This commit is contained in:
iceman1001 2017-06-09 14:49:35 +02:00
commit de048b0436
17 changed files with 447 additions and 409 deletions

1
.gitignore vendored
View file

@ -1,6 +1,7 @@
# .gitignore # .gitignore
# don't push these files to the repository # don't push these files to the repository
.idea
.history .history
*.log *.log
*.eml *.eml

View file

@ -1,8 +1,9 @@
The iceman fork The iceman fork
=============== ===============
[![Build Status](https://travis-ci.org/iceman1001/proxmark3.svg?branch=master)](https://travis-ci.org/iceman1001/proxmark3) [![Coverity Status](https://scan.coverity.com/projects/5117/badge.svg)](https://scan.coverity.com/projects/proxmark3_iceman_fork) [![Latest release] (https://img.shields.io/github/release/iceman1001/proxmark3.svg)](https://github.com/iceman1001/proxmark3/releases/latest) [![Build Status](https://travis-ci.org/iceman1001/proxmark3.svg?branch=master)](https://travis-ci.org/iceman1001/proxmark3)[![Coverity Status](https://scan.coverity.com/projects/5117/badge.svg)](https://scan.coverity.com/project/proxmark3_iceman_fork)[![Latest release](https://img.shields.io/github/release/iceman1001/proxmark3.svg)](https://github.com/iceman1001/proxmark3/releases/latest)
##This fork is HIGHLY experimental (or bleeding edge)
## This fork is HIGHLY experimental and bleeding edge
## Donate ## Donate
https://paypal.me/iceman1001/ https://paypal.me/iceman1001/
@ -11,13 +12,10 @@ Feel free to donate. All support is welcome.
## Notice ## Notice
There is so much in this fork, with all fixes and additions its basically the most enhanced fork to this day for the Proxmark3 device. Which makes it so awesum to play with. Do please play with it. Get excited and experiment. As a side note with all coverity scan fixes this client is much more stable than PM3 Master even if I tend to break it sometimes. I'll try to make a release when this fork becomes stable between my experiments. There is so much in this fork, with all fixes and additions its basically the most enhanced fork to this day for the Proxmark3 device. Which makes it so awesum to play with. Do please play with it. Get excited and experiment. As a side note with all coverity scan fixes this client is much more stable than PM3 Master even if I tend to break it sometimes. I'll try to make a release when this fork becomes stable between my experiments.
##Official
The official Proxmark repository is found here: https://github.com/Proxmark/proxmark3
## Coverity Scan Config & Run ## Coverity Scan Config & Run
Download the Coverity Scan Self-buld and install it. Download the Coverity Scan Self-buld and install it.
You will need to configure ARM-NON-EABI- Compiler for it to use: You will need to configure ARM-NON-EABI- Compiler for it to use:
```
- Configure - Configure
`cov-configure --comptype gcc --compiler /opt/devkitpro/devkitARM/bin/arm-none-eabi-gcc` `cov-configure --comptype gcc --compiler /opt/devkitpro/devkitARM/bin/arm-none-eabi-gcc`
@ -28,6 +26,7 @@ You will need to configure ARM-NON-EABI- Compiler for it to use:
`tar czvf proxmark3.tgz cov-int` `tar czvf proxmark3.tgz cov-int`
- upload it to coverity.com - upload it to coverity.com
```
## Whats changed? ## Whats changed?
Whats so special with this fork? I have scraped the web for different enhancements to the PM3 source code and not all of them ever found their way to the master branch. Whats so special with this fork? I have scraped the web for different enhancements to the PM3 source code and not all of them ever found their way to the master branch.
@ -60,7 +59,7 @@ Among the stuff is
I don't actually know how to make small pull-request to github :( and that is the number one reason for me not pushing a lot of things back to the PM3 master. I don't actually know how to make small pull-request to github :( and that is the number one reason for me not pushing a lot of things back to the PM3 master.
Me fiddling with the code so much, there is a nightmare in merging a PR. Luckily I have @marshmellow42 who takes some stuff and push PR's back. Me fiddling with the code so much, there is a nightmare in merging a PR. Luckily I have @marshmellow42 who takes some stuff and push PR's back.
##Why don't you add nnnn or mmmm functionality? ## Why don't you add this or that functionality?
Give me a hint, and I'll see if I can't merge in the stuff you have. Give me a hint, and I'll see if I can't merge in the stuff you have.
## PM3 GUI ## PM3 GUI
@ -124,9 +123,9 @@ Further questions about Mac & Homebrew, contact @Chrisfu (https://github.com/c
I recently added a docker container on Docker HUB. You find it here: https://hub.docker.com/r/iceman1001/proxmark3/ I recently added a docker container on Docker HUB. You find it here: https://hub.docker.com/r/iceman1001/proxmark3/
Follow those instructions to get it up and running. No need for the old proxspace-environment anymore. Follow those instructions to get it up and running. No need for the old proxspace-environment anymore.
[1.6.0] How to start: https://www.youtube.com/watch?v=b5Zta89Cf6Q -[1.6.0] How to start: https://www.youtube.com/watch?v=b5Zta89Cf6Q
[1.6.0] How to connect: https://youtu.be/0ZS2t5C-caI -[1.6.0] How to connect: https://youtu.be/0ZS2t5C-caI
[1.6.1] How to flash: https://www.youtube.com/watch?v=WXouhuGYEiw -[1.6.1] How to flash: https://www.youtube.com/watch?v=WXouhuGYEiw
Recommendations: Use only latest container. Recommendations: Use only latest container.
@ -213,33 +212,14 @@ The Proxmark 3 device is available for purchase (assembled and tested) from the
* http://www.elechouse.com/ (new and revised hardware package 2015, located in China) * http://www.elechouse.com/ (new and revised hardware package 2015, located in China)
Enjoy!
##Enjoy
January 2015, Sweden
iceman at host iuse.se iceman at host iuse.se
January 2015, Sweden
## Note from Jonathan Westhues ## Note from Jonathan Westhues
Most of the ultra-low-volume contract assemblers could put
something like this together with a reasonable yield. A run of around
a dozen units is probably cost-effective. The BOM includes (possibly-
outdated) component pricing, and everything is available from Digikey
and the usual distributors.
If you've never assembled a modern circuit board by hand, then this is
not a good place to start. Some of the components (e.g. the crystals)
must not be assembled with a soldering iron, and require hot air.
The schematics are included; the component values given are not
necessarily correct for all situations, but it should be possible to do
nearly anything you would want with appropriate population options.
The printed circuit board artwork is also available, as Gerbers and an
Excellon drill file.
LICENSING: LICENSING:

View file

@ -1,17 +1,27 @@
os: Windows Server 2012 version: 1.0.{build}
platform: mingw environment:
qt: mingw492_32 global:
CYG_ROOT: C:\cygwin
CYG_MIRROR: http://cygwin.mirror.constant.com
CYG_CACHE: C:\cygwin\var\cache\setup
CYG_BASH: C:\cygwin\bin\bash
branches: init:
only: - cmd:
- master
install:
- set QTDIR=C:\Qt\5.5\mingw492_32 - set QTDIR=C:\Qt\5.5\mingw492_32
- set PATH=%PATH%;%QTDIR%\bin;C:\MinGW\bin - set PATH=%PATH%;%QTDIR%\bin;C:\MinGW\bin;C:\MinGW\msys\1.0\bin
- c:\cygwin\setup-x86.exe --quiet-mode --no-shortcuts --only-site --root "%CYG_ROOT%" --site "%CYG_MIRROR%" --local-package-dir "%CYG_CACHE%" --packages autoconf,automake,bison,gcc-core,gcc-g++,mingw-runtime,mingw-binutils,mingw-gcc-core,mingw-gcc-g++,mingw-pthreads,mingw-w32api,libtool,make,gettext-devel,gettext,intltool,libiconv,pkg-config,git,curl,libxslt,libreadline-devel,libreadline7 > NUL 2>&1'
before_build: - '%CYG_BASH% -lc "cygcheck -dc cygwin"'
- make clean - if not exist "make.zip" curl -L -o make.zip http://gnuwin32.sourceforge.net/downlinks/make-bin-zip.php
- if not exist "make-dep.zip" curl -L -o make-dep.zip http://gnuwin32.sourceforge.net/downlinks/make-dep-zip.php
build: - if not exist "gcc-arm-none-eabi.zip" curl -L -o gcc-arm-none-eabi.zip https://launchpad.net/gcc-arm-embedded/4.8/4.8-2014-q1-update/+download/gcc-arm-none-eabi-4_8-2014q1-20140314-win32.zip
- make all - if not exist "C:\strawberry" cinst strawberryperl #once I workout how to install Digest::SHA for perl, this won't be required
- set PATH=C:\strawberry\perl\bin;C:\strawberry\perl\site\bin;C:\strawberry\c\bin;%PATH%
- unzip -o -q gcc-arm-none-eabi.zip -d c:\gcc\
- unzip make.zip -d c:\gnuwin32\
- unzip make-dep.zip -d c:\gnuwin32\
- set PATH=C:\Program Files\git\bin;%PATH:C:\Program Files\git\bin;=% #move git to begining of PATH so find works correctly
- set PATH=%PATH%;c:\gnuwin32\bin;c:\gcc\bin
- set PATH=%PATH%;c:\gcc\bin
build_script:
- cmd: make all

View file

@ -7,7 +7,7 @@ include ../common/Makefile.common
CC = gcc CC = gcc
CXX = g++ CXX = g++
COMMON_FLAGS += -std=c99 -O3 -mpopcnt -march=native -g COMMON_FLAGS += -std=c99 -O3 -g
#VPATH = ../common ../zlib #VPATH = ../common ../zlib
OBJDIR = obj OBJDIR = obj
@ -20,7 +20,7 @@ LUAPLATFORM = generic
ifneq (,$(findstring MINGW,$(platform))) ifneq (,$(findstring MINGW,$(platform)))
LDLIBS += -L/mingw/lib -lgdi32 LDLIBS += -L/mingw/lib -lgdi32
CFLAGS += -I/mingw/include -D__USE_MINGW_ANSI_STDIO=1 CFLAGS += -I/mingw/include -D__USE_MINGW_ANSI_STDIO=1 -march=x86-64
CXXFLAGS = -I$(QTDIR)/include -I$(QTDIR)/include/QtCore -I$(QTDIR)/include/QtGui CXXFLAGS = -I$(QTDIR)/include -I$(QTDIR)/include/QtCore -I$(QTDIR)/include/QtGui
MOC = $(QTDIR)/bin/moc MOC = $(QTDIR)/bin/moc
LUAPLATFORM = mingw LUAPLATFORM = mingw
@ -46,6 +46,7 @@ else ifeq ($(platform),Darwin)
# OS X, QT5 detection needs this. # OS X, QT5 detection needs this.
export PKG_CONFIG_PATH=/usr/local/Cellar/qt5/5.6.1-1/lib/pkgconfig/ export PKG_CONFIG_PATH=/usr/local/Cellar/qt5/5.6.1-1/lib/pkgconfig/
CFLAGS += -march=native
CXXFLAGS = $(shell pkg-config --cflags QtCore QtGui 2>/dev/null) -Wall -O3 CXXFLAGS = $(shell pkg-config --cflags QtCore QtGui 2>/dev/null) -Wall -O3
QTLDLIBS = $(shell pkg-config --libs QtCore QtGui 2>/dev/null) QTLDLIBS = $(shell pkg-config --libs QtCore QtGui 2>/dev/null)
MOC = $(shell pkg-config --variable=moc_location QtCore) MOC = $(shell pkg-config --variable=moc_location QtCore)
@ -64,6 +65,7 @@ else ifeq ($(platform),Darwin)
LUAPLATFORM = macosx LUAPLATFORM = macosx
else else
CFLAGS += -march=native
CXXFLAGS = $(shell pkg-config --cflags QtCore QtGui 2>/dev/null) -Wall -O3 CXXFLAGS = $(shell pkg-config --cflags QtCore QtGui 2>/dev/null) -Wall -O3
QTLDLIBS = $(shell pkg-config --libs QtCore QtGui 2>/dev/null) QTLDLIBS = $(shell pkg-config --libs QtCore QtGui 2>/dev/null)
LUALIB += -ldl LUALIB += -ldl

View file

@ -834,9 +834,9 @@ int CmdHFiClassReader_Dump(const char *Cmd) {
ul_switch_off_field(); ul_switch_off_field();
memset(MAC,0,4); memset(MAC,0,4);
// AA2 authenticate credit key and git c_div_key - later store in dump block 4 // AA2 authenticate credit key and git c_div_key - later store in dump block 4
if (!select_and_auth(CreditKEY, MAC, c_div_key, true, false, false, false)){ if (!select_and_auth(CreditKEY, MAC, c_div_key, true, elite, rawkey, false)){
//try twice - for some reason it sometimes fails the first time... //try twice - for some reason it sometimes fails the first time...
if (!select_and_auth(CreditKEY, MAC, c_div_key, true, false, false, false)){ if (!select_and_auth(CreditKEY, MAC, c_div_key, true, elite, rawkey, false)){
ul_switch_off_field(); ul_switch_off_field();
return 0; return 0;
} }

View file

@ -24,8 +24,8 @@ int usage_legic_calccrc(void){
PrintAndLog(" c <8|16> : Crc type"); PrintAndLog(" c <8|16> : Crc type");
PrintAndLog(""); PrintAndLog("");
PrintAndLog("Samples:"); PrintAndLog("Samples:");
PrintAndLog(" hf legic crc b deadbeef1122"); PrintAndLog(" hf legic crc d deadbeef1122");
PrintAndLog(" hf legic crc b deadbeef1122 u 9A c 16"); PrintAndLog(" hf legic crc d deadbeef1122 u 9A c 16");
return 0; return 0;
} }
int usage_legic_rdmem(void){ int usage_legic_rdmem(void){
@ -678,8 +678,8 @@ int CmdLegicCalcCrc(const char *Cmd){
while(param_getchar(Cmd, cmdp) != 0x00) { while(param_getchar(Cmd, cmdp) != 0x00) {
switch(param_getchar(Cmd, cmdp)) { switch(param_getchar(Cmd, cmdp)) {
case 'b': case 'd':
case 'B': case 'D':
// peek at length of the input string so we can // peek at length of the input string so we can
// figure out how many elements to malloc in "data" // figure out how many elements to malloc in "data"
bg=en=0; bg=en=0;

View file

@ -1081,7 +1081,7 @@ int CmdHF14AMfChk(const char *Cmd) {
char filename[FILE_PATH_SIZE]={0}; char filename[FILE_PATH_SIZE]={0};
char buf[13]; char buf[13];
uint8_t *keyBlock = NULL, *p; uint8_t *keyBlock = NULL, *p;
uint8_t stKeyBlock = 20; uint16_t stKeyBlock = 20;
sector_t *e_sector = NULL; sector_t *e_sector = NULL;

View file

@ -1431,7 +1431,7 @@ static const uint64_t crack_states_bitsliced(statelist_t *p){
#endif #endif
if ( !lstate_p ) { if ( !lstate_p ) {
__sync_fetch_and_add(&total_states_tested, bucket_states_tested); __atomic_fetch_add(&total_states_tested, bucket_states_tested, __ATOMIC_SEQ_CST);
return key; return key;
} }
@ -1618,7 +1618,7 @@ out:
#endif #endif
} }
__sync_fetch_and_add(&total_states_tested, bucket_states_tested); __atomic_fetch_add(&total_states_tested, bucket_states_tested, __ATOMIC_SEQ_CST);
return key; return key;
} }
@ -1636,8 +1636,8 @@ static void* crack_states_thread(void* x){
if (keys_found) break; if (keys_found) break;
else if(key != -1) { else if(key != -1) {
if (TestIfKeyExists(key)) { if (TestIfKeyExists(key)) {
__sync_fetch_and_add(&keys_found, 1); __atomic_fetch_add(&keys_found, 1, __ATOMIC_SEQ_CST);
__sync_fetch_and_add(&foundkey, key); __atomic_fetch_add(&foundkey, key, __ATOMIC_SEQ_CST);
printf("*"); printf("*");
fflush(stdout); fflush(stdout);
break; break;

View file

@ -317,3 +317,37 @@ c5cfe06d9ea3,
c0dece673829, c0dece673829,
# #
a56c2df9a26d, a56c2df9a26d,
#
# Data from: https://pastebin.com/vbwast74
#
2031d1e57a3b,
68d3f7307c89,
9189449ea24e,
568c9083f71c,
53c11f90822a,
# Vigik Keys
# Various sources :
# * https://github.com/DumpDos/Vigik
# * http://newffr.com/viewtopic.php?&forum=235&topic=11559
# * Own dumps
021209197591,
22729a9bd40f,
2ef720f2af76,
38fcf33072e0,
424c41524f4e,
484558414354,
49fae4e3849f,
4a6352684677,
509359f131b1,
62d0c424ed8e,
66d2b7dc39ef,
6bc1e1ae547d,
6c78928e1317,
89347350bd36,
8ad5517b4b18,
8fa1d601d0a2,
a22ae129c013,
a6cac2886412,
aa0720018738,
e64a986a5d94,
bf1f4424af76,

View file

@ -4,6 +4,8 @@
000D8787, 000D8787,
# ref. http://kazus.ru/forums/showpost.php?p=1045937&postcount=77 # ref. http://kazus.ru/forums/showpost.php?p=1045937&postcount=77
05D73B9F, 05D73B9F,
# ref. http://www.proxmark.org/forum/viewtopic.php?=
89A69E60,
# Default pwd, simple: # Default pwd, simple:
00000000, 00000000,
11111111, 11111111,

View file

@ -242,6 +242,7 @@ static void set_my_executable_path(void)
my_executable_path[path_length] = '\0'; my_executable_path[path_length] = '\0';
my_executable_directory = (char *)malloc(dirname_length + 2); my_executable_directory = (char *)malloc(dirname_length + 2);
strncpy(my_executable_directory, my_executable_path, dirname_length+1); strncpy(my_executable_directory, my_executable_path, dirname_length+1);
my_executable_directory[dirname_length+1] = '\0';
} }
} }
} }

View file

@ -296,6 +296,7 @@ function file_check(file_name)
if file_found==nil then if file_found==nil then
return false return false
else else
file_found:close()
return true return true
end end
end end
@ -339,14 +340,13 @@ end
function getInputBytes(infile) function getInputBytes(infile)
local line local line
local bytes = {} local bytes = {}
local fhi,err = io.open(infile) local fhi,err = io.open(infile,"rb")
if err then oops("faild to read from file ".. infile); return false; end if err then oops("faild to read from file ".. infile); return false; end
while true do
line = fhi:read() file_data = fhi:read("*a");
if line == nil then break end for i = 1, #file_data
for byte in line:gmatch("%w+") do do
table.insert(bytes, byte) bytes[i] = string.format("%x",file_data:byte(i))
end
end end
fhi:close() fhi:close()
if (bytes[7]=='00') then return false end if (bytes[7]=='00') then return false end
@ -507,8 +507,8 @@ function readFromPM3()
local tag, bytes, infile local tag, bytes, infile
infile="legic.temp" infile="legic.temp"
core.console("hf legic reader") core.console("hf legic reader")
core.console("hf legic save "..infile) core.console("hf legic esave "..infile)
tag=readFile(infile) tag=readFile(infile..".bin")
return tag return tag
end end

View file

@ -534,9 +534,11 @@ void xor(unsigned char * dst, unsigned char * src, size_t len) {
int32_t le24toh (uint8_t data[3]) { int32_t le24toh (uint8_t data[3]) {
return (data[2] << 16) | (data[1] << 8) | data[0]; return (data[2] << 16) | (data[1] << 8) | data[0];
} }
#ifndef ANDROID
uint32_t le32toh (uint8_t *data) { uint32_t le32toh (uint8_t *data) {
return (uint32_t)( (data[3]<<24) | (data[2]<<16) | (data[1]<<8) | data[0]); return (uint32_t)( (data[3]<<24) | (data[2]<<16) | (data[1]<<8) | data[0]);
} }
#endif
// Pack a bitarray into a uint32_t. // Pack a bitarray into a uint32_t.
uint32_t PackBits(uint8_t start, uint8_t len, uint8_t* bits) { uint32_t PackBits(uint8_t start, uint8_t len, uint8_t* bits) {

View file

@ -31,6 +31,10 @@
#include <windows.h> #include <windows.h>
#endif #endif
#ifdef ANDROID
#include <endian.h>
#endif
#ifndef BITMASK #ifndef BITMASK
# define BITMASK(X) (1 << (X)) # define BITMASK(X) (1 << (X))
@ -146,7 +150,9 @@ extern void wiegand_add_parity(uint8_t *target, uint8_t *source, uint8_t length)
extern void xor(unsigned char * dst, unsigned char * src, size_t len); extern void xor(unsigned char * dst, unsigned char * src, size_t len);
extern int32_t le24toh (uint8_t data[3]); extern int32_t le24toh (uint8_t data[3]);
#ifndef ANDROID
extern uint32_t le32toh (uint8_t *data); extern uint32_t le32toh (uint8_t *data);
#endif
extern uint32_t PackBits(uint8_t start, uint8_t len, uint8_t* bits); extern uint32_t PackBits(uint8_t start, uint8_t len, uint8_t* bits);
extern void rol(uint8_t *data, const size_t len); extern void rol(uint8_t *data, const size_t len);
extern uint32_t SwapBits(uint32_t value, int nrbits); extern uint32_t SwapBits(uint32_t value, int nrbits);

View file

@ -65,8 +65,8 @@ endif
# uncomment these two; to fix 256 vs 512kb PM3 devices # uncomment these two; to fix 256 vs 512kb PM3 devices
# flashing bootrom -b is needed # flashing bootrom -b is needed
APP_CFLAGS += -DHAS_512_FLASH #APP_CFLAGS += -DHAS_512_FLASH
COMMON_FLAGS += -DHAS_512_FLASH #COMMON_FLAGS += -DHAS_512_FLASH
# Also search prerequisites in the common directory (for usb.c), the fpga directory (for fpga.bit), and the zlib directory # Also search prerequisites in the common directory (for usb.c), the fpga directory (for fpga.bit), and the zlib directory
VPATH = . ../common ../fpga ../zlib VPATH = . ../common ../fpga ../zlib
@ -99,7 +99,7 @@ $(VERSIONOBJ): $(OBJDIR)/%.o: %.c $(INCLUDES)
# See ldscript.common. -- Henryk Plötz <henryk@ploetzli.ch> 2009-08-27 # See ldscript.common. -- Henryk Plötz <henryk@ploetzli.ch> 2009-08-27
OBJCOPY_TRANSLATIONS = --no-change-warnings \ OBJCOPY_TRANSLATIONS = --no-change-warnings \
--change-addresses -0x100000 --change-start 0 \ --change-addresses -0x100000 --change-start 0 \
--change-section-address .bss+0 --change-section-address .data+0 \ --change-section-address .bss+0 --change-section-address .data-0x100000 \
--change-section-address .commonarea+0 --change-section-address .commonarea+0
$(OBJDIR)/%.s19: $(OBJDIR)/%.elf $(OBJDIR)/%.s19: $(OBJDIR)/%.elf
$(OBJCOPY) -Osrec --srec-forceS3 --strip-debug $(OBJCOPY_TRANSLATIONS) $^ $@ $(OBJCOPY) -Osrec --srec-forceS3 --strip-debug $(OBJCOPY_TRANSLATIONS) $^ $@

View file

@ -199,7 +199,7 @@ static void buffreplace (LexState *ls, char from, char to) {
#if ANDROID #if ANDROID
#define getlocaldecpoint() '.' #define getlocaledecpoint() '.'
#elif !defined(getlocaledecpoint) #elif !defined(getlocaledecpoint)
#define getlocaledecpoint() (localeconv()->decimal_point[0]) #define getlocaledecpoint() (localeconv()->decimal_point[0])
#endif #endif