Commit graph

3359 commits

Author SHA1 Message Date
iceman1001
d48175d4f4 FIX: 'lf presco' demod fixes.
ADD: 'lf search' now also looks for Presco.

I know that the helptext is wrong (d should be p)
2016-12-15 00:01:31 +01:00
iceman1001
371535d566 ADD: forgot to add the files 2016-12-14 23:26:14 +01:00
iceman1001
9945a928c7 Syntax suger 2016-12-14 23:25:28 +01:00
iceman1001
5daad82660 ADD: Visa2000 demod 2016-12-14 23:23:53 +01:00
iceman1001
eb911aa8d6 ADD: 'lf visa2000' commands. (SIM/CLONE/READ) almost finished.
CHG: 'lf xxxxx'  reduced number of samples from 30000 -> 20000 in "lf xxxxxx read" commands.
CHG: 'data samples'  - didn't honor the silent parameter. It now output less for the 'lf xxxxxx read' commands.
2016-12-14 23:23:16 +01:00
iceman1001
dc3a58466d CHG: 'lf search' changed output to be visible when debugging for IO prox 2016-12-13 12:27:40 +01:00
iceman1001
50282b85e4 CHG: syntaxt suger 2016-12-09 14:39:34 +01:00
iceman1001
8b2a5d400a FIX: 'hf iclass dump' / 'hf iclass readtagfile' - the faulty output from these commands are now fixed. 2016-12-09 14:38:51 +01:00
iceman1001
c5af4b5d8c CHG: 'hf iclass dump' - output fixes
CHG:  'hf iclass readtagfile' - output fixes
2016-12-08 18:02:48 +01:00
iceman1001
541231b805 REM: removed a double entry. it seems 'hf mf check' doesnt uniq-sort this file. 2016-12-08 18:01:54 +01:00
iceman1001
f7e98f1fb6 FIX: 'iclass write' 2016-12-07 17:43:13 +01:00
iceman1001
5b8167fb97 FIX: 'iclass write'
thanks to prof_abrasive && go_tus
ref:  http://www.proxmark.org/forum/viewtopic.php?id=4033
2016-12-07 17:07:23 +01:00
iceman1001
dbbc82968c CHG: got insperation from https://github.com/menshiyun/proxmark3/commits/local and the clean variable. 2016-12-07 17:06:15 +01:00
iceman1001
b7f40ee2ad CHG: added a check if err variable is NIL. 2016-11-22 11:55:23 +01:00
iceman1001
d1e197e9ec FIX: the changes to uart.c timings seems to have fixed my problem with the pm3 device getting unresponsive.
CHG: "script run hard"  now iterates all sectors on the tag and output the table style like "hf mf chkkey" do.
2016-11-22 01:58:11 +01:00
iceman1001
e108a48ac4 ADD: added the 'hf mf hardnested' to be called within LUA scripts.
ADD: 'script run hard' - a first try for a lua script to run the hardnested attack on a complete tag.
2016-11-21 16:08:12 +01:00
iceman1001
711ae19fca CHG: Cleaning up 2016-11-18 11:31:52 +01:00
iceman1001
09bb01c73d ADD: "analyse hid" - new function that implements the 'heart of darkness' hid/iclass permute function. Its converted from the php-solution found in the paper to C. Ref: https://github.com/akw0088/HID-Card-Copy/blob/master/key-permutation/permute.php 2016-11-17 18:20:44 +01:00
iceman1001
fa5974bbf3 FIX: @matrix latest fixes 2016-11-16 22:31:09 +01:00
iceman1001
f07ffa7672 FIX: "hf mf hardnested" - removed the call to free_candidates_memory, on my ubuntu env it crashes all the time with it. 2016-11-16 19:19:06 +01:00
iceman1001
da8279796e FIX: that time.h issue is different on POSIX systems and WINDOWS system and in C... 2016-11-16 18:52:13 +01:00
iceman1001
a877bc2f01 FIX: wrong compile define used, __WIN32 should be _WIN32 2016-11-16 18:42:56 +01:00
iceman1001
7d159efe40 FIX: & 0xFF instead of uint8_t 2016-11-16 18:38:15 +01:00
iceman1001
1ca5dce0f4 FIX: removed some warnings about time_t in non-windows systems. This appeared since I fiddled in proxmark.h 2016-11-16 18:36:21 +01:00
iceman1001
3105b814c9 CHG: added the ping command to the header file. 2016-11-16 18:17:01 +01:00
iceman1001
06d09c98eb CHG: "hf mf hardnested" - fixes and additions.
- freeing candidate lists after generate_candidates calls.
  - longer timeout when waiting for responses (it takes a while to collect 58 nonces per call) From 3sec to 6sec
  - if best_first_byte[0] (best guess) has been the same for 3 nonces calls in a row, it enters the generate_candidates test.
  - when total_added_nonces increases but does not enter generate_candidates tests,  it now increases the threshold_index variable. Make the output look better

Known bugs still.
   - TestIfKeyExists sometimes crashes the client,  still after the null check.
   - proxmark3 device doesn't answer calls after entering brute_force call and fails finding a key,  where it should start collecting nonces again. This bug doesn't make sense.
2016-11-16 18:16:14 +01:00
iceman1001
2618e313bf CHG: textual change 2016-11-16 17:45:12 +01:00
iceman1001
77f3f9ff5c CHG: "hf mf hardnested" device side should empty bigbuff? 2016-11-16 17:44:08 +01:00
iceman1001
5fba8581f4 CHG: the reset of pcb_num should be before untraditional tags return. 2016-11-16 17:43:08 +01:00
iceman1001
4d812c139b CHG: "hf mf hardnested"
- latest clean up from @matrix
 - the device still doesnt answer when brute_force call fails. I've been trying to get the device to init after the brute_force call.
2016-11-15 12:49:13 +01:00
iceman1001
97f86b7a61 chg: removed a useless clearing of key_count. From @matrix 090682764b 2016-11-15 12:13:15 +01:00
iceman1001
6804338201 FIX: 'LF PYRAMID' the crc8_MAXIM and crc16_DNP was calling the wrong crc method. (update2 is the older and correct version). This solves the pyrmid issue with wrong checksums calculated.
Thanks to @rookieatall  @marshmellow42 for pointing out the bug. ref: http://www.proxmark.org/forum/viewtopic.php?id=4006
2016-11-14 21:41:18 +01:00
iceman1001
71ac327ba8 FIX: 'hf mf hardnested' @matrix e0828439bf 2016-11-08 13:27:50 +01:00
iceman1001
0b53530a10 CHG: "hf mf hardnested" disabled the tracelogging on deviceside during nonce acquiring. 2016-11-07 22:42:57 +01:00
iceman1001
360caababf FIX: decrease 2^39 -> 2^38. its a big searchspace anyway.
FIX: changed output and rearranged collecting nonces logic.

Still problems with "hard" keys,  the device stops responding after a "bruteforce" / "generate_candidates" call.. Very strange. shouldnt'
2016-11-07 22:41:18 +01:00
iceman1001
87a513aa1d FIX: "hf mf hardnested" when "key found" exting the do-while loop doesn't need to wait for device to respond. 2016-11-07 11:54:32 +01:00
iceman1001
8e4a0b3585 FIX: "hf mf hardnested" merging of @matrix commit bd8249afec 2016-11-07 11:11:14 +01:00
iceman1001
7fd676db11 FIX: @matrix 869a03c2c6
it still counts down the good bytes,
and I fixed the elapsed time.
2016-11-05 14:54:25 +01:00
iceman1001
325f26e25d CHG: removed unused variable 2016-11-03 15:15:25 +01:00
iceman1001
3a051ec10b CHG: don't consider the respons at all when sending the HALT command. 2016-11-03 15:00:17 +01:00
iceman1001
713f5d019c CHG: still issues left. 2016-10-29 23:58:59 +02:00
iceman1001
5e14319d2c FIX: several calls to nonce2key/nonce2key_ex has problems with not clearing up memory pointers laying around.
Still exists problem which needs to be dealt with.
2016-10-29 22:12:38 +02:00
iceman1001
60c33f7aa8 CHG: minor textual change to fit the minimum two calls nature for the zero parity attack 2016-10-29 21:45:36 +02:00
iceman1001
b403c30091 FIX: the time_t calls under mingw needs a #define _USE_32BIT_TIME_T 1 to be correct. It seems to work in "hf mf mifare" but not in "hf mf hardnested" 2016-10-29 21:42:46 +02:00
iceman1001
19693bdc06 FIX: 'hf mf mifare' - special zero parity attack vector now works. Thanks to the dude who figured this vector out: @douniwan5788 (sorry for comments, I was clearly wrong.) @piwi - for proving me wrong.
this version uses int64_t  (signed)  to signify end-of-lists (-1). It also needs its own compare function for the qsort.  I didn't merge this into existing code which uses uint64_t. (too lazy)
2016-10-29 21:41:02 +02:00
Iceman
9c6000a065 Merge pull request #51 from matrix/master
Improved Mifare Plus Atack (hf mf hardnested) - part 2
2016-10-29 16:39:07 +02:00
Gabriele Gristina
e7f43e92e9 Merge remote-tracking branch 'upstream/master' 2016-10-29 15:19:55 +02:00
iceman1001
d209443322 CHG: 'HF MF C*' (chinese backdoor commands) According to douniwan5788 some magic/clone tags answers to the halt cmd and some not. I think I captured his ideas.
ref: 13b71e58fd
2016-10-28 20:43:07 +02:00
iceman1001
c3c12b5571 CHG: clean up 2016-10-28 16:37:26 +02:00
iceman1001
ba39db376c CHG: just some parameter / variable name changes. Nuttin' special. 2016-10-28 16:37:01 +02:00