- hf mf rdsc (fix): didn't account for 16 block sectors, allowed max sector 63 instead of 39
- hf mf ecfill (add): added (optional) card size parameter and support for non 1K cards
- hf mf dump (add): added (optional) card size parameter and support for non 1K cards
- hf mf dump (fix): Access Condition 011 not handled correctly (tried to access with key A)
- hf mf restore (add): added (optional) card size parameter and support for non 1K cards
- hf mf nested (fix): didn't account for 16 block sectors, allowed max sector 63 instead of 39
- hf mf nested (fix): always dumped 16 keys to dumpkeys.bin instead of correct number
- hf mf chk (fix): always dumped 16 keys to dumpkeys.bin instead of correct number
- hf mf eget (fix): displayed three instead of one block
- hf mf eload (add): load 4K .eml files (but accepts 1K .eml files for backwards compatibility)
- hf mf esave (add): always save the whole emulator memory (4K) instead of 1K only
- hf mf ecfill (add): added (optional) card size parameter and support for non 1K cards
- output of debug messages caused communication failures due to timing issues.
hf mf dbg 4 now required to see these debug messages.
- changed help text for hf mf dbg
- fixed minor bugs in help texts for hf mf sim and hf mf ecset
- display "key A" or "key B" instead of "key=0" or "key=1 in hf mf sim
- tracing was not always enabled when starting hf mf sniff or hf 14a snoop
- ATQA was displayed in wrong byte order in hf mf sniff
- 4 Byte UIDs were displayed as 7 Byte UIDs (padded with 0x000000) in hf mf sniff
- same for logfile names.
- assignment (=) had been used instead of == in comparisons (shouldn't have been relevant though)
This is a new LF edge detection algorithm for the FPGA.
- It uses a low-pass IIR filter to clean the signal
(see https://fail0verflow.com/blog/2014/proxmark3-fpga-iir-filter.html)
- The algorithm is able to detect consecutive peaks in the same
direction
- It uses an envelope follower to dynamically adjust the peak thresholds
- The main threshold used in the envelope follower can be set from the ARM side
fpga/lf_edge_detect.v,
fpga/lp20khz_1MSa_iir_filter.v,
fpga/min_max_tracker.v: New file.
fpga/lo_edge_detect.v, fpga/fpga_lf.v: Modify accordingly.
armsrc/apps.h (FPGA_CMD_SET_USER_BYTE1,
FPGA_CMD_SET_EDGE_DETECT_THRESHOLD): New FPGA command.
fpga/fpga_lf.v: Modify accordingly/Add a 8bit user register.
fpga/fpga_lf.bit: Update accordingly.
fpga/tests: New directory for testbenches
fpga/tests/Makefile: New file. It compiles the testbenches
and runs all the tests by default (comparing with the golden output)
fpga/tests/tb_lp20khz_1MSa_iir_filter.v,
fpga/tests/tb_min_max_tracker.v,
fpga/tests/tb_lf_edge_detect.v: New testbenches
fpga/tests/plot_edgedetect.py: New script to plot the results from
the edge detection tests.
fpga/tests/tb_data: New directory for data and golden outputs
- fixed a circular buffer rollover bug in iso14443a.c
- fixed 7 Byte UID handling in hf mf sniff
- fixed "cannot append" error in hf mf sniff d
- fixed hint on mfkey32 in hf mf sim x
- fixed hf mf sniff sometimes showing rogue data from previous calloc
- improve snooping/sniffing by syncing modulation detector window with reader signal (hi_iso14443a.v)
- code cleanup of hi_iso14443a.v
- enhanced tracing: hf 14a list now shows meaningful timing information. With new option f it also shows the frame delay times (fdt)
- small fix for hf 14b list - it used to run into the trace trailer
- hf 14a sim now obeys iso14443 timing (fdt of 1172 or 1234 resp.)
Note: you need to flash FPGA as well.
More details in http://www.proxmark.org/forum/viewtopic.php?pid=9721#p9721
- PM: used GetCountMifare in MifareNested() for improved timing accuracy and to deliver better quality nonces
- PM: MifareNested now delivers exactly two different nonces to avoid time consuming multiple lfsr_recovery32() on client side
- Client: replaced quicksort by bucketsort in crapto1.c which is faster
- Client: use multithreading (two parallel calls to lfsr_recovery32())
- Client: fixed a small bug in mfnested() (always showed trgkey=0)
- Client: introduced a mutex for PrintAndLog() to avoid interlaced printing
Minor rework of hf mf chk:
- Avoid time consuming off/on cycles. Send a "halt" instead.
* Modified commands (lf em4x):
em410xwatch ['h'] -- Watches for EM410x 125/134 kHz tags (option 'h' for 134)
em410xwrite <UID> <'0' T5555> <'1' T55x7> [clock rate] -- Write EM410x UID to T5555(Q5) or T55x7 tag, optionally setting clock rate
* Better option checking for em410xwrite & fix for uninitialized vars
* Increased samples from 2000 to 4000 in em410xwatch (2000 is OK for clock=64, but too few for clock=32)
