- Fix `hf mf sim` to use nonce_t structures, so key recovery works
- Increases verbosity on the key recovery functionality
- Fix use-after-free for k_sector
- Add help info on `e` option to `hf mf sim`
CHG: returned the iso14443a_setup order, it might influence my older PM3 device.
*Note* my Elechouse revisions PM3 works great with this but my older xpfga (green pcb) is hopeless. It can't fix onto the nonces in 'hf mf mifare' I think its too slow.
CHG: "hf 14a sim" command, changed the data collection for the attackmode in SimulateIso14443aTag. It now uses @holiman 's original implementation. But we can't change "NR", so we do next.
CHG: "hf 14a sim" command, nonce is increase with every new auth. This is for the "mfkey32_moebius" attack to work.
CHG: "hf mf sim" command (function void Mifare1ksim ) now handles UID' with length 10.
CHG: "hf mf sim" command nonce is increase with every new auth. This is for the "mfkey32_moebius" attack to work.
and some clean up in the "hf mf mifare" code. I removed the three strategies Pivi added to make the code easier and added a lot of comments to understand.
the WDT bug is still there in this code. Needs further testing yet, before I commit the fix.
So far the fix is quite stable on ubuntu, but on mingw/win is breaking still. Which at this point doesnt make any sense.
I also made the SRi read functions better by combining them. The demodulation / uart code should be the same as last summers changes. The device side code can now be even smaller.
CHG: increased the time-out message 2sec, in proxmark, to make "hf mf chk" work better.
CHG: still trying to solve the "hf mf mifare" WDT_HIT bug.
With these changes, the "hf mf chk" / "Hf mf nested" looks similar and should be a bit faster.
Things like the ICLASS, tryDecryptWord,
--
My other stuff like default keys, some new Mifare EV1 commands 0x40, 0x43 for the logging annotation, start of the T55x7 configblock helper functionality (ripped from Adam Lauries RFIdler code)
Changes to the PCF7931 functions written, which has a lousy input check..
.. ntag simulation stuff from @marshmellows branch "ntag/sim"
.. hf mf mifare fixes from @pwpivi.
.. hw status command
.. speedtest function from @pwpivi
.. Viking Functionalities, (not a proper DEMOD, but a start)
.. GetCountUS better precision from @pwpivi
.. bin2hex, hex2bin from @holiman
...
starting with getting the T55x7 CONFIGURATION_BLOCK for different clone situations. Ripped from Adam Lauries RFidler, nothing working or finished..
...
Started working with the T55x7 read command with password actually performs a write block... See Issue #136https://github.com/Proxmark/proxmark3/issues/136 Not solved yet.
...
Started add SHA256.. not working yet..
MERGED: @piwi changes
MERGED: @marshmellows changes.
I'm not even gonna try write up all that stuff..
ADD: changed some commands inside the "Hf 14a sim" on deviceside.
ADD: @mobeius "two nonce" version for mfkey32. It is also inside the "hf 14a sim" with the "x" parameter.
FIX: 14b sim changes in iso14443b.c , *experimental* I took some timing loops from "14a sim" armsrc/iso14443a.c and merged it into the "14b sim". Now using two pm3's I can have one simulating and the other reading and it works. Ask @pwpiwi if you want to know more of what those timing loops does. Something about waiting for the fpga delay queue...
ADD: "hf 14a sim t 7" now implements a simple incr_counter command. it sends ACK to all requests.
ADD: "hf 14a sim t 7" now prints the password when a "0x1B" (Authenticate) command is received.
