1 /* mifare-tool - a small command-line tool for librfid mifare testing
3 * (C) 2006 by Harald Welte <laforge@gnumonks.org>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2
7 * as published by the Free Software Foundation
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
32 #include <librfid/rfid.h>
33 #include <librfid/rfid_scan.h>
34 #include <librfid/rfid_reader.h>
35 #include <librfid/rfid_layer2.h>
36 #include <librfid/rfid_protocol.h>
38 #include <librfid/rfid_protocol_mifare_classic.h>
39 #include <librfid/rfid_protocol_mifare_ul.h>
41 #include <librfid/rfid_access_mifare_classic.h>
43 #include "librfid-tool.h"
45 static char *program_name;
47 static void help(void)
49 printf( " -h --help Print this help message\n"
50 " -r --read Read a mifare sector\n"
51 " -l --loop-read Loop reading a mifare sector\n"
52 " -s --smartx Read sectors 0-3 (with -k key) and 4-7 with this key\n"
53 " -w --write Write a mifare sector\n"
54 " -k --key Specify mifare access key (in hex tuples)\n"
55 " -b --brute-force n Brute Force read sector n\n");
58 static struct option mifare_opts[] = {
60 { "read", 1, 0, 'r' },
61 { "smartx", 1, 0, 's' },
62 { "loop-read", 1, 0, 'l' },
63 { "write", 1 ,0, 'w' },
64 { "help", 0, 0, 'h' },
65 { "brute-force", 1, 0, 'b' },
69 static int mifare_cl_auth(unsigned char *key, int page)
73 rc = mfcl_set_key(ph, key);
75 fprintf(stderr, "key format error\n");
78 rc = mfcl_auth(ph, RFID_CMD_MIFARE_AUTH1A, page);
80 fprintf(stderr, "mifare auth error\n");
83 printf("mifare auth succeeded!\n");
88 static void mifare_l3(void)
90 while (l2_init(RFID_LAYER2_ISO14443A) < 0) ;
92 printf("ISO14443-3A anticollision succeeded\n");
94 while (l3_init(RFID_PROTOCOL_MIFARE_CLASSIC) < 0) ;
96 printf("Mifare card available\n");
99 int main(int argc, char **argv)
101 int len, rc, c, option_index = 0;
102 unsigned int page,uid,uid_len;
103 char key[MIFARE_CL_KEY_LEN];
104 char key2[MIFARE_CL_KEY_LEN];
105 char buf[MIFARE_CL_PAGE_SIZE];
108 program_name = argv[0];
110 program_name = basename(argv[0]);
111 #endif/*__MINGW32__*/
113 memcpy(key, MIFARE_CL_KEYA_DEFAULT_INFINEON, MIFARE_CL_KEY_LEN);
115 printf("%s - (C) 2006 by Harald Welte\n"
116 "This program is Free Software and has "
117 "ABSOLUTELY NO WARRANTY\n\n", program_name);
119 printf("initializing librfid\n");
122 if (reader_init() < 0) {
123 fprintf(stderr, "error opening reader\n");
128 c = getopt_long(argc, argv, "k:r:s:l:w:b:h", mifare_opts,
137 printf("key: %s\n", hexdump(key, MIFARE_CL_KEY_LEN));
138 len = MIFARE_CL_PAGE_SIZE;
140 for (i = 0; i <= 0xff; i++) {
141 key[MIFARE_CL_KEY_LEN-1]=i;
142 if (mifare_cl_auth(key, page) >= 0)
143 printf("KEY: %s\n",hexdump(key, MIFARE_CL_KEY_LEN));
148 hexread(key, optarg, strlen(optarg));
149 printf("key: %s\n", hexdump(key, MIFARE_CL_KEY_LEN));
153 printf("read(key='%s',page=%u):",
154 hexdump(key, MIFARE_CL_KEY_LEN), page);
155 len = MIFARE_CL_PAGE_SIZE;
157 if (mifare_cl_auth(key, page) < 0)
162 if(rfid_layer2_getopt(l2h,RFID_OPT_LAYER2_UID,&uid,&uid_len)>=0)
163 printf("UID=%08X (len=%u)\n",uid,uid_len);
165 len=MIFARE_CL_PAGE_SIZE;
166 rc = rfid_protocol_read(ph, page, buf, &len);
169 fprintf(stderr, "error during read\n");
172 printf("len=%u data=%s\n", len, hexdump(buf, len));
174 if (page & 0x3 == 0x3) {
175 struct mfcl_access_sect s;
176 struct mfcl_access_exp_sect es;
178 u_int8_t recreated[4];
179 mfcl_parse_access(&s, buf+6);
180 printf("access b0:%u b1:%u b2:%u b3:%u\n",
181 s.block[0], s.block[1],
182 s.block[2], s.block[3]);
183 mfcl_access_to_exp(&es, &s);
184 for (b = 0; b < 3; b++)
185 printf("%u: %s\n", b, mfcl_access_exp_stringify(&es.block[b]));
186 printf("3: %s\n", mfcl_access_exp_acc_stringify(&es.acc));
188 mfcl_compile_access(recreated, &s);
189 printf("recreated; %s\n", hexdump(recreated,4));
194 hexread(key2, optarg, strlen(optarg));
195 printf("key2: %s\n", hexdump(key2, MIFARE_CL_KEY_LEN));
196 len = MIFARE_CL_PAGE_SIZE;
198 for(page = 0; page < 8; page++) {
199 if (mifare_cl_auth( page < 4 ? key : key2, page) < 0)
205 if(rfid_layer2_getopt(l2h,RFID_OPT_LAYER2_UID,&uid,&uid_len)>=0)
206 printf("UID=%08X (len=%u)\n",uid,uid_len);
209 len=MIFARE_CL_PAGE_SIZE;
210 rc = rfid_protocol_read(ph, page, buf, &len);
213 fprintf(stderr, "error during read\n");
216 printf("page=%d len=%u data=%s\n", page, len, hexdump(buf, len));
221 printf("read_loop(key='%s',page=%u):\n",
222 hexdump(key, MIFARE_CL_KEY_LEN), page);
225 if (mifare_cl_auth(key, page) < 0)
230 if(rfid_layer2_getopt(l2h,RFID_OPT_LAYER2_UID,&uid,&uid_len)>=0)
231 printf("UID=%08X (len=%u)\n",uid,uid_len);
233 len=MIFARE_CL_PAGE_SIZE;
234 rc = rfid_protocol_read(ph, page, buf, &len);
237 fprintf(stderr, "error during read\n");
240 printf("%s\n", hexdump(buf, len));
245 len = strlen(argv[optind]);
246 len = hexread(buf, argv[optind], len);
247 printf("write(key='%s',page=%u):",
248 hexdump(key, MIFARE_CL_KEY_LEN), page);
249 printf(" '%s'(%u):", hexdump(buf, len), len);
251 if (mifare_cl_auth(key, page) < 0)
253 rc = rfid_protocol_write(ph, page, buf, len);
256 fprintf(stderr, "error during write\n");
268 rfid_protocol_close(ph);
269 rfid_protocol_fini(ph);
271 rfid_layer2_close(l2h);
272 rfid_layer2_fini(l2h);
274 rfid_reader_close(rh);