github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-03-12 04:35:28 -07:00
Code Issues Packages Projects Releases Wiki Activity

hf 15 sim, reverse uid and a shorter read from emul to get uid if none is user given

Browse Source
This commit is contained in:
iceman1001 2024-01-25 00:34:05 +01:00
parent 6c1ebc3398
commit ba578ee139
5 changed files with 55 additions and 20 deletions

2
armsrc/Standalone/hf_15sim.c

@ -184,7 +184,7 @@ void RunMod(void) {
Dbprintf("Tag dumped");
Dbprintf("Start simulation");
SimTagIso15693(0, 0);
SimTagIso15693(NULL, 0);
Dbprintf("Simulation stopped");
SpinDelay(200);

3
armsrc/Standalone/hf_tmudford.c

@ -75,7 +75,8 @@ void RunMod(void) {
} else if (state == STATE_EMUL) {
Iso15693InitTag();
Dbprintf("Starting simulation, press " _GREEN_("pm3 button") " to stop and go back to search state.");
// default block size is 4
// default block size is 4..
// iceman: which can be 4,8 all the way to 32
SimTagIso15693(card.uid, 4);
state = STATE_READ;

21
armsrc/appmain.c

@ -1317,6 +1317,27 @@ static void PacketReceived(PacketCommandNG *packet) {
emlSet(payload->data, payload->offset, payload->count);
break;
}
case CMD_HF_ISO15693_EML_GETMEM: {
FpgaDownloadAndGo(FPGA_BITSTREAM_HF_15);
struct p {
uint32_t offset;
uint16_t length;
} PACKED;
struct p *payload = (struct p *) packet->data.asBytes;
if (payload->length > PM3_CMD_DATA_SIZE) {
reply_ng(CMD_HF_ISO15693_EML_GETMEM, PM3_EMALLOC, NULL, 0);
return;
}
uint8_t *buf = BigBuf_malloc(payload->length);
emlGet(buf, payload->offset, payload->length);
LED_B_ON();
reply_ng(CMD_HF_ISO15693_EML_GETMEM, PM3_SUCCESS, buf, payload->length);
LED_B_OFF();
BigBuf_free_keep_EM();
break;
}
case CMD_HF_ISO15693_SIMULATE: {
struct p {
uint8_t uid[8];

48
client/src/cmdhf15.c

@ -1421,33 +1421,45 @@ static int CmdHF15Sim(const char *Cmd) {
int uidlen = 0;
CLIGetHexWithReturn(ctx, 1, payload.uid, &uidlen);
if (uidlen != 0 && uidlen != HF15_UID_LENGTH) {
PrintAndLogEx(WARNING, "UID must include 8 hex bytes");
CLIParserFree(ctx);
return PM3_EINVARG;
}
payload.block_size = arg_get_int_def(ctx, 2, 4);
CLIParserFree(ctx);
if (uidlen == 0) { // get UID from emulator
// reserve memory
iso15_tag_t *tag = calloc(1, sizeof(iso15_tag_t));
if (tag == NULL) {
PrintAndLogEx(WARNING, "Fail, cannot allocate memory");
return PM3_EMALLOC;
}
// sanity checks
if (uidlen != 0 && uidlen != HF15_UID_LENGTH) {
PrintAndLogEx(WARNING, "UID must include 8 hex bytes, got ( " _RED_("%i") " )", uidlen);
return PM3_EINVARG;
}
if (GetFromDevice(BIG_BUF_EML, (uint8_t *)tag, sizeof(iso15_tag_t), 0, NULL, 0, NULL, 2500, false) == false) {
PrintAndLogEx(WARNING, "Fail, transfer from device time-out");
free(tag);
PacketResponseNG resp;
// get UID from emulator, for printing??
// iceman: downloading 2200 bytes just to get a 8 byte UID is overkill
if (uidlen == 0) {
struct {
uint32_t offset;
uint16_t length;
} PACKED payload_mem;
payload_mem.offset = 0;
payload_mem.length = 8;
clearCommandBuffer();
SendCommandNG(CMD_HF_ISO15693_EML_GETMEM, (uint8_t *)&payload_mem, sizeof(payload_mem));
if (WaitForResponseTimeout(CMD_HF_ISO15693_EML_GETMEM, &resp, 2000) == false) {
PrintAndLogEx(DEBUG, "iso15693 timeout");
return PM3_ETIMEOUT;
}
PrintAndLogEx(SUCCESS, "Starting simulating UID " _YELLOW_("%s"), iso15693_sprintUID(NULL, tag->uid));
free(tag);
if (resp.status != PM3_SUCCESS) {
PrintAndLogEx(WARNING, "Failed to get UID from emulator memory");
return resp.status;
}
PrintAndLogEx(SUCCESS, "Starting simulating UID " _YELLOW_("%s"), iso15693_sprintUID(NULL, resp.data.asBytes));
}
PrintAndLogEx(INFO, "Press " _YELLOW_("`pm3-button`") " to abort simulation");
PacketResponseNG resp;
clearCommandBuffer();
SendCommandNG(CMD_HF_ISO15693_SIMULATE, (uint8_t *)&payload, sizeof(payload));
WaitForResponse(CMD_HF_ISO15693_SIMULATE, &resp);

1
include/pm3_cmd.h

@ -550,6 +550,7 @@ typedef struct {
#define CMD_HF_TEXKOM_SIMULATE 0x0320
#define CMD_HF_ISO15693_EML_CLEAR 0x0330
#define CMD_HF_ISO15693_EML_SETMEM 0x0331
#define CMD_HF_ISO15693_EML_GETMEM 0x0332
#define CMD_LF_SNIFF_RAW_ADC 0x0360