memory locations in code are now accurate and the CC output is not
corrupted by the config's crc.
also the looping and flags for what to read are now correctly
implemented in the code.
clean up output
allow readblock without authenticating (can read blocks 0, 1, 2, 5
without authenticating.)
add Application Issuer Area to reader output and use it to attempt to
identify legacy vs NOT legacy.
* coverity fixes
cmdhflegic- indications are the i in calls to data_buf[i] could = 1052
and overflow the array.
cmdhfmfhard - +1 to add space for string null terminator - should we add
the 0 terminator value too?
reveng.c - memory leak
util.c - fix potential overflow of array buf[]
util_posix.c - possible integer overflow
* fix help errors
* fix sprint_hex_ascii
again
and this function is not even used anywhere... yet...
CMD_MIFARE_CHKKEYS command has a different arg1, arg2 meaning nowdays.
Arg0 = keytype << 8 | blockno
arg1 = clear trace
In lua its name arg1, probably with lua's startindex is 1...
* Fix compile errors with MacOS
- _POSIX_C_SOURCE must not be defined for num_CPU()
* separate util_posix.c require changes in tools directory as well
* remove unnecessary self-include
This implements the attack described in
Carlo Meijer, Roel Verdult, "Ciphertext-only Cryptanalysis on Hardened
Mifare Classic Cards" in Proceedings of the 22nd ACM SIGSAC Conference on
Computer and Communications Security, 2015
It uses precomputed tables for many bitflip properties (not only two as in the paper)
and is therefore quite efficient. To prevent failing it doesn't do
differential analysis with several nonce bytes' Sum(a8) properties (each of them
may be wrongly guessed) - instead it concentrates on one nonce byte and tries all
Sum(a8) property guesses sequentially (ordered by probability). The brute force phase
makes use of aczid's bit sliced brute forcer (https://github.com/aczid/crypto1_bs).
Includes runtime CPU-detection to leverage modern (and old) SIMD instructions
with a single executable.
to ui_overlays.h
add ui_overlays.h to .gitignore
should now compile to whatever qt version you have. (as long as it is
compatible with the overlays.ui file...)
Submitting a well documented Lua script whose purpose is to do
bulk, repeated, sequential programming of RFID tags. Could be useful
for users of the ACCX Open Access 4.0 or other simple RFID systems.
Tags programmed with this would potentially be vulnerabile to bisection
attacks, etc... But honestly, they likely would have been anyway.
To use run from within the proxmark3 client:
```
proxmark3> script run lf_bulk_program.lua -b 1000 -c 5 -f 23
--- Executing: lf_bulk_program.lua, args '-b 1000 -c 5 -f 23'
Press enter to program card 1000:23 (hex: 0020042e07d1)
Cloning tag with ID 20042e07d1
Press enter to program card 1001:23 (hex: 0020042e07d2)
Cloning tag with ID 20042e07d2
Press enter to program card 1002:23 (hex: 0020042e07d4)
Cloning tag with ID 20042e07d4
Press enter to program card 1003:23 (hex: 0020042e07d7)
Cloning tag with ID 20042e07d7
Press enter to program card 1004:23 (hex: 0020042e07d8)
Cloning tag with ID 20042e07d8
-----Finished
```
also fixed a save_restore issue with grid alignments
now save_restoreGB() saves/restores offset values
added macro enumeration of SAVE vs RESTORE for save_restore commands.
