fix: 'hf mf sniff' - @merlokk 's adjustments

This commit is contained in:
iceman1001 2018-01-17 00:28:40 +01:00
parent de983252eb
commit b4afc8cdc4

View file

@ -196,7 +196,7 @@ void UartReset() {
Uart.parityBits = 0; // holds 8 parity bits Uart.parityBits = 0; // holds 8 parity bits
Uart.startTime = 0; Uart.startTime = 0;
Uart.endTime = 0; Uart.endTime = 0;
Uart.fourBits = 0x00000000; // clear the buffer for 4 Bits
Uart.posCnt = 0; Uart.posCnt = 0;
Uart.syncBit = 9999; Uart.syncBit = 9999;
} }
@ -204,7 +204,6 @@ void UartReset() {
void UartInit(uint8_t *data, uint8_t *parity) { void UartInit(uint8_t *data, uint8_t *parity) {
Uart.output = data; Uart.output = data;
Uart.parity = parity; Uart.parity = parity;
Uart.fourBits = 0x00000000; // clear the buffer for 4 Bits
UartReset(); UartReset();
} }
@ -363,7 +362,7 @@ void DemodReset() {
Demod.shiftReg = 0; // shiftreg to hold decoded data bits Demod.shiftReg = 0; // shiftreg to hold decoded data bits
Demod.parityBits = 0; // Demod.parityBits = 0; //
Demod.collisionPos = 0; // Position of collision bit Demod.collisionPos = 0; // Position of collision bit
Demod.twoBits = 0xffff; // buffer for 2 Bits Demod.twoBits = 0xFFFF; // buffer for 2 Bits
Demod.highCnt = 0; Demod.highCnt = 0;
Demod.startTime = 0; Demod.startTime = 0;
Demod.endTime = 0; Demod.endTime = 0;
@ -465,7 +464,6 @@ static RAMFUNC int ManchesterDecoding(uint8_t bit, uint16_t offset, uint32_t non
} }
} }
} }
return false; // not finished yet, need more data return false; // not finished yet, need more data
} }
@ -569,7 +567,8 @@ void RAMFUNC SniffIso14443a(uint8_t param) {
LED_A_OFF(); LED_A_OFF();
if (rsamples & 0x01) { // Need two samples to feed Miller and Manchester-Decoder // Need two samples to feed Miller and Manchester-Decoder
if (rsamples & 0x01) {
if (!TagIsActive) { // no need to try decoding reader data if the tag is sending if (!TagIsActive) { // no need to try decoding reader data if the tag is sending
uint8_t readerdata = (previous_data & 0xF0) | (*data >> 4); uint8_t readerdata = (previous_data & 0xF0) | (*data >> 4);
@ -615,7 +614,8 @@ void RAMFUNC SniffIso14443a(uint8_t param) {
// ready to receive another response. // ready to receive another response.
DemodReset(); DemodReset();
// reset the Miller decoder including its (now outdated) input buffer // reset the Miller decoder including its (now outdated) input buffer
UartInit(receivedCmd, receivedCmdPar); UartReset();
//UartInit(receivedCmd, receivedCmdPar);
LED_C_OFF(); LED_C_OFF();
} }
TagIsActive = (Demod.state != DEMOD_UNSYNCD); TagIsActive = (Demod.state != DEMOD_UNSYNCD);
@ -3374,10 +3374,16 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
// "hf mf sniff" // "hf mf sniff"
void RAMFUNC SniffMifare(uint8_t param) { void RAMFUNC SniffMifare(uint8_t param) {
// param:
// bit 0 - trigger from first card answer
// bit 1 - trigger from first reader 7-bit request
// C(red) A(yellow) B(green)
LEDsoff(); LEDsoff();
iso14443a_setup(FPGA_HF_ISO14443A_SNIFFER);
// free eventually allocated BigBuf memory // Allocate memory from BigBuf for some buffers
// free all previous allocations first
BigBuf_free(); BigBuf_Clear_ext(false); BigBuf_free(); BigBuf_Clear_ext(false);
clear_trace(); clear_trace();
set_tracing(true); set_tracing(true);
@ -3390,10 +3396,7 @@ void RAMFUNC SniffMifare(uint8_t param) {
uint8_t receivedResponse[MAX_MIFARE_FRAME_SIZE] = {0x00}; uint8_t receivedResponse[MAX_MIFARE_FRAME_SIZE] = {0x00};
uint8_t receivedResponsePar[MAX_MIFARE_PARITY_SIZE] = {0x00}; uint8_t receivedResponsePar[MAX_MIFARE_PARITY_SIZE] = {0x00};
iso14443a_setup(FPGA_HF_ISO14443A_SNIFFER);
// allocate the DMA buffer, used to stream samples from the FPGA // allocate the DMA buffer, used to stream samples from the FPGA
// [iceman] is this sniffed data unsigned?
uint8_t *dmaBuf = BigBuf_malloc(DMA_BUFFER_SIZE); uint8_t *dmaBuf = BigBuf_malloc(DMA_BUFFER_SIZE);
uint8_t *data = dmaBuf; uint8_t *data = dmaBuf;
uint8_t previous_data = 0; uint8_t previous_data = 0;
@ -3411,7 +3414,7 @@ void RAMFUNC SniffMifare(uint8_t param) {
// Setup and start DMA. // Setup and start DMA.
// set transfer address and number of bytes. Start transfer. // set transfer address and number of bytes. Start transfer.
if ( !FpgaSetupSscDma(dmaBuf, DMA_BUFFER_SIZE) ){ if ( !FpgaSetupSscDma(dmaBuf, DMA_BUFFER_SIZE) ){
if (MF_DBGLEVEL > 1) Dbprintf("[-] FpgaSetupSscDma failed. Exiting"); if (MF_DBGLEVEL > 1) Dbprintf("[!] FpgaSetupSscDma failed. Exiting");
return; return;
} }
@ -3426,20 +3429,21 @@ void RAMFUNC SniffMifare(uint8_t param) {
WDT_HIT(); WDT_HIT();
LED_A_ON(); LED_A_ON();
if ((sniffCounter & 0x0000FFFF) == 0) { // from time to time if ((sniffCounter & 0xFFFF) == 0) { // from time to time
// check if a transaction is completed (timeout after 2000ms). // check if a transaction is completed (timeout after 2000ms).
// if yes, stop the DMA transfer and send what we have so far to the client // if yes, stop the DMA transfer and send what we have so far to the client
if (MfSniffSend(2000)) { if (MfSniffSend(2000)) {
// Reset everything - we missed some sniffed data anyway while the DMA was stopped // Reset everything - we missed some sniffed data anyway while the DMA was stopped
sniffCounter = 0; sniffCounter = 0;
dmaBuf = BigBuf_malloc(DMA_BUFFER_SIZE);
data = dmaBuf; data = dmaBuf;
maxDataLen = 0; maxDataLen = 0;
ReaderIsActive = false; ReaderIsActive = false;
TagIsActive = false; TagIsActive = false;
// Setup and start DMA. set transfer address and number of bytes. Start transfer. // Setup and start DMA. set transfer address and number of bytes. Start transfer.
if ( !FpgaSetupSscDma(dmaBuf, DMA_BUFFER_SIZE) ){ if ( !FpgaSetupSscDma(dmaBuf, DMA_BUFFER_SIZE) ){
if (MF_DBGLEVEL > 1) DbpString("[-] FpgaSetupSscDma failed. Exiting"); if (MF_DBGLEVEL > 1) DbpString("[!] FpgaSetupSscDma failed. Exiting");
return; return;
} }
} }
@ -3459,7 +3463,7 @@ void RAMFUNC SniffMifare(uint8_t param) {
if (dataLen > maxDataLen) { // we are more behind than ever... if (dataLen > maxDataLen) { // we are more behind than ever...
maxDataLen = dataLen; maxDataLen = dataLen;
if (dataLen > (9 * DMA_BUFFER_SIZE / 10)) { if (dataLen > (9 * DMA_BUFFER_SIZE / 10)) {
Dbprintf("[-] blew circular buffer! dataLen=0x%x", dataLen); Dbprintf("[!] blew circular buffer! | datalen %u", dataLen);
break; break;
} }
} }
@ -3469,7 +3473,7 @@ void RAMFUNC SniffMifare(uint8_t param) {
if (!AT91C_BASE_PDC_SSC->PDC_RCR) { if (!AT91C_BASE_PDC_SSC->PDC_RCR) {
AT91C_BASE_PDC_SSC->PDC_RPR = (uint32_t)dmaBuf; AT91C_BASE_PDC_SSC->PDC_RPR = (uint32_t)dmaBuf;
AT91C_BASE_PDC_SSC->PDC_RCR = DMA_BUFFER_SIZE; AT91C_BASE_PDC_SSC->PDC_RCR = DMA_BUFFER_SIZE;
Dbprintf("[-] RxEmpty ERROR, data length:%d", dataLen); // temporary Dbprintf("[-] RxEmpty ERROR | data length %u", dataLen); // temporary
} }
// secondary buffer sets as primary, secondary buffer was stopped // secondary buffer sets as primary, secondary buffer was stopped
if (!AT91C_BASE_PDC_SSC->PDC_RNCR) { if (!AT91C_BASE_PDC_SSC->PDC_RNCR) {
@ -3479,37 +3483,37 @@ void RAMFUNC SniffMifare(uint8_t param) {
LED_A_OFF(); LED_A_OFF();
// Need two samples to feed Miller and Manchester-Decoder
if (sniffCounter & 0x01) { if (sniffCounter & 0x01) {
// no need to try decoding tag data if the reader is sending // no need to try decoding tag data if the reader is sending
if (!TagIsActive) { if (!TagIsActive) {
uint8_t readerdata = (previous_data & 0xF0) | (*data >> 4); uint8_t readerbyte = (previous_data & 0xF0) | (*data >> 4);
if (MillerDecoding(readerdata, (sniffCounter-1)*4)) { if (MillerDecoding(readerbyte, (sniffCounter-1)*4)) {
LED_C_INV(); LED_B_ON();
LED_C_OFF();
if (MfSniffLogic(receivedCmd, Uart.len, Uart.parity, Uart.bitCount, true)) break; MfSniffLogic(receivedCmd, Uart.len, Uart.parity, Uart.bitCount, true);
DemodReset(); DemodReset();
UartInit(receivedCmd, receivedCmdPar); UartReset();
} }
ReaderIsActive = (Uart.state != STATE_UNSYNCD); ReaderIsActive = (Uart.state != STATE_UNSYNCD);
TagIsActive = !ReaderIsActive;
} }
// no need to try decoding tag data if the reader is sending // no need to try decoding tag data if the reader is sending
if (!ReaderIsActive) { if (!ReaderIsActive) {
uint8_t tagdata = (previous_data << 4) | (*data & 0x0F); uint8_t tagbyte = (previous_data << 4) | (*data & 0x0F);
if (ManchesterDecoding(tagdata, 0, (sniffCounter-1)*4)) { if (ManchesterDecoding(tagbyte, 0, (sniffCounter-1)*4)) {
LED_C_INV(); LED_B_OFF();
LED_C_ON();
if (MfSniffLogic(receivedResponse, Demod.len, Demod.parity, Demod.bitCount, false)) break; MfSniffLogic(receivedResponse, Demod.len, Demod.parity, Demod.bitCount, false);
DemodReset(); DemodReset();
UartInit(receivedCmd, receivedCmdPar); UartReset();
} }
TagIsActive = (Demod.state != DEMOD_UNSYNCD); TagIsActive = (Demod.state != DEMOD_UNSYNCD);
ReaderIsActive = !TagIsActive;
} }
} }
previous_data = *data; previous_data = *data;
sniffCounter++; sniffCounter++;
data++; data++;