RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2024-09-20 15:26:13 +08:00
Code Issues Packages Projects Releases Wiki Activity
proxmark3/armsrc/Standalone/hf_15sim.c
Yann GASCUEL d73576ecf5 standalone: hf_15sim: text/debug fix
2024-01-24 13:59:13 +01:00

234 lines
6.7 KiB
C
Raw Blame History

//-----------------------------------------------------------------------------
// Copyright (C) lnv42 2024
// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// See LICENSE.txt for the text of the license.
//-----------------------------------------------------------------------------
// Main code for standalone HF/iso15693 Simulation
// This code is trying to dump an iso15 tag, then simulate it
// It doesn't support any password protected/authenticated features
//-----------------------------------------------------------------------------
#include "standalone.h" // standalone definitions
#include "proxmark3_arm.h"
#include "fpgaloader.h"
#include "iso15693.h"
#include "iso15.h"
#include "protocols.h"
#include "iso15693tools.h"
#include "util.h"
#include "spiffs.h"
#include "appmain.h"
#include "dbprint.h"
#include "ticks.h"
#include "BigBuf.h"
#include "crc16.h"
#define AddCrc15(data, len) compute_crc(CRC_15693, (data), (len), (data)+(len), (data)+(len)+1)
//#define CalculateCrc15(data, len) Crc16ex(CRC_15693, (data), (len) + 2);
#define CheckCrc15(data, len) check_crc(CRC_15693, (data), (len))
#define ISO15693_READER_TIMEOUT 330 // 330/212kHz = 1558us
#define HF_15693SIM_LOGFILE "hf_15693sim.trace"
static void DownloadTraceInstructions(void) {
Dbprintf("");
Dbprintf("To get the trace from flash and display it:");
Dbprintf("1. mem spiffs dump -s "HF_15693SIM_LOGFILE" -d hf_15693sim.trace");
Dbprintf("2. trace load -f hf_15693sim.trace");
Dbprintf("3. trace list -t 15 -1");
}
void ModInfo(void) {
DbpString(" HF 15693 SIM, a ISO15693 simulator - lnv42");
DownloadTraceInstructions();
}
void RunMod(void) {
StandAloneMode();
Dbprintf(_YELLOW_("HF 15693 SIM started"));
#ifdef WITH_FLASH
rdv40_spiffs_lazy_mount();
#endif
FpgaDownloadAndGo(FPGA_BITSTREAM_HF_15);
iso15693_tag *tag = (iso15693_tag*) BigBuf_get_EM_addr();
if (tag == NULL) return;
uint8_t cmd[8] = {0};
int res;
uint16_t recvLen;
uint8_t recv[32];
uint32_t eof_time = 0, start_time;
cmd[0] = ISO15_REQ_DATARATE_HIGH;
cmd[1] = ISO15693_GET_SYSTEM_INFO;
AddCrc15(cmd, 2);
uint8_t i;
LED_B_ON();
Dbprintf("Wait for a dumpable tag");
while (1) {
SpinDelay(200);
LED_B_OFF();
if (BUTTON_HELD(500) > 0)
{
LEDsoff();
Dbprintf("Quiting");
return;
}
start_time = 0;//eof_time;
res = SendDataTag(cmd, 4, true, true, recv, sizeof(recv), start_time, ISO15693_READER_TIMEOUT, &eof_time, &recvLen);
if (res < 0)
continue;
if (recvLen<10) // error: recv too short
{
Dbprintf("recvLen<10");
continue;
}
if (!CheckCrc15(recv,recvLen)) // error crc not valid
{
Dbprintf("crc failed");
continue;
}
if (recv[0] & ISO15_RES_ERROR) // received error from tag
{
Dbprintf("error received");
continue;
}
Dbprintf("Start dumping tag");
memset(tag, 0, sizeof(iso15693_tag));
memcpy(tag->uid, &recv[2], 8);
i=10;
if (recv[1] & 0x01)
tag->dsfid = recv[i++];
if (recv[1] & 0x02)
tag->afi = recv[i++];
if (recv[1] & 0x04)
{
tag->pagesCount = recv[i++]+1;
tag->bytesPerPage = recv[i++]+1;
}
else
{ // Set default tag values (if can't be readed in SYSINFO)
tag->bytesPerPage = 4;
tag->pagesCount = 128;
}
if (recv[1] & 0x08)
tag->ic = recv[i++];
break;
}
cmd[0] = ISO15_REQ_DATARATE_HIGH | ISO15_REQ_OPTION;
cmd[1] = ISO15693_READBLOCK;
uint8_t blocknum = 0;
int retry;
for (retry = 0; retry < 8; retry++) {
if (blocknum >= tag->pagesCount)
break;
cmd[2] = blocknum;
AddCrc15(cmd, 3);
start_time = eof_time;
res = SendDataTag(cmd, 5, false, true, recv, sizeof(recv), start_time, ISO15693_READER_TIMEOUT, &eof_time, &recvLen);
if (res < 0)
{
SpinDelay(100);
continue;
}
if (recvLen < 4 + tag->bytesPerPage) // error: recv too short
{
Dbprintf("recvLen < 4 + tag->bytesPerPage");
continue;
}
if (!CheckCrc15(recv,recvLen)) // error crc not valid
{
Dbprintf("crc failed");
continue;
}
if (recv[0] & ISO15_RES_ERROR) // received error from tag
{
Dbprintf("error received");
continue;
}
tag->locks[blocknum] = recv[1];
memcpy(&tag->data[blocknum * tag->bytesPerPage], recv + 2, tag->bytesPerPage);
retry = 0;
blocknum++;
}
LEDsoff();
if (retry >= 8)
{
Dbprintf("Max retry attemps exeeded");
Dbprintf("-=[ exit ]=-");
return;
}
Dbprintf("Tag dumped");
Dbprintf("Start simulation");
SimTagIso15693(0, 0);
Dbprintf("Simulation stopped");
SpinDelay(200);
uint32_t trace_len = BigBuf_get_traceLen();
#ifndef WITH_FLASH
// Keep stuff in BigBuf for USB/BT dumping
if (trace_len > 0)
Dbprintf("[!] Trace length (bytes) = %u", trace_len);
#else
// Write stuff to spiffs logfile
if (trace_len > 0) {
Dbprintf("[!] Trace length (bytes) = %u", trace_len);
uint8_t *trace_buffer = BigBuf_get_addr();
if (!exists_in_spiffs(HF_15693SSIM_LOGFILE)) {
rdv40_spiffs_write(
HF_15693SIM_LOGFILE, trace_buffer, trace_len, RDV40_SPIFFS_SAFETY_SAFE);
Dbprintf("[!] Wrote trace to "HF_15693SIM_LOGFILE);
} else {
rdv40_spiffs_append(
HF_15693SIM_LOGFILE, trace_buffer, trace_len, RDV40_SPIFFS_SAFETY_SAFE);
Dbprintf("[!] Appended trace to "HF_15693SIM_LOGFILE);
}
} else {
Dbprintf("[!] Trace buffer is empty, nothing to write!");
}
LED_D_ON();
rdv40_spiffs_lazy_unmount();
LED_D_OFF();
SpinErr(LED_A, 200, 5);
SpinDelay(100);
#endif
Dbprintf("-=[ exit ]=-");
LEDsoff();
DownloadTraceInstructions();
}
Reference in a new issue View git blame Copy permalink