iceman1001 [Sun, 15 May 2016 17:27:04 +0000 (19:27 +0200)]
CHG: added the possibility to "remagic" the new found Mifare Ultralight tags, which answers to chinese backdoor commands for uid change.
The script now deals with to different kind of tags. Mifare Classic 1k gen1 and Mifare Ultralight gen1 (7bytes uid)
-Classic will get UID: 01 02 03 04
-Ultralight will get UID: 53 80 71 02 00 D9 80
iceman1001 [Sat, 14 May 2016 12:34:35 +0000 (14:34 +0200)]
CHG: Changed cardnumber printing from %d (signed) to %u (unsigned) for AWID50, it now prints correct in all cases. Thanks to @ntk for reminding me about it.
iceman1001 [Sun, 8 May 2016 16:52:19 +0000 (18:52 +0200)]
REM: commented out a reference to Logtrace in bigbuf.c, since its already declared as "extern" in bigbuff.h
Lets see if this reduces compilation errors for Mac OS X users.
iceman1001 [Fri, 6 May 2016 17:09:29 +0000 (19:09 +0200)]
FIX: This tries to fix the memalign issued on MAC OS X, which it doesn't have. However its standard Malloc is already 16byte memaligned.
ref: http://stackoverflow.com/questions/196329/osx-lacks-memalign
CHG: Much more stable 14B functionality when Sending as Reader/PCD and Reading from Tag/PICC. The read distance is up to 2.5cm and is not nearly so position picky as previous version. The logtrace now also logs times.. kind of.
Getting there slowly.
FIX: this commit solves a sneaky bug in 'LF VIKING' commands. The getVikingBits dropped the highest byte in the uid while creating the datablocks for the clone.
ADD: added some extra message in debugmode when looking at viking tags.
CHG: 'hf mf chk' now correctly tests to read key B, when we specify target keytype B or ?.
CHG: 'hf mf chk' now correctly init all sector keys to 0xFFFFFFFFFFFF, so it looks unified.
ADD: added @azcid 's bitsliced BF solver for @piwi 's hardnested command. Awsume work! The original patch demanded some tweaking to work in mingw.
This is not tested for other systems so far.
CHG: "hf 14a sim" command , correct use of FLAGS
CHG: "hf 14a sim" command, changed the data collection for the attackmode in SimulateIso14443aTag. It now uses @holiman 's original implementation. But we can't change "NR", so we do next.
CHG: "hf 14a sim" command, nonce is increase with every new auth. This is for the "mfkey32_moebius" attack to work.
CHG: "hf mf sim" command (function void Mifare1ksim ) now handles UID' with length 10.
CHG: "hf mf sim" command nonce is increase with every new auth. This is for the "mfkey32_moebius" attack to work.
FIX: this fixes the "hf mf sniff l d f" command, which has been broken for a while. The cuid is correct used for decrypting.
FIX: The flushing of logentries.
ADD: "hf mf sniff" - added the sniffing of UID's with a uidlen of 10.
Whats left? The key is not always found even if we use the "mfkey64" approach.
ADD: added the parity_zero attack in "hf mf mifare". Still not working since piwi's changes to the iso14443a.c, maybe needs a param to tell it to collect nonces for this special attack.
CHG: extracted some help-texts into usage_* methods. Changed some text as well
FIX: "hf mf sim" command now uses both mfkey32 and mfkey32_moebius version to find the key in attack mode.
CHG: "hf mf sim" also now defaults to emul_memory to read a 4 byte UID.
FIX: this fixes the mftry32, mftry32moebius and trymf64 implementations. Which is used in the "hf mf sim x" and "hf 14a sim x" built in attacks.
ADD: added the nonce2key version which should be able to find the key when the collected PARITIES is ZERO.
Syntaxt suger,
and some clean up in the "hf mf mifare" code. I removed the three strategies Pivi added to make the code easier and added a lot of comments to understand.
the WDT bug is still there in this code. Needs further testing yet, before I commit the fix.
So far the fix is quite stable on ubuntu, but on mingw/win is breaking still. Which at this point doesnt make any sense.
ADD: added @pivi 's faster authentication method from 'hardnested' into "hf mf chk" (check keys) and removed the "halt" command.
the speedup is great. Together with the previous speedups from making changes how the client sends the keys to the device, make it lightning fast. It would be fun to see how much fast it is now.