RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-02-14 03:03:14 +08:00
Code Issues Projects Releases Packages Wiki Activity
2677 commits 3 branches 15 tags 87 MiB
Commit graph

1693 commits

Author SHA1 Message Date
iceman1001
a330987de1 CHG: 'lf cotag demod' - now finds FC/CN Thanks to @marshmellow42 
CHG:  'lf search' - now detects COTAG
 2017-02-02 19:15:36 +01:00
iceman1001
96b516e180 CHG: minor fixes in setting arrays and error messages. 2017-02-02 15:39:35 +01:00
iceman1001
5f5b83b743 ADD: 'lf cotag read' - COTAG can be read now. 2017-02-02 15:32:21 +01:00
iceman1001
4401050bcc ADD: 'hf standalone 14a mode", added "mifare 4k" detection. 
ADD: 'hf 14a sim' - added mifare 4k simulation.
 2017-02-01 14:41:06 +01:00
iceman1001
507afbf3e6 CHG: 'lf cotag read' - it now follows "lf config" settings when collecting signaldata. 2017-02-01 14:11:11 +01:00
iceman1001
bdf387c7ef CHG: temporary disable hitag2_uid detection. Loop times out sometimes. 2017-01-31 22:38:02 +01:00
iceman1001
b828a4e168 CHG: 'lf snoop' - now automatically downloads samples after finished. (annoying step to do over and over) 
FIX: 'lf snoop'      - now turns of LF antenna after snoop.
FIX: 'lf cotag read' - now waits until the ACK cmd arrives before downloading samples.
 2017-01-31 16:11:57 +01:00
iceman1001
71aa1ff824 FIX: fixes warning for "%zu" string formatspecifier on MINGW systems. (Thanks to @marshmellow42 for this one) 2017-01-31 05:33:24 +01:00
iceman1001
1cec48cc0e ADD: added the writedumpfile function from "14araw.lua" into utils.lua 
ADD: `ufodump.lua` - added the Aztek dump script. Since its an unknown tag hence the name.
 2017-01-30 16:51:07 +01:00
iceman1001
84bdbc1917 FIX: 'hf 14a sim x' - adjusted and shows messages when verbose. 
FIX: 'hf mf sim x i' - same as above.

In general we only use Moebius attack for "sim x",  that means a clean up on device side code. simpler to understand. It still tries to gather 8 different collections of nonces combo. When one is complete, it get sent to client which runs moebius direct.
 2017-01-29 23:09:23 +01:00
iceman1001
2ce218042d CHG: 'hf 14a sim e' - it now has a parameter for setfoundkeys to emulator memory. 
CHG: textual changes.
 2017-01-29 13:21:17 +01:00
iceman1001
7e735c1398 FIX: 'hf 14a sim x' - this fixes the error with using moebius attack and sim. Updating the nonce variable doesn't change the premodulated response. And it should update everytime it gets a command. One concering issue is that this takes time. Successfully works with two PM3. One acting reader, another sim. 2017-01-29 11:29:15 +01:00
iceman1001
76c0ec0ba8 FIX: missed include. for boolean defines 2017-01-27 10:56:14 +01:00
iceman1001
4653da4331 ADD: lf cotag - added first try at basic functionality to read samples from Cotag. In lfops.c is the startup sequence that needs to be tested out. 2017-01-27 10:49:34 +01:00
iceman1001
bdebc8dbab CHG: removed a -L path for OSX 2017-01-26 23:49:05 +01:00
iceman1001
2d3f8e5fa7 ADD: some defines to make headerfiles behave better. 
CHG: syntax sugar
 2017-01-26 14:23:05 +01:00
iceman1001
e069d740e3 still wrong... 2017-01-25 08:40:55 +01:00
iceman1001
4431b482d7 CHG:forget the "base".. 2017-01-25 08:36:51 +01:00
iceman1001
f364f71294 chg: known key is treated as a string. 2017-01-25 01:11:34 +01:00
iceman1001
137f207a8d CHG: removed a dublett 2017-01-25 00:24:18 +01:00
iceman1001
b946d5f7f9 ADD: 'script run hard_autopwn' - a lua script which should run hardnested attack against all sectore and keytypes (A|B). 2017-01-25 00:23:13 +01:00
iceman1001
ced742717d CHG: should remove a compiler warning on OSX 2017-01-23 23:12:41 +01:00
iceman1001
c840385eff CHG: increase sample amount, since it found too few bits 2017-01-20 22:11:59 +01:00
iceman1001
53484563d7 CHG: lowered the samples read. 2017-01-20 22:06:53 +01:00
iceman1001
360a5b1b3c FIX: the HID-Flasher depends on libusb to be able to compile On OSX the 'include paths' is different when using homebrew. 
This project compiles on Ubuntu with libusb-dev installed.     Lets see if it compiles on OSX....
 2017-01-20 19:25:42 +01:00
iceman1001
1b75698cb7 FIX: 'lf hitag2' forgot to add some of @marshmellow42 's changes. Lf search should works just fine now. 2017-01-20 18:26:03 +01:00
iceman1001
69784c3801 ADD: 'lf search' - added @marshmellow42 's hitag2 identification 2017-01-20 10:09:06 +01:00
iceman1001
a38f5a0704 FIX: @marshmellow42 's fixes for enhanced STT and AskDemod. Now the "lf presco read" works on cargs with strong/clean/clipped waves 2017-01-20 10:03:53 +01:00
iceman1001
7898d3b55f syntax sugar 2017-01-18 22:57:20 +01:00
iceman1001
316493876a FIX: 'data print' - now don't crash the client when demodbuffer is empty 
CHG:  'guard' - the Guard output more unified.
 2017-01-18 22:55:37 +01:00
iceman1001
42c235e7ef ADD: T55XX_WRITE_TIMEOUT to make sure all WaitForResponseTimeout for t55xx behaves the same. 
CHG:  removed some "DONE!" device prints..
CHG:  unified some "clone" commands output.
 2017-01-18 22:54:27 +01:00
iceman1001
ea7ce7fb68 CHG: removed duplicates entries 2017-01-18 20:22:15 +01:00
iceman1001
388d8618c7 CHG: moved definition and includes into header file 2017-01-18 20:19:42 +01:00
iceman1001
6df022667d CHG: spelling mistakes. ( 2017-01-18 20:19:08 +01:00
iceman1001
efbf81da52 FIX: 'hw tune' - peakf shouldn't be compare with voltages limits :) 2017-01-18 13:35:00 +01:00
iceman1001
bb52291837 CHG: 'hw tune' adhjusted the NON_VOLTAGE limit to 0.999v, below this value the antenna is considered not connected. 2017-01-18 13:18:03 +01:00
iceman1001
bf35008962 CHG: 'lf t55xx recoverpw" - added the possibility to cancel the command when pressing 'enter' key. 2017-01-18 11:27:17 +01:00
iceman1001
243f899b92 CHG: 'hw version' - change to "Proxmark3" 2017-01-17 22:59:14 +01:00
iceman1001
f56b1fae2d FIX: sprint_bin_break didn't print the last digit in array. 2017-01-17 22:58:16 +01:00
iceman1001
3e5b5bb2da ADD: 'lf t55xx detect' - added a search for known config blocks, if found it will select it. Usually when indala (psk) configured tags generates serveral possible configblocks. The found config block is set, not need to manually set it anymore. :) 2017-01-17 22:07:40 +01:00
iceman1001
9682ed9aaa CHG: increased the t55xx writeblock timeout 2017-01-16 22:39:33 +01:00
iceman1001
81b7e89434 CHG: lowered the number of bytes collected for T55xxReadBlock. Was 12000 -> 7679 
CHG: added some documentation about what arguments does.
CHG: 'data tune' - added flush after printf.
 2017-01-16 21:06:51 +01:00
iceman1001
aed36ae5bd ADD: 'install.sh' blacklist rules installed aswell. run as root to install. 2017-01-16 15:02:10 +01:00
iceman1001
d3fd5fd6d8 CHG: unused variables and remove of compiler warnings. 2017-01-16 15:00:40 +01:00
iceman1001
1cc80785e5 ADD: sprint_ascii function. 2017-01-16 14:47:24 +01:00
iceman1001
cf94c75b7e CHG: 'lf t55xx' the no-time limit waiting for the device to ACK when transfering data from device to client, is changed to 8 seconds. 
CHG: 'lf t55xx dump' - added ASCII printing of dumped data blocks.
 2017-01-16 14:46:42 +01:00
iceman1001
c621ae0614 CHG: 'data zerograph' - array out-of-bounds fixed. 
CHG: syntax sugar
 2017-01-16 14:44:37 +01:00
iceman1001
3acac886bc ADD: 'lf search' - added a rudimentary identification of IDTECK tags, will demod to PSK1, if fails it tries to PSK1 inverted demod. 2017-01-12 00:04:36 +01:00
iceman1001
ceb34a3c1b CHG: syntax sugar 2017-01-11 23:09:47 +01:00
iceman1001
197c8f3f42 CHG: syntax sugar, minor spelling mistake 2017-01-11 23:08:59 +01:00
iceman1001
719000b7f4 syntax suger 2017-01-11 23:02:38 +01:00
iceman1001
fbc2bace4a CHG: 'lf hid wiegand' - remaking the wiegand calcs 2017-01-11 23:02:07 +01:00
iceman1001
db289ea7d7 CHG: syntax suger 2017-01-11 23:01:15 +01:00
iceman1001
9a6bc2feb4 CHG: 'lf noralsy' Added tag allocation year in demod output. 
CHG: 'lf noralsy clone|sim' Added tag allocation year as input parameter
 2017-01-11 23:00:08 +01:00
iceman1001
3b875041dc FIX: 'hf 14a reader' - when card SAK was 0x00, it calls GetHF14AMfU_Type() to try to identify if it is a UL/NTAG etc. The bug is that it ignored the return value. 
when return_value == UL_ERROR,  it shall not print the mfu tagtype annotation.

---faulty behavior
proxmark3> hf 14a reader
 UID : 65 93 7f d1
ATQA : 00 04
 SAK : 00 [2]
Tag is not Ultralight | NTAG | MY-D  [ATQA: 00 04 SAK: 00]

TYPE : MIFARE Ultralight (MF0ICU1) <magic>
proprietary non iso14443-4 card found, RATS not supported
Answers to chinese magic backdoor commands: NO
 2017-01-11 22:00:17 +01:00
iceman1001
042db564ba CHG: 'hf iclass replay' added help text. 
CHG: 'hf iclass snoop'  added help text.
CHG: 'hf iclass reader' added help text.
ADD: 'hf iclass reader' added the possibility to read only one tag instead of looping.
CHG: 'sprint_hex_ascii' function now replaces unprintable chars with '.',   added this call to printIclassDumpInfo
 2017-01-10 22:21:16 +01:00
iceman1001
76c74bf9ad CHG: 'hf iclass decrypt' - adjusted the loops, to only decrypt Application 1. However I've noticed not all blocks in Application 1 is encrypted. :/ Still needs to be adjusted. 
CHG: 'hf iclass reader'  - added some output accessrights from the CopyReader source code.

And ofcourse,  moved around stuff,  like the usages in cmdhficlass.c
 2017-01-10 18:23:05 +01:00
iceman1001
a0a61c91cc CHG: adding the HID wiegand calcs again. Still need to set the bit37 indicator etc. 2017-01-09 22:17:43 +01:00
iceman1001
dd83c4572b CHG: coverity complains about not reading the value from mifare_send_short 
CHG: ubuntu 14.04 gcc4.8.4 complains about mem_avail still. Don't know why.
 2017-01-09 22:15:36 +01:00
iceman1001
38a30dbf18 CHG: forgot to remove unused function. 2017-01-06 00:02:52 +01:00
iceman1001
e585a58ed1 CHG: looks bad but works. 2017-01-06 00:01:14 +01:00
iceman1001
08439eea22 CHG: textual changes. 
CHG: remove unused #includes  and added some comments
 2017-01-05 15:56:52 +01:00
iceman1001
87c10b2a0f CHG: some indala output is now only in debug mode 
CHG: added 34|37 bits AWID format.  I'm guessing 37bit is wrong since the parity is still there. Which it shouldn't
 2017-01-05 15:55:19 +01:00
iceman1001
29f649c5ce CHG: change the indala output abit, to only show when in debug mode. (ie: data setdebug 1) 2017-01-05 15:53:32 +01:00
iceman1001
c48211f7ed ADD: 'lf animal' commands. CLONE/SIM/READ/DEMOD of FXD-B animal tags. Still some work left. 2017-01-05 01:51:47 +01:00
iceman1001
f80cd7e687 syntax suger, some tabs fixed 2017-01-03 19:33:21 +01:00
iceman1001
ea1c1ca6f8 CHG: 'analyse hid' added @holiman 's permute functions to the output to verify 2017-01-03 19:32:24 +01:00
Iceman
0b63a0fe2a Merge pull request #63 from micolous/log-nonce 
nonce2key: printf->PrintAndLog
 2017-01-03 19:19:38 +01:00
iceman1001
deba67ab57 CHG: cleaning up stuff 2017-01-03 01:20:03 +01:00
iceman1001
34c3082338 CHG: added a key B wien, 2017-01-02 22:00:56 +01:00
Iceman
1772cf8bdd fixed warning about size_t 
CHG:  warning needs %lu string formatter
 2016-12-26 20:43:20 +01:00
Iceman
ef31a8b453 fix a warning 
CHG: size_t is unsigned. switched to the correct string formatter
 2016-12-26 20:39:13 +01:00
Michael Farrell
59152dcb05 nonce2key: printf->PrintAndLog 2016-12-24 10:09:01 +10:00
Michael Farrell
faad338efe Fix some missing include statements which impact using proxmark3 client as a library. 2016-12-23 17:35:50 +10:00
iceman1001
62d0bbf62f ADD: new found cloner pwd. 2016-12-20 09:25:02 +01:00
iceman1001
bb73c58d9a CHG: made some debugs statements more clear, when "LF SEARCH" is used with "DATA SETDEBUG 1" 2016-12-19 15:32:18 +01:00
iceman1001
8cdf15c2b3 CHG: 'lf awid brute' - extra check if device gotten offline 
CHG: 'lf t55x7 brute' - extra check if device gotten offline
CHG: 'lf nedap' - Nedap is supposed to be Diphase.
 2016-12-19 14:55:58 +01:00
iceman1001
92014925d6 CHG: 'LF VISA2000' adding askedgedetection when decoding allows for some traces to be correct demodulated. 2016-12-16 19:06:19 +01:00
iceman1001
3375daee9e CHG: 'LF VISA2000 CLONE' fixed the wrong blocknum index in output. Thanks @martin for pointing it out. 2016-12-16 12:50:44 +01:00
iceman1001
0a7e86db81 ADD: 'LF VISA2000' added one checksum test when demod / clone / sim 
CHG: 'LF NORALSY' when chksum fails, return 0,  to indicate for LF SEARCH that it failed.
 2016-12-16 12:47:49 +01:00
iceman1001
32da0a464e ADD: 'analyse chksum' added a nibble xor calc - calcSumNibbleXor 2016-12-16 12:05:38 +01:00
iceman1001
c08c796e8d CHG: enhanced the debug output for some LF demod/decode 2016-12-16 12:04:37 +01:00
iceman1001
22eece1e2d ADD: 'LF NORALSY' clone/sim/read commands. Partly done. some crc works, but whole format in not mapped yet. 
ADD: 'LF SEARCH'  added noralsy detection
 2016-12-15 18:04:30 +01:00
iceman1001
d48175d4f4 FIX: 'lf presco' demod fixes. 
ADD: 'lf search' now also looks for Presco.

I know that the helptext is wrong (d should be p)
 2016-12-15 00:01:31 +01:00
iceman1001
371535d566 ADD: forgot to add the files 2016-12-14 23:26:14 +01:00
iceman1001
9945a928c7 Syntax suger 2016-12-14 23:25:28 +01:00
iceman1001
eb911aa8d6 ADD: 'lf visa2000' commands. (SIM/CLONE/READ) almost finished. 
CHG: 'lf xxxxx'  reduced number of samples from 30000 -> 20000 in "lf xxxxxx read" commands.
CHG: 'data samples'  - didn't honor the silent parameter. It now output less for the 'lf xxxxxx read' commands.
 2016-12-14 23:23:16 +01:00
iceman1001
dc3a58466d CHG: 'lf search' changed output to be visible when debugging for IO prox 2016-12-13 12:27:40 +01:00
iceman1001
8b2a5d400a FIX: 'hf iclass dump' / 'hf iclass readtagfile' - the faulty output from these commands are now fixed. 2016-12-09 14:38:51 +01:00
iceman1001
c5af4b5d8c CHG: 'hf iclass dump' - output fixes 
CHG:  'hf iclass readtagfile' - output fixes
 2016-12-08 18:02:48 +01:00
iceman1001
541231b805 REM: removed a double entry. it seems 'hf mf check' doesnt uniq-sort this file. 2016-12-08 18:01:54 +01:00
iceman1001
b7f40ee2ad CHG: added a check if err variable is NIL. 2016-11-22 11:55:23 +01:00
iceman1001
d1e197e9ec FIX: the changes to uart.c timings seems to have fixed my problem with the pm3 device getting unresponsive. 
CHG: "script run hard"  now iterates all sectors on the tag and output the table style like "hf mf chkkey" do.
 2016-11-22 01:58:11 +01:00
iceman1001
e108a48ac4 ADD: added the 'hf mf hardnested' to be called within LUA scripts. 
ADD: 'script run hard' - a first try for a lua script to run the hardnested attack on a complete tag.
 2016-11-21 16:08:12 +01:00
iceman1001
711ae19fca CHG: Cleaning up 2016-11-18 11:31:52 +01:00
iceman1001
09bb01c73d ADD: "analyse hid" - new function that implements the 'heart of darkness' hid/iclass permute function. Its converted from the php-solution found in the paper to C. Ref: https://github.com/akw0088/HID-Card-Copy/blob/master/key-permutation/permute.php 2016-11-17 18:20:44 +01:00
iceman1001
fa5974bbf3 FIX: @matrix latest fixes 2016-11-16 22:31:09 +01:00
iceman1001
f07ffa7672 FIX: "hf mf hardnested" - removed the call to free_candidates_memory, on my ubuntu env it crashes all the time with it. 2016-11-16 19:19:06 +01:00
iceman1001
da8279796e FIX: that time.h issue is different on POSIX systems and WINDOWS system and in C... 2016-11-16 18:52:13 +01:00
iceman1001
a877bc2f01 FIX: wrong compile define used, __WIN32 should be _WIN32 2016-11-16 18:42:56 +01:00