1- Automated tearoff for epurse without needing to pass the block data (manual mode still available)
2- Improved read loop of original values (to reduce instances in which the block appears zeroed out)
3- Added a "fault tolerance" system to increase the threshold of read errors for old silicon cards before being shown to the user
4- Removed auth requirement to read blocks below 3
Improved readability of erase phase during iclass tear (client and arm side).
It is redundant to see a list of FF during the erase phase (which can be pretty lengthy), so it will only show it once when all bits are FF and then will resume printing the moment bits start changing again post erase phase.
1- Renamed legreclookup to legbrute to be in line with the command name
2- Updated estimate values with speed increase gains
3- Improved some if statements readability in iclass.c and added start_time = eof_time + DELAY_ICLASS_VICC_TO_VCD_READER; to increase speed by ~8% (1.86 loops per second to 2.01 loops per second = ~560 more loops per hour).
Tried disabling some arm communications/comments but the speed increase was negligible (~1 sec / 1000 updates).
Added when a Saflok card is detected, it decrypts and parses the data, outputting it to the screen.
Previous security researchers did this work, and I merely adapted it from the Flipper Zero code to the Proxmark3 code.
Their info is below:
// Decryption and parsing from: https://gitee.com/wangshuoyue/unsaflok
// Decryption algorithm and parsing published by Shuoyue Wang
// Parsing also inspired by Lennert Wouters and Ian Carroll's DEFCON 32 talk
// https://defcon.org/html/defcon-32/dc-32-speakers.html
// FZ parser by @Torron, with help from @xtruan, @zacharyweiss, @evilmog and kara (@Arkwin)
Signed-off-by: Kara Zajac <Arkwin.Advanced@gmail.com>
Updated hf iclass tear with the following improvements:
1- Show failed read if ran in verbose mode
2- Improved out logic when tearing block 1
3- Showing fuses comparison table when tearoff affects block 1 fuses
Updated hf iclass tear to not run if the authentication fuses are blown.
Or it will just get stuck at the beginning and not start anyway. At least this informs the users why this is happening.
If the card flips to nonsecure mode during the tearoff of block 1, this read command will be stuck.
So we can disable auth completely when trying to read block 1 as that block doesn't require authentication anyway for reading operations.
ry4000