I have ACR122U reader and Mifare1k card, When I try sdk on windows 7 It's can't access the card, But XP It's can.(XP test in VMware)
result in Mifare Programming(SDK Project)
I can Initialize and get Reader name but I can't Connect the card.(on Windows 7)
Program ready
?
?
When I try on XP I can get Reader name, connect card, load authen key and authen key.
Program ready
Successful connection to ACR122 0
<FF 82 00 00 06 FF FF FF FF FF FF
>90 00
<FF 86 00 00 05 01 00 00 61 01
>90 00
Authentication success!
*in ACR122UTool(application come with sdk),It's not sdk, but It's can send Direct command and got a result.(run on windows 7)
ACR122U PICC Interface
Connected to : ACS ACR122 0
ACR122U APDU Command
< FF 82 00 00 06 FF FF FF FF FF FF
> 90 00
ACR122U APDU Command
< FF 86 00 00 05 01 00 00 61 01
> 90 00
I don't understand, code from sdk can't access the card but application come with sdk can access the card and read write to card(run on windows 7)
PM. Sorry for my Eng (-_-")
Related
Newb-question here. I have searched a couple days for the solution but dont't get anywhere. Using windbg preview.
There's a process that loads a dll and I want to see the disassembly of the addresses that are called from inside the dll. No symbols available because it is third party. I can find the entry point and break on it but after that I cannot step into the dll. I know I need to load the dll into windbg but I can't put it in the arguments when I start the exe because I only know the entry point after the module is loaded.
If I use .load on my dll and set a breakpoint on entry it doesn't work either.
Anyone done this before and can tell me what I need to do to step into the dll's assembly?
edit:
In windbg I launched the executable (.exe) and want to see the addresses and operations inside a .dll that are called during a specific operation in the program.
Simple things first: .load is for loading WinDbg Plugins into the WinDbg process. That's not what you want.
I'm assuming that you want to do more a reverse engineering than debugging. WinDbg is not ideal for this task. There are certainly better tools like IDA.
Analyzing without executing
But anyway, let's get into it. I'll choose an arbitrary DLL for this example. It is a DLL provided with the AMD display driver, C:\AMD\PSP Driver\WTx64\amdtee_api32.dll and I have no clue about it.
Open WinDbg Preview
Go to "Open dump file" (this is not really intuitive, but it will work)
In the file open dialog, enter *, so DLLs will be displayed (by default it's limited to DMP files)
Choose the DLL to be loaded
At this point, it will say
Microsoft (R) Windows Debugger Version 10.0.21349.1004 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\AMD\PSP Driver\WTx64\amdtee_api32.dll]
You can now operate on the DLL with the same commands as during a live debugging session.
0:000> lm
start end module name
10000000 10055000 amdtee_api32 (export symbols) amdtee_api32.dll
So I have no PDB file available, just export symbols, as there are:
0:000> x *!*
7ffe0300 SharedUserData!SystemCallStub = <no type information>
10001050 amdtee_api32!TEEC_InitializeContext (<no parameter info>)
[...]
And we can disassemble a function:
0:000> uf amdtee_api32!TEEC_InitializeContext
amdtee_api32!TEEC_InitializeContext:
10001050 55 push ebp
10001051 8bec mov ebp,esp
10001053 83ec08 sub esp,8
10001056 c745f801000000 mov dword ptr [ebp-8],1
1000105d 837d0c00 cmp dword ptr [ebp+0Ch],0
10001061 750a jne amdtee_api32!TEEC_InitializeContext+0x1d (1000106d) Branch
[...]
You can even access the memory where the DLL is loaded to
0:000> db amdtee_api32
10000000 4d 5a 90 00 03 00 00 00-04 00 00 00 ff ff 00 00 MZ..............
10000010 b8 00 00 00 00 00 00 00-40 00 00 00 00 00 00 00 ........#.......
10000020 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
10000030 00 00 00 00 00 00 00 00-00 00 00 00 10 01 00 00 ................
10000040 0e 1f ba 0e 00 b4 09 cd-21 b8 01 4c cd 21 54 68 ........!..L.!Th
10000050 69 73 20 70 72 6f 67 72-61 6d 20 63 61 6e 6e 6f is program canno
10000060 74 20 62 65 20 72 75 6e-20 69 6e 20 44 4f 53 20 t be run in DOS
10000070 6d 6f 64 65 2e 0d 0d 0a-24 00 00 00 00 00 00 00 mode....$.......
Im able to install application with NSIS installer and later I update TaskManager->Startup preferences to disabled. After I uninstall and reinstall the application, Startup preferences defaults to previous user preference of "disabled". I want the installer to enforce Enabled always after new install, so application startups on reboot. How to achieve this with NSIS coding.
Thanks
I believe Microsoft wants this to be a purely user-controlled setting, but in any case the method Task Manager uses is to modify the appropriate REG_BINARY value in the following registry locations in either HKEY_CURRENT_USER or HKEY_LOCAL_MACHINE, as appropriate:
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder
Enabled items contain the data:
02 00 00 00 00 00 00 00 00 00 00 00
or
06 00 00 00 00 00 00 00 00 00 00 00
Disabled items contain data starting with 03000000... or 07000000... and followed by some hex values [perhaps it's a timestamp?], e.g.:
03 00 00 00 F4 0B 28 C9 9D 79 D1 01
I'm unclear what the distinction is between the ones that start with 02 and 06, but it seems 02s become 03s and 06s becomes 07s when disabled.
To ensure your startup item is enabled, either use WriteRegBin to set it back to 020000000000000000000000 or 060000000000000000000000, or just use DeleteRegValue and delete the value entirely.
I'm having issues trying to set the LED and buzzer using APDUs on an ACR122U (firmware version 2.1.5).
This command should set the Buzzer Output for Card Detection, but I always get an error response:
> FF 00 52 00 00
< 63 00
Also, when trying to use one of the examples from the official documentation (v 2.04), I don't get the expected behavior, and the wrong response code (should be 90 02):
> FF 00 40 50 04 05 05 03 01
< 90 03
Other commands, like reading the firmware version, work as expected:
> FF 00 48 00 00
< 41 43 52 31 32 32 55 32 31 35
Has anyone had the same issues before?
Buzzer Output for Card Detection
I have two older versions of this reader here that do not seem to have a buzzer. Both of these readers always return 63 00 for that command. I'm not quite sure why this command might fail on versions that do have a buzzer though. However, looking at diffferent versions of the ACR122U API documentation, this command was only added in later versions of the reader.
Bi-color LED and Buzzer Control
The status code that you receive will only reflect the current state of the LEDs after you set the final state of the LEDs at least once. E.g. to set the final state off:
FF 00 40 0C 04 00 00 00 00
I'm trying to teach myself assembly, and am using LLDB to debug. So far, so good, but I'm wondering whether there's a quick way to inspect the memory at an address stored in a register?
Of course, I can do
register read rbp
(for example), and then use the address via
memory read <address> ...
but really I'd like to use the register name directly in the arguments to the 'memory' command (possibly with an offset). That seems like a natural thing to want to do, but so far I haven't been able to find anything about this.
You can use
(lldb) x $eax
0x799be060: f0 e6 1c 01 04 00 00 00 88 23 04 00 98 23 04 00 .........#...#..
0x799be070: a8 23 04 00 b8 23 04 00 00 00 00 00 00 00 00 00 .#...#..........
To see the memory contents displayed as e.g. 4 floats, use
(lldb) x/4f $eax
0x799be060: 0.0000000000000000000000000000000000000288183643
0x799be064: 0.00000000000000000000000000000000000000000000560519386
0x799be068: 0.000000000000000000000000000000000000000380088195
0x799be06c: 0.000000000000000000000000000000000000000380110616
Our web application provides ability to download pdf.
When user clicks on download link we open the pdf in a new tab.
My firefox uses pdfjs as a pdf viewer and I can save pdf through it's interface.
Everything was fine in Firefox 19, but version 24 download file which looks like corrupted (it displays that file, but can't download it correctly).
I noticed that result size of file is a nearest power of 2, for example if my original pdf size is 97kb then after downloading it through Firefox's pdfjs its size becomes 128kb and my desktop pdf viewers (like acrobat) can't open it.
I tested it on the same version of our app.
update
Demo pdf file - everything is fine with downloading through linux google chrome viewer and linux firefox 21 (pdfjs), but the same problem with linux firefox 23.0.1
Is something wrong with pdfjs or with our server?
update #2
I looked at binary contents of broken and not-broken file:
$ git diff not-broken.dump broken.dump
diff --git a/not-broken.dump b/broken.dump
index 3621089..5de337c 100644
--- a/not-broken.dump
+++ b/broken.dump
## -336,5 +336,7 ##
000014f0 b8 d0 3d 76 85 f8 76 9d e6 50 74 df e7 a7 bd b0 |..=v..v..Pt.....|
00001500 00 f1 6e 05 63 0a 65 6e 64 73 74 72 65 61 6d 0a |..n.c.endstream.|
00001510 65 6e 64 6f 62 6a 0a 73 74 61 72 74 78 72 65 66 |endobj.startxref|
-00001520 0a 35 32 31 33 0a 25 25 45 4f 46 0a |.5213.%%EOF.|
-0000152c
+00001520 0a 35 32 31 33 0a 25 25 45 4f 46 0a 00 00 00 00 |.5213.%%EOF.....|
+00001530 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
+*
+00010000
What we have here is a genuine bug. I filed: https://github.com/mozilla/pdf.js/issues/3634
Since the data transfer does not specify a content-length, but uses chunked transfer encoding, pdf.js will use an initial buffer of 64kb that is doubled each time it would overflow. However, once the transfer is complete pdf.js will not shrink that buffer to the actual size, nor will it remember the actual size, so that upon download the whole over-sized buffer (still the initial 64kb in your example) will be transferred.
I don't think there is a real work-around, short of not using pdf.js at all (which is a user choice).