iceman1001 [Mon, 30 Jan 2017 15:51:07 +0000 (16:51 +0100)]
ADD: added the writedumpfile function from "14araw.lua" into utils.lua
ADD: `ufodump.lua` - added the Aztek dump script. Since its an unknown tag hence the name.
iceman1001 [Sun, 29 Jan 2017 22:09:23 +0000 (23:09 +0100)]
FIX: 'hf 14a sim x' - adjusted and shows messages when verbose.
FIX: 'hf mf sim x i' - same as above.
In general we only use Moebius attack for "sim x", that means a clean up on device side code. simpler to understand. It still tries to gather 8 different collections of nonces combo. When one is complete, it get sent to client which runs moebius direct.
iceman1001 [Sun, 29 Jan 2017 10:29:15 +0000 (11:29 +0100)]
FIX: 'hf 14a sim x' - this fixes the error with using moebius attack and sim. Updating the nonce variable doesn't change the premodulated response. And it should update everytime it gets a command. One concering issue is that this takes time. Successfully works with two PM3. One acting reader, another sim.
iceman1001 [Sun, 29 Jan 2017 09:41:48 +0000 (10:41 +0100)]
CHG: the mifare Auth command can make use of a random nonce aswell.
CHG: since sim commands are timing critical, I'm testing a smaller prand prng function from Intel
iceman1001 [Tue, 24 Jan 2017 23:33:03 +0000 (00:33 +0100)]
CHG: fiddled with the headerfiles... and makefile... Tried to make them behave nice. So it isnt a hell to add new functions from third-party (like des, aes etc)
Added a lot of #ifndef , extern C,
Move inside from ARMSRC -> THUMBS, which made the compiled image smaller.. I don't know if it broke anything.
Moved MF_DBGLEVEL definitions into common.h
Moved print_result from util.c into appmain.c
Also split up some struct typedef into header files so they could be reused in other code places.
iceman1001 [Fri, 20 Jan 2017 18:25:42 +0000 (19:25 +0100)]
FIX: the HID-Flasher depends on libusb to be able to compile On OSX the 'include paths' is different when using homebrew.
This project compiles on Ubuntu with libusb-dev installed. Lets see if it compiles on OSX....
iceman1001 [Thu, 19 Jan 2017 19:21:21 +0000 (20:21 +0100)]
FIX: coverity scan error CID 121781, unused value. error 0x88 will be overritten by 0x00 directly. Don't know if this 0x88 will bug stuff out.... *wildside commit*
iceman1001 [Wed, 18 Jan 2017 21:54:27 +0000 (22:54 +0100)]
ADD: T55XX_WRITE_TIMEOUT to make sure all WaitForResponseTimeout for t55xx behaves the same.
CHG: removed some "DONE!" device prints..
CHG: unified some "clone" commands output.
iceman1001 [Tue, 17 Jan 2017 21:07:40 +0000 (22:07 +0100)]
ADD: 'lf t55xx detect' - added a search for known config blocks, if found it will select it. Usually when indala (psk) configured tags generates serveral possible configblocks. The found config block is set, not need to manually set it anymore. :)
iceman1001 [Mon, 16 Jan 2017 20:06:51 +0000 (21:06 +0100)]
CHG: lowered the number of bytes collected for T55xxReadBlock. Was 12000 -> 7679
CHG: added some documentation about what arguments does.
CHG: 'data tune' - added flush after printf.
iceman1001 [Mon, 16 Jan 2017 13:46:42 +0000 (14:46 +0100)]
CHG: 'lf t55xx' the no-time limit waiting for the device to ACK when transfering data from device to client, is changed to 8 seconds.
CHG: 'lf t55xx dump' - added ASCII printing of dumped data blocks.