RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2024-09-21 07:46:12 +08:00
Code Issues Packages Projects Releases Wiki Activity
5797 commits 3 branches 14 tags 86 MiB
Commit graph

206 commits

Author SHA1 Message Date
iceman1001 4b2a746ef5 ADD: 'hf mfu' detection of Mifare Ultralight NANO tags. 
Interesting tag with two new commands.  LOCK_SIG  / WRITE_SIG.   Need to add support for it.
https://www.nxp.com/docs/en/data-sheet/MF0UN_H_00.pdf
 2018-04-03 09:57:20 +02:00
iceman1001 3d92a616b7 fix: to_lower -> tolower 2018-03-19 19:24:52 +01:00
iceman1001 c814615e1b chg: helptext now shows correct sample key. (thanks @Dmanufacturer for pointing it out) 2018-03-19 19:19:57 +01:00
iceman1001 0abb85a411 chg: 'hf mfu dump' - renamed filename parameter from 'n' to 'f', since 'f' is used on other command (iClass) 
chg: generic to_lower can remove some cases
 2018-03-19 18:16:33 +01:00
iceman1001 0656edbb85 chg: 'hf mfu dump' message 2018-03-17 14:34:55 +01:00
iceman1001 b0eaa730c0 FIX: 'hf mfu dump' - partial reads leads to overwritten data on wrong blocks. 2018-03-16 16:31:10 +01:00
iceman1001 0eca7e3977 chg: #define rename 2018-03-16 08:58:07 +01:00
iceman1001 7a71df3aec syntax sugar 2018-03-15 22:35:11 +01:00
iceman1001 24482211ad chg: the dot progress is not logged anymore. Force fflush afterwards. 2018-03-05 20:07:29 +01:00
Brian Pow 4306f85343 tweak messages 2018-02-21 20:43:54 +08:00
Brian Pow 5b0233854d use PrintAndLogEx() instead of PrintAndLog() 2018-02-21 20:43:49 +08:00
Brian Pow ec0fa961a1 use PrintAndLogEx() instead of PrintAndLog() 2018-02-21 20:43:49 +08:00
Brian Pow b1d414c680 CHG: replace 'samples:' with 'Examples:', unify some usage text 2018-02-09 22:56:16 +08:00
iceman1001 681f2cc83d fix: bad compare. 2018-01-25 18:10:34 +01:00
iceman1001 07bf77e155 fix: 'hf mfu restore' - printed too many bytes. 8 -> 4 2017-12-03 15:58:37 +01:00
iceman1001 3b4b7812bf fix: removed a warning, 2017-12-02 19:01:43 +01:00
iceman1001 6e144e0121 chg: removed line 2017-11-29 07:19:51 +01:00
iceman1001 2a120ec2e0 fix: no copy the crc 2017-11-29 07:18:43 +01:00
iceman1001 53452ab857 fix: 'hf mfu info' - rfu should n't print pack. 
fix: 'hf mfu info' - wrong pointer to cli authenticationkey
 2017-11-28 21:23:58 +01:00
iceman1001 bed2ff2dba fix: wrong place.. key got overwritten.. 2017-11-28 20:36:29 +01:00
iceman1001 bc9b2af87e ADD: NTAG213F,NTAG216F specific information in configuration blocks. 
ADD: insert pwd/pack if specified from cli.
 2017-11-28 20:03:46 +01:00
iceman1001 5f58dcfa52 fix: 'hf mfu dump' - wrong. 2017-11-28 09:25:36 +01:00
iceman1001 6fa8740abd fix: 'hf mfu info' - select before testing a new pwdgen. 
fix: 'hf mfu info' - break after found pwd
 2017-11-27 20:04:54 +01:00
iceman1001 b99d759231 fix: compare not assign 2017-11-27 09:23:21 +01:00
iceman1001 f46546c5a9 ADD: 'hf mfu info' - tag identification should now identify NTAG213_F , NTAG216_F (thanks for info @jackfagner) 2017-11-27 09:21:55 +01:00
iceman1001 428e54bb6b CHG: 'hf mfu' gettype identification, now deals with NTAG213, GetVersion = subtype 04, 2017-11-26 19:16:12 +01:00
iceman1001 1ebf4afd73 CHG: 'hf mfu info' - now also tests for pwdgen algo D. 2017-11-26 16:52:20 +01:00
iceman1001 0815f19389 ADD: new pwdgen algo, (thanks @jackfagner) who did a great job figuring it out. Read his blog. 
ref.   https://github.com/jackfagner/NfcKey/blob/master/NfcKeyC.c
 2017-11-25 08:48:36 +01:00
iceman1001 2f3dbbcaa3 rename: ul_switch_off_field -> DropField (inside cmdhf14a.c) 
chg:  Fix memory bounds error (@wsmoses)
 c3511781a1
 2017-11-11 23:23:01 +01:00
iceman1001 9b4e52b89e CHG: dropfield 2017-11-10 20:49:56 +01:00
iceman1001 a4b4a1a9a2 FIX: iso-14443a RATS optional (piwi) 2017-10-01 22:06:06 +02:00
iceman1001 d2f19521a7 fix: 'hf mfu restore r' it now uses the newly written pwd for all further authentications needed. 
- it also tries to save the special blocks, and configurationblocks in a certain order.
 2017-07-17 14:27:11 +02:00
iceman1001 da32472099 chg: 'hf mfu restore' added the parameter 'r', to read the password from the dump file and write to a magic ntag 21* , to be used together with the parameter 'e' 2017-07-15 14:03:11 +02:00
iceman1001 1b6176995f chg: 'hf mfu restore' swapped some parts so to write special areas first and configblocks last. 2017-07-14 21:24:36 +02:00
iceman1001 c5e04ba927 fixes: removed bad references. 
chg: 'hf mfu restore e' added the special block writes options
 2017-07-14 08:47:23 +02:00
iceman1001 b99fa57e42 fix: wrong variable 2017-07-13 23:37:09 +02:00
iceman1001 7cf0bf19e5 FIX: 'mfu authentication' bug where the pack-length was wrong 
ADD: 'hf mfu restore'  - added a restore from file command, see helptext for instructions
CHG: some help-text updates and refactored to functions
CHG: 'hf mfu gen'  - added the possibility to read uid from card as input
CHG: 'hf mfu dump' - refactored out the dump-printing
 2017-07-13 13:10:46 +02:00
iceman1001 17a8e69e90 ADD: 'hf mfu info' type detection now support NTAG_I2C_1K_PLUS, NTAG_I2C_2K_PLUS 
ADD: 'hf mfu info'  ul-ev1 pwd tests are now correct
ADD: 'ul ev1 authentication' now deals with magic tags and NACK messages correct.
ADD: 'hf mfu pwdgen'  added the option 'r' to read uid from tag instead.
 2017-07-11 17:52:01 +02:00
iceman1001 ab2167c47b FIX: 'hf mfu dump' - the ascii printing would print control-chars, which could hang client. Unprintable chars is replaces with a DOT 2017-02-14 15:52:28 +01:00
iceman1001 cf5a79de33 ADD: 'hf 14a read' - correct identify Aztek tags, instead of claiming it to be "not mfu". 2017-02-04 12:32:14 +01:00
iceman1001 2dcf60f3df CHG: "hf mf hardnested" - less printing 
CHG: some filehandles = NULL.
 2016-10-21 16:06:53 +02:00
iceman1001 0e32bf46e7 CHG: added the ascii output for the pwd. 2016-04-14 11:32:43 +02:00
iceman1001 683180cb60 ADD: added a simple test of known pwd algos based on uid. 2016-02-24 08:31:46 +01:00
iceman1001 54d893143c FIX: Coverity, out-of-bounds read ... 2016-01-13 14:51:02 +01:00
iceman1001 28415b5d90 FIX: Coverity, unchecked return value, CID #121292,.. 
basicallty the flush queue commmand is replaced with clearCommandBuffer();.
 2016-01-12 22:30:22 +01:00
iceman1001 dd79e03a1a ADD: a new pwdgen algo Nicknamed C, (Huge props to @Bettse for everything) also added to the "hf mfu info" command. However, that will not work given the system's lockbits.. :( Maybe I'll add a function to test all imp pwdgens given a UID without making a authentication call to tag. 
ADD:   BSWAP_32 macro, for changing endianness.
 2016-01-09 17:17:36 +01:00
iceman1001 e869d59871 ADD: @marshmellow42 's changes to "hf mfu dump" 2015-12-21 19:48:33 +01:00
iceman1001 9332b857ff ADD: @marshmellow42 's fixes for Q5, t55xx, fskclock, 
ADD:  got tired of always writing wrong "hf 14a list",  so I hooked it back up to call the "hf list" with argument. Things becomes smoother that way.
 2015-12-16 11:01:46 +01:00
iceman1001 2b1f4228c2 ADD: @marshmellow42 's changes to "hf mfu *" , 
ADD: @marshmellow42 's changes to "hf mf sim",
ADD: @pwpiwi 's parity files was missing.
 2015-12-15 09:34:55 +01:00
iceman1001 8c671cfb97 FIX: minor fixes in hf mfu, from @marshmello42 's branch. 2015-12-14 22:52:04 +01:00
iceman1001 5247c0c193 ADD: hooked up the new pwdgen functions inside the "hf mfu info", to be tested if the authlimit is not set. 2015-12-02 23:06:03 +01:00
iceman1001 9984b1735a CHG: updated helptext for lf t55xx bruteforce 
ADD: a ROL function in util.c
ADD: two pwdgen functions in cmdhfmfu.c,  call them with a 7byte UID and get a 4byte number back. Will see if it can be connected with the "hf mfu info" command,  make data extraction easier later on.
ADD: added some more easy pwd in the dictionary file default_pwd.dic
 2015-12-02 22:46:11 +01:00
iceman1001 5636ee8ce6 ADD: 'hf mfu info' now prints following settings: 
NFC_COUNTER_EN       - If set, every read,fast_read increases a counter.
      NFC_COUNTER_PROT_PWD - If set, reading nfc_counter needs a successfull pwd authentication before
These new settings is only valid for NTAG213/215/216,
 2015-11-22 18:13:26 +01:00
iceman1001 52f2df615b ADD: lf indalademod output, The binary string is now printed with linebreaks every 16bits 
ADD: lf awid code is modified,  some minor changes in outputs
ADD: lf t55xx write now prints the password on the same row,  looks better when using the new "lf t55xx wipe" command.
ADD: the ioprox T55X7_IOPROX_CONFIG_BLOCK block.
 2015-11-21 18:48:58 +01:00
iceman1001 1d0ccbe04b ADD: added the "hf snoop" patch original from @Enio, rearranged by @Etmatrix. 
ADD:  added the "t55x7" refactoring by @marshmellow42
 2015-10-27 21:47:21 +01:00
iceman1001 e98572a1e2 I just merged @marshmellow's branch "iclass" and that was a lot of new functionality. *great work* 
Things like the ICLASS, tryDecryptWord,

--
My other stuff like default keys, some new Mifare EV1 commands 0x40, 0x43 for the logging annotation,  start of the T55x7 configblock helper functionality (ripped from Adam Lauries RFIdler code)
Changes to the PCF7931 functions written,  which has a lousy input check..
 2015-10-07 23:00:46 +02:00
iceman1001 f3cfe428f8 ADD: fixed some spelling misstakes in luascript. 
ADD: fixed some spelling misstakes in "hf mfu eload" help
 2015-10-05 21:25:00 +02:00
iceman1001 0de8e3874d A lot of changes... 
.. ntag simulation stuff from @marshmellows branch "ntag/sim"
.. hf mf mifare fixes from @pwpivi.
.. hw status command
.. speedtest function from @pwpivi
.. Viking Functionalities,   (not a proper DEMOD, but a start)
.. GetCountUS  better precision from @pwpivi
.. bin2hex,  hex2bin  from @holiman

...
starting with getting the T55x7 CONFIGURATION_BLOCK for different clone situations. Ripped from Adam Lauries RFidler,   nothing working or finished..
...
Started working with the T55x7 read command with password actually performs a write block...  See Issue #136  https://github.com/Proxmark/proxmark3/issues/136    Not solved yet.

...
Started add SHA256..   not working yet..
 2015-10-04 18:01:33 +02:00
iceman1001 7838f4beba MERGED: @holimans changes 
MERGED: @piwi changes
MERGED: @marshmellows changes.

I'm not even gonna try write up all that stuff..

ADD: changed some commands inside the "Hf 14a sim" on deviceside.
ADD: @mobeius "two nonce" version for mfkey32.   It is also inside the "hf 14a sim" with the "x" parameter.
 2015-07-22 23:00:52 +02:00
iceman1001 f53020e729 Merge branch 'master' of https://github.com/Proxmark/proxmark3 
Conflicts:
	armsrc/Makefile
	armsrc/iso14443b.c
	armsrc/lfops.c
	client/cmdhf14b.c
	client/cmdhfmfu.c
	fpga/fpga_hf.bit
	fpga/hi_read_rx_xcorr.v
 2015-06-23 23:02:29 +02:00
iceman1001 24344f28ad FIX: ref 2ec8773314 
@marshmellow42 's fixes for pskdemod and mfu.
 2015-06-23 19:22:40 +02:00
marshmellow42 2ec8773314 fix bug in pskdemod return value if no samples... 
... caused crash in data psknexwatchdemod if no samples were in the
graphbuffer.
also fixed hf mfu wrbl and rdbl to allow printing of help without a tag
being present.
 2015-06-23 12:16:23 -04:00
iceman1001 22e2470051 ADD: @marshmellow42 fudan detection in hf mfu 
ADD: @marshmellow42 14b reader changes.
ADD: @pwpiwi 14b fixes
 2015-06-21 11:07:05 +02:00
marshmellow42 7c8b5e6811 comment fudan check possibilities 2015-06-20 21:33:42 -04:00
marshmellow42 f4217d58b6 add ultralight compatible test 2015-06-18 17:19:43 -04:00
iceman1001 1c6e7f0393 ADD: @marshmellow42 's infineon MY D(tm) MOVE LEAN tag identification 2015-06-02 12:20:16 +02:00
marshmellow42 4a74e2be72 add my_d move lean identification. 2015-06-01 00:18:03 -04:00
marshmellow42 be290d68bd new lua script from @iceman1001 + bug fix in hf mfu 2015-05-31 16:08:58 -04:00
iceman1001 e86a89044a FIX: minor fix to the magictest function. It always makes a select tag first, but never took in consideration that the tag already could have been selected. 2015-05-31 21:49:00 +02:00
iceman1001 95aeb706d7 CHG: @marshmellow42 changes on deviceside. 
ADD: increase debuglevel for printing a statment in ul_ev1_auth
 2015-05-27 23:23:46 +02:00
marshmellow42 22342f6dfe Add clearCommandBuffer before SendCommand 
adjust output of mfu rdbl to be consistent
fix output of mfu dump in case startPage was specified. (also was
missing "i" in second print...)
 2015-05-26 10:40:23 -04:00
iceman1001 c3c241f389 CHG: moved a xor function into util.c 
CHG: added some calls to clearCommandBuffer() in /hf mfu/hf 14a sim/hf mf sim/ commands.
CHG: minor adjustments to relative pathing.
 2015-05-26 11:04:57 +02:00
iceman1001 46cd801c5a FIX: dumptoemul.lua removed the extra linebreak in the end, making some load commands complain. 
MOV: moved the try32/try64 attacks (mfkey32/mfkey64) into the nonce2key.c file
CHG: added @marshmellow42 changes to hf mfu dump layout.
ADD: an extra call to BigBuf_free in readcard..  just to make sure that it doesn't leak memory.
ADD: expermimental call to "try32" for "hf mf sim x".
 2015-05-25 13:10:55 +02:00
marshmellow42 79d7bcbb51 updated mfu rdbl and wrbl commands 
@iceman1001 s rdbl and wrbl cmd updates.
dump screen output adjusted
 2015-05-24 22:28:21 -04:00
iceman1001 7444d916c6 FIX: hf mfu dump, now reads correct memory from device-side. 
CHG: hf mfu dump - output data styled :)
 2015-05-24 21:51:44 +02:00
marshmellow42 0ce03d9ab0 fix mfu dump getbigbuffer bug 
Thanks @iceman1001 for catching my oops, and fixing it :)
 2015-05-23 22:35:50 -04:00
iceman1001 ce432659f2 Adjustments after the big merge from PM3 master. 2015-05-23 08:38:46 +02:00
iceman1001 bcf61bd34a Merge branch 'master' of https://github.com/Proxmark/proxmark3 
Conflicts:
	README.txt
	armsrc/appmain.c
	armsrc/apps.h
	armsrc/des.c
	armsrc/iclass.c
	armsrc/mifarecmd.c
	armsrc/mifareutil.c
	armsrc/mifareutil.h
	client/cmddata.c
	client/cmdhf.c
	client/cmdhf14a.c
	client/cmdhficlass.c
	client/cmdhfmfu.c
	client/cmdhfmfu.h
	client/cmdscript.c
	client/lualibs/commands.lua
	client/lualibs/html_dumplib.lua
	client/scripting.c
	client/util.c
	common/protocols.h
	include/usb_cmd.h
 2015-05-23 08:16:40 +02:00
marshmellow42 012c0761bd hf mfu minor output adjustments 
dump key placed properly for EV1 and NTAGs

config pages for ntags corrected in printout

note on config that PWD and PACK cannot
actually be read from memory  (probably could just delete them (other
than it shows what memory block they are stored in for changing...)
 2015-05-22 13:17:51 -04:00
marshmellow42 8f2e50b4c5 mfu info authkeyptr fix 
didn't follow @iceman1001 s l parameter changes fully...  fixed now..
:)
 2015-05-22 07:29:18 -04:00
iceman1001 a7e7cd419a FIX: camelcase on a variable caused some issues. 2015-05-22 08:48:23 +02:00
marshmellow42 06561c34ef fix to dump cmd print keys. 
add l option to info cmd.
add ascii print to dump (screen only)
other minor clean up
 2015-05-22 00:15:57 -04:00
iceman1001 2491a25235 FIX; the "L" optional parameter for swapping endianess on used authentication key. It is now implemented for following commands. 
"HF MFU INFO"
"HF MFU DUMP"
"HF MFU RDBL"
"HF MFU WRBL"

CHG;  I commented away the option to add the key to the dump, since it is not written in big-endian, like the data is on ULC. This needs to be addressed before it comes back. I like the idea of having keys inside the dumps on the correct places.
 2015-05-21 23:17:01 +02:00
marshmellow42 efd193519c hf mfu bug fixes, and help text fixes 2015-05-21 11:17:01 -04:00
iceman1001 f605970307 FIX: call the wrong usage_hf_mfu method. 
CHG: minor help text changes.
 2015-05-20 23:52:56 +02:00
iceman1001 fff69a1e34 CHG: Merged the "hf mfu rdbl" and "hf mfu crdbl" commands into "hf mfu rdbl". One read command. 
CHG:  Merged the "hf mfu wrbl" and "hf mfu cwrbl" commands into "hf mfu wrbl". One write command.

Both new commands implement a help, authentication (0x1A/0x1B) for ULC and the rest,
 2015-05-20 23:44:11 +02:00
marshmellow42 1c429594a1 further mfu info updates 
needed to auth select when a command failed for locked tags.
some output cleanups from @iceman1001
 2015-05-20 16:47:40 -04:00
iceman1001 329f5cf2a5 CHG: making sure all outputs follow the same pattern in "hf mfu info" 2015-05-20 22:04:40 +02:00
iceman1001 c81a80dc96 FIX: made the authentication part a bit clearer. It now uses two booleans to seperate which type of authentication was requested from user. 2015-05-20 21:44:22 +02:00
marshmellow42 cd87ee9133 finish NTAG i2c +... 
thanks iceman
 2015-05-20 15:42:58 -04:00
marshmellow42 46fcd738e0 finish NTAG i2c +... 
thanks @iceman1001
 2015-05-20 15:41:48 -04:00
iceman1001 1fa96198bb ADD: @marshmellow42 latest fixes, 
CHG: change name to fancey "NTAG I²C 1K"
 2015-05-20 21:03:58 +02:00
marshmellow42 8241872c47 ULEV1_48 had the wrong max block 2015-05-20 14:22:26 -04:00
marshmellow42 ea11861793 minor adjustments to hf mfu 2015-05-20 14:17:43 -04:00
marshmellow42 c7442b7673 Add NTAG i2c and bug fix 
also streamlined select tag code
 2015-05-20 14:06:46 -04:00
iceman1001 623db3559b CHG: the new NTAG_i2c_1K enums, broke the uint16_t size.. Had to go up one level. 2015-05-20 19:26:11 +02:00
iceman1001 05f7accdbb CHG: @marshmellows changes. 
ADD: NTAG i2c 1K / NTAG i2c 2K identification.
 2015-05-20 19:20:26 +02:00
marshmellow42 a383f4b708 Add ntag 210, 212, 203 and bug fix 2015-05-20 11:27:44 -04:00
iceman1001 b61e397962 ADD: NTAG_210, NTAG_212 support / identification. @marshmellow42 's idea. 2015-05-20 14:09:40 +02:00
iceman1001 e9bb4f47ee CHG: "hf mfu info" now always tries to read the NDEF CC. (was restricted to only NTAG213,215,216 before) 2015-05-20 10:36:55 +02:00