Skip to content

Commit

Permalink
buggy 'mem read' removed, 'mem save' renamed 'mem dump', can now disp…
Browse files Browse the repository at this point in the history 
…lay too
  • Loading branch information
@doegox
doegox committed Jul 15, 2019
1 parent 6a54de1 commit 0ea7fa7
Show file tree
Hide file tree
Showing 6 changed files with 30 additions and 100 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file.
This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...

## [unreleased][unreleased]
- Change: buggy 'mem read' removed, 'mem save' renamed 'mem dump', can now display too (@doegox)
- Fix: timeout for mem wipe was too short, thanks @cjbrigato (@doegox)
- Fix 'hf mf sim' - Mifare Classic simulation more flexible anti-collision check (@McEloff)
- Change: 'hf mf sim' - Mifare Classic simulation not respond NACK on invalid authentication request (@McEloff)
Expand Down
2 changes: 1 addition & 1 deletion armsrc/Standalone/hf_bog.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ The retrieved sniffing session can be acquired by connecting the device
to a client that supports the reconnect capability and issue 'hf 14a list'.
In order to view the grabbed authentication attempts in the flash mem,
you can simply run 'script run read_pwd_mem' or just 'mem read l 256'
you can simply run 'script run read_pwd_mem' or just 'mem dump p l 256'
from the client to view the stored quadlets.
*/

Expand Down
32 changes: 0 additions & 32 deletions armsrc/appmain.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1592,38 +1592,6 @@ static void PacketReceived(PacketCommandNG *packet) {
FlashmemSetSpiBaudrate(packet->oldarg[0]);
break;
}
case CMD_FLASHMEM_READ: {
LED_B_ON();
uint32_t startidx = packet->oldarg[0];
uint16_t len = packet->oldarg[1];

Dbprintf("FlashMem read | %d - %d | ", startidx, len);

size_t size = MIN(PM3_CMD_DATA_SIZE, len);

if (!FlashInit()) {
break;
}

uint8_t *mem = BigBuf_malloc(size);

for (size_t i = 0; i < len; i += size) {
len = MIN((len - i), size);

Dbprintf("FlashMem reading | %d | %d | %d |", startidx + i, i, len);
uint16_t isok = Flash_ReadDataCont(startidx + i, mem, len);
if (isok == len) {
print_result("Chunk: ", mem, len);
} else {
Dbprintf("FlashMem reading failed | %d | %d", len, isok);
break;
}
}
BigBuf_free();
FlashStop();
LED_B_OFF();
break;
}
case CMD_FLASHMEM_WRITE: {
LED_B_ON();
uint8_t isok = 0;
Expand Down
90 changes: 26 additions & 64 deletions client/cmdflashmem.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,17 +37,6 @@ static int usage_flashmem_spibaud(void) {
return PM3_SUCCESS;
}

static int usage_flashmem_read(void) {
PrintAndLogEx(NORMAL, "Read flash memory on device");
PrintAndLogEx(NORMAL, "Usage: mem read o <offset> l <len>");
PrintAndLogEx(NORMAL, " o <offset> : offset in memory");
PrintAndLogEx(NORMAL, " l <len> : length");
PrintAndLogEx(NORMAL, "");
PrintAndLogEx(NORMAL, "Examples:");
PrintAndLogEx(NORMAL, " mem read o 0 l 32"); // read 32 bytes starting at offset 0
PrintAndLogEx(NORMAL, " mem read o 1024 l 10"); // read 10 bytes starting at offset 1024
return PM3_SUCCESS;
}
static int usage_flashmem_load(void) {
PrintAndLogEx(NORMAL, "Loads binary file into flash memory on device");
PrintAndLogEx(NORMAL, "Usage: mem load [o <offset>] f <file name> [m|t|i]");
Expand All @@ -67,17 +56,19 @@ static int usage_flashmem_load(void) {
PrintAndLogEx(NORMAL, " mem load f default_iclass_keys i");
return PM3_SUCCESS;
}
static int usage_flashmem_save(void) {
PrintAndLogEx(NORMAL, "Saves flash memory on device into the file");
PrintAndLogEx(NORMAL, " Usage: mem save [o <offset>] [l <length>] f <file name>");
static int usage_flashmem_dump(void) {
PrintAndLogEx(NORMAL, "Dumps flash memory on device into a file or in console");
PrintAndLogEx(NORMAL, " Usage: mem dump [o <offset>] [l <length>] [f <file name>] [p]");
PrintAndLogEx(NORMAL, " o <offset> : offset in memory");
PrintAndLogEx(NORMAL, " l <length> : length");
PrintAndLogEx(NORMAL, " f <filename> : file name");
PrintAndLogEx(NORMAL, " p : print dump in console");
PrintAndLogEx(NORMAL, " You must specify at lease option f or option p, both if you wish");
PrintAndLogEx(NORMAL, "");
PrintAndLogEx(NORMAL, "Examples:");
PrintAndLogEx(NORMAL, " mem save f myfile"); // download whole flashmem to file myfile
PrintAndLogEx(NORMAL, " mem save f myfile l 4096"); // download 4096 bytes from default offset 0 to file myfile
PrintAndLogEx(NORMAL, " mem save f myfile o 1024 l 4096"); // downlowd 4096 bytes from offset 1024 to file myfile
PrintAndLogEx(NORMAL, " mem dump f myfile"); // download whole flashmem to file myfile
PrintAndLogEx(NORMAL, " mem dump p o 262015 l 128"); // display 128 bytes from offset 262015 (RSA sig)
PrintAndLogEx(NORMAL, " mem dump p f myfile o 241664 l 58"); // download and display 58 bytes from offset 241664 to file myfile
return PM3_SUCCESS;
}
static int usage_flashmem_wipe(void) {
Expand Down Expand Up @@ -105,46 +96,6 @@ static int usage_flashmem_info(void) {
return PM3_SUCCESS;
}

static int CmdFlashMemRead(const char *Cmd) {

uint8_t cmdp = 0;
bool errors = false;
uint32_t start_index = 0, len = 0;

while (param_getchar(Cmd, cmdp) != 0x00 && !errors) {
switch (tolower(param_getchar(Cmd, cmdp))) {
case 'o':
start_index = param_get32ex(Cmd, cmdp + 1, 0, 10);
cmdp += 2;
break;
case 'l':
len = param_get32ex(Cmd, cmdp + 1, 0, 10);
cmdp += 2;
break;
case 'h':
return usage_flashmem_read();
default:
PrintAndLogEx(WARNING, "Unknown parameter '%c'", param_getchar(Cmd, cmdp));
errors = true;
break;
}
}

//Validations
if (errors || cmdp == 0) {
usage_flashmem_read();
return PM3_EINVARG;
}
if (start_index + len > FLASH_MEM_MAX_SIZE) {
PrintAndLogDevice(ERR, "error, start_index + length is larger than available memory");
return PM3_EOVFLOW;
}

clearCommandBuffer();
SendCommandMIX(CMD_FLASHMEM_READ, start_index, len, 0, NULL, 0);
return PM3_SUCCESS;
}

static int CmdFlashmemSpiBaudrate(const char *Cmd) {

char ctmp = tolower(param_getchar(Cmd, 0));
Expand Down Expand Up @@ -311,17 +262,18 @@ static int CmdFlashMemLoad(const char *Cmd) {
PrintAndLogEx(SUCCESS, "Wrote "_GREEN_("%u")"bytes to offset "_GREEN_("%u"), datalen, start_index);
return PM3_SUCCESS;
}
static int CmdFlashMemSave(const char *Cmd) {
static int CmdFlashMemDump(const char *Cmd) {

char filename[FILE_PATH_SIZE] = {0};
uint8_t cmdp = 0;
bool errors = false;
bool print = false;
uint32_t start_index = 0, len = FLASH_MEM_MAX_SIZE;

while (param_getchar(Cmd, cmdp) != 0x00 && !errors) {
switch (tolower(param_getchar(Cmd, cmdp))) {
case 'h':
return usage_flashmem_save();
return usage_flashmem_dump();
case 'l':
len = param_get32ex(Cmd, cmdp + 1, FLASH_MEM_MAX_SIZE, 10);
cmdp += 2;
Expand All @@ -330,6 +282,10 @@ static int CmdFlashMemSave(const char *Cmd) {
start_index = param_get32ex(Cmd, cmdp + 1, 0, 10);
cmdp += 2;
break;
case 'p':
print = true;
cmdp += 1;
break;
case 'f':
//File handling
if (param_getstr(Cmd, cmdp + 1, filename, FILE_PATH_SIZE) >= FILE_PATH_SIZE) {
Expand All @@ -348,7 +304,7 @@ static int CmdFlashMemSave(const char *Cmd) {

//Validations
if (errors || cmdp == 0) {
usage_flashmem_save();
usage_flashmem_dump();
return PM3_EINVARG;
}

Expand All @@ -365,8 +321,15 @@ static int CmdFlashMemSave(const char *Cmd) {
return PM3_EFLASH;
}

saveFile(filename, ".bin", dump, len);
saveFileEML(filename, dump, len, 16);
if (print) {
print_hex_break(dump, len, 32);
}

if (filename[0] != '\0') {
saveFile(filename, ".bin", dump, len);
saveFileEML(filename, dump, len, 16);
}

free(dump);
return PM3_SUCCESS;
}
Expand Down Expand Up @@ -612,10 +575,9 @@ static int CmdFlashMemInfo(const char *Cmd) {
static command_t CommandTable[] = {
{"help", CmdHelp, AlwaysAvailable, "This help"},
{"spibaud", CmdFlashmemSpiBaudrate, IfPm3Flash, "Set Flash memory Spi baudrate [rdv40]"},
{"read", CmdFlashMemRead, IfPm3Flash, "Read Flash memory [rdv40]"},
{"info", CmdFlashMemInfo, IfPm3Flash, "Flash memory information [rdv40]"},
{"load", CmdFlashMemLoad, IfPm3Flash, "Load data into flash memory [rdv40]"},
{"save", CmdFlashMemSave, IfPm3Flash, "Save data from flash memory [rdv40]"},
{"dump", CmdFlashMemDump, IfPm3Flash, "Dump data from flash memory [rdv40]"},
{"wipe", CmdFlashMemWipe, IfPm3Flash, "Wipe data from flash memory [rdv40]"},
{NULL, NULL, NULL, NULL}
};
Expand Down
4 changes: 2 additions & 2 deletions doc/new_frame_format.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -373,9 +373,9 @@ It was needed to tune pm3 RX usart `maxtry` :
time client/proxmark3 -p /dev/ttyUSB0 -b 115200 -c "lf read"
6.28s

time client/proxmark3 -p /dev/ttyACM0 -c "mem save f foo_usb"
time client/proxmark3 -p /dev/ttyACM0 -c "mem dump f foo_usb"
1.48s
time client/proxmark3 -p /dev/ttyUSB0 -b 115200 -c "mem save f foo_fpc"
time client/proxmark3 -p /dev/ttyUSB0 -b 115200 -c "mem dump f foo_fpc"
25.34s


Expand Down
1 change: 0 additions & 1 deletion include/pm3_cmd.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -238,7 +238,6 @@ typedef struct {
#define CMD_SET_DBGMODE 0x0114

// RDV40, Flash memory operations
#define CMD_FLASHMEM_READ 0x0120
#define CMD_FLASHMEM_WRITE 0x0121
#define CMD_FLASHMEM_WIPE 0x0122
#define CMD_FLASHMEM_DOWNLOAD 0x0123
Expand Down

0 comments on commit 0ea7fa7

Please sign in to comment.