- `lf em4x readwordPWD` merged into `lf em4x readword` See help text
- `lf em4x writewordPWD` merged into `lf em4x writeword` See help text
- `lf em4x readword` now download the collected signal data after command.
On device side the lfops.c has gotten some love. Code cleaner, increased EM_START_GAP from 55 FC to 56 FC, because of how our microsecond(us) clock works with 21.3us increments.
TODO: `lf em4x em4x50read` needs to be factored to use @marshmellow42 's ASKdemod instead of trying to do itself.
I've added a precise timer in the new files ticks.c and moved some older stuff from util.c to have a solid base for this.
UNTESTED, and the timings measured for t55x7 in lfops.c and other parts has not been adjusted to this "correct" timer.
ADD: added a new string helper function "sprint_hex_ascii" in util.c
ADD: added "LF AWID BRUTE", a very simple bruteforce command for the awid commands.
it takes a facility-code, and iterates all possible 0xFFFF cardnum by sending sim command. It also uses the usb_poll function to stop the bruteforce on keypress and not leaving the pm3 device running the simulation.
the command implements the help parameter.
CHG: Minor code changes on T55X7 code. Default password is back to 'FF FF FF FF',
REM: removed @marshmellow42 's wakeup option in "lf t55x7 read",
--- BASICALLY:
if a T55X7 tag has following bits set:
AOR - send wakeup command with pwd, to enable LF interacting with it.
PWD - send read/write/trace/info command with pwd. No need to send wakeup.
ADD: Added the "lf t55x7 wakeup" command. It will send a pwd, and leave the antenna on.
Process like:
1. lf t55x7 wakeup p 11223344
2. lf search
---
It is still not finished, will work together with the "lf t55x7 commands" in next step when I figure out the process from the datasheets.
ADD: @marshmellows "diphase" definition for T55x7.
MOV: extracted the aquisition from the t55x7 methods and put them inside lfsampling.c
FIX: pcf7931 write, there is 16bytes in a block.. not 4 as I thought before.
FIX: t55x7 lowered the WRITE_0 to 16. Even bigger gap.
Things like the ICLASS, tryDecryptWord,
--
My other stuff like default keys, some new Mifare EV1 commands 0x40, 0x43 for the logging annotation, start of the T55x7 configblock helper functionality (ripped from Adam Lauries RFIdler code)
Changes to the PCF7931 functions written, which has a lousy input check..
.. ntag simulation stuff from @marshmellows branch "ntag/sim"
.. hf mf mifare fixes from @pwpivi.
.. hw status command
.. speedtest function from @pwpivi
.. Viking Functionalities, (not a proper DEMOD, but a start)
.. GetCountUS better precision from @pwpivi
.. bin2hex, hex2bin from @holiman
...
starting with getting the T55x7 CONFIGURATION_BLOCK for different clone situations. Ripped from Adam Lauries RFidler, nothing working or finished..
...
Started working with the T55x7 read command with password actually performs a write block... See Issue #136https://github.com/Proxmark/proxmark3/issues/136 Not solved yet.
...
Started add SHA256.. not working yet..
-hitag2, -legicrf, HIDdemodFSK, CmDAWIDdemodFSK, CmdEM410xdemod, CmdIOdemodFSK
It should enable them to be aborted with a call to "hw ping / hw status" instead of only button-press. Which is good when you are scripting stuff.
MERGED: @piwi changes
MERGED: @marshmellows changes.
I'm not even gonna try write up all that stuff..
ADD: changed some commands inside the "Hf 14a sim" on deviceside.
ADD: @mobeius "two nonce" version for mfkey32. It is also inside the "hf 14a sim" with the "x" parameter.
backend:
askman and askraw demods merged into askdemod (args adjusted
accordingly)
re-arranged lfdemod.h in alphabetical order and by category
front end:
data detectclock a (ask) now also reports the selected best start
position for demod
data manrawdecode takes an invert arg now
applies icemans full ata55x7 read/write settings
adds checksum to ioprox (thanks to iceman)
adds silent mode for lf read and getSamples
fix lf em em410xwatch and lf em410xspoof
improve data rawdemod ar - for biphase demods
improve detectclock a for strong antennas
lf t5xx commands updated from ICEMAN
lf em410x commands updated
lf search bug fix for 2 args
test scripts from iceman
lf demod:
better ask clock detection with Strong fully clipped waves
better ask raw demod with strong fully clipped waves
fsk demod add back in skipped bits during demod
nrz demod add back in skipped bits during demod
show command to UI:
data printdemodbuffer - allow printing of demod buffer
Add:
data askgproxiidemod - demod a gproxii tag
Fix:
adjust lf simxxx commands further for testing
added SimulateTagLowFrequencyTest function
with some adjustments that help ASK simulations
FSK and PSK still need help. Left original HID sim alone as for some it
may partially work.
- provided a BigBuf_malloc() function to dynamically allocate parts of BigBuf
e.g. for DMA-Buffers, Frame-Buffers, Emulator-Memory
- the whole rest of BigBuf is now available for traces (instead of a small fixed amount)
- send actual traceLen together with trace data
- changed client side to cope with varying traceLen
- changed small buffers to automatic variables instead of parts of BigBuf
added data fskparadoxdemod
added data setdebugmode (for demods)
added data shiftgraphzero (to help clean weak reads)
fixed a few bugs with the data detectaskclock
added data fskfcdetect to detect FSK clocks
adjusted most of my demods to put raw tag binary to demod buffer for
future sim and clone commands (psk still needs work)
CHG: USB_CMD_DATA_SIZE is now used as maxsize for transfer of data between client and pm3device
CHG: suggested a fix for the underscore problem in ioclass\fileutils.c
ADD: tnp3xx support
ADD: nxp tag idents.
ADD: identifiction of chinese backdoor commands to hf 14a reader.
fixed a few bugs in lf demod that the streamlining added. added new lf
em em410xdemod command that loops until button pressed. (similar to lf
hid fskdemod
* Modified commands (lf em4x):
em410xwatch ['h'] -- Watches for EM410x 125/134 kHz tags (option 'h' for 134)
em410xwrite <UID> <'0' T5555> <'1' T55x7> [clock rate] -- Write EM410x UID to T5555(Q5) or T55x7 tag, optionally setting clock rate
* Better option checking for em410xwrite & fix for uninitialized vars
* Increased samples from 2000 to 4000 in em410xwatch (2000 is OK for clock=64, but too few for clock=32)
I have kept whatever copyright notices exist. Please add your own
copyright notice if you have made any nontrivial changes or additions to
the code. There are several files without any attribution, currently.
Next Step is refactoring some of the giant functions which are
just copy/paste of some other ones with just a few line changes,
removing unnecessary 'goto' etc.
The MS Windows version is broken with this commit but will be fixed
soon. Everything can't be done all at once :P
The commands are now hierarchical, for example:
"hf 14a read" vs. "hf 14b read".
You can also request help:
"hf help", "data help", "hf 15 help" etc.
Indents are now space-based, not tab-based anymore. Hopefully
no one will be trolling about it, considering the suicide-prone work
being done here ;)
client/cmdhw.c, client/proxusb.c, client/cmdhw.h, client/proxusb.h,
client/cmdmain.c, client/cmdlfhid.c, client/cmdmain.h, client/cmdlfhid.h,
client/data.c, client/data.h, client/cmdhf.c, client/cmdlf.c,
client/cmdhf.h, client/cmdhf15.c, client/cmdhf14b.c, client/cmdlf.h,
client/cmdhf15.h, client/cmdhf14b.h, client/cmddata.c, client/cmddata.h,
client/ui.c, client/cmdparser.c, client/cmdlfti.c, client/ui.h,
client/cmdlfem4x.c, client/cmdparser.h, client/cmdlfti.h, client/cmdlfem4x.h,
client/graph.c, client/graph.h, client/cmdhf14a.c, client/cmdhf14a.h,
client/cmdhflegic.c, client/cmdhflegic.c: New files.
client/cli.c, client/flasher.c, client/snooper.c, client/proxmark3.c,
client/proxmark3.h, client/Makefile: Update accordingly.
client/flash.h, client/flash.c, client/proxgui.cpp: Cosmetic changes.
client/translate.h, client/command.c, client/gui.c,
client/usb.c, client/prox.h: Remove.
include/usb_cmd.h (CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM): Remove dead cmd.
common/crc16.h: New file.
common/crc16.c: Modify accordingly.
common/iso14443crc.h: New file.
common/iso14443_crc.c: Rename to
common/iso14443crc.c: and modify accordingly.
armsrc/lfops.c, armsrc/iso14443.c,
armsrc/iso14443a.c: include .h files from
the common directory instead of including the c files.
common/Makefile.common, armsrc/Makefile: Modify accordingly.
