]>
git.zerfleddert.de Git - proxmark3-svn/log
iceman1001 [Wed, 20 May 2015 17:26:11 +0000 (19:26 +0200)]
CHG: the new NTAG_i2c_1K enums, broke the uint16_t size.. Had to go up one level.
iceman1001 [Wed, 20 May 2015 17:20:26 +0000 (19:20 +0200)]
CHG: @marshmellows changes.
ADD: NTAG i2c 1K / NTAG i2c 2K identification.
iceman1001 [Wed, 20 May 2015 12:09:40 +0000 (14:09 +0200)]
ADD: NTAG_210, NTAG_212 support / identification. @marshmellow42 's idea.
iceman1001 [Wed, 20 May 2015 08:36:55 +0000 (10:36 +0200)]
CHG: "hf mfu info" now always tries to read the NDEF CC. (was restricted to only NTAG213,215,216 before)
iceman1001 [Tue, 19 May 2015 19:45:06 +0000 (21:45 +0200)]
FIX: comment out a #include to reveng (my experiment)
ADD: Started to add a NTAG203 identification. Its a hard tag to pinpoint. Doesn't have GET_VERSION,
iceman1001 [Tue, 19 May 2015 16:46:38 +0000 (18:46 +0200)]
@Marshmellow42 's fixes for bigbuf.
iceman1001 [Tue, 19 May 2015 06:56:53 +0000 (08:56 +0200)]
CHG: the device-side code for "hf 14a sim x"
BUG: bcc1 xored error fix in "hf mf sim"
CHG: function rename Snoop -> Sniff.
iceman1001 [Mon, 18 May 2015 18:58:33 +0000 (20:58 +0200)]
@Marshmellow42 's cleanup isn device-side "hf mfu" code. Looks nice. Dump uses bigbuffer now, and can dump NTAG216 :)
Consistency on the client-side code "hf mfu". looks nice.
iceman1001 [Sat, 16 May 2015 13:37:27 +0000 (15:37 +0200)]
CHG: the name change from "HF 14A SNOOP" -> "HF 14A SNIFF"
iceman1001 [Sat, 16 May 2015 13:36:40 +0000 (15:36 +0200)]
ADD: experimantal test of adding "reveng 1.30" source code into the PM3 Client.
iceman1001 [Sat, 16 May 2015 13:34:01 +0000 (15:34 +0200)]
CHG: the "HF MFU" authentication changes.
CHG: name change from "hf 14a snoop" -> "hf 14a sniff"..
iceman1001 [Sat, 16 May 2015 13:32:43 +0000 (15:32 +0200)]
chg: for the "hf mfu" authentication changes.
iceman1001 [Sat, 16 May 2015 13:30:17 +0000 (15:30 +0200)]
chg: @marshmellows changes to "hf 14a reader"
add: the experimental "hf 14a sim x" attack impl.
chg: sorry, but I never liked that sniffing was called snooping in this command. So I changed it to "sniff".
iceman1001 [Sat, 16 May 2015 13:27:53 +0000 (15:27 +0200)]
add: @marshmellow changes,
chg: remade the authentication for ULC..
iceman1001 [Wed, 13 May 2015 18:16:18 +0000 (20:16 +0200)]
ADD: @marshmellows fixes
iceman1001 [Wed, 13 May 2015 13:48:32 +0000 (15:48 +0200)]
@marshmellow42 ideas
FIX: removed some unneeded calls to ul_switch_off_field.
FIX: once again the OTP is printed nevertheless if its a NDEF CC
iceman1001 [Wed, 13 May 2015 12:08:59 +0000 (14:08 +0200)]
BUGS: more Coverity scan fixes.
iceman1001 [Wed, 13 May 2015 11:23:53 +0000 (13:23 +0200)]
BUGS: Coverty Scan, fixes some memory bugs
iceman1001 [Wed, 13 May 2015 07:18:37 +0000 (09:18 +0200)]
minor code clean up
iceman1001 [Wed, 13 May 2015 07:15:53 +0000 (09:15 +0200)]
a minor clean up when printing the key
iceman1001 [Wed, 13 May 2015 07:13:42 +0000 (09:13 +0200)]
Added @marshmellow42 "hf search"
iceman1001 [Wed, 13 May 2015 07:10:47 +0000 (09:10 +0200)]
ADD: preparation for @marshmellow42 "hf search"
FIX: the "hf list" had not correct spaces between the lines, in my version. Fix now.
iceman1001 [Wed, 13 May 2015 07:07:47 +0000 (09:07 +0200)]
minor textual changes
iceman1001 [Wed, 13 May 2015 07:06:47 +0000 (09:06 +0200)]
Minor clean ups
iceman1001 [Wed, 13 May 2015 07:05:21 +0000 (09:05 +0200)]
another key..
iceman1001 [Tue, 12 May 2015 18:27:45 +0000 (20:27 +0200)]
ADD: Print the key for ULEV1/NTAG authentication if sent in cmdhf.c "HF LIST 14A"
iceman1001 [Tue, 12 May 2015 17:50:47 +0000 (19:50 +0200)]
ADD: found a BCARD KeyB on the net. ref: http://irq5.io/2013/04/13/decoding-bcard-conference-badges/
iceman1001 [Tue, 12 May 2015 16:57:47 +0000 (18:57 +0200)]
FIX: increased the limit to 0xE6 for MIFARE_ULEV1_FASTREAD
ADD: @marshmellows inital "hf search" command...
iceman1001 [Tue, 12 May 2015 16:55:34 +0000 (18:55 +0200)]
ADD: added option to call "hf mfu info" with a authentication key.
ADD: added a help text for "hf mfu info" usage_hf_mfu_info
ADD: added @marshmellows changes & fixes.
iceman1001 [Mon, 11 May 2015 18:38:13 +0000 (20:38 +0200)]
CHG: minor textual changes, consistency...
iceman1001 [Mon, 11 May 2015 17:38:53 +0000 (19:38 +0200)]
ADD: added a List parameter to tnp3clone.lua script.
iceman1001 [Mon, 11 May 2015 17:37:44 +0000 (19:37 +0200)]
ADD: another default key: VIGIK1
iceman1001 [Mon, 11 May 2015 13:54:02 +0000 (15:54 +0200)]
BUG: Read the wrong page(2) as Capability container, should be 3.
BUG: NTAG 215 identification was wrong (!=) should been (==)
iceman1001 [Wed, 6 May 2015 21:50:31 +0000 (23:50 +0200)]
ADD: added the new magic detection, where we send a partial ISO14443A_CMD_WRITEBLOCK (0xA0) command to page 0. if the tag answer 0xA ACK (its magic) or if it answers 0x00 NACK its not.
The normal behavior for a tag is to send NACK.
iceman1001 [Wed, 6 May 2015 20:41:40 +0000 (22:41 +0200)]
CHG: clearing a char array before using.
iceman1001 [Wed, 6 May 2015 20:40:46 +0000 (22:40 +0200)]
CHG: extracted the UL_C & UL magic tests.
ADD: a raw write command also there.
CHG: "hf mfu info" got some more love, looks better too.
UL_EV1 / NTAG, only try known passwords if AUTHLIM is set to 0.
iceman1001 [Wed, 6 May 2015 12:20:24 +0000 (14:20 +0200)]
CHG: @marshmellows changes to anntations.
iceman1001 [Wed, 6 May 2015 12:19:23 +0000 (14:19 +0200)]
ADD: UL-EV1 signature printing.
CHG: @marshmellows changes.
iceman1001 [Wed, 6 May 2015 07:30:48 +0000 (09:30 +0200)]
FIX: nasty bug when memcpy structs..
ADD: @piwi's topaz commands
iceman1001 [Tue, 5 May 2015 21:26:05 +0000 (23:26 +0200)]
CHG: "HF MFU INFO" extracted more printstatements
iceman1001 [Tue, 5 May 2015 21:14:55 +0000 (23:14 +0200)]
ADD: "HF MFU INFO" Reading and printing of UL-EV1 configuration pages.
iceman1001 [Tue, 5 May 2015 20:15:02 +0000 (22:15 +0200)]
CHG: making sure no buffer overflows will occure in ul_send_cmd_raw by adding responseLength parameter to all calls.
CHG: added UL-C configurations details to be printed
iceman1001 [Tue, 5 May 2015 11:25:54 +0000 (13:25 +0200)]
BUG: missing %s in printing version tagtype. Thanks @Marshmellow!
BUG: buffer overflow when reading the Capability Container. Thanks @Marshmellow!
iceman1001 [Mon, 4 May 2015 22:37:13 +0000 (00:37 +0200)]
chg: minor spelling change from MIFARE_ULEV1_VERS -> MIFARE_ULEV1_VERSION
iceman1001 [Mon, 4 May 2015 22:35:56 +0000 (00:35 +0200)]
CHG: reverted a method declaration.
iceman1001 [Mon, 4 May 2015 22:34:20 +0000 (00:34 +0200)]
CHG: for the 2k3des changes
iceman1001 [Mon, 4 May 2015 22:33:07 +0000 (00:33 +0200)]
CHG: added 2k3des to ULC READCARD.
iceman1001 [Mon, 4 May 2015 22:31:02 +0000 (00:31 +0200)]
ADD: @holimans changes.
iceman1001 [Mon, 4 May 2015 22:27:34 +0000 (00:27 +0200)]
CHG: minor spelling
iceman1001 [Mon, 4 May 2015 22:26:17 +0000 (00:26 +0200)]
ADD: @marshmellows changes
iceman1001 [Mon, 4 May 2015 22:25:10 +0000 (00:25 +0200)]
CHG: enhanced the "hf mfu info" a lot. It can detect UL/UL-C/UL-EV1/NTAG213/NTAG215/NTAG216
and at present it can detect if a UL-C tag is magic (uid changeable)
FOR UL it writes the first configuration pages 0-3.
For UL_C it tests some default 3des keys, and lock / confg bytes at pages 42-43,44-47
For UL_EV1 / NTAG it collects the GETVERSION command and tries to read 3 counters., it also tries one default password of 0xFF,0xFF,0xFF,0xFF for the EV1 /NTAG authentication 0x1B.
FOR UL_C_MAGIC, it tries to see if the gatherd nonces for authentication 0x1A is the same, which indicates on my tags that they are magic.
There is the @marshmellow changes to "hf mfu dump" command.
This commit needs testing, and is to be considered experimental.
iceman1001 [Fri, 1 May 2015 13:33:54 +0000 (15:33 +0200)]
CHG: "hf mfu crdbl" help text, got at correct length 3des key.
CHG: Added @marshmellows fixes for "hf mfu info"
CHG: moved some debug printandlog statements around.
iceman1001 [Fri, 1 May 2015 13:29:19 +0000 (15:29 +0200)]
FIX: the HF MFU CREAD command on deviceside now can do a proper ATUTHENTICATION request with 2KEY3DES.
iceman1001 [Thu, 30 Apr 2015 08:15:52 +0000 (10:15 +0200)]
CHG: the work in progress of making "HF MFU INFO" / "HF MFU DUMP" goes on.
ook @marshmellows changes and remade them a bit. TagTypeUL_t behaves like a flag-enum.
"HF MFU DUMP" now autodetects tagtype, and the deviceside should report back proper length.
iceman1001 [Wed, 29 Apr 2015 18:24:37 +0000 (20:24 +0200)]
CHG: re-factored the "HF MFU CAUTH" command to be simpler.
ADD: "HF MFU INFO", added detection of MAGIC UL-C tags and a simple loop test 5 default 3des keys.
iceman1001 [Tue, 28 Apr 2015 21:34:16 +0000 (23:34 +0200)]
REM: Removed the CSETUID stub. Its implemented on the client side instead.
iceman1001 [Tue, 28 Apr 2015 21:32:45 +0000 (23:32 +0200)]
REM: Removed the GetVendorStr, and used the getTagInfo() instead.
iceman1001 [Tue, 28 Apr 2015 21:31:22 +0000 (23:31 +0200)]
ADD: HF MFU SETUID, this commands helps changing the UID on a magic UL, UL-C tag.
It reads block2, since only one byte is going to change. Then it proceds to write block 0,1,2 with recalc BCC1, BCC2 bytes.
CHG: HF MFU INFO, got some love in the form of detection of UL/UL-C/UL-EV1. Took same idea from HF 14A READER.
iceman1001 [Tue, 28 Apr 2015 18:59:20 +0000 (20:59 +0200)]
CHG: added some sanity checks for the Ultralight-EV1 annotations, to make less false positives in the tracelog
iceman1001 [Tue, 28 Apr 2015 18:58:18 +0000 (20:58 +0200)]
CHG: fixed a better detection for Ultralight, Ultralight-C, Ultralight-EV1 tags.
--see https://github.com/Proxmark/proxmark3/issues/96
-- still todo, finding a good way of detecting Magic Ultralight-C tags.
-- thanks @marshmellow for pointing out proper UL-C tags responses is different.
iceman1001 [Sun, 26 Apr 2015 16:06:36 +0000 (18:06 +0200)]
FIX: forgot an argument.
iceman1001 [Sun, 26 Apr 2015 16:05:45 +0000 (18:05 +0200)]
CHG: removed linebreak in string.
iceman1001 [Sun, 26 Apr 2015 16:05:06 +0000 (18:05 +0200)]
ADD: some more default keys.
iceman1001 [Sun, 26 Apr 2015 16:03:57 +0000 (18:03 +0200)]
CHG: added some linebreaks for the help output in LF.
iceman1001 [Sun, 26 Apr 2015 16:03:21 +0000 (18:03 +0200)]
ADD: "HF 14A READ", got ULTRALIGHT C / EV1 annotation
iceman1001 [Fri, 24 Apr 2015 17:04:01 +0000 (19:04 +0200)]
Merge branch 'master' of https://github.com/Proxmark/proxmark3
Conflicts:
client/cmddata.c
client/cmddata.h
client/cmdhfmf.c
client/cmdlf.c
client/cmdlfem4x.h
client/cmdlft55xx.c
client/lualibs/default_toys.lua
client/scripts/tnp3clone.lua
client/scripts/tnp3dump.lua
client/scripts/tnp3sim.lua
iceman1001 [Fri, 24 Apr 2015 16:41:49 +0000 (18:41 +0200)]
ADD: Started a "collect nonces" concept to be able to analyse the tag generated nonces.
iceman1001 [Fri, 24 Apr 2015 16:38:24 +0000 (18:38 +0200)]
ADD: changes to the Ultralight diviersification algo.
iceman1001 [Fri, 24 Apr 2015 16:37:40 +0000 (18:37 +0200)]
ADD: charatect name, level, sequence number,
CHG: minor code clean up.
iceman1001 [Fri, 24 Apr 2015 16:36:11 +0000 (18:36 +0200)]
CHG: some minor code cleanup.
iceman1001 [Fri, 24 Apr 2015 16:35:09 +0000 (18:35 +0200)]
ADD: found another sub-type,
iceman1001 [Fri, 24 Apr 2015 16:34:24 +0000 (18:34 +0200)]
ADD: more toy-tokens, among others some missing swapforce.
iceman1001 [Fri, 24 Apr 2015 16:33:31 +0000 (18:33 +0200)]
ADD: some missing enums:
ISO14A_SET_TIMEOUT = 0x40,
ISO14A_NO_SELECT = 0x80,
ISO14A_TOPAZMODE = 0x100
iceman1001 [Fri, 24 Apr 2015 16:19:51 +0000 (18:19 +0200)]
ADD: a minor modification to "HF 14A READ" to enable the correct identification between ULTRALIGHT / ULTRALIGHT-C / ULTRALIGHT EV1 tags.
Martin Holst Swende [Thu, 23 Apr 2015 07:51:04 +0000 (09:51 +0200)]
Merge branch 'master' of github.com:Proxmark/proxmark3
Martin Holst Swende [Thu, 23 Apr 2015 07:50:44 +0000 (09:50 +0200)]
Fixed issue with dumping iclass tags > 2KB in size
Martin Holst Swende [Tue, 14 Apr 2015 18:36:10 +0000 (20:36 +0200)]
Merge pull request #92 from marshmellow42/master
lf cleanup, dedup & minor additions
marshmellow42 [Fri, 10 Apr 2015 04:06:59 +0000 (00:06 -0400)]
minor change to lf em4x menu & iceman script...
...updates
iceman1001 [Thu, 9 Apr 2015 18:38:38 +0000 (20:38 +0200)]
CHG: removed unused code.
FIX: moved some checks to make the script run a tad bit faster.
iceman1001 [Thu, 9 Apr 2015 18:36:12 +0000 (20:36 +0200)]
CHG: changed some help texts.
iceman1001 [Thu, 9 Apr 2015 18:35:04 +0000 (20:35 +0200)]
FIX: some minor corrections to identify more tokens.
iceman1001 [Thu, 9 Apr 2015 18:34:34 +0000 (20:34 +0200)]
FIX: fixed a minor bug introduced when changing from OpenSSL -> PolarSSL.
ADD: changed code to handle both encrypt and decrypt AES 128.
iceman1001 [Wed, 8 Apr 2015 19:24:08 +0000 (21:24 +0200)]
Merge branch 'master' of https://github.com/Proxmark/proxmark3
marshmellow42 [Wed, 8 Apr 2015 19:08:05 +0000 (15:08 -0400)]
nexwatch fix .h file + icemans mf csetblk w arg
forgot to include the new nexwatch command in the header...
added icemans hf mf csetblk w parameter fix
marshmellow42 [Wed, 8 Apr 2015 18:19:19 +0000 (14:19 -0400)]
Merge remote-tracking branch 'upstream/master'
marshmellow42 [Wed, 8 Apr 2015 18:19:03 +0000 (14:19 -0400)]
added nexwatch demod & iceman lua
added nexwatch demod (also added to lf search)
added iceman's lua script adjustments
marshmellow42 [Wed, 8 Apr 2015 15:18:29 +0000 (11:18 -0400)]
fix to lf t5 detect/read cmds
i think this functions fairly well...
still some issues with demod positioning for various reasons.
ASK/Biph/FSK work pretty well
the PSK Demod still needs a little attention to help it better demod
various carriers...
marshmellow42 [Wed, 8 Apr 2015 14:12:24 +0000 (10:12 -0400)]
update t5 detection test()
missed this file in last commit... sorry.
Martin Holst Swende [Wed, 8 Apr 2015 11:31:04 +0000 (13:31 +0200)]
Fixed buffer initialization errors, as reported in http://www.proxmark.org/forum/viewtopic.php?pid=15337#p15337
marshmellow42 [Wed, 8 Apr 2015 05:07:39 +0000 (01:07 -0400)]
lf ask consolidation
backend:
askman and askraw demods merged into askdemod (args adjusted
accordingly)
re-arranged lfdemod.h in alphabetical order and by category
front end:
data detectclock a (ask) now also reports the selected best start
position for demod
data manrawdecode takes an invert arg now
iceman1001 [Tue, 7 Apr 2015 16:05:35 +0000 (18:05 +0200)]
FIX: two parentheses were missing.
FIX: setting the default key to Oxff bug. (http://www.proxmark.org/forum/viewtopic.php?pid15325#p15325)
FIX: proper initialisation of variables ;)
iceman1001 [Tue, 7 Apr 2015 16:02:29 +0000 (18:02 +0200)]
FIX: a wrong comment inside default_toys.lua
FIX: a wrong linking to default_toys.lua in tnp3 scripts.
marshmellow42 [Tue, 7 Apr 2015 04:53:06 +0000 (00:53 -0400)]
lf cleaning++
data askedgedetect - removed unneeded code
lf em em4x50read bug fix / error checking
graph-save/restore auto repaint after restore.
marshmellow42 [Tue, 7 Apr 2015 03:17:30 +0000 (23:17 -0400)]
lf cleanup - fixes
more lf em em4x50read fixes
adjust heavy clipping ask clock detection
clean up t55xx minor items
Martin Holst Swende [Mon, 6 Apr 2015 19:47:09 +0000 (21:47 +0200)]
Added info to changelog about bootroom update
iceman1001 [Mon, 6 Apr 2015 16:52:20 +0000 (18:52 +0200)]
FIX: fixed a bug in "hf mf csetblock" where it didn't used the "w" wipe parameter before.
CHG: minor textual changes.
iceman1001 [Mon, 6 Apr 2015 16:49:44 +0000 (18:49 +0200)]
CHG: default_toys.lua is now able to correct identify over 200 different types.
iceman1001 [Mon, 6 Apr 2015 16:47:53 +0000 (18:47 +0200)]
CHG: fix the default_toys.lua file to handle more aspects of information for a given tag.
CHG: corrected a bug in tnp3clone.lua that made the script fail to "wipe" a magic tag.
CHG: minor textual change in ndef_dump.lua
marshmellow42 [Mon, 6 Apr 2015 01:59:36 +0000 (21:59 -0400)]
add maxErr to data manrawdecode
marshmellow42 [Sun, 5 Apr 2015 20:37:41 +0000 (16:37 -0400)]
lf t5xx - icemans update