From 4f10e3d75cb0e4dbce9139e401173e287780321d Mon Sep 17 00:00:00 2001 From: wh201906 Date: Tue, 16 Feb 2021 13:52:04 +0800 Subject: [PATCH] All functions are compatible to Iceman/RRG fork Use different foreground color for Trailer block and Block 0 --- .gitignore | 1 - lang/en_US.qm | Bin 0 -> 23 bytes lang/en_US.ts | 128 ++++--- lang/zh_CN.qm | Bin 0 -> 16922 bytes lang/zh_CN.ts | 130 ++++--- module/mifare.cpp | 85 +++-- module/mifare.h | 2 +- ui/mainwindow.cpp | 7 +- ui/mainwindow.h | 2 +- ui/mainwindow.ui | 4 +- ui/mf_sim_simdialog.cpp | 55 ++- ui/mf_sim_simdialog.h | 4 +- ui/mf_sim_simdialog.ui | 781 +++++++++++++++++++++++++++------------- 13 files changed, 805 insertions(+), 394 deletions(-) create mode 100644 lang/en_US.qm create mode 100644 lang/zh_CN.qm diff --git a/.gitignore b/.gitignore index 1358d83..fb50266 100644 --- a/.gitignore +++ b/.gitignore @@ -14,7 +14,6 @@ *.so.* *_pch.h.cpp *_resource.rc -*.qm .#* *.*# core diff --git a/lang/en_US.qm b/lang/en_US.qm new file mode 100644 index 0000000000000000000000000000000000000000..9dad8dffceb9623e88f8b96d9cd0caf25574c6fa GIT binary patch literal 23 fcmcE7ks@*G{hX<16=n7(EZlpygMop8iIEWihQJ9+ literal 0 HcmV?d00001 diff --git a/lang/en_US.ts b/lang/en_US.ts index 0df4a6c..f73b0da 100644 --- a/lang/en_US.ts +++ b/lang/en_US.ts @@ -45,72 +45,102 @@ - + u - + UID 4 or 7 bytes. If not specified, the UID 4B from emulator memory will be used - + + --atqa + + + + + Provide explicit ATQA (2 bytes) + + + + + --sak + + + + n - + Automatically exit simulation after <numreads> blocks have been read by reader. 0 = infinite - + i - + Interactive, means that console will not be returned until simulation finishes or is aborted - + x - + Crack, performs the 'reader attack', nr/ar attack against a legitimate reader, fishes out the key(s) - + e - - set keys found from 'reader attack' to emulator memory (implies x and i) + + set keys found from 'reader attack' to emulator memory (implies x(--crack) and i) - + + -v + + + + + verbose output + + + + f - + + Provide explicit SAK (1 byte) + + + + get UIDs to use for 'reader attack' from file 'f <filename.txt>' (implies x and i) - + r - + Generate random nonces instead of sequential nonces. Standard reader attack won't work with this option, only moebius attack works @@ -352,7 +382,7 @@ It could make the whole sector blocked irreversibly! - + Data @@ -411,11 +441,6 @@ It could make the whole sector blocked irreversibly! Key Type: - - - Snoop - - List Data @@ -556,6 +581,11 @@ It could make the whole sector blocked irreversibly! Sniff + + + Sniff(14a) + + LF/Data @@ -739,7 +769,7 @@ or "-p <port> -f" - + Not Connected @@ -934,54 +964,54 @@ or "-p <port> -f" - - + + Idle - + Stop - - + + Sec - + Blk - + KeyA - + KeyB - + HW Version: - + PM3: - + State: - + Running @@ -989,56 +1019,56 @@ or "-p <port> -f" Mifare - + Success! - - - + + - - - + + + + Info - + Plz provide at least one known key - - + + Failed! - + The Access Bits is invalid! It could make the whole sector blocked irreversibly! Continue to write? - + Successful! - + Failed to write to these blocks: - + Select them? - + Failed to read card. diff --git a/lang/zh_CN.qm b/lang/zh_CN.qm new file mode 100644 index 0000000000000000000000000000000000000000..3edc62af218d3d62201f97afbe22450d6656d6fb GIT binary patch literal 16922 zcmbtb3wV>|y?@&#X_BU;AS=imzMx22dZ$t>h!$9-K+{VKp_Wm;Bww1)Txu@8po4-q zfvSZmBEl4Jk4`tI?xLQvxw#{5x`Vni=X9HsUGPjdWm6`PGEdL%|9;7rOTV_bwNLXV zU*60Aeto<2Dfi45PaQdMe9i?w+V}RB45z`Ojd0{ov-*F6Z)G_^$l^FlR^k3Tw zI(9StBbymp^f#tIAv1PaIh(R;4P)#Ot8Ba$bh(c$y6#rcU>j>Vup0Y4&sHzk$=F5v z+3LOcJnuAHTc!uyjmmiGeazv*zSZ^Y>gMMeyYwZtap!5qrX6CN_C0{{CH7$HFLBN~ z_DG-(bb5=u@W$7{*Y>Q{RiI#17c!Tz3g?8r30J5L!e zU7q#sljV$kepB}RJvjfO&g`-i_hbH+>}tc+j7_~dyXn3yj1`$M0-mC(><1f0LGN#6 zfB#rE;8?4Si{H;a*_H!13bX%uGQ!xxquHnXaNfm@IXT1E0RMrU&%Fv>U$Ql4&aa;X z+&AVpX4C+_gE>#W1NbidRn7~`8W~%BZO+@zev7fX6FTF^Zph0|bcN^bW$gUjx&<_qUmcK*ycnkQsphfr0?`J^`{!4$!)sHe(J43(t2PT|TtiR%? zH{kon^=nSNiggd`*FO9meEzHcy2ml^vS;)U?*&|op4C4#^%TB;-Eiqa@O#m)Va=}~ z^NY$1O&5SJmrgU>u^f6b`|jLn`(I-0f*W!#AvwC}ueobJ4}LDZCbw;c4Rr3vy~m8P zb}08766jp>9b>`WKFrHD7G95erALfYfAa}rRhJmu$D2XNTBFBw5@WZq@94vL{(*6C zb^&8EZa04QF!(ypU_8m;CEh@Y33sEVa{|@h4pSw;V2KY~~~8uGh8zp512YYz_E7+w9zS2*>4~zI+CH>&`p=-XP?wJnz@{Z-U-Gm3Q(D z;AfI7n}<5E&nk=aN8m$cfn{jH9LV2t%PsG}0DgUB`Hu@<1b@$1{xggCH(+`0Ucj$^ z%<}3rpwoQ6O~LLU_>zA?!NC{r#(HnTopS(3iLKy?@0el#UMzUxZ$tR}T)|US^n6djFFtq} z@Le~hwCx?}<&#s^UktiWe`U%@OC#*@mwk*at;`w4j}cAXh*>mwk<2`k?=08c>!s!BBsYpF3#AzW2SkX%D zLl#@Ur{a#Sn@0L}C7+I3M&1}azWG?|cWrsBg*CB-8x6MnR04Q&Tc1~mV1Jhg!UEV) zW=_OoF&0TvoSj$6K{+hImV)k3fCocC7oaAzh#w&jkI2`=+N zrw;EA1?NZc8t&o!zNi;y`+$Eh@xPRZf{=rAKPh@f^FcR|1fY?t6Mj?zqD;f(2WjBujZ-1&7lQ=4D4RatT zIYVI>#qm*?N&12~xt+DLdKlPhTS=#5=gv`+3fP4$;ZUE?Ekk2^{XQ48roO$ko?EM- z3sHF@i766$+p+r^>|8Zw=P!)e*^`EH3vlmz;stHH-rIUZ=LTCD=GD-AWwv@)%euyuyoQIuyjDTKoHu#| zS0cT#%jfaQ?oy#mV%~D@2}5LM0Uy=`~=3LXE>nWtu029v&aWdA^4)r8hw-AeTo6qRZxUt1kcvgK`gW zs4w@8Cj#kc`^G^#eOBDIngpxe3E3cmX*24Clr4cdd0@a(c(GXF>3@q z2s-ezD)R+>a@ZLHL*XfUW6^Pzr;~f&TxRLXkca@Q2*CtIr>j>ALmXfSHA4y=%)`Xf z!6)^vJIN*y!5S<9|n~=}E_2rFIS%vMT?dP>VVXq^z z#43i*w#qv`RGz5xJs;wTpfMs>w1*L7c;s+J8#1R*Sa_KU57BM7tL><|k+CtTY&0pl zCGrV*)o2zo+fNOB+WF5Nr{$=v#CesyZucX$eEX?=h7rG`@<3MSougUm?w2Om zVp|ETVv9z8)3&J7aqT7Wx|Ze!`@7wyHpJ4(tk!RL-bvC!QTC{%o3$6%nDUMNlj@yX2EF!mwN;%p&as~P9h@xB_LIJ04W zAHEMD?~$<^J+H*xwJO(EwaL&<8Tn3~xv8PbUR&AGv7u{y6-V6cj=7@TO|}Bjz8p2T z$$jN~VR<$G!_aNKdLg%k`s9EUiD7kRRqdo$&qVxBVTuwThBfTc`7jpb%l-w^v~ePO+sO0!_T)ZX#Iq(P|_{C)VE8? zK~ey`P5>AQ1riku*a2U+7eFATa(Sg-w=dW&+=Hl&@yb%(@AbL7ap&PiSP7LO99B?r zwgTk=ByT}Hp(Gpru#^*C5wGwyl)yC5JQvN=M2}Qi`BlMAapVOAu6mMi;F30_N1 zzg*7ik+2ZC$m9#+%VI~A$7qt^M2P#M!sut>og`dCg5Q~h6Qm~=jU`-Kv}Ga`Q6j23 z$9dIb=Rr_6Cm3-c%PzGwwcq3k?wh56hU%QkT^sY(lF-_ZcjP0qIz+@DwZyF9!JfVC zU$*^;R<{>ytU{irB1UU$Ur`nP8G;u9jZ>z&VuTADCMj}4RJX#6C8X{O-Z-D?T_{t= z!g4XzAfuKQA(cV?be4qz@QQBINUB>B>3K6e2i{N}h@MetBF-|}G|n~hr*R%zx5VJt z;~+%`d#O^&n|vOU4+5@OlbeeZ#1lkof{c2Ee9EN7L?Zcw|CeNP6dAR3+46@z^_-S3 zODBpAB~6M(l=4YJ>QLU3xCSUm-HwMYq}L!^X%boPj)fBzfdU2(YHOflIbRn+z(Rsc zR1hMK^m!1qKr$bp1Tn~=P%I#8g2~ z(cmcr{JIHL7%CS`?BUAYH*3>k=as{!6ZNKqZ=eEsd%=M}yK-%R>O1XvKvB6Ni+tiB zqteT$#bH$nuI)GVxY<=iW?NaeDWQ%Xx~O5~jq9$pOW~^$gw4_uY?40`f&lpapiV;D zP*E22mEaVjD6mF)QFjH6Ko_BCPSjc4AqWLXOPUtJxD5oPaL+=t6;PZ-U>$^mf{=%0s$ja+&8;rTp3{$NzYAOuZ_3NdiwPRH z46RI-ub~{M%y@)?mWn!1V31$6u2DfU66@_n1(@6(q>fVH)Gy$2(OLh~k|eC-`Q|Z$G~2w!U5D+f>h=tS#R~ z+;E5F2-W2iG$$lUoySl-q4X)maS5wL|0Ax>aWCKRm9YaV;KKO9zK&5GQg70KC`Saw zlyra0d75OR2uu7TZ-s!8(d*kqzJNSHx18___EY=eCERbP1bG_?Swbvf++degkE)vH zxJ42)zyznT=3%*4Ci#GV1K_v~5>Z;5rJA75On@q)gm;HNB`a)WJ#!M;!1@TJgc}zb zo?;JidICslx4_+t?ihtiu&{7QuuQ7+(lF1~#OgR(V3BC!D7t9TkhW2oHEP^{yuG5w zy)|#si0vfR6HH4<>6Y;_QIbzP2`5`xBeq)-K0#$gLA{ggMItO410ojc(p-cg z*+WHN*J-0lsjQOOUm7`KyUGqCGGM+H2rIo_wltH@Q-B;(Ax4@pgmW3 z*%G#dd~XW=B`H`m{aaWpSyGQ)TmtzLO{_{3tjJNNz@W(kRR(6qp+YT6-93f0S~B5H z9COXs(TERg$oLRuReDPXwnTE}q4{C0R+t@)NaZyJ8~uGfd}Ctj;-@>h6e#NjJtj}-HZ zrpXw%yg%wbi9q-HU?9gXa9=*19h%N%w6T9 zy7Qpc)<#-FttfR#o>Rp=RqL&E25THa7W#tGMj2jjnzOb6FN|uzZ4ljyEkzR@N zQ}}VeKh!U~H3ic^u%s|aPy1_gNB(A4Qhd!TeGvdK9)m0(qVRwewWUx59!!fOM#^EG z_LTh#8mJs9^6gNs9MoE5rbW$fc5c}5p?bp95K6FH*0;r6soNS?1&=IL#x87i1+;jx@$igf_>wZat7RDY{0tHkov3wqG}%*{^AS z)0IUbgUfW=qxMt1PtzqWd!%`LcM0jTVltdX-6q@FwtIS94(rG(yVt6?U9kowRce$( zA@v-$8c-#3b2Ox=z=+ICF)a}Ga4Z<4Yy%;Wa!GKFy57G37V0@56N9j<6B zOVgnOfFRPBNZB&H)gpOf=~7lU&eEl2<196blx7y=DqqbB4_n8z&a$-4X#Iq40;bt+ z(^^do(MrbrsDKH{~ye8&D zxopC4$e`%FdS<>2rGg24_>p*z*G$*S6k9<+>~Gp0jC^au_4e2IzwB%p`n1QjX))Oi zrTekbkoNtR2U*{)9kY;*DM_0{By4W<3Hw>(y0hEfYP|usT$NM~-A3Gc^@|xXHjwr$ zbs&o=xPgC=d)ys56^}=O2bzhvvX)|$!U{#GpoKc19PIOy4rn?3XF~lc+t+mCg^`eHh7J1ZAxtUyCSaKvb>Zi#@(>)L-f3K&ct8L5|x* z0+3!rTofe`Q1PwtR=JRnDYSPa2o1&c>@(dlNSD@{w<{#?yi5LQaM$KlBbT0PlMP^(<;S`#(6}T+d3$lmN#9fBx zI0tjsqwu^e{XYEsvT}=TBvDrTnWAF+tul4wyW%@%GlL|;F^R@ z?B4HlD^+hd-NZv#l|D`YHJyuC5Y-b>$Ott@3hzF1%v`lcO# z8ivoZij)dAZkb5#3P<9uLZ)dpw$;jyrP&1>;Xzs7%ZbpMImt9}M~41ohRm&;Muc3d z_Qvm}jX7&f1fJWbMAlmL(vcRZl+vLysYxXr-APlY<=AC3J2EQ8REBN!?n{p6Y5ML6%W}>xBXaD)WWGzW&M~gyhnvon>nzb|8(Zp+jiPNO^xm}LU zq_vJtQORP&3Dn@%JYa&W`D1papjO>gZx8xBn&t8W@oz9z+>EM$wJBCtn8gZfRgI)s zI4B~2Pfms$!$8(X!|q3d`rF;=@?twhJMo}HSX64CD^378H1$xaoF%(8TPwyy4598f z1^;t`#)Rsiwb*5*&@aQ&8n6yAnbve&%f_B$rmnL`Lz=~jS+;l79HbjCkuLwiB|hF9D_A^o7pnS7Qj zMT(|D3E_cIHxZ4DXxODGP1O@^Hc78x?${&FrGfBSZ>WvYFZbIi;;wV}w5!)k>N`Ulob;>6LLXPN7c>qQf??sPnN@|k1LwkLiFO9p}0m?DB6~gaa+gpxylCOx^U{eaY{z1QxKZ$_;BM?*DKA3 zafPjf{!=rp7BH7W6WqZN|2l;P3C08&dnhP#^>zj6eCn1KA}YG?htb(cR)Z~ZZvn&t zq9B~Q#NaG!yF2C9w9y_DR}scwlsPdkKG75NkD0qVepxeqX`5QH!zYzzi3{BHU!~+M zU0sf5+jJ^)ZgzI$(-m*3W$)QRENh>Uf`zLc*-Pr>W28pDf9Hm`8R@tvk`vPf_tS{; E|D47u?*IS* literal 0 HcmV?d00001 diff --git a/lang/zh_CN.ts b/lang/zh_CN.ts index 3ff7b4f..3efde9e 100644 --- a/lang/zh_CN.ts +++ b/lang/zh_CN.ts @@ -45,72 +45,102 @@ 模拟 - + u - + UID 4 or 7 bytes. If not specified, the UID 4B from emulator memory will be used 4或7字节的UID,如果不指定,则使用模拟器内存中的4字节UID - + + --atqa + + + + + Provide explicit ATQA (2 bytes) + 指定ATQA(2个字节) + + + + --sak + + + + + Provide explicit SAK (1 byte) + 指定SAK(1个字节) + + + n - + Automatically exit simulation after <numreads> blocks have been read by reader. 0 = infinite 在读卡器读取<n>个块后自动退出模拟,n为0或不指定时永远不退出 - + i - + Interactive, means that console will not be returned until simulation finishes or is aborted 交互模式,勾选后PM3客户端将在模拟完成或者模拟中断后才可继续使用 - + x - + Crack, performs the 'reader attack', nr/ar attack against a legitimate reader, fishes out the key(s) 破解,对读卡器进行攻击,通过nr/ar攻击来钓出密码(无卡嗅探) - + e - - set keys found from 'reader attack' to emulator memory (implies x and i) - 在获得密码后自动将密码写入模拟器内存(自动勾选x和i) + + set keys found from 'reader attack' to emulator memory (implies x(--crack) and i) + 在获得密码后自动将密码写入模拟器内存(自动勾选x(--crack)和i) - + + -v + + + + + verbose output + 更多输出内容 + + + f - + get UIDs to use for 'reader attack' from file 'f <filename.txt>' (implies x and i) 从<filename.txt>当中获取用于破解读卡器的UID(批量模拟)(自动勾选x和i) - + r - + Generate random nonces instead of sequential nonces. Standard reader attack won't work with this option, only moebius attack works 生成随机nonce而不是顺序的nonce,这种情况下PM3将不对读卡器进行标准攻击,只进行moebius攻击 @@ -356,7 +386,7 @@ It could make the whole sector blocked irreversibly! - + Data 数据 @@ -415,11 +445,6 @@ It could make the whole sector blocked irreversibly! Key Type: 密钥类型: - - - Snoop - 嗅探(Snoop) - List Data @@ -560,6 +585,11 @@ It could make the whole sector blocked irreversibly! Sniff 嗅探 + + + Sniff(14a) + 嗅探(14a) + LF/Data @@ -747,7 +777,7 @@ or "-p <port> -f" - + Not Connected 未连接 @@ -942,54 +972,54 @@ or "-p <port> -f" Trace文件(*.trc) - - + + Idle 空闲 - + Stop 停止 - - + + Sec 扇区 - + Blk - + KeyA 密钥A - + KeyB 密钥B - + HW Version: 固件版本: - + PM3: 连接状态: - + State: 运行状态: - + Running 正在运行 @@ -997,34 +1027,34 @@ or "-p <port> -f" Mifare - + Success! 成功! - - - + + - - - + + + + Info 信息 - + Plz provide at least one known key 请至少提供一个已知密码 - - + + Failed! 失败! - + The Access Bits is invalid! It could make the whole sector blocked irreversibly! Continue to write? @@ -1033,22 +1063,22 @@ Continue to write? 确定要写入吗? - + Successful! 成功! - + Failed to write to these blocks: 写入以下块失败: - + Select them? 选中这些块? - + Failed to read card. 读卡失败。 diff --git a/module/mifare.cpp b/module/mifare.cpp index 5cb6f38..064a9ae 100644 --- a/module/mifare.cpp +++ b/module/mifare.cpp @@ -89,7 +89,7 @@ Mifare::Mifare(Ui::MainWindow *ui, Util *addr, QWidget *parent): QObject(parent) QString Mifare::info(bool isRequiringOutput) { - if(util->getClientType() == Util::CLIENTTYPE_OFFICIAL || util->getClientType() == Util::CLIENTTYPE_ICEMAN) + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL || Util::getClientType() == Util::CLIENTTYPE_ICEMAN) { if(isRequiringOutput) { @@ -120,7 +120,7 @@ void Mifare::chk() QString result; int offset = 0; QString data; - if(util->getClientType() == Util::CLIENTTYPE_OFFICIAL) + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL) { result = util->execCMDWithOutput( "hf mf chk *" @@ -148,7 +148,7 @@ void Mifare::chk() } } } - else if(util->getClientType() == Util::CLIENTTYPE_ICEMAN) + else if(Util::getClientType() == Util::CLIENTTYPE_ICEMAN) { result = util->execCMDWithOutput( "hf mf chk --" @@ -185,7 +185,7 @@ void Mifare::nested() QString result; int offset = 0; QString data; - if(util->getClientType() == Util::CLIENTTYPE_OFFICIAL) + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL) { result = util->execCMDWithOutput( "hf mf nested " @@ -193,7 +193,7 @@ void Mifare::nested() + " *", Util::ReturnTrigger(15000, {"Can't found", "\\|000\\|"})); } - else if(util->getClientType() == Util::CLIENTTYPE_ICEMAN) + else if(Util::getClientType() == Util::CLIENTTYPE_ICEMAN) { QString knownKeyInfo = ""; for(int i = 0; i < cardType.sector_size; i++) @@ -262,34 +262,41 @@ void Mifare::hardnested() void Mifare::darkside() { - if(util->getClientType() == Util::CLIENTTYPE_OFFICIAL) - { + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL) util->execCMD("hf mf mifare"); - ui->funcTab->setCurrentIndex(Util::rawTabIndex); - } - else if(util->getClientType() == Util::CLIENTTYPE_ICEMAN) - { + else if(Util::getClientType() == Util::CLIENTTYPE_ICEMAN) util->execCMD("hf mf darkside"); - ui->funcTab->setCurrentIndex(Util::rawTabIndex); - } + ui->funcTab->setCurrentIndex(Util::rawTabIndex); } void Mifare::sniff() { - util->execCMD("hf mf sniff"); + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL) + util->execCMD("hf mf sniff"); + else if(Util::getClientType() == Util::CLIENTTYPE_ICEMAN) + util->execCMD("hf sniff"); + ui->funcTab->setCurrentIndex(Util::rawTabIndex); } -void Mifare::snoop() +void Mifare::sniff14a() { - util->execCMD("hf 14a snoop"); + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL) + util->execCMD("hf 14a snoop"); + else if(Util::getClientType() == Util::CLIENTTYPE_ICEMAN) + util->execCMD("hf 14a sniff"); + ui->funcTab->setCurrentIndex(Util::rawTabIndex); } void Mifare::list() { - util->execCMD("hf list mf"); + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL) + util->execCMD("hf list mf"); + else if(Util::getClientType() == Util::CLIENTTYPE_ICEMAN) + util->execCMD("trace list -t mf"); + ui->funcTab->setCurrentIndex(Util::rawTabIndex); } @@ -300,7 +307,7 @@ QString Mifare::_readblk(int blockId, KeyType keyType, const QString& key, Targe QRegularExpressionMatch currMatch; bool isTrailerBlock = (blockId < 128 && ((blockId + 1) % 4 == 0)) || ((blockId + 1) % 16 == 0); - if(util->getClientType() == Util::CLIENTTYPE_OFFICIAL || util->getClientType() == Util::CLIENTTYPE_ICEMAN) + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL || Util::getClientType() == Util::CLIENTTYPE_ICEMAN) { if(targetType == TARGET_MIFARE) { @@ -358,7 +365,7 @@ QString Mifare::_readblk(int blockId, KeyType keyType, const QString& key, Targe data = ""; } } - if(util->getClientType() == Util::CLIENTTYPE_OFFICIAL) + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL) { if(targetType == TARGET_EMULATOR) { @@ -370,7 +377,7 @@ QString Mifare::_readblk(int blockId, KeyType keyType, const QString& key, Targe data.remove(" "); } } - else if(util->getClientType() == Util::CLIENTTYPE_ICEMAN) + else if(Util::getClientType() == Util::CLIENTTYPE_ICEMAN) { if(targetType == TARGET_EMULATOR) { @@ -397,7 +404,7 @@ QStringList Mifare::_readsec(int sectorId, KeyType keyType, const QString& key, data.append(""); } - if(util->getClientType() == Util::CLIENTTYPE_OFFICIAL || util->getClientType() == Util::CLIENTTYPE_ICEMAN) + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL || Util::getClientType() == Util::CLIENTTYPE_ICEMAN) { // try to read all blocks together if(targetType == TARGET_MIFARE) @@ -583,7 +590,7 @@ bool Mifare::_writeblk(int blockId, KeyType keyType, const QString& key, const Q if(data_isDataValid(input) != DATA_NOSPACE) return false; - if(util->getClientType() == Util::CLIENTTYPE_OFFICIAL || util->getClientType() == Util::CLIENTTYPE_ICEMAN) + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL || Util::getClientType() == Util::CLIENTTYPE_ICEMAN) { if(targetType == TARGET_MIFARE) { @@ -734,26 +741,28 @@ void Mifare::writeSelected(TargetType targetType) void Mifare::dump() { - util->execCMD("hf mf dump"); + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL || Util::getClientType() == Util::CLIENTTYPE_ICEMAN) + util->execCMD("hf mf dump"); ui->funcTab->setCurrentIndex(Util::rawTabIndex); } void Mifare::restore() { - util->execCMD("hf mf restore"); + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL || Util::getClientType() == Util::CLIENTTYPE_ICEMAN) + util->execCMD("hf mf restore"); ui->funcTab->setCurrentIndex(Util::rawTabIndex); } void Mifare::wipeC() { - if(util->getClientType() == Util::CLIENTTYPE_OFFICIAL) + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL) { util->execCMD( "hf mf cwipe " + QString::number(cardType.type) + " f"); } - else if(util->getClientType() == Util::CLIENTTYPE_ICEMAN) + else if(Util::getClientType() == Util::CLIENTTYPE_ICEMAN) { util->execCMD("hf mf cwipe"); } @@ -784,7 +793,7 @@ void Mifare::setParameterC() void Mifare::lockC() { - if(util->getClientType() == Util::CLIENTTYPE_OFFICIAL) + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL) { util->execCMD("hf 14a raw -pa -b7 40"); util->execCMD("hf 14a raw -pa 43"); @@ -793,7 +802,7 @@ void Mifare::lockC() util->execCMD("hf 14a raw -pa 85 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 18 47"); util->execCMD("hf 14a raw -a 52"); } - else if(util->getClientType() == Util::CLIENTTYPE_ICEMAN) + else if(Util::getClientType() == Util::CLIENTTYPE_ICEMAN) { util->execCMD("hf 14a raw -ak -b 7 40"); util->execCMD("hf 14a raw -ak 43"); @@ -806,12 +815,13 @@ void Mifare::lockC() void Mifare::wipeE() { - util->execCMD("hf mf eclr"); + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL || Util::getClientType() == Util::CLIENTTYPE_ICEMAN) + util->execCMD("hf mf eclr"); } void Mifare::simulate() { - MF_Sim_simDialog dialog(cardType.type); + MF_Sim_simDialog dialog(cardType.type, cardType.typeText); connect(&dialog, &MF_Sim_simDialog::sendCMD, util, &Util::execCMD); if(dialog.exec() == QDialog::Accepted) ui->funcTab->setCurrentIndex(Util::rawTabIndex); @@ -819,13 +829,24 @@ void Mifare::simulate() void Mifare::loadSniff(const QString& file) { - util->execCMD("hf list mf -l " + file); + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL) + util->execCMD("hf list mf -l " + file); + else if(Util::getClientType() == Util::CLIENTTYPE_ICEMAN) + { + if(util->execCMDWithOutput("trace load -f " + file, Util::ReturnTrigger({"loaded"})) != "") + util->execCMD("trace list -t mf"); + } + ui->funcTab->setCurrentIndex(Util::rawTabIndex); } void Mifare::saveSniff(const QString& file) { - util->execCMD("hf list mf -s " + file); + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL) + util->execCMD("hf list mf -s " + file); + else if(Util::getClientType() == Util::CLIENTTYPE_ICEMAN) + util->execCMD("trace save -f " + file); + ui->funcTab->setCurrentIndex(Util::rawTabIndex); } diff --git a/module/mifare.h b/module/mifare.h index 869d992..b50ff33 100644 --- a/module/mifare.h +++ b/module/mifare.h @@ -70,7 +70,7 @@ public: void darkside(); void hardnested(); void sniff(); - void snoop(); + void sniff14a(); void list(); void readOne(TargetType targetType = TARGET_MIFARE); void readSelected(TargetType targetType = TARGET_MIFARE); diff --git a/ui/mainwindow.cpp b/ui/mainwindow.cpp index 297520e..673acdc 100644 --- a/ui/mainwindow.cpp +++ b/ui/mainwindow.cpp @@ -836,10 +836,10 @@ void MainWindow::on_MF_Sniff_sniffButton_clicked() setState(true); } -void MainWindow::on_MF_Sniff_snoopButton_clicked() +void MainWindow::on_MF_14aSniff_snoopButton_clicked() { setState(false); - mifare->snoop(); + mifare->sniff14a(); setState(true); } @@ -852,6 +852,7 @@ void MainWindow::MF_widgetReset() { int secs = mifare->cardType.sector_size; int blks = mifare->cardType.block_size; + QBrush trailerItemForeColor = QBrush(QColor(0, 160, 255)); ui->MF_RW_blockBox->clear(); ui->MF_keyWidget->setRowCount(secs); ui->MF_dataWidget->setRowCount(blks); @@ -876,8 +877,10 @@ void MainWindow::MF_widgetReset() setTableItem(ui->MF_keyWidget, i, 1, ""); setTableItem(ui->MF_keyWidget, i, 2, ""); setTableItem(ui->MF_dataWidget, mifare->cardType.blks[i], 0, QString::number(i)); + ui->MF_dataWidget->item(mifare->cardType.blks[i] + mifare->cardType.blk[i] - 1, 2)->setForeground(trailerItemForeColor); ui->MF_dataWidget->item(mifare->cardType.blks[i], 0)->setCheckState(Qt::Checked); } + ui->MF_dataWidget->item(0, 2)->setForeground(QBrush(QColor(255, 160, 0))); ui->MF_selectAllBox->setCheckState(Qt::Checked); ui->MF_selectTrailerBox->setCheckState(Qt::Checked); diff --git a/ui/mainwindow.h b/ui/mainwindow.h index 862adf2..b2747c9 100644 --- a/ui/mainwindow.h +++ b/ui/mainwindow.h @@ -149,7 +149,7 @@ private slots: void on_MF_fillKeysButton_clicked(); - void on_MF_Sniff_snoopButton_clicked(); + void on_MF_14aSniff_snoopButton_clicked(); void on_MF_trailerDecoderButton_clicked(); diff --git a/ui/mainwindow.ui b/ui/mainwindow.ui index d1fa6d4..5143dba 100644 --- a/ui/mainwindow.ui +++ b/ui/mainwindow.ui @@ -1129,7 +1129,7 @@ - + 40 @@ -1137,7 +1137,7 @@ - Snoop + Sniff(14a) diff --git a/ui/mf_sim_simdialog.cpp b/ui/mf_sim_simdialog.cpp index c0ba180..2db9c19 100644 --- a/ui/mf_sim_simdialog.cpp +++ b/ui/mf_sim_simdialog.cpp @@ -1,12 +1,34 @@ #include "mf_sim_simdialog.h" #include "ui_mf_sim_simdialog.h" -MF_Sim_simDialog::MF_Sim_simDialog(int cardType, QWidget *parent) : +MF_Sim_simDialog::MF_Sim_simDialog(int cardType, QString cardTypeText, QWidget *parent) : QDialog(parent), ui(new Ui::MF_Sim_simDialog) { ui->setupUi(this); + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL) + { + ui->atqaGroupBox->setVisible(false); + ui->atqaLine->setVisible(false); + ui->sakGroupBox->setVisible(false); + ui->sakLine->setVisible(false); + ui->vGroupBox->setVisible(false); + ui->vLine->setVisible(false); + } + else if(Util::getClientType() == Util::CLIENTTYPE_ICEMAN) + { + ui->fGroupBox->setVisible(false); + ui->fLine->setVisible(false); + ui->rGroupBox->setVisible(false); + ui->rLine->setVisible(false); + ui->uBox->setText("-u"); + ui->nBox->setText("-n"); + ui->iBox->setText("-i"); + ui->xBox->setText("--crack"); + ui->eBox->setText("-e"); + } this->cardType = cardType; + this->cardTypeText = cardTypeText; } MF_Sim_simDialog::~MF_Sim_simDialog() @@ -55,12 +77,27 @@ void MF_Sim_simDialog::on_fBox_clicked(bool checked) void MF_Sim_simDialog::on_buttonBox_accepted() { QString paras; - paras += (ui->uBox->isChecked() ? "u " + ui->uEdit->text() + " " : ""); - paras += (ui->nBox->isChecked() ? "n " + ui->nEdit->text() + " " : ""); - paras += (ui->iBox->isChecked() ? "i " : ""); - paras += (ui->xBox->isChecked() ? "x " : ""); - paras += (ui->eBox->isChecked() ? "e " : ""); - paras += (ui->fBox->isChecked() ? "f " + ui->fEdit->text() + " " : ""); - paras += (ui->rBox->isChecked() ? "r " : ""); - emit sendCMD(QString("hf mf sim ") + "*" + QString::number(cardType) + " " + paras.trimmed()); + if(Util::getClientType() == Util::CLIENTTYPE_OFFICIAL) + { + paras += (ui->uBox->isChecked() ? "u " + ui->uEdit->text() + " " : ""); + paras += (ui->nBox->isChecked() ? "n " + ui->nEdit->text() + " " : ""); + paras += (ui->iBox->isChecked() ? "i " : ""); + paras += (ui->xBox->isChecked() ? "x " : ""); + paras += (ui->eBox->isChecked() ? "e " : ""); + paras += (ui->fBox->isChecked() ? "f " + ui->fEdit->text() + " " : ""); + paras += (ui->rBox->isChecked() ? "r " : ""); + emit sendCMD(QString("hf mf sim ") + "*" + QString::number(cardType) + " " + paras.trimmed()); + } + else if(Util::getClientType() == Util::CLIENTTYPE_ICEMAN) + { + paras += (ui->uBox->isChecked() ? "-u " + ui->uEdit->text() + " " : ""); + paras += (ui->atqaBox->isChecked() ? "--atqa " + ui->atqaEdit->text() + " " : ""); + paras += (ui->sakBox->isChecked() ? "--sak " + ui->sakEdit->text() + " " : ""); + paras += (ui->nBox->isChecked() ? "-n " + ui->nEdit->text() + " " : ""); + paras += (ui->iBox->isChecked() ? "-i " : ""); + paras += (ui->xBox->isChecked() ? "--crack " : ""); + paras += (ui->eBox->isChecked() ? "-e " : ""); + paras += (ui->vBox->isChecked() ? "-v " : ""); + emit sendCMD(QString("hf mf sim --") + cardTypeText + " " + paras.trimmed()); + } } diff --git a/ui/mf_sim_simdialog.h b/ui/mf_sim_simdialog.h index 49c9ba2..34a455b 100644 --- a/ui/mf_sim_simdialog.h +++ b/ui/mf_sim_simdialog.h @@ -3,6 +3,7 @@ #include #include +#include "common/util.h" namespace Ui { @@ -14,7 +15,7 @@ class MF_Sim_simDialog : public QDialog Q_OBJECT public: - explicit MF_Sim_simDialog(int cardType, QWidget *parent = nullptr); + explicit MF_Sim_simDialog(int cardType, QString cardTypeText, QWidget *parent = nullptr); ~MF_Sim_simDialog(); private slots: @@ -25,6 +26,7 @@ private slots: private: Ui::MF_Sim_simDialog *ui; int cardType; + QString cardTypeText; signals: void sendCMD(const QString& cmd); private slots: diff --git a/ui/mf_sim_simdialog.ui b/ui/mf_sim_simdialog.ui index 1a9c15a..2fcbf31 100644 --- a/ui/mf_sim_simdialog.ui +++ b/ui/mf_sim_simdialog.ui @@ -7,309 +7,598 @@ 0 0 461 - 456 + 524 Simulate - - 5 - - - 5 - - - 5 - - - 5 - - - 5 - - - - - - u - - - - - - - - 0 - 0 - - - - - 100 - 16777215 - - - - - - - - - 0 - 0 - - - - UID 4 or 7 bytes. If not specified, the UID 4B from emulator memory will be used - - - true - - - - + + + + 5 + + + 0 + + + 0 + + + 0 + + + 0 + + + + + u + + + + + + + + 0 + 0 + + + + + 100 + 16777215 + + + + + + + + + 0 + 0 + + + + UID 4 or 7 bytes. If not specified, the UID 4B from emulator memory will be used + + + true + + + + + + + + + + Qt::Horizontal + + + + + + + + 5 + + + 0 + + + 0 + + + 0 + + + 0 + + + + + --atqa + + + + + + + + 0 + 0 + + + + + 100 + 16777215 + + + + + + + + + 0 + 0 + + + + Provide explicit ATQA (2 bytes) + + + true + + + + + + + + + + Qt::Horizontal + + + + + + + + 5 + + + 0 + + + 0 + + + 0 + + + 0 + + + + + --sak + + + + + + + + 0 + 0 + + + + + 100 + 16777215 + + + + + + + + + 0 + 0 + + + + Provide explicit SAK (1 byte) + + + true + + + + + - + Qt::Horizontal - - - - - n - - - - - - - - 0 - 0 - - - - - 100 - 16777215 - - - - - - - - - 0 - 0 - - - - Automatically exit simulation after <numreads> blocks have been read by reader. 0 = infinite - - - true - - - - + + + + 5 + + + 0 + + + 0 + + + 0 + + + 0 + + + + + n + + + + + + + + 0 + 0 + + + + + 100 + 16777215 + + + + + + + + + 0 + 0 + + + + Automatically exit simulation after <numreads> blocks have been read by reader. 0 = infinite + + + true + + + + + - + Qt::Horizontal - - - - - i - - - - - - - - 0 - 0 - - - - Interactive, means that console will not be returned until simulation finishes or is aborted - - - true - - - - + + + + 5 + + + 0 + + + 0 + + + 0 + + + 0 + + + + + i + + + + + + + + 0 + 0 + + + + Interactive, means that console will not be returned until simulation finishes or is aborted + + + true + + + + + - + Qt::Horizontal - - - - - x - - - - - - - - 0 - 0 - - - - Crack, performs the 'reader attack', nr/ar attack against a legitimate reader, fishes out the key(s) - - - true - - - - + + + + 5 + + + 0 + + + 0 + + + 0 + + + 0 + + + + + x + + + + + + + + 0 + 0 + + + + Crack, performs the 'reader attack', nr/ar attack against a legitimate reader, fishes out the key(s) + + + true + + + + + - + Qt::Horizontal - - - - - e - - - - - - - - 0 - 0 - - - - set keys found from 'reader attack' to emulator memory (implies x and i) - - - true - - - - + + + + 5 + + + 0 + + + 0 + + + 0 + + + 0 + + + + + e + + + + + + + + 0 + 0 + + + + set keys found from 'reader attack' to emulator memory (implies x(--crack) and i) + + + true + + + + + - + Qt::Horizontal - - - - - f - - - - - - - - 0 - 0 - - - - - 100 - 16777215 - - - - - - - - - 0 - 0 - - - - get UIDs to use for 'reader attack' from file 'f <filename.txt>' (implies x and i) - - - true - - - - + + + + 5 + + + 0 + + + 0 + + + 0 + + + 0 + + + + + f + + + + + + + + 0 + 0 + + + + + 100 + 16777215 + + + + + + + + + 0 + 0 + + + + get UIDs to use for 'reader attack' from file 'f <filename.txt>' (implies x and i) + + + true + + + + + - + Qt::Horizontal - - - - - r - - - - - - - - 0 - 0 - - - - Generate random nonces instead of sequential nonces. Standard reader attack won't work with this option, only moebius attack works - - - true - - - - + + + + 5 + + + 0 + + + 0 + + + 0 + + + 0 + + + + + r + + + + + + + + 0 + 0 + + + + Generate random nonces instead of sequential nonces. Standard reader attack won't work with this option, only moebius attack works + + + true + + + + + + + + + + Qt::Horizontal + + + + + + + + 5 + + + 0 + + + 0 + + + 0 + + + 0 + + + + + -v + + + + + + + + 0 + 0 + + + + verbose output + + + true + + + + + - + Qt::Horizontal