e6db327485
text
2026-03-30 09:29:52 +07:00
6542a35585
update helptexts
2026-03-20 09:45:15 +07:00
ec3b249d30
Remove redundant methods from Aliro/VAS, make private key load helpers universal
2026-03-15 10:08:30 +02:00
52676ebbd4
style: whitespace fixes
2026-03-11 22:41:21 +01:00
286df8f4eb
feat(14b): add interactive hf 14b tearoff command
...
Add an interactive command for performing tear-off attacks on ST25TB/SRx
monotonic counter blocks. This exploits EEPROM tearing to increment
counters that normally can only be decremented, based on the
near-field-chaos project by SecLabz.
The command sweeps tear-off timing from --start downward in --adj
microsecond steps, automatically consolidates partial writes, verifies
stability across multiple reads, and reports progress in real-time with
color-coded output.
Performance optimizations:
- One-time full iso14443b_setup() at start; subsequent field cycles use
lightweight tearoff_field_on()/tearoff_field_off() that skip FPGA
bitstream reload and buffer reallocation
- Periodic CMD_WTX keepalives to prevent USB timeouts during long attacks
- Calls FpgaResetBitstream() on exit to ensure clean FPGA state
Usage: hf 14b tearoff -b <block> -d <target> [--start <us>] [--adj <us>]
2026-03-11 21:43:37 +01:00
b8a5e7b656
hf mf cauth/aesauth/cchk/aeschk: make fast READ0 optional
2026-02-24 16:46:00 +01:00
b62658f5ac
make style
2026-02-21 12:43:25 +01:00
b7f3e4219e
make style
2026-02-09 01:12:54 +01:00
c00e4801b7
make style
2026-02-06 13:43:41 +01:00
1cf446fa7f
make commands
2026-02-06 13:07:16 +01:00
a26892a891
Add hf mfu cchk/aeschk and options to hf mf cauth/aesauth
2026-01-19 21:47:49 +01:00
e0fd7414c2
Update docs
2025-12-21 20:55:26 -07:00
bcf1b57ddd
Merge pull request #3026 from henrygab/safer_safelok
...
Safer safelok routines
2025-12-18 15:10:59 +01:00
3e0d00bb13
Typo fix in hfmfdes help (0ffset -> offset)
2025-12-16 17:01:37 +02:00
1cfeb79003
automated from make style
2025-11-17 01:27:32 -08:00
b380132cbb
Replaced hf mf bambukeys with hf mf keygen with multiple KDFs support, use table for key output
...
Added Snapmaker U1 filament RFID KDF in `hf mf keygen`
2025-11-10 20:58:49 +03:00
ed516550ca
added "data qrcode" command to generate QR codes from inside the PM3 client
2025-11-10 16:20:00 +01:00
eab695347a
text and style
2025-10-17 13:38:45 +02:00
fd88967443
make style
2025-10-14 09:50:59 +02:00
e8302673e9
commands
2025-10-09 22:44:54 +02:00
4aac77aaa2
support for Ultralight AES auth in hf mfu info/rdbl/wrbl/dump/ndefread/wipe/setkey
2025-10-04 02:00:23 +02:00
347a4d5eff
fix help text samples
2025-09-25 19:51:49 +02:00
944a80d217
make style
2025-09-21 16:41:30 +03:00
bde33711c7
style
2025-09-20 22:02:23 +02:00
02b4d61796
style
2025-09-02 16:16:29 +02:00
d6aeda7075
style
2025-08-29 14:01:34 +02:00
e578d75e66
style
2025-08-20 10:55:49 +02:00
8ab2f2b5a0
style
2025-08-12 19:06:38 +02:00
a0df90af18
style
2025-08-04 19:53:08 +02:00
ee2f5595ee
added a lf t55xx view command to view t55xx dump files
2025-07-28 15:46:09 +02:00
e7cbf9ff63
update commands.json
2025-07-25 22:28:33 +02:00
ed84b1fcf4
style
2025-07-13 15:55:44 +02:00
2597c7576e
style
2025-07-10 11:52:39 +02:00
c7cf62fcf1
Added support for sending and receiving MQTT messages. It enables end user to quickly upload or share JSON files between them. Given the nature of MQTT, I also worked with @KevTheHermit who has proxdump.com site, where you can upload pm3 dump files and browse. He added support for MQTT uploads, so the process to share a file and it gets also uploaded to proxdump.com is very smooth. Feel free to improve this functionality with TLS etc. For now it looks quite promising.
2025-07-08 21:15:09 +02:00
7717dfc04d
text
2025-07-06 20:12:13 +02:00
24d80f51a9
style
2025-07-04 12:22:09 +02:00
95814cc5b8
text
2025-07-01 16:43:42 +02:00
5de4dd68e5
text
2025-06-22 20:34:54 +02:00
65607fc727
added Ultralight-C simulation. hf mfu sim -t 13. Use eload first. Also added support to upload UL-C dictionaries and UL-AES to spiffs memory. A lot of textual reworked across client. Unifiy texts and a bit more color ;)
2025-06-19 17:26:20 +02:00
7fa9f7bdfe
change parameter, we like shorter parameter names remember... 'hf mfu aesauth --idx'
2025-06-17 18:28:23 +02:00
a5d02c6ba2
style
2025-06-15 12:53:33 +02:00
5f2edb9bb8
reworked and improved the hf mfp chk key handling. reworked the nxp_detect_card technology function to enable other parts of the client to benefit from detecting card types. Like hf mf info or hf mf autopwn - two most common used commands. Now less waiting and more easily to know what next steps to do.
2025-06-09 15:36:44 +02:00
1fa5e28a38
unify text and hints for static enc nonces a bit more
2025-06-08 21:46:31 +02:00
ec26b6d84f
style and text. unify some parameter names
2025-06-08 20:56:01 +02:00
add2eb8e9d
hf mf dump, does a guess the key file name, and if you ran for instance a autopwn against a 4K card but didnt mention it , it defaults to 1K. Meaning the recovered keyfile will have 32 keys. When trying to dump card and specifiy 4K, it would automatically find that keyfile and happily go out-of-bounds leading to client crash
2025-06-08 19:31:02 +02:00
3d8a15d361
text
2025-06-08 16:10:26 +02:00
2d610b8dc0
text & style
2025-06-08 10:02:00 +02:00
6fbb13ba41
style
2025-06-07 11:50:03 +02:00
53e1e32409
text
2025-06-06 19:00:34 +02:00
23338b3f39
text
2025-06-06 17:55:46 +02:00
iceman1001