Michael Farrell
5b5489baf4
hf mf sim: Multiple fixes from review of PR #209 .
...
- Don't increment the nonce when random mode is disabled (this breaks the
standard attack).
- Don't attempt the standard attack when random mode is enabled (there's no
point as it won't work, per comments from @pwpiwi).
- Attempt the moebius attack if the standard attack fails.
2017-01-26 20:30:13 +11:00
Michael Farrell
f9c1dcd9f6
Adds random nonce (r) option to hf mf sim
.
...
This makes the PM3 generate pseudo-random nonces rather than sequential
nonces, to make it act a bit more like a "real" MFC card. A reader would
otherwise be able to detect the PM3 probing based on the predictable nonces
and throw different authentication challenges (or refuse to authenticate at
all).
The code includes an implementation of a rand-like function (prand), similar
to the one from libc, which is seeded automatically based on the time it
takes between the PM3 starting up and the first call to the RNG.
This isn't cryptographically random, but should be "good enough" to be able
to evade basic detection.
2017-01-26 18:32:25 +11:00
marshmellow42
89696b8b24
fixed lf antenna left on bug && some iclass ...
...
output cleanup by @iceman1001
2016-12-19 09:45:23 -05:00
marshmellow42
921e63992c
a few bug fixes with adding hitag detection to...
...
`lf search`
2016-12-16 14:04:39 -05:00
marshmellow42
0b91ce03e5
Merge remote-tracking branch 'upstream/master'
2016-11-29 15:09:27 -05:00
marshmellow42
671ff89fcb
fix iclass write
...
thanks to prof_abrasive && go_tus
2016-11-29 14:59:14 -05:00
ikarus
2943527472
Fixed all "misleading-indentation" warnings ( fixes #187 ).
2016-09-26 21:15:49 +02:00
Iceman
7669409547
Merge pull request #185 from marshmellow42/master
...
some lf fixes and hf mf sim attack mode add-ons
2016-08-12 13:55:09 +02:00
marshmellow42
f86d6b557a
attempt hitag2 uid read for lf search
2016-08-04 13:51:37 -04:00
marshmellow42
91f4d53123
couple bug fixes - clean up
2016-06-28 21:02:26 -04:00
marshmellow42
76ef5273d8
hf mf sim code cleanup - update changelog
2016-06-27 00:09:40 -04:00
marshmellow42
73ab92d14c
mf 1k sim reader attack cleanup
...
add abort options - keyboard & button press.
2016-06-25 00:53:53 -04:00
marshmellow42
6eae192c41
fix bug in moebius nonce collection - now finishes
...
also cleaned up some comments
note previous update added the creation of a stats.txt file to generate
statistics of the differences between std mfkey32 and the moebius
version.
2016-06-24 16:46:11 -04:00
marshmellow42
c872d8c177
update hf mf sim x attack mode - start 10byte uid..
...
..support (some from @iceman1001)
(sim reader attack currently testing std mfkey32 vs mfkey32_moebius
version...) possibly will remove one later.
2016-06-24 01:31:27 -04:00
marshmellow42
79dcb9e090
improve hf mf sim x reader attack
...
can now directly extract multiple keys for multiple sectors
2016-06-22 11:03:37 -04:00
marshmellow42
c0d32c3186
Merge remote-tracking branch 'upstream/master'
2016-06-05 22:20:36 -04:00
Richard Antony Burton
fdcfbdcc21
add l/h option to hw tune and optimize order of tuning
2016-06-01 08:13:20 +01:00
Ondrej Mikle
39d56ec88b
Fix hitagS sources to compile on gcc 4.9.3
2016-04-23 10:01:19 +02:00
marshmellow42
cf194819cc
simplify some code, add comments
...
ABS simplification from Iceman1001
2016-03-19 00:09:58 -04:00
marshmellow42
29ada8fc08
add ST to ask/manchester sim, finish presco...
...
...as it is currently understood - need to add base 12 printed ID to
demod output...
add Q5 option to pyramid
fix missing include I mistakenly removed in cmdlf
2016-03-07 01:01:40 -05:00
Ralf Spenneberg
4e12287d19
Experimental HitagS support
2016-03-04 17:28:05 +01:00
marshmellow42
39611e3d68
fix ask/Biphase sim bug
2016-02-29 18:05:47 -05:00
marshmellow42
72c5877a74
some minor lf fixes from @iceman1001
2016-02-21 17:05:53 -05:00
marshmellow42
29b757391a
remove errant 'void'
...
have to watch my copy and paste...
2016-02-20 10:22:45 -05:00
marshmellow42
3cec706139
move the clear buffer outside of potentially time..
...
... sensitive routines
see http://www.proxmark.org/forum/viewtopic.php?id=2820
2016-02-20 10:07:44 -05:00
Martin Holst Swende
b31ef4f510
Merge pull request #162 from marshmellow42/CoverityFixes
...
Coverity fixes - mainly from @iceman1001 s fork
2016-02-15 18:43:25 +01:00
Martin Holst Swende
b5cefff12c
Merge pull request #160 from marshmellow42/master
...
lf viking and standalone bug fixes
2016-02-15 18:39:42 +01:00
marshmellow42
e7707cdb17
verify wait isn't null
2016-02-14 17:41:16 -05:00
William Robinet
b8140ab108
Fix typos
2016-02-11 23:03:15 +01:00
marshmellow42
098015eb75
fix bug in lf standalone mode
...
clone command mixed up parameters.
2016-02-10 10:03:28 -05:00
marshmellow42
c4c3af7c16
some @iceman1001 s coverty scan fixes
...
great work!
2016-01-08 18:26:56 -05:00
Martin Holst Swende
2c7928874b
Merge pull request #149 from marshmellow42/T55xx_tests
...
Add lf viking, lf demod/clock detection improvements
2015-12-10 10:44:44 +01:00
marshmellow42
506672c48b
icemans lf fixes & adjustments + lf t55xx bruteforce
...
Fix small fskdemod clock bug
2015-12-02 17:27:12 -05:00
marshmellow42
709665b5d1
lf viking build / lf awid refactor / lfdemod.c debugMode==2
...
lf viking from other users - just put my spin on it
lf awid refactored code - possible to make it not 26bit specific now
with minor chanages
lfdemod.c now supports extra debug printing if `data setdebug` = 2 when
not on device (on client not arm)
2015-11-22 00:00:32 -05:00
marshmellow42
6fe5c94bda
lf demod cleanup nrz clock detect fixes
...
slight adjustment to lf t55xx sampling code to start at the same spot
more consistently
reduce indala detection false positives
lf t55xx commands heavily tested and seem to be stable and reliable on
most modulations/bitrates (excluding Sequence Terminator configured
cards).
2015-11-18 00:10:11 -05:00
marshmellow42
db8296025f
lf t55xx and some lf demod fixes/adjustments
...
finally think I like the lf t55xx detect and read cmds. pretty reliable
now.
2015-11-16 18:49:20 -05:00
Martin Holst Swende
9983a92943
Merge pull request #143 from marshmellow42/master
...
lfops cleanup, t55xx additions/fixes, PCF7931 input cleanup
2015-11-15 13:22:26 +01:00
pwpiwi
5d0e190169
fixing hf snoop:
...
- add: clear the trace buffer before snooping
- fix: allow trigger on odd samples as well
- fix: don't use Dbprintf() in timing tight loops
2015-11-06 09:02:05 +01:00
marshmellow42
8949e04584
Merge remote-tracking branch 'upstream/master'
2015-11-03 20:19:46 -05:00
marshmellow42
76346455d2
minor lf updates/cleanup
2015-11-03 20:18:16 -05:00
pwpiwi
b2fe0e77c5
Merge branch 'topaz'
...
Conflicts:
CHANGELOG.md
client/cmdhf.c
2015-11-03 21:06:59 +01:00
marshmellow42
9f669cb26f
minor cleanups
2015-10-31 23:12:42 -04:00
marshmellow42
66837a0302
Add lf t55xx resetread cmd + fix clone cmds
...
resetread cmd to determine start of streaming bits of ata5577 or
compatible chips...
fixed lf clone bugs introduced while refactoring recently...
2015-10-30 23:23:27 -04:00
pwpiwi
d9cc4e1ae2
Merge branch 'master' into topaz. Update Changelog.
2015-10-27 20:57:16 +01:00
etmatrix
031311c7ae
LED D is on while snoop, when user button is pressed snoop is stopped
2015-10-25 08:10:17 +01:00
marshmellow42
3606ac0a2b
refactor lfops t55xx functions
...
share t55xx configuration register definitions with client for later use
(warning - compiled but not fully tested yet)
2015-10-24 09:54:04 -04:00
marshmellow42
0c8200f11c
text cleanup t55xx cmds
2015-10-23 13:05:40 -04:00
etmatrix
0472d76de4
The great work of Enio hf snoop is now ported into latest version in git
...
you can find original work here https://github.com/EnioArda/proxmark3
2015-10-23 15:40:35 +02:00
marshmellow42
be2d41b73a
updates to lf t55xx commands
...
fix wakeup cmd per @iceman1001
fix dump and read cmds
clean up write command
allow page 1 read/write (block 3 is writable)(ata5577 only)
remove duplicate code
2015-10-22 16:19:23 -04:00
marshmellow42
8e99ec25ed
add wake option to t55xx read command
2015-10-17 15:01:26 -04:00