armsrc/Standalone/hf_14asniff.c

   1 //-----------------------------------------------------------------------------
   2 // Copyright (C) 2020 Michael Farrell <micolous+git@gmail.com>
   3 // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details.
   4 //
   5 // This program is free software: you can redistribute it and/or modify
   6 // it under the terms of the GNU General Public License as published by
   7 // the Free Software Foundation, either version 3 of the License, or
   8 // (at your option) any later version.
   9 //
  10 // This program is distributed in the hope that it will be useful,
  11 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13 // GNU General Public License for more details.
  14 //
  15 // See LICENSE.txt for the text of the license.
  16 //-----------------------------------------------------------------------------
  17 // main code for standalone HF/iso14a Sniff to flash
  18 //-----------------------------------------------------------------------------
  19
  20 /*
  21  * `hf_14asniff` passively sniffs ISO14a frames, and stores them in internal
  22  * flash. It requires RDV4 hardware (for flash and battery).
  23  *
  24  * This module is similar to hf_bog (which only logs ULC/NTAG/ULEV1 auth).
  25  *
  26  * On entering stand-alone mode, this module will start sniffing ISO14a frames.
  27  * This will be stored in the normal trace buffer (ie: in RAM -- will be lost
  28  * at power-off).
  29  *
  30  * Short-pressing the button again will stop sniffing, and at _this_ point
  31  * append trace data from RAM to a file in flash (hf_14asniff.trace) and unmount.
  32  *
  33  * Once the data is saved, standalone mode will exit.
  34  *
  35  * LEDs:
  36  * - LED1: sniffing
  37  * - LED2: sniffed tag command, turns off when finished sniffing reader command
  38  * - LED3: sniffed reader command, turns off when finished sniffing tag command
  39  * - LED4: unmounting/sync'ing flash (normally < 100ms)
  40  *
  41  * To retrieve trace data from flash:
  42  *
  43  * 1. mem spiffs dump -s hf_14asniff.trace -d hf_14asniff.trace
  44  *    Copies trace data file from flash to your PC.
  45  *
  46  * 2. trace load -f hf_14asniff.trace
  47  *    Loads trace data from a file into PC-side buffers.
  48  *
  49  * 3. For ISO14a: trace list -t 14a -1
  50  *    For MIFARE Classic: trace list -t mf -1
  51  *
  52  *    Lists trace data from buffer without requesting it from PM3.
  53  *
  54  * This module emits debug strings during normal operation -- so try it out in
  55  * the lab connected to PM3 client before taking it into the field.
  56  *
  57  * To delete the trace data from flash:
  58  *    mem spiffs remove -f hf_14asniff.trace
  59  *
  60  * Caveats / notes:
  61  * - Trace buffer will be cleared on starting stand-alone mode. Data in flash
  62  *   will remain unless explicitly deleted.
  63  * - This module will terminate if the trace buffer is full (and save data to
  64  *   flash).
  65  * - Like normal sniffing mode, timestamps overflow after 5 min 16 sec.
  66  *   However, the trace buffer is sequential, so will be in the correct order.
  67  */
  68
  69 #include "standalone.h" // standalone definitions
  70 #include "proxmark3_arm.h"
  71 #include "iso14443a.h"
  72 #include "util.h"
  73 #include "spiffs.h"
  74 #include "appmain.h"
  75 #include "dbprint.h"
  76 #include "ticks.h"
  77 #include "BigBuf.h"
  78
  79 #define HF_14ASNIFF_LOGFILE "hf_14asniff.trace"
  80
  81 static void DownloadTraceInstructions(void) {
  82     Dbprintf("");
  83     Dbprintf("To get the trace from flash and display it:");
  84     Dbprintf("1. mem spiffs dump -s "HF_14ASNIFF_LOGFILE" -d hf_14asniff.trace");
  85     Dbprintf("2. trace load -f hf_14asniff.trace");
  86     Dbprintf("3. trace list -t 14a -1");
  87 }
  88
  89 void ModInfo(void) {
  90     DbpString(" HF 14A SNIFF,  a ISO14443a sniffer with storing in flashmem");
  91     DownloadTraceInstructions();
  92 }
  93
  94 void RunMod(void) {
  95     StandAloneMode();
  96
  97     Dbprintf(_YELLOW_("HF 14A SNIFF started"));
  98 #ifdef WITH_FLASH
  99     rdv40_spiffs_lazy_mount();
 100 #endif
 101
 102     SniffIso14443a(0);
 103
 104     Dbprintf("Stopped sniffing");
 105     SpinDelay(200);
 106
 107     uint32_t trace_len = BigBuf_get_traceLen();
 108 #ifndef WITH_FLASH
 109     // Keep stuff in BigBuf for USB/BT dumping
 110     if (trace_len > 0)
 111         Dbprintf("[!] Trace length (bytes) = %u", trace_len);
 112 #else
 113     // Write stuff to spiffs logfile
 114     if (trace_len > 0) {
 115         Dbprintf("[!] Trace length (bytes) = %u", trace_len);
 116
 117         uint8_t *trace_buffer = BigBuf_get_addr();
 118         if (!exists_in_spiffs(HF_14ASNIFF_LOGFILE)) {
 119             rdv40_spiffs_write(
 120                 HF_14ASNIFF_LOGFILE, trace_buffer, trace_len, RDV40_SPIFFS_SAFETY_SAFE);
 121             Dbprintf("[!] Wrote trace to "HF_14ASNIFF_LOGFILE);
 122         } else {
 123             rdv40_spiffs_append(
 124                 HF_14ASNIFF_LOGFILE, trace_buffer, trace_len, RDV40_SPIFFS_SAFETY_SAFE);
 125             Dbprintf("[!] Appended trace to "HF_14ASNIFF_LOGFILE);
 126         }
 127     } else {
 128         Dbprintf("[!] Trace buffer is empty, nothing to write!");
 129     }
 130
 131     LED_D_ON();
 132     rdv40_spiffs_lazy_unmount();
 133     LED_D_OFF();
 134
 135     SpinErr(LED_A, 200, 5);
 136     SpinDelay(100);
 137 #endif
 138
 139     Dbprintf("-=[ exit ]=-");
 140     LEDsoff();
 141 #ifdef WITH_FLASH
 142     DownloadTraceInstructions();
 143 #endif
 144
 145 }