This implements the attack described in
Carlo Meijer, Roel Verdult, "Ciphertext-only Cryptanalysis on Hardened
Mifare Classic Cards" in Proceedings of the 22nd ACM SIGSAC Conference on
Computer and Communications Security, 2015
It uses precomputed tables for many bitflip properties (not only two as in the paper)
and is therefore quite efficient. To prevent failing it doesn't do
differential analysis with several nonce bytes' Sum(a8) properties (each of them
may be wrongly guessed) - instead it concentrates on one nonce byte and tries all
Sum(a8) property guesses sequentially (ordered by probability). The brute force phase
makes use of aczid's bit sliced brute forcer (https://github.com/aczid/crypto1_bs).
Includes runtime CPU-detection to leverage modern (and old) SIMD instructions
with a single executable.
- indicate compliance with USB release 2.0
- set correct vendor and product IDs
- indicate power consumption (500mA)
- add String Descriptor 0 indicating supported languages
- add String Descriptors for Manufacturer and Product
to ui_overlays.h
add ui_overlays.h to .gitignore
should now compile to whatever qt version you have. (as long as it is
compatible with the overlays.ui file...)
Submitting a well documented Lua script whose purpose is to do
bulk, repeated, sequential programming of RFID tags. Could be useful
for users of the ACCX Open Access 4.0 or other simple RFID systems.
Tags programmed with this would potentially be vulnerabile to bisection
attacks, etc... But honestly, they likely would have been anyway.
To use run from within the proxmark3 client:
```
proxmark3> script run lf_bulk_program.lua -b 1000 -c 5 -f 23
--- Executing: lf_bulk_program.lua, args '-b 1000 -c 5 -f 23'
Press enter to program card 1000:23 (hex: 0020042e07d1)
Cloning tag with ID 20042e07d1
Press enter to program card 1001:23 (hex: 0020042e07d2)
Cloning tag with ID 20042e07d2
Press enter to program card 1002:23 (hex: 0020042e07d4)
Cloning tag with ID 20042e07d4
Press enter to program card 1003:23 (hex: 0020042e07d7)
Cloning tag with ID 20042e07d7
Press enter to program card 1004:23 (hex: 0020042e07d8)
Cloning tag with ID 20042e07d8
-----Finished
```
also fixed a save_restore issue with grid alignments
now save_restoreGB() saves/restores offset values
added macro enumeration of SAVE vs RESTORE for save_restore commands.
add demod data to graph.
some bugs are known:
if you close the graph window data plot will not bring it back.
exiting the application without closing the widget form results in
error.
autocorrect graph y labels are ugly
form has old askdemod tab.
sticky button purpose not defined/labeled well.
doesn't clear s_Buff when new graph loaded or sampled.
probably more...
* Compatibility fixes for Qt5
- make Qt detection in client/Makefile independent of OS
- added -std=c++11 and -fPIC as compiler options (required by some Qt versions, breaks compiling with old ProxSpace environment)
add parameter for # bits to read
auto get samples after lf read/snoop (don't need to do a `data samples`
anymore)
add safe function to get DemodBuffer
add some lf demod comments and apply new lf_read function instead of
read then get samples.
fixed output bug in lf t55xx config print
fixed small bug in lf t55xx detect during ST check
