iceman1001
56f1aaa234
CHG: on a slow usb connection it seems the pingcmd which stops the bruteforce on deviceside doesnt get there. Lets send three pings to make sure the device gets it.
2016-08-10 16:23:59 +02:00
iceman1001
6067df30c5
FIX: at least now the special zero parity attack, repeats and doesn't crash. However it doesn't find the key either :(
2016-08-10 10:55:29 +02:00
iceman1001
86db8973b0
CHG; still looking at 14b, this time started to look at the tracelog times not working.
2016-08-09 23:13:18 +02:00
iceman1001
59e933fc3f
started fixing the paritiy == 0 special attack against chinese clones with bad prng, which hasnt been working for ages.
2016-08-09 23:11:07 +02:00
iceman1001
05442fa6f7
fix: wrong spelling
2016-08-09 12:15:26 +02:00
iceman1001
f5291a6ce1
FIX: Travis CI complains about missing stdbool.h includes
2016-08-09 12:11:11 +02:00
iceman1001
10c4231ec7
ADD: 'lf awid brute' is now possible to give a starting cardnumber. if given, the bruteforce loops from it as a mid point. Testing one step up, then one step down until it reaches 65535 and 0.
...
CHG: 'lf awid brute' inputs are now changed, take notice to new format.
2016-08-09 11:56:06 +02:00
iceman1001
3d4207f3b6
syntax suger
...
chg: added clearCommandBuffer(); before calls to sendcommand.
2016-08-09 09:12:16 +02:00
iceman1001
8a5b3c2a45
CHG: textual fixes in help text
...
CHG: better exit message for 'lf awid bruteforce'
2016-08-09 09:10:26 +02:00
iceman1001
9bfd93ec15
FIX: delay was parsed incorrect into a uint8_t...
...
CHG: help text fixed
2016-08-08 22:17:15 +02:00
iceman1001
934dfd728d
ADD: Added a delay in ms to 'lf awid brute' Thanks to @crayon for the idea.
2016-08-08 22:09:51 +02:00
iceman1001
471f89b8bd
FIX: the cmdline parsing was a bit too hard. Thanks to @crayon for pointing out there were a bug here.
2016-08-08 21:27:53 +02:00
iceman1001
d9ed4e1914
ADD: J-Run's 2nd phase tool mf_key_brute ref: https://github.com/J-Run/mf_key_brute Estimated time to search keyspace is ~18min.
...
J_Run's 2nd phase of multiple sector nested authentication key recovery
You have a known 4 last bytes of a key recovered with mf_nonce_brute tool.
First 2 bytes of key will be bruteforced
Usage: hf mf keybrute [h] <block number> <A|B> <key>
options:
h this help
<block number> target block number
<A|B> target key type
<key> candidate key from mf_nonce_brute tool
samples:
hf mf keybrute 1 A 000011223344
2016-08-08 17:49:30 +02:00
Alexis Green
170e7c9c51
FIX: erroneous semicolon
2016-08-07 20:07:25 -07:00
iceman1001
b62cbadb61
CHG: fixes to match the new arguments to the darkside attack (keytype A|B and blocknumber) in mifare_autopwn.lua script.
2016-08-07 21:19:11 +02:00
iceman1001
16658b1ff1
CHG: moved some TEA crypto stuff from 14b into analyse.
2016-08-07 21:08:17 +02:00
iceman1001
5def0b3c74
CHG: increased the script-filename column width from 16 to 21.
2016-08-07 21:05:09 +02:00
iceman1001
a152dea7b4
textual changes.
2016-08-07 18:50:25 +02:00
iceman1001
fa5118e730
CHG: some calyspo stuff
2016-08-04 21:57:40 +02:00
iceman1001
f0e183ece4
CHG: marshmellow42 's improved "hf mf sim x"
2016-08-04 21:57:18 +02:00
iceman1001
52eeaef568
CHG: moved a defince arraylen into util.h and changed to uppercase.
2016-08-04 21:54:11 +02:00
iceman1001
df007486f5
ADD: @donwan581 select keytype for the darkside attack.
2016-08-04 21:51:26 +02:00
iceman1001
26778ea772
FIX: coverity scan 133850, again. Why on earth did the 7 come from. I removed it.
2016-08-03 12:09:16 +02:00
iceman1001
c5d886170c
fix: COVERITYSCAN 133871, fix one part, breaking another. shouldnt have changed to uint8_t since it can never be negative.
2016-08-03 11:57:40 +02:00
iceman1001
e8fecd72bc
FIX; coverity scan 133850, & operation should keep only topbit of lower nibble.
...
CHG: tabs fixed
2016-08-03 10:01:37 +02:00
iceman1001
a28d34f407
Coverity Scan 133850, need to ask @jason about this one.
2016-08-03 09:32:07 +02:00
iceman1001
01629305d8
Merge branch 'master' of https://github.com/iceman1001/proxmark3
2016-08-03 09:30:01 +02:00
iceman1001
8a8de2cb6d
FIX: 133853, If you have 3items in a array, don't start with index 4 or 3, mental note to self, stop coding when you are tired.
2016-08-03 09:28:54 +02:00
Alexis Green
987c59849e
FIX: CoverityScan 123358 and 133864 - Unchecked return value
2016-08-02 22:44:36 -07:00
Alexis Green
3f5bcc3b92
FIX: CoverityScan 121362 - Pointer to local outside scope
2016-08-02 16:12:44 -07:00
iceman1001
80920fac96
FIX: forgot a semicolon
2016-08-03 00:42:23 +02:00
iceman1001
fd9212e183
FIX: CoverityScan 133857, cast to uint32_t will stop eventual problems. However its a uint_16 so it shouldnt be a problem to start with.
2016-08-03 00:15:26 +02:00
iceman1001
34c81fe01c
FIX. COVERITYscan 133860, initialize to zero. This function is still not working but at least now it doesnt crash the client.
2016-08-03 00:13:33 +02:00
iceman1001
5fe0a11dfe
FIX: CoverityScan, 1333853, out-of-bounds, well, if I have 3 items in a array, don't start reading 4...
2016-08-03 00:10:21 +02:00
Alexis Green
e31a0f736e
FIX: LEGIC - potential stack corruption calculating CRC from user input
2016-08-02 14:10:33 -07:00
Alexis Green
0892708119
FIX: CoverityScan 123465 - Resource leak
2016-08-02 13:57:44 -07:00
Alexis Green
5147ec6959
CHG: LEGIC - allow offline mode due to existing offline command
2016-08-02 13:51:58 -07:00
iceman1001
e719470c46
Merge branch 'master' of https://github.com/iceman1001/proxmark3
2016-08-02 16:06:40 +02:00
iceman1001
5f7e30f8d5
FIX: CoverityScan 133858 -uninitialized data
2016-08-02 16:05:50 +02:00
iceman1001
aeb128e2bb
chg: another way of checking a array for NULL
2016-08-02 16:04:57 +02:00
Alexis Green
6e321dd8f3
Fixing warning:
...
warning: ignoring return va 'scanf', declared with attribute warn_unused_result [-Wunused-result]
2016-08-01 13:03:46 -07:00
Alexis Green
22e31cd087
Fixing clang compilation warning
...
warning: shifting a negative signed value is undefined [-Wshift-negative-value]
2016-07-31 22:35:16 -07:00
iceman1001
9f52c9db28
FIX: removed a compiler warning, the stringlen is not used anymore.
2016-07-31 22:03:46 +02:00
iceman1001
af4308b97b
CHG: Moved some includes, defines, structs from .c into header file.
2016-07-31 22:00:49 +02:00
iceman1001
cc4c8fd6cf
FIX: getting rid of a compiler warning message.
2016-07-31 21:59:29 +02:00
Alexis Green
415e9f00d5
Adding a 'recoverpw' command for T55xx to try to recover corrupt password written by a handheld cloner by fiddling with bits in the expected password.
2016-07-31 12:33:03 -07:00
iceman1001
a0c7eea77a
CHG: moved out some help-texts into its own usage-functions.
2016-07-31 11:37:19 +02:00
iceman1001
00abc7c1ab
CHG: Moved a 'include' statement to header file
2016-07-30 19:37:15 +02:00
iceman1001
955228691e
REM: cleaning up some commented code.
2016-07-30 19:36:48 +02:00
iceman1001
d0724780ab
FIX: Found a minor bug in 'LF CMDREAD' where it on device side didn't compare with the right char 'h' instead of 'H'. Re-wrote that whole part anyway, I changed periods to be max 0xFFFF in length, doubtful that a zero or one delay will be bigger than 65535...
2016-07-30 19:30:53 +02:00