ADD: Added the "lf t55x7 wakeup" command. It will send a pwd, and leave the antenna on.
Process like:
1. lf t55x7 wakeup p 11223344
2. lf search
---
It is still not finished, will work together with the "lf t55x7 commands" in next step when I figure out the process from the datasheets.
ADD: @marshmellows "diphase" definition for T55x7.
MOV: extracted the aquisition from the t55x7 methods and put them inside lfsampling.c
FIX: pcf7931 write, there is 16bytes in a block.. not 4 as I thought before.
FIX: t55x7 lowered the WRITE_0 to 16. Even bigger gap.
Things like the ICLASS, tryDecryptWord,
--
My other stuff like default keys, some new Mifare EV1 commands 0x40, 0x43 for the logging annotation, start of the T55x7 configblock helper functionality (ripped from Adam Lauries RFIdler code)
Changes to the PCF7931 functions written, which has a lousy input check..
.. ntag simulation stuff from @marshmellows branch "ntag/sim"
.. hf mf mifare fixes from @pwpivi.
.. hw status command
.. speedtest function from @pwpivi
.. Viking Functionalities, (not a proper DEMOD, but a start)
.. GetCountUS better precision from @pwpivi
.. bin2hex, hex2bin from @holiman
...
starting with getting the T55x7 CONFIGURATION_BLOCK for different clone situations. Ripped from Adam Lauries RFidler, nothing working or finished..
...
Started working with the T55x7 read command with password actually performs a write block... See Issue #136https://github.com/Proxmark/proxmark3/issues/136 Not solved yet.
...
Started add SHA256.. not working yet..
-hitag2, -legicrf, HIDdemodFSK, CmDAWIDdemodFSK, CmdEM410xdemod, CmdIOdemodFSK
It should enable them to be aborted with a call to "hw ping / hw status" instead of only button-press. Which is good when you are scripting stuff.
MERGED: @piwi changes
MERGED: @marshmellows changes.
I'm not even gonna try write up all that stuff..
ADD: changed some commands inside the "Hf 14a sim" on deviceside.
ADD: @mobeius "two nonce" version for mfkey32. It is also inside the "hf 14a sim" with the "x" parameter.
CHG: Merged the "hf mfu wrbl" and "hf mfu cwrbl" commands into "hf mfu wrbl". One write command.
Both new commands implement a help, authentication (0x1A/0x1B) for ULC and the rest,
NEW: HF MFU SETUID - set UID to a magic UL / UL-C tag. *not implemented*
CHG: minor alignment for "Hf list" output.
CHG: removed unneeded function parameters to the ultralight commands
CHG: the const MAX_MIFARE_FRAME_SIZE is changed to MAX_FRAME_SIZE in the ultralight commands since the UL-Ev1 can have bigger frames than 18bytes.
CHG: adding DES support for the Ultralight-c read commands on deviceside.
REM: removed old comments in bootrom.c
CHG: mifare ultralight & desfire commands inside arm has been cleaned up. Next step is to refactor it into armsrc/mifaredesfire.c
CHG: USB_CMD_DATA_SIZE is now used as maxsize for transfer of data between client and pm3device
CHG: suggested a fix for the underscore problem in ioclass\fileutils.c
ADD: tnp3xx support
ADD: nxp tag idents.
ADD: identifiction of chinese backdoor commands to hf 14a reader.
ADD: Marshmellows fixes for the LF (demods) commands, (LF SEACH)
ADD: Holimans changes with hash1_brute
FIXES: minor fixes with some calls to "free" and redundant debug statement and code cleanup. removal of commented code.
fixed a few bugs in lf demod that the streamlining added. added new lf
em em410xdemod command that loops until button pressed. (similar to lf
hid fskdemod
Applied PwPiwi's new parity fix.
Applied Marshmellw's fixes for FSKdemod (HID, IO)
FIX: a potential bigbuffer fault given pwpiwi's change inside lfops.c CmdIOdemodFSK & CmdHIDdemodFSK
FIX: change some "int" parameters to uint's.
FIX: changed the lfops.c - DoAcquisition125k_internal to respect pwpiwi's definitions of FREE_BUFFER_OFFSET
HEADS up: The ultralight functions hasn't been verified since pwpiwi's changes.
- buffers were too small to handle 256 byte frames
- parity bits were only handled for up to 32 byte frames
- trace format was inefficient
- removed parity calculation from decoders in iclass.c (parity not used on air anyway)
ADD: found some new default keys
ADD: changed alot of memorys buffers to use constant values. like usbbuffer sizes, tracelogs, etc etc
ADD: all changes Peter filmoore has in his pull request.
This is a new LF edge detection algorithm for the FPGA.
- It uses a low-pass IIR filter to clean the signal
(see https://fail0verflow.com/blog/2014/proxmark3-fpga-iir-filter.html)
- The algorithm is able to detect consecutive peaks in the same
direction
- It uses an envelope follower to dynamically adjust the peak thresholds
- The main threshold used in the envelope follower can be set from the ARM side
fpga/lf_edge_detect.v,
fpga/lp20khz_1MSa_iir_filter.v,
fpga/min_max_tracker.v: New file.
fpga/lo_edge_detect.v, fpga/fpga_lf.v: Modify accordingly.
armsrc/apps.h (FPGA_CMD_SET_USER_BYTE1,
FPGA_CMD_SET_EDGE_DETECT_THRESHOLD): New FPGA command.
fpga/fpga_lf.v: Modify accordingly/Add a 8bit user register.
fpga/fpga_lf.bit: Update accordingly.
fpga/tests: New directory for testbenches
fpga/tests/Makefile: New file. It compiles the testbenches
and runs all the tests by default (comparing with the golden output)
fpga/tests/tb_lp20khz_1MSa_iir_filter.v,
fpga/tests/tb_min_max_tracker.v,
fpga/tests/tb_lf_edge_detect.v: New testbenches
fpga/tests/plot_edgedetect.py: New script to plot the results from
the edge detection tests.
fpga/tests/tb_data: New directory for data and golden outputs
- enhanced tracing: hf 14a list now shows meaningful timing information. With new option f it also shows the frame delay times (fdt)
- small fix for hf 14b list - it used to run into the trace trailer
- hf 14a sim now obeys iso14443 timing (fdt of 1172 or 1234 resp.)
Note: you need to flash FPGA as well.
More details in http://www.proxmark.org/forum/viewtopic.php?pid=9721#p9721
- PM: used GetCountMifare in MifareNested() for improved timing accuracy and to deliver better quality nonces
- PM: MifareNested now delivers exactly two different nonces to avoid time consuming multiple lfsr_recovery32() on client side
- Client: replaced quicksort by bucketsort in crapto1.c which is faster
- Client: use multithreading (two parallel calls to lfsr_recovery32())
- Client: fixed a small bug in mfnested() (always showed trgkey=0)
- Client: introduced a mutex for PrintAndLog() to avoid interlaced printing
Minor rework of hf mf chk:
- Avoid time consuming off/on cycles. Send a "halt" instead.
-new files armsrc/epa.[ch] for ePA (electronic "Personalausweis") related functions
-Offers elementary functions (EPA_PACE_MSE_Set_AT etc.)
-Also offers one new USB command: EPA_PACE_Collect_Nonce
-created new command subtree in client: client/hfepa.[ch] ("hf epa")
-offers "hf epa cnonces" (collect encrypted PACE nonces)
-more to come
