dandri/proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2026-04-28 06:15:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
21,264 Commits 3 Branches 20 Tags
3da63fafcd142a2cf53c797b2a4e68a403ee0c78
Commit Graph

13207 Commits

Author SHA1 Message Date
kormax 3da63fafcd Print VAS OSE information in 'hf vas reader' only if 'verbose' argument is given 2026-03-17 21:55:27 +02:00
kormax ff052e8ee2 Add support for reading multiple pass type identifiers in VAS 2026-03-17 20:42:39 +02:00
kormax 5cbae8fc12 Update signaling bitmask print format in Aliro 2026-03-15 11:00:52 +02:00
kormax ec3b249d30 Remove redundant methods from Aliro/VAS, make private key load helpers universal 2026-03-15 10:08:30 +02:00
kormax 892559ac05 Add tests for zlib support 2026-03-14 22:16:59 +02:00
kormax c8a4314353 Add hf gst commands 2026-03-14 17:34:58 +02:00
Iceman 190f6265c2 Merge pull request #3131 from q0jt/master 
Improve felica validation and cleanup handling
 2026-03-14 11:06:23 +07:00
q0jt 661634649a Fix reject responses with invalid CRC 2026-03-14 03:45:22 +09:00
q0jt 08a90b9eba Fix correct status flag error handling in authentication flow 2026-03-14 03:36:57 +09:00
q0jt bf0abf3ee1 Fix avoid double free in CmdHFFelicaReader 2026-03-14 03:22:42 +09:00
Iceman 465e5e6a9c Merge branch 'master' into hf-14b-tearoff 
Signed-off-by: Iceman <iceman@iuse.se>
 2026-03-13 22:14:20 +07:00
Christian Zanon b9ddb038b7 Merge branch 'master' into hf-14b-tearoff 
Signed-off-by: Christian Zanon <105173223+xNovyz@users.noreply.github.com>
 2026-03-13 11:39:06 +01:00
iceman1001 b801cddf13 fix @zerochaos compiler warning 2026-03-13 12:33:47 +07:00
kormax 0ab4cc161b Implement 'hf vas info' command 2026-03-13 07:06:04 +02:00
Iceman 6b3670f95d Merge pull request #3130 from Antiklesys/master 
Updated hg iclass legrec
 2026-03-13 11:38:41 +07:00
Iceman cfaddb067b Merge pull request #3128 from kormax/android-hce-aid 
Refine known AIDs; add Android HCE
 2026-03-13 11:38:10 +07:00
Antiklesys 61d20368af Updated hg iclass legrec 
Code cleanup removed unused variables
 2026-03-13 12:23:35 +08:00
xNovyz 52676ebbd4 style: whitespace fixes 2026-03-11 22:41:21 +01:00
xNovyz 286df8f4eb feat(14b): add interactive hf 14b tearoff command 
Add an interactive command for performing tear-off attacks on ST25TB/SRx
monotonic counter blocks. This exploits EEPROM tearing to increment
counters that normally can only be decremented, based on the
near-field-chaos project by SecLabz.

The command sweeps tear-off timing from --start downward in --adj
microsecond steps, automatically consolidates partial writes, verifies
stability across multiple reads, and reports progress in real-time with
color-coded output.

Performance optimizations:
- One-time full iso14443b_setup() at start; subsequent field cycles use
  lightweight tearoff_field_on()/tearoff_field_off() that skip FPGA
  bitstream reload and buffer reallocation
- Periodic CMD_WTX keepalives to prevent USB timeouts during long attacks
- Calls FpgaResetBitstream() on exit to ensure clean FPGA state

Usage: hf 14b tearoff -b <block> -d <target> [--start <us>] [--adj <us>]
 2026-03-11 21:43:37 +01:00
kormax 24d1fe79f8 Refine known AIDs; add Android HCE 2026-03-11 20:45:24 +02:00
Iceman 89c10a4b06 Merge pull request #3119 from jof/vanderbilt-act-key 
mfc: dic: Vanderbilt ACT
 2026-03-11 10:39:19 +07:00
Iceman 3d6e805cb9 Merge branch 'master' into feat-wiegand-improvement 
Signed-off-by: Iceman <iceman@iuse.se>
 2026-03-11 10:37:47 +07:00
Iceman 7c6f91bdfb Merge pull request #3120 from pingu2211/gallagher-mifare-classic 
Add MIFARE Classic Reading and Writing to HF Gallagher
 2026-03-11 10:32:17 +07:00
pingu2211 7d7903deed Feedback from Iceman. 
Now respecting quiet flag for continuous reads.
Return Correct PM3 _* return codes.
 2026-03-11 09:38:13 +11:00
CinderSocket 08cd96c5a9 Improve Wiegand PACS encode/decode and verbose output 2026-03-10 15:32:25 -07:00
kormax 81d2748321 Improve FeliCa command IDM handling 2026-03-10 17:55:42 +02:00
jof Lassoff d9aee50dc4 Remove redundant Vanderbilt ACT pattern keys from dictionary 
- Removed 257 lines of 'Acces'+N pattern keys (416363657300-4163636573FF)
- These keys can now be generated dynamically with: hf mf keygen -k 6
- Kept unique Vanderbilt keys (414354616374, 4D61071B7254, 34016FAC127D)
- Reduces dictionary file size and maintenance burden
 2026-03-10 15:51:17 +00:00
pingu2211 c07d688597 Implement Gallagher MIFARE Classic card writing and update MAD sector functionality 2026-03-10 15:13:42 +11:00
jof Lassoff 54f067a21a mfc: dic: Vanderbilt ACT 2026-03-09 23:36:54 +00:00
kormax 6629db3659 Add universal node discovery for FeliCa 2026-03-09 18:58:08 +02:00
Tomas Nilsson 7159711734 Auto-detect key files by UID in hf mfp dump 
When no --keys or --mfc-keys arguments are given, automatically
look for hf-mfp-<UID>-key.json and hf-mf-<UID>-key.bin files,
matching the output of hf mfp chk --dump and hf mf chk --dump.
Fail with helpful message if no keys are available, matching
the behaviour of hf mf dump.
 2026-03-08 19:18:32 +01:00
apply-science 8345a240fe Merge branch 'master' into master 
Signed-off-by: apply-science <106422483+apply-science@users.noreply.github.com>
 2026-03-08 18:47:56 +01:00
Tomas Nilsson 03d6da87e2 Simplify hf mfp dump: remove key probing, load-and-read only 
Restructure hf mfp dump to match hf mf dump pattern: load keys
from files, read sectors, save. Remove all key probing/checking
logic (use hf mfp chk and hf mf chk separately for key discovery).
Use MF_KEY_A/MF_KEY_B defines instead of magic numbers.
Replace custom JSON parser with existing loadFileJSON infrastructure.
 2026-03-08 18:35:37 +01:00
kormax a413c906ed Introduce 'hf felica seacinfo' command 2026-03-08 08:39:04 +02:00
Tomas Nilsson 3e8d52db58 Optimize hf mfp dump: phased SL classification and quiet probing 
Restructure dump into 4 phases:
1. Classify sectors via single MFC probe (SL3 vs SL1)
2. AES dictionary only on SL3 sectors
3. MFC dictionary only on SL1 sectors
4. Read with found keys

Suppress firmware debug output during key probing to prevent
auth error message flood, matching MifareChkKeys behavior.
 2026-03-07 17:23:59 +01:00
Tomas Nilsson 44a40064b7 Fix SL1 key probing hang in hf mfp dump 
Replace mf_check_keys (which hangs in firmware infinite retry loop)
with mf_read_sector for SL1 key probing. Defer MFC key probing to
the read phase so it only runs per-sector when SL3 auth fails.
Also fix mfcProbeKeys memory leak on early exit paths.
 2026-03-07 16:41:26 +01:00
Tomas Nilsson fded3e9cef Implement 'hf mfp dump' command with SL1/SL3 mixed mode support 2026-03-07 15:23:48 +01:00
kormax 22a307dd69 Implement 'hf mfdes bruteisofid' command 2026-03-07 07:58:00 +02:00
Iceman a6ccca8270 Merge branch 'master' into desfire-aid-leaf 
Signed-off-by: Iceman <iceman@iuse.se>
 2026-03-07 02:42:50 +01:00
kormax 4bcc35cddc Add AID candidate generation presets to 'hf mfdes bruteaid' 2026-03-06 18:19:21 +02:00
kormax 21f76d173a Handle tag loss & recovery in 'hf mfdes bruteaid' 2026-03-06 18:19:19 +02:00
kormax 2fce3393ea Add LEAF DESFire AID values to dictionary 2026-03-06 18:18:33 +02:00
Iceman a54e88ee94 Merge pull request #3111 from Antiklesys/master 
Added --credit option for hf iclass legrec
 2026-03-06 08:56:21 +01:00
kormax 90c6884f4c Improve output format for 'hf felica info' 2026-03-05 20:59:41 +02:00
kormax 10a3fa7e6d Add request specification version to 'hf felica info' 2026-03-05 20:30:30 +02:00
kormax ec25ea77a4 Extract more information with 'hf felica info' 2026-03-05 17:11:30 +02:00
Antiklesys 0d2741d757 Unused variables code cleanup 
Code cleanup of unused payload variables for iclass legrec
 2026-03-05 21:38:16 +08:00
Antiklesys 5041fbffa7 Added --creidit option for hf iclass legrec 
Added --creidit option for hf iclass legrec
 2026-03-05 19:32:52 +08:00
kormax 2e4290c5fe Refactor helpers for 'hf felica' commands; add retries 2026-03-04 18:50:21 +02:00
Philippe Teuwen e2b11e937f 2026-03-02 12:50:34 +01:00