proxmark3

mirror of https://github.com/Proxmark/proxmark3.git synced 2024-09-21 23:36:51 +08:00

Author	SHA1	Message	Date
Oleg Moiseenko	3a05a1e739	reworking magic cheneese card wipe (#365 ) Implement hf mf cwipe. Remove wipe parameter from hf mf csetuid.	2017-09-22 19:40:42 +02:00
pwpiwi	c48c4d7856	New: implementing hf mf hardnested This implements the attack described in Carlo Meijer, Roel Verdult, "Ciphertext-only Cryptanalysis on Hardened Mifare Classic Cards" in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015 It uses precomputed tables for many bitflip properties (not only two as in the paper) and is therefore quite efficient. To prevent failing it doesn't do differential analysis with several nonce bytes' Sum(a8) properties (each of them may be wrongly guessed) - instead it concentrates on one nonce byte and tries all Sum(a8) property guesses sequentially (ordered by probability). The brute force phase makes use of aczid's bit sliced brute forcer (https://github.com/aczid/crypto1_bs). Includes runtime CPU-detection to leverage modern (and old) SIMD instructions with a single executable.	2017-05-31 07:30:56 +02:00
marshmellow42	e04475c421	Add @Iceman1001 s cotag read also needed to include some of icemans timer additions.	2017-02-03 00:14:34 -05:00
Michael Farrell	f9c1dcd9f6	Adds random nonce (r) option to `hf mf sim`. This makes the PM3 generate pseudo-random nonces rather than sequential nonces, to make it act a bit more like a "real" MFC card. A reader would otherwise be able to detect the PM3 probing based on the predictable nonces and throw different authentication challenges (or refuse to authenticate at all). The code includes an implementation of a rand-like function (prand), similar to the one from libc, which is seeded automatically based on the time it takes between the PM3 starting up and the first call to the RNG. This isn't cryptographically random, but should be "good enough" to be able to evade basic detection.	2017-01-26 18:32:25 +11:00
Iceman	7669409547	Merge pull request #185 from marshmellow42/master some lf fixes and hf mf sim attack mode add-ons	2016-08-12 13:55:09 +02:00
marshmellow42	c872d8c177	update hf mf sim x attack mode - start 10byte uid.. ..support (some from @iceman1001) (sim reader attack currently testing std mfkey32 vs mfkey32_moebius version...) possibly will remove one later.	2016-06-24 01:31:27 -04:00
Richard Antony Burton	fdcfbdcc21	add l/h option to hw tune and optimize order of tuning	2016-06-01 08:13:20 +01:00
Ralf Spenneberg	4e12287d19	Experimental HitagS support	2016-03-04 17:28:05 +01:00
marshmellow42	709665b5d1	lf viking build / lf awid refactor / lfdemod.c debugMode==2 lf viking from other users - just put my spin on it lf awid refactored code - possible to make it not 26bit specific now with minor chanages lfdemod.c now supports extra debug printing if `data setdebug` = 2 when not on device (on client not arm)	2015-11-22 00:00:32 -05:00
marshmellow42	8949e04584	Merge remote-tracking branch 'upstream/master'	2015-11-03 20:19:46 -05:00
marshmellow42	66837a0302	Add lf t55xx resetread cmd + fix clone cmds resetread cmd to determine start of streaming bits of ata5577 or compatible chips... fixed lf clone bugs introduced while refactoring recently...	2015-10-30 23:23:27 -04:00
etmatrix	0472d76de4	The great work of Enio hf snoop is now ported into latest version in git you can find original work here https://github.com/EnioArda/proxmark3	2015-10-23 15:40:35 +02:00
marshmellow42	be2d41b73a	updates to lf t55xx commands fix wakeup cmd per @iceman1001 fix dump and read cmds clean up write command allow page 1 read/write (block 3 is writable)(ata5577 only) remove duplicate code	2015-10-22 16:19:23 -04:00
marshmellow42	c54dff4f4a	Merge remote-tracking branch 'Proxmark/master' into iclass Conflicts: CHANGELOG.md	2015-10-07 09:34:47 -04:00
Dake	dc4300bafb	add : writing on PCF7931 tags	2015-08-26 15:53:49 +02:00
marshmellow42	3ac22ee1cf	use read instead of readcheck except to auth	2015-07-23 01:12:02 -04:00
Martin Holst Swende	e2012d1bd3	Implemented 'hw status' and 'hw ping', put back client-side cacheing of 'hw version'	2015-07-21 23:18:51 +02:00
marshmellow42	6b659d2406	Merge remote-tracking branch 'upstream/master' into iclass	2015-07-20 21:26:35 -04:00
marshmellow42	aa53efc340	iclass additions multiple contributors - thanks!	2015-07-20 13:41:40 -04:00
Craig Young	dbf6e824f9	Adding support for AWID26 realtime demodulation as well as cloning and simulation from facility code and card number	2015-07-13 15:45:28 -04:00
Martin Holst Swende	1e1de234ac	Merge pull request #121 from frederikmoellers/master Add PACE replay functionality	2015-06-23 22:23:08 +02:00
Frederik Möllers	3bb07d96c8	Add PACE replay functionality This function allows the user to specify APDUs which are sent to a card supporting the PACE protocol. The response times are measured and printed. The code was pulled from the old Google Code repository (branch "epa") and modified to fit into the new code base.	2015-06-22 14:20:13 +02:00
pwpiwi	132a02179c	fixing iso 14443b (issue #103 ): - fix: treat empty commands as error - deleting dead code - rename USB-Commands (ISO14443 -> iso14443B)	2015-06-18 09:49:22 +02:00
marshmellow42	9d87eb6650	MF ultralight code cleanup	2015-05-18 13:11:00 -04:00
marshmellow42	6ce0e5386a	HF Search - refactoring cmds to work with it	2015-05-12 16:45:48 -04:00
marshmellow42	f168b2633b	MF Ultralight - Iceman's updates + mine Beginning of Ultralight additions. detection of Ultralight Types added dump command now auto detects type can authenticate Ultralight C	2015-04-29 18:27:31 -04:00
Martin Holst Swende	caaf9618ae	Minor mod to 'hf iclass read', it now also reads and prints the configuration of the tag found	2015-03-29 21:49:58 +02:00
marshmellow42	872e3d4d6f	NEW lf simpsk	2015-02-21 21:36:02 -05:00
marshmellow42	abd6112fc4	Revert "Revert "lf simask, lf simfsk and bug fixes"" This reverts commit `e396001c47`.	2015-02-19 21:35:34 -05:00
marshmellow42	e396001c47	Revert "lf simask, lf simfsk and bug fixes" This reverts commit `fb0c84c3df`.	2015-02-19 21:22:05 -05:00
marshmellow42	fb0c84c3df	lf simask, lf simfsk and bug fixes	2015-02-19 21:21:11 -05:00
Martin Holst Swende	7781a65656	Started work on 'hf iclass eload' - only client side so far, not yet supported in the device	2015-02-14 21:15:53 +01:00
Martin Holst Swende	31abe49fd3	Some more fixes to longer lf recordings. Now also supports longer snoops, and an additional command 'lf config' has been defined, instead of having to specify all params for every call	2015-01-30 23:03:44 +01:00
iceman1001	3fe4ff4f03	CHG: generic code clean up. Removal of commented code. CHG: USB_CMD_DATA_SIZE is now used as maxsize for transfer of data between client and pm3device CHG: suggested a fix for the underscore problem in ioclass\fileutils.c ADD: tnp3xx support ADD: nxp tag idents. ADD: identifiction of chinese backdoor commands to hf 14a reader.	2015-01-05 15:51:27 +01:00
Martin Holst Swende	c8dd9b092e	Some work on iclass dump and iclass list, now the dumping is a lot more stable. I think the comms should be measured and tuned a bit more, right now it kind of works thanks to retry-functionality, but the retries are probably not needed if we are a bit more careful about timing, so we don't send commands too fast for the tag to handle	2015-01-04 14:53:26 +01:00
marshmellow42	66707a3b3c	LF Demod bug fixes and add lf em em410xdemod fixed a few bugs in lf demod that the streamlining added. added new lf em em410xdemod command that loops until button pressed. (similar to lf hid fskdemod	2014-12-29 15:32:53 -05:00
Martin Holst Swende	aa41c6058a	Merged two iclass-reader functions into one to remove duplicated code, update loclass library with hash2 algo	2014-06-29 23:34:24 +02:00
Martin Holst Swende	3ad48540d4	Merge branch 'iclass-research' of https://github.com/PenturaLabs/proxmark3 into PenturaLabs-iclass-research Conflicts: README.txt armsrc/apps.h client/Makefile client/cmdhficlass.c client/cmdhficlass.h	2014-06-28 20:52:37 +02:00
iZsh	b014c96d68	new command "lf snoop" to snoop raw ADC values fpga/lo_read.v (lf_field): new argument. fpga/fpga_lf.v: modify accordingly. armsrc/apps.h (FPGA_MAJOR_MODE_LF_READER): Rename as FPGA_MAJOR_MODE_LF_ADC. armsrc/apps.h (FPGA_LF_ADC_READER_FIELD): New LF option. armsrc/lfops.c: Modify accordingly. client/cmdlf.c (CmdLFSnoop): New command. armsrc/appmain.c, armsrc/lfops.c, client/cmdlf.h, include/usb_cmd.h: Modify accordingly.	2014-06-21 21:33:54 +02:00
penturalabs	fecd8202a5	implemented 'hf iclass dump xxxx', all you need is the magic key to dump contents of an iclass card	2014-06-17 10:55:37 +01:00
penturalabs	c3963755b7	Implement replay command.	2014-04-15 11:47:01 +01:00
penturalabs	a1f3bb120f	Added Kantech ioProx Support	2014-03-18 20:52:48 +00:00
martin.holst@gmail.com	d2f487af9c	Various improvements on the Mifare1kSimulation. Fixed issue with tracebuffer not being cleared, fixed issue with 'static' errors, added modes for doing reader-only attack, added interactive mode, added possibility to set UID from cmdline, either 7-byte or 4-byte. See http://www.proxmark.org/forum/viewtopic.php?id=1529 and http://www.proxmark.org/forum/viewtopic.php?id=1649&p=3 for some more background and discussion	2014-01-31 21:17:34 +00:00
roel@libnfc.org	981bd4292e	integrated MIFARE ultralight features, contributed by 'midnitesnake'	2013-10-11 08:43:23 +00:00
martin.holst@gmail.com	7cf3ef203c	Patch by jonor for raw ISO 1444B commands. See http://www.proxmark.org/forum/viewtopic.php?id=1729 for more info	2013-09-01 18:41:05 +00:00
roel@libnfc.org	54a942b05d	merged all patches into CDC repository	2013-02-28 17:04:23 +00:00
roel@libnfc.org	28fdb04fd8	Finally, rewrote bootrom and flasher program, much faster now	2013-02-28 15:11:52 +00:00
roel@libnfc.org	9440213d6b	fixed 64-bit cmd/arg for windows	2012-12-09 13:00:19 +00:00
roel@libnfc.org	80501bad5b	tryout.... changed to 64-bit command arguments in stead of 32-bit	2012-12-07 22:41:41 +00:00
roel@libnfc.org	902cb3c00b	major USB update	2012-12-04 23:39:18 +00:00

1 2

91 commits