iceman1001
d48175d4f4
FIX: 'lf presco' demod fixes.
...
ADD: 'lf search' now also looks for Presco.
I know that the helptext is wrong (d should be p)
2016-12-15 00:01:31 +01:00
iceman1001
371535d566
ADD: forgot to add the files
2016-12-14 23:26:14 +01:00
iceman1001
9945a928c7
Syntax suger
2016-12-14 23:25:28 +01:00
iceman1001
5daad82660
ADD: Visa2000 demod
2016-12-14 23:23:53 +01:00
iceman1001
eb911aa8d6
ADD: 'lf visa2000' commands. (SIM/CLONE/READ) almost finished.
...
CHG: 'lf xxxxx' reduced number of samples from 30000 -> 20000 in "lf xxxxxx read" commands.
CHG: 'data samples' - didn't honor the silent parameter. It now output less for the 'lf xxxxxx read' commands.
2016-12-14 23:23:16 +01:00
iceman1001
dc3a58466d
CHG: 'lf search' changed output to be visible when debugging for IO prox
2016-12-13 12:27:40 +01:00
iceman1001
50282b85e4
CHG: syntaxt suger
2016-12-09 14:39:34 +01:00
iceman1001
8b2a5d400a
FIX: 'hf iclass dump' / 'hf iclass readtagfile' - the faulty output from these commands are now fixed.
2016-12-09 14:38:51 +01:00
iceman1001
c5af4b5d8c
CHG: 'hf iclass dump' - output fixes
...
CHG: 'hf iclass readtagfile' - output fixes
2016-12-08 18:02:48 +01:00
iceman1001
541231b805
REM: removed a double entry. it seems 'hf mf check' doesnt uniq-sort this file.
2016-12-08 18:01:54 +01:00
iceman1001
f7e98f1fb6
FIX: 'iclass write'
2016-12-07 17:43:13 +01:00
iceman1001
5b8167fb97
FIX: 'iclass write'
...
thanks to prof_abrasive && go_tus
ref: http://www.proxmark.org/forum/viewtopic.php?id=4033
2016-12-07 17:07:23 +01:00
iceman1001
dbbc82968c
CHG: got insperation from https://github.com/menshiyun/proxmark3/commits/local and the clean variable.
2016-12-07 17:06:15 +01:00
iceman1001
b7f40ee2ad
CHG: added a check if err variable is NIL.
2016-11-22 11:55:23 +01:00
iceman1001
d1e197e9ec
FIX: the changes to uart.c timings seems to have fixed my problem with the pm3 device getting unresponsive.
...
CHG: "script run hard" now iterates all sectors on the tag and output the table style like "hf mf chkkey" do.
2016-11-22 01:58:11 +01:00
iceman1001
e108a48ac4
ADD: added the 'hf mf hardnested' to be called within LUA scripts.
...
ADD: 'script run hard' - a first try for a lua script to run the hardnested attack on a complete tag.
2016-11-21 16:08:12 +01:00
iceman1001
711ae19fca
CHG: Cleaning up
2016-11-18 11:31:52 +01:00
iceman1001
09bb01c73d
ADD: "analyse hid" - new function that implements the 'heart of darkness' hid/iclass permute function. Its converted from the php-solution found in the paper to C. Ref: https://github.com/akw0088/HID-Card-Copy/blob/master/key-permutation/permute.php
2016-11-17 18:20:44 +01:00
iceman1001
fa5974bbf3
FIX: @matrix latest fixes
2016-11-16 22:31:09 +01:00
iceman1001
f07ffa7672
FIX: "hf mf hardnested" - removed the call to free_candidates_memory, on my ubuntu env it crashes all the time with it.
2016-11-16 19:19:06 +01:00
iceman1001
da8279796e
FIX: that time.h issue is different on POSIX systems and WINDOWS system and in C...
2016-11-16 18:52:13 +01:00
iceman1001
a877bc2f01
FIX: wrong compile define used, __WIN32 should be _WIN32
2016-11-16 18:42:56 +01:00
iceman1001
7d159efe40
FIX: & 0xFF instead of uint8_t
2016-11-16 18:38:15 +01:00
iceman1001
1ca5dce0f4
FIX: removed some warnings about time_t in non-windows systems. This appeared since I fiddled in proxmark.h
2016-11-16 18:36:21 +01:00
iceman1001
3105b814c9
CHG: added the ping command to the header file.
2016-11-16 18:17:01 +01:00
iceman1001
06d09c98eb
CHG: "hf mf hardnested" - fixes and additions.
...
- freeing candidate lists after generate_candidates calls.
- longer timeout when waiting for responses (it takes a while to collect 58 nonces per call) From 3sec to 6sec
- if best_first_byte[0] (best guess) has been the same for 3 nonces calls in a row, it enters the generate_candidates test.
- when total_added_nonces increases but does not enter generate_candidates tests, it now increases the threshold_index variable. Make the output look better
Known bugs still.
- TestIfKeyExists sometimes crashes the client, still after the null check.
- proxmark3 device doesn't answer calls after entering brute_force call and fails finding a key, where it should start collecting nonces again. This bug doesn't make sense.
2016-11-16 18:16:14 +01:00
iceman1001
2618e313bf
CHG: textual change
2016-11-16 17:45:12 +01:00
iceman1001
77f3f9ff5c
CHG: "hf mf hardnested" device side should empty bigbuff?
2016-11-16 17:44:08 +01:00
iceman1001
5fba8581f4
CHG: the reset of pcb_num should be before untraditional tags return.
2016-11-16 17:43:08 +01:00
iceman1001
4d812c139b
CHG: "hf mf hardnested"
...
- latest clean up from @matrix
- the device still doesnt answer when brute_force call fails. I've been trying to get the device to init after the brute_force call.
2016-11-15 12:49:13 +01:00
iceman1001
97f86b7a61
chg: removed a useless clearing of key_count. From @matrix 090682764b
2016-11-15 12:13:15 +01:00
iceman1001
6804338201
FIX: 'LF PYRAMID' the crc8_MAXIM and crc16_DNP was calling the wrong crc method. (update2 is the older and correct version). This solves the pyrmid issue with wrong checksums calculated.
...
Thanks to @rookieatall @marshmellow42 for pointing out the bug. ref: http://www.proxmark.org/forum/viewtopic.php?id=4006
2016-11-14 21:41:18 +01:00
iceman1001
71ac327ba8
FIX: 'hf mf hardnested' @matrix e0828439bf
2016-11-08 13:27:50 +01:00
iceman1001
0b53530a10
CHG: "hf mf hardnested" disabled the tracelogging on deviceside during nonce acquiring.
2016-11-07 22:42:57 +01:00
iceman1001
360caababf
FIX: decrease 2^39 -> 2^38. its a big searchspace anyway.
...
FIX: changed output and rearranged collecting nonces logic.
Still problems with "hard" keys, the device stops responding after a "bruteforce" / "generate_candidates" call.. Very strange. shouldnt'
2016-11-07 22:41:18 +01:00
iceman1001
87a513aa1d
FIX: "hf mf hardnested" when "key found" exting the do-while loop doesn't need to wait for device to respond.
2016-11-07 11:54:32 +01:00
iceman1001
8e4a0b3585
FIX: "hf mf hardnested" merging of @matrix commit bd8249afec
2016-11-07 11:11:14 +01:00
iceman1001
7fd676db11
FIX: @matrix 869a03c2c6
...
it still counts down the good bytes,
and I fixed the elapsed time.
2016-11-05 14:54:25 +01:00
iceman1001
325f26e25d
CHG: removed unused variable
2016-11-03 15:15:25 +01:00
iceman1001
3a051ec10b
CHG: don't consider the respons at all when sending the HALT command.
2016-11-03 15:00:17 +01:00
iceman1001
713f5d019c
CHG: still issues left.
2016-10-29 23:58:59 +02:00
iceman1001
5e14319d2c
FIX: several calls to nonce2key/nonce2key_ex has problems with not clearing up memory pointers laying around.
...
Still exists problem which needs to be dealt with.
2016-10-29 22:12:38 +02:00
iceman1001
60c33f7aa8
CHG: minor textual change to fit the minimum two calls nature for the zero parity attack
2016-10-29 21:45:36 +02:00
iceman1001
b403c30091
FIX: the time_t calls under mingw needs a #define _USE_32BIT_TIME_T 1 to be correct. It seems to work in "hf mf mifare" but not in "hf mf hardnested"
2016-10-29 21:42:46 +02:00
iceman1001
19693bdc06
FIX: 'hf mf mifare' - special zero parity attack vector now works. Thanks to the dude who figured this vector out: @douniwan5788 (sorry for comments, I was clearly wrong.) @piwi - for proving me wrong.
...
this version uses int64_t (signed) to signify end-of-lists (-1). It also needs its own compare function for the qsort. I didn't merge this into existing code which uses uint64_t. (too lazy)
2016-10-29 21:41:02 +02:00
Iceman
9c6000a065
Merge pull request #51 from matrix/master
...
Improved Mifare Plus Atack (hf mf hardnested) - part 2
2016-10-29 16:39:07 +02:00
Gabriele Gristina
e7f43e92e9
Merge remote-tracking branch 'upstream/master'
2016-10-29 15:19:55 +02:00
iceman1001
d209443322
CHG: 'HF MF C*' (chinese backdoor commands) According to douniwan5788 some magic/clone tags answers to the halt cmd and some not. I think I captured his ideas.
...
ref: 13b71e58fd
2016-10-28 20:43:07 +02:00
iceman1001
c3c12b5571
CHG: clean up
2016-10-28 16:37:26 +02:00
iceman1001
ba39db376c
CHG: just some parameter / variable name changes. Nuttin' special.
2016-10-28 16:37:01 +02:00