RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-09-28 07:24:41 +08:00
Code Issues Projects Releases Packages Wiki Activity
20435 commits 3 branches 18 tags 91 MiB
Commit graph

20435 commits

This branch
This branch
All branches
Author SHA1 Message Date
Antiklesys
2105dbc379
Update iclass.c 
Clarified what tear success means

Signed-off-by: Antiklesys <syselkitna@gmail.com>
 2025-05-30 13:05:25 +08:00
Antiklesys
db9667d0fb
Update CHANGELOG.md 
Signed-off-by: Antiklesys <syselkitna@gmail.com>
 2025-05-30 13:02:11 +08:00
Antiklesys
c32f655023 Improved hf iclass tear erase phase readability 
Improved readability of erase phase during iclass tear (client and arm side).
It is redundant to see a list of FF during the erase phase (which can be pretty lengthy), so it will only show it once when all bits are FF and then will resume printing the moment bits start changing again post erase phase.
 2025-05-30 13:00:35 +08:00
Antiklesys
04cfe2a43e Modified iclass recover operations 
1- Renamed legreclookup to legbrute to be in line with the command name
2- Updated estimate values with speed increase gains
3- Improved some if statements readability in iclass.c and added start_time = eof_time + DELAY_ICLASS_VICC_TO_VCD_READER; to increase speed by ~8% (1.86 loops per second to 2.01 loops per second = ~560 more loops per hour).

Tried disabling some arm communications/comments but the speed increase was negligible (~1 sec / 1000 updates).
 2025-05-30 12:36:42 +08:00
iceman1001
83837699e1 text , but the ultralight detect in 14a info is a bit confusing. This PR was intended to make it more clear. We still need to improve the text output 2025-05-30 01:38:55 +02:00
iceman1001
804acfbefa the device side of iclass tear off is implemented. The base was done by @antiklesys. This version differs by the concept of trying to stabilize weak bits by performing a write operation in conjuction with the detected tear. Its untested but I can replicate most of the tears we performed client side. You will need to call the proxmark3 client with -f , ./pm3 -f to force flush out text which is needed for the inplace printing. I thought this was done automatically but it wasnt. hf iclass tear --arm + all the normal params to run on device side 2025-05-30 01:37:13 +02:00
iceman1001
f0022e4280 text 2025-05-29 14:52:49 +02:00
Iceman
90210fe588
Merge pull request #2853 from sup3rgiu/mfu-counters 
Fixed SimulateIso14443aTag() to make MFU counter increments persistent in emulator memory.
 2025-05-29 14:44:13 +02:00
iceman1001
7b9fe29cf3 hf iclass info - show AA2 key if found 2025-05-29 11:05:52 +02:00
iceman1001
18e4c072e7 style 2025-05-28 20:54:05 +02:00
iceman1001
a223570dbf hf iclass tear - only inform about read failures and keep on, instead of quiting command 2025-05-28 20:52:51 +02:00
iceman1001
0479a1b82e text 2025-05-28 20:52:14 +02:00
iceman1001
b2e587afa5 missing break, migth lead to strange behavior 2025-05-28 20:51:51 +02:00
Iceman
79e72fc8bf
Merge pull request #2859 from pelrun/bl 
Add "hf mf bambukeys" command to generate Bambu Lab keys
 2025-05-28 18:10:57 +02:00
Iceman
490c211361
Merge branch 'master' into bl 
Signed-off-by: Iceman <iceman@iuse.se>
 2025-05-28 18:10:16 +02:00
Iceman
9287e872f1
Merge pull request #2865 from Arkwin/patch-2 
Saflok Parsing
 2025-05-28 18:09:13 +02:00
Iceman
ce0431601a
Merge pull request #2867 from Antiklesys/master 
Updated hf iclass info for silicon check
 2025-05-28 18:08:15 +02:00
Antiklesys
503c03caa2 Update CHANGELOG.md 2025-05-29 00:00:19 +08:00
Antiklesys
bbd6f51586 Updated hf iclass info for silicon check 
Updated hf iclass info to use silicone identification based on CSN rather than hf 14b responsiveness
This reverted 4f85def6b0
 2025-05-28 23:59:17 +08:00
iceman1001
ada340de94 fix exit call 2025-05-27 14:52:04 +02:00
iceman1001
01e57db5f1 text 2025-05-27 10:12:58 +02:00
iceman1001
585670d55c hf iclass tear - text output and when e-purse get cleared it stops and informs user 2025-05-27 09:44:27 +02:00
iceman1001
4e07fc2b31 if enabled but no delay, then disable tear off just in case. enforce user to set a delay. if not this function will be triggered over and over which might confuse users normal operation 2025-05-27 09:43:11 +02:00
Kara Zajac
e35a4e292d
Used make style 
Fixed some code comments and ran make style

Signed-off-by: Kara Zajac <Arkwin.Advanced@gmail.com>
 2025-05-26 23:39:25 -04:00
Kara Zajac
176b543069
Saflok Parsing 
Added when a Saflok card is detected, it decrypts and parses the data, outputting it to the screen.

Previous security researchers did this work, and I merely adapted it from the Flipper Zero code to the Proxmark3 code.

Their info is below:

// Decryption and parsing from: https://gitee.com/wangshuoyue/unsaflok
// Decryption algorithm and parsing published by Shuoyue Wang
// Parsing also inspired by Lennert Wouters and Ian Carroll's DEFCON 32 talk
// https://defcon.org/html/defcon-32/dc-32-speakers.html
// FZ parser by @Torron, with help from @xtruan, @zacharyweiss, @evilmog and kara (@Arkwin)

Signed-off-by: Kara Zajac <Arkwin.Advanced@gmail.com>
 2025-05-26 15:46:23 -04:00
Iceman
744107035f
Merge pull request #2864 from Antiklesys/master 
Updated hf iclass tear to break endless read loop
 2025-05-26 19:37:43 +02:00
Antiklesys
b378a369d1 Updated hf iclass tear to break endless read loop 
Updated hf iclass tear to break endless read loop when the card can't be read anymore during the tear operation. Set a 10 attempts limit.
 2025-05-26 23:53:33 +08:00
Iceman
ee16112d29
Merge pull request #2863 from Antiklesys/master 
Updated hf iclass tear
 2025-05-26 11:15:47 +02:00
Antiklesys
23928b4041 Updated hf iclass tear 
Updated hf iclass tear with the following improvements:

1- Show failed read if ran in verbose mode
2- Improved out logic when tearing block 1
3- Showing fuses comparison table when tearoff affects block 1 fuses
 2025-05-26 16:01:06 +08:00
ry4000
66c57e8652
Merge branch 'RfidResearchGroup:master' into master 2025-05-26 17:46:52 +10:00
ry4000
8c3d0c7957
R&Y: Added BCN T-mobilitat and SMARTair AIDs to aid_desfire.json 
### Added AIDs
- BCN T-mobilitat
- PACS SMARTair

Signed-off-by: ry4000 <154689120+ry4000@users.noreply.github.com>
 2025-05-26 17:14:54 +10:00
iceman1001
b8e8c41f28 fix the cut of version and git sha-hash 2025-05-25 20:29:15 +02:00
Iceman
3ff2f28305
Merge pull request #2862 from Antiklesys/master 
Updated tearoff repeat to not go below original start value and show …
 2025-05-25 15:51:27 +02:00
Antiklesys
1349b6d282 Updated tearoff repeat to not go below original start value and show loop count 
Updated tearoff repeat to not go below original start value and show loop count
 2025-05-25 21:50:17 +08:00
Iceman
d5fb619308
Merge pull request #2861 from Antiklesys/master 
Updated hf iclass tear to not run if the authentication fuses are blown
 2025-05-25 14:44:29 +02:00
iceman1001
eecdad7ac8 text 2025-05-25 14:40:46 +02:00
Antiklesys
8d3e301b55 Updated hf iclass tear to not run if the authentication fuses are blown 
Updated hf iclass tear to not run if the authentication fuses are blown.
Or it will just get stuck at the beginning and not start anyway. At least this informs the users why this is happening.
 2025-05-25 20:36:35 +08:00
iceman1001
4b92118f1f clear trace log before starting to run hf iclass tear 2025-05-25 11:29:43 +02:00
Iceman
428ee718d3
Merge pull request #2860 from Antiklesys/master 
Fixed authentication read for iclass tear
 2025-05-25 11:11:39 +02:00
Antiklesys
d402903db5 Fixed authentication read for iclass tear 
If the card flips to nonsecure mode during the tearoff of block 1, this read command will be stuck.
So we can disable auth completely when trying to read block 1 as that block doesn't require authentication anyway for reading operations.
 2025-05-25 17:10:31 +08:00
iceman1001
4da2a9a496 text 2025-05-25 10:55:11 +02:00
iceman1001
dcec8d6e71 text 2025-05-25 10:50:40 +02:00
iceman1001
74f1936132 convert to our calloc instead since we prefer to know allocated shared memory is empty. Also removed a malloc(1) which is just a waste of bytes just like @NVX said a year ago at DefCon 2025-05-25 09:55:32 +02:00
iceman1001
96c58db8e8 style and making sure within limits not to trigger overflows 2025-05-24 22:50:56 +02:00
iceman1001
607f1bb26c style 2025-05-24 22:49:46 +02:00
iceman1001
bb0445d886 text 2025-05-24 21:45:14 +02:00
iceman1001
36e7736603 text 2025-05-24 21:34:17 +02:00
iceman1001
b6a39768a1 text 2025-05-24 21:30:23 +02:00
iceman1001
00c5af4256 text 2025-05-24 21:14:58 +02:00
James Churchill
c312bae516 Add "hf mf bambukeys" command to generate Bambu Lab keys 2025-05-25 00:18:25 +10:00