RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2024-09-21 07:46:12 +08:00
Code Issues Packages Projects Releases Wiki Activity
6529 commits 3 branches 14 tags 86 MiB
Commit graph

224 commits

Author SHA1 Message Date
iceman1001 2491a25235 FIX; the "L" optional parameter for swapping endianess on used authentication key. It is now implemented for following commands. 
"HF MFU INFO"
"HF MFU DUMP"
"HF MFU RDBL"
"HF MFU WRBL"

CHG;  I commented away the option to add the key to the dump, since it is not written in big-endian, like the data is on ULC. This needs to be addressed before it comes back. I like the idea of having keys inside the dumps on the correct places.
 2015-05-21 23:17:01 +02:00
marshmellow42 efd193519c hf mfu bug fixes, and help text fixes 2015-05-21 11:17:01 -04:00
iceman1001 f605970307 FIX: call the wrong usage_hf_mfu method. 
CHG: minor help text changes.
 2015-05-20 23:52:56 +02:00
iceman1001 fff69a1e34 CHG: Merged the "hf mfu rdbl" and "hf mfu crdbl" commands into "hf mfu rdbl". One read command. 
CHG:  Merged the "hf mfu wrbl" and "hf mfu cwrbl" commands into "hf mfu wrbl". One write command.

Both new commands implement a help, authentication (0x1A/0x1B) for ULC and the rest,
 2015-05-20 23:44:11 +02:00
marshmellow42 1c429594a1 further mfu info updates 
needed to auth select when a command failed for locked tags.
some output cleanups from @iceman1001
 2015-05-20 16:47:40 -04:00
iceman1001 329f5cf2a5 CHG: making sure all outputs follow the same pattern in "hf mfu info" 2015-05-20 22:04:40 +02:00
iceman1001 c81a80dc96 FIX: made the authentication part a bit clearer. It now uses two booleans to seperate which type of authentication was requested from user. 2015-05-20 21:44:22 +02:00
marshmellow42 cd87ee9133 finish NTAG i2c +... 
thanks iceman
 2015-05-20 15:42:58 -04:00
marshmellow42 46fcd738e0 finish NTAG i2c +... 
thanks @iceman1001
 2015-05-20 15:41:48 -04:00
iceman1001 1fa96198bb ADD: @marshmellow42 latest fixes, 
CHG: change name to fancey "NTAG I²C 1K"
 2015-05-20 21:03:58 +02:00
marshmellow42 8241872c47 ULEV1_48 had the wrong max block 2015-05-20 14:22:26 -04:00
marshmellow42 ea11861793 minor adjustments to hf mfu 2015-05-20 14:17:43 -04:00
marshmellow42 c7442b7673 Add NTAG i2c and bug fix 
also streamlined select tag code
 2015-05-20 14:06:46 -04:00
iceman1001 623db3559b CHG: the new NTAG_i2c_1K enums, broke the uint16_t size.. Had to go up one level. 2015-05-20 19:26:11 +02:00
iceman1001 05f7accdbb CHG: @marshmellows changes. 
ADD: NTAG i2c 1K / NTAG i2c 2K identification.
 2015-05-20 19:20:26 +02:00
marshmellow42 a383f4b708 Add ntag 210, 212, 203 and bug fix 2015-05-20 11:27:44 -04:00
iceman1001 b61e397962 ADD: NTAG_210, NTAG_212 support / identification. @marshmellow42 's idea. 2015-05-20 14:09:40 +02:00
iceman1001 e9bb4f47ee CHG: "hf mfu info" now always tries to read the NDEF CC. (was restricted to only NTAG213,215,216 before) 2015-05-20 10:36:55 +02:00
iceman1001 593fc3c9a3 FIX: comment out a #include to reveng (my experiment) 
ADD: Started to add a NTAG203 identification.   Its a hard tag to pinpoint. Doesn't have GET_VERSION,
 2015-05-19 21:45:06 +02:00
marshmellow42 29250969b0 @iceman1001 s comments/updates mfu cmds 2015-05-18 22:07:11 -04:00
iceman1001 e7e9508883 @Marshmellow42 's cleanup isn device-side "hf mfu" code. Looks nice. Dump uses bigbuffer now, and can dump NTAG216 :) 
Consistency on the client-side code "hf mfu".  looks nice.
 2015-05-18 20:58:33 +02:00
marshmellow42 9d87eb6650 MF ultralight code cleanup 2015-05-18 13:11:00 -04:00
marshmellow42 8258f40969 Iceman1001 s MFU clean up 
cleaned up MF UL_C auth code device side.
 2015-05-17 20:49:25 -04:00
iceman1001 833081e3e7 add: @marshmellow changes, 
chg: remade the authentication for ULC..
 2015-05-16 15:27:53 +02:00
marshmellow42 cceabb79e6 mfu info / dump attempt at missing auths 
NOT TESTED.  will test soon.  probably has bugs!
 2015-05-16 01:00:31 -04:00
marshmellow42 ae8303c13c mfu dump - beginning of additions 2015-05-15 01:19:58 -04:00
marshmellow42 5b99376a8f hf mfu dump testing 2015-05-15 00:57:51 -04:00
iceman1001 224e8c1a4d ADD: @marshmellows fixes 2015-05-13 20:16:18 +02:00
marshmellow42 6fdf42c61c minor hf mfu info adjustment from @iceman1001 2015-05-13 11:22:27 -04:00
marshmellow42 e6432f0579 @iceman1001 s coverity scan fixes 2015-05-13 11:14:17 -04:00
marshmellow42 2b3af97df2 various bug fixes 2015-05-13 11:07:47 -04:00
iceman1001 7a5d49b5b4 @marshmellow42 ideas 
FIX: removed some unneeded calls to ul_switch_off_field.
FIX: once again the OTP is printed nevertheless if its a NDEF CC
 2015-05-13 15:48:32 +02:00
iceman1001 2696349f16 BUGS: Coverty Scan, fixes some memory bugs 2015-05-13 13:23:53 +02:00
iceman1001 c92cf81495 minor textual changes 2015-05-13 09:07:47 +02:00
marshmellow42 a2e2bb8a15 hf mfu info - ICEMANS updates 
plus slight change to UL_EV1 auth annotation.
 2015-05-12 18:16:55 -04:00
iceman1001 98cdd56862 ADD: added option to call "hf mfu info" with a authentication key. 
ADD: added a help text for "hf mfu info"   usage_hf_mfu_info
ADD: added @marshmellows changes & fixes.
 2015-05-12 18:55:34 +02:00
marshmellow42 8ceb6b03e5 hf search - prelim - re-use hf mfu GetTagType... 
in hf 14a reader to identify UL(+)

still a work in progress.
 2015-05-12 00:19:44 -04:00
marshmellow42 2be768af57 hf mfu info bugs 2015-05-11 18:22:50 -04:00
marshmellow42 4693c188ab minor hf mfu output consistancies 2015-05-11 16:25:11 -04:00
marshmellow42 345fb24aaa hf mfu info - ICEMANS bug fixes. 2015-05-11 15:56:12 -04:00
marshmellow42 f04ef47311 hf mfu info bug fixes 2015-05-11 14:49:37 -04:00
iceman1001 fce738fc90 CHG: minor textual changes, consistency... 2015-05-11 20:38:13 +02:00
iceman1001 ebd7412d7d BUG: Read the wrong page(2) as Capability container, should be 3. 
BUG:  NTAG 215 identification was wrong (!=)  should been (==)
 2015-05-11 15:54:02 +02:00
marshmellow42 f805ac7a2b minor adjustments to mfu info 2015-05-08 13:01:27 -04:00
marshmellow42 c585a5cf0b further MFU info updates (mainly icemans) 2015-05-06 22:15:41 -04:00
iceman1001 802319a37e ADD: added the new magic detection, where we send a partial ISO14443A_CMD_WRITEBLOCK (0xA0) command to page 0. if the tag answer 0xA ACK (its magic) or if it answers 0x00 NACK its not. 
The normal behavior for a tag is to send NACK.
 2015-05-06 23:50:31 +02:00
iceman1001 aebe77905b CHG: extracted the UL_C & UL magic tests. 
ADD: a raw write command also there.
CHG: "hf mfu info" got some more love,  looks better too.
      UL_EV1 / NTAG,  only try known passwords if AUTHLIM is set to 0.
 2015-05-06 22:40:46 +02:00
marshmellow42 372a82570b MFU adj to allow 0 len returns on raw cmds 2015-05-06 10:17:39 -04:00
marshmellow42 45673b9457 MFU adjustment to allow 0 len returns from raw cmds 2015-05-06 10:16:31 -04:00
marshmellow42 abab60ae21 MFU info adjustments 2015-05-06 09:27:03 -04:00
iceman1001 2b03dea768 ADD: UL-EV1 signature printing. 
CHG: @marshmellows changes.
 2015-05-06 14:19:23 +02:00
iceman1001 69a2953679 FIX: nasty bug when memcpy structs.. 
ADD: @piwi's  topaz commands
 2015-05-06 09:30:48 +02:00
marshmellow42 75377d29d6 MFU - Icemans further improvements 
add UL-C device side read card with authentication
add MF_UL-Annotations
add ntag, and more ul descriptions in hf mfu info
 2015-05-06 00:55:29 -04:00
iceman1001 a903be4361 CHG: "HF MFU INFO" extracted more printstatements 2015-05-05 23:26:05 +02:00
iceman1001 b9a3c8642e ADD: "HF MFU INFO" Reading and printing of UL-EV1 configuration pages. 2015-05-05 23:14:55 +02:00
iceman1001 8297860e25 CHG: making sure no buffer overflows will occure in ul_send_cmd_raw by adding responseLength parameter to all calls. 
CHG: added UL-C configurations details to be printed
 2015-05-05 22:15:02 +02:00
iceman1001 996fda30ee BUG: missing %s in printing version tagtype. Thanks @Marshmellow! 
BUG: buffer overflow when reading the Capability Container.   Thanks @Marshmellow!
 2015-05-05 13:25:54 +02:00
iceman1001 2c74558d71 CHG: enhanced the "hf mfu info" a lot. It can detect UL/UL-C/UL-EV1/NTAG213/NTAG215/NTAG216 
and at present it can detect if a UL-C tag is magic (uid changeable)

FOR UL it writes the first configuration pages 0-3.
For UL_C  it tests some default 3des keys,  and lock / confg bytes at pages 42-43,44-47
For UL_EV1  / NTAG  it collects the GETVERSION command and tries to read 3 counters.,  it also tries one default password of 0xFF,0xFF,0xFF,0xFF  for the EV1 /NTAG  authentication 0x1B.

FOR UL_C_MAGIC,  it tries to see if the gatherd nonces for authentication 0x1A is the same, which indicates on my tags that they are magic.

There is the @marshmellow changes to "hf mfu dump" command.

This commit needs testing, and is to be considered experimental.
 2015-05-05 00:25:10 +02:00
marshmellow42 f9848fd647 MFU dump UL-C with key 
adding UL-C auth and keys to dump cmd
swapped endian for input of hf mfu crdbl to match output of hf mfu info
cmd and tag info app
 2015-05-03 23:17:11 -04:00
marshmellow42 b3125340f3 Icemans UL-C Auth dev side fix plus a few other ... 
... small UL fixes
 2015-05-03 15:41:11 -04:00
iceman1001 1c1c5f4cae CHG: "hf mfu crdbl" help text, got at correct length 3des key. 
CHG: Added @marshmellows fixes for "hf mfu info"
CHG: moved some debug printandlog statements around.
 2015-05-01 15:33:54 +02:00
marshmellow42 7eec1204e7 fix bug in mfu cauth 2015-04-30 10:34:20 -04:00
marshmellow42 92690507ab Iceman's updates to MFU info and dump 2015-04-30 09:28:43 -04:00
iceman1001 1ec21089b2 CHG: the work in progress of making "HF MFU INFO" / "HF MFU DUMP" goes on. 
ook @marshmellows changes and remade them a bit. TagTypeUL_t behaves like a flag-enum.
     "HF MFU DUMP" now autodetects tagtype, and the deviceside should report back proper length.
 2015-04-30 10:15:52 +02:00
marshmellow42 f168b2633b MF Ultralight - Iceman's updates + mine 
Beginning of Ultralight additions.
detection of Ultralight Types added
dump command now auto detects type
can authenticate Ultralight C
 2015-04-29 18:27:31 -04:00
iceman1001 a8be77afd1 CHG: re-factored the "HF MFU CAUTH" command to be simpler. 
ADD:  "HF MFU INFO",  added detection of MAGIC UL-C tags and a simple loop test 5 default 3des keys.
 2015-04-29 20:24:37 +02:00
iceman1001 5d554ea67f ADD: HF MFU SETUID, this commands helps changing the UID on a magic UL, UL-C tag. 
It reads block2,  since only one byte is going to change. Then it proceds to write block 0,1,2 with recalc BCC1, BCC2 bytes.

CHG:  HF MFU INFO, got some love in the form of detection of UL/UL-C/UL-EV1.  Took same idea from HF 14A READER.
 2015-04-28 23:31:22 +02:00
iceman1001 395f6a814f ADD: changes to the Ultralight diviersification algo. 2015-04-24 18:38:24 +02:00
iceman1001 f2019c773d CHG: minor comments. 2015-04-01 17:53:33 +02:00
iceman1001 aa60d1560e NEW: HF MFU SETPWD - set password to a Ultralight C tag. 
NEW: HF MFU SETUID - set UID to a magic UL / UL-C tag.   *not implemented*
CHG: minor alignment for "Hf list" output.
CHG: removed unneeded function parameters to the ultralight commands
CHG: the const MAX_MIFARE_FRAME_SIZE is changed to MAX_FRAME_SIZE in the ultralight commands since the UL-Ev1 can have bigger frames than 18bytes.
CHG: adding DES support for the Ultralight-c read commands on deviceside.
 2015-03-30 16:24:03 +02:00
iceman1001 0ec548dc21 Merge branch 'master' of https://github.com/Proxmark/proxmark3 
Conflicts:
	armsrc/lfops.c
	client/cmddata.c
	client/cmdlf.c
	client/cmdlft55xx.c
	client/cmdlft55xx.h
	client/scripts/test_t55x7_bi.lua
 2015-03-24 11:45:31 +01:00
iceman1001 f1170fa79e ADD: "HF MFU CRDBL", Started to add the password for reading blocks. Wasn't used before :( 2015-03-18 20:34:17 +01:00
Martin Holst Swende afceaf4018 Removed openssl from the mfu-stuff 2015-01-22 21:02:21 +01:00
iceman1001 81740aa519 STEP 3 - the actual new files for Ultralight. 
ADD: script remagic.lua  --  a script to make a "dead" Mifare s50 generation 1 alive again.
ADD: tracetest.lua  - This script will load several traces files in ../traces/ folder and do
"data load"
"lf search"
ADD: test_t55x7_psk.lua   -  iterates thru a lot of calls to check the new psk demods.

all new scripts implements the  "-h"  for help text.
 2015-01-20 21:29:55 +01:00