search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge pull request #2747 from Eltrick/stylise-dormakaba
[RRG-proxmark3.git] / armsrc / Standalone / hf_msdsal.c
blob4ea27b0824606b46e8cf4cf4b9ed90cddcb62d39
1 //-----------------------------------------------------------------------------
2 // Copyright (C) Salvador Mendoza (salmg.net), 2020
3 // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details.
4 //
5 // This program is free software: you can redistribute it and/or modify
6 // it under the terms of the GNU General Public License as published by
7 // the Free Software Foundation, either version 3 of the License, or
8 // (at your option) any later version.
9 //
10 // This program is distributed in the hope that it will be useful,
11 // but WITHOUT ANY WARRANTY; without even the implied warranty of
12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 // GNU General Public License for more details.
14 //
15 // See LICENSE.txt for the text of the license.
16 //-----------------------------------------------------------------------------
17 // Code for reading and emulating 14a technology aka MSDSal by Salvador Mendoza
18 //-----------------------------------------------------------------------------
19 #include "standalone.h"
20 #include "proxmark3_arm.h"
21 #include "appmain.h"
22 #include "fpgaloader.h"
23 #include "util.h"
24 #include "dbprint.h"
25 #include "ticks.h"
26 #include "string.h"
27 #include "BigBuf.h"
28 #include "iso14443a.h"
29 #include "protocols.h"
30 #include "cmd.h"
31 #include "commonutil.h"
32
33 void ModInfo(void) {
34 DbpString(" HF - Reading VISA cards & Emulating a VISA MSD Transaction(ISO14443) - (Salvador Mendoza)");
35 }
36
37 /* This standalone implements two different modes: reading and emulating.
38 *
39 * The initial mode is reading with LED A as guide.
40 * In this mode, the Proxmark3 expects a Visa Card,
41 * and will act as card reader. Trying to find track 2.
42 *
43 * If the Proxmark3 found a track 2, it will change to emulation mode (LED C) automatically.
44 * During this mode the Proxmark3 will behave as card, emulating a Visa MSD transaction
45 * using the pre-saved track2 from the previous reading.
46 *
47 * It is possible to jump from mode to another by simply pressing the button.
48 * However, to jump from reading to emulation mode, the LED C as to be on, which
49 * means having a track 2 in memory.
50 *
51 * Keep pressing the button down will quit the standalone cycle.
52 *
53 * LEDs:
54 * LED A = in reading mode
55 * LED C = in emulation(a track 2 in memory) mode
56 * LED A + LED C = in reading mode, but you can jump back to emulation mode by pressing the button
57 * LED B = receiving/sending commands, activity
58 *
59 *
60 * Reading or emulating ISO-14443A technology is not limited to payment cards. This example
61 * was not only designed to make a replay attack, but to open new possibilities in the ISO-14443A
62 * technologies. Be brave enough to share your knowledge & inspire others. Salvador Mendoza.
63 */
64
65 // Default GET PROCESSING
66 static uint8_t ppdol [255] = {0x80, 0xA8, 0x00, 0x00, 0x02, 0x83, 0x00};
67
68 // Generate GET PROCESSING
69 static uint8_t treatPDOL(const uint8_t *apdu) {
70
71 uint8_t plen = 7;
72
73 // PDOL Format: 80 A8 00 00 + (PDOL Length+2) + 83 + PDOL Length + PDOL + 00
74 for (uint8_t i = 1; i <= apdu[0]; i++) { // Magic stuff, the generation order is important
75 if (apdu[i] == 0x9F && apdu[i + 1] == 0x66) { // Terminal Transaction Qualifiers
76 ppdol[plen] = 0xF6;
77 ppdol[plen + 1] = 0x20;
78 ppdol[plen + 2] = 0xC0;
79 ppdol[plen + 3] = 0x00;
80 plen += 4;
81 i += 2;
82 } else if (apdu[i] == 0x9F && apdu[i + 1] == 0x1A) { // Terminal Country Code
83 ppdol[plen] = 0x9F;
84 ppdol[plen + 1] = 0x1A;
85 plen += 2;
86 i += 2;
87 } else if (apdu[i] == 0x5F && apdu[i + 1] == 0x2A) { // Transaction Currency Code
88 ppdol[plen] = 0x5F;
89 ppdol[plen + 1] = 0x2A;
90 plen += 2;
91 i += 2;
92 } else if (apdu[i] == 0x9A) { // Transaction Date
93 ppdol[plen] = 0x9A;
94 ppdol[plen + 1] = 0x9A;
95 ppdol[plen + 2] = 0x9A;
96 plen += 3;
97 i += 1;
98 } else if (apdu[i] == 0x95) { // Terminal Verification Results
99 ppdol[plen] = 0x95;
100 ppdol[plen + 1] = 0x95;
101 ppdol[plen + 2] = 0x95;
102 ppdol[plen + 3] = 0x95;
103 ppdol[plen + 4] = 0x95;
104 plen += 5;
105 i += 1;
106 } else if (apdu[i] == 0x9C) { // Transaction Type
107 ppdol[plen] = 0x9C;
108 plen += 1;
109 i += 1;
110 } else if (apdu[i] == 0x9F && apdu[i + 1] == 0x37) { // Unpredictable Number
111 ppdol[plen] = 0x9F;
112 ppdol[plen + 1] = 0x37;
113 ppdol[plen + 2] = 0x9F;
114 ppdol[plen + 3] = 0x37;
115 plen += 4;
116 i += 2;
117 } else { // To the others, add "0" to complete the format depending on its range
118 uint8_t u = apdu[i + 2];
119 while (u > 0) {
120 ppdol[plen] = 0;
121 plen += 1;
122 u--;
123 }
124 i += 2;
125 }
126 }
127 ppdol[4] = (plen + 2) - 7; // Length of PDOL + 2
128 ppdol[6] = plen - 7; // Real length
129 plen++; // +1 because the last 0
130 ppdol[plen] = 0x00; // Add the last 0 to the challenge
131 return plen;
132 }
133
134 void RunMod(void) {
135 StandAloneMode();
136 DbpString("");
137 DbpString(_YELLOW_(">>>") " Reading VISA cards & Emulating a VISA MSD Transaction a.k.a. MSDSal Started " _YELLOW_("<<<"));
138 DbpString("");
139 FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
140
141 // free eventually allocated BigBuf memory but keep Emulator Memory
142 // also sets HIGH pointer of BigBuf enabling us to malloc w/o fiddling w the reserved emulator memory
143 BigBuf_free_keep_EM();
144
145 //For reading process
146 iso14a_card_select_t card_a_info;
147
148 uint8_t apdubuffer[MAX_FRAME_SIZE] = { 0x00 };
149
150 //Specific for Visa cards: select ppse, select Visa AID, GET PROCESSING, SFI
151 uint8_t ppse[20] = {
152 0x00, 0xA4, 0x04, 0x00, 0x0e, 0x32, 0x50, 0x41,
153 0x59, 0x2e, 0x53, 0x59, 0x53, 0x2e, 0x44, 0x44,
154 0x46, 0x30, 0x31, 0x00
155 };
156
157 uint8_t visa[] = { 0x00, 0xA4, 0x04, 0x00, 0x07, 0xa0, 0x00, 0x00, 0x00, 0x03, 0x10, 0x10, 0x00 };
158
159
160 /*
161 uint8_t select_aid_hdr[5] = { 0x00, 0xA4, 0x04, 0x00, 0x00 };
162 static const char* aid_list [] = {
163 "A00000000305076010", // VISA ELO Credit
164 "A0000000031010", // VISA Debit/Credit (Classic)
165 "A000000003101001", // VISA Credit
166 "A000000003101002", // VISA Debit
167 "A0000000032010", // VISA Electron
168 "A0000000032020", // VISA
169 "A0000000033010", // VISA Interlink
170 "A0000000034010", // VISA Specific
171 "A0000000035010", // VISA Specific
172 "A0000000036010", // Domestic Visa Cash Stored Value
173 "A0000000036020", // International Visa Cash Stored Value
174 "A0000000038002", // VISA Auth, VisaRemAuthen EMV-CAP (DPA)
175 "A0000000038010", // VISA Plus
176 "A0000000039010", // VISA Loyalty
177 "A000000003999910", // VISA Proprietary ATM
178 "A000000098", // Visa USA Debit Card
179 "A0000000980848", // Visa USA Debit Cardv
180 };
181 */
182
183 uint8_t processing [8] = {0x80, 0xA8, 0x00, 0x00, 0x02, 0x83, 0x00, 0x00};
184 uint8_t sfi[5] = {0x00, 0xb2, 0x01, 0x0c, 0x00};
185
186 uint8_t *apdus[4] = {ppse, visa, processing, sfi};
187 uint8_t apduslen[4] = { sizeof(ppse), sizeof(visa), sizeof(processing), sizeof(sfi)};
188
189 uint8_t pdol[50], plen = 8;
190
191 bool existpdol;
192
193 // - MSD token card format -
194 //
195 // Card number.............. 4412 3456 0578 1234
196 // Expiration date.......... 17/11
197 // Service code............. 201
198 // Discretionary data....... 0000030000991
199 // Pin verification value... 0000
200 // CVV / iCvv............... 030
201 // Trailing................. 000991
202
203 // 44 12 34 56 05 78 12 34 D 1711 2 01 00 00 03 00 00 99 1
204 // char token[19] = {0x44,0x12,0x34,0x56,0x05,0x78,0x12,0x34,0xd1,0x71,0x12,0x01,0x00,0x00,0x03,0x00,0x00,0x99,0x1f};
205 //
206 // It is possible to initialize directly the emulation mode, having "token" with data and set "chktoken" = true ;)
207 //
208 char token[19] = {0x00};
209 bool chktoken = false;
210
211 // UID 4 bytes(could be 7 bytes if needed it)
212 uint8_t flags = 0;
213 FLAG_SET_UID_IN_DATA(flags, 4);
214 // in case there is a read command received we shouldn't break
215 uint8_t data[PM3_CMD_DATA_SIZE] = {0x00};
216
217 uint8_t visauid[7] = {0xE9, 0x66, 0x5D, 0x20};
218 memcpy(data, visauid, 4);
219
220 // to initialize the emulation
221 tag_response_info_t *responses;
222
223 uint32_t cuid = 0;
224
225 // command buffers
226 uint8_t receivedCmd[MAX_FRAME_SIZE] = { 0x00 };
227 uint8_t receivedCmdPar[MAX_PARITY_SIZE] = { 0x00 };
228
229
230 // Allocate 512 bytes for the dynamic modulation, created when the reader queries for it
231 // Such a response is less time critical, so we can prepare them on the fly
232 #define DYNAMIC_RESPONSE_BUFFER_SIZE 64
233 #define DYNAMIC_MODULATION_BUFFER_SIZE 512
234
235 uint8_t dynamic_response_buffer[DYNAMIC_RESPONSE_BUFFER_SIZE] = {0};
236 uint8_t dynamic_modulation_buffer[DYNAMIC_MODULATION_BUFFER_SIZE] = {0};
237 // to know the transaction status
238 uint8_t prevCmd = 0;
239
240 // handler - command responses
241 tag_response_info_t dynamic_response_info = {
242 .response = dynamic_response_buffer,
243 .response_n = 0,
244 .modulation = dynamic_modulation_buffer,
245 .modulation_n = 0
246 };
247
248 // States for standalone
249 #define STATE_READ 0
250 #define STATE_EMU 1
251
252 uint8_t state = STATE_READ;
253
254 // Checking if the user wants to go directly to emulation mode using a hardcoded track 2
255 if (chktoken == true && token[0] != 0x00) {
256 state = STATE_EMU;
257 DbpString("Initialized [ " _BLUE_("emulation mode") " ]");
258 DbpString("Waiting for a card reader...");
259 } else {
260 DbpString("Initialized [ " _YELLOW_("reading mode") " ]");
261 DbpString("Waiting for a VISA card...");
262 }
263
264 for (;;) {
265 WDT_HIT();
266
267 // exit from RunMod, send a usbcommand.
268 if (data_available()) break;
269
270 // Was our button held down or pressed?
271 int button_pressed = BUTTON_HELD(1000);
272
273
274 if (button_pressed == BUTTON_HOLD) {
275 break;
276 } else if (button_pressed == BUTTON_SINGLE_CLICK) {
277 // pressing one time change between reading & emulation
278 if (state == STATE_READ) {
279 if (chktoken == true && token[0] != 0x00) {
280 // only change to emulation if it saved a track 2 in memory
281 state = STATE_EMU;
282 DbpString("[ " _BLUE_("Emulation mode") " ]");
283 } else
284 DbpString(_YELLOW_("Nothing in memory to emulate"));
285 } else {
286 state = STATE_READ;
287 DbpString("[ " _YELLOW_("Reading mode") " ]");
288 }
289 }
290
291 SpinDelay(500);
292
293 if (state == STATE_READ) {
294 LED_A_ON();
295 if (chktoken) {
296 LED_C_ON();
297 }
298
299 iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD);
300
301 if (iso14443a_select_card(NULL, &card_a_info, NULL, true, 0, false)) {
302
303 for (uint8_t i = 0; i < 4; i++) {
304 chktoken = false;
305 LED_C_OFF();
306 LED_B_ON();
307
308 // add loop visa
309 // for (int i = 0; i < ARRAYLEN(AIDlist); i ++) {
310 // hexstr_to_byte_array("a0da02631a440a44000000a012ad10a00e800200048108", sam_apdu, &sam_len);
311 uint8_t apdulen = iso14_apdu(apdus[i], (uint16_t) apduslen[i], false, apdubuffer, sizeof(apdubuffer), NULL);
312
313 if (apdulen > 0) {
314 DbpString("[ " _YELLOW_("Proxmark command") " ]");
315 Dbhexdump(apduslen[i], apdus[i], false);
316 DbpString("[ " _GREEN_("Card answer") " ]");
317 Dbhexdump(apdulen - 2, apdubuffer, false);
318 DbpString("-------------------------------");
319
320 for (uint8_t u = 0; u < apdulen; u++) {
321 if (i == 1) {
322
323 // check for PDOL
324 if (apdubuffer[u] == 0x9F && apdubuffer[u + 1] == 0x38) {
325
326 for (uint8_t e = 0; e <= apdubuffer[u + 2]; e++) {
327 pdol[e] = apdubuffer[u + e + 2];
328 }
329
330 // generate a challenge
331 plen = treatPDOL(pdol);
332 apdus[2] = ppdol;
333 apduslen[2] = plen;
334 existpdol = true;
335 }
336 } else if (i == 3) {
337
338 // find track 2
339 if (apdubuffer[u] == 0x57 && apdubuffer[u + 1] == 0x13 && !chktoken) {
340 chktoken = true;
341 memcpy(&token, &apdubuffer[u + 2], 19);
342 break;
343 }
344 }
345 }
346
347 if (i == 1) {
348 DbpString("[ "_GREEN_("Challenge generated") " ]");
349 Dbhexdump(plen, existpdol ? ppdol : processing, false);
350 }
351 } else {
352 DbpString(_RED_("Error reading the card"));
353 }
354 LED_B_OFF();
355 }
356
357 if (chktoken) {
358 DbpString("[ " _GREEN_("Track 2") " ]");
359 Dbhexdump(19, (uint8_t *)token, false);
360 DbpString("[ " _GREEN_("Card Number") " ]");
361 Dbhexdump(8, (uint8_t *)token, false);
362 DbpString("-------------------------------");
363 DbpString("");
364 DbpString("");
365 LED_C_ON();
366 state = STATE_EMU;
367 DbpString("Initialized [ " _BLUE_("emulation mode") " ]");
368 DbpString("Waiting for a card reader...");
369 }
370 }
371 FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
372 LED_D_OFF();
373
374 } else if (state == STATE_EMU) {
375 LED_A_OFF();
376 LED_C_ON();
377
378 // free eventually allocated BigBuf memory but keep Emulator Memory
379 BigBuf_free_keep_EM();
380
381 // tag type: 11 = ISO/IEC 14443-4 - javacard (JCOP)
382 if (SimulateIso14443aInit(11, flags, data, NULL, 0, &responses, &cuid, NULL, NULL, NULL) == false) {
383 BigBuf_free_keep_EM();
384 reply_ng(CMD_HF_MIFARE_SIMULATE, PM3_EINIT, NULL, 0);
385 DbpString(_RED_("Error initializing the emulation process!"));
386 SpinDelay(500);
387 state = STATE_READ;
388 DbpString("Initialized [ "_YELLOW_("reading mode") " ]");
389 DbpString("Waiting for a VISA card...");
390 continue;
391 }
392
393 // We need to listen to the high-frequency, peak-detected path.
394 iso14443a_setup(FPGA_HF_ISO14443A_TAGSIM_LISTEN);
395
396 // command length
397 int len = 0;
398 // to check emulation status
399 int retval = PM3_SUCCESS;
400 bool odd_reply = true;
401
402 clear_trace();
403 set_tracing(true);
404
405 for (;;) {
406 LED_B_OFF();
407 // clean receive command buffer
408 if (GetIso14443aCommandFromReader(receivedCmd, sizeof(receivedCmd), receivedCmdPar, &len) == false) {
409 DbpString("Emulator stopped");
410 retval = PM3_EOPABORTED;
411 break;
412 }
413
414 tag_response_info_t *p_response = NULL;
415 LED_B_ON();
416
417 // dynamic_response_info will be in charge of responses
418 dynamic_response_info.response_n = 0;
419
420 //Dbprintf("receivedCmd: %02x\n", receivedCmd);
421 // received a REQUEST
422 if (receivedCmd[0] == ISO14443A_CMD_REQA && len == 1) {
423 odd_reply = !odd_reply;
424 if (odd_reply) {
425 p_response = &responses[RESP_INDEX_ATQA];
426 }
427
428 // received a HALT
429 } else if (receivedCmd[0] == ISO14443A_CMD_HALT && len == 4) {
430 p_response = NULL;
431
432 // received a WAKEUP
433 } else if (receivedCmd[0] == ISO14443A_CMD_WUPA && len == 1) {
434 prevCmd = 0;
435 p_response = &responses[RESP_INDEX_ATQA];
436
437 // received request for UID (cascade 1)
438 } else if (receivedCmd[1] == 0x20 && receivedCmd[0] == ISO14443A_CMD_ANTICOLL_OR_SELECT && len == 2) {
439 p_response = &responses[RESP_INDEX_UIDC1];
440
441 // received a SELECT (cascade 1)
442 } else if (receivedCmd[1] == 0x70 && receivedCmd[0] == ISO14443A_CMD_ANTICOLL_OR_SELECT && len == 9) {
443 p_response = &responses[RESP_INDEX_SAKC1];
444
445 // received a RATS request
446 } else if (receivedCmd[0] == ISO14443A_CMD_RATS && len == 4) {
447 prevCmd = 0;
448 p_response = &responses[RESP_INDEX_RATS];
449
450 } else {
451 if (g_dbglevel == DBG_DEBUG) {
452 DbpString("[ "_YELLOW_("Card reader command") " ]");
453 Dbhexdump(len, receivedCmd, false);
454 }
455
456 // emulate a Visa MSD (Magnetic stripe data) card
457 if (receivedCmd[0] == 0x02 || receivedCmd[0] == 0x03) {
458 dynamic_response_info.response[0] = receivedCmd[0];
459
460 // depending on card reader commands, the Proxmark will answer to fool the reader
461 // respond with PPSE
462 if (receivedCmd[2] == 0xA4 && receivedCmd[6] == 0x32 && prevCmd == 0) {
463 // need to adapt lengths..
464 uint8_t ppsea[39] = {
465 // 0x23 = 35, skip two first bytes then the message - SW 2 is 35 = 0x23
466 0x6F, 0x23, 0x84, 0x0E, 0x32, 0x50, 0x41, 0x59,
467 0x2E, 0x53, 0x59, 0x53, 0x2E, 0x44, 0x44, 0x46,
468 0x30, 0x31, 0xA5, 0x11, 0xBF, 0x0C, 0x0E, 0x61,
469 0x0C, 0x4F,
470 // len aid0 aid1 aid2...
471 0x07, 0xA0, 0x00, 0x00, 0x00, 0x03, 0x10, 0x10,
472 0x87, 0x01, 0x01, 0x90, 0x00
473 };
474 memcpy(&dynamic_response_info.response[1], ppsea, sizeof(ppsea));
475 dynamic_response_info.response_n = sizeof(ppsea) + 1;
476 prevCmd++;
477
478 // respond Visa AID
479 } else if (receivedCmd[2] == 0xA4 && receivedCmd[10] == 0x03 && receivedCmd[11] == 0x10 && prevCmd == 1) {
480 uint8_t visauid_long[34] = {
481 // 0x1E = 30, skip two first bytes then the message - SW 2 is 30 = 0x1E
482 0x6F, 0x1E, 0x84,
483 // len aid0 aid1 aid2....
484 0x07, 0xA0, 0x00, 0x00, 0x00, 0x03, 0x10, 0x10,
485 0xA5, 0x13, 0x50,
486 // len V I S A C R E D I T
487 0x0B, 0x56, 0x49, 0x53, 0x41, 0x20, 0x43, 0x52, 0x45, 0x44, 0x49, 0x54,
488 0x9F, 0x38, 0x03, 0x9F, 0x66, 0x02,
489 0x90, 0x00
490 };
491 memcpy(&dynamic_response_info.response[1], visauid_long, sizeof(visauid_long));
492 dynamic_response_info.response_n = sizeof(visauid_long) + 1;
493 prevCmd++;
494
495 // GET PROCESSING
496 } else if (receivedCmd[1] == 0x80 && receivedCmd[2] == 0xA8 && receivedCmd[6] == 0x83 && prevCmd == 2) {
497 uint8_t processing_long[10] = {0x80, 0x06, 0x00, 0x80, 0x08, 0x01, 0x01, 0x00, 0x90, 0x00};
498 memcpy(&dynamic_response_info.response[1], processing_long, sizeof(processing_long));
499 dynamic_response_info.response_n = sizeof(processing_long) + 1;
500 prevCmd++;
501
502 // SFI
503 } else if (receivedCmd[1] == 0x00 && receivedCmd[2] == 0xB2 && prevCmd == 3) {
504 uint8_t card[25] = {
505 0x70, 0x15, 0x57, 0x13, 0x00, 0x00, 0x00, 0x00,
506 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
507 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
508 0x90, 0x00
509 };
510 // add token array == Track 2 found before
511 memcpy(&card[4], token, sizeof(token));
512
513 memcpy(&dynamic_response_info.response[1], card, sizeof(card));
514 dynamic_response_info.response_n = sizeof(card) + 1;
515 prevCmd++;
516
517 } else {
518 uint8_t finished[2] = {0x6F, 0x00};
519 memcpy(&dynamic_response_info.response[1], finished, sizeof(finished));
520 dynamic_response_info.response_n = sizeof(finished) + 1;
521 if (prevCmd == 5) {
522 prevCmd = 0;
523 }
524 }
525 } else {
526 DbpString(_RED_("Received unknown command!"));
527 if (prevCmd < 4) {
528 memcpy(dynamic_response_info.response, receivedCmd, len);
529 dynamic_response_info.response_n = len;
530 } else {
531 dynamic_response_info.response_n = 0;
532 }
533 }
534 }
535
536 if (dynamic_response_info.response_n > 0) {
537 DbpString("[ " _GREEN_("Proxmark3 answer") " ]");
538 Dbhexdump(dynamic_response_info.response_n, dynamic_response_info.response, false);
539 DbpString("----");
540
541 // add CRC bytes, always used in ISO 14443A-4 compliant cards
542 AddCrc14A(dynamic_response_info.response, dynamic_response_info.response_n);
543 dynamic_response_info.response_n += 2;
544
545 if (prepare_tag_modulation(&dynamic_response_info, DYNAMIC_MODULATION_BUFFER_SIZE) == false) {
546 SpinDelay(500);
547 DbpString(_RED_("Error preparing Proxmark to answer!"));
548 continue;
549 }
550 p_response = &dynamic_response_info;
551 }
552
553 if (p_response != NULL) {
554 EmSendPrecompiledCmd(p_response);
555 }
556 }
557
558 switch_off();
559 set_tracing(false);
560 BigBuf_free_keep_EM();
561 reply_ng(CMD_HF_MIFARE_SIMULATE, retval, NULL, 0);
562 }
563 }
564 DbpString("Exit standalone mode!");
565 DbpString("");
566 SpinErr(15, 200, 3);
567 LEDsoff();
568 }
Proxmark3 - the RFID research Swiss army knife. Iceman firmware