McEloff
0189bb70d7
Merge branch 'master' into mf_sim_ac_fix
2019-07-19 16:32:45 +03:00
Eloff
0b38c23ed3
'hf mf sim' - wrong access rights to write key B in trailer; typo; simple code optimization
2019-07-19 16:27:08 +03:00
Philippe Teuwen
8e6258936c
make style
2019-07-19 13:18:35 +02:00
merlokk
6e15d6521d
Merge branch 'master' of github.com:merlokk/proxmark3i into apdu_armside
2019-07-18 17:44:50 +03:00
merlokk
e87abc9681
small fix apdu leds
2019-07-18 17:32:56 +03:00
merlokk
1e0433c1d7
now code can't use uninitialized fpga link and encoders/decoders
2019-07-18 17:11:04 +03:00
merlokk
87e183e664
small fix
2019-07-17 16:26:10 +03:00
merlokk
81fa3f20df
speed optimization
2019-07-17 16:22:14 +03:00
merlokk
67ad6298cd
added 14a send/receive arm timeout
2019-07-17 15:54:22 +03:00
Philippe Teuwen
1ebfa897c8
remove some cppcheck warnings
2019-06-12 06:41:23 -07:00
Philippe Teuwen
a55e597e36
make style
2019-06-07 21:40:33 +02:00
Philippe Teuwen
732bc766f9
Reduce some var scopes
2019-06-07 18:41:39 +02:00
Philippe Teuwen
4761ea13f7
MF_DBGLEVEL => DBGLEVEL (pm3 side)
2019-06-06 10:05:09 +02:00
Philippe Teuwen
3b12ba2e93
replace usb_poll_validate_length() by data_available() that supports USART too
2019-06-03 00:01:08 +02:00
iceman1001
58bed70ad0
chg: hf 14a sim - uses NG
2019-05-26 15:00:49 -04:00
iceman1001
b05796c7c4
chg: hf mf dbg\nchg: hf mf sim\nchg: hf 14a sim - uses NG
2019-05-26 13:42:27 -04:00
iceman1001
33c10f260d
chg: hf 14a sim / hf mf sim - check buttonpress/usb frame fewer times in order not to disrupt simulation (@McEloff)
2019-05-23 10:29:33 -04:00
Philippe Teuwen
62b0732a8c
Merge pull request #201 from McEloff/hf_14a_sim_comp_write
...
fix: 'hf 14a sim' ultralight COMPATIBLE_WRITE command,
2019-05-23 00:42:12 +02:00
Philippe Teuwen
522297896c
Use GetTickCountDelta everywhere
2019-05-23 00:39:50 +02:00
Eloff
0ec9323df0
PACK-response to EV1 PASSWORD request no more used as precompiled sequense
2019-05-23 01:30:23 +03:00
Eloff
49de1a1655
fix: 'hf 14a sim' ultralight COMPATIBLE_WRITE command,
...
chg: 'hf 14a sim' incoming commands length checks, reorder block conditions
2019-05-23 00:59:35 +03:00
iceman1001
088d34eb3e
chg: hf mf nack - keep sync if started without card over antenna
2019-05-15 08:20:04 -04:00
iceman1001
bfe2cff383
chg: hf mf nack - now uses NG
2019-05-15 07:47:46 -04:00
iceman1001
41acc98d87
mix
2019-05-15 12:03:00 +02:00
Philippe Teuwen
107b3873fb
fix 14a sniff timings by moving away debug msg
2019-05-09 15:24:41 +02:00
Philippe Teuwen
27f7057961
Rename few USB -> PM3 to avoid misleading interpretations
2019-04-30 21:10:11 +02:00
Iceman
bdf7746105
Merge pull request #175 from McEloff/hf14a
...
'hf 14a sim' more flexible init responses method
2019-04-29 22:52:05 +02:00
Eloff
b2d0bea05f
'hf 14a sim' more flexible init responses method
2019-04-26 13:22:57 +03:00
Philippe Teuwen
eababdd3ef
Merge branch 'master' into experimental_varlen
...
* master:
chg: 'hf mf sim' - textual
fix: warning on mingw64. This offset is calculated, casting it to u32 should be fine.
fix: https://github.com/RfidResearchGroup/proxmark3/issues/174 remove all offending code, return 1. Will only impact the speed of hardnested execution.
fix again OSX
fix https://github.com/RfidResearchGroup/proxmark3/issues/173
used predefined constants, common types moved to common header files
backward compatibility, on load converter for old mfu dump format
loops for counters output
UL/NTAG new dump file format. Added counters support, simulation
2019-04-25 20:05:04 +02:00
Eloff
66ee8dc09e
used predefined constants, common types moved to common header files
2019-04-23 21:14:20 +03:00
Eloff
a8c1fa7a3b
backward compatibility, on load converter for old mfu dump format
2019-04-23 17:07:20 +03:00
Eloff
db3103b531
UL/NTAG new dump file format. Added counters support, simulation
2019-04-21 03:18:00 +03:00
Philippe Teuwen
482db05741
Rename few stuff for consistency
2019-04-18 12:49:51 +02:00
Philippe Teuwen
4e31c6110b
Better Command structs
2019-04-18 00:12:52 +02:00
Philippe Teuwen
be15ad7fec
Viva la revolucion
2019-04-17 21:30:01 +02:00
iceman1001
e5928424b6
style
2019-04-16 15:08:51 +02:00
iceman1001
6803e6d1c0
style
2019-04-13 01:43:22 +02:00
Eloff
249352a1e7
'hf mf sim' + 'hf 14a sim' now back to stable
2019-04-09 23:57:10 +03:00
Eloff
f13f7f4cbb
Pull request #145 . Next part of changes
2019-04-08 19:15:15 +03:00
McEloff
4588384587
Merge branch 'master' into temp
2019-04-08 10:26:30 +03:00
Philippe Teuwen
9c3a520300
iso14443a_select_card resp_data -> p_card
2019-04-07 12:18:20 +02:00
iceman1001
4856252912
styles
2019-04-07 11:39:49 +02:00
Philippe Teuwen
a52a0bf537
args names
2019-04-06 20:21:03 +02:00
Philippe Teuwen
41f36ca20b
make style
2019-04-06 19:09:01 +02:00
vratiskol
0578e19fba
Merge remote-tracking branch 'upstream/master' into hf_mf_sim
2019-04-05 03:48:25 +02:00
Eloff
791ff18381
'hf mf sim' - bugs fix, refactoring
2019-04-05 00:15:55 +03:00
Eloff
19cf50a6ff
Mifare Ultralight/NTAG simulation. Add WRITE and COMPATIBLE_WRITE support
2019-04-03 22:26:18 +03:00
vratiskol
1c77185fb9
Merge remote-tracking branch 'upstream/master' into hf_mf_sim
2019-04-03 01:48:46 +02:00
Philippe Teuwen
db4aa08b78
make style
2019-03-28 14:19:41 +01:00
iceman1001
459835b5ca
fix: 'hf mf sim' - Mifare simulation now works against Android etc. Thanks to @eloff
2019-03-27 15:29:45 +01:00
vratiskol
3b06c9d8ee
Merge remote-tracking branch 'upstream/master' into hf_mf_sim
2019-03-21 20:46:56 +01:00
iceman1001
ca9061bd32
changed byte_t -> uint8_t
2019-03-21 15:19:18 +01:00
vratiskol
c2c4aac7ff
Merge remote-tracking branch 'upstream/master' into hf_mf_sim
2019-03-18 21:51:29 +01:00
iceman1001
e925dc9f7a
clean
2019-03-17 21:53:26 +01:00
iceman1001
ca24b7ae74
chg: 'hf 14a sim' - send 4bit ACK/NACK responses
2019-03-17 21:52:14 +01:00
vratiskol
cfe2b2797e
Revert "Merge branch 'master' into hf_mf_sim"
...
This reverts commit cbea5d9d02
, reversing
changes made to b66152feb2
.
2019-03-15 21:45:00 +01:00
vratiskol
cbea5d9d02
Merge branch 'master' into hf_mf_sim
2019-03-15 21:17:44 +01:00
vratiskol
6a52b6074f
Sync from Upstream
2019-03-15 21:17:07 +01:00
vratiskol
64c3ae8b34
hf mf sim
2019-03-15 21:04:25 +01:00
Philippe Teuwen
3807848171
fix DetectNACKbug: sync_cycles is signed
2019-03-12 23:37:53 +01:00
Philippe Teuwen
961d929f4d
changing {} style to match majority of previous style
2019-03-10 11:20:22 +01:00
Philippe Teuwen
0373696662
make style
2019-03-10 00:00:59 +01:00
Philippe Teuwen
8a7c6825b5
armsrc: fix mix of spaces & tabs
2019-03-09 20:34:41 +01:00
Philippe Teuwen
60f292b18e
remove spurious spaces & tabs at end of lines
2019-03-09 08:59:13 +01:00
merlokk
69f3e65dd0
fix memmove if len=0
2019-02-05 18:39:03 +02:00
merlokk
0e5d896893
fix endless loop
2019-02-05 18:27:48 +02:00
merlokk
cf21f046d8
arm side
2019-01-30 18:15:47 +02:00
merlokk
1b3d96ab2d
add apdu chaining to arm side
2019-01-29 19:30:15 +02:00
iceman1001
2612cd006a
CHG: bigbuf adaptations
2019-01-09 12:00:06 +01:00
iceman1001
3ae871f534
CHG: 'hf 14a antifuzz' - original implementation by @asfabw, reworked a bit - WORK IN PROGRESS -
2019-01-07 09:32:16 +01:00
merlokk
0cfa47e628
merged iso14 arm side
2018-11-08 20:29:08 +02:00
Chris
abdd51b6b3
chg: 'hf mf sim' led
2018-06-23 06:31:42 +02:00
iceman1001
110a7b28cb
chg: 'hf 14a sim' - possibility to simulate FM11RF005SH (@maozhenyu123)
...
chg: 'hf 14a info' - tag identification for FM11RF005SH (@maozhenyu123)
Fudan FM11RF005SH , has 512bit mem, 16blocks w 4bytes / block.
Support REQA, READ, WRITE, AUTH. Unknown how the auth is done.
The ATQA/SAK , or a trace from one of these tags would be intersting to look at.
2018-05-06 09:24:28 +02:00
iceman1001
3f5aab8f05
chg: preparing for iso7816 module statuses
2018-04-03 11:45:20 +02:00
iceman1001
802994d30a
add: 'hf 14 antifuzz' - the outline for the new functionality which fuzzes the anticollision phase ISO 14443a.
2018-02-28 13:21:47 +01:00
iceman1001
fe34cac012
FIX: 'hf mf darkside' - no more WDT crashes. plus positive sideeffects (@pwpiwi)
...
https://github.com/Proxmark/proxmark3/pull/569
2018-02-08 19:11:35 +01:00
iceman1001
374571046d
remove debug..
2018-02-07 20:12:16 +01:00
iceman1001
aee5fcb24a
debugs
2018-02-07 17:22:23 +01:00
iceman1001
3464fbe1df
fix 'hf mf darkside' - adapted solution from @pwpivi
2018-02-05 20:46:14 +01:00
iceman1001
fca1c9b7cf
chg: 'hf mf mifare' - (deviceside) reset cycles when negative or too large
2018-02-05 16:47:10 +01:00
iceman1001
52d69ed4ee
CHG: refactor CRC16 algos. This is a big change, most likely some parts broke, hard to test it all.
2018-02-01 15:19:47 +01:00
iceman1001
c6207d09e1
chg: 'hf felica reader' is better, almost working good
2018-01-30 03:29:37 +01:00
iceman1001
ede55a1498
add: fast 8bit reversal.
2018-01-27 22:20:56 +01:00
iceman1001
be82f9f018
DEL: 'hf mf sniff' - since it is very similar to 'hf 14a sniff' , I removed this command. The desired functionality will become a new 'hf list mf' option in the future.
2018-01-18 14:11:22 +01:00
iceman1001
b4afc8cdc4
fix: 'hf mf sniff' - @merlokk 's adjustments
2018-01-17 00:28:40 +01:00
iceman1001
5ee4eeb84b
chg: 'hf mf sim' wrong debuglevel for message
2018-01-11 22:08:02 +01:00
iceman1001
05b62d0b3d
syntax sugar
2018-01-05 17:40:07 +01:00
iceman1001
594e4fe169
fix: (@pwpivi) fa85b08504
2017-12-12 15:49:43 +01:00
iceman1001
0e96c72476
fix: wupe timing (@pwpiwi) 7c7327e7c8
2017-12-10 20:02:51 +01:00
iceman1001
71fa461403
fix: timeout issues with checkkeys etc
2017-12-10 11:38:26 +01:00
iceman1001
0430b84f65
CHG: 'hf 14a sim', 'hf mf sim' - now uses weak PRNG from Crypto1 as nonce generation.
2017-12-07 15:21:06 +01:00
iceman1001
44280abf62
chg: reverting back to more or less offical pm3 version.
2017-12-07 15:02:15 +01:00
iceman1001
e94ceecb79
chg: 'hf mf mifare' - my darkside attack has been buggy last months. This reverts back to offical pm3.
2017-12-06 21:53:11 +01:00
iceman1001
2e35725f2f
chg: 'hf mf mifare' - the darkside attack works bad...
2017-12-06 01:09:12 +01:00
iceman1001
56dbf3ea15
chg: 'hf mf nack' - adjustments in return values..
...
add: 'hf 14a info -n' added new parameter, to enable test for nack bug.
2017-12-06 00:34:57 +01:00
iceman1001
e5f92935a1
chg: more adjustments
2017-12-06 00:17:49 +01:00
iceman1001
0c0e20eb06
chg: adjustments
2017-12-06 00:12:15 +01:00
iceman1001
6a028bdd18
fix: 'hf mf nack' - now does it better..
2017-12-06 00:03:34 +01:00
iceman1001
0a1a48df01
chg: 'hf mf nack' - extracted in into mifarehost for easier usage in other cmds like
...
'hf 14a info'
chg: 'hf mf nack' - changes on devices side from @doegox Thanks!
2017-12-05 23:34:52 +01:00
iceman1001
db82738527
chg: 'hf mf mifare' - warning if select card failed but continue searching
...
chg: 'hf mf nack' - warning if select card failed but continue searching
2017-12-05 18:18:20 +01:00
iceman1001
8b3ff03599
chg: 'hf mf nack' - cleaning up
2017-12-05 18:14:19 +01:00
iceman1001
a43f156370
chg: 'hf mf nack' - minor
2017-12-05 18:04:21 +01:00
iceman1001
6e5038f224
chg: 'hf mf nack' - only test all 256 parities for one nonce when synced.
...
0 nack = has not bug.
1 nack == has bug
x nacks == most likely a clone card which answers nack to all requests.
2017-12-05 17:57:44 +01:00
iceman1001
ba4df1b9fc
chg: 'hf mf nack' - trace on.
2017-12-05 13:25:16 +01:00
iceman1001
08193fd2e5
chg: getting crazy out of sync when running against magic cards.
2017-12-05 12:30:40 +01:00
iceman1001
984a26370d
chg: 'hf mf nack' better output
2017-12-05 11:53:42 +01:00
iceman1001
4289846383
chg
2017-12-05 11:39:31 +01:00
iceman1001
a2ba749a04
chg...
2017-12-05 11:37:10 +01:00
iceman1001
0e9a0d4b71
chg: remove unused vars
2017-12-05 11:35:07 +01:00
iceman1001
4f3e9f0f1f
chg: 'hf mf nack' - loop three times. change nonce
2017-12-05 11:33:32 +01:00
iceman1001
355572826a
chg: this debug statement interups with all other printouts.
2017-12-05 11:01:05 +01:00
iceman1001
ea6136456c
chg: 'hf mf nack' - use faster iso select
2017-12-05 10:52:53 +01:00
iceman1001
e02e145fae
draft for a Mifare classic NACK bug detection.
...
the idea is to have a statistically solid conclusion if tag does or does not have the NACK bug.
-in short, ref https://github.com/iceman1001/proxmark3/issues/141
NACK bug; when a tag responds with a NACK to a 8 byte nonce exchange during authentication when the bytes are wrong but the parity bits are correct.
This is a strong oracle which is used in the darkside attack.
2017-12-04 19:36:26 +01:00
iceman1001
2c7930d178
fix: missing.
2017-11-25 10:22:47 +01:00
iceman1001
9d4d8b6e2c
chg: iso14443a timeouts, (@pwpiwi)
...
chg: apdu prolonged timeout (@merlokk)
2017-11-25 10:11:37 +01:00
iceman1001
92f37c4c22
chg: 'apdu' @merlokk changes
...
chg: @piwi's changes to timing
chg: @piwi's changes to rats.
2017-11-11 22:39:13 +01:00
iceman1001
2fc88b924d
CHG: increased time to powerup tag
2017-10-12 15:14:41 +02:00
iceman1001
2ca0ea8cb4
ADD: 'hf mf fastchk' - new command, improved check keys functionality. It uses a bunch of techniques to get a speedup.
...
Using a dictionary file with 421keys,
Current implementation of checkkeys takes 300 sec.
This implementation of checkkeys takes 250 sec.
I implemented it as a separate command so it will be easier to compare between the old and new checkkeys.
Its also doing much on deviceside, which is a step to much funnier standalone modes :))
2017-10-05 16:00:56 +02:00
iceman1001
a4b4a1a9a2
FIX: iso-14443a RATS optional (piwi)
2017-10-01 22:06:06 +02:00
iceman1001
f21555b1b2
fix: stack corruptions. keep it simple. (coverty scan 170498, 170497, 170496)
2017-09-05 10:10:24 +02:00
iceman1001
292a4ca602
'hf 14b sniff' - removed stuff which wasn't very useful. cleaner now. Not sure if it works :(
...
'hf iclass sniff' - playing with this one. Don't expect it to work yet :(
- increase dma_buffer_size to 256
- moved initialization to a own function. Just looks cleaner :)
- change the debug output to follow MF_DBGLEVEL
'hf mf sniff' - unnecessary cast removed
2017-08-27 19:41:24 +02:00
iceman1001
94f70caa7a
when you need to add too much changes at the same time...
...
fix: 'hf mf hardnested' test cases doesn't need to verify key.
add: 'hf mf ' - collect nonces from classic tag.
chg: switch_off on armside, a more unified way, so we don't forget to turn of the antenna ...
chg: renamed 'hf iclass snoop' into 'hf iclass sniff' in an attempt to make all sniff/snoop commands only SNIFF
chg: 'standalone' -> starting the work of moving all standalone mods into a plugin kind of style, in its own folder.
2017-08-26 12:57:18 +02:00
iceman1001
269b89373d
chg: testing another loop style
2017-08-21 17:18:24 +02:00
iceman1001
24d332fac7
fixes..
2017-07-11 18:27:59 +02:00
iceman1001
cdc0f15104
FIX: playing with some delays.
2017-07-11 17:40:29 +02:00
iceman1001
5f18400cbe
FIX: 'hf iclass reader' marshmellows fixes.
...
CHG: removing some #define TRUE
2017-07-07 12:38:49 +02:00
iceman1001
a7e677061a
FIX: 'hf 14a sim' - mifare ul-ev1 simulation didn't follow protocol, (thanks to @Vyacheslav for pointing it out)
...
ref: https://github.com/iceman1001/proxmark3/issues/110
FIX: 'hf 14a raw' - zero lenth commands and AppendCrc14443a doesn't work well together.
FIX: 'hf 14a raw' - made clear comments and making params comparing as it should be.
FIX: 'hf 14a raw' - when selecting tag, and it failed, the PM3 device was left with antenna on. This has now been fixed as it turns off antenna and leds.
2017-06-26 21:36:56 +02:00
iceman1001
8eeb3c6a0b
CHG: And that should be everything cleaned up with unneed functions and calls.
2017-03-06 11:53:55 +01:00
iceman1001
7dfa1b021e
CHG: breaking, forgot some..
2017-03-06 11:50:26 +01:00
iceman1001
00baf27097
FIX: since the correctionNeeded logic changed, with PR #87 ( https://github.com/iceman1001/proxmark3/pull/87 ) this is the consequence changes to it.
2017-03-06 11:27:15 +01:00
Timo Hirvonen
17ab9dcca0
Improved logic for determining the correct Frame Delay Time (FDT) value based on the last bit transmitted by the PCD
2017-03-06 11:39:12 +02:00
iceman1001
99136c6eef
CHG: finalized the merge between peter filmoores 14atagfuzz branch (emv). I seriously doubt anything works.
2017-03-01 21:51:23 +01:00
iceman1001
d24026ade8
BUG: forgot to remove
2017-02-25 23:14:55 +01:00
iceman1001
d32691f1da
FIX: hf mf sim
- authentication works again.
...
CHG: `lf em`- renamed.
CHG: removed functionality in whereami.c, not needed.
2017-02-25 23:00:20 +01:00
iceman1001
60ca588725
syntax sugar
2017-02-06 00:51:06 +01:00
iceman1001
4401050bcc
ADD: 'hf standalone 14a mode", added "mifare 4k" detection.
...
ADD: 'hf 14a sim' - added mifare 4k simulation.
2017-02-01 14:41:06 +01:00
iceman1001
16cfceb689
CHG: rename a local scope variable "data"->"cmd"
...
CHG: call params to selectcard too few
CHG: 'standalone HF mode' - when copying second UID onto data array, it should append after first one, not over the first one.
ref: https://github.com/iceman1001/proxmark3/issues/77 Lets see if this fixes the HF part of this issue
2017-02-01 12:50:54 +01:00
iceman1001
84bdbc1917
FIX: 'hf 14a sim x' - adjusted and shows messages when verbose.
...
FIX: 'hf mf sim x i' - same as above.
In general we only use Moebius attack for "sim x", that means a clean up on device side code. simpler to understand. It still tries to gather 8 different collections of nonces combo. When one is complete, it get sent to client which runs moebius direct.
2017-01-29 23:09:23 +01:00
iceman1001
7e735c1398
FIX: 'hf 14a sim x' - this fixes the error with using moebius attack and sim. Updating the nonce variable doesn't change the premodulated response. And it should update everytime it gets a command. One concering issue is that this takes time. Successfully works with two PM3. One acting reader, another sim.
2017-01-29 11:29:15 +01:00
iceman1001
e99acd00cc
CHG: the mifare Auth command can make use of a random nonce aswell.
...
CHG: since sim commands are timing critical, I'm testing a smaller prand prng function from Intel
2017-01-29 10:41:48 +01:00
iceman1001
bf5d7992ce
ADD: @micolous random nonce, adjusted to fit in. Icemanfork only uses Moebius attack, so no need for an extra parameter in client.
...
ref: https://github.com/Proxmark/proxmark3/pull/209
2017-01-26 14:21:51 +01:00
iceman1001
0f7279b22d
syntax sugar
2017-01-21 11:33:14 +01:00
iceman1001
dd83c4572b
CHG: coverity complains about not reading the value from mifare_send_short
...
CHG: ubuntu 14.04 gcc4.8.4 complains about mem_avail still. Don't know why.
2017-01-09 22:15:36 +01:00
iceman1001
5fba8581f4
CHG: the reset of pcb_num should be before untraditional tags return.
2016-11-16 17:43:08 +01:00
iceman1001
30daf914ce
FIX: looping logic error, doesn't need to increase with 1, if we do 8 checks every turn...
2016-10-28 13:06:34 +02:00
Michael Farrell
b6e05350b2
hf mf sim: Multiple fixes (iceman1001/proxmark3 #45 )
...
- Fix `hf mf sim` to use nonce_t structures, so key recovery works
- Increases verbosity on the key recovery functionality
- Fix use-after-free for k_sector
- Add help info on `e` option to `hf mf sim`
2016-10-22 21:53:53 +11:00
iceman1001
d5bded10e2
CHG: lowered the timout again, but re-added the spindelay since 14a requires 5ms powerup before entering the idle-state where tag starts to listen.
...
CHG: fix the ticks compare xx > 1 into xx >= 1
2016-09-23 23:23:17 +02:00
iceman1001
f885043422
FIX: "hf 14a read" / "hf mf *" / "hf mfdes info" and failure when calling these commands serveral times in row.
...
For long transactions the sspclock compare with >1 instead of >=1 .. Now the timer resets properly.
CHG: use some #define constants for iso-commands.
2016-09-23 21:28:07 +02:00
iceman1001
be818b1417
FIX: Forget that the prng was 0x8000 length and not 0xFFFF. Sorry. Also returned to the decomposed loop. Don't know if this armsrc optimises this at compilation time. Does someone know?
...
CHG: returned the iso14443a_setup order, it might influence my older PM3 device.
*Note* my Elechouse revisions PM3 works great with this but my older xpfga (green pcb) is hopeless. It can't fix onto the nonces in 'hf mf mifare' I think its too slow.
2016-08-31 19:17:39 +02:00
iceman1001
ed8c2aeb63
CHG: forgot a semicolon...
2016-08-24 15:05:10 +02:00