mirror of
https://github.com/RfidResearchGroup/proxmark3.git
synced 2025-03-20 12:07:05 +08:00
commit
f1e9fb70d3
4 changed files with 33 additions and 36 deletions
|
@ -1393,9 +1393,13 @@ static void PacketReceived(PacketCommandNG *packet) {
|
|||
break;
|
||||
}
|
||||
case CMD_HF_TEXKOM_SIMULATE: {
|
||||
uint32_t timeout = 0;
|
||||
memcpy(&timeout, &packet->data.asBytes[9], 4);
|
||||
HfWriteTkm(packet->data.asBytes, packet->data.asBytes[8], timeout);
|
||||
struct p {
|
||||
uint8_t data[8];
|
||||
uint8_t modulation;
|
||||
uint32_t timeout;
|
||||
} PACKED;
|
||||
struct p *payload = (struct p *) packet->data.asBytes;
|
||||
HfSimulateTkm(payload->data, payload->modulation, payload->timeout);
|
||||
break;
|
||||
}
|
||||
|
||||
|
|
|
@ -200,7 +200,7 @@ static uint32_t HfEncodeTkm(const uint8_t *uid, uint8_t modulation, uint8_t *dat
|
|||
return len;
|
||||
}
|
||||
|
||||
int HfWriteTkm(uint8_t *uid, uint8_t modulation, uint32_t timeout) {
|
||||
int HfSimulateTkm(uint8_t *uid, uint8_t modulation, uint32_t timeout) {
|
||||
// free eventually allocated BigBuf memory
|
||||
BigBuf_free_keep_EM();
|
||||
|
||||
|
@ -224,6 +224,7 @@ int HfWriteTkm(uint8_t *uid, uint8_t modulation, uint32_t timeout) {
|
|||
bool exit_loop = false;
|
||||
bool field_on = false;
|
||||
|
||||
uint32_t startTime = GetTickCount();
|
||||
while (exit_loop == false) {
|
||||
|
||||
button_pressed = BUTTON_PRESS();
|
||||
|
@ -233,6 +234,9 @@ int HfWriteTkm(uint8_t *uid, uint8_t modulation, uint32_t timeout) {
|
|||
|
||||
WDT_HIT();
|
||||
|
||||
if (startTime > 0 && startTime + timeout < GetTickCount())
|
||||
break;
|
||||
|
||||
// in mV
|
||||
int vHf = (MAX_ADC_HF_VOLTAGE * SumAdc(ADC_CHAN_HF, 32)) >> 15;
|
||||
if (vHf > MF_MINFIELDV) {
|
||||
|
@ -261,7 +265,7 @@ int HfWriteTkm(uint8_t *uid, uint8_t modulation, uint32_t timeout) {
|
|||
switch_off();
|
||||
|
||||
if (button_pressed)
|
||||
DbpString("button pressed");
|
||||
DbpString("Exit by press button");
|
||||
|
||||
reply_ng(CMD_HF_TEXKOM_SIMULATE, PM3_SUCCESS, NULL, 0);
|
||||
|
||||
|
|
|
@ -22,6 +22,6 @@
|
|||
#include "common.h"
|
||||
|
||||
int HfReadADC(uint32_t samplesCount, bool ledcontrol);
|
||||
int HfWriteTkm(uint8_t *uid, uint8_t modulation, uint32_t timeout);
|
||||
int HfSimulateTkm(uint8_t *uid, uint8_t modulation, uint32_t timeout);
|
||||
|
||||
#endif
|
||||
|
|
|
@ -568,15 +568,22 @@ static int CmdHFTexkomSim(const char *Cmd) {
|
|||
arg_lit0("t", "tk17", "Use TK-17 modulation (TK-13 by default)"),
|
||||
arg_str0(NULL, "raw", "<hex 8 bytes>", "Raw data for texkom card, 8 bytes. Manual modulation select."),
|
||||
arg_str0(NULL, "id", "<hex 4 bytes>", "Raw data for texkom card, 8 bytes. Manual modulation select."),
|
||||
arg_int0(NULL, "timeout", "<dec, ms>", "Simulation timeout in the ms. If not specified or 0 - infinite. Command can be skipped by pressing the button"),
|
||||
arg_param_end
|
||||
};
|
||||
CLIExecWithReturn(ctx, Cmd, argtable, true);
|
||||
|
||||
// <texkom data 8bytes><modulation type 1b><timeout ms 4b>
|
||||
struct p {
|
||||
uint8_t data[8];
|
||||
uint8_t modulation;
|
||||
uint32_t timeout;
|
||||
} PACKED payload = {};
|
||||
|
||||
bool verbose = arg_get_lit(ctx, 1);
|
||||
uint32_t cmdtimeout = 0;
|
||||
uint8_t modulation = 0; // tk-13
|
||||
payload.modulation = 0; // tk-13
|
||||
if (arg_get_lit(ctx, 2))
|
||||
modulation = 1; //tk-17
|
||||
payload.modulation = 1; //tk-17
|
||||
|
||||
uint8_t rawdata[250] = {0};
|
||||
int rawdatalen = 0;
|
||||
|
@ -586,6 +593,8 @@ static int CmdHFTexkomSim(const char *Cmd) {
|
|||
int iddatalen = 0;
|
||||
CLIGetHexWithReturn(ctx, 4, iddata, &iddatalen);
|
||||
|
||||
payload.timeout = arg_get_int_def(ctx, 5, 0);
|
||||
|
||||
CLIParserFree(ctx);
|
||||
|
||||
if (rawdatalen == 0 && iddatalen == 0) {
|
||||
|
@ -601,9 +610,9 @@ static int CmdHFTexkomSim(const char *Cmd) {
|
|||
if (iddatalen == 4) {
|
||||
rawdata[0] = 0xff;
|
||||
rawdata[1] = 0xff;
|
||||
rawdata[2] = (modulation == 0) ? 0x63 : 0xCA;
|
||||
rawdata[2] = (payload.modulation == 0) ? 0x63 : 0xCA;
|
||||
memcpy(&rawdata[3], iddata, 4);
|
||||
rawdata[7] = (modulation == 0) ? TexcomTK13CRC(iddata) : TexcomTK17CRC(iddata);
|
||||
rawdata[7] = (payload.modulation == 0) ? TexcomTK13CRC(iddata) : TexcomTK17CRC(iddata);
|
||||
rawdatalen = 8;
|
||||
}
|
||||
|
||||
|
@ -612,33 +621,13 @@ static int CmdHFTexkomSim(const char *Cmd) {
|
|||
return PM3_EINVARG;
|
||||
}
|
||||
|
||||
//iceman, use a struct
|
||||
/*
|
||||
struct p {
|
||||
uint8_t modulation;
|
||||
uint32_t timeout;
|
||||
uint8_t data[8];
|
||||
} PACKED payload;
|
||||
|
||||
payload.modulation = modulation;
|
||||
payload.timeout = cmdtimeout;
|
||||
memcpy(payload.data, rawdata, sizeof(payload.data));
|
||||
memcpy(payload.data, rawdata, 8);
|
||||
|
||||
clearCommandBuffer();
|
||||
SendCommandNG(CMD_HF_TEXKOM_SIMULATE, (uint8_t*)&payload, sizeof(payload));
|
||||
|
||||
// Iceman, cmdtimeout is always 0. You never set it
|
||||
*/
|
||||
|
||||
// <texkom 8bytes><modulation 1b><timeout 4b>
|
||||
uint8_t data[13] = {0};
|
||||
memcpy(data, rawdata, 8);
|
||||
|
||||
data[8] = modulation;
|
||||
memcpy(&data[9], &cmdtimeout, 4);
|
||||
clearCommandBuffer();
|
||||
SendCommandNG(CMD_HF_TEXKOM_SIMULATE, data, sizeof(data));
|
||||
|
||||
if (cmdtimeout > 0 && cmdtimeout < 2800) {
|
||||
if (payload.timeout > 0 && payload.timeout < 2800) {
|
||||
PrintAndLogEx(INFO, "simulate command started");
|
||||
PacketResponseNG resp;
|
||||
if (WaitForResponseTimeout(CMD_HF_TEXKOM_SIMULATE, &resp, 3000) == false) {
|
||||
if (verbose) {
|
||||
|
@ -648,7 +637,7 @@ static int CmdHFTexkomSim(const char *Cmd) {
|
|||
}
|
||||
PrintAndLogEx(INFO, "simulate command execution done");
|
||||
} else {
|
||||
PrintAndLogEx(INFO, "simulate command started");
|
||||
PrintAndLogEx(INFO, "simulate command started...");
|
||||
}
|
||||
|
||||
return PM3_SUCCESS;
|
||||
|
|
Loading…
Add table
Reference in a new issue