RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-03-17 18:50:32 +08:00
Code Issues Projects Releases Packages Wiki Activity

decode password in case of the read/write comand

Browse source
This commit is contained in:
merlokk 2022-06-24 15:17:02 +03:00
parent b9b6f06bbb
commit f3b5c7e8ba
1 changed files with 19 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
client/src/cmdlft55xx.c
View file

@ -4028,7 +4028,7 @@ static int CmdT55xxSniff(const char *Cmd) {
PrintAndLogEx(NORMAL, "");
PrintAndLogEx(INFO, _CYAN_("T55xx command detection"));
PrintAndLogEx(SUCCESS, "Downlink mode | password | Data | blk | page | 0 | 1 | raw");
PrintAndLogEx(SUCCESS, "----------------------+----------+----------+-----+------+-----+-----+-------------------------------------------------------------------------------");
PrintAndLogEx(SUCCESS, "------------------------+------------+----------+-----+------+-----+-----+-------------------------------------------------------------------------------");
idx = 0;
// loop though sample buffer
@ -4164,11 +4164,15 @@ static int CmdT55xxSniff(const char *Cmd) {
}
have_data = true;
modeText = "Default pwd write";
snprintf(pwdText, sizeof(pwdText), "%08X", usedPassword);
snprintf(pwdText, sizeof(pwdText), " %08X", usedPassword);
snprintf(dataText, sizeof(dataText), "%08X", blockData);
}
// Default Write (or password read ??)
// Default Write or password read ???
// the most confusing command.
// if the token is with a password - all is OK,
// if not - read command with a password will lead to write the shifted password to the memory and:
// IF the most bit of the data is `1` ----> IT LEADS TO LOCK this block of the memory
if (dataLen == 38) {
t55sniff_trim_samples(pulseBuffer, &pulseIdx, 38);
@ -4180,6 +4184,12 @@ static int CmdT55xxSniff(const char *Cmd) {
if (data[i] == '1')
blockData |= 1;
}
for (uint8_t i = 2; i <= 33; i++) {
usedPassword <<= 1;
if (data[i] == '1') {
usedPassword |= 1;
}
}
blockAddr = 0;
for (uint8_t i = 35; i <= 37; i++) {
blockAddr <<= 1;
@ -4187,7 +4197,8 @@ static int CmdT55xxSniff(const char *Cmd) {
blockAddr |= 1;
}
have_data = true;
modeText = "Default write";
modeText = "Default write/pwd read";
snprintf(pwdText, sizeof(pwdText), "[%08X]", usedPassword);
snprintf(dataText, sizeof(dataText), "%08X", blockData);
}
}
@ -4224,7 +4235,7 @@ static int CmdT55xxSniff(const char *Cmd) {
}
have_data = true;
modeText = "Leading 0 pwd write";
snprintf(pwdText, sizeof(pwdText), "%08X", usedPassword);
snprintf(pwdText, sizeof(pwdText), " %08X", usedPassword);
snprintf(dataText, sizeof(dataText), "%08X", blockData);
}
}
@ -4234,9 +4245,9 @@ static int CmdT55xxSniff(const char *Cmd) {
// Print results
if (have_data) {
if (blockAddr == 7)
PrintAndLogEx(SUCCESS, "%-20s | "_GREEN_("%8s")" | "_YELLOW_("%8s")" | "_YELLOW_("%d")" | "_GREEN_("%d")" | %3d | %3d | %s", modeText, pwdText, dataText, blockAddr, page, minWidth, maxWidth, data);
PrintAndLogEx(SUCCESS, "%-22s | "_GREEN_("%10s")" | "_YELLOW_("%8s")" | "_YELLOW_("%d")" | "_GREEN_("%d")" | %3d | %3d | %s", modeText, pwdText, dataText, blockAddr, page, minWidth, maxWidth, data);
else
PrintAndLogEx(SUCCESS, "%-20s | "_GREEN_("%8s")" | "_GREEN_("%8s")" | "_GREEN_("%d")" | "_GREEN_("%d")" | %3d | %3d | %s", modeText, pwdText, dataText, blockAddr, page, minWidth, maxWidth, data);
PrintAndLogEx(SUCCESS, "%-22s | "_GREEN_("%10s")" | "_GREEN_("%8s")" | "_GREEN_("%d")" | "_GREEN_("%d")" | %3d | %3d | %s", modeText, pwdText, dataText, blockAddr, page, minWidth, maxWidth, data);
}
}