RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-01-06 16:27:22 +08:00
Code Issues Projects Releases Packages Wiki Activity
4912 commits 3 branches 15 tags 87 MiB
Commit graph

221 commits

Author SHA1 Message Date
Philippe Teuwen
0373696662 make style 2019-03-10 00:00:59 +01:00
Philippe Teuwen
9502b54aa0 include: fix mix of spaces & tabs 2019-03-09 18:41:30 +01:00
iceman1001
29adb88f32 fix: use correct define 2019-03-09 11:49:56 +01:00
Philippe Teuwen
60f292b18e remove spurious spaces & tabs at end of lines 2019-03-09 08:59:13 +01:00
merlokk
3b21b17509 move mifare stuff to its folder 2019-02-21 19:15:46 +02:00
merlokk
cf21f046d8 arm side 2019-01-30 18:15:47 +02:00
merlokk
1b3d96ab2d add apdu chaining to arm side 2019-01-29 19:30:15 +02:00
iceman1001
f215ebef80 Refactored 'lf t55xx brute', split it up into two commands. 
- lf t55xx brute  (tries bruteforcing a range of pwds
- lf t55xx chk    (uses dictionary file or RDV4 flashmem)

FIX: adjust lf sim (@marshmellow42)  see 7008cf9c15
"attempt to speed up the loops waiting for carrier signal to go high or low
by only checking for a halt (button press or usbpol) every 256th loop
iteration. some users were experiencing modulating reactions to be too slow.

ADD: 'lf t55xx chk'
It uses @marshmellows42 idea behind commit  (6178b085a0)
With calculating a baseline (read block0 32times and average the signal-ish) and sampling only 1024 signal data. The algo then proceeds to calc the average and keep track of the candidate which is given the most difference in signal data average value.    I do some squaring and shifting for this.
The candidate is then send back to client to be tested properly with  trymodulation like before.

This seems to work good on t55xx card which has a ASK configuration.

WORK-IN-PROGRESS
 2019-01-11 14:46:27 +01:00
iceman1001
0dee369a58 FIX: 'hf tune' - now works... 2019-01-06 20:28:23 +01:00
iceman1001
0fb0c35308 CHG: 'mem load' - the possibility to upload default_iclass_keys.dic, default_keys.dic, default_pwd.dic to predefined flashmemory sections. These will be used in pwd / key checking algorithms on device. 
CHG: 'script run read_pwd_mem.lua' - script now can print those uploaded dictionary files.

How to upload
pm3 --> mem load f default_iclass_keys i
pm3 --> mem load f default_keys m
pm3 --> mem load f default_pwd t

How to validate / view
PM3 -->scr run read_pwd_mem -o 237568 -k 8
pm3 -->scr run read_pwd_mem -o 241664 -k 6
pm3 -->scr run read_pwd_mem -o 245760 -k 4
 2019-01-01 18:01:40 +01:00
merlokk
f32088e25c fix states and get rid of INS code in receive (that code checks by controller) 2018-12-18 14:33:28 +02:00
merlokk
1941b9ca8b sdd sc raw t0 2018-12-17 23:48:05 +02:00
Chris
73230c8d15 chg: 'trace list 7816' - missing command 
chg: 'sc raw' - inverted select logic
 2018-11-13 22:29:33 +01:00
Chris
dc67b5d7c9 chg: revert fpga_major mode in LF. 
chg: 'lf t55xx deviceconfig'  - persistence to flashmem is now option with param P
 2018-09-23 05:29:55 +02:00
Chris
ba2543b627 ADD: 'lf t55xx deviceconfig' - command that allows for setting t55xx timings via the client. If run on a RDV40, it also saves the config to flashmemory. This gives you option to have custom timings for your custom antenna in order for your RDV40 to work optimal against a t55xx tag and with your custom antenna. (@iceman) 2018-09-11 18:35:07 +02:00
Colin J. Brigato
c74dbb63b8 Pass 2; commit 2; 2018-09-06 05:24:50 +02:00
Chris
bacf8aff0f add: FPC connector skeleton usart. Not working but if will be a starting point for those who might want to help out with it. 2018-07-30 09:54:44 +02:00
Chris
714de99f82 chg: i2c fixes. all working. 
chg: 'sc info'  now prints url to atr decoder.
chg: 'sc reader' has more options  A, S
 2018-07-09 11:22:51 +02:00
Chris
79158c7360 chg; preparing for more cmds. 2018-07-06 00:24:04 +02:00
Chris
fca841122f chg: 'sc reader' - hooked up atr. 2018-07-05 16:32:10 +02:00
Chris
ee006c6a7b add: sc upgrade - beta test 2018-07-05 14:38:31 +02:00
Chris
44e300930f fix: sc upg 2018-07-05 11:22:43 +02:00
Chris
35b7989b1c chg: OR in values. 2018-07-02 18:54:12 +02:00
Chris
f4ef31c4be chg: OR in registry changes when setting LOW or HIGH instead of assigning. A nicer behavior not messing with previous set bits. 2018-06-23 06:41:51 +02:00
Chris
e5e990fd4f chg: adjustment to RDV40 gpios, since it make use of some previous used for other things.. 2018-06-23 06:40:01 +02:00
Chris
ddd9f4e0fd chg: preparation for smart card 2018-06-23 06:39:23 +02:00
Chris
5a22a72e9c chg: some preparations for iso15 refactor 2018-06-23 06:37:08 +02:00
iceman1001
6b7819276d add: 'mem info' - rudamentary support for new command. 2018-05-06 09:26:06 +02:00
iceman1001
021c0a1349 ADD: 'mem' commands. For RDV40 devices only. 
If you don't have one,  comment out inside client/Makefile this line

CFLAGS += -DWITH_FLASH
 2018-05-03 12:15:03 +02:00
iceman1001
f64e244823 chg: define 2018-04-20 19:48:13 +02:00
iceman1001
a615fd6a9e chg: smartcard , testing to use pwm clock instead of timer clock. 
chg: added some comments
 2018-04-16 19:58:49 +02:00
Colin J. Brigato
9147698e97 UPDATES HF_COLIN to current 2018-03-10 13:13:21 +01:00
iceman1001
802994d30a add: 'hf 14 antifuzz' - the outline for the new functionality which fuzzes the anticollision phase ISO 14443a. 2018-02-28 13:21:47 +01:00
iceman1001
180e3d4df9 chg: adaptations for global debug var to be accessible 2018-02-21 14:59:06 +01:00
iceman1001
d54c4d3e05 chg: SPI tests for flashmem on PA10. (aka pm3 evo) Peripheral B, fixed. 2018-02-20 12:03:11 +01:00
iceman1001
a21ab49f14 chg: moved flash mem config for spi into flashmem.c 
chg:  fpgasendcommand,  now waits until command has been sent to fpga.
 2018-02-18 10:35:36 +01:00
iceman1001
1709c1ce1a chg: flash_mem - hooked up client - device comms 2018-02-13 15:36:20 +01:00
iceman1001
0495e93b6d add: flash memory support 2018-02-13 14:12:28 +01:00
iceman1001
ad73af95c2 ADD: beginning to add SPI to access flash memory. 2018-02-13 11:41:23 +01:00
iceman1001
75d04307a1 chg: adapting some HF voltage readings. 2018-02-07 13:11:10 +01:00
iceman1001
b06579e0d5 chg: 'hf felica reader' the felica_select_card struct got more properties 2018-01-30 03:32:33 +01:00
iceman1001
bf25b1c9ba chg: crc16 got a compute_crc function 2018-01-30 03:31:11 +01:00
iceman1001
095b3af43b CHG: 'hf 15' - swapped crc impl to table based. 2018-01-29 15:55:56 +01:00
iceman1001
29c15b3480 cHG.. missing 2018-01-29 13:48:18 +01:00
iceman1001
3634327bef chg: code cleaning. 2017-12-21 12:42:32 +01:00
iceman1001
5eafdbf872 ADD: 'hf iclass check' - increased speed in check keys with new algo. 
ADD: 'hf iclass' - trying to add the timeout-limits for commands in order to get a more stable iclass communication
 2017-12-21 10:13:40 +01:00
iceman1001
e02e145fae draft for a Mifare classic NACK bug detection. 
the idea is to have a statistically solid conclusion if tag does or does not have the NACK bug.

-in short, ref  https://github.com/iceman1001/proxmark3/issues/141
NACK bug;  when a tag responds with a NACK to a 8 byte nonce exchange during authentication when the bytes are wrong but the parity bits are correct.

This is a strong oracle which is used in the darkside attack.
 2017-12-04 19:36:26 +01:00
iceman1001
4b63f940f1 CHG: FeliCa implemenation by @satsuoni 2017-10-20 20:27:44 +02:00
iceman1001
9757a8f078 ADD: some felica defines 2017-10-10 14:33:27 +02:00
iceman1001
b4a03581c2 CHG: adjustments to the USB reading part. 2017-10-05 15:55:08 +02:00