From 87393a086c4fa7749eaf530586e54b5c8b8291d4 Mon Sep 17 00:00:00 2001 From: MX <10697207+xMasterX@users.noreply.github.com> Date: Wed, 21 Sep 2022 08:43:07 +0300 Subject: [PATCH] fix rfid fuzzer crashes, some new random names --- CHANGELOG.md | 11 +++---- .../scene/flipfrid_scene_run_attack.c | 31 ++++--------------- lib/toolbox/random_name.c | 14 +++++++++ 3 files changed, 25 insertions(+), 31 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 16d072373..3adfcd008 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,10 +1,9 @@ ### New changes -* PR: RFID Fuzzer - support for HIDProx, update for UI (PR #74 by mvanzanten) (xMasterX -> time between cards set to 6) -* Fix NFC User dict (list) crash, now it displays only first 200 elements for large lists -* Fix SubGHz transmitter GUI button -* Fix SubGHz Magellen protocol GUI -* Fix null pointer dereference crash in Archive -> Info in root folder (+ fix long path names display) -* OFW: SubGHz: Adding checks for get_upload functions +* Plugins: Fix RFID Fuzzer crashes +* SubGHz: Fix Nice Flor S crash +* SubGHz: Allow saving signals for subghz protocols without encoder (sending is not possible) +* Some random names added +* Fix `debug_pack` to allow building debug builds with extra parameter for `./fbt` (check previous releases for info) #### **DFU files no longer included in releases to avoid issues with wrong manual installation of assets - use .tgz file with qFlipper, or install automatically via web updater or use microSD update package** diff --git a/applications/plugins/flipfrid/scene/flipfrid_scene_run_attack.c b/applications/plugins/flipfrid/scene/flipfrid_scene_run_attack.c index f7776fb4d..9d30f4faa 100644 --- a/applications/plugins/flipfrid/scene/flipfrid_scene_run_attack.c +++ b/applications/plugins/flipfrid/scene/flipfrid_scene_run_attack.c @@ -44,6 +44,11 @@ void flipfrid_scene_run_attack_on_enter(FlipFridState* context) { context->attack_step = 0; context->dict = protocol_dict_alloc(lfrfid_protocols, LFRFIDProtocolMax); context->worker = lfrfid_worker_alloc(context->dict); + if(context->proto == HIDProx) { + context->protocol = protocol_dict_get_protocol_by_name(context->dict, "HIDProx"); + } else { + context->protocol = protocol_dict_get_protocol_by_name(context->dict, "EM4100"); + } } void flipfrid_scene_run_attack_on_exit(FlipFridState* context) { @@ -68,9 +73,6 @@ void flipfrid_scene_run_attack_on_tick(FlipFridState* context) { switch(context->attack) { case FlipFridAttackDefaultValues: if(context->proto == EM4100) { - context->protocol = - protocol_dict_get_protocol_by_name(context->dict, "EM4100"); - context->payload[0] = id_list[context->attack_step][0]; context->payload[1] = id_list[context->attack_step][1]; context->payload[2] = id_list[context->attack_step][2]; @@ -88,9 +90,6 @@ void flipfrid_scene_run_attack_on_tick(FlipFridState* context) { } break; } else { - context->protocol = - protocol_dict_get_protocol_by_name(context->dict, "HIDProx"); - context->payload[0] = id_list_hid[context->attack_step][0]; context->payload[1] = id_list_hid[context->attack_step][1]; context->payload[2] = id_list_hid[context->attack_step][2]; @@ -113,9 +112,6 @@ void flipfrid_scene_run_attack_on_tick(FlipFridState* context) { case FlipFridAttackBfCustomerId: if(context->proto == EM4100) { - context->protocol = - protocol_dict_get_protocol_by_name(context->dict, "EM4100"); - context->payload[0] = context->attack_step; context->payload[1] = 0x00; context->payload[2] = 0x00; @@ -133,9 +129,6 @@ void flipfrid_scene_run_attack_on_tick(FlipFridState* context) { } break; } else { - context->protocol = - protocol_dict_get_protocol_by_name(context->dict, "HIDProx"); - context->payload[0] = context->attack_step; context->payload[1] = 0x00; context->payload[2] = 0x00; @@ -157,9 +150,6 @@ void flipfrid_scene_run_attack_on_tick(FlipFridState* context) { case FlipFridAttackLoadFile: if(context->proto == EM4100) { - context->protocol = - protocol_dict_get_protocol_by_name(context->dict, "EM4100"); - context->payload[0] = context->data[0]; context->payload[1] = context->data[1]; context->payload[2] = context->data[2]; @@ -180,9 +170,6 @@ void flipfrid_scene_run_attack_on_tick(FlipFridState* context) { } break; } else { - context->protocol = - protocol_dict_get_protocol_by_name(context->dict, "HIDProx"); - context->payload[0] = context->data[0]; context->payload[1] = context->data[1]; context->payload[2] = context->data[2]; @@ -207,9 +194,6 @@ void flipfrid_scene_run_attack_on_tick(FlipFridState* context) { case FlipFridAttackLoadFileCustomUids: if(context->proto == EM4100) { - context->protocol = - protocol_dict_get_protocol_by_name(context->dict, "EM4100"); - while(true) { string_reset(context->data_str); if(!stream_read_line(context->uids_stream, context->data_str)) { @@ -236,9 +220,6 @@ void flipfrid_scene_run_attack_on_tick(FlipFridState* context) { } break; } else { - context->protocol = - protocol_dict_get_protocol_by_name(context->dict, "HIDProx"); - while(true) { string_reset(context->data_str); if(!stream_read_line(context->uids_stream, context->data_str)) { @@ -325,7 +306,7 @@ void flipfrid_scene_run_attack_on_draw(Canvas* canvas, FlipFridState* context) { canvas, 64, 8, AlignCenter, AlignTop, string_get_cstr(context->attack_name)); char uid[18]; - if(context->protocol == protocol_dict_get_protocol_by_name(context->dict, "HIDProx")) { + if(context->proto == HIDProx) { snprintf( uid, sizeof(uid), diff --git a/lib/toolbox/random_name.c b/lib/toolbox/random_name.c index 985906756..b5924c8db 100644 --- a/lib/toolbox/random_name.c +++ b/lib/toolbox/random_name.c @@ -21,6 +21,12 @@ void set_random_name(char* name, uint8_t max_name_size) { "thick", "great", "my", + "mini", + "ultra", + "haupt", + "small", + "random", + "strange", }; const char* suffix[] = { @@ -32,6 +38,14 @@ void set_random_name(char* name, uint8_t max_name_size) { "burer", "sidorovich", "habar", + "radar", + "borov", + "pda", + "konserva", + "aptechka", + "door", + "thing", + "stuff", }; // sus is not (sus)pect - this is about super sus uint8_t prefix_i = rand() % COUNT_OF(prefix);