search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'master' of github.com:RfidResearchGroup/proxmark3
[RRG-proxmark3.git] / pm3
blobcd7b56b52eaea2ee81be255789dcac9809b6fd94
1 #!/usr/bin/env bash
2
3 # Usage: run option -h to get help
4
5 # BT auto detection
6 # Shall we look for white HC-06-USB dongle ?
7 FINDBTDONGLE=true
8 # Shall we look for rfcomm interface ?
9 FINDBTRFCOMM=true
10 # Shall we look for registered BT device ? (Linux only)
11 FINDBTDIRECT=true
12
13 PM3PATH=$(dirname "$0")
14 EVALENV=""
15 FULLIMAGE="fullimage.elf"
16 BOOTIMAGE="bootrom.elf"
17
18 #Skip check if --list is used
19 if [ ! "$1" == "--list" ]; then
20 # try pm3 dirs in current repo workdir
21 if [ -d "$PM3PATH/client/" ]; then
22 if [ -x "$PM3PATH/client/proxmark3" ]; then
23 CLIENT="$PM3PATH/client/proxmark3"
24 elif [ -x "$PM3PATH/client/build/proxmark3" ]; then
25 CLIENT="$PM3PATH/client/build/proxmark3"
26 else
27 echo >&2 "[!!] In devel workdir but no executable found, did you compile it?"
28 exit 1
29 fi
30 # Devel mode: point to workdir pm3.py module
31 EVALENV+=" PYTHONPATH=$PM3PATH/client/src"
32 # try install dir
33 elif [ -x "$PM3PATH/proxmark3" ]; then
34 CLIENT="$PM3PATH/proxmark3"
35 EVALENV+=" PYTHONPATH=$PM3PATH/../share/proxmark3/pyscripts/"
36 # or /usr/[local/]lib/python3/dist-packages/pm3.py ?
37 else
38 # hope it's installed somehow, still not sure where fw images and pm3.py are...
39 CLIENT="proxmark3"
40 fi
41 fi
42
43 # LeakSanitizer suppressions
44 if [ -e .lsan_suppressions ]; then
45 EVALENV+=" LSAN_OPTIONS=suppressions=.lsan_suppressions"
46 fi
47 if [ "$EVALENV" != "" ]; then
48 EVALENV="export $EVALENV"
49 fi
50 PM3LIST=()
51 SHOWLIST=false
52
53 function get_pm3_list_Linux {
54 N=$1
55 PM3LIST=()
56 if [ ! -c "/dev/tty0" ]; then
57 echo >&2 "[!!] Script cannot access /dev/ttyXXX files, insufficient privileges"
58 exit 1
59 fi
60 for DEV in $(find /dev/ttyACM* 2>/dev/null); do
61 if which udevadm >/dev/null; then
62 if udevadm info -q property -n "$DEV" | grep -q "ID_VENDOR=proxmark.org"; then
63 PM3LIST+=("$DEV")
64 if [ ${#PM3LIST[*]} -ge "$N" ]; then
65 return
66 fi
67 fi
68 else
69 if grep -q "proxmark.org" "/sys/class/tty/${DEV#/dev/}/../../../manufacturer" 2>/dev/null; then
70 PM3LIST+=("$DEV")
71 if [ ${#PM3LIST[*]} -ge "$N" ]; then
72 return
73 fi
74 fi
75 fi
76 done
77 if $FINDBTDONGLE; then
78 # check if the HC-06-USB white dongle is present (still, that doesn't tell us if it's paired with a Proxmark3...)
79 for DEV in $(find /dev/ttyUSB* 2>/dev/null); do
80 if which udevadm >/dev/null; then
81 if udevadm info -q property -n "$DEV" | grep -q "ID_MODEL=CP2104_USB_to_UART_Bridge_Controller"; then
82 PM3LIST+=("$DEV")
83 if [ ${#PM3LIST[*]} -ge "$N" ]; then
84 return
85 fi
86 fi
87 else
88 if grep -q "DRIVER=cp210x" "/sys/class/tty/${DEV#/dev/}/../../uevent" 2>/dev/null; then
89 PM3LIST+=("$DEV")
90 if [ ${#PM3LIST[*]} -ge "$N" ]; then
91 return
92 fi
93 fi
94 fi
95 done
96 fi
97 if $FINDBTRFCOMM; then
98 # check if the MAC of a Proxmark3 was bound to a local rfcomm interface
99 # (on OSes without deprecated rfcomm and hcitool, the loop will be simply skipped)
100 for DEVMAC in $(rfcomm -a 2>/dev/null | grep " 20:19:0[45]" | sed 's/^\(.*\): \([0-9:]*\) .*/\1@\2/'); do
101 DEV=${DEVMAC/@*/}
102 MAC=${DEVMAC/*@/}
103 # check which are Proxmark3 and, side-effect, if they're actually present
104 if hcitool name "$MAC" | grep -q "PM3"; then
105 PM3LIST+=("/dev/$DEV")
106 if [ ${#PM3LIST[*]} -ge "$N" ]; then
107 return
108 fi
109 fi
110 done
111 fi
112 if $FINDBTDIRECT; then
113 # check if the MAC of a Proxmark3 was registered in the known devices
114 for MAC in $(dbus-send --system --print-reply --type=method_call --dest='org.bluez' '/' org.freedesktop.DBus.ObjectManager.GetManagedObjects 2>/dev/null|\
115 awk '/"Address"/{getline;gsub(/"/,"",$3);a=$3}/Name/{getline;if (/PM3_RDV4/) print a}'); do
116 PM3LIST+=("bt:$MAC")
117 done
118 # we don't probe the device so there is no guarantee the device is actually present
119 fi
120 }
121
122 function get_pm3_list_macOS {
123 N=$1
124 PM3LIST=()
125 for DEV in $(ioreg -r -c "IOUSBHostDevice" -l | awk -F '"' '
126 $2=="USB Vendor Name"{b=($4=="proxmark.org")}
127 b==1 && $2=="IODialinDevice"{print $4}'); do
128 PM3LIST+=("$DEV")
129 if [ ${#PM3LIST[*]} -ge "$N" ]; then
130 return
131 fi
132 done
133 }
134
135 function get_pm3_list_Windows {
136 N=$1
137 PM3LIST=()
138 # Need to look for this first, the call to Win32_serialport "crashes" then native bt serial port. Don't ask why.
139 #BT direct SERIAL PORTS (COM)
140 if $FINDBTRFCOMM; then
141 for DEV in $(wmic /locale:ms_409 path Win32_PnPEntity Where "Caption LIKE '%Bluetooth%(COM%'" Get Name 2> /dev/null | awk -b 'match($0,/(COM[0-9]+)/,m){print m[1]}'); do
142 DEV=${DEV/ */}
143 PM3LIST+=("$DEV")
144 if [ ${#PM3LIST[*]} -ge "$N" ]; then
145 return
146 fi
147 done
148 fi
149
150 # Normal SERIAL PORTS (COM)
151 for DEV in $(wmic /locale:ms_409 path Win32_SerialPort Where "PNPDeviceID LIKE '%VID_9AC4&PID_4B8F%' Or PNPDeviceID LIKE '%VID_2D2D&PID_504D%'" Get DeviceID 2>/dev/null | awk -b '/^COM/{print $1}'); do
152 DEV=${DEV/ */}
153 #prevent soft bricking when using pm3-flash-all on an outdated bootloader
154 if [ $(basename -- "$0") = "pm3-flash-all" ]; then
155 if [ ! $(wmic /locale:ms_409 path Win32_SerialPort Where "DeviceID='$DEV'" Get PNPDeviceID 2>/dev/null | awk -b '/^USB/{print $1}') = "USB\VID_9AC4&PID_4B8F\ICEMAN" ]; then
156 echo -e "\033[0;31m[!] Using pm3-flash-all on an oudated bootloader, use pm3-flash-bootrom first!"
157 exit 1
158 fi
159 fi
160 #Prioritise USB connections
161 PM3LIST=("$DEV" "${PM3LIST[@]}")
162 if [ ${#PM3LIST[*]} -ge "$N" ]; then
163 return
164 fi
165 done
166
167 #white BT dongle SERIAL PORTS (COM)
168 if $FINDBTDONGLE; then
169 for DEV in $(wmic /locale:ms_409 path Win32_SerialPort Where "PNPDeviceID LIKE '%VID_10C4&PID_EA60%'" Get DeviceID 2>/dev/null | awk -b '/^COM/{print $1}'); do
170 DEV=${DEV/ */}
171 PM3LIST+=("$DEV")
172 if [ ${#PM3LIST[*]} -ge "$N" ]; then
173 return
174 fi
175 done
176 fi
177 }
178
179 function get_pm3_list_WSL {
180 N=$1
181 PM3LIST=()
182
183 # Need to look for this first, the call to Win32_serialport "crashes" then native bt serial port. Don't ask why.
184 #BT direct SERIAL PORTS (COM)
185 if $FINDBTRFCOMM; then
186 for DEV in $($PSHEXE -command "Get-CimInstance -ClassName Win32_PnPEntity | Where-Object Caption -like 'Standard Serial over Bluetooth link (COM*' | Select Name" 2> /dev/null | sed -nr 's#.*\bCOM([0-9]+)\b.*#/dev/ttyS\1#p'); do
187 # ttyS counterpart takes some more time to appear
188 if [ -e "$DEV" ]; then
189 PM3LIST+=("$DEV")
190 if [ ! -w "$DEV" ]; then
191 echo "[!] Let's give users read/write access to $DEV"
192 sudo chmod 666 "$DEV"
193 fi
194 if [ ${#PM3LIST[*]} -ge "$N" ]; then
195 return
196 fi
197 fi
198
199 done
200 fi
201
202 # Normal SERIAL PORTS (COM)
203 for DEV in $($PSHEXE -command "Get-CimInstance -ClassName Win32_serialport | Where-Object {\$_.PNPDeviceID -like '*VID_9AC4&PID_4B8F*' -or \$_.PNPDeviceID -like '*VID_2D2D&PID_504D*'} | Select -expandproperty DeviceID" 2>/dev/null | tr -dc '[:print:]'); do
204 _comport=$DEV
205 DEV=$(echo $DEV | sed -nr 's#^COM([0-9]+)\b#/dev/ttyS\1#p')
206 # ttyS counterpart takes some more time to appear
207 if [ -e "$DEV" ]; then
208 #prevent soft bricking when using pm3-flash-all on an outdated bootloader
209 if [ $(basename -- "$0") = "pm3-flash-all" ]; then
210 if [ ! $($PSHEXE -command "Get-CimInstance -ClassName Win32_serialport | Where-Object {\$_.DeviceID -eq '$_comport'} | Select -expandproperty PNPDeviceID" 2>/dev/null | tr -dc '[:print:]') = "USB\VID_9AC4&PID_4B8F\ICEMAN" ]; then
211 echo -e "\033[0;31m[!] Using pm3-flash-all on an oudated bootloader, use pm3-flash-bootrom first!"
212 exit 1
213 fi
214 fi
215 #Prioritise USB connections
216 PM3LIST=("$DEV" "${PM3LIST[@]}")
217 if [ ! -w "$DEV" ]; then
218 echo "[!] Let's give users read/write access to $DEV"
219 sudo chmod 666 "$DEV"
220 fi
221 if [ ${#PM3LIST[*]} -ge "$N" ]; then
222 return
223 fi
224 fi
225 done
226
227 #white BT dongle SERIAL PORTS (COM)
228 if $FINDBTDONGLE; then
229 for DEV in $($PSHEXE -command "Get-CimInstance -ClassName Win32_serialport | Where-Object PNPDeviceID -like '*VID_10C4&PID_EA60*' | Select DeviceID" 2>/dev/null | sed -nr 's#^COM([0-9]+)\b#/dev/ttyS\1#p'); do
230 # ttyS counterpart takes some more time to appear
231 if [ -e "$DEV" ]; then
232 PM3LIST+=("$DEV")
233 if [ ! -w "$DEV" ]; then
234 echo "[!] Let's give users read/write access to $DEV"
235 sudo chmod 666 "$DEV"
236 fi
237 if [ ${#PM3LIST[*]} -ge "$N" ]; then
238 return
239 fi
240 fi
241
242 done
243 fi
244 }
245
246 SCRIPT=$(basename -- "$0")
247
248 if [ "$SCRIPT" = "pm3" ]; then
249 CMD() { eval "$EVALENV"; $CLIENT "$@"; }
250 HELP() {
251 cat << EOF
252
253 Quick helper script for proxmark3 client when working with a Proxmark3 device
254
255 Description:
256 The usage is the same as for the proxmark3 client, with the following differences:
257 * the correct port name will be automatically guessed;
258 * the script will wait for a Proxmark to be connected (same as option -w of the client).
259 You can also specify a first option -n N to access the Nth Proxmark3 connected.
260 Don't use this script if you want to work offline.
261 To see a list of available ports, use --list.
262
263 Usage:
264 $SCRIPT [-n <N>] [-f] [-c <command>]|[-l <lua_script_file>]|[-s <cmd_script_file>] [-i]
265 $SCRIPT [--list] [--help]
266
267
268 Arguments:
269 --help this help
270 --list list all detected com ports
271 -n <N> connect device refered to the N:th number on the --list output
272 -c 'cmd' execute the pm3 cmd in client and exit afterwards
273 -i interactive, stay in client after executing a cmd or script
274 -s 'script' execute a cmd script file and exit afterwards
275 -l 'luascript' execute a lua script file and exit afterwards
276 -w wait
277 -p <port> specifiy which port to connect to
278
279
280 Samples:
281 ./$SCRIPT -- Auto detect/ select com port in the following order BT, USB/CDC, BT DONGLE
282 ./$SCRIPT -p /dev/ttyACM0 -- connect to port /dev/ttyACM0
283 ./$SCRIPT -n 2 -- use second item from the --list output
284 ./$SCRIPT -c 'lf search' -i -- run command and stay in client once completed
285
286
287 EOF
288 }
289 elif [ "$SCRIPT" = "pm3-flash" ]; then
290 FINDBTDONGLE=false
291 FINDBTRFCOMM=false
292 FINDBTDIRECT=false
293 CMD() {
294 ARGS=("--port" "$1" "--flash")
295 shift;
296 while [ "$1" != "" ]; do
297 if [ "$1" == "-b" ]; then
298 ARGS+=("--unlock-bootloader")
299 else
300 ARGS+=("--image" "$1")
301 fi
302 shift;
303 done
304 $CLIENT "${ARGS[@]}";
305 }
306 HELP() {
307 cat << EOF
308 Quick helper script for flashing a Proxmark device via USB
309
310 Description:
311 The usage is similar to the old proxmark3-flasher binary, except that the correct port name will be automatically guessed.
312 You can also specify a first option -n N to access the Nth Proxmark3 connected on USB.
313 If this doesn't work, you'll have to use manually the proxmark3 client, see "$CLIENT -h".
314 To see a list of available ports, use --list.
315
316 Usage:
317 $SCRIPT [-n <N>] [-b] image.elf [image.elf...]
318 $SCRIPT --list
319
320 Options:
321 -b Enable flashing of bootloader area (DANGEROUS)
322
323 Example:
324 $SCRIPT -b bootrom.elf fullimage.elf
325 EOF
326 }
327 elif [ "$SCRIPT" = "pm3-flash-all" ]; then
328 FINDBTDONGLE=false
329 FINDBTRFCOMM=false
330 FINDBTDIRECT=false
331 CMD() { $CLIENT "--port" "$1" "--flash" "--unlock-bootloader" "--image" "$BOOTIMAGE" "--image" "$FULLIMAGE"; }
332 HELP() {
333 cat << EOF
334 Quick helper script for flashing a Proxmark device via USB
335
336 Description:
337 The correct port name will be automatically guessed and the stock bootloader and firmware image will be flashed.
338 You can also specify a first option -n N to access the Nth Proxmark3 connected on USB.
339 If this doesn't work, you'll have to use manually the proxmark3 client, see "$CLIENT -h".
340 To see a list of available ports, use --list.
341
342 Usage:
343 $SCRIPT [-n <N>]
344 $SCRIPT --list
345 EOF
346 }
347 elif [ "$SCRIPT" = "pm3-flash-fullimage" ]; then
348 FINDBTDONGLE=false
349 FINDBTRFCOMM=false
350 FINDBTDIRECT=false
351 CMD() { $CLIENT "--port" "$1" "--flash" "--image" "$FULLIMAGE"; }
352 HELP() {
353 cat << EOF
354 Quick helper script for flashing a Proxmark device via USB
355
356 Description:
357 The correct port name will be automatically guessed and the stock firmware image will be flashed.
358 You can also specify a first option -n N to access the Nth Proxmark3 connected on USB.
359 If this doesn't work, you'll have to use manually the proxmark3 client, see "$CLIENT -h".
360 To see a list of available ports, use --list.
361
362 Usage:
363 $SCRIPT [-n <N>]
364 $SCRIPT --list
365 EOF
366 }
367 elif [ "$SCRIPT" = "pm3-flash-bootrom" ]; then
368 FINDBTDONGLE=false
369 FINDBTRFCOMM=false
370 FINDBTDIRECT=false
371 CMD() { $CLIENT "--port" "$1" "--flash" "--unlock-bootloader" "--image" "$BOOTIMAGE"; }
372 HELP() {
373 cat << EOF
374 Quick helper script for flashing a Proxmark device via USB
375
376 Description:
377 The correct port name will be automatically guessed and the stock bootloader will be flashed.
378 You can also specify a first option -n N to access the Nth Proxmark3 connected on USB.
379 If this doesn't work, you'll have to use manually the proxmark3 client, see "$CLIENT -h".
380 To see a list of available ports, use --list.
381
382 Usage:
383 $SCRIPT [-n <N>]
384 $SCRIPT --list
385 EOF
386 }
387 else
388 echo >&2 "[!!] Script ran under unknown name, abort: $SCRIPT"
389 exit 1
390 fi
391 if [ "$1" == "-h" ] || [ "$1" == "--help" ]; then
392 HELP
393 exit 0
394 fi
395
396 # if a port is already provided, let's just run the command as such
397 for ARG in "$@"; do
398 if [ "$ARG" == "-p" ]; then
399 CMD "$@"
400 exit $?
401 fi
402 done
403
404 if [ "$1" == "--list" ]; then
405 shift
406 if [ "$1" != "" ]; then
407 echo >&2 "[!!] Option --list must be used alone"
408 exit 1
409 fi
410 SHOWLIST=true
411 fi
412
413 # Number of the proxmark3 we're interested in
414 N=1
415 if [ "$1" == "-n" ]; then
416 shift
417 if [ "$1" -ge 1 ] && [ "$1" -lt 10 ]; then
418 N=$1
419 shift
420 else
421 echo >&2 "[!!] Option -n requires a number between 1 and 9, got \"$1\""
422 exit 1
423 fi
424 fi
425
426 HOSTOS=$(uname | awk '{print toupper($0)}')
427 if [ "$HOSTOS" = "LINUX" ]; then
428 if uname -a|grep -q Microsoft; then
429 # First try finding it using the PATH environment variable
430 PSHEXE=$(which powershell.exe 2>/dev/null)
431
432 # If it fails (such as if WSLENV is not set), try using the default installation path
433 if [ -z "$PSHEXE" ]; then
434 PSHEXE=/mnt/c/Windows/System32/WindowsPowerShell/v1.0/powershell.exe
435 fi
436
437 # Finally test if PowerShell is working
438 if ! "$PSHEXE" exit >/dev/null 2>&1; then
439 echo >&2 "[!!] Cannot run powershell.exe, are you sure your WSL is authorized to run Windows processes? (cf WSL interop flag)"
440 exit 1
441 fi
442
443 GETPM3LIST=get_pm3_list_WSL
444 else
445 GETPM3LIST=get_pm3_list_Linux
446 fi
447 elif [ "$HOSTOS" = "DARWIN" ]; then
448 GETPM3LIST=get_pm3_list_macOS
449 elif [[ "$HOSTOS" =~ MINGW(32|64)_NT* ]]; then
450 GETPM3LIST=get_pm3_list_Windows
451 else
452 echo >&2 "[!!] Host OS not recognized, abort: $HOSTOS"
453 exit 1
454 fi
455
456 if $SHOWLIST; then
457 # Probe for up to 9 devs
458 $GETPM3LIST 9
459 if [ ${#PM3LIST} -lt 1 ]; then
460 echo >&2 "[!!] No port found"
461 exit 1
462 fi
463 n=1
464 for DEV in "${PM3LIST[@]}"
465 do
466 echo "$n: $DEV"
467 n=$((n+1))
468 done
469 exit 0
470 fi
471
472 # Wait till we get at least N proxmark3 devices
473 $GETPM3LIST "$N"
474 if [ ${#PM3LIST} -lt "$N" ]; then
475 echo >&2 "[=] Waiting for Proxmark3 to appear..."
476 fi
477 while true; do
478 if [ ${#PM3LIST[*]} -ge "$N" ]; then
479 break
480 fi
481 sleep .1
482 $GETPM3LIST "$N"
483 done
484
485 if [ ${#PM3LIST} -lt "$N" ]; then
486 HELP() {
487 cat << EOF
488 [!!] No port found, abort
489
490 [?] Hint: try '$SCRIPT --list' to see list of available ports, and use the -n command like below
491 [?] $SCRIPT [-n <N>]
492
493 EOF
494 }
495 HELP
496 exit 1
497 fi
498
499 CMD "${PM3LIST[$((N-1))]}" "$@"
500 exit $?
Proxmark3 - the RFID research Swiss army knife. Iceman firmware