1 /* mifare-tool - a small command-line tool for librfid mifare testing
3 * (C) 2006 by Harald Welte <laforge@gnumonks.org>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2
7 * as published by the Free Software Foundation
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
32 #include <librfid/rfid.h>
33 #include <librfid/rfid_scan.h>
34 #include <librfid/rfid_reader.h>
35 #include <librfid/rfid_layer2.h>
36 #include <librfid/rfid_protocol.h>
38 #include <librfid/rfid_protocol_mifare_classic.h>
39 #include <librfid/rfid_protocol_mifare_ul.h>
41 #include <librfid/rfid_access_mifare_classic.h>
43 #include "librfid-tool.h"
45 static char *program_name;
47 static void help(void)
49 printf( " -h --help Print this help message\n"
50 " -r --read Read a mifare sector\n"
51 " -l --loop-read Loop reading a mifare sector\n"
52 " -s --smartx Read sectors 0-3 (with -k key) and 4-7 with this key\n"
53 " -w --write Write a mifare sector\n"
54 " -k --key Specify mifare access key (in hex tuples)\n"
55 " -b --brute-force n Brute Force read sector n\n");
58 static struct option mifare_opts[] = {
60 { "read", 1, 0, 'r' },
61 { "smartx", 1, 0, 's' },
62 { "loop-read", 1, 0, 'l' },
63 { "write", 1 ,0, 'w' },
64 { "help", 0, 0, 'h' },
65 { "brute-force", 1, 0, 'b' },
69 static int mifare_cl_auth(unsigned char *key, int page)
73 rc = mfcl_set_key(ph, key);
75 fprintf(stderr, "key format error\n");
78 rc = mfcl_auth(ph, RFID_CMD_MIFARE_AUTH1A, page);
80 fprintf(stderr, "mifare auth error\n");
83 printf("mifare auth succeeded!\n");
88 static int mifare_l3(void)
92 while (l2_init(RFID_LAYER2_ISO14443A) < 0) ;
94 printf("ISO14443-3A anticollision succeeded\n");
97 while (l3_init(RFID_PROTOCOL_MIFARE_CLASSIC) < 0 && retry++ < 10) ;
100 printf("Mifare card available\n");
103 printf("ERROR l3_init\n");
108 int main(int argc, char **argv)
110 int len, rc, c, option_index = 0;
111 unsigned int page,uid,uid_len;
112 char key[MIFARE_CL_KEY_LEN];
113 char key2[MIFARE_CL_KEY_LEN];
114 char buf[MIFARE_CL_PAGE_SIZE];
117 program_name = argv[0];
119 program_name = basename(argv[0]);
120 #endif/*__MINGW32__*/
122 memcpy(key, MIFARE_CL_KEYA_DEFAULT_INFINEON, MIFARE_CL_KEY_LEN);
124 printf("%s - (C) 2006 by Harald Welte\n"
125 "This program is Free Software and has "
126 "ABSOLUTELY NO WARRANTY\n\n", program_name);
128 printf("initializing librfid\n");
131 if (reader_init() < 0) {
132 fprintf(stderr, "error opening reader\n");
137 c = getopt_long(argc, argv, "k:r:s:l:w:b:h", mifare_opts,
146 printf("key: %s\n", hexdump(key, MIFARE_CL_KEY_LEN));
147 len = MIFARE_CL_PAGE_SIZE;
149 for (i = 0; i <= 0xff; i++) {
150 key[MIFARE_CL_KEY_LEN-1]=i;
151 if (mifare_cl_auth(key, page) >= 0)
152 printf("KEY: %s\n",hexdump(key, MIFARE_CL_KEY_LEN));
157 hexread(key, optarg, strlen(optarg));
158 printf("key: %s\n", hexdump(key, MIFARE_CL_KEY_LEN));
162 printf("read(key='%s',page=%u):",
163 hexdump(key, MIFARE_CL_KEY_LEN), page);
164 len = MIFARE_CL_PAGE_SIZE;
167 if (mifare_cl_auth(key, page) < 0)
172 if(rfid_layer2_getopt(l2h,RFID_OPT_LAYER2_UID,&uid,&uid_len)>=0)
173 printf("UID=%08X (len=%u)\n",uid,uid_len);
175 len=MIFARE_CL_PAGE_SIZE;
176 rc = rfid_protocol_read(ph, page, buf, &len);
179 fprintf(stderr, "error during read\n");
182 printf("len=%u data=%s\n", len, hexdump(buf, len));
184 if (page & 0x3 == 0x3) {
185 struct mfcl_access_sect s;
186 struct mfcl_access_exp_sect es;
188 u_int8_t recreated[4];
189 mfcl_parse_access(&s, buf+6);
190 printf("access b0:%u b1:%u b2:%u b3:%u\n",
191 s.block[0], s.block[1],
192 s.block[2], s.block[3]);
193 mfcl_access_to_exp(&es, &s);
194 for (b = 0; b < 3; b++)
195 printf("%u: %s\n", b, mfcl_access_exp_stringify(&es.block[b]));
196 printf("3: %s\n", mfcl_access_exp_acc_stringify(&es.acc));
198 mfcl_compile_access(recreated, &s);
199 printf("recreated; %s\n", hexdump(recreated,4));
204 hexread(key2, optarg, strlen(optarg));
205 printf("key2: %s\n", hexdump(key2, MIFARE_CL_KEY_LEN));
206 len = MIFARE_CL_PAGE_SIZE;
209 for(page = 0; page < 8; page++) {
210 if (mifare_cl_auth( page < 4 ? key : key2, page) < 0)
216 if(rfid_layer2_getopt(l2h,RFID_OPT_LAYER2_UID,&uid,&uid_len)>=0)
217 printf("UID=%08X (len=%u)\n",uid,uid_len);
220 len=MIFARE_CL_PAGE_SIZE;
221 rc = rfid_protocol_read(ph, page, buf, &len);
224 fprintf(stderr, "error during read\n");
227 printf("page=%d len=%u data=%s\n", page, len, hexdump(buf, len));
232 printf("read_loop(key='%s',page=%u):\n",
233 hexdump(key, MIFARE_CL_KEY_LEN), page);
236 if (mifare_cl_auth(key, page) < 0)
241 if(rfid_layer2_getopt(l2h,RFID_OPT_LAYER2_UID,&uid,&uid_len)>=0)
242 printf("UID=%08X (len=%u)\n",uid,uid_len);
244 len=MIFARE_CL_PAGE_SIZE;
245 rc = rfid_protocol_read(ph, page, buf, &len);
248 fprintf(stderr, "error during read\n");
251 printf("%s\n", hexdump(buf, len));
256 len = strlen(argv[optind]);
257 len = hexread(buf, argv[optind], len);
258 printf("write(key='%s',page=%u):",
259 hexdump(key, MIFARE_CL_KEY_LEN), page);
260 printf(" '%s'(%u):", hexdump(buf, len), len);
262 if (mifare_cl_auth(key, page) < 0)
264 rc = rfid_protocol_write(ph, page, buf, len);
267 fprintf(stderr, "error during write\n");
279 rfid_protocol_close(ph);
280 rfid_protocol_fini(ph);
282 rfid_layer2_close(l2h);
283 rfid_layer2_fini(l2h);
285 rfid_reader_close(rh);