diff --git a/CHANGELOG.md b/CHANGELOG.md index 402b3430f..fb6104349 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file. This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... ## [unreleased][unreleased] + - Added `lf em 410x --electra` - adds two extra blocks. Thanks jareckib (@iceman1001) - Changed `hf mfu info` - now identifies UL-AES correct (@iceman1001) - Changed `hw detectreader` - Detect both LF and HF at the same time (@wh201906) - Changed `hf mfu info` - should not try pwd against a UL-AES (@iceman1001) diff --git a/armsrc/Standalone/lf_em4100rswb.c b/armsrc/Standalone/lf_em4100rswb.c index 501af3f5a..5a23a49c9 100644 --- a/armsrc/Standalone/lf_em4100rswb.c +++ b/armsrc/Standalone/lf_em4100rswb.c @@ -284,7 +284,13 @@ static int ExecuteMode(int mode, int slot) { return LF_RWSB_UNKNOWN_RESULT; case LF_RWSB_MODE_WRITE: Dbprintf("[!!] >> Write mode started <<"); - copy_em410x_to_t55xx(LF_RWSB_T55XX_TYPE, LF_CLOCK, (uint32_t)(em4100rswb_low[slot] >> 32), (uint32_t)(em4100rswb_low[slot] & 0xffffffff), true); + copy_em410x_to_t55xx(LF_RWSB_T55XX_TYPE + , LF_CLOCK + , (uint32_t)(em4100rswb_low[slot] >> 32) + , (uint32_t)(em4100rswb_low[slot] & 0xffffffff) + , false + , true + ); return LF_RWSB_UNKNOWN_RESULT; case LF_RWSB_MODE_BRUTE: Dbprintf("[=] >> Bruteforce mode started <<"); diff --git a/armsrc/Standalone/lf_em4100rsww.c b/armsrc/Standalone/lf_em4100rsww.c index dc202d49a..5efed9a49 100644 --- a/armsrc/Standalone/lf_em4100rsww.c +++ b/armsrc/Standalone/lf_em4100rsww.c @@ -166,7 +166,13 @@ static void Wipe(void) { LED_B_ON(); LED_C_ON(); LED_D_ON(); - copy_em410x_to_t55xx(LF_RWSB_T55XX_TYPE, LF_CLOCK, (uint32_t) 0, (uint32_t) 0, false); + copy_em410x_to_t55xx(LF_RWSB_T55XX_TYPE + , LF_CLOCK + , (uint32_t) 0 + , (uint32_t) 0 + , false + , false + ); SpinDelay(60); LEDsoff(); LED_D_ON(); @@ -283,7 +289,13 @@ static void Write(void) { DbpString("Write"); LED_A_ON(); LED_B_ON(); - copy_em410x_to_t55xx(LF_RWSB_T55XX_TYPE, LF_CLOCK, (uint32_t)(low >> 32), (uint32_t)(low & 0xffffffff), false); + copy_em410x_to_t55xx(LF_RWSB_T55XX_TYPE + , LF_CLOCK + , (uint32_t)(low >> 32) + , (uint32_t)(low & 0xffffffff) + , false + , false + ); SpinDelay(75); LEDsoff(); diff --git a/armsrc/Standalone/lf_em4100rwc.c b/armsrc/Standalone/lf_em4100rwc.c index 7eed44d1d..1cc5a02ad 100644 --- a/armsrc/Standalone/lf_em4100rwc.c +++ b/armsrc/Standalone/lf_em4100rwc.c @@ -217,7 +217,13 @@ void RunMod(void) { state = 0; } else if (button_pressed == BUTTON_SINGLE_CLICK) { // Click - write ID to tag - copy_em410x_to_t55xx(0, LF_CLOCK, (uint32_t)(em4100rwc_low[selected] >> 32), (uint32_t)(em4100rwc_low[selected] & 0xffffffff), true); + copy_em410x_to_t55xx(0 + , LF_CLOCK + , (uint32_t)(em4100rwc_low[selected] >> 32) + , (uint32_t)(em4100rwc_low[selected] & 0xffffffff) + , false + , true + ); led_slot(selected); state = 0; // Switch to select mode } diff --git a/armsrc/appmain.c b/armsrc/appmain.c index cdc8b6a64..634459781 100644 --- a/armsrc/appmain.c +++ b/armsrc/appmain.c @@ -958,13 +958,14 @@ static void PacketReceived(PacketCommandNG *packet) { struct p { bool Q5; bool EM; + bool add_electra; uint8_t clock; uint32_t high; uint32_t low; } PACKED; struct p *payload = (struct p *)packet->data.asBytes; uint8_t card = payload->Q5 ? 0 : (payload->EM ? 2 : 1); - int res = copy_em410x_to_t55xx(card, payload->clock, payload->high, payload->low, true); + int res = copy_em410x_to_t55xx(card, payload->clock, payload->high, payload->low, payload->add_electra, true); reply_ng(CMD_LF_EM410X_CLONE, res, NULL, 0); break; } diff --git a/armsrc/lfops.c b/armsrc/lfops.c index 54bc9a675..8d487a141 100644 --- a/armsrc/lfops.c +++ b/armsrc/lfops.c @@ -2344,7 +2344,7 @@ void CopyVikingtoT55xx(const uint8_t *blocks, bool q5, bool em, bool ledcontrol) reply_ng(CMD_LF_VIKING_CLONE, PM3_SUCCESS, NULL, 0); } -int copy_em410x_to_t55xx(uint8_t card, uint8_t clock, uint32_t id_hi, uint32_t id_lo, bool ledcontrol) { +int copy_em410x_to_t55xx(uint8_t card, uint8_t clock, uint32_t id_hi, uint32_t id_lo, bool add_electra, bool ledcontrol) { // Define 9bit header for EM410x tags #define EM410X_HEADER 0x1FF @@ -2422,24 +2422,43 @@ int copy_em410x_to_t55xx(uint8_t card, uint8_t clock, uint32_t id_hi, uint32_t i clock = (clock == 0) ? 64 : clock; Dbprintf("Clock rate: %d", clock); + uint32_t electra[] = { 0x7E1EAAAA, 0xAAAAAAAA }; + uint8_t blocks = 2; + if (add_electra) { + blocks = 4; + } + if (card == 1) { // T55x7 - data[0] = clockbits | T55x7_MODULATION_MANCHESTER | (2 << T55x7_MAXBLOCK_SHIFT); + data[0] = clockbits | T55x7_MODULATION_MANCHESTER | (blocks << T55x7_MAXBLOCK_SHIFT); } else if (card == 2) { // EM4x05 - data[0] = (EM4x05_SET_BITRATE(clock) | EM4x05_MODULATION_MANCHESTER | EM4x05_SET_NUM_BLOCKS(2)); + data[0] = (EM4x05_SET_BITRATE(clock) | EM4x05_MODULATION_MANCHESTER | EM4x05_SET_NUM_BLOCKS(blocks)); } else { // T5555 (Q5) - data[0] = T5555_SET_BITRATE(clock) | T5555_MODULATION_MANCHESTER | (2 << T5555_MAXBLOCK_SHIFT); + data[0] = T5555_SET_BITRATE(clock) | T5555_MODULATION_MANCHESTER | (blocks << T5555_MAXBLOCK_SHIFT); } if (card == 2) { WriteEM4x05(data, 4, 3, ledcontrol); + if (add_electra) { + WriteEM4x05(electra, 7, 2, ledcontrol); + } } else { WriteT55xx(data, 0, 3, ledcontrol); + if (add_electra) { + WriteT55xx(electra, 3, 2, ledcontrol); + } } if (ledcontrol) LEDsoff(); - Dbprintf("Tag %s written with 0x%08x%08x\n", - card == 0 ? "T5555" : (card == 1 ? "T55x7" : "EM4x05"), - (uint32_t)(id >> 32), - (uint32_t)id); + + Dbprintf("Tag %s written with 0x%08x%08x", + card == 0 ? "T5555" : (card == 1 ? "T55x7" : "EM4x05"), + (uint32_t)(id >> 32), + (uint32_t)id + ); + + if (add_electra) { + Dbprintf("Electra 0x%08x%08x\n", electra[0], electra[1]); + } + return PM3_SUCCESS; } diff --git a/armsrc/lfops.h b/armsrc/lfops.h index 755afa88f..c3f00b4af 100644 --- a/armsrc/lfops.h +++ b/armsrc/lfops.h @@ -56,7 +56,7 @@ int lf_io_watch(int findone, uint32_t *high, uint32_t *low, bool ledcontrol); void CopyHIDtoT55x7(uint32_t hi2, uint32_t hi, uint32_t lo, uint8_t longFMT, bool q5, bool em, bool ledcontrol); // Clone an HID card to T5557/T5567 void CopyVikingtoT55xx(const uint8_t *blocks, bool q5, bool em, bool ledcontrol); -int copy_em410x_to_t55xx(uint8_t card, uint8_t clock, uint32_t id_hi, uint32_t id_lo, bool ledcontrol); +int copy_em410x_to_t55xx(uint8_t card, uint8_t clock, uint32_t id_hi, uint32_t id_lo, bool add_electra, bool ledcontrol); void T55xxResetRead(uint8_t flags, bool ledcontrol); //id T55xxWriteBlock(uint32_t data, uint8_t blockno, uint32_t pwd, uint8_t flags, bool ledcontrol); diff --git a/client/src/cmdlfem410x.c b/client/src/cmdlfem410x.c index e2f3e050c..2354de4d0 100644 --- a/client/src/cmdlfem410x.c +++ b/client/src/cmdlfem410x.c @@ -104,7 +104,7 @@ static void em410x_construct_emul_graph(uint8_t *uid, uint8_t clock, uint8_t gap AppendGraph(true, clock, 0); } -//print 64 bit EM410x ID in multiple formats +// print 64 bit EM410x ID in multiple formats void printEM410x(uint32_t hi, uint64_t id, bool verbose, int type) { if (!id && !hi) return; @@ -279,7 +279,7 @@ int AskEm410xDecode(bool verbose, uint32_t *hi, uint64_t *lo) { size_t idx = 0; uint8_t bits[512] = {0}; size_t size = sizeof(bits); - if (!getDemodBuff(bits, &size)) { + if (getDemodBuff(bits, &size) == false) { PrintAndLogEx(DEBUG, "DEBUG: Error - Em410x problem during copy from ASK demod"); return PM3_ESOFT; } @@ -330,7 +330,7 @@ static int CmdEM410xWatch(const char *Cmd) { return lfsim_wait_check(CMD_LF_EM410X_WATCH); } -//by marshmellow +// by marshmellow //takes 3 arguments - clock, invert and maxErr as integers //attempts to demodulate ask while decoding manchester //prints binary found and saves in graphbuffer for further commands @@ -671,6 +671,7 @@ static int CmdEM410xClone(const char *Cmd) { arg_str1(NULL, "id", "", "EM Tag ID number (5 hex bytes)"), arg_lit0(NULL, "q5", "optional - specify writing to Q5/T5555 tag"), arg_lit0(NULL, "em", "optional - specify writing to EM4305/4469 tag"), + arg_lit0(NULL, "electra", "optional - add Electra blocks to tag"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -682,6 +683,7 @@ static int CmdEM410xClone(const char *Cmd) { CLIGetHexWithReturn(ctx, 2, uid, &uid_len); bool q5 = arg_get_lit(ctx, 3); bool em = arg_get_lit(ctx, 4); + bool add_electra = arg_get_lit(ctx, 5); CLIParserFree(ctx); uint64_t id = bytes_to_num(uid, uid_len); @@ -702,6 +704,7 @@ static int CmdEM410xClone(const char *Cmd) { struct { bool Q5; bool EM; + bool add_electra; uint8_t clock; uint32_t high; uint32_t low; @@ -709,6 +712,7 @@ static int CmdEM410xClone(const char *Cmd) { payload.Q5 = q5; payload.EM = em; + payload.add_electra = add_electra; payload.clock = clk; payload.high = (uint32_t)(id >> 32); payload.low = (uint32_t)id;