Commit graph

2128 commits

Author SHA1 Message Date
iceman1001
f7c1a934d0 CHG: "hf 14a sim" now uses mfkey32 and mfkey32_moebius as methods to retrive the key in attack_mode. 2016-04-18 13:20:17 +02:00
iceman1001
c01d8e21ea CHG: deviceside changes to deal with sniffing UID's with length of 10. 2016-04-18 13:19:11 +02:00
iceman1001
6c84c90017 FIX: this fixes the "hf mf sniff l d f" command, which has been broken for a while. The cuid is correct used for decrypting.
FIX: The flushing of logentries.
ADD: "hf mf sniff" - added the sniffing of UID's with a uidlen of 10.

Whats left? The key is not always found even if we use the "mfkey64" approach.

ADD: added the parity_zero attack in "hf mf mifare".  Still not working since piwi's changes to the iso14443a.c,  maybe needs a param to tell it to collect nonces for this special attack.
CHG: extracted some help-texts into usage_* methods. Changed some text as well

FIX:  "hf mf sim" command now uses both  mfkey32 and mfkey32_moebius version to find the key in attack mode.
CHG:  "hf mf sim" also now defaults to emul_memory to read a 4 byte UID.
2016-04-18 13:18:02 +02:00
iceman1001
cd91e41cb5 FIX: this fixes the mftry32, mftry32moebius and trymf64 implementations. Which is used in the "hf mf sim x" and "hf 14a sim x" built in attacks.
ADD: added the nonce2key version which should be able to find the key when the collected PARITIES is ZERO.
2016-04-18 13:08:18 +02:00
iceman1001
c805748f34 ADD: added a method for le32toh. Converting bytes to uint32_t .
CHG: correct use of FILE_PATH_SIZE in the tracelogging functions.
2016-04-18 13:05:35 +02:00
iceman1001
ce211cef39 FIX: corrected the FLAG_NR_AR_ATTACK 2016-04-18 13:02:36 +02:00
iceman1001
b416b7d287 CHG: make the text a bit easier to understand. 2016-04-18 13:01:26 +02:00
iceman1001
9358e49641 ADD: triplesized UID
ADD: ACK, NACK, defines from mifareutil.h
2016-04-14 11:38:16 +02:00
iceman1001
40f6f2ff50 ADD: started to add a BUTTERWORTH filter, not working yet. 2016-04-14 11:37:17 +02:00
iceman1001
13fc2e9c71 ADD: added triplesided UID to "hf mf sniff" 2016-04-14 11:35:49 +02:00
iceman1001
c981c53ff3 MOV: moved the #DEFINES into protocols.h 2016-04-14 11:34:36 +02:00
iceman1001
68410a4892 Syntaxt suger 2016-04-14 11:34:02 +02:00
iceman1001
0e32bf46e7 CHG: added the ascii output for the pwd. 2016-04-14 11:32:43 +02:00
iceman1001
0194ce8fc8 ADD: simulating can now handle triplesized UID (10b)
CHG: moved some mifare #DEFINES into protocols.h  (ACK,NACK..)
2016-04-14 11:09:17 +02:00
iceman1001
7ee74a8ebd CHG: Swapped to using the DEFINES. 2016-04-14 11:05:27 +02:00
iceman1001
91c7a7ccb7 Syntaxt suger,
and some clean up in the "hf mf mifare" code.  I removed the three strategies Pivi added to make the code easier and added a lot of comments to understand.
the WDT bug is still there in this code. Needs further testing yet, before I commit the fix.
So far the fix is quite stable on ubuntu, but on mingw/win is breaking still. Which at this point doesnt make any sense.
2016-04-12 11:36:52 +02:00
iceman1001
88e20c9f6d syntax suger 2016-04-12 11:30:49 +02:00
iceman1001
46f983fe9e REM: removed an unused method MifareCollectNonces
ADD:  added some set_tracing(FALSE) calls for consistency.
and.. syntax suger
2016-04-12 11:29:40 +02:00
iceman1001
01c78dabc3 CHG: syntax suger 2016-04-11 15:26:55 +02:00
iceman1001
41863885d0 REM: removed some unused code, GetDeltaCountUS() and a global counter variable. Its not used anywere.
CHG:  syntax suger
2016-04-11 15:26:15 +02:00
iceman1001
86d597a510 ADD: added @pivi 's faster authentication method from 'hardnested' into "hf mf chk" (check keys) and removed the "halt" command.
the speedup is great. Together with the previous speedups from making changes how the client sends the keys to the device,  make it lightning fast. It would be fun to see how much fast it is now.
2016-04-11 15:25:00 +02:00
iceman1001
2daa0d0b1e CHG: doesnt flush the printf() calls 2016-04-10 13:34:27 +02:00
iceman1001
cbdcc89ae7 CHG: free the malloc:d memory in the crc8 function.
CHG: use the new GetEMLfrombigbuff  method.
ADD: added a usage_legic_read
2016-04-10 13:18:11 +02:00
iceman1001
ca5bad3d73 CHG: syntax suger,
CHG: the nested call to readerreceive is not negated..
2016-04-10 13:05:01 +02:00
iceman1001
1b4a446aba CHG: syntax suger.. 2016-04-10 12:58:04 +02:00
iceman1001
2abdfa491c CHG: mostly syntax suger, trying to uniform the look 'n feel.. To make calls act to what is expected. 2016-04-10 12:56:59 +02:00
iceman1001
5eceba292f CHG: some textual change and some syntax suger changes. 2016-04-10 12:55:18 +02:00
iceman1001
cb832982c9 FIX: how to break a working thing by being blind... 2016-04-10 12:29:38 +02:00
iceman1001
407697dfe3 ADD: more keys 2016-04-09 19:46:57 +02:00
iceman1001
bae363d860 ADD: more keys.. 2016-04-09 19:45:28 +02:00
iceman1001
9e43f09ade removed some old code,
rename a function, that tries to add IIRfilter Butterworth on a signal.  Lets see if I can get it to work on Graphbuffer data one of these days.
2016-04-05 04:51:06 +02:00
iceman1001
a81b99b9b1 ADD: @zhovner 's decryption of trace data to mfkey64 2016-04-05 04:49:34 +02:00
iceman1001
5774b2b44d ADD: added a WIN sample. 2016-04-05 04:48:05 +02:00
iceman1001
d40d64ef0d CHG: old code calls outdated command. Even if it works in my fork, it doesnt work in PM3 master. 2016-04-05 04:47:42 +02:00
iceman1001
12b998cbd8 ADD; Some 7816 error codes 2016-04-05 04:46:25 +02:00
iceman1001
13629a71d3 minor adjustements, found some comments. 2016-04-05 04:45:07 +02:00
iceman1001
ef085a5948 CHG: adjusted two arrays in scripting.c to mirror the added models in reveng 1.4.0 2016-04-05 04:43:54 +02:00
iceman1001
4534ec060a CHG: and the Makefile needs also to be updated 2016-04-05 03:35:47 +02:00
iceman1001
ca98f30c53 CHG: forgot one file for the RevEng update 2016-04-05 03:35:12 +02:00
iceman1001
0a25987730 Add; some keys 2016-04-05 03:34:46 +02:00
iceman1001
a78a3d9dc3 CHG: Updated RevEng1.31 to 1.40
--snipped changelog

1.4.0	24 February 2016
	* Added 11 new algorithms, CRC-4/INTERLAKEN, CRC-7/UMTS,
	  CRC-8/LTE, CRC-8/SAE-J1850, CRC-11/UMTS, CRC-16/LJ1200,
	  CRC-24/BLE, CRC-24/INTERLAKEN, CRC-24/LTE-A, CRC-24/LTE-B,
	  CRC-30/CDMA, and 4 new aliases, CRC-12/UMTS, CRC-16/LTE,
	  CRC-16/UMTS, CRC-32/INTERLAKEN, from the CRC Catalogue.
	* Eliminated string comparison when testing if a model name is
	  an alias.
	* Split off presets into preset.c.
	* Eliminated bogus calls to bsearch() in preset.c.
2016-04-05 03:34:03 +02:00
iceman1001
c3559d162a textual changes 2016-03-23 14:04:10 +01:00
iceman1001
b9e66427b7 Forgot some breaks, and a faulty comparision of a set bit. 2016-03-23 14:03:41 +01:00
iceman1001
186ad6037c ADD: added the ETU and Frame wait time based on the Frame wait integer value. 2016-03-23 14:02:50 +01:00
iceman1001
06eb3b1a8c coverity fixes for my latest changes.
Forgot some breaks in 7816 annotation, and  presco used an uninitalized char array.
2016-03-22 08:40:20 +01:00
iceman1001
f3782960fa syntax cleaning. 2016-03-21 22:09:04 +01:00
iceman1001
774560e39e CHG: no parity tests for ISO_7816_4 annotation 2016-03-21 22:07:55 +01:00
iceman1001
5de71ee6bf CHG: enter a define for TIMEOUT 2016-03-21 22:07:23 +01:00
iceman1001
ab6d8a4c47 CHG: fixed the commands, its now valid calypso 7816 commands. 2016-03-21 22:06:51 +01:00
iceman1001
0fcfad0ee6 CHG: testing for windows clients to get a higher baudrate. Was 9600, testing 115200 as for non_win.
CHG: testing to set USB 2.0 standard,  instead of USB1.1  ...
2016-03-21 22:05:59 +01:00