iceman1001
fe9416db23
chg: 'hf iclass' - work in progress. running default_iclass_keys.dic against reader (pm3 as simulation)
2018-01-02 11:17:31 +01:00
iceman1001
231b0df578
CHG: 'hf iclass reader' - the select / which blocks to read / before saying it succeded was corrupt
2017-12-21 13:48:06 +01:00
iceman1001
3634327bef
chg: code cleaning.
2017-12-21 12:42:32 +01:00
iceman1001
5eafdbf872
ADD: 'hf iclass check' - increased speed in check keys with new algo.
...
ADD: 'hf iclass' - trying to add the timeout-limits for commands in order to get a more stable iclass communication
2017-12-21 10:13:40 +01:00
iceman1001
154c30d0e5
fix: 'hf iclass reader' - do not always turn off device ..
2017-12-17 08:06:12 +01:00
iceman1001
ce5525bc16
chg: 'hf iclass simulate' adjustements
2017-10-08 15:11:38 +02:00
iceman1001
834a80dcc1
chg: 'hf iclass sim' even with sim2, the card should answer to reads of block0,1,2 and 5
2017-09-26 17:06:13 +02:00
iceman1001
98bc685632
add: 'hf iclass sim 4' - new mode, to adapt sim 2 to readers in keyroll mode.
2017-09-12 08:45:38 +02:00
iceman1001
4d354f75fe
upd - CHANGELOG.md
...
chg 'hf iclass sniff' more debugstatements
2017-08-30 22:35:35 +02:00
iceman1001
292a4ca602
'hf 14b sniff' - removed stuff which wasn't very useful. cleaner now. Not sure if it works :(
...
'hf iclass sniff' - playing with this one. Don't expect it to work yet :(
- increase dma_buffer_size to 256
- moved initialization to a own function. Just looks cleaner :)
- change the debug output to follow MF_DBGLEVEL
'hf mf sniff' - unnecessary cast removed
2017-08-27 19:41:24 +02:00
iceman1001
94f70caa7a
when you need to add too much changes at the same time...
...
fix: 'hf mf hardnested' test cases doesn't need to verify key.
add: 'hf mf ' - collect nonces from classic tag.
chg: switch_off on armside, a more unified way, so we don't forget to turn of the antenna ...
chg: renamed 'hf iclass snoop' into 'hf iclass sniff' in an attempt to make all sniff/snoop commands only SNIFF
chg: 'standalone' -> starting the work of moving all standalone mods into a plugin kind of style, in its own folder.
2017-08-26 12:57:18 +02:00
iceman1001
7810dac62d
CHG: not using the parity values for logging. Saves some few ticks :)
2017-08-21 23:34:11 +02:00
iceman1001
a7441c4bf6
CHG: added some more debugstatements,
...
CHG: 'hf iclass sim 2' use another e-purse value {0xfe,0xff,0xff,0xff,0xff,0xff,0xff,0xff}
CHG: testing to see if we can skip the parity array when logging, we don't seem to use that information anywere anyway.
CHG: no need to check tracing global var, it is done inside of LogTrace function anyway
2017-08-21 17:22:22 +02:00
iceman1001
4eda2828c8
fix fiddling, it seemed most iclass commands never shut down the antenna after they were finished. I may have missed something.
2017-08-19 19:50:55 +02:00
iceman1001
823a814cf6
FIX: some possible null - ref bugs in 'iclass' , 'iso15693' deviceside.
...
FIX: 0 is not a reference.
FIX: iso15693 - wait wasn't implemented
chg: 'hf 15' getTagInfo_15 renamned.
chg: 'hf iclass loclass' some output got newline
2017-08-19 09:49:41 +02:00
iceman1001
db515ba6c4
chg: 'hf iclass sim' - turning of antenna after simulation is done.
...
chg: 'hf iclass sim' - use @holiman 's 8 csn instead of the original @carl55 (15), and a new first entry csn, to see if the old one got blacklisted.
2017-08-18 10:23:46 +02:00
iceman1001
b3f787a64f
fixes: armside
2017-07-30 10:01:30 +02:00
iceman1001
24d332fac7
fixes..
2017-07-11 18:27:59 +02:00
iceman1001
cdc0f15104
FIX: playing with some delays.
2017-07-11 17:40:29 +02:00
iceman1001
4406f4ee2a
CHG: removed some #DEFINE TRUE/FALSE
2017-07-07 12:52:51 +02:00
iceman1001
5f18400cbe
FIX: 'hf iclass reader' marshmellows fixes.
...
CHG: removing some #define TRUE
2017-07-07 12:38:49 +02:00
iceman1001
53d5dc643f
CHG: fiddled with the headerfiles... and makefile... Tried to make them behave nice. So it isnt a hell to add new functions from third-party (like des, aes etc)
...
Added a lot of #ifndef , extern C,
Move inside from ARMSRC -> THUMBS, which made the compiled image smaller.. I don't know if it broke anything.
Moved MF_DBGLEVEL definitions into common.h
Moved print_result from util.c into appmain.c
Also split up some struct typedef into header files so they could be reused in other code places.
''' danger ''' this might have broken stuff...
2017-01-25 00:33:03 +01:00
iceman1001
9aeda6cbfb
FIX: coverity scan error CID 121781, unused value. error 0x88 will be overritten by 0x00 directly. Don't know if this 0x88 will bug stuff out.... *wildside commit*
2017-01-19 20:21:21 +01:00
iceman1001
f7e98f1fb6
FIX: 'iclass write'
2016-12-07 17:43:13 +01:00
iceman1001
5b8167fb97
FIX: 'iclass write'
...
thanks to prof_abrasive && go_tus
ref: http://www.proxmark.org/forum/viewtopic.php?id=4033
2016-12-07 17:07:23 +01:00
iceman1001
a287e8cfdd
CHG: FpgaSetupDMA can fail and returns NULL. Added a check for it.
2016-04-26 21:31:43 +02:00
iceman1001
aa5bbe6a9b
CHG: changed this call, to the #define name instead.
2016-04-24 21:45:22 +02:00
iceman1001
68410a4892
Syntaxt suger
2016-04-14 11:34:02 +02:00
iceman1001
5eceba292f
CHG: some textual change and some syntax suger changes.
2016-04-10 12:55:18 +02:00
iceman1001
5f5254d631
FIX: Possible usage of NULL.
2016-01-25 20:19:47 +01:00
iceman1001
810f53792e
ADD: added the possibility to choose which block num to attack with "hf mf mifare" Before it only worked on block 0.
2016-01-20 22:26:01 +01:00
iceman1001
4a71da5a35
FIX: Coverity Scan complains about resourceleaks, array reads outside of index, uninitialized variables.
2016-01-20 17:13:25 +01:00
iceman1001
5cc88edfaf
CHG: syntax suger
2016-01-09 17:19:09 +01:00
iceman1001
5ee53a0e75
ADD: There were lot of calls to enable tracing, but very few to turn it of afterwards in the methods.
...
Don't know if it has some influence but can't hurt calling "set_tracing(FALSE);" when method returns.
2015-10-11 19:14:17 +02:00
iceman1001
e98572a1e2
I just merged @marshmellow's branch "iclass" and that was a lot of new functionality. *great work*
...
Things like the ICLASS, tryDecryptWord,
--
My other stuff like default keys, some new Mifare EV1 commands 0x40, 0x43 for the logging annotation, start of the T55x7 configblock helper functionality (ripped from Adam Lauries RFIdler code)
Changes to the PCF7931 functions written, which has a lousy input check..
2015-10-07 23:00:46 +02:00
iceman1001
99cf19d9e8
ADD: @pwpivi 's latest fixes for bigbuff
...
ADD: @marshmellow 14b changes.
fix: fixes to the timing inside iso14443b.c sniff/sending. Between TX & RX there should be a 151us pause.
2015-06-29 22:36:55 +02:00
iceman1001
8949bb5dad
Added @marshmellow42 "hf search"
2015-05-13 09:13:42 +02:00
iceman1001
5eae566a28
Merge branch 'master' of https://github.com/Proxmark/proxmark3
2015-04-08 21:24:08 +02:00
Martin Holst Swende
83602affe5
Fixed buffer initialization errors, as reported in http://www.proxmark.org/forum/viewtopic.php?pid=15337#p15337
2015-04-08 13:31:04 +02:00
iceman1001
02d352fea7
Merge branch 'master' of https://github.com/Proxmark/proxmark3
...
Conflicts:
armsrc/iclass.c
armsrc/lfops.c
client/cmdlf.c
common/lfdemod.c
include/usb_cmd.h
2015-03-30 21:11:37 +02:00
Martin Holst Swende
caaf9618ae
Minor mod to 'hf iclass read', it now also reads and prints the configuration of the tag found
2015-03-29 21:49:58 +02:00
iceman1001
3ac59c7fed
Merge branch 'master' of https://github.com/Proxmark/proxmark3
...
Conflicts:
armsrc/crapto1.c
armsrc/iclass.c
client/nonce2key/crapto1.c
2015-03-06 09:02:15 +01:00
Martin Holst Swende
c8387e85e3
iClass full simulation of tags now officially works, with some cheating regarding reader update and write commands
2015-03-02 21:30:22 +01:00
Martin Holst Swende
e5cd4ee4b4
Tag MAC finally works! (Full sim not yet, though)
2015-03-02 20:14:35 +01:00
Martin Holst Swende
61fe90736b
Implemented the correct way to calculate MAC from a tag, feeding it an extra 32 zeroes. Also divided it up into two parts, one of which can be precalculated by the device before the simulation begins
2015-03-02 00:38:36 +01:00
Martin Holst Swende
10a8875c72
Implemented new optimized version of MAC-calculation for iclass
2015-02-26 20:35:35 +01:00
Martin Holst Swende
b19caaefc2
Fixed minor bugs in iclass fullsim, does not work yet though
2015-02-21 20:47:40 +01:00
iceman1001
f4a57e861d
Merge branch 'master' of https://github.com/Proxmark/proxmark3
...
Conflicts:
armsrc/iclass.c
client/loclass/cipher.c
client/loclass/fileutils.h
2015-02-19 11:32:11 +01:00
Martin Holst Swende
b67f7ec359
Further implementation of iclass 'fullsim'. Moved protocol definitions to shared file. Had to add some loclass-function to arm-side to support authentication in fullsim mode
2015-02-18 20:02:44 +01:00
iceman1001
d716ca2fc1
Merge branch 'master' of https://github.com/Proxmark/proxmark3
...
Conflicts:
armsrc/iclass.c
2015-02-16 18:59:44 +01:00
Martin Holst Swende
428d622160
Fixed bug with iclass dump which prevented saving to file
2015-02-14 20:42:23 +01:00
iceman1001
4ecde0e1ff
Merge branch 'master' of https://github.com/Proxmark/proxmark3
...
Conflicts:
armsrc/appmain.c
armsrc/iclass.c
2015-02-10 21:53:16 +01:00
Martin Holst Swende
3000dc4e7e
Generic tracing; removed iso14a_XX-functions, removed traceLen as global varible
2015-02-07 20:49:40 +01:00
iceman1001
64d1b4efc9
Merge branch 'master' of https://github.com/Proxmark/proxmark3
...
Conflicts:
armsrc/Makefile
armsrc/appmain.c
armsrc/apps.h
armsrc/epa.c
armsrc/iclass.c
armsrc/iso14443a.c
armsrc/iso14443a.h
armsrc/iso15693.c
armsrc/lfops.c
armsrc/mifarecmd.c
armsrc/mifareutil.c
armsrc/mifareutil.h
armsrc/string.h
armsrc/util.h
bootrom/bootrom.c
client/Makefile
client/cmddata.c
client/cmddata.h
client/cmdhf.c
client/cmdhf14a.c
client/cmdhf14b.c
client/cmdhf15.c
client/cmdhficlass.c
client/cmdhfmf.c
client/cmdhfmfu.c
client/cmdlf.c
client/cmdlfem4x.c
client/cmdlfhid.c
client/cmdlfhitag.c
client/cmdlfio.c
client/cmdmain.c
client/data.h
client/flash.c
client/graph.c
client/graph.h
client/loclass/elite_crack.c
client/loclass/fileutils.c
client/lualibs/commands.lua
client/lualibs/html_dumplib.lua
client/lualibs/mf_default_keys.lua
client/lualibs/utils.lua
client/mifarehost.c
client/nonce2key/crapto1.c
client/proxmark3.c
client/scripting.c
client/scripts/tnp3dump.lua
client/scripts/tnp3sim.lua
client/scripts/tracetest.lua
common/Makefile.common
common/cmd.c
common/cmd.h
common/lfdemod.c
common/lfdemod.h
common/usb_cdc.c
common/usb_cdc.h
include/usb_cmd.h
2015-01-29 21:39:33 +01:00
Martin Holst Swende
b3cc5f2987
Reverted erroneous commit from bigbuf-rework
2015-01-29 19:58:46 +01:00
pwpiwi
f71f4deb8f
BigBuf and tracing rework: allow much longer traces in in hf commands
...
- provided a BigBuf_malloc() function to dynamically allocate parts of BigBuf
e.g. for DMA-Buffers, Frame-Buffers, Emulator-Memory
- the whole rest of BigBuf is now available for traces (instead of a small fixed amount)
- send actual traceLen together with trace data
- changed client side to cope with varying traceLen
- changed small buffers to automatic variables instead of parts of BigBuf
2015-01-28 07:18:51 +01:00
pwpiwi
117d9ec25c
Refactoring of BigBuf handling in order to prepare for more efficient memory allocation and longer traces.
2015-01-27 22:25:55 +01:00
Martin Holst Swende
6b038d192a
Minor dox
2015-01-15 15:45:54 +01:00
Martin Holst Swende
7b941c8d7f
Fixed memory corruption after reader-attack in armsrc, fixed annoying LED
2015-01-15 15:27:44 +01:00
Martin Holst Swende
645c960f61
Implemented new FPGA mode for iclass tag simulation. Reduces arm-side size of transfer/memory by a factor of 8. Makes for easier arm-side encoding of messages, for when we start needing to do that on the fly instead of using precalculated messages
2015-01-15 15:16:34 +01:00
Martin Holst Swende
55eaed8f2a
Documentation to apps.h, documentation/renaming to iclass
2015-01-12 22:08:57 +01:00
iceman1001
14edfd09c3
CHG: The input handling for "hf 14b write" is now correct. Thanks Asper for spotting the fault.
...
Minor code clean up.
Added from Pm3-master which will make this fork one step closer to Pm3-master.
2015-01-07 22:51:34 +01:00
iceman1001
4888b28195
Merge branch 'master' of https://github.com/Proxmark/proxmark3
2015-01-07 11:09:05 +01:00
Martin Holst Swende
cb29e00a12
Save iclass dumps to file, like mifare-dump functionality works
2015-01-07 09:57:18 +01:00
iceman1001
10403a6a30
ADD: added a lot of ic ids to cmdhf15.c Thanks to Asper for the list.
...
ADD: added a manufacturer list for hf 14a reader, only viable when UID is double or triple size. Thanks to Asper for the list.
ADD: Some changes from Holimans commits.
CHG: some more code clean up.
2015-01-06 11:17:02 +01:00
iceman1001
3fe4ff4f03
CHG: generic code clean up. Removal of commented code.
...
CHG: USB_CMD_DATA_SIZE is now used as maxsize for transfer of data between client and pm3device
CHG: suggested a fix for the underscore problem in ioclass\fileutils.c
ADD: tnp3xx support
ADD: nxp tag idents.
ADD: identifiction of chinese backdoor commands to hf 14a reader.
2015-01-05 15:51:27 +01:00
iceman1001
d3a22c7dfa
ADD: Holimans new changes in master.
2015-01-05 02:01:24 +01:00
Martin Holst Swende
39d3ce5dd6
Moved iclass crc to be based on a lookup table
2015-01-04 22:10:25 +01:00
Martin Holst Swende
c8dd9b092e
Some work on iclass dump and iclass list, now the dumping is a lot more stable. I think the comms should be measured and tuned a bit more, right now it kind of works thanks to retry-functionality, but the retries are probably not needed if we are a bit more careful about timing, so we don't send commands too fast for the tag to handle
2015-01-04 14:53:26 +01:00
Martin Holst Swende
2e9d4b3ff4
Some work on iclass, started on some better support in 'hf iclass list' and also fixes to 'hf iclass reader' so it exits better when the button is pressed
2015-01-03 15:11:48 +01:00
iceman1001
f5ed4d12de
ADD: started with adding a LF AWID26 write function. not done yet.
...
ADD: latest pwpiwi & holiman changes.
2014-12-19 13:46:02 +01:00
iceman1001
a501c82b19
Applied Holiman's fixes for iclass.c and CSNs
...
Applied PwPiwi's new parity fix.
Applied Marshmellw's fixes for FSKdemod (HID, IO)
FIX: a potential bigbuffer fault given pwpiwi's change inside lfops.c CmdIOdemodFSK & CmdHIDdemodFSK
FIX: change some "int" parameters to uint's.
FIX: changed the lfops.c - DoAcquisition125k_internal to respect pwpiwi's definitions of FREE_BUFFER_OFFSET
HEADS up: The ultralight functions hasn't been verified since pwpiwi's changes.
2014-12-17 20:33:21 +01:00
pwpiwi
471c514167
Merge branch 'master' of https://github.com/Proxmark/proxmark3
2014-12-16 07:47:02 +01:00
pwpiwi
6a1f2d82bb
bugfixes iso14443a (hf 14a commands)
...
- buffers were too small to handle 256 byte frames
- parity bits were only handled for up to 32 byte frames
- trace format was inefficient
- removed parity calculation from decoders in iclass.c (parity not used on air anyway)
2014-12-16 07:41:07 +01:00
Martin Holst Swende
6116c79618
Reverted to original malicious CSNs from paper, it appears legit readers does not accept if they dont end with F7,FF,12,E0
2014-12-14 21:37:56 +01:00
Martin Holst Swende
eabba3df7e
Fix (iclass)
2014-12-14 18:07:12 +01:00
iceman1001
95e635947b
ADD: the option to simulate tnp3xxx inthe command "hf mf sim"
...
ADD: found some new default keys
ADD: changed alot of memorys buffers to use constant values. like usbbuffer sizes, tracelogs, etc etc
ADD: all changes Peter filmoore has in his pull request.
2014-11-26 13:52:39 +01:00
Martin Holst Swende
2ed270a854
Coverity-fixes in armsrc
2014-10-28 21:44:17 +01:00
iceman1001
75465377b9
Merge branch 'master' of https://github.com/Proxmark/proxmark3
...
Conflicts:
armsrc/appmain.c
armsrc/apps.h
armsrc/iclass.c
client/Makefile
client/cmdhficlass.c
client/loclass/cipher.c
client/loclass/fileutils.c
client/loclass/ikeys.h
include/usb_cmd.h
2014-09-19 10:50:34 +02:00
iceman1001
f38a152863
First check in.
2014-09-11 23:23:46 +02:00
Martin Holst Swende
9b82de75f4
more work towards iclass elite dumping.. not quite finished yet though :(
2014-06-30 00:20:40 +02:00
Martin Holst Swende
aa41c6058a
Merged two iclass-reader functions into one to remove duplicated code, update loclass library with hash2 algo
2014-06-29 23:34:24 +02:00
Martin Holst Swende
dbf732ee41
Minor
2014-06-29 13:48:13 +02:00
Martin Holst Swende
26c0d833ac
Some minor changes [iclass-related]
2014-06-28 22:57:48 +02:00
Martin Holst Swende
3ad48540d4
Merge branch 'iclass-research' of https://github.com/PenturaLabs/proxmark3 into PenturaLabs-iclass-research
...
Conflicts:
README.txt
armsrc/apps.h
client/Makefile
client/cmdhficlass.c
client/cmdhficlass.h
2014-06-28 20:52:37 +02:00
Martin Holst Swende
42f57e0294
Merged with master
2014-06-27 13:16:31 +02:00
iZsh
7cc204bff8
THIS REQUIRES A BOOTROM UPDATE!! To save FPGA area, split the LF and HF bitstreams and load them on-demand.
2014-06-20 01:02:59 +02:00
penturalabs
fecd8202a5
implemented 'hf iclass dump xxxx',
...
all you need is the magic key to dump contents of an iclass card
2014-06-17 10:55:37 +01:00
Martin Holst Swende
9f6e9d1575
More work on iclass simulation attack
2014-06-16 21:27:12 +02:00
Martin Holst Swende
fa541aca96
Minor changes, it may actually work now, need to test with a credentialed reader
2014-06-07 22:16:57 +02:00
Martin Holst Swende
94ad01bfba
Merged with head
2014-06-07 22:04:27 +02:00
Martin Holst Swende
81012e670b
debug in progress
2014-06-07 22:00:31 +02:00
Martin Holst Swende
e3dc1e4cf5
Minor changes in iclass.c
2014-06-07 21:49:56 +02:00
Martin Holst Swende
f83cc12613
More work on iclass
2014-04-24 15:48:00 +02:00
Martin Holst Swende
17cba2693d
Implemented client side changes for iclass hack, attempted to fix issues with trace. The trace functionality from iso14443 has been rewritten, unfortunately iclass used that also, which made iclass 'list' stop functioning, both for simulation and snooping
2014-04-24 14:13:33 +02:00
Martin Holst Swende
ff7bb4ef17
Experimenting with hacking iclass
2014-04-17 09:53:54 +02:00
penturalabs
c3963755b7
Implement replay command.
2014-04-15 11:47:01 +01:00
micki.held@gmx.de
7bc95e2e43
- fixed iso1443a ManchesterDecoder in order to fix broken Snoop/Sniff
...
- enhanced tracing: hf 14a list now shows meaningful timing information. With new option f it also shows the frame delay times (fdt)
- small fix for hf 14b list - it used to run into the trace trailer
- hf 14a sim now obeys iso14443 timing (fdt of 1172 or 1234 resp.)
Note: you need to flash FPGA as well.
More details in http://www.proxmark.org/forum/viewtopic.php?pid=9721#p9721
2014-02-19 20:35:04 +00:00
roel@libnfc.org
d19929cbe8
MAJOR update, added hitag2 reader, emulation and eavesdropping, lots of new code, including FPGA tweaks, part 2
2012-09-18 13:53:17 +00:00
roel@libnfc.org
4ab4336a97
added better tracing capabilities, fixed some reader issues
2012-06-29 10:47:07 +00:00
roel@libnfc.org
81cd0474cb
fixed a lot of simulation issues
2012-06-29 10:24:05 +00:00
dekoninggans@gmail.com
912a3e94e4
iClass support is tweaked so it works with HID readers... waiting for further improvement
2012-06-28 15:41:28 +00:00
dekoninggans@gmail.com
1e26214152
Extended iClass support with Card and Reader emulation!
2012-06-28 13:38:40 +00:00
GooglePlus@YoungJules.net
9f69393035
Commented out unused, set but never read variables (cause build to fail if warnings treated as errors)
2012-06-12 12:21:26 +00:00
roel@libnfc.org
7e67e42f7e
cleaned up some if-def routines
2011-12-16 11:00:51 +00:00
dekoninggans@gmail.com
cee5a30d53
Added iClass eavesdrop support for Proxmark3
2011-05-18 12:33:32 +00:00