iceman1001
d608d85e3b
felica... shouldnt print dbhexdump.. it should be on client side
2024-01-23 19:18:44 +01:00
iceman1001
2be0bd14ee
revert change of DMA size
2024-01-23 19:17:45 +01:00
iceman1001
081ff216eb
style
2024-01-23 15:28:50 +01:00
nvx
da564aed3c
Fix hf sniff
...
This was broken in commit 17ab86c52
as the forced rounding up of
the size to 4-byte alignment in BigBuf_malloc made the size check
possibly larger than the buffer size as the check was always +3 on
the requested size rather than the rounded size. This was made
worse by BigBuf_max_traceLen not taking into account alignment
either and the alignmentn check in hfsnoop.c checking to 2 byte
alignment instead of 4 byte alignment.
The alignment size check now checks the size after alignment
rounding, and BigBuf_max_traceLen takes into account alignment
losses too reducing the need for BigBuf consumers to have to care
about alignment.
2024-01-24 00:10:05 +10:00
Martijn Plak
ebdd30e92c
readmem (ARM): boundary check against end of addressable space
2024-01-23 08:41:53 +01:00
Martijn Plak
e35385fde1
Adding processor flash memory reading, viewing and writing to file.
...
Works when the device is running either osimage or bootloader.
- New memory reading command in osimage and bootloader.
- Extended 'hw readmem' command with length parameter, file writing and hex viewer.
- Introduced '--dumpmem' option to proxmark3 executable to support dumping from bootloader.
Simple interactive examples:
hw readmem -f flashdump
hw readmem -l 1024
CLI example:
./pm3 --dumpmem flashdump.bin
Reading from arbitrary memory ranges can be unlocked using the 'raw' option.
2024-01-22 16:40:05 +01:00
iceman1001
22fd440c83
style
2024-01-18 16:41:13 +01:00
iceman1001
5e4796c57b
remove some debug statements
2024-01-18 16:32:13 +01:00
PhaseLoop
32a55654c4
Merge branch 'master' into bruteforce-smart-mode
2024-01-16 20:35:59 +00:00
PhaseLoop
dd859a2061
add smart bruteforce mode to MF Classic and EM4x50
2024-01-16 20:06:03 +00:00
iceman1001
3268621fe0
Lowered the initial wait, Heuristic decided. Might need to look at Picopass datasheet and verify :)
2024-01-16 16:21:45 +01:00
iceman1001
730cc21f08
fix the field is off check
2024-01-16 15:49:35 +01:00
iceman1001
acaaeea450
picopass uses a different CRC algo
2024-01-16 15:32:43 +01:00
iceman1001
2981dd94f7
had to keep track if the field is on or off on deviceside for 14b raw.\nAdded picopass ISO14443-B anticollision. It allows us to send raw packages over 14b.
2024-01-16 15:12:16 +01:00
iceman1001
5b31211971
style
2024-01-16 11:53:42 +01:00
iceman1001
70b4bee761
reworked the 14B comms. Uses NG packets now. Most raw / apdu / write / rd got some love
2024-01-16 11:37:13 +01:00
iceman1001
73843fd366
testing to extent DMA buffer to 768 bytes
2024-01-15 17:36:19 +01:00
iceman1001
ca21348ff6
text
2024-01-15 17:14:04 +01:00
Iceman
5db2276602
Merge pull request #2249 from nvx/cardhopper_improvements
...
Multiple hf_cardhopper improvements
2024-01-15 13:11:24 +01:00
iceman1001
4df743c2a0
style
2024-01-15 13:08:55 +01:00
nvx
1828358ab0
Multiple hf_cardhopper improvements
...
Allow button presses to break
Handle non-zero CID from reader by relaying RATS to the card and improving PPS and WTX handling
More reliably cook ATS values
Ignore packets that look like they're coming from the client (NG packets)
2024-01-15 22:05:30 +10:00
iceman1001
02f5e729ca
added a new command "hf 15 wipe" which zeros out a card memory with writeblocks. Improved restore and wipe time. Also identified TI tags and their quirks. On device side when getting a error response from tag it doesnt care about eof package. So we send that one too. Which leads to a spurious package we ignore on client side.
2024-01-15 04:11:20 +01:00
iceman1001
36be4d9556
text and style for comparing
2024-01-15 01:14:58 +01:00
iceman1001
8d0b41a911
this commit fixes #2244 #2246 #1596 #2101 . Its kind of a big refactoring and I most likely broke something. With that said. Now: HF 15 commands now uses NG packets, hf 15 raw support -k keepfield on and -s select, hf 15 dump/rdbl/rdmulti should handle blocksizes of 4 or 8, the error messages are unified and error handling the same. Some understanding how add_option impacts response message from card. A more clear separation between PM3 flags and ISO15693 protocol flags.
2024-01-14 14:23:51 +01:00
PhaseLoop
8e0e8e2240
Merge branch 'master' into bruteforce-smart-mode
2024-01-13 16:53:05 +00:00
iceman1001
e69b46f6f6
logging enabled for 14b readblock.\nsupport for tearoff in 14b adpu\nfixed a bug in 14b raw when adding crc\n raw command should now not touch reserved emulator memory when freed
2024-01-09 13:07:43 +01:00
iceman1001
1efb38ba98
fix hf 14b dump command not lock up every other call and modified the output.
2024-01-09 10:22:27 +01:00
iceman1001
dae8f4ac4b
forgot one
2024-01-08 23:48:45 +01:00
iceman1001
562faa8489
removed the inconsistency of both being a status value and length value
2024-01-08 23:40:45 +01:00
iceman1001
82aa6ac08c
gave 14b commands some serious love and overhaul. package handling for APDU and different selects is improved. return codes now consequent
2024-01-08 21:17:42 +01:00
iceman1001
398803d930
adapt size of return messages in 14b
2024-01-07 22:34:08 +01:00
iceman1001
0c4a1066c1
text
2024-01-05 19:27:38 +01:00
iceman1001
b1a1ca8827
Revert "Release v4.17768 - Steamboat Willie"
...
This reverts commit 57eeb712fd
.
2024-01-03 01:59:39 +01:00
iceman1001
57eeb712fd
Release v4.17768 - Steamboat Willie
2024-01-03 01:59:39 +01:00
iceman1001
238572c337
style
2024-01-01 21:52:05 +01:00
iceman1001
21e54ba9b1
adjust 14b apdu which seems to trigger memory corruption device side
2024-01-01 21:49:32 +01:00
iceman1001
c54f6af925
code style, remove unneeded UID array allocations since we just dont use the UID later in those functions
2023-12-31 09:56:46 +01:00
iceman1001
3df5fb6d40
cleaned up style
2023-12-31 09:43:45 +01:00
iceman1001
873c1e57a3
cleaned up and reduced number of arrays used
2023-12-31 09:36:25 +01:00
iceman1001
f840dc810b
made keytype instead of fixed keyB. would help in situations keyB is readable...
2023-12-31 09:35:42 +01:00
iceman1001
1f4f5febae
adapt magic detection and textual output. Hf mf info - now uses found keys to send for magic detection
2023-12-30 23:08:58 +01:00
nvx
8f577ad963
Improved magic detection
...
Magic detection no longer stops when a single type is found as cards may support multiple types of magic, so all detected types will be reported now.
GDM/USCUID chips are now detected when GDM magic auth is disabled but magic WUP (40 or 20) is enabled.
Gen2/CUID/DirectWrite is now detected when default keys and ACLs are used by attempting to write to block 0 but aborting before actually completing the write.
2023-12-30 19:53:23 +10:00
nvx
33eaaa535f
Changed hf_cardhopper standalone mode to allow running over the internal Proxmark3 USB-CDC serial port.
...
This functionality can be enabled by adding the following to your Makefile.platform:
STANDALONE_PLATFORM_DEFS+=-DCARDHOPPER_USB
2023-12-29 22:06:57 +10:00
iceman1001
0eea4e31c4
fiddling with thinfilm, which suffers in simulation
2023-12-18 22:18:21 +01:00
iceman1001
f8f135a3b7
style
2023-12-18 10:11:11 +01:00
iceman1001
1c8b2110bb
reduce stack usage
2023-12-15 16:39:42 +01:00
iceman1001
20d95fa3ea
remove some more parity arrays
2023-12-15 09:33:02 +01:00
iceman1001
30c7ce1335
wait until timeout
2023-12-15 09:22:35 +01:00
iceman1001
c210b370fe
remove par
2023-12-15 09:13:20 +01:00
iceman1001
70520af03b
style
2023-12-14 23:38:04 +01:00
iceman1001
6b9963b12a
forgot to free the allocated memory
2023-12-14 23:37:37 +01:00
iceman1001
ab0ee92f57
the par[] array allocation was the root cause for the stack smashing. Making one static array to be reused across 14a functions took care of the issue.\nalso made the command allocation for ISO14 APDU sending a bigbuf allocation instead. Since nothing in the APDU has to do with EMULATOR memory etc. The trace log grows from start of bigbuff, allocations grows from end of bigbuff
2023-12-14 23:35:30 +01:00
iceman1001
95d1d5646f
an attempt to reduce some stack memory. No need for the debug printing to be 512 bytes. Now limited to 200 chars
2023-12-14 23:29:43 +01:00
iceman1001
f4f832e121
style
2023-12-14 00:33:02 +01:00
iceman1001
ee1534103b
make sure to turn off the antenna if entering this state
2023-12-14 00:31:09 +01:00
iceman1001
17ab86c52c
make sure limit match up with the multiple of 4 bytes alignment
2023-12-14 00:30:15 +01:00
merlokk
2517e8b345
make style
2023-12-12 01:11:10 +02:00
merlokk
91892bc1bf
add static encrypted nonce detection
2023-12-11 21:24:26 +02:00
merlokk
ebe9d72cc2
set debug log level
2023-12-11 18:46:25 +02:00
iceman1001
97e2d7f026
changed "data num" to accept -r -i parameters where it will reverse or inverse the values.\nrenamed some util functions
2023-12-07 16:44:31 +01:00
iceman1001
89bcdcddbc
style
2023-12-06 22:42:16 +01:00
iceman1001
fdc1c9d864
text
2023-12-06 22:16:53 +01:00
Anonymous
cdafe764f1
Merge branch 'unisniff' of https://github.com/hazardousvoltage/proxmark3 into unisniff
2023-12-03 08:46:26 -05:00
Anonymous
9b752c6ecb
hf_unisniff: rename "ask" to "user" to avoid confusion with "ASK" sniffing
2023-12-03 08:44:06 -05:00
Iceman
56d957a689
Merge pull request #2192 from hazardousvoltage/unisniff
...
Implement hf_unisniff, 14a/14b/15 sniffer with runtime selection and more save options
2023-12-03 07:10:06 +01:00
wh201906
bb529a9077
Fix corrupted data caused by CMD_WTX
...
No need to wait for 2.5s (1s + FPGA_LOAD_WAIT_TIME) if the real-time
sampling stops.
Make sure the LF bitstream is loaded before real-time sampling so the
response of CMD_WTX won't appear.
2023-12-02 17:04:03 +08:00
Anonymous
322411c44f
Implement hf_unisniff, 14a/14b/15 sniffer with runtime selection and more save options
2023-12-01 22:39:46 -05:00
iceman1001
a913b2c662
style
2023-12-01 10:59:18 +01:00
Iceman
17a93a3b1b
Merge pull request #2173 from wh201906/lf_sniff_clean
...
Real-time LF sampling
2023-12-01 10:54:10 +01:00
nvx
7b0ca43695
Fix iClass dump truncating the AA2 area and improve dump reliability by fixing cmd retry delays.
2023-11-26 19:04:54 +10:00
wh201906
3ee13c9ba6
Apply suggestions from @henrygab
...
Check if memory allocation fails
Fix memory leak
Initialize struct in declaration
Add/Fix some notes
Remove unlikely() in favor of readability
Remove a hard-coded magic number
2023-11-15 18:04:52 +08:00
Henry Gabryjelski
627cf6e3d5
Slow clock speed message update
...
Signed-off-by: Henry Gabryjelski <henrygab@users.noreply.github.com>
2023-11-14 01:52:02 -08:00
wh201906
ab9f49f86e
Some minor fixes
...
Use longer timeout in WaitForRawDataTimeout() to handle CMD_WTX
Fix a wrong type
Apply changes to other similar part
Remove unused instructions
2023-11-14 10:46:45 +08:00
wh201906
b4cc7c02cd
Real-time LF sampling mode on armsrc
2023-11-14 01:43:20 +08:00
wh201906
9e8b1ceda7
Reduce duplicate payload structure for lf read/sniff
2023-11-14 01:05:27 +08:00
Philippe Teuwen
4f9016814e
Revert "Release v4.17511 - Faraday"
...
This reverts commit 6e9df18de6
.
2023-11-13 10:19:09 +01:00
Philippe Teuwen
6e9df18de6
Release v4.17511 - Faraday
2023-11-13 10:19:09 +01:00
Philippe Teuwen
73db5cb912
style: missing include of own header
2023-11-11 18:24:34 +01:00
iceman1001
d137b74de7
missing
2023-11-06 23:19:46 +01:00
iceman1001
6653bffe00
coverity fixes
2023-11-06 22:58:14 +01:00
iceman1001
bf6f5518ac
fix overflow ( @wh201906 )
2023-11-06 17:12:03 +01:00
wh201906
2d48e33a99
Some small fix
2023-11-06 18:45:10 +08:00
wh201906
85e38ddc38
Add --ms option in hw status
...
To specify the timeout of connection speed test
2023-11-06 16:35:43 +08:00
iceman1001
82e7830e5b
style
2023-10-30 22:20:55 +01:00
yah01
9d07ee497c
Improve lf sampling performance
...
Signed-off-by: yah01 <yah2er0ne@outlook.com>
2023-10-27 13:47:26 +08:00
iceman1001
5ae919d8ee
since we split the image for iclass, every time we swap back to hf / mf commands there is a penalty for swapping fpga image. this fix some allow for fast simulation part
2023-10-18 20:43:52 +02:00
iceman1001
1f3cf80898
style
2023-10-18 20:34:35 +02:00
iceman1001
185da09e62
we use calloc
2023-10-18 20:20:55 +02:00
iceman1001
efac735bad
added support for HID SAM picopass communications. Nasty array copying but does the trick. Will need refactoring.
2023-10-18 19:59:34 +02:00
iceman1001
14a0e0bc72
fix old length for sim module
2023-10-18 15:18:58 +02:00
Jean-Michel Picod
8cc7022604
Remove compilation error.
...
Function is already declared (non-static) in armsrc.
Compiler was complaining about re-defining a non-static func by a static
one.
2023-10-17 19:33:59 +02:00
PhaseLoop
4003ad72fe
update
2023-10-16 19:19:30 +00:00
iceman1001
026cd7d53d
style
2023-10-15 13:21:16 +02:00
iceman1001
0f9f5f116c
text
2023-10-15 10:11:27 +02:00
iceman1001
0ff41fa652
style
2023-10-12 14:53:26 +02:00
iceman1001
ef348a2aa0
adapt a bit
2023-10-12 14:51:18 +02:00
iceman1001
7cec258349
minor adjustments to texts
2023-10-09 20:09:22 +02:00
iceman1001
4986959706
fix logic for epurse updates
2023-10-09 15:48:01 +02:00
iceman1001
7b3e84c0d6
better fix for the PAGEMAP issue
2023-10-09 15:14:53 +02:00
iceman1001
d41f0c394e
hf iclass wrbl - the pagemap bit maps isnt the best to handle all four cases. This atleast fixes one issue with them
2023-10-09 15:04:49 +02:00