------- include/pm3_cmd.h | 2 +- 5 files changed, 27 insertions(+), 22 deletions(-) diff --git a/Makefile b/Makefile index 58c61281f..9be67311b 100644 --- a/Makefile +++ b/Makefile @@ -164,11 +164,16 @@ style: # Detecting weird codepages and tabs. checks: - find . \( -name "*.[ch]" -or -name "*.cpp" -or -name "*.lua" -or -name "*.py" -or -name "*.pl" -or -name "Makefile" -or -name "*.v" \) \ + @echo "Files with suspicious chars:" + @find . \( -name "*.[ch]" -or -name "*.cpp" -or -name "*.lua" -or -name "*.py" -or -name "*.pl" -or -name "Makefile" -or -name "*.v" \) \ -exec sh -c "cat {} |recode utf8.. >/dev/null || echo {}" \; - find . \( -name "*.[ch]" -or \( -name "*.cpp" -and -not -name "*.moc.cpp" \) -or -name "*.lua" -or -name "*.py" -or -name "*.pl" -or -name "*.md" -or -name "*.txt" -or -name "*.awk" -or -name "*.v" \) \ - -exec grep -lP '\t' {} \; + @echo "Files with tabs:" # to remove tabs within lines, one can try with: vi $file -c ':set tabstop=4' -c ':set et|retab' -c ':wq' + @find . \( -name "*.[ch]" -or \( -name "*.cpp" -and -not -name "*.moc.cpp" \) -or -name "*.lua" -or -name "*.py" -or -name "*.pl" -or -name "*.md" -or -name "*.txt" -or -name "*.awk" -or -name "*.v" \) \ + -exec grep -lP '\t' {} \; +# @echo "Files with printf \\\\t:" +# @find . \( -name "*.[ch]" -or \( -name "*.cpp" -and -not -name "*.moc.cpp" \) -or -name "*.lua" -or -name "*.py" -or -name "*.pl" -or -name "*.md" -or -name "*.txt" -or -name "*.awk" -or -name "*.v" \) \ +# -exec grep -lP '\\t' {} \; # Dummy target to test for GNU make availability _test: diff --git a/doc/cheatsheet.md b/doc/cheatsheet.md index 3fcaf9876..ecef56d9d 100644 --- a/doc/cheatsheet.md +++ b/doc/cheatsheet.md @@ -448,7 +448,7 @@ Convert .bin to .eml ``` Options --- -i : Specifies the dump-file (input). If omitted, 'dumpdata.bin' is used +i : Specifies the dump-file (input). If omitted, 'dumpdata.bin' is used script run dumptoemul -i xxxxxxxxxxxxxx.bin ``` diff --git a/fpga/fpga_lf.v b/fpga/fpga_lf.v index 20d2ca440..88b22b7ca 100644 --- a/fpga/fpga_lf.v +++ b/fpga/fpga_lf.v @@ -102,13 +102,13 @@ lo_edge_detect le( ); lo_adc la( - pck0, - la_pwr_lo, la_pwr_hi, la_pwr_oe1, la_pwr_oe2, la_pwr_oe3, la_pwr_oe4, - adc_d, la_adc_clk, - la_ssp_frame, la_ssp_din, ssp_dout, la_ssp_clk, - cross_hi, cross_lo, - la_dbg, divisor, - lo_is_125khz, lf_field + pck0, + la_pwr_lo, la_pwr_hi, la_pwr_oe1, la_pwr_oe2, la_pwr_oe3, la_pwr_oe4, + adc_d, la_adc_clk, + la_ssp_frame, la_ssp_din, ssp_dout, la_ssp_clk, + cross_hi, cross_lo, + la_dbg, divisor, + lo_is_125khz, lf_field ); // Major modes: diff --git a/fpga/lo_adc.v b/fpga/lo_adc.v index dff9fda3f..57e9eebc8 100644 --- a/fpga/lo_adc.v +++ b/fpga/lo_adc.v @@ -55,28 +55,28 @@ assign ssp_frame = (pck_divider[7:3] == 5'd1) && !clk_state; always @(posedge pck0) begin - if(pck_divider == divisor[7:0]) + if(pck_divider == divisor[7:0]) begin - pck_divider <= 8'd0; - clk_state = !clk_state; + pck_divider <= 8'd0; + clk_state = !clk_state; end - else - begin - pck_divider <= pck_divider + 1; - end + else + begin + pck_divider <= pck_divider + 1; + end end always @(posedge pck0) begin - if((pck_divider == 8'd7) && !clk_state) + if((pck_divider == 8'd7) && !clk_state) begin to_arm_shiftreg <= adc_d; end else - begin + begin to_arm_shiftreg[7:1] <= to_arm_shiftreg[6:0]; to_arm_shiftreg[0] <= 1'b0; - end + end end endmodule diff --git a/include/pm3_cmd.h b/include/pm3_cmd.h index 742f45f6e..035e85405 100644 --- a/include/pm3_cmd.h +++ b/include/pm3_cmd.h @@ -299,7 +299,7 @@ typedef struct { #define CMD_SPIFFS_PRINT_FSINFO 0x2133 #define CMD_SPIFFS_DOWNLOAD 0x2134 #define CMD_SPIFFS_DOWNLOADED 0x2135 -#define CMD_SPIFFS_CHECK 0x3000 +#define CMD_SPIFFS_CHECK 0x3000 // more ? From 252929bed4d318fb50a882dc93344035cc4c0ac2 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Tue, 13 Aug 2019 20:30:19 +0200 Subject: [PATCH 20/37] fix lf read command parsing bug --- client/cmdlf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/cmdlf.c b/client/cmdlf.c index cf8e60f82..366f2ed0e 100644 --- a/client/cmdlf.c +++ b/client/cmdlf.c @@ -453,7 +453,7 @@ int CmdLFRead(const char *Cmd) { cmdp++; break; case 'd': - samples = param_get32ex(Cmd, cmdp, 0, 10); + samples = param_get32ex(Cmd, cmdp + 1, 0, 10); cmdp += 2; break; default: From db0ac1639b5d811a6f22c8bddc5a7219f3f2dce3 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Tue, 13 Aug 2019 22:57:54 +0200 Subject: [PATCH 21/37] em4x watch & read: collect enough samples to cover EM XL tags --- client/cmdlfem4x.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/client/cmdlfem4x.c b/client/cmdlfem4x.c index a87fd46eb..c04e64c00 100644 --- a/client/cmdlfem4x.c +++ b/client/cmdlfem4x.c @@ -442,7 +442,7 @@ static int CmdEM410xDemod(const char *Cmd) { // this read is the "normal" read, which download lf signal and tries to demod here. static int CmdEM410xRead(const char *Cmd) { - lf_read(true, 8192); + lf_read(true, 12288); return CmdEM410xDemod(Cmd); } @@ -599,7 +599,7 @@ static int CmdEM410xWatch(const char *Cmd) { PrintAndLogEx(WARNING, "\naborted via keyboard!\n"); break; } - lf_read(true, 8201); + lf_read(true, 12288); } while (CmdEM410xRead("") != PM3_SUCCESS); return PM3_SUCCESS; From ea601f4052d044915782b5adf0a321018a9c6f70 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Wed, 14 Aug 2019 21:52:20 +0200 Subject: [PATCH 22/37] fix reveng for all platforms else than WIN32 --- CHANGELOG.md | 1 + client/Makefile | 33 +++++++++++++++++++++------------ client/reveng/bmpbit.c | 2 +- client/reveng/config.h | 34 ++++++++++++++++++++++------------ 4 files changed, 45 insertions(+), 25 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a6aab7919..b5f7d8d76 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file. This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... ## [unreleased][unreleased] + - Fix reveng integration for all platforms else than WIN32 (@doegox) - Add cheat sheet for easy operations of the Proxmark3 (scund00r) - Chg commands are now in green in the helptext list (@iceman1001) - Fix 'script run ndefdump' - better exit messages when failing (@iceman1001) diff --git a/client/Makefile b/client/Makefile index adf83cb18..89f8cfb44 100644 --- a/client/Makefile +++ b/client/Makefile @@ -22,6 +22,8 @@ TAR = tar TARFLAGS = -C .. --ignore-failed-read -rvf RM = rm -f MV = mv +TOUCH = touch +FALSE = false ENV_LDFLAGS := $(LDFLAGS) ENV_CFLAGS := $(CFLAGS) @@ -52,11 +54,11 @@ MBEDTLSLIBPATH = ../common/mbedtls MBEDTLSLIB = $(MBEDTLSLIBPATH)/libmbedtls.a CBORLIBPATH = ./tinycbor CBORLIB = $(CBORLIBPATH)/tinycbor.a +REVENGFLAGS = -DPRESETS LIBS = -I../common/zlib -Iuart -I$(LUALIBPATH) -I$(MBEDTLSLIBPATH) -I$(JANSSONLIBPATH) -I$(CBORLIBPATH) INCLUDES_CLIENT = -I. -I../include -I../common -I/opt/local/include $(LIBS) LDFLAGS = $(ENV_LDFLAGS) - -CFLAGS = $(ENV_CFLAGS) -std=c99 -D_ISOC99_SOURCE -DPRESETS $(INCLUDES_CLIENT) -Wall -Werror -g -O3 +CFLAGS = $(ENV_CFLAGS) -std=c99 -D_ISOC99_SOURCE $(REVENGFLAGS) $(INCLUDES_CLIENT) -Wall -Werror -g -O3 ifneq (,$(findstring MINGW,$(platform))) CFLAGS += -mno-ms-bitfields endif @@ -239,12 +241,6 @@ CMDSRCS = crapto1/crapto1.c \ cmdscript.c \ pm3_bitlib.c \ cmdcrc.c \ - reveng/preset.c \ - reveng/reveng.c \ - reveng/cli.c \ - reveng/bmpbit.c \ - reveng/model.c \ - reveng/poly.c \ bucketsort.c cpu_arch = $(shell uname -m) @@ -262,12 +258,20 @@ ZLIBSRCS = deflate.c adler32.c trees.c zutil.c inflate.c inffast.c inftrees.c ZLIBFLAGS = -DZ_SOLO -DZ_PREFIX -DNO_GZIP -DZLIB_PM3_TUNED #-DDEBUG -Dverbose=1 +REVENGSRCS = reveng/preset.c \ + reveng/reveng.c \ + reveng/cli.c \ + reveng/bmpbit.c \ + reveng/model.c \ + reveng/poly.c + QTGUISRCS = proxgui.cpp proxguiqt.cpp proxguiqt.moc.cpp guidummy.cpp COREOBJS = $(CORESRCS:%.c=$(OBJDIR)/%.o) CMDOBJS = $(CMDSRCS:%.c=$(OBJDIR)/%.o) OBJCOBJS = $(OBJCSRCS:%.m=$(OBJDIR)/%.o) ZLIBOBJS = $(ZLIBSRCS:%.c=$(OBJDIR)/%.o) +REVENGOBJS = $(REVENGSRCS:%.c=$(OBJDIR)/%.o) MULTIARCHOBJS = $(MULTIARCHSRCS:%.c=$(OBJDIR)/%_NOSIMD.o) \ $(MULTIARCHSRCS:%.c=$(OBJDIR)/%_MMX.o) \ $(MULTIARCHSRCS:%.c=$(OBJDIR)/%_SSE2.o) \ @@ -292,7 +296,7 @@ ifeq "$(SUPPORTS_AVX512)" "True" endif BINS = proxmark3 flasher -CLEAN = $(BINS) $(DEPENDENCY_FILES) $(COREOBJS) $(CMDOBJS) $(OBJCOBJS) $(ZLIBOBJS) $(QTGUIOBJS) $(MULTIARCHOBJS) $(OBJDIR)/*.o *.moc.cpp ui/ui_overlays.h lualibs/pm3_cmd.lua lualibs/mf_default_keys.lua +CLEAN = $(BINS) $(DEPENDENCY_FILES) $(COREOBJS) $(CMDOBJS) $(OBJCOBJS) $(ZLIBOBJS) $(REVENGOBJS) $(QTGUIOBJS) $(MULTIARCHOBJS) $(OBJDIR)/*.o *.moc.cpp ui/ui_overlays.h lualibs/pm3_cmd.lua lualibs/mf_default_keys.lua reveng/bmptst # need to assign dependancies to build these first... all: lua_build jansson_build mbedtls_build cbor_build $(BINS) @@ -301,9 +305,9 @@ all-static: LDLIBS:=-static $(LDLIBS) all-static: $(BINS) proxmark3: LDLIBS+=$(LUALIB) $(JANSSONLIB) $(MBEDTLSLIB) $(CBORLIB) $(QTLDLIBS) -proxmark3: $(OBJDIR)/proxmark3.o $(COREOBJS) $(CMDOBJS) $(OBJCOBJS) $(QTGUIOBJS) $(MULTIARCHOBJS) $(ZLIBOBJS) lualibs/pm3_cmd.lua lualibs/mf_default_keys.lua +proxmark3: reveng/bmptst $(OBJDIR)/proxmark3.o $(COREOBJS) $(CMDOBJS) $(OBJCOBJS) $(QTGUIOBJS) $(MULTIARCHOBJS) $(ZLIBOBJS) $(REVENGOBJS) lualibs/pm3_cmd.lua lualibs/mf_default_keys.lua $(info [=] LD $@) - $(Q)$(LD) $(LDFLAGS) $(OBJDIR)/proxmark3.o $(COREOBJS) $(CMDOBJS) $(OBJCOBJS) $(QTGUIOBJS) $(MULTIARCHOBJS) $(ZLIBOBJS) $(LDLIBS) -o $@ + $(Q)$(LD) $(LDFLAGS) $(OBJDIR)/proxmark3.o $(COREOBJS) $(CMDOBJS) $(OBJCOBJS) $(QTGUIOBJS) $(MULTIARCHOBJS) $(ZLIBOBJS) $(REVENGOBJS) $(LDLIBS) -o $@ flasher: $(OBJDIR)/flash.o $(OBJDIR)/flasher.o $(COREOBJS) $(OBJCOBJS) $(info [=] LD $@) @@ -354,6 +358,11 @@ cbor_build: $(info [*] MAKE tinycbor) $(Q)$(MAKE) --no-print-directory -C $(CBORLIBPATH) all + +reveng/bmptst: reveng/bmpbit.c reveng/config.h reveng/reveng.h + $(CC) $(CFLAGS) $(REVENGFLAGS) -DBMPTST -o $@ $< + ( ./$@ && $(TOUCH) $@ ) || ( $(RM) $@ && $(FALSE) ) + .PHONY: all clean # easy printing of MAKE VARIABLES @@ -419,7 +428,7 @@ $(OBJDIR)/%.o : %.m $(OBJDIR)/%.d # $(CXX) $(DEPFLAGS) $(CXXFLAGS) -c -o $@ $< # $(POSTCOMPILE) -DEPENDENCY_FILES = $(patsubst %.c, $(OBJDIR)/%.d, $(CORESRCS) $(CMDSRCS) $(ZLIBSRCS)) \ +DEPENDENCY_FILES = $(patsubst %.c, $(OBJDIR)/%.d, $(CORESRCS) $(CMDSRCS) $(ZLIBSRCS) $(REVENGSRCS)) \ $(patsubst %.o, %.d, $(MULTIARCHOBJS)) \ $(patsubst %.cpp, $(OBJDIR)/%.d, $(QTGUISRCS)) \ $(patsubst %.m, $(OBJDIR)/%.d, $(OBJCSRCS)) \ diff --git a/client/reveng/bmpbit.c b/client/reveng/bmpbit.c index d529b0e96..e44ddb250 100644 --- a/client/reveng/bmpbit.c +++ b/client/reveng/bmpbit.c @@ -67,7 +67,7 @@ main(int argc, char *argv[]) { setbmp(); if (BMP_BIT != bmpbit || BMP_SUB != bmpsub) { fprintf(stderr, "reveng: configuration fault. Update " - "config.h with these definitions and " + "reveng/config.h with these definitions and " "recompile:\n" "\t#define BMP_BIT %d\n" "\t#define BMP_SUB %d\n", diff --git a/client/reveng/config.h b/client/reveng/config.h index a4d46e9f2..55038b55a 100644 --- a/client/reveng/config.h +++ b/client/reveng/config.h @@ -57,33 +57,43 @@ /* #define ALWPCK 1 */ -/* Define PRESETS to compile CRC RevEng with the preset models from the +/* #define PRESETS 1 + * Define PRESETS to compile CRC RevEng with the preset models from the * CRC Catalogue. This implies BMPMACRO and so makes the code platform- * specific. */ -#ifdef _WIN32 -#define PRESETS 1 // -#endif - - -/* Macros defining the size of a bmp_t. +/* #define BMP_BIT 32 + * Macros defining the size of a bmp_t. * Their values only matter if PRESETS and/or BMPMACRO are defined, in * which case edit the macros below to suit your architecture. * Otherwise, BMP_BIT and BMP_SUB will be redefined as aliases of bmpbit * and bmpsub, global objects initialised at run time. */ -/* Size in bits of a bmp_t. Not necessarily a power of two. */ - -#define BMP_BIT 32 - -/* The highest power of two that is strictly less than BMP_BIT. +/* #define BMP_SUB 16 + * The highest power of two that is strictly less than BMP_BIT. * Initialises the index of a binary search for set bits in a bmp_t. */ + +#if UINTMAX_MAX == UINT64_MAX +// 64-bit +#define PRESETS 1 +#define BMP_BIT 64 +#define BMP_SUB 32 + +//#elif INTPTR_MAX == INT32_MAX +#elif UINTMAX_MAX == UINT32_MAX +// 32-bit +#define PRESETS 1 +#define BMP_BIT 32 #define BMP_SUB 16 +#else +#error Cannot determine automatically REVENG PRESETS Macros for your platform, you need to set them manually +#endif + /***************************************** * * * End of user configuration options * From 2f029d0d9db70caedef0e972c8a5841d9a5c3358 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Wed, 14 Aug 2019 21:54:43 +0200 Subject: [PATCH 23/37] remove comment --- client/reveng/config.h | 1 - 1 file changed, 1 deletion(-) diff --git a/client/reveng/config.h b/client/reveng/config.h index 55038b55a..b5498c5db 100644 --- a/client/reveng/config.h +++ b/client/reveng/config.h @@ -83,7 +83,6 @@ #define BMP_BIT 64 #define BMP_SUB 32 -//#elif INTPTR_MAX == INT32_MAX #elif UINTMAX_MAX == UINT32_MAX // 32-bit #define PRESETS 1 From a187968967a353fe70b751c812fa3018e9a9cca1 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Wed, 14 Aug 2019 22:19:52 +0200 Subject: [PATCH 24/37] Hmm, let's try to fix reveng on 32b --- client/reveng/config.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/client/reveng/config.h b/client/reveng/config.h index b5498c5db..ab7eb9aaa 100644 --- a/client/reveng/config.h +++ b/client/reveng/config.h @@ -77,13 +77,13 @@ */ -#if UINTMAX_MAX == UINT64_MAX +#if UINTPTR_MAX == UINT64_MAX // 64-bit #define PRESETS 1 #define BMP_BIT 64 #define BMP_SUB 32 -#elif UINTMAX_MAX == UINT32_MAX +#elif UINTPTR_MAX == UINT32_MAX // 32-bit #define PRESETS 1 #define BMP_BIT 32 From f008b965d5b77e173c3f9718ee10481b221ec793 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Wed, 14 Aug 2019 23:06:14 +0200 Subject: [PATCH 25/37] missing include --- client/reveng/config.h | 1 + 1 file changed, 1 insertion(+) diff --git a/client/reveng/config.h b/client/reveng/config.h index ab7eb9aaa..ecf17773f 100644 --- a/client/reveng/config.h +++ b/client/reveng/config.h @@ -77,6 +77,7 @@ */ +#include #if UINTPTR_MAX == UINT64_MAX // 64-bit #define PRESETS 1 From 4d16f3e7d2404ad28642b2bc947d541b5eb1235d Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Thu, 15 Aug 2019 19:24:50 +0200 Subject: [PATCH 26/37] fix reveng: unsigned long on Mingw64 is only 32b, hopefully limits.h can help --- client/reveng/config.h | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/client/reveng/config.h b/client/reveng/config.h index ecf17773f..94d3c4da5 100644 --- a/client/reveng/config.h +++ b/client/reveng/config.h @@ -78,14 +78,15 @@ #include -#if UINTPTR_MAX == UINT64_MAX -// 64-bit +#include +#if ULONG_MAX == UINT64_MAX +// most 64-bit platforms #define PRESETS 1 #define BMP_BIT 64 #define BMP_SUB 32 -#elif UINTPTR_MAX == UINT32_MAX -// 32-bit +#elif ULONG_MAX == UINT32_MAX +// 32-bit platforms and Mingw64 #define PRESETS 1 #define BMP_BIT 32 #define BMP_SUB 16 From 271011911349af981a1a1c4b04ac2d44ce0ab9c7 Mon Sep 17 00:00:00 2001 From: Iceman Date: Thu, 15 Aug 2019 21:28:45 +0200 Subject: [PATCH 27/37] Update README.md --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 1af5d2157..6829fdff1 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,9 @@ -# Proxmark3 RDV4.0 Dedicated Github +# RRG / Iceman repo, dedicated to Proxmark3 RDV4.0 This repo is based on iceman fork for Proxmark3. It is dedicated to bringing the most out of the new features for Proxmark3 RDV4.0 new hardware and design. -Note that it also supports other Proxmark3 platforms as well! + +_Note that it also supports other Proxmark3 platforms as well!_ + | Releases | Linux & OSX CI | Windows CI | | ------------------- |:-------------------:| -------------------:| From ca5fbc843882dfa1dbb19c49fcbb021b4ea358dc Mon Sep 17 00:00:00 2001 From: Iceman Date: Thu, 15 Aug 2019 21:32:00 +0200 Subject: [PATCH 28/37] Update README.md --- README.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 6829fdff1..23d412ff2 100644 --- a/README.md +++ b/README.md @@ -49,11 +49,14 @@ This fork now compiles just fine on If you intend to contribute to the code, please read the [coding style notes](HACKING.md) first. - Internal notes on [Coverity Scan Config & Run](/doc/md/Development/Coverity-Scan-Config-%26-Run.md). -- Internal notes on UART -- Internal notes on Frame format -- Internal notes on standalone mode - +- Internal notes on [UART](/doc/uart_notes.md) +- Internal notes on [Frame format](/doc/new_frame_format.md) +- Internal notes on [external flash](/doc/ext_flash_notes.md) +- Internal notes on [standalone mode](https://github.com/RfidResearchGroup/proxmark3/wiki/Standalone-mode) +- Internal notes on [Termux / Android](/doc/termux_notes.md) +## Cheat sheet +Thanks to Alex Dibs, you can enjoy a [command cheat sheet](/doc/cheatsheet.md) ## Why didn't you base it on official Proxmark3 Master? From d12b3c35f18e76c84b34fe9954d5e791b63b94da Mon Sep 17 00:00:00 2001 From: Iceman Date: Thu, 15 Aug 2019 21:32:54 +0200 Subject: [PATCH 29/37] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 23d412ff2..81c676b8d 100644 --- a/README.md +++ b/README.md @@ -42,8 +42,8 @@ This fork now compiles just fine on - Windows/mingw environment with Qt5.6.1 & GCC 4.8 - Ubuntu 1404, 1510, 1604, 1804, 1904 - Mac OS X / Homebrew - - ParrotOS - - WSL (Windows subsystem linux) on Windows 10 + - ParrotOS, Gentoo, Pentoo + - WSL, WSL2 (Windows subsystem linux) on Windows 10 - Docker container If you intend to contribute to the code, please read the [coding style notes](HACKING.md) first. From d99911a03d2bc7ce2acc849943fefa227bf2b29b Mon Sep 17 00:00:00 2001 From: Alex Dib Date: Fri, 16 Aug 2019 09:20:57 +1000 Subject: [PATCH 30/37] Cheatsheet update - Added commands & fixed typos --- doc/cheatsheet.md | 156 +++++++++++++++++++++++++++++++++++++++------- 1 file changed, 133 insertions(+), 23 deletions(-) diff --git a/doc/cheatsheet.md b/doc/cheatsheet.md index 8770b7551..06af60d56 100644 --- a/doc/cheatsheet.md +++ b/doc/cheatsheet.md @@ -1,5 +1,18 @@ # Cheatsheet +- [Generic](#Generic) +- [iClass](#iClass) +- [Mifare](#Mifare) +- [HID Prox](#HID-Prox) +- [Indala](#Indala) +- [Hitag](#Hitag) +- [T55XX](#T55XX) +- [Data](#Data) +- [Lua Scripts](#Lua-Scripts) +- [Memory](#Memory) +- [Sim Module](#Sim-Module) +- [Smart Card](#Smart-Card) + ## Generic Identify High Frequency cards @@ -22,6 +35,11 @@ Check versioning pm3 --> hw version ``` +Check overall status +``` +pm3 --> hw status +``` + ## iClass Reverse permute iClass master key @@ -158,20 +176,30 @@ Check for default keys Options --- <*card memory> [t|d|s|ss] -* - all sectors -card memory - 0 - MINI(320 bytes), 1 - 1K, 2 - 2K, 4 - 4K -d - write keys to binary file +* : all sectors +card memory : 0 - MINI(320 bytes), 1 - 1K, 2 - 2K, 4 - 4K +d : write keys to binary file pm3 --> hf mf chk *1 ? d default_keys.dic ``` +Check for default keys from local memory +``` +Options +--- +card memory : 0 - MINI(320 bytes), 1 - 1K, 2 - 2K, 4 - 4K +m : use dictionary from flashmemory + +pm3 --> hf mf fchk 1 m +``` + Dump Mifare card contents ``` Options --- -: 0 = 320 bytes (Mifare Mini), 1 = 1K (default), 2 = 2K, 4 = 4K -k : key filename, if no given, UID will be used as filename" -f : data filename, if no given, UID will be used as filename + : 0 = 320 bytes (Mifare Mini), 1 = 1K (default), 2 = 2K, 4 = 4K +k : key filename, if no given, UID will be used as filename" +f : data filename, if no given, UID will be used as filename pm3 --> hf mf dump 1 pm3 --> hf mf dump 1 k hf-mf-A29558E4-key.bin f hf-mf-A29558E4-data.bin @@ -181,7 +209,7 @@ Convert .bin to .eml ``` Options --- -i ????????????? +i : Specifies the dump-file (input). If omitted, 'dumpdata.bin' is used pm3 --> script run dumptoemul -i dumpdata.bin ``` @@ -278,11 +306,11 @@ Brute force HID reader ``` Options --- -a : 26|33|34|35|37|40|44|84"); -f : 8-bit value HID facility code"); -c : (optional) cardnumber to start with, max 65535"); -d : delay betweens attempts in ms. Default 1000ms"); -v : verbose logging, show all tries"); +a : 26|33|34|35|37|40|44|84 +f : 8-bit value HID facility code +c : (optional) cardnumber to start with, max 65535 +d : delay betweens attempts in ms. Default 1000ms +v : verbose logging, show all tries pm3 --> lf hid brute a 26 f 224 pm3 --> lf hid brute v a 26 f 21 c 200 d 2000 @@ -334,7 +362,7 @@ HitagS: 02 : Read all pages, crypto mode. Set key=0 for no auth Hitag2: -21 : Read all pages, password mode. Default: 4D494B52 (\"MIKR\") +21 : Read all pages, password mode. Default: 4D494B52 ("MIKR") 22 : Read all pages, challenge mode 23 : Read all pages, crypto mode. Key format: ISK high + ISK low. Default: 4F4E4D494B52 ("ONMIKR") 25 : Test recorded authentications @@ -383,11 +411,11 @@ Detect T55XX card pm3 --> lf t55xx detect ``` -Configure demodulation +Configure modulation ``` Options --- - : Set demodulation + : Set modulation EM is ASK HID Prox is FSK Indala is PSK @@ -395,6 +423,16 @@ Indala is PSK pm3 --> lf t55xx config FSK ``` +Set timings to default +``` +Options +--- +p : persist to flashmemory +z : Set default t55x7 timings (use p to save if required) + +pm3 --> lf t55xx deviceconfig z p +``` + Write to T55xx block ``` b : block number to write. Between 0-7 @@ -405,24 +443,24 @@ pm3 --> lf t55xx wr b 0 d 00081040 Wipe a T55xx tag and set defaults ``` -lf t55xx wipe +pm3 --> lf t55xx wipe ``` ## Data Get raw samples [512-40000] ``` -data samples +pm3 --> data samples ``` Save samples to file ``` -data save +pm3 --> data save ``` Load samples from file ``` -data load +pm3 --> data load ``` ## Lua Scripts @@ -430,16 +468,16 @@ data load List Lua Scripts ``` -script list +pm3 --> script list ``` Convert .bin to .eml ``` Options --- -i : Specifies the dump-file (input). If omitted, 'dumpdata.bin' is used +i : Specifies the dump-file (input). If omitted, 'dumpdata.bin' is used -script run dumptoemul -i xxxxxxxxxxxxxx.bin +pm3 --> script run dumptoemul -i xxxxxxxxxxxxxx.bin ``` Format Mifare card @@ -451,5 +489,77 @@ n : the new key that will be written to the card a : the new access bytes that will be written to the card x : execute the commands aswell. -script run formatMifare -k FFFFFFFFFFFF -n FFFFFFFFFFFF -x +pm3 --> script run formatMifare -k FFFFFFFFFFFF -n FFFFFFFFFFFF -x +``` + +## Memory + +Load default keys into memory +``` +Options +--- +o : offset in memory +f : file name +m : upload 6 bytes keys (mifare key dictionary) +i : upload 8 bytes keys (iClass key dictionary) +t : upload 4 bytes keys (pwd dictionary) + +pm3 --> mem load f default_keys m +pm3 --> mem load f default_pwd t +pm3 --> mem load f default_iclass_keys i +``` + +## Sim Module + +Upgrade Sim Module firmware +``` +pm3 --> sc upgrade f ../tools/simmodule/SIM011.BIN +``` + +## Smart Card + +Get Smart Card Information +``` +pm3 --> sc info +``` + +Act like an IS07816 reader +``` +pm3 --> sc reader +``` + +Set clock speed +``` +Options +--- +c : clockspeed (0 = 16MHz, 1=8MHz, 2=4MHz) + +pm3 --> sc setclock c 2 +``` + +Send raw hex data +``` +Options +--- +r : do not read response +a : active smartcard without select (reset sc module) +s : active smartcard with select (get ATR) +t : executes TLV decoder if it possible +0 : use protocol T=0 +d : bytes to send + +pm3 --> sc raw s 0 d 00a404000e315041592e5359532e4444463031 : 1PAY.SYS.DDF01 PPSE directory with get ATR +pm3 --> sc raw 0 d 00a404000e325041592e5359532e4444463031 : 2PAY.SYS.DDF01 PPSE directory +pm3 --> sc raw 0 t d 00a4040007a0000000041010 : Mastercard +pm3 --> sc raw 0 t d 00a4040007a0000000031010 : Visa +```` + +Bruteforce SPI +``` +Options +--- +t : executes TLV decoder if it possible + +pm3 --> sc brute +pm3 --> sc brute t ``` From b8e054698ab3848f72813440462ab470f6e888fb Mon Sep 17 00:00:00 2001 From: Iceman Date: Fri, 16 Aug 2019 11:20:06 +0200 Subject: [PATCH 31/37] Update cheatsheet.md --- doc/cheatsheet.md | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/doc/cheatsheet.md b/doc/cheatsheet.md index 06af60d56..32068ce0e 100644 --- a/doc/cheatsheet.md +++ b/doc/cheatsheet.md @@ -1,17 +1,11 @@ # Cheatsheet +|||| +|---|---|---| +|[Generic](#Generic)|[iClass](#iClass)|[Mifare](#Mifare)| +|[HID Prox](#HID-Prox)|[Indala](#Indala)|[Hitag](#Hitag)| +|[T55XX](#T55XX)|[Data](#Data)|[Lua Scripts](#Lua-Scripts)| +|[Memory](#Memory)|[Sim Module](#Sim-Module)|[Smart Card](#Smart-Card)| -- [Generic](#Generic) -- [iClass](#iClass) -- [Mifare](#Mifare) -- [HID Prox](#HID-Prox) -- [Indala](#Indala) -- [Hitag](#Hitag) -- [T55XX](#T55XX) -- [Data](#Data) -- [Lua Scripts](#Lua-Scripts) -- [Memory](#Memory) -- [Sim Module](#Sim-Module) -- [Smart Card](#Smart-Card) ## Generic From 3408e31633500dc36011a5c1173c945870e35a2a Mon Sep 17 00:00:00 2001 From: Iceman Date: Fri, 16 Aug 2019 11:22:47 +0200 Subject: [PATCH 32/37] Update cheatsheet.md --- doc/cheatsheet.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/doc/cheatsheet.md b/doc/cheatsheet.md index 32068ce0e..78a080dd9 100644 --- a/doc/cheatsheet.md +++ b/doc/cheatsheet.md @@ -1,10 +1,12 @@ # Cheatsheet -|||| +|Genrice|LF|HF| |---|---|---| -|[Generic](#Generic)|[iClass](#iClass)|[Mifare](#Mifare)| -|[HID Prox](#HID-Prox)|[Indala](#Indala)|[Hitag](#Hitag)| -|[T55XX](#T55XX)|[Data](#Data)|[Lua Scripts](#Lua-Scripts)| -|[Memory](#Memory)|[Sim Module](#Sim-Module)|[Smart Card](#Smart-Card)| +|[Generic](#Generic)|[T55XX](#T55XX)|[Mifare](#Mifare)| +|[Data](#Data)|[HID Prox](#HID-Prox)|[iClass](#iClass)| +|[Memory](#Memory)|[Indala](#Indala)|| +|[Sim Module](#Sim-Module)|[Hitag](#Hitag)|| +|[Lua Scripts](#Lua-Scripts)||| +|[Smart Card](#Smart-Card)||| ## Generic From f2e77bfbe436c40930d548ac21886e7140d24165 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Sat, 17 Aug 2019 15:59:11 +0200 Subject: [PATCH 33/37] chg: some tabs converted --- client/cmdhficlass.c | 64 ++++++++++++++++++++++---------------------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/client/cmdhficlass.c b/client/cmdhficlass.c index f58d5377c..7badc7c86 100644 --- a/client/cmdhficlass.c +++ b/client/cmdhficlass.c @@ -322,31 +322,31 @@ static void fuse_config(const picopass_hdr *hdr) { uint8_t fuses = hdr->conf.fuses; if (isset(fuses, FUSE_FPERS)) - PrintAndLogEx(SUCCESS, "\tMode: Personalization [Programmable]"); + PrintAndLogEx(SUCCESS, " Mode: Personalization [Programmable]"); else - PrintAndLogEx(NORMAL, "\tMode: Application [Locked]"); + PrintAndLogEx(NORMAL, " Mode: Application [Locked]"); if (isset(fuses, FUSE_CODING1)) { - PrintAndLogEx(NORMAL, "\tCoding: RFU"); + PrintAndLogEx(NORMAL, " Coding: RFU"); } else { if (isset(fuses, FUSE_CODING0)) - PrintAndLogEx(NORMAL, "\tCoding: ISO 14443-2 B/ISO 15693"); + PrintAndLogEx(NORMAL, " Coding: ISO 14443-2 B/ISO 15693"); else - PrintAndLogEx(NORMAL, "\tCoding: ISO 14443B only"); + PrintAndLogEx(NORMAL, " Coding: ISO 14443B only"); } // 1 1 - if (isset(fuses, FUSE_CRYPT1) && isset(fuses, FUSE_CRYPT0)) PrintAndLogEx(SUCCESS, "\tCrypt: Secured page, keys not locked"); + if (isset(fuses, FUSE_CRYPT1) && isset(fuses, FUSE_CRYPT0)) PrintAndLogEx(SUCCESS, " Crypt: Secured page, keys not locked"); // 1 0 - if (isset(fuses, FUSE_CRYPT1) && notset(fuses, FUSE_CRYPT0)) PrintAndLogEx(NORMAL, "\tCrypt: Secured page, keys locked"); + if (isset(fuses, FUSE_CRYPT1) && notset(fuses, FUSE_CRYPT0)) PrintAndLogEx(NORMAL, " Crypt: Secured page, keys locked"); // 0 1 - if (notset(fuses, FUSE_CRYPT1) && isset(fuses, FUSE_CRYPT0)) PrintAndLogEx(SUCCESS, "\tCrypt: Non secured page"); + if (notset(fuses, FUSE_CRYPT1) && isset(fuses, FUSE_CRYPT0)) PrintAndLogEx(SUCCESS, " Crypt: Non secured page"); // 0 0 - if (notset(fuses, FUSE_CRYPT1) && notset(fuses, FUSE_CRYPT0)) PrintAndLogEx(NORMAL, "\tCrypt: No auth possible. Read only if RA is enabled"); + if (notset(fuses, FUSE_CRYPT1) && notset(fuses, FUSE_CRYPT0)) PrintAndLogEx(NORMAL, " Crypt: No auth possible. Read only if RA is enabled"); if (isset(fuses, FUSE_RA)) - PrintAndLogEx(NORMAL, "\tRA: Read access enabled"); + PrintAndLogEx(NORMAL, " RA: Read access enabled"); else - PrintAndLogEx(WARNING, "\tRA: Read access not enabled"); + PrintAndLogEx(WARNING, " RA: Read access not enabled"); } static void getMemConfig(uint8_t mem_cfg, uint8_t chip_cfg, uint8_t *max_blk, uint8_t *app_areas, uint8_t *kb) { @@ -396,26 +396,26 @@ static void mem_app_config(const picopass_hdr *hdr) { if (kb == 2 && (applimit > 0x1f)) applimit = 26; PrintAndLogEx(NORMAL, " Mem: %u KBits/%u App Areas (%u * 8 bytes) [%02X]", kb, app_areas, max_blk, mem); - PrintAndLogEx(NORMAL, "\tAA1: blocks 06-%02X", applimit); - PrintAndLogEx(NORMAL, "\tAA2: blocks %02X-%02X", applimit + 1, max_blk); - PrintAndLogEx(NORMAL, "\tOTP: 0x%02X%02X", hdr->conf.otp[1], hdr->conf.otp[0]); - PrintAndLogEx(NORMAL, "\nKeyAccess:"); + PrintAndLogEx(NORMAL, " AA1: blocks 06-%02X", applimit); + PrintAndLogEx(NORMAL, " AA2: blocks %02X-%02X", applimit + 1, max_blk); + PrintAndLogEx(NORMAL, " OTP: 0x%02X%02X", hdr->conf.otp[1], hdr->conf.otp[0]); + PrintAndLogEx(NORMAL, " KeyAccess:"); uint8_t book = isset(mem, 0x20); if (book) { - PrintAndLogEx(NORMAL, "\tRead A - Kd"); - PrintAndLogEx(NORMAL, "\tRead B - Kc"); - PrintAndLogEx(NORMAL, "\tWrite A - Kd"); - PrintAndLogEx(NORMAL, "\tWrite B - Kc"); - PrintAndLogEx(NORMAL, "\tDebit - Kd or Kc"); - PrintAndLogEx(NORMAL, "\tCredit - Kc"); + PrintAndLogEx(NORMAL, " Read A - Kd"); + PrintAndLogEx(NORMAL, " Read B - Kc"); + PrintAndLogEx(NORMAL, " Write A - Kd"); + PrintAndLogEx(NORMAL, " Write B - Kc"); + PrintAndLogEx(NORMAL, " Debit - Kd or Kc"); + PrintAndLogEx(NORMAL, " Credit - Kc"); } else { - PrintAndLogEx(NORMAL, "\tRead A - Kd or Kc"); - PrintAndLogEx(NORMAL, "\tRead B - Kd or Kc"); - PrintAndLogEx(NORMAL, "\tWrite A - Kc"); - PrintAndLogEx(NORMAL, "\tWrite B - Kc"); - PrintAndLogEx(NORMAL, "\tDebit - Kd or Kc"); - PrintAndLogEx(NORMAL, "\tCredit - Kc"); + PrintAndLogEx(NORMAL, " Read A - Kd or Kc"); + PrintAndLogEx(NORMAL, " Read B - Kd or Kc"); + PrintAndLogEx(NORMAL, " Write A - Kc"); + PrintAndLogEx(NORMAL, " Write B - Kc"); + PrintAndLogEx(NORMAL, " Debit - Kd or Kc"); + PrintAndLogEx(NORMAL, " Credit - Kc"); } } static void print_picopass_info(const picopass_hdr *hdr) { @@ -453,14 +453,14 @@ static int CmdHFiClassSim(const char *Cmd) { if (simType == 0) { if (param_gethex(Cmd, 1, CSN, 16)) { - PrintAndLogEx(WARNING, "A CSN should consist of 16 HEX symbols"); + PrintAndLogEx(ERR, "A CSN should consist of 16 HEX symbols"); return usage_hf_iclass_sim(); } - PrintAndLogEx(NORMAL, "--simtype:%02x csn:%s", simType, sprint_hex(CSN, 8)); + PrintAndLogEx(NORMAL, " simtype: %02x csn: %s", simType, sprint_hex(CSN, 8)); } if (simType > 4) { - PrintAndLogEx(WARNING, "Undefined simptype %d", simType); + PrintAndLogEx(ERR, "Undefined simptype %d", simType); return usage_hf_iclass_sim(); } @@ -1903,7 +1903,7 @@ static int CmdHFiClassManageKeys(const char *Cmd) { case 'f': fileNameLen = param_getstr(Cmd, cmdp + 1, filename, sizeof(filename)); if (fileNameLen < 1) { - PrintAndLogEx(WARNING, "No filename found after f"); + PrintAndLogEx(ERR, "No filename found"); errors = true; } cmdp += 2; @@ -1911,7 +1911,7 @@ static int CmdHFiClassManageKeys(const char *Cmd) { case 'n': keyNbr = param_get8(Cmd, cmdp + 1); if (keyNbr >= ICLASS_KEYS_MAX) { - PrintAndLogEx(WARNING, "Invalid block number"); + PrintAndLogEx(ERR, "Invalid block number, MAX is "_YELLOW_("%d"), ICLASS_KEYS_MAX); errors = true; } cmdp += 2; From 25507a6244cd41c52a59add4d4ae4b45a3fb6ea9 Mon Sep 17 00:00:00 2001 From: Iceman Date: Sat, 17 Aug 2019 22:59:01 +0200 Subject: [PATCH 34/37] Update cheatsheet.md --- doc/cheatsheet.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/cheatsheet.md b/doc/cheatsheet.md index 78a080dd9..cf5a328c1 100644 --- a/doc/cheatsheet.md +++ b/doc/cheatsheet.md @@ -1,5 +1,5 @@ # Cheatsheet -|Genrice|LF|HF| +|Generic|LF|HF| |---|---|---| |[Generic](#Generic)|[T55XX](#T55XX)|[Mifare](#Mifare)| |[Data](#Data)|[HID Prox](#HID-Prox)|[iClass](#iClass)| From b4ac11a10ed3a0a67b428b10af06447511e7f138 Mon Sep 17 00:00:00 2001 From: Iceman Date: Sat, 17 Aug 2019 23:01:08 +0200 Subject: [PATCH 35/37] Update cheatsheet.md --- doc/cheatsheet.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/cheatsheet.md b/doc/cheatsheet.md index cf5a328c1..7a3cb81e4 100644 --- a/doc/cheatsheet.md +++ b/doc/cheatsheet.md @@ -1,5 +1,5 @@ -# Cheatsheet -|Generic|LF|HF| +# command Cheat Sheet +|Generic|Low Frequence 125kHz|High Frequence 13.56MHz| |---|---|---| |[Generic](#Generic)|[T55XX](#T55XX)|[Mifare](#Mifare)| |[Data](#Data)|[HID Prox](#HID-Prox)|[iClass](#iClass)| From 4a817588bac60ae363a7990528952f242ca6a042 Mon Sep 17 00:00:00 2001 From: Iceman Date: Sat, 17 Aug 2019 23:01:31 +0200 Subject: [PATCH 36/37] Update cheatsheet.md --- doc/cheatsheet.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/cheatsheet.md b/doc/cheatsheet.md index 7a3cb81e4..63c74d1a3 100644 --- a/doc/cheatsheet.md +++ b/doc/cheatsheet.md @@ -1,5 +1,5 @@ -# command Cheat Sheet -|Generic|Low Frequence 125kHz|High Frequence 13.56MHz| +# Command Cheat Sheet +|Generic|Low Frequence 125 kHz|High Frequence 13.56 MHz| |---|---|---| |[Generic](#Generic)|[T55XX](#T55XX)|[Mifare](#Mifare)| |[Data](#Data)|[HID Prox](#HID-Prox)|[iClass](#iClass)| From 655d46993b04fa88c7983e9149d3417da1b61f21 Mon Sep 17 00:00:00 2001 From: Oleg Moiseenko <807634+merlokk@users.noreply.github.com> Date: Sun, 18 Aug 2019 00:41:27 +0300 Subject: [PATCH 37/37] Travis (#333) change travis config to make branches --- .travis.yml | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index f42dd8f1c..3c12e6d3c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -4,6 +4,12 @@ language: c #default linux build env is: xenial compiler: gcc +# move some env variables to homebrew env +env: + global: + - HOMEBREW_TRAVIS_BRANCH=$TRAVIS_BRANCH + - HOMEBREW_TRAVIS_COMMIT=$TRAVIS_COMMIT + # Test on Linux and MacOS matrix: include: @@ -19,8 +25,16 @@ addons: - gcc-arm-none-eabi - libnewlib-dev homebrew: + packages: + - readline + - p7zip + - libusb-compat + - perl + - qt5 + - wget + - RfidResearchGroup/proxmark3/arm-none-eabi-gcc taps: RfidResearchGroup/proxmark3 - + install: if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew info proxmark3;