RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2024-09-21 07:46:12 +08:00
Code Issues Packages Projects Releases Wiki Activity
7245 commits 3 branches 14 tags 86 MiB
Commit graph

199 commits

Author SHA1 Message Date
iceman1001 3e26b564cd nameing stuff 2019-03-18 17:42:49 +01:00
iceman1001 35bc4a975e rename SNOOP -> SNIFF 2019-03-12 13:15:39 +01:00
Philippe Teuwen 961d929f4d changing {} style to match majority of previous style 2019-03-10 11:20:22 +01:00
Philippe Teuwen da6cdf014b Keep string syntax in color macros 2019-03-10 00:56:00 +01:00
Philippe Teuwen 0373696662 make style 2019-03-10 00:00:59 +01:00
Philippe Teuwen 0d9223a547 client: fix mix of spaces & tabs 2019-03-09 23:35:06 +01:00
iceman1001 cc9ec2d79c textual 2019-03-09 11:30:26 +01:00
Philippe Teuwen 60f292b18e remove spurious spaces & tabs at end of lines 2019-03-09 08:59:13 +01:00
iceman1001 ae4e3b72af chg: colors 2019-02-25 00:10:02 +01:00
merlokk 029e75e866 formatting 2019-02-01 18:54:57 +02:00
merlokk 34bae8adcf add hf 14a chaining 2019-02-01 18:51:53 +02:00
merlokk 09c5f0ef76 remove debug and small output addon. errors was not visible 2019-02-01 18:12:01 +02:00
merlokk 673c080ea5 client part 2019-02-01 18:00:08 +02:00
merlokk 30a6ef19b9 added FSC correct calculation in hf 14a info 2019-01-30 18:16:50 +02:00
iceman1001 3ae871f534 CHG: 'hf 14a antifuzz' - original implementation by @asfabw, reworked a bit - WORK IN PROGRESS - 2019-01-07 09:32:16 +01:00
iceman1001 16bfd49b8d CHG: 'hf 14a' - update to vendors list. (thanks to @horrordash for pointing it out) 
See also:
http://isotc.iso.org/livelink/livelink?func=ll&objId=10432471&objAction=Open&nexturl=%2Flivelink%2Flivelink%3Ffunc%3Dll%26objId%3D8915579%26objAction%3Dbrowse%26viewType%3D1
 2018-12-10 08:48:39 +01:00
merlokk d7d681ab51 cmdhf apdu move to argtable 2018-11-20 17:28:41 +02:00
merlokk e3aebd7985 get card data 2018-11-20 16:25:19 +02:00
merlokk 7820be1b8a exchange apdu14a works with chaining 2018-11-12 16:17:31 +02:00
merlokk 122cbe7d1d info and some fix in exchange 2018-10-24 19:19:15 +03:00
Chris 2be56183c0 fix: error enum rename 2018-10-14 12:02:26 +02:00
merlokk ab5233d29f now it needs to resolve issues in reveng 2018-10-11 11:48:46 +03:00
Chris 50143e460d syntax 2018-09-23 20:41:29 +02:00
Chris 4a8e048694 chg: 'sc raw' added 't' param, for decoding apdu response 
chg: i2c,  max timeout fitting for 256bytes frames
 2018-07-09 13:15:28 +02:00
Chris 714de99f82 chg: i2c fixes. all working. 
chg: 'sc info'  now prints url to atr decoder.
chg: 'sc reader' has more options  A, S
 2018-07-09 11:22:51 +02:00
Chris f9ba0e59fa chg: 'sc list' - hooked up list command (runs 'trace list 7816' ) 
chg: 'sc reader' - added 's' silent parameter
chg: 'sc info' - added 's' silent parameter
 2018-07-08 11:19:26 +02:00
Chris 26ff7fa297 chg: clean up 2018-07-04 15:26:39 +02:00
iceman1001 110a7b28cb chg: 'hf 14a sim' - possibility to simulate FM11RF005SH (@maozhenyu123) 
chg: 'hf 14a info' - tag identification for FM11RF005SH (@maozhenyu123)

Fudan FM11RF005SH , has 512bit mem,  16blocks w 4bytes / block.
Support REQA, READ, WRITE, AUTH.   Unknown how the auth is done.

The ATQA/SAK ,  or a trace from one of these tags would be intersting to look at.
 2018-05-06 09:24:28 +02:00
iceman1001 271cb3e1cc chg: \r didn't work well with printandlogex 
chg: spaces
chg: cleaning
 2018-04-27 12:15:26 +02:00
iceman1001 c41013d394 chg: printandlogex now deals with string which has inital newline char. 2018-04-27 11:22:30 +02:00
iceman1001 ef867794d1 chg: ...textual 2018-04-26 14:19:33 +02:00
iceman1001 71ce6e07ee CHG: moved trace commands into its own category (from hf) 
'trace list'

there will also the load / save of trace buffer come.

For backwardfunctionality the old commands still works.
 2018-03-18 18:00:41 +01:00
iceman1001 fd7acc78f3 fix: 'hf 14a info' - ATS length sanity check added 2018-03-13 23:16:48 +01:00
iceman1001 802994d30a add: 'hf 14 antifuzz' - the outline for the new functionality which fuzzes the anticollision phase ISO 14443a. 2018-02-28 13:21:47 +01:00
Brian Pow 8a408088af tweak message 2018-02-21 20:43:51 +08:00
Brian Pow 9fa5d23cc5 use PrintAndLogEx() instead of PrintAndLog() 2018-02-21 20:43:47 +08:00
iceman1001 4e915d2eb4 chg: prng detection now takes in consideration if detection fails. 2018-02-20 21:20:17 +01:00
Brian Pow b1d414c680 CHG: replace 'samples:' with 'Examples:', unify some usage text 2018-02-09 22:56:16 +08:00
iceman1001 357cf59f1b textual 2018-02-08 12:35:59 +01:00
iceman1001 6371dfc5b6 chg: made DropField function a compiler macro instead. 2018-02-06 22:32:08 +01:00
iceman1001 b8e7f20945 chg: textual.. and moved a helptext 2018-02-05 21:03:51 +01:00
iceman1001 52d69ed4ee CHG: refactor CRC16 algos. This is a big change, most likely some parts broke, hard to test it all. 2018-02-01 15:19:47 +01:00
iceman1001 c328f68640 fix: part of @pwpiwi 's #534 fixes 2018-01-01 18:57:37 +01:00
iceman1001 732fe340cb fix: 'hf search' - 14a detection was wrong. thanks @doegox for point it out. 2017-12-08 22:27:55 +01:00
iceman1001 56dbf3ea15 chg: 'hf mf nack' - adjustments in return values.. 
add: 'hf 14a info -n'  added new parameter,  to enable test for nack bug.
 2017-12-06 00:34:57 +01:00
iceman1001 9959d5c1e7 chg: emv commands should now compile. no testing done. 2017-11-25 08:18:30 +01:00
iceman1001 25b173ea20 chg: 'hf 14a reader' - @pwpiwi 7c8115b273 2017-11-10 22:55:33 +01:00
iceman1001 8b83db2c1b ADD: 'hf 14a apdu' @merlokk 2017-11-10 20:47:31 +01:00
iceman1001 6b78a8711d ADD 'hf 14a info' : new command (old reader command) (@merlokk) 
This enables use ut get a 14a reader function,  if you want to do all other tests,  go for this new command.
 2017-10-30 12:29:02 +01:00
iceman1001 ee1612870c CHG: 'info' unified helptext. 
ADD: 'hf 14a info'  - skeleton function
 2017-10-30 12:17:32 +01:00
iceman1001 fdf1566c23 FIX: 'hf 14a reader' - detection of magic refactored, all test now assumes turn on/off readerfield. 2017-10-30 12:01:34 +01:00
iceman1001 59fbf1e354 chg: don't blindly trust other ppls changes 2017-10-29 20:07:45 +01:00
iceman1001 76e139701a chg: @merlokk 's minor adjustment to waitCmd 2017-10-29 19:26:34 +01:00
iceman1001 a4b4a1a9a2 FIX: iso-14443a RATS optional (piwi) 2017-10-01 22:06:06 +02:00
iceman1001 c5616dfe76 minor corrections.. 2017-08-29 15:47:26 +02:00
iceman1001 9f54a5e4b9 fix 'hf 14a read' needs a disconnect if failed. 
fix 'hf mf csave'  now prints which card size it is trying to dump
 2017-08-29 14:47:17 +02:00
iceman1001 f10cc4a3ae FIX: 'hf 14a reader' - set timeout for waiting on response for inital call. This will enable the command not to get "stuck" 2017-08-29 14:37:09 +02:00
iceman1001 aa711b2d92 chg: 'hf 14a cuids' - now can be interrupted with keyboard press 2017-08-09 09:26:41 +02:00
iceman1001 f28da2da6e monster merge... 
all those changes marshmellow did..  and more...
 2017-07-30 09:17:48 +02:00
iceman1001 a8569849d6 part of monstermerge.. 2017-07-27 20:58:59 +02:00
iceman1001 fe5c33092d ADD: 'hf 14a reader' - added Mifare Classic Ev1 1k/4k identification. 2017-07-16 10:18:19 +02:00
iceman1001 e8015142cd fix: TRUE/FALSE -> bools 
fix: 'iclass'  filepath 255, to use FILE_PATH_SIZE
fix: unified params test
 2017-07-14 20:54:11 +02:00
iceman1001 8bc17414fd new coverity scan complains.. 
fix 'lf hitag'  bit comparisions wrong
fix 'standalone mode'  logically dead code
 2017-07-07 15:45:40 +02:00
iceman1001 3ca3d401c0 FIX: some adjustments to prng detection 2017-07-04 20:11:25 +02:00
iceman1001 4d18909596 ADD: 'hf 14a read' - detection if found Mifare Classic tag has a weak or hardend PRNG. Thanks to @doegox for implementing it in nfc-tools/mfoc Its a beauty :) 2017-06-26 21:45:22 +02:00
iceman1001 f24edfec54 CHG: hf 14a read - started to add a Magic tag gen2 detection. SKipping it for now. Can't decide to put in on deviceside or in client. 
FIX:  `lf read` - ophs..  it works again.
ADD: `lf em 4x05--`  - added a chipset definition
CHG: better kali fix - from @pwpivi
 2017-02-28 08:16:02 +01:00
iceman1001 8db18d2f15 ADD: hf 14a read - now can detect the newer magic generation 1b. In output 1A (old version, where all hf mf c* commands works) 1B is the newer. 2017-02-27 19:18:38 +01:00
iceman1001 41611deef9 CHG: some of @marshmellow42 's ref: 2b11c7c750 
CHG: `lf em 410x` - when demoded to all zeros, it wasn't printed so some noninitalized tags just gets a empty "found em410x tag" message. Hav'nt decided on how to go further with it.
 2017-02-27 14:04:50 +01:00
iceman1001 2e8d938bef ADD: 'hf emv' - from @peterfillmore emv fork. A bit cleaned up and moved around. Should compile 2017-02-05 21:56:47 +01:00
iceman1001 cf5a79de33 ADD: 'hf 14a read' - correct identify Aztek tags, instead of claiming it to be "not mfu". 2017-02-04 12:32:14 +01:00
iceman1001 4401050bcc ADD: 'hf standalone 14a mode", added "mifare 4k" detection. 
ADD: 'hf 14a sim' - added mifare 4k simulation.
 2017-02-01 14:41:06 +01:00
iceman1001 84bdbc1917 FIX: 'hf 14a sim x' - adjusted and shows messages when verbose. 
FIX: 'hf mf sim x i' - same as above.

In general we only use Moebius attack for "sim x",  that means a clean up on device side code. simpler to understand. It still tries to gather 8 different collections of nonces combo. When one is complete, it get sent to client which runs moebius direct.
 2017-01-29 23:09:23 +01:00
iceman1001 2ce218042d CHG: 'hf 14a sim e' - it now has a parameter for setfoundkeys to emulator memory. 
CHG: textual changes.
 2017-01-29 13:21:17 +01:00
iceman1001 3b875041dc FIX: 'hf 14a reader' - when card SAK was 0x00, it calls GetHF14AMfU_Type() to try to identify if it is a UL/NTAG etc. The bug is that it ignored the return value. 
when return_value == UL_ERROR,  it shall not print the mfu tagtype annotation.

---faulty behavior
proxmark3> hf 14a reader
 UID : 65 93 7f d1
ATQA : 00 04
 SAK : 00 [2]
Tag is not Ultralight | NTAG | MY-D  [ATQA: 00 04 SAK: 00]

TYPE : MIFARE Ultralight (MF0ICU1) <magic>
proprietary non iso14443-4 card found, RATS not supported
Answers to chinese magic backdoor commands: NO
 2017-01-11 22:00:17 +01:00
iceman1001 ba39db376c CHG: just some parameter / variable name changes. Nuttin' special. 2016-10-28 16:37:01 +02:00
Michael Farrell 32beef538e hf {14a,mf} sim: v is for verbose 2016-10-27 23:37:00 +11:00
Michael Farrell dfdbfa0702 hf mf sim: Be less verbose by default, add option "m" to turn maths back on (Issue #45) 2016-10-27 23:37:00 +11:00
Michael Farrell 53f7c75a38 hf 14a: Fix typos in manufacturer list 2016-10-22 14:24:17 +11:00
iceman1001 cd79d97223 CHG: syntax suger 2016-10-08 19:14:35 +02:00
iceman1001 3c6542087e CHG: @ikarus23 removed all missleadning warnings for GCC6.1.1. 2016-09-26 21:38:19 +02:00
iceman1001 823ad2e186 CHG: minor code cleaning in 'hf 14a reader' 2016-08-10 16:24:49 +02:00
iceman1001 52eeaef568 CHG: moved a defince arraylen into util.h and changed to uppercase. 2016-08-04 21:54:11 +02:00
Pavel Zhovner 57eba86be6 Typo in hf 14a sim help 2016-05-26 20:10:03 +03:00
iceman1001 f7c1a934d0 CHG: "hf 14a sim" now uses mfkey32 and mfkey32_moebius as methods to retrive the key in attack_mode. 2016-04-18 13:20:17 +02:00
iceman1001 0194ce8fc8 ADD: simulating can now handle triplesized UID (10b) 
CHG: moved some mifare #DEFINES into protocols.h  (ACK,NACK..)
 2016-04-14 11:09:17 +02:00
iceman1001 6fc68747f6 ADD: well, starting with a luascript for reading calypso tags, made me remake the 14b raw command on client and device side. Sorry @marshmellow42 , but this one broke your "hf 14b info" implementation. I fixed the "hf 14b read" and the hf search. So not to bad, but still a bit broken. The 14b raw device side is now very similar to 14a raw. Which is good. There is a Standard 14b 0x050008 detection and STmicroelectronic 0x0600 detection on deviceside. This removes a lot of code client side. 
I also made the SRi read functions better by combining them.   The demodulation / uart code should be the same as last summers changes.  The device side code can now be even smaller.
 2016-03-20 19:33:07 +01:00
iceman1001 a0f33b6682 CHG: started to clean up the crapto1 imp in client/nonce2key/ folder. 2016-01-19 17:22:18 +01:00
iceman1001 a429510647 REM: Removed #define llx PRIx64, all these defines are located in proxmark3.h 2016-01-19 16:29:07 +01:00
iceman1001 4c685ac887 FIX: Coverity, unintended sign extention, CID #121363, (numbits << 16) becomes int, then uint64_t. But the signness might set all upper bits to 1 in the process. 2016-01-12 22:33:54 +01:00
iceman1001 28415b5d90 FIX: Coverity, unchecked return value, CID #121292,.. 
basicallty the flush queue commmand is replaced with clearCommandBuffer();.
 2016-01-12 22:30:22 +01:00
iceman1001 c46ea881a4 FIX: coverty scan, resourceleak in "hf mf sniff", added call to 'free' befor return. 
FIX: coverty scan, overflow in "hf 14a raw",  added an extra len check against USB_CMD_DATA_SIZE
 2016-01-08 14:30:56 +01:00
iceman1001 9332b857ff ADD: @marshmellow42 's fixes for Q5, t55xx, fskclock, 
ADD:  got tired of always writing wrong "hf 14a list",  so I hooked it back up to call the "hf list" with argument. Things becomes smoother that way.
 2015-12-16 11:01:46 +01:00
iceman1001 0956e0dba5 FIX: an error that I introduced to the csetblock command with wrong length of crc calcs. 
CHG:  variable name in csetblock change.  just trying to be consistant.
ADD:  code clean up in hf 14a,  added some help text methods.
 2015-11-10 11:45:45 +01:00
iceman1001 c2731f37be CHG: a major remake of the "hf mf c*" commands. Ie chinese magic tags. Tried to make them consistent in parameter calls and simplified. And fixed the annoying gen1 tags that answers with a ACK/NACK on HALT commands.. 2015-11-09 21:46:15 +01:00
iceman1001 e98572a1e2 I just merged @marshmellow's branch "iclass" and that was a lot of new functionality. *great work* 
Things like the ICLASS, tryDecryptWord,

--
My other stuff like default keys, some new Mifare EV1 commands 0x40, 0x43 for the logging annotation,  start of the T55x7 configblock helper functionality (ripped from Adam Lauries RFIdler code)
Changes to the PCF7931 functions written,  which has a lousy input check..
 2015-10-07 23:00:46 +02:00
iceman1001 7838f4beba MERGED: @holimans changes 
MERGED: @piwi changes
MERGED: @marshmellows changes.

I'm not even gonna try write up all that stuff..

ADD: changed some commands inside the "Hf 14a sim" on deviceside.
ADD: @mobeius "two nonce" version for mfkey32.   It is also inside the "hf 14a sim" with the "x" parameter.
 2015-07-22 23:00:52 +02:00
iceman1001 32719adfa1 ADD: added support for some NTAG/EV1 commands to "hf 14a sim" on device side. 
0x1B (authenticate)
          0x3a (fast read)
          0x60 (get_version)

       This is used in a new mode on client,  "hf 14a sim t 7"
 2015-06-14 22:40:18 +02:00
iceman1001 c3c241f389 CHG: moved a xor function into util.c 
CHG: added some calls to clearCommandBuffer() in /hf mfu/hf 14a sim/hf mf sim/ commands.
CHG: minor adjustments to relative pathing.
 2015-05-26 11:04:57 +02:00
iceman1001 46cd801c5a FIX: dumptoemul.lua removed the extra linebreak in the end, making some load commands complain. 
MOV: moved the try32/try64 attacks (mfkey32/mfkey64) into the nonce2key.c file
CHG: added @marshmellow42 changes to hf mfu dump layout.
ADD: an extra call to BigBuf_free in readcard..  just to make sure that it doesn't leak memory.
ADD: expermimental call to "try32" for "hf mf sim x".
 2015-05-25 13:10:55 +02:00
iceman1001 623db3559b CHG: the new NTAG_i2c_1K enums, broke the uint16_t size.. Had to go up one level. 2015-05-20 19:26:11 +02:00