From cc4850f7383f62c2ee242c71ae822c251624d4be Mon Sep 17 00:00:00 2001
From: Pavel Zhovner <pavel@zhovner.com>
Date: Wed, 16 Sep 2020 15:54:00 +0300
Subject: [PATCH] NFC Wiki (#118)

* Wiki: USB NFC Reader
---
 .gitignore                              |   5 +-
 wiki/applications/NFC.md                | 113 +++++++++++++++++++++---
 wiki_static/NFC/ST25R3916-schematic.png |   3 +
 wiki_static/NFC/nfc-card-detector.png   |   3 +
 wiki_static/NFC/nfc-ui.png              |   3 +
 wiki_static/NFC/nfc-wall-reader.png     |   3 +
 wiki_static/NFC/usb-nfc-reader.png      |   3 +
 7 files changed, 122 insertions(+), 11 deletions(-)
 create mode 100644 wiki_static/NFC/ST25R3916-schematic.png
 create mode 100644 wiki_static/NFC/nfc-card-detector.png
 create mode 100644 wiki_static/NFC/nfc-ui.png
 create mode 100644 wiki_static/NFC/nfc-wall-reader.png
 create mode 100644 wiki_static/NFC/usb-nfc-reader.png

diff --git a/.gitignore b/.gitignore
index 20f04b73..afb4d4df 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,7 @@
 .idea/
 target_lo/build/
 target_*/build/
-bindings/
\ No newline at end of file
+bindings/
+
+# Visual Studio Code
+.vscode/
\ No newline at end of file
diff --git a/wiki/applications/NFC.md b/wiki/applications/NFC.md
index 74d31933..d7e3d71a 100644
--- a/wiki/applications/NFC.md
+++ b/wiki/applications/NFC.md
@@ -1,22 +1,115 @@
-The NFC standard (ISO-14443) operates at 13.56MHz. We are going to use the ST25R3916 chip, the same chip as used in the HydraNFC project.
+# NFC 
 
-Supported cards:
+## Card detector
 
-* ISO-14443 tag (mifare?) reading & writing & emulation  
-* Emulation — Mifare Classic & Ultralight
+![](./../../wiki_static/NFC/nfc-card-detector.png)
 
+Card type is often unknown. Card detector runs tests against the unknown card to determine it's type. These tests are not 100% accurate, but they help to start exploring. If the test finished successfully, it can recommend to run a suitable application for the card type.
+
+### Card detector routine:
+
+1. Check if card `ISO-14443` `A` or `B` or `FeliCa`
+2. Check the 6 byte of `SAK` to determine if `ISO-14443-4` compliant
+3. Match combination of UID, SAK, ATQA, ATS, ATR from database
+4. Try to authenticate as Mifare, EMV, etc..
+5. Return founded type and suggest suitable application or return error
+
+## Reader detector
+
+![](./../../wiki_static/NFC/nfc-wall-reader.png)
+
+Wall readers usually looks the same, but may accept various types type of cards. With reader detector feature we can emulate dummy card on Flipper and sniff commands that reader send to card.  
+
+
+### Reader detector
+
+1. Silently read WUPA (0x52) or REQA (0x26) without triggering SELECT on reader
+2. Emulate dummy card
+    2.1 Answer on ATQA
+    2.2 Answer on SELECT 
+    2.3 ...
+3. Consistently emulate popular cards before valid authentication from reader found 
 
 ## Reader mode
 
+* Mifare classic reader  _How to select dictionary?_
+  * Brute force
+  * Save dump
+  * Write dump to SD-card
+* Mifare Ultralight reader
+  * Save dump
+  * Write dump?
+* EMV reader
+* Simple UID reader
 
-## Write mode
+## Write/Emulate mode
+
+Saved dumps stored on SD-card and accessible from `Saved dumps` menu. All saved dumps can be emulated or written to card if possible. User can view dump info and choose the action: 
+
+* Emulate
+* Write
+* Edit? _(Editing big dumps can be can be difficult)_ 
+
+# USB NFC Reader [Not implemented]
+<img width="800" src="./../../wiki_static/NFC/usb-nfc-reader.png" />
+
+There are many use cases that impossible to run directly on Flipper Zero. Most of these cases require powerful CPU for cryptographic attacks:  
+
+- Mifare classic attacks: `mfoc` (Nested), `mfcuk` (Dark Side)
+- Mifare Plus attack: Hard Nested
+
+We can use Flipper Zero as a regular USB NFC adapter along with `LibNFC` library, so all existing software will work out of the box without any modifications. This mode must be run from menu `NFC -> USB NFC adapter`. In this mode all commands from PC should be forwarded directly to NFC chip `ST25R3916` via USB serial interface. 
+
+# Schematic
+
+![](./../../wiki_static/NFC/ST25R3916-schematic.png)
 
 
-## Emulate mode
+# Menu
+![](./../../wiki_static/NFC/nfc-ui.png)
 
+<!--- Menu structure -->
+# NFC
 
-# UI
+## Detect card
 
-### NFC
-* Reader
-* Emaulte
\ No newline at end of file
+- Activating RF field and wait for card. 
+Run tests when card found.
+- Found match
+  - Mifare Classic found.
+Run Mifare reader? 
+- No found
+  - Cannot detect card type  
+
+## Reader detector
+
+- Passive listen for WUPA/REQA-B
+  - Commands live stream 
+    0x26
+    0x26
+    0x26
+- Start active emulating 
+- .
+  - Mifare reader found
+- .
+  - EMV reader found
+
+## Read card
+
+- Mifare Classic
+- Mifare Ultralight
+- EMV get PAN
+- what more?
+
+## Saved dumps
+
+- mfc_a6b804bf
+- home
+- mfu_04bfac72
+- emv_paywave_1007
+
+## USB NFC Reader
+
+- Activates instantly.
+No more display updates
+<!--- Menu structure end -->
diff --git a/wiki_static/NFC/ST25R3916-schematic.png b/wiki_static/NFC/ST25R3916-schematic.png
new file mode 100644
index 00000000..b889413a
--- /dev/null
+++ b/wiki_static/NFC/ST25R3916-schematic.png
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:cf3b36cb3db6c3552d241e7639f3a2b6858979f00ad8fda25bf7bfaa65bf317d
+size 537771
diff --git a/wiki_static/NFC/nfc-card-detector.png b/wiki_static/NFC/nfc-card-detector.png
new file mode 100644
index 00000000..00ded23e
--- /dev/null
+++ b/wiki_static/NFC/nfc-card-detector.png
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:2af09e099308abf2d61ea0d3dc4326d30a2134c9b87b4aeb4678eadac96d17b5
+size 46060
diff --git a/wiki_static/NFC/nfc-ui.png b/wiki_static/NFC/nfc-ui.png
new file mode 100644
index 00000000..fdea8324
--- /dev/null
+++ b/wiki_static/NFC/nfc-ui.png
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:35627515ecf8e96d5d28b5469fdf569b993981cda1240b921ca62f997e6ec099
+size 338558
diff --git a/wiki_static/NFC/nfc-wall-reader.png b/wiki_static/NFC/nfc-wall-reader.png
new file mode 100644
index 00000000..fb650646
--- /dev/null
+++ b/wiki_static/NFC/nfc-wall-reader.png
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:8764367c15252a9ff37514451af086a6c4d0adca7ec5b423643b730151388d53
+size 88079
diff --git a/wiki_static/NFC/usb-nfc-reader.png b/wiki_static/NFC/usb-nfc-reader.png
new file mode 100644
index 00000000..366c9502
--- /dev/null
+++ b/wiki_static/NFC/usb-nfc-reader.png
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:370ec74cbd8e37a5760ed03f19cf31bd135f021a88c4669a68f0705e7ecf0902
+size 95362