dandri/proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2026-05-12 18:54:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
21,109 Commits 3 Branches 20 Tags
5b6c1cdb977cda4e95ea3141c769fa2acdf0e2fc
Commit Graph

277 Commits

Author SHA1 Message Date
Philippe Teuwen b62658f5ac make style 2026-02-21 12:43:25 +01:00
michael 3eb594ce29 Cleaned up verbiage in user feedback 2026-02-18 20:44:08 -08:00
michael fe878be492 Added a new command (hw decay [which monitors the decay rate of the hf antenna cap]) and updated hw tune to detect booster boards and if the pm3 easy is on a metal surface 2026-02-18 15:51:08 -08:00
Philippe Teuwen 9f70011fee hf mfu setkey: supports ulc/ulaes auth and ulaes schann 2026-02-09 01:08:23 +01:00
Aaron Tulino d62e3cff15 Promote MFUL readblock bytelen 
Resolves #3087
 2026-02-07 00:51:18 +01:00
Philippe Teuwen c00e4801b7 make style 2026-02-06 13:43:41 +01:00
Philippe Teuwen a26892a891 Add hf mfu cchk/aeschk and options to hf mf cauth/aesauth 2026-01-19 21:47:49 +01:00
Aaron Tulino (Aaronjamt) c0e82539f2 [hf seos] Simulate support 2025-12-21 04:26:44 -07:00
kormax 34f18a0002 Add polling loop annotation support for iso14443b 2025-12-19 09:29:31 +02:00
iceman1001 a0efcb2686 fix data crypt - output error. We have 8 bytes. 2025-10-17 08:53:54 +02:00
Philippe Teuwen 11fe8f783a Add --skip to hw tearoff, to cope with more complex commands. Example provided for hf mfu wrbl 2025-10-09 22:26:52 +02:00
Philippe Teuwen 4aac77aaa2 support for Ultralight AES auth in hf mfu info/rdbl/wrbl/dump/ndefread/wipe/setkey 2025-10-04 02:00:23 +02:00
iceman1001 b097e10aa3 this commit refactors the signature checks. First we introduce a common pm3 generic private / public key pair in order to allow for users to self sign their own modded device. The verification checks now looks at both hard coded public keys. If a vendor wants to add their own public key thus allowing for a simple way for us to identify their devices they can now do so. The downside is that the firmware mismatch detection becomes a bit dodgy. mem info; mem info -v; mem info -s -p <filename.pem>; mem info -s -p <filename.pem> -w contains the changes. OBS! when -w be careful to not overwrite your genuine RDV4 signature. As always, with great power comes great responsibility 2025-09-25 19:44:36 +02:00
Oleg Moiseenko 944a80d217 make style 2025-09-21 16:41:30 +03:00
iceman1001 c3e29789a9 added a --override MAD crc check parameter to NDEF read commands 2025-08-29 13:55:00 +02:00
Philippe Teuwen 48724e44b4 hf mf sim: add --allowover option, needed for RF08S originality check 2025-07-25 20:54:18 +02:00
iceman1001 5de4dd68e5 text 2025-06-22 20:34:54 +02:00
iceman1001 65607fc727 added Ultralight-C simulation. hf mfu sim -t 13. Use eload first. Also added support to upload UL-C dictionaries and UL-AES to spiffs memory. A lot of textual reworked across client. Unifiy texts and a bit more color ;) 2025-06-19 17:26:20 +02:00
iceman1001 804acfbefa the device side of iclass tear off is implemented. The base was done by @antiklesys. This version differs by the concept of trying to stabilize weak bits by performing a write operation in conjuction with the detected tear. Its untested but I can replicate most of the tears we performed client side. You will need to call the proxmark3 client with -f , ./pm3 -f to force flush out text which is needed for the inplace printing. I thought this was done automatically but it wasnt. hf iclass tear --arm + all the normal params to run on device side 2025-05-30 01:37:13 +02:00
iceman1001 cb4a0e2333 rename struct to follow code style 2025-04-30 13:27:41 +02:00
kormax 3550f11726 Remove mag argument from commands; Add support for magsafe polling via 14a config 2025-04-20 17:55:55 +03:00
kormax 56336d9d82 Add support for polling loop annotations 2025-04-09 12:31:21 +03:00
iceman1001 87c2e82e2f style 2025-03-19 12:53:24 +01:00
douniwan5788 4bde83b89d Added lf hitag htu support for Hitag µ/8265 2025-03-19 18:56:23 +08:00
iceman1001 2137284a93 style\n Some improvements to trace list -t seos annotations. 2025-03-12 16:41:06 +01:00
leecher1337 0e2a02bdf0 Implement new command hf 15 slixprotectpage to do ISO15693_PROTECT_PAGE on slix tags 2025-03-09 11:54:51 +01:00
iceman1001 cef07dedf6 code style, code clean up of redundant functions, comments, its many minor fixes across the platform. Sorry for not making 20 commits 2025-02-21 15:38:33 +01:00
Philippe Teuwen 1acc030fd4 rework simaid & rename few vars 2025-02-12 08:44:42 +01:00
n-hutton 4a23fb05f0 Cherry pick POC of emv simulation 2024-11-21 19:23:03 +00:00
ANTodorov 48ec109a1e use all spi flash v0.1 
* introduced a new communication command CMD_FLASHMEM_PAGES64K to get the number of 64k pages
* "the last page" is a special, holding the dicts and some other stuff, relocated to there
* raised timeout when wiping a mem page (W25Q16 looks a bit slower than W25X20BV)
* loop all pages in Flash_WipeMemory()
 2024-11-17 19:03:15 +02:00
Philippe Teuwen 46813e0e50 hf mf isen: rewrite counters, add specific NONCE_SUPERSTATIC case (when first nt == nested nt) 2024-11-05 17:07:54 +01:00
Philippe Teuwen 838e0adfa7 rework Mifare simulation flags 2024-10-19 20:34:40 +02:00
Philippe Teuwen 079689628b hf mf sim: add nested reader attack (needs data & rf08s nonces) 2024-10-16 19:54:03 +02:00
Philippe Teuwen 5b7ba3bf50 MFsim: RATS_IN_DATA was not a proper bit flag 2024-10-16 15:24:01 +02:00
Philippe Teuwen a11ba61b01 hf mf ecfill: add support for quick dump via backdoor auth 2024-10-13 22:55:41 +02:00
iceman1001 c002ae9f77 style 2024-10-06 10:08:17 +02:00
douniwan5788 9a50e608e0 add PM3_REASON_UNKNOWN 2024-10-04 23:25:15 +08:00
douniwan5788 96d462acee add: split PacketResponseNG status to status and reason 2024-09-24 03:10:53 +08:00
Adam Jon Foster 03fcc1d8d6 Update pm3_cmd.h 
Signed-off-by: Adam Jon Foster <me@evildaemond.com>
 2024-09-23 15:31:46 +08:00
Adam Jon Foster d48d69b3e2 Update pm3_cmd.h 
Added Header File

Signed-off-by: Adam Jon Foster <me@evildaemond.com>
 2024-09-23 14:42:22 +08:00
Adam Jon Foster 92767a685f Update pm3_cmd.h 
Added RATS_IN_DATA as a definition

Signed-off-by: Adam Jon Foster <me@evildaemond.com>
 2024-09-23 14:33:30 +08:00
iceman1001 db1b28f327 rename hts read/write commands to rdbl/wrbl to match rest of the client. added a lf hitag hts reader comamnd, modified the lf search to identify hitag2/s/82xx in the chipset detection 2024-09-14 21:00:42 +02:00
douniwan5788 9b879b0dc0 fix: exit status 2024-09-05 19:31:37 +08:00
douniwan5788 970c2d0999 refactor: remove positive error codes 2024-09-04 22:50:26 +08:00
Philippe Teuwen c73e2ea623 Added support for collecting all fm11rf08s nT/{nT}/par_err at once 2024-09-02 23:11:36 +02:00
douniwan5788 8928883f2d refactor: move FPGA_BITSTREAM_* to fpga.h 2024-08-26 20:55:58 +08:00
douniwan5788 d15537bbf1 Unified hitag naming style 2024-08-22 02:01:43 +08:00
Antiklesys 1832997ccb Iclass Legacy Raw Key Recovery Function 
Based on the work described in Dismantling iClass whitepaper.
hf iclass legbrute is tested working
hf iclass legrec is partially working: logic of operations and sequence seems to be in order and was tested on simulated data to be effective. The privilege escalation part is still not successful, but the logic should be correct.
 2024-07-19 14:47:13 +08:00
iceman1001 05df50678c missing header 2024-04-26 16:18:10 +02:00
iceman1001 87c6633de1 add support for generation 2 magic command when setting UID on ISO15693 cards. ref:: https://github.com/RfidResearchGroup/proxmark3/issues/1604#issuecomment-2068444071 2024-04-22 09:04:01 +02:00