RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-02-22 07:04:13 +08:00
Code Issues Projects Releases Packages Wiki Activity
4476 commits 3 branches 15 tags 88 MiB
Commit graph

1280 commits

Author SHA1 Message Date
Jean-Pierre Clair
847656c613 spelling error authetication instead of authentication 2018-02-05 14:09:38 +01:00
iceman1001
6605d92fbb chg: tried making the reselect more stable. 
chg: 'hf iclass readblk'
chg: 'hf iclass writeblk'
chg: 'hf iclass dump'
chg: 'hf iclass clone'
        all commands now has 'v'  verbose parameter for more detailed output.
 2018-02-04 12:25:55 +01:00
iceman1001
6a9ddf6e69 chg 'hf iclass chk' - increased timeout, switch off antenna before each run in order to reset card, three retires. all this make it more stable. 2018-02-04 10:20:38 +01:00
iceman1001
dc25f9212f FIX: 'hf iclass sim 2' 
FIX: 'hf iclass sim 4'
FIX: 'hf iclass loclass' - this fixes the bug where loclass assumes the epurse value is all zeros, while it now should save the epurse value during the simulation if it is updated/read.

I assume a empty valid epurse, while an all zero epurse is too much easy to detect as a anomaly.
 2018-02-04 00:52:29 +01:00
iceman1001
856e2770a6 chg: 'hf iclass sim' different output 2018-02-01 17:44:27 +01:00
iceman1001
e0373212a3 chg: 'hf iclass sim' - sim2, 4 get less default output, set DBG 4 for verbose 2018-02-01 16:10:24 +01:00
iceman1001
fa5b550fa8 chg: should be a define. 2018-02-01 15:35:00 +01:00
iceman1001
145bccdea8 chg: wrong type 2018-02-01 15:33:10 +01:00
iceman1001
519cc72966 chg: crc change 2018-02-01 15:22:01 +01:00
iceman1001
52d69ed4ee CHG: refactor CRC16 algos. This is a big change, most likely some parts broke, hard to test it all. 2018-02-01 15:19:47 +01:00
iceman1001
721ba5d287 fix: 'hf iclass sim' - too small buffers caused sim to fail 2018-02-01 09:31:30 +01:00
iceman1001
c6207d09e1 chg: 'hf felica reader' is better, almost working good 2018-01-30 03:29:37 +01:00
iceman1001
50743b7e88 rem: 'hf iclass' blocknum LUT is gone. Removed also functionality for it. 2018-01-29 16:44:49 +01:00
iceman1001
5c380767e8 chg: 'hf iclass' removed a blocknum LUT implementation. My guess is the new crc16_iclass will do fine. 2018-01-29 16:38:03 +01:00
iceman1001
b39332e938 REM: 'hf 15 debug' removed command, unified with mf_debuglevel instead. The idea is to have ONE debug flag on deviceside. 2018-01-29 15:58:00 +01:00
iceman1001
787d87e0e6 testing to make dma buffer larger. 2018-01-29 13:42:42 +01:00
iceman1001
c04ac4f9ac ADD: 'hf felica reader' - added pm3 as FeliCa reader 
ADD:  raw commands -  added the basis for sending RAW commands to FeliCa.
CHG: CRC16 rework,  uses table based implementation.  This will change more functions as I go on.
 2018-01-29 13:42:02 +01:00
iceman1001
fd854a9308 chg: added Abrasive's uart implementation, its simpler to understand but the downside it doesn't do both speeds. (1/4 , 1/2556). 
ref 2b8bff7dae
 2018-01-28 12:36:41 +01:00
iceman1001
57df6a1a7e revert: add reflect function since its used in crc.c 2018-01-28 10:49:57 +01:00
iceman1001
cf44d04be1 add: reflect16 
rem:  swapbits, reflect
 2018-01-28 10:46:46 +01:00
iceman1001
e76b4f93b8 notes 2018-01-27 23:15:08 +01:00
iceman1001
ede55a1498 add: fast 8bit reversal. 2018-01-27 22:20:56 +01:00
iceman1001
60afef3938 FIX: 'hf snoop' - forcing function to clean up AT91C_BASE_SSC->SSC_RFMR into default setup values. 
FIX: 'lf ti' - forcing to cleaning up of SSC when finished.
 2018-01-27 20:30:50 +01:00
iceman1001
a6c50d7de2 chg: 'hf 14b' removed a delay loop when transmit as reader 2018-01-25 18:44:25 +01:00
iceman1001
5939164635 FIX: 'hf 15' timouts bugs when wait is set == 0... 
thanks @lnv42  for fix  84cb4f6bbf
 2018-01-21 18:34:29 +01:00
iceman1001
be82f9f018 DEL: 'hf mf sniff' - since it is very similar to 'hf 14a sniff' , I removed this command. The desired functionality will become a new 'hf list mf' option in the future. 2018-01-18 14:11:22 +01:00
iceman1001
b4afc8cdc4 fix: 'hf mf sniff' - @merlokk 's adjustments 2018-01-17 00:28:40 +01:00
iceman1001
de983252eb chg: dma macros instead 2018-01-17 00:27:13 +01:00
iceman1001
93ecfddb88 CHG: iso15 from b8f35947f2 @lnv42 2018-01-16 21:07:58 +01:00
iceman1001
466bbe1733 fix: 'hf mf hardnested' - too fast timeouts. https://github.com/Proxmark/proxmark3/issues/518 2018-01-15 14:22:46 +01:00
iceman1001
5ee4eeb84b chg: 'hf mf sim' wrong debuglevel for message 2018-01-11 22:08:02 +01:00
iceman1001
5ea8f73547 FIX: cmd_send has wrong varible definitions, leading to loss of values. 2018-01-11 21:47:27 +01:00
iceman1001
eed271af5c CHG: 'hw tune' tuning antenna now can handle bigger antennas than 65v, with shifting 9, it can measure up to 130v. 
CHG: 'hw tune'  -  command output and layout changes.  I think this is easier to read.
 2018-01-09 14:53:17 +01:00
iceman1001
b578e55d17 chg: 'hf 14b snoop' renamed 'hf 14b sniff'... 
In order to use one command for SNIFFING..   All snoop names will be renamed.
 2018-01-06 21:12:28 +01:00
iceman1001
647d275d18 chg: 'hf felica litedump' - now turns off device when aborted via keyboard, or buttonpress 2018-01-05 17:57:50 +01:00
iceman1001
05b62d0b3d syntax sugar 2018-01-05 17:40:07 +01:00
iceman1001
82dbfba827 chg: 'hf felica litedump' - more stable impl. Will not break when run twice in a row. Still device can be in a loop if 100sec timeout occures. :( 2018-01-05 17:39:04 +01:00
iceman1001
6e93ed80a3 chg: 'hf iclass sniff' - still problems with the dmabuffer 2018-01-02 19:10:55 +01:00
iceman1001
fe9416db23 chg: 'hf iclass' - work in progress. running default_iclass_keys.dic against reader (pm3 as simulation) 2018-01-02 11:17:31 +01:00
iceman1001
036d050384 chg: syntax sugar 2018-01-02 11:15:23 +01:00
iceman1001
186de6e1ae chg: adapting to new paths 2017-12-24 10:30:29 +01:00
iceman1001
231b0df578 CHG: 'hf iclass reader' - the select / which blocks to read / before saying it succeded was corrupt 2017-12-21 13:48:06 +01:00
iceman1001
3634327bef chg: code cleaning. 2017-12-21 12:42:32 +01:00
iceman1001
5eafdbf872 ADD: 'hf iclass check' - increased speed in check keys with new algo. 
ADD: 'hf iclass' - trying to add the timeout-limits for commands in order to get a more stable iclass communication
 2017-12-21 10:13:40 +01:00
iceman1001
154c30d0e5 fix: 'hf iclass reader' - do not always turn off device .. 2017-12-17 08:06:12 +01:00
iceman1001
594e4fe169 fix: (@pwpivi) fa85b08504 2017-12-12 15:49:43 +01:00
iceman1001
439c875905 chg: 'hf mf fchk' - need to reset the block number after a scan 2017-12-11 22:54:14 +01:00
iceman1001
bf74302679 chg: 'hf mf fchk' - reversing assumption. This really helped :) 2017-12-11 22:49:44 +01:00
iceman1001
033bc12933 chg: 'hf mf fchk' - adapttions to depth first exits 2017-12-11 22:33:50 +01:00
iceman1001
dd024b5300 chg: 'hf mf fchk' - depth first search 2017-12-11 21:43:29 +01:00
iceman1001
da57e74140 CHG: 'hf mf fchk' - two strategys. depth first for sector 1, AB. and width first with all sectors. 
first run strategy 1. then 2.
 2017-12-11 01:44:55 +01:00
iceman1001
9665bd526a chg; less debug 2017-12-11 01:19:58 +01:00
iceman1001
26353cfd78 chg: 'hf mf fchk' - testing new strategy, Depth first for sector0. 2017-12-10 23:59:19 +01:00
iceman1001
f9e73b9c61 chg: adjusting debug levels 2017-12-10 23:23:08 +01:00
iceman1001
bf2b2afeeb cleaning up. 
chg:  swapped random gen for mifare classic auth to known weak prng.
 2017-12-10 23:09:53 +01:00
iceman1001
cb92ed9ec0 fix 2017-12-10 20:09:16 +01:00
iceman1001
0e96c72476 fix: wupe timing (@pwpiwi) 7c7327e7c8 2017-12-10 20:02:51 +01:00
iceman1001
71fa461403 fix: timeout issues with checkkeys etc 2017-12-10 11:38:26 +01:00
iceman1001
dfdf4e701f chg: testing to reinstate the auth-timeout 2017-12-10 11:18:44 +01:00
iceman1001
19fe01128c chg: 'hf mf chk' - reinstate the debuglevel 2017-12-10 11:11:23 +01:00
iceman1001
2d6fead9de fix... 2017-12-10 10:06:27 +01:00
iceman1001
a27a29c0c6 chg: use defines instead. 2017-12-10 09:52:26 +01:00
iceman1001
0e9f234f11 CHG: lessend the default debug level to MF_DBG_ERROR. 2017-12-09 08:27:56 +01:00
iceman1001
0430b84f65 CHG: 'hf 14a sim', 'hf mf sim' - now uses weak PRNG from Crypto1 as nonce generation. 2017-12-07 15:21:06 +01:00
iceman1001
44280abf62 chg: reverting back to more or less offical pm3 version. 2017-12-07 15:02:15 +01:00
iceman1001
e94ceecb79 chg: 'hf mf mifare' - my darkside attack has been buggy last months. This reverts back to offical pm3. 2017-12-06 21:53:11 +01:00
iceman1001
2e35725f2f chg: 'hf mf mifare' - the darkside attack works bad... 2017-12-06 01:09:12 +01:00
iceman1001
56dbf3ea15 chg: 'hf mf nack' - adjustments in return values.. 
add: 'hf 14a info -n'  added new parameter,  to enable test for nack bug.
 2017-12-06 00:34:57 +01:00
iceman1001
e5f92935a1 chg: more adjustments 2017-12-06 00:17:49 +01:00
iceman1001
0c0e20eb06 chg: adjustments 2017-12-06 00:12:15 +01:00
iceman1001
6a028bdd18 fix: 'hf mf nack' - now does it better.. 2017-12-06 00:03:34 +01:00
iceman1001
0a1a48df01 chg: 'hf mf nack' - extracted in into mifarehost for easier usage in other cmds like 
'hf 14a info'
chg: 'hf mf nack' - changes on devices side from @doegox   Thanks!
 2017-12-05 23:34:52 +01:00
iceman1001
db82738527 chg: 'hf mf mifare' - warning if select card failed but continue searching 
chg: 'hf mf nack' - warning if select card failed but continue searching
 2017-12-05 18:18:20 +01:00
iceman1001
8b3ff03599 chg: 'hf mf nack' - cleaning up 2017-12-05 18:14:19 +01:00
iceman1001
a43f156370 chg: 'hf mf nack' - minor 2017-12-05 18:04:21 +01:00
iceman1001
6e5038f224 chg: 'hf mf nack' - only test all 256 parities for one nonce when synced. 
0 nack = has not bug.
1 nack == has bug
x nacks == most likely a clone card which answers nack to all requests.
 2017-12-05 17:57:44 +01:00
iceman1001
ba4df1b9fc chg: 'hf mf nack' - trace on. 2017-12-05 13:25:16 +01:00
iceman1001
08193fd2e5 chg: getting crazy out of sync when running against magic cards. 2017-12-05 12:30:40 +01:00
iceman1001
984a26370d chg: 'hf mf nack' better output 2017-12-05 11:53:42 +01:00
iceman1001
4289846383 chg 2017-12-05 11:39:31 +01:00
iceman1001
a2ba749a04 chg... 2017-12-05 11:37:10 +01:00
iceman1001
0e9a0d4b71 chg: remove unused vars 2017-12-05 11:35:07 +01:00
iceman1001
4f3e9f0f1f chg: 'hf mf nack' - loop three times. change nonce 2017-12-05 11:33:32 +01:00
iceman1001
355572826a chg: this debug statement interups with all other printouts. 2017-12-05 11:01:05 +01:00
iceman1001
ea6136456c chg: 'hf mf nack' - use faster iso select 2017-12-05 10:52:53 +01:00
iceman1001
e02e145fae draft for a Mifare classic NACK bug detection. 
the idea is to have a statistically solid conclusion if tag does or does not have the NACK bug.

-in short, ref  https://github.com/iceman1001/proxmark3/issues/141
NACK bug;  when a tag responds with a NACK to a 8 byte nonce exchange during authentication when the bytes are wrong but the parity bits are correct.

This is a strong oracle which is used in the darkside attack.
 2017-12-04 19:36:26 +01:00
iceman1001
5614066a4e fix: no more powered antenna when swapping fpga images. 2017-11-30 10:28:59 +01:00
iceman1001
430c6b4b79 It seems a call to FpgaDownloadAndGo() powers the antenna. 
Solution:  Turn off antenna afterwards
 2017-11-30 08:27:31 +01:00
iceman1001
efb0580199 fix: file doesnt exits 2017-11-25 10:24:15 +01:00
iceman1001
2c7930d178 fix: missing. 2017-11-25 10:22:47 +01:00
iceman1001
c5ee621160 rem: EMV on armside is cleaned out. 2017-11-25 10:20:52 +01:00
iceman1001
fcbb559b63 rem: remove emv implementations from peter fillmore. There is a better one on client side. 2017-11-25 10:14:13 +01:00
iceman1001
9d4d8b6e2c chg: iso14443a timeouts, (@pwpiwi) 
chg: apdu prolonged timeout (@merlokk)
 2017-11-25 10:11:37 +01:00
ikarus
3ecc3b231a fix: misleading indentation 2017-11-22 23:08:50 +01:00
iceman1001
f906cb7f89 chg: 'hf mf sim' @piwi's changes part 1 2017-11-11 22:41:52 +01:00
iceman1001
92f37c4c22 chg: 'apdu' @merlokk changes 
chg:  @piwi's changes to timing
chg: @piwi's changes to rats.
 2017-11-11 22:39:13 +01:00
iceman1001
a4069fe2aa chg: code cleaning 2017-11-11 22:34:34 +01:00
iceman1001
c74360a629 chg: 'hf 14b' deviceside cleaning 2017-11-11 01:32:58 +01:00
iceman1001
8f4c96cc81 chg: 'lf hitag' - don't send garbage (@marshmellow42) 2017-11-11 01:31:45 +01:00
iceman1001
c3403da76c chg: 'hf felica' adjustments 2017-11-11 01:26:53 +01:00
iceman1001
b01f3d2352 syntaxt sugar 2017-10-30 22:20:41 +01:00
iceman1001
db56ca11a3 FIX: detect noise signal by measuring amplitude of signal. 2017-10-30 19:18:30 +01:00
iceman1001
05991cdffb sloppy 2017-10-30 15:12:03 +01:00
iceman1001
deeb56f09c fix: 'hf mf hardnested' : without sending dummy answer, the can't select tag comes.. 2017-10-30 15:02:44 +01:00
iceman1001
0520d42f3d revert back.. 2017-10-30 12:22:02 +01:00
iceman1001
6e46822c4c CHG: mcIdent now turn on/off readerfield. 2017-10-30 12:05:14 +01:00
iceman1001
0ea06dbe9b CHG: spelling misstake 
CHG: code cleanup. unused function.
 2017-10-30 12:02:57 +01:00
iceman1001
f805fe995b fix.. don't ask.. 2017-10-29 11:23:26 +01:00
iceman1001
bc131dd105 fix: high and low variable should now contain raw hex. 2017-10-29 11:20:10 +01:00
iceman1001
0ef6e190e7 fix. missing variable and semicolon 2017-10-29 10:40:39 +01:00
iceman1001
6aec2f5951 FIX: spelled wrong. downside with working in notepad++ 2017-10-29 10:38:49 +01:00
iceman1001
573a312130 fix: removed a refence to missing file 2017-10-29 03:53:09 +01:00
iceman1001
2e32fd289c ADD: StandAloneMode LF Proxbrute by @brad-anton 
https://github.com/brad-anton/proxbrute

--adjusted to fit iceman fork and latest enhancements to LF
(untested)
 2017-10-29 03:51:07 +01:00
iceman1001
c1f742dfe5 CHG: updade some define and helptext 2017-10-29 03:47:00 +01:00
iceman1001
fab1b64760 ADD: standalone mode : LF HID corporate 1000 bruteforce by @federicodotta et al. 
https://github.com/federicodotta/proxmark3

--adjusted to fit iceman fork and latest enhancements to LF
(untested)

FIX:  some calls to deviceside demods, use 0 instead of reference.
ADD:  timeout after n cycles of simulating
 2017-10-29 03:26:46 +01:00
57ca2b96b7444cb986b2d6cf51d25ffd86c57743
34b076f7af Enclosed naked statements with braces to avoid C compliler misleading-indentation 'guard' warning. 2017-10-23 17:37:29 -04:00
iceman1001
9e527537c6 fix: remove compile warnings (@winguru) 2017-10-23 21:19:46 +02:00
iceman1001
4bfc3ca8c9 CHG: part of @piwi changes 2017-10-23 21:17:59 +02:00
Iceman
b6d68ec0aa Update readme.md 2017-10-22 17:00:53 +02:00
iceman1001
55e87490cf fix: remove all traces of fpga_nfc... 2017-10-20 22:01:10 +02:00
iceman1001
4b48e63ccc ADD: missing felica.c 2017-10-20 20:30:17 +02:00
iceman1001
4b63f940f1 CHG: FeliCa implemenation by @satsuoni 2017-10-20 20:27:44 +02:00
iceman1001
3108293c1f ADD: New standalone mode by (@cjbrigato) Excellent work! 2017-10-20 15:29:33 +02:00
iceman1001
a9bf084916 chg: Shortend a wait. Not sure why we wait here. 2017-10-20 14:51:12 +02:00
iceman1001
dc7473135c syntax cleaning 2017-10-17 22:05:52 +02:00
iceman1001
d46955e309 FIX: bootrom - flashmode should also not assume sizeof(usbcommand) 544 bytes 2017-10-17 21:14:36 +02:00
iceman1001
16028f7d33 CHG: appmain now calls cmd_recieve as it should 
CHG: flasher -  removed unneeded parameter to function
CHG: flasher - increased limit to fpga-files that can be loaded
FIX: main client,  wrong windows define fixed.
CHG: device side - recieve usb command does not always get 544 bytes.  usb packages can be incomplete.
CHG: usb_cdc.c also got piwi's changes.
CHG: uart_posix.c removed a debug value
CHG: uart_win32.c clean up.
 2017-10-17 20:58:17 +02:00
iceman1001
71a500d824 CHG: 'hf mf fchk' - no need to send dummy coomand to trigger timeout. 
CHG: 'hf mf fchk' - added some debugstatements.  These will become optional later.
CHG: 'hf mf fchk' - lower re-try from 10 to 5
 2017-10-12 15:17:10 +02:00
iceman1001
2fc88b924d CHG: increased time to powerup tag 2017-10-12 15:14:41 +02:00
iceman1001
a41cdf803a ADD: add the fpga part to arm.. (@satsuoni) 2017-10-11 12:48:37 +02:00
iceman1001
1cca109429 chg: validating we got a full usbcommand (512b) 2017-10-11 12:48:04 +02:00
iceman1001
ce5525bc16 chg: 'hf iclass simulate' adjustements 2017-10-08 15:11:38 +02:00
iceman1001
674db8d5ac fix: 'hf snoop' - buffer overflow (@satuoni) 2017-10-08 14:56:04 +02:00
iceman1001
2ca0ea8cb4 ADD: 'hf mf fastchk' - new command, improved check keys functionality. It uses a bunch of techniques to get a speedup. 
Using a dictionary file with 421keys,

Current implementation of checkkeys takes 300 sec.
This implementation of checkkeys takes 250 sec.

I implemented it as a separate command so it will be easier to compare between the old and new checkkeys.
Its also doing much on deviceside, which is a step to much funnier standalone modes  :))
 2017-10-05 16:00:56 +02:00
iceman1001
a4b4a1a9a2 FIX: iso-14443a RATS optional (piwi) 2017-10-01 22:06:06 +02:00
iceman1001
d412a8aa2c FIX: one dot wrong 2017-09-28 22:33:26 +02:00
iceman1001
4dccc340ae correcting the standalone addons pathing. 
adding some comments on standalone problematics
 2017-09-28 22:33:03 +02:00
iceman1001
1285f5a32c minor adjustments. return instead of goto 2017-09-28 22:30:33 +02:00
iceman1001
2d283c42a6 FIX: ISO15, increased reading distance by letting tag some time to powerup. 2017-09-27 12:12:43 +02:00
iceman1001
834a80dcc1 chg: 'hf iclass sim' even with sim2, the card should answer to reads of block0,1,2 and 5 2017-09-26 17:06:13 +02:00
iceman1001
b0bf1faa3d CHG: 'EMV' , at least it compiles, however working that is a completely different issue.. 2017-09-19 19:49:47 +02:00
iceman1001
14550557be CHG: 'emv compilation' since the client makefile doesn't import makefile.common anymore, need to move some compilor directive. Now need to change two files for EMV compilation. 
* client/Makefile
 * common/Makefile.common
 2017-09-18 22:33:22 +02:00
iceman1001
28f1f23d48 chg: easy printing of MAKE variables 
Usage::
  make print-FLASHTOOL
  cd bootrom; make print-APP_CFLAGS
  cd client; make print-GCC_VERSION
 2017-09-18 18:59:51 +02:00
iceman1001
3839ce006d fix: added missing emv function. WITH_EMV compiles now. 2017-09-18 18:38:54 +02:00
iceman1001
f96afe0ce7 chg: emv compilation, will it work better on OSX? 2017-09-17 19:24:04 +02:00
iceman1001
b439c76c6e CHG: changed name on define. Its now called CMD_UPLOAD_SIM_SAMPLES_125K .. Since we upload to device. 2017-09-14 11:13:10 +02:00
iceman1001
635636a267 chg: 'hf 15 sim' - made debugstatements optional (follows DEBUG flag now) 2017-09-14 11:09:21 +02:00
iceman1001
0c2c6f3fd7 CHG: 'hf mfdes info' : Now checks for 7b uid's. This will remove some faulty claims of tagidentifications. 2017-09-14 11:06:49 +02:00
iceman1001
98bc685632 add: 'hf iclass sim 4' - new mode, to adapt sim 2 to readers in keyroll mode. 2017-09-12 08:45:38 +02:00
iceman1001
e042ba5432 fix: BUTTON_PRESS needs... 2017-09-05 10:36:25 +02:00
iceman1001
2c1e2a9f3a CHG: 'hf 15 findafi' - added the possibility to cancel loop with buttonpress 2017-09-05 10:31:27 +02:00
iceman1001
e69d070596 fix: 'hf 15 findafi' switch off antenna afterwards 2017-09-05 10:16:37 +02:00
iceman1001
f21555b1b2 fix: stack corruptions. keep it simple. (coverty scan 170498, 170497, 170496) 2017-09-05 10:10:24 +02:00
iceman1001
85b1c6bdfb add: 'hf 15 list' is now possible, since I like to be able to call both "hf list 15" and "hf 15 list"... 
chg:  'hf list 15' better annotations,  the flags doens't define the command anymore
chg:  device side,  iso15,  experimenting with different settings.

The tag still doesn't answer to  0x002B  not 0x202B---uid---  commands.
 2017-09-04 22:48:35 +02:00
iceman1001
ec07e2e006 FIX: 'hf 15 *' commands - the demod should work better now and as a bonus I've added some tracelogging. The timer is not quite correct yet but its a start. 
sample:
   hf 15 reader
   hf list raw
 2017-09-04 13:56:57 +02:00
iceman1001
eec5780b62 chg: minor clean up in iso15693 commands. 2017-08-31 13:24:12 +02:00
iceman1001
4d354f75fe upd - CHANGELOG.md 
chg 'hf iclass sniff' more debugstatements
 2017-08-30 22:35:35 +02:00
iceman1001
a971c03877 chg: the version text layout 2017-08-29 08:46:26 +02:00
iceman1001
292a4ca602 'hf 14b sniff' - removed stuff which wasn't very useful. cleaner now. Not sure if it works :( 
'hf iclass sniff' - playing with this one.  Don't expect it to work yet :(
   - increase dma_buffer_size to 256
   - moved initialization to a own function. Just looks cleaner :)
   - change the debug output to follow MF_DBGLEVEL
'hf mf sniff' - unnecessary cast removed
 2017-08-27 19:41:24 +02:00
iceman1001
8581fec47c ...added the standalone folder.. 2017-08-26 13:01:35 +02:00
iceman1001
fda4a25f51 and some more adjustments.. 2017-08-26 12:59:10 +02:00
iceman1001
94f70caa7a when you need to add too much changes at the same time... 
fix: 'hf mf hardnested'  test cases doesn't need to verify key.
add: 'hf mf ' - collect nonces from classic tag.
chg: switch_off on armside,  a more unified way,  so we don't forget to turn of the antenna ...
chg:  renamed 'hf iclass snoop'  into 'hf iclass sniff'   in an attempt to make all sniff/snoop commands only SNIFF

chg: 'standalone' ->  starting the work of moving all standalone mods into a plugin kind of style, in its own folder.
 2017-08-26 12:57:18 +02:00
iceman1001
7810dac62d CHG: not using the parity values for logging. Saves some few ticks :) 2017-08-21 23:34:11 +02:00
iceman1001
a7441c4bf6 CHG: added some more debugstatements, 
CHG: 'hf iclass sim 2'  use another e-purse value  {0xfe,0xff,0xff,0xff,0xff,0xff,0xff,0xff}
CHG: testing to see if we can skip the parity array when logging,  we don't seem to use that information anywere anyway.
CHG: no need to check tracing global var,  it is done inside of LogTrace function anyway
 2017-08-21 17:22:22 +02:00
iceman1001
269b89373d chg: testing another loop style 2017-08-21 17:18:24 +02:00
iceman1001
a8334d6ab3 chg: added some WDT_HIT calls 2017-08-21 17:17:43 +02:00
iceman1001
4eda2828c8 fix fiddling, it seemed most iclass commands never shut down the antenna after they were finished. I may have missed something. 2017-08-19 19:50:55 +02:00
iceman1001
823a814cf6 FIX: some possible null - ref bugs in 'iclass' , 'iso15693' deviceside. 
FIX: 0 is not a reference.
FIX: iso15693 - wait wasn't implemented
chg: 'hf 15' getTagInfo_15 renamned.
chg: 'hf iclass loclass' some output got newline
 2017-08-19 09:49:41 +02:00
iceman1001
db515ba6c4 chg: 'hf iclass sim' - turning of antenna after simulation is done. 
chg: 'hf iclass sim' - use @holiman 's 8 csn instead of the original @carl55 (15),   and a new first entry csn, to see if the old one got blacklisted.
 2017-08-18 10:23:46 +02:00
iceman1001
eae8c2f7be chg: unify debug messages for FSK demod in AWID,HID,IO,PARADOX,PYRAMID, all neat and same. 2017-08-11 20:48:54 +02:00
iceman1001
6ad546fa13 chg: removed extern on print_lock mutex. Since there is two of these, in proxmark3.c and ui.c 2017-08-11 11:40:25 +02:00
iceman1001
bd4d1ec74e Fixes: lf simpsk - make sure Carrier input is ok. 
fix: 'lf awid sim' - Clk param is used CorreCt
fix: 'lf HID sim' - unified way logging
fix: 'lf indala sim' - adding a draft simulation Command
fix: 'lf io sim'  - unified way logging
fix: 'lf nedap sim' - getting bits is wrong still..
fix: 'lf paradox sim'  - Helptext
lfdemod.C  got some reworked loops,  still some debug messages to be ...
 2017-08-10 14:19:57 +02:00
iceman1001
f56d00bf1d chg: 'lf sim' on deviceside, removed the usb_poll in one loop. Will look into @marshmellow42 limit also 2017-08-09 09:28:54 +02:00
iceman1001
9d8cfd13a7 NEW: cleaning up in the StandAloneMode mods. 
'hw version' - added a function to print out which mods is installed on the firmware (deviceside)

New compiler flags are:
# -DWITH_ICEMAN
# -DWITH_LF_SAMYRUN
# -DWITH_LF_PROXBRUTE
# -DWITH_LF_HIDCORP
# -DWITH_HF_YOUNG
# -DWITH_HF_MATTYRUN

The code behind them are NOT in this commit.  They will come in there own files later on.
 2017-08-06 16:29:29 +02:00
iceman1001
722d8b2cdb chg: more adjustments to iso15 sim 2017-07-31 18:24:53 +02:00
iceman1001
479a288543 chg: 'hf 15 sim' - now it loops until buttonpress or usb_received. 2017-07-31 17:55:21 +02:00
iceman1001
0a58e8f0fe CHG: macro T5555_SET_BITRATE is used for clearity 2017-07-31 16:05:33 +02:00
iceman1001
91898babc0 FIX: data plot AutoCorrelate slider, window too big, now limited to number of samples. 
enhanced debugstatements,
'lf em 410x_demod' vs 'lf em 410x_read'   now read does the same as all other LF,  and demod too...
 2017-07-30 21:21:02 +02:00
iceman1001
bf5b7e2d91 coverity scan, uninitialized vars. 
removed crapto1.
 2017-07-30 10:33:40 +02:00
iceman1001
b3f787a64f fixes: armside 2017-07-30 10:01:30 +02:00
iceman1001
f28da2da6e monster merge... 
all those changes marshmellow did..  and more...
 2017-07-30 09:17:48 +02:00
iceman1001
208550823d FIX: 'lf simulate' - wrong fix, the simulation doesn't work very well, but now it looks better... 2017-07-29 00:34:21 +02:00
iceman1001
9ca75c1cfd disable some debug output 2017-07-28 03:00:28 +02:00
iceman1001
46a0ec7130 CHG: removed old TRUE/FALSE defines... some left still.. 2017-07-27 09:28:43 +02:00
iceman1001
24d332fac7 fixes.. 2017-07-11 18:27:59 +02:00
iceman1001
cdc0f15104 FIX: playing with some delays. 2017-07-11 17:40:29 +02:00
iceman1001
8bc17414fd new coverity scan complains.. 
fix 'lf hitag'  bit comparisions wrong
fix 'standalone mode'  logically dead code
 2017-07-07 15:45:40 +02:00
iceman1001
4406f4ee2a CHG: removed some #DEFINE TRUE/FALSE 2017-07-07 12:52:51 +02:00
iceman1001
5f18400cbe FIX: 'hf iclass reader' marshmellows fixes. 
CHG:  removing some #define TRUE
 2017-07-07 12:38:49 +02:00
iceman1001
77c98eb2d7 FIX: 'hf standalone mode' - had some printing issues when printing a Uin64_t. 2017-07-07 12:34:57 +02:00
iceman1001
ce56dd32e3 FIX: 'hf mf c*' works both with 1a/1b generation of tags. 2017-07-07 12:34:20 +02:00
iceman1001
3ca3d401c0 FIX: some adjustments to prng detection 2017-07-04 20:11:25 +02:00
iceman1001
a7e677061a FIX: 'hf 14a sim' - mifare ul-ev1 simulation didn't follow protocol, (thanks to @Vyacheslav for pointing it out) 
ref:  https://github.com/iceman1001/proxmark3/issues/110
FIX: 'hf 14a raw' - zero lenth commands and AppendCrc14443a doesn't work well together.
FIX: 'hf 14a raw' - made clear comments and making params comparing as it should be.
FIX: 'hf 14a raw' - when selecting tag, and it failed,  the PM3 device was left with antenna on. This has now been fixed as it turns off antenna and leds.
 2017-06-26 21:36:56 +02:00
akileos
1c1926a42c Merge pull request #1 from iceman1001/master 
Merge latest changes
 2017-06-03 11:35:30 +02:00
Iceman
9f3d7bbe29 Update hfsnoop.c 
Fix increment on bool variable (#294)  (thanks to @ikarus23)

c87c452120
 2017-05-29 09:49:02 +02:00
BOURDY Romain
7b8cbd38a8 Appveyor - Add strawberryperl / readline / libusb 2017-05-01 09:16:22 +02:00
iceman1001
f7639bc338 FIX: lf sim was broken since my little tests. Should work again. 2017-03-27 14:59:49 +02:00
iceman1001
e1778858dd FIX: lf hitag : Mea culpa, simulation should not have reader_field on. thanks to @Tiberius and @aczid for pointing out one of my mistakes from 2014. 2017-03-24 21:03:09 +01:00
angelsl
ece631fd06 Add Mifare Classic EV1 set load modulation command 2017-03-09 21:37:16 +08:00
iceman1001
57e1e31dce chg: unused .. but not for long 2017-03-06 19:15:01 +01:00
iceman1001
57778a4630 CHG: renamed struct sector -> sector_t 
CHG: defines on armside
CHG: #define WIN32 ->  _WIN32
CHG: started to enhance "hf mf chkkeys"
REM: removed some duplicates etc in default keys.
 2017-03-06 19:11:08 +01:00
iceman1001
8eeb3c6a0b CHG: And that should be everything cleaned up with unneed functions and calls. 2017-03-06 11:53:55 +01:00
iceman1001
7dfa1b021e CHG: breaking, forgot some.. 2017-03-06 11:50:26 +01:00
iceman1001
00baf27097 FIX: since the correctionNeeded logic changed, with PR #87 (https://github.com/iceman1001/proxmark3/pull/87) this is the consequence changes to it. 2017-03-06 11:27:15 +01:00
Timo Hirvonen
17ab9dcca0 Improved logic for determining the correct Frame Delay Time (FDT) value based on the last bit transmitted by the PCD 2017-03-06 11:39:12 +02:00
iceman1001
dfcf20d641 FIX: Coverity Scan fixes to emvcmd.c among others. 
FIX: emclearmem bug.
 2017-03-05 18:43:06 +01:00
iceman1001
bdeac4021a CHG: @marshmellow42 's XL size, and em4x05 timmings. 2017-03-04 14:37:26 +01:00
iceman1001
99136c6eef CHG: finalized the merge between peter filmoores 14atagfuzz branch (emv). I seriously doubt anything works. 2017-03-01 21:51:23 +01:00
iceman1001
c24364a8a4 FIX: @marshmellow42 's ST detection fix. 
FIX: lfops.c and em4x05 command timings.
 2017-02-28 19:20:12 +01:00
iceman1001
f24edfec54 CHG: hf 14a read - started to add a Magic tag gen2 detection. SKipping it for now. Can't decide to put in on deviceside or in client. 
FIX:  `lf read` - ophs..  it works again.
ADD: `lf em 4x05--`  - added a chipset definition
CHG: better kali fix - from @pwpivi
 2017-02-28 08:16:02 +01:00
iceman1001
8db18d2f15 ADD: hf 14a read - now can detect the newer magic generation 1b. In output 1A (old version, where all hf mf c* commands works) 1B is the newer. 2017-02-27 19:18:38 +01:00
iceman1001
aa5cba4ca3 CHG: coverity scan cpmplains.. 2017-02-26 00:40:19 +01:00
iceman1001
d24026ade8 BUG: forgot to remove 2017-02-25 23:14:55 +01:00
iceman1001
d32691f1da FIX: hf mf sim - authentication works again. 
CHG: `lf em`- renamed.
CHG: removed functionality in whereami.c, not needed.
 2017-02-25 23:00:20 +01:00
iceman1001
17556415a9 CHG: @marshmellow42 's changes to lfops.c /lfsampling.c 
CHG: updated CHANGELOG.md
 2017-02-24 15:45:24 +01:00
iceman1001
5215a87442 CHG: @Marshmellow42 's fixes. ref: e88096ba25 2017-02-24 01:14:47 +01:00
iceman1001
07bc72b880 CHG: continue code cleanup. 
REM: removed stdint.h ,  since we are using c99 when compiling.
 2017-02-23 00:32:14 +01:00
iceman1001
9c624f67b3 chg: @piwi's code cleanup and some more. 
ref: 43534cbad2
 2017-02-23 00:03:10 +01:00
iceman1001
4ac9f07840 CHG: lf em - added @marshmellow42 's changes 2017-02-19 00:12:35 +01:00
iceman1001
c930078036 FIX: wrong variable name. 2017-02-15 02:46:09 +01:00
iceman1001
1bfbe92a53 FIX: coverity scan found some bugs in EMV code. These are the fixes to: 
-CID 141293 - missing va_end call
  -CID 141290 - return var not always given a value
  -CID 141289 - array out of bounds write. off by one.
  -CID 141288 - dead code because of CID 141287
  -CID 141287 - wrong mask
  -CID 141286 - wrong mask value
 2017-02-15 02:44:34 +01:00
iceman1001
573e8d72c7 FIX: 'EMV compiling' - Makefiles are very picky about how things are done. its parser is a bit paranoid. So, to make things easier and more correct. 
- armsrc/Makefile          when commenting out functionality,  move it below the comment otherwise APPS_CFLAG breaks to early.  See WITH_LCD
  - common/Makefile.common   enable / disable EMV,  uncomment two lines.  then make clean && make all.  flash,   MIGHT NOT work on 256kb devices

FIX: missing break in appmain.c made it go to iclass function..
 2017-02-13 15:32:48 +01:00
iceman1001
4c8fe2e976 CHG: some minor adjustments. 2017-02-13 11:06:30 +01:00
iceman1001
ff9c043da2 FIX: T5555/Q5 datarate when used in "Q" parameter, consequential fix in lf commands. (RF-2/2) ie: ((64-2)>>1) 
ADD: Marshmellow42 's timing fixes for em4305.
 2017-02-13 10:58:28 +01:00
iceman1001
cb1ba30a5e FIX: first attempt to clean up EM4x50 commands. 
- `lf em4x readwordPWD` merged into `lf em4x readword` See help text
 - `lf em4x writewordPWD` merged into `lf em4x writeword` See help text

 - `lf em4x readword` now download the collected signal data after command.

On device side the lfops.c has gotten some love. Code cleaner,  increased EM_START_GAP from 55 FC to 56 FC, because of how our microsecond(us) clock works with 21.3us increments.

TODO: `lf em4x em4x50read` needs to be factored to use @marshmellow42 's  ASKdemod instead of trying to do itself.
 2017-02-07 22:26:06 +01:00
iceman1001
5ed5e418c9 CHG: testing to set 460800 baudrate as default, if it fails, go to 115200 baudrate. For Linux/Win. Works great in my environments. 2017-02-06 02:33:08 +01:00
iceman1001
1903696e2a chg: uncomment -DWITH EMV to compile for EMV. 2017-02-06 00:57:31 +01:00
iceman1001
60ca588725 syntax sugar 2017-02-06 00:51:06 +01:00
iceman1001
d627a2fd8c FIX: commented code screws up notepad++ groupings. 2017-02-06 00:50:37 +01:00
iceman1001
a32e8034e0 FIX: get rid of de-referecing pointer warnings. 2017-02-06 00:49:32 +01:00
iceman1001
6a1687cc3e ADD: 'hf emv' - forgot to add some file 2017-02-05 22:16:50 +01:00
iceman1001
3e83ff2159 CHG: '-DWITH_EMV' - fixing some compilation errors when compiling with peter fillmore's emv code. Warning a 256kb Proxmark3 device will only have 7% memory left if you enable this 2017-02-05 21:09:36 +01:00
iceman1001
a330987de1 CHG: 'lf cotag demod' - now finds FC/CN Thanks to @marshmellow42 
CHG:  'lf search' - now detects COTAG
 2017-02-02 19:15:36 +01:00
iceman1001
5f5b83b743 ADD: 'lf cotag read' - COTAG can be read now. 2017-02-02 15:32:21 +01:00
iceman1001
4401050bcc ADD: 'hf standalone 14a mode", added "mifare 4k" detection. 
ADD: 'hf 14a sim' - added mifare 4k simulation.
 2017-02-01 14:41:06 +01:00
iceman1001
507afbf3e6 CHG: 'lf cotag read' - it now follows "lf config" settings when collecting signaldata. 2017-02-01 14:11:11 +01:00
iceman1001
d760c7b3d9 FIX: 'standalone_14a mode' - cleaned up the standalone14a mode code. It now detects and simulates 4,7byte uids, like it should. code refactored to be easier to understand. 2017-02-01 14:09:26 +01:00
iceman1001
16cfceb689 CHG: rename a local scope variable "data"->"cmd" 
CHG: call params to selectcard too few
CHG: 'standalone HF mode' - when copying second UID onto data array,  it should append after first one, not over the first one.
ref: https://github.com/iceman1001/proxmark3/issues/77    Lets see if this fixes the HF part of this issue
 2017-02-01 12:50:54 +01:00
iceman1001
b828a4e168 CHG: 'lf snoop' - now automatically downloads samples after finished. (annoying step to do over and over) 
FIX: 'lf snoop'      - now turns of LF antenna after snoop.
FIX: 'lf cotag read' - now waits until the ACK cmd arrives before downloading samples.
 2017-01-31 16:11:57 +01:00
iceman1001
84bdbc1917 FIX: 'hf 14a sim x' - adjusted and shows messages when verbose. 
FIX: 'hf mf sim x i' - same as above.

In general we only use Moebius attack for "sim x",  that means a clean up on device side code. simpler to understand. It still tries to gather 8 different collections of nonces combo. When one is complete, it get sent to client which runs moebius direct.
 2017-01-29 23:09:23 +01:00
iceman1001
7e735c1398 FIX: 'hf 14a sim x' - this fixes the error with using moebius attack and sim. Updating the nonce variable doesn't change the premodulated response. And it should update everytime it gets a command. One concering issue is that this takes time. Successfully works with two PM3. One acting reader, another sim. 2017-01-29 11:29:15 +01:00
iceman1001
e99acd00cc CHG: the mifare Auth command can make use of a random nonce aswell. 
CHG: since sim commands are timing critical, I'm testing a smaller prand prng function from Intel
 2017-01-29 10:41:48 +01:00
iceman1001
4653da4331 ADD: lf cotag - added first try at basic functionality to read samples from Cotag. In lfops.c is the startup sequence that needs to be tested out. 2017-01-27 10:49:34 +01:00
iceman1001
74dde713b1 CHG: should remove the OSX linker warning: ld: warning: directory not found for option '-L/opt/local/lib' 2017-01-26 21:13:17 +01:00
iceman1001
2d3f8e5fa7 ADD: some defines to make headerfiles behave better. 
CHG: syntax sugar
 2017-01-26 14:23:05 +01:00
iceman1001
bf5d7992ce ADD: @micolous random nonce, adjusted to fit in. Icemanfork only uses Moebius attack, so no need for an extra parameter in client. 
ref: https://github.com/Proxmark/proxmark3/pull/209
 2017-01-26 14:21:51 +01:00
iceman1001
de39bf505a CHG: moved some from THUMB to ARM.. Looks like usb communication became bad. 2017-01-25 13:00:49 +01:00
iceman1001
0ccf8adac4 CHG: moved to header file 2017-01-25 00:34:00 +01:00
iceman1001
53d5dc643f CHG: fiddled with the headerfiles... and makefile... Tried to make them behave nice. So it isnt a hell to add new functions from third-party (like des, aes etc) 
Added a lot of #ifndef ,   extern C,
Move inside from ARMSRC -> THUMBS,  which made the compiled image smaller.. I don't know if it broke anything.
Moved MF_DBGLEVEL definitions into common.h
Moved print_result from util.c into appmain.c
Also split up some struct typedef  into header files so they could be reused in other code places.

''' danger '''  this might have broken stuff...
 2017-01-25 00:33:03 +01:00
iceman1001
0de81725ed syntax sugar 2017-01-21 11:34:33 +01:00