github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-21 22:03:42 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #2 from RfidResearchGroup/master

Browse source 
Update
This commit is contained in:
Bjoern Kerler 2020-04-25 12:00:27 +02:00 committed by GitHub
commit b6de6ac159
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
37 changed files with 679 additions and 707 deletions
Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file.
This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...
## [unreleased][unreleased]
- Added `HF_MSDSAL` standalone mode which read and emulate Visa EMV cards (@Netxing)
- Added Mifare Ultralight tear off experiment (@cintainfinita and @fukmar)
- Added Mifare Desfire Read/Write/Create files/records/values functionality and several fixes to `hf mfdes` (@bkerler)
- Added CreateStdFile command to Mifare `hf mfdes` (@bkerler)

10
README.md
View file

@ -15,13 +15,13 @@
|[Development](#development) | **[Important notes on ModemManager for Linux users](/doc/md/Installation_Instructions/ModemManager-Must-Be-Discarded.md)** | [Validating proxmark client functionality](/doc/md/Use_of_Proxmark/1_Validation.md) |
|[Why didn't you base it on official Proxmark3 Master?](#why-didnt-you-base-it-on-official-proxmark3-master)| **[Homebrew (Mac OS X) & Upgrading HomeBrew Tap Formula](/doc/md/Installation_Instructions/Mac-OS-X-Homebrew-Installation-Instructions.md)** | [First Use and Verification](/doc/md/Use_of_Proxmark/2_Configuration-and-Verification.md)|
|[Proxmark3 GUI](#proxmark3-gui)|**[Setup and build for Windows](/doc/md/Installation_Instructions/Windows-Installation-Instructions.md)**|[Commands & Features](/doc/md/Use_of_Proxmark/3_Commands-and-Features.md)|
|[Issues](#issues)|[Blue shark manual](/doc/bt_manual_v10.md) |[Advanced compilation parameters](/doc/md/Use_of_Proxmark/4_Advanced-compilation-parameters.md)|
|[Issues](#issues)|[Blue shark manual](/doc/bt_manual_v10.md) ||
|[Notes on UART](/doc/uart_notes.md)|[Maintainers](/doc/md/Development/Maintainers.md)|[Command Cheat sheet](/doc/cheatsheet.md)|
|[Notes on frame format](/doc/new_frame_format.md)||[More cheat sheets](https://github.com/RfidResearchGroup/proxmark3/wiki/More-cheat-sheets)|
|[Notes on frame format](/doc/new_frame_format.md)|[Advanced compilation parameters](/doc/md/Use_of_Proxmark/4_Advanced-compilation-parameters.md)|[More cheat sheets](https://github.com/RfidResearchGroup/proxmark3/wiki/More-cheat-sheets)|
|[Notes on external flash](/doc/ext_flash_notes.md)||[EMV](/doc/emv_notes.md)|
|[Notes on Termux / Android](/doc/termux_notes.md)||[Troubleshooting](/doc/md/Installation_Instructions/Troubleshooting.md)|
|[Notes on tracedata / wireshark](/doc/trace_notes.md)||[JTAG](/doc/jtag_notes.md)|
|[Notes on loclass](/doc/loclass_notes.md)||[Complete client command set](/doc/commands.md)|
|[Notes on Termux / Android](/doc/termux_notes.md)|**[Troubleshooting](/doc/md/Installation_Instructions/Troubleshooting.md)**|[Complete client command set](/doc/commands.md)|
|[Notes on tracedata / wireshark](/doc/trace_notes.md)|**[JTAG](/doc/jtag_notes.md)**||
|[Notes on loclass](/doc/loclass_notes.md)|||
|[Notes on paths](/doc/path_notes.md)|||
|[Developing standalone mode](/armsrc/Standalone/readme.md)|[Wiki about standalone mode](https://github.com/RfidResearchGroup/proxmark3/wiki/Standalone-mode) ||
|[Donations](#Donations)|||

69
armsrc/Standalone/Makefile.hal
View file

@ -1,6 +1,6 @@
# Default standalone if no standalone specified
DEFAULT_STANDALONE=LF_SAMYRUN
HELP_EXAMPLE_STANDALONE=HF_YOUNG
DEFAULT_STANDALONE=HF_MSDSAL
HELP_EXAMPLE_STANDALONE=LF_SAMYRUN
# (you can set explicitly STANDALONE= to disable standalone modes)
STANDALONE?=$(DEFAULT_STANDALONE)
STANDALONE_REQ_DEFS=
@ -11,51 +11,54 @@ define KNOWN_STANDALONE_DEFINITIONS
+==========================================================+
| (empty) | No standalone mode |
+----------------------------------------------------------+
| LF_SAMYRUN | HID26 read/clone/sim |
| (default) | - Samy Kamkar |
+----------------------------------------------------------+
| LF_ICERUN | standalone mode skeleton |
| LF_SKELETON | standalone mode skeleton |
| | - iceman |
+----------------------------------------------------------+
| LF_PROXBRUTE | HID ProxII bruteforce |
| | - Brad Antoniewicz |
+----------------------------------------------------------+
| LF_HIDBRUTE | HID corporate 1000 bruteforce |
| | - Federico dotta & Maurizio Agazzini |
+----------------------------------------------------------+
| HF_YOUNG | Mifare sniff/simulation |
| | - Craig Young |
+----------------------------------------------------------+
| HF_MATTYRUN | Mifare sniff/clone |
| | - Matías A. Ré Medina |
+----------------------------------------------------------+
| HF_COLIN | Mifare ultra fast sniff/sim/clone |
| (RDV4 only) | - Colin Brigato |
+----------------------------------------------------------+
| HF_BOG | 14a sniff with ULC/ULEV1/NTAG auth |
| (RDV4 only) | storing in flashmem - Bogito |
+----------------------------------------------------------+
| HF_14ASNIFF | 14a sniff to flashmem |
| (RDV4 only) | |
+----------------------------------------------------------+
| LF_ICEHID | LF HID collector to flashmem |
| (RDV4 only) | |
+----------------------------------------------------------+
| LF_EM4100EMUL | Simulate predefined em4100 tags only |
| | |
+----------------------------------------------------------+
| LF_EM4100RWC | Read/simulate em4100 tags & clone it |
| | to T555x tags |
+----------------------------------------------------------+
| LF_HIDBRUTE | HID corporate 1000 bruteforce |
| | - Federico dotta & Maurizio Agazzini |
+----------------------------------------------------------+
| LF_ICEHID | LF HID collector to flashmem |
| (RDV4 only) | |
+----------------------------------------------------------+
| LF_PROXBRUTE | HID ProxII bruteforce |
| | - Brad Antoniewicz |
+----------------------------------------------------------+
| LF_SAMYRUN | HID26 read/clone/sim |
| | - Samy Kamkar |
+----------------------------------------------------------+
| HF_14ASNIFF | 14a sniff to flashmem |
| (RDV4 only) | |
+----------------------------------------------------------+
| HF_BOG | 14a sniff with ULC/ULEV1/NTAG auth |
| (RDV4 only) | storing in flashmem - Bogito |
+----------------------------------------------------------+
| HF_COLIN | Mifare ultra fast sniff/sim/clone |
| (RDV4 only) | - Colin Brigato |
+----------------------------------------------------------+
| HF_LEGIC | Read/simulate Legic Prime tags |
| | storing in flashmem |
+----------------------------------------------------------+
| HF_MATTYRUN | Mifare sniff/clone |
| | - Matías A. Ré Medina |
+----------------------------------------------------------+
| HF_MSDSAL | Read and emulate MSD Visa cards |
| (default) | - Salvador Mendoza |
+----------------------------------------------------------+
| HF_YOUNG | Mifare sniff/simulation |
| | - Craig Young |
+----------------------------------------------------------+
endef
STANDALONE_MODES := LF_SAMYRUN LF_ICERUN LF_PROXBRUTE LF_HIDBRUTE LF_ICEHID LF_EM4100EMUL LF_EM4100RWC
STANDALONE_MODES += HF_YOUNG HF_MATTYRUN HF_COLIN HF_BOG HF_14ASNIFF HF_LEGIC
STANDALONE_MODES := LF_SKELETON LF_EM4100EMUL LF_EM4100RWC LF_HIDBRUTE LF_ICEHID LF_PROXBRUTE LF_SAMYRUN
STANDALONE_MODES += HF_14ASNIFF HF_BOG HF_COLIN HF_LEGIC HF_MATTYRUN HF_MSDSAL HF_YOUNG
STANDALONE_MODES_REQ_SMARTCARD :=
STANDALONE_MODES_REQ_FLASH := HF_COLIN HF_BOG HF_14ASNIFF LF_ICEHID
STANDALONE_MODES_REQ_FLASH := LF_ICEHID HF_14ASNIFF HF_BOG HF_COLIN
ifneq ($(filter $(STANDALONE),$(STANDALONE_MODES)),)
STANDALONE_PLATFORM_DEFS += -DWITH_STANDALONE_$(STANDALONE)
ifneq ($(filter $(STANDALONE),$(STANDALONE_MODES_REQ_SMARTCARD)),)

10
armsrc/Standalone/Makefile.inc
View file

@ -1,9 +1,9 @@
# Generic standalone Mode injection of source code
SRC_STANDALONE = placeholder.c
# WITH_STANDALONE_LF_ICERUN
ifneq (,$(findstring WITH_STANDALONE_LF_ICERUN,$(APP_CFLAGS)))
SRC_STANDALONE = lf_icerun.c
# WITH_STANDALONE_LF_SKELETON
ifneq (,$(findstring WITH_STANDALONE_LF_SKELETON,$(APP_CFLAGS)))
SRC_STANDALONE = lf_skeleton.c
endif
# WITH_STANDALONE_LF_SAMYRUN
ifneq (,$(findstring WITH_STANDALONE_LF_SAMYRUN,$(APP_CFLAGS)))
@ -53,3 +53,7 @@ endif
ifneq (,$(findstring WITH_STANDALONE_HF_LEGIC,$(APP_CFLAGS)))
SRC_STANDALONE = hf_legic.c
endif
# WITH_STANDALONE_LF_MSDSAL
ifneq (,$(findstring WITH_STANDALONE_HF_MSDSAL,$(APP_CFLAGS)))
SRC_STANDALONE = hf_msdsal.c
endif

454
armsrc/Standalone/hf_msdsal.c Normal file
View file

@ -0,0 +1,454 @@
//-----------------------------------------------------------------------------
// Salvador Mendoza (salmg.net), 2020
//
// This code is licensed to you under the terms of the GNU GPL, version 2 or,
// at your option, any later version. See the LICENSE.txt file for the text of
// the license.
//-----------------------------------------------------------------------------
// Code for reading and emulating 14a technology aka MSDSal by Salvador Mendoza
//-----------------------------------------------------------------------------
#include "standalone.h"
#include "proxmark3_arm.h"
#include "appmain.h"
#include "fpgaloader.h"
#include "util.h"
#include "dbprint.h"
#include "ticks.h"
#include "string.h"
#include "BigBuf.h"
#include "iso14443a.h"
#include "protocols.h"
#include "cmd.h"
void ModInfo(void) {
DbpString(" HF - Reading Visa cards & Emulating a Visa MSD Transaction(ISO14443) - (Salvador Mendoza)");
}
/* This standalone implements two different modes: reading and emulating.
*
* The initial mode is reading with LED A as guide.
* In this mode, the Proxmark expects a Visa Card,
* and will act as card reader. Trying to find track 2.
*
* If the Proxmark found a track 2, it will change to emulation mode (LED C) automatically.
* During this mode the Proxmark will behave as card, emulating a Visa MSD transaction
* using the pre-saved track2 from the previous reading.
*
* It is possible to jump from mode to another by simply pressing the button.
* However, to jump from reading to emulation mode, the LED C as to be on, which
* means having a track 2 in memory.
*
* Keep pressing the button down will quit the standalone cycle.
*
* LEDs:
* LED A = in reading mode
* LED C = in emulation(a track 2 in memory) mode
* LED A + LED C = in reading mode, but you can jump back to emulation mode by pressing the button
* LED B = receiving/sending commands, activity
*
*
* Reading or emulating ISO-14443A technology is not limited to payment cards. This example
* was not only designed to make a replay attack, but to open new possibilities in the ISO-14443A
* technologies. Be brave enough to share your knowledge & inspire others. Salvador Mendoza.
*/
uint8_t ppdol [255] = {0x80, 0xA8, 0x00, 0x00, 0x02, 0x83, 0x00}; // Default GET PROCESSING
uint8_t treatPDOL(uint8_t *apdu) { //Generate GET PROCESSING
uint8_t plen = 7;
//PDOL Format: 80 A8 00 00 + (PDOL Length+2) + 83 + PDOL Length + PDOL + 00
for (uint8_t i = 1; i <= apdu[0]; i++) { //Magic stuff, the generation order is important
if (apdu[i] == 0x9F && apdu[i + 1] == 0x66) { //Terminal Transaction Qualifiers
ppdol[plen] = 0xF6;
ppdol[plen + 1] = 0x20;
ppdol[plen + 2] = 0xC0;
ppdol[plen + 3] = 0x00;
plen += 4;
i += 2;
} else if (apdu[i] == 0x9F && apdu[i + 1] == 0x1A) { //Terminal Country Code
ppdol[plen] = 0x9F;
ppdol[plen + 1] = 0x1A;
plen += 2;
i += 2;
} else if (apdu[i] == 0x5F && apdu[i + 1] == 0x2A) { //Transaction Currency Code
ppdol[plen] = 0x5F;
ppdol[plen + 1] = 0x2A;
plen += 2;
i += 2;
} else if (apdu[i] == 0x9A) { //Transaction Date
ppdol[plen] = 0x9A;
ppdol[plen + 1] = 0x9A;
ppdol[plen + 2] = 0x9A;
plen += 3;
i += 1;
} else if (apdu[i] == 0x95) { //Terminal Verification Results
ppdol[plen] = 0x95;
ppdol[plen + 1] = 0x95;
ppdol[plen + 2] = 0x95;
ppdol[plen + 3] = 0x95;
ppdol[plen + 4] = 0x95;
plen += 5;
i += 1;
} else if (apdu[i] == 0x9C) { //Transaction Type
ppdol[plen] = 0x9C;
plen += 1;
i += 1;
} else if (apdu[i] == 0x9F && apdu[i + 1] == 0x37) { //Unpredictable Number
ppdol[plen] = 0x9F;
ppdol[plen + 1] = 0x37;
ppdol[plen + 2] = 0x9F;
ppdol[plen + 3] = 0x37;
plen += 4;
i += 2;
} else { //To the others, add "0" to complete the format depending on its range
uint8_t u = apdu[i + 2];
while (u > 0) {
ppdol[plen] = 0;
plen += 1;
u--;
}
i += 2;
}
}
ppdol[4] = (plen + 2) - 7; // Length of PDOL + 2
ppdol[6] = plen - 7; // Real length
plen++; // +1 because the last 0
ppdol[plen] = 0x00; // Add the last 0 to the challenge
return plen;
}
void RunMod() {
StandAloneMode();
Dbprintf(_YELLOW_(">>") "Reading Visa cards & Emulating a Visa MSD Transaction a.k.a. MSDSal Started<<");
FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
//For reading process
iso14a_card_select_t card_a_info;
uint8_t apdubuffer[MAX_FRAME_SIZE] = { 0x00 };
//Specific for Visa cards: select ppse, select Visa AID, GET PROCESSING, SFI
uint8_t ppse[20] = {0x00, 0xA4, 0x04, 0x00, 0x0e, 0x32, 0x50, 0x41, 0x59, 0x2e, 0x53, 0x59, 0x53, 0x2e, 0x44, 0x44, 0x46, 0x30, 0x31, 0x00};
uint8_t visa[13] = {0x00, 0xA4, 0x04, 0x00, 0x07, 0xa0, 0x00, 0x00, 0x00, 0x03, 0x10, 0x10, 0x00};
uint8_t processing [8] = {0x80, 0xA8, 0x00, 0x00, 0x02, 0x83, 0x00, 0x00};
uint8_t sfi[5] = {0x00, 0xb2, 0x01, 0x0c, 0x00};
uint8_t *apdus[4] = {ppse, visa, processing, sfi};
uint8_t apdusLen [4] = { sizeof(ppse), sizeof(visa), sizeof(processing), sizeof(sfi)};
uint8_t pdol[50], plen = 8;
bool existpdol;
// - MSD token card format -
//
//Card number: 4412 3456 0578 1234
//Expiration date: 17/11
//Service code: 201
//Discretionary data: 0000030000991
//char token[19] = {0x44,0x12,0x34,0x56,0x05,0x78,0x12,0x34,0xd1,0x71,0x12,0x01,0x00,0x00,0x03,0x00,0x00,0x99,0x1f};
//
// It is possible to initialize directly the emulation mode, having "token" with data and set "chktoken" = true ;)
//
char token[19] = {0x00};
bool chktoken = false;
//For emulation steps
#define ATQA 0
#define UIDC1 1
#define SAKC1 3
#define RATS 5
#define SIGNATURE 7
// Allocate 512 bytes for the dynamic modulation, created when the reader queries for it
// Such a response is less time critical, so we can prepare them on the fly
#define DYNAMIC_RESPONSE_BUFFER_SIZE 64
#define DYNAMIC_MODULATION_BUFFER_SIZE 512
uint8_t flags = FLAG_4B_UID_IN_DATA; //UID 4 bytes(could be 7 bytes if needed it)
uint8_t data[PM3_CMD_DATA_SIZE] = {0x00}; // in case there is a read command received we shouldn't break
uint8_t visauid[7] = {0x01, 0x02, 0x03, 0x04};
memcpy(data, visauid, 4);
// to initialize the emulation
uint8_t tagType = 4; // 4 = ISO/IEC 14443-4 - javacard (JCOP)
tag_response_info_t *responses;
uint32_t cuid = 0;
uint32_t counters[3] = { 0x00, 0x00, 0x00 };
uint8_t tearings[3] = { 0xbd, 0xbd, 0xbd };
uint8_t pages = 0;
// command buffers
uint8_t receivedCmd[MAX_FRAME_SIZE] = { 0x00 };
uint8_t receivedCmdPar[MAX_PARITY_SIZE] = { 0x00 };
uint8_t dynamic_response_buffer[DYNAMIC_RESPONSE_BUFFER_SIZE];
uint8_t dynamic_modulation_buffer[DYNAMIC_MODULATION_BUFFER_SIZE];
// to know the transaction status
uint8_t prevCmd = 0;
// handler - command responses
tag_response_info_t dynamic_response_info = {
.response = dynamic_response_buffer,
.response_n = 0,
.modulation = dynamic_modulation_buffer,
.modulation_n = 0
};
// States for standalone
#define STATE_READ 0
#define STATE_EMU 1
uint8_t state = STATE_READ;
//Checking if the user wants to go directly to emulation mode using a hardcoded track 2
if (chktoken == true && token[0] != 0x00) {
state = STATE_EMU;
Dbprintf(_YELLOW_("[") "Initialized emulation mode " _YELLOW_("]"));
DbpString("\n"_YELLOW_("!!") "Waiting for a card reader...");
} else {
DbpString(_YELLOW_("[") "Initialized reading mode " _YELLOW_("]"));
DbpString("\n"_YELLOW_("!!") "Waiting for a Visa card...");
}
for (;;) {
WDT_HIT();
// exit from RunMod, send a usbcommand.
if (data_available()) break;
// Was our button held down or pressed?
int button_pressed = BUTTON_HELD(1000);
if (button_pressed == 1) //Holding down the button
break;
else if (button_pressed == -1) { //Pressing one time change between reading & emulation
if (state == STATE_READ) {
if (chktoken == true && token[0] != 0x00) { //Only change to emulation if it saved a track 2 in memory
state = STATE_EMU;
Dbprintf(_YELLOW_("[") "In emulation mode " _YELLOW_("]"));
} else
Dbprintf(_YELLOW_("!!") "Nothing in memory to emulate");
} else {
state = STATE_READ;
Dbprintf(_YELLOW_("[") "In reading mode " _YELLOW_("]"));
}
}
SpinDelay(500);
if (state == STATE_READ) {
LED_A_ON();
if (chktoken)
LED_C_ON();
iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD);
if (iso14443a_select_card(NULL, &card_a_info, NULL, true, 0, false)) {
Dbprintf(_YELLOW_("+") "Found ISO 14443 Type A!");
for (uint8_t i = 0; i < 4; i++) {
chktoken = false;
LED_C_OFF();
LED_B_ON();
uint8_t apdulen = iso14_apdu(apdus[i], (uint16_t) apdusLen[i], false, apdubuffer, NULL);
if (apdulen > 0) {
Dbprintf(_YELLOW_("[") "Proxmark command " _YELLOW_("]"));
Dbhexdump(apdusLen[i], apdus[i], false);
Dbprintf(_GREEN_("[") "Card answer " _GREEN_("]"));
Dbhexdump(apdulen - 2, apdubuffer, false);
Dbprintf("----");
for (uint8_t u = 0; u < apdulen; u++) {
if (i == 1) {
if (apdubuffer[u] == 0x9F && apdubuffer[u + 1] == 0x38) { //Check for PDOL
for (uint8_t e = 0; e <= apdubuffer[u + 2]; e++)
pdol[e] = apdubuffer[u + e + 2];
plen = treatPDOL(pdol); //Generate a challenge
apdus[2] = ppdol;
apdusLen[2] = plen;
existpdol = true;
}
} else if (i == 3) {
if (apdubuffer[u] == 0x57 && apdubuffer[u + 1] == 0x13 && !chktoken) { //Find track 2
chktoken = true;
memcpy(&token, &apdubuffer[u + 2], 19);
break;
}
}
}
if (i == 1) {
Dbprintf(_GREEN_("[") "Challenge generated " _GREEN_("]"));
Dbhexdump(plen, existpdol ? ppdol : processing, false);
}
} else {
Dbprintf(_YELLOW_("!!") "Error reading the card");
}
LED_B_OFF();
}
if (chktoken) {
Dbprintf(_RED_("[") "Track 2 " _RED_("]"));
Dbhexdump(19, (uint8_t *)token, false);
Dbprintf(_YELLOW_("!!") "Card number");
Dbhexdump(8, (uint8_t *)token, false);
DbpString("---");
LED_C_ON();
state = STATE_EMU;
Dbprintf(_YELLOW_("[") "Initialized emulation mode " _YELLOW_("]"));
DbpString("\n"_YELLOW_("!!") "Waiting for a card reader...");
}
}
} else if (state == STATE_EMU) {
LED_A_OFF();
LED_C_ON();
// free eventually allocated BigBuf memory but keep Emulator Memory
BigBuf_free_keep_EM();
if (SimulateIso14443aInit(tagType, flags, data, &responses, &cuid, counters, tearings, &pages) == false) {
BigBuf_free_keep_EM();
reply_ng(CMD_HF_MIFARE_SIMULATE, PM3_EINIT, NULL, 0);
DbpString(_YELLOW_("!!") "Error initializing the emulation process!");
SpinDelay(500);
state = STATE_READ;
DbpString(_YELLOW_("[") "Initialized reading mode " _YELLOW_("]"));
DbpString("\n" _YELLOW_("!!") "Waiting for a Visa card...");
break;
}
// We need to listen to the high-frequency, peak-detected path.
iso14443a_setup(FPGA_HF_ISO14443A_TAGSIM_LISTEN);
int len = 0; // command length
int retval = PM3_SUCCESS; // to check emulation status
clear_trace();
set_tracing(true);
for (;;) {
LED_B_OFF();
// Clean receive command buffer
if (!GetIso14443aCommandFromReader(receivedCmd, receivedCmdPar, &len)) {
Dbprintf(_YELLOW_("!!") "Emulator stopped");
retval = PM3_EOPABORTED;
break;
}
tag_response_info_t *p_response = NULL;
LED_B_ON();
// dynamic_response_info will be in charge of responses
dynamic_response_info.response_n = 0;
// Checking the commands order is important and elemental
if (receivedCmd[0] == ISO14443A_CMD_REQA && len == 1) { // Received a REQUEST
DbpString(_YELLOW_("+") "REQUEST Received");
p_response = &responses[ATQA];
} else if (receivedCmd[0] == ISO14443A_CMD_HALT && len == 4) { // Received a HALT
DbpString(_YELLOW_("+") "Received a HALT");
p_response = NULL;
} else if (receivedCmd[0] == ISO14443A_CMD_WUPA && len == 1) { // Received a WAKEUP //Este!!
DbpString(_YELLOW_("+") "WAKEUP Received");
p_response = &responses[ATQA];
prevCmd = 0;
} else if (receivedCmd[1] == 0x20 && receivedCmd[0] == ISO14443A_CMD_ANTICOLL_OR_SELECT && len == 2) { // Received request for UID (cascade 1)
DbpString(_YELLOW_("+") "Request for UID C1");
p_response = &responses[UIDC1];
} else if (receivedCmd[1] == 0x70 && receivedCmd[0] == ISO14443A_CMD_ANTICOLL_OR_SELECT && len == 9) { // Received a SELECT (cascade 1)
DbpString(_YELLOW_("+") "Request for SELECT S1");
p_response = &responses[SAKC1];
} else if (receivedCmd[0] == ISO14443A_CMD_RATS && len == 4) { // Received a RATS request
DbpString(_YELLOW_("+") "Request for RATS");
p_response = &responses[RATS];
} else {
Dbprintf(_YELLOW_("[") "Card reader command " _YELLOW_("]"));
Dbhexdump(len, receivedCmd, false);
if (receivedCmd[0] == 0x02 || receivedCmd[0] == 0x03) { //Emulate a Visa MSD(Magnetic stripe data) card
uint8_t ppsea[39] = {0x6F, 0x23, 0x84, 0x0E, 0x32, 0x50, 0x41, 0x59, 0x2E, 0x53, 0x59, 0x53, 0x2E, 0x44, 0x44, 0x46, 0x30, 0x31, 0xA5, 0x11, 0xBF, 0x0C, 0x0E, 0x61, 0x0C, 0x4F, 0x07, 0xA0, 0x00, 0x00, 0x00, 0x03, 0x10, 0x10, 0x87, 0x01, 0x01, 0x90, 0x00};
uint8_t processing[10] = {0x80, 0x06, 0x00, 0x80, 0x08, 0x01, 0x01, 0x00, 0x90, 0x00};
uint8_t visauid[34] = {0x6F, 0x1E, 0x84, 0x07, 0xA0, 0x00, 0x00, 0x00, 0x03, 0x10, 0x10, 0xA5, 0x13, 0x50, 0x0B, 0x56, 0x49, 0x53, 0x41, 0x20, 0x43, 0x52, 0x45, 0x44, 0x49, 0x54, 0x9F, 0x38, 0x03, 0x9F, 0x66, 0x02, 0x90, 0x00};
uint8_t last[4] = {0x70, 0x15, 0x57, 0x13};
uint8_t card[25];
uint8_t statusapdu[2] = {0x90, 0x00};
uint8_t finished[2] = {0x6f, 0x00};
memcpy(&card[0], last, sizeof(last));
memcpy(&card[4], token, sizeof(token));
memcpy(&card[23], statusapdu, sizeof(statusapdu));
dynamic_response_info.response[0] = receivedCmd[0];
//Depending on card reader commands, the Proxmark will answer to fool the reader
if (receivedCmd[2] == 0xA4 && receivedCmd[6] == 0x32 && prevCmd == 0) { //Respond with PPSE
memcpy(&dynamic_response_info.response[1], ppsea, sizeof(ppsea));
dynamic_response_info.response_n = sizeof(ppsea) + 1;
prevCmd++;
} else if (receivedCmd[2] == 0xA4 && receivedCmd[10] == 0x03 && receivedCmd[11] == 0x10 && prevCmd == 1) { //Respond Visa AID
memcpy(&dynamic_response_info.response[1], visauid, sizeof(visauid));
dynamic_response_info.response_n = sizeof(visauid) + 1;
prevCmd++;
} else if (receivedCmd[1] == 0x80 && receivedCmd[2] == 0xA8 && receivedCmd[6] == 0x83 && prevCmd == 2) { //GET PROCESSING
memcpy(&dynamic_response_info.response[1], processing, sizeof(processing));
dynamic_response_info.response_n = sizeof(processing) + 1;
prevCmd++;
} else if (receivedCmd[1] == 0x00 && receivedCmd[2] == 0xB2 && prevCmd == 3) { //SFI
memcpy(&dynamic_response_info.response[1], card, sizeof(card));
dynamic_response_info.response_n = sizeof(card) + 1;
prevCmd++;
} else {
memcpy(&dynamic_response_info.response[1], finished, sizeof(finished));
dynamic_response_info.response_n = sizeof(finished) + 1;
if (prevCmd == 5) {
prevCmd = 0;
}
}
} else {
Dbprintf(_YELLOW_("!!") "Received unknown command!");
if (prevCmd < 4) {
memcpy(dynamic_response_info.response, receivedCmd, len);
dynamic_response_info.response_n = len;
} else {
dynamic_response_info.response_n = 0;
}
}
}
if (dynamic_response_info.response_n > 0) {
Dbprintf(_GREEN_("[") "Proxmark3 answer " _GREEN_("]"));
Dbhexdump(dynamic_response_info.response_n, dynamic_response_info.response, false);
Dbprintf("----");
// Add CRC bytes, always used in ISO 14443A-4 compliant cards
AddCrc14A(dynamic_response_info.response, dynamic_response_info.response_n);
dynamic_response_info.response_n += 2;
if (prepare_tag_modulation(&dynamic_response_info, DYNAMIC_MODULATION_BUFFER_SIZE) == false) {
SpinDelay(500);
DbpString(_YELLOW_("!!") "Error preparing Proxmark to answer!");
continue;
}
p_response = &dynamic_response_info;
}
if (p_response != NULL) {
EmSendPrecompiledCmd(p_response);
}
}
switch_off();
set_tracing(false);
BigBuf_free_keep_EM();
reply_ng(CMD_HF_MIFARE_SIMULATE, retval, NULL, 0);
}
}
DbpString(_YELLOW_("[=]") "exiting");
LEDsoff();
}

2
armsrc/Standalone/lf_em4100emul.c
View file

@ -85,7 +85,7 @@ void RunMod() {
Dbprintf("[=] >> LF EM4100 simulator started <<");
int selected = 0; //selected slot after start
slots_count = sizeof(low) / sizeof(low[0]);
slots_count = ARRAYLEN(low);
bba = BigBuf_get_addr();
for (;;) {
WDT_HIT();

2
armsrc/Standalone/lf_em4100rwc.c
View file

@ -129,7 +129,7 @@ void RunMod() {
// 2 - simulate tag from selected slot
// 3 - write to T5555 tag
uint8_t state = 0;
slots_count = sizeof(low) / sizeof(low[0]);
slots_count = ARRAYLEN(low);
bba = BigBuf_get_addr();
LED_Slot(selected);
for (;;) {

8
armsrc/Standalone/lf_icerun.c → armsrc/Standalone/lf_skeleton.c
View file

@ -5,7 +5,7 @@
// at your option, any later version. See the LICENSE.txt file for the text of
// the license.
//-----------------------------------------------------------------------------
// main code for skeleton aka IceRun by Iceman
// main code for skeleton by Iceman
//-----------------------------------------------------------------------------
#include "standalone.h" // standalone definitions
#include "proxmark3_arm.h"
@ -15,19 +15,19 @@
#include "dbprint.h"
void ModInfo(void) {
DbpString(" LF skeleton mode - aka IceRun (iceman)");
DbpString(" LF skeleton mode - aka Skeleton (iceman)");
}
void RunMod() {
StandAloneMode();
Dbprintf("[=] LF skeleton code a.k.a IceRun started");
Dbprintf("[=] LF skeleton code a.k.a Skeleton started");
FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
// the main loop for your standalone mode
for (;;) {
WDT_HIT();
// exit from IceRun, send a usbcommand.
// exit from RunMod, send a usbcommand.
if (data_available()) break;
// Was our button held down or pressed?

25
armsrc/Standalone/readme.md
View file

@ -3,7 +3,7 @@
This contains functionality for different StandAlone modes. The fullimage will be built given the correct compiler flags used. Build targets for these files are contained in `Makefile.inc` and `Makefile.hal`
If you want to implement a new standalone mode, you need to implement the methods provided in `standalone.h`.
Have a look at the skeleton standalone mode called IceRun, in the files `lf_icerun.c lf_icerun.h`.
Have a look at the skeleton standalone mode, in the file `lf_skeleton.c`.
As it is now, you can only have one standalone mode installed at the time.
@ -58,7 +58,7 @@ This leads to your next step, your DEFINE name needed in Makefile.
## Update MAKEFILE.HAL
Add your mode to the `Makefile.hal` help and modes list:
Add your mode to the `Makefile.hal` help and modes list (alphabetically):
```
+==========================================================+
| STANDALONE | DESCRIPTION |
@ -68,24 +68,24 @@ Add your mode to the `Makefile.hal` help and modes list:
| LF_FOO | My foobar mode will make you coffee |
+----------------------------------------------------------+
STANDALONE_MODES := LF_SAMYRUN LF_ICERUN LF_PROXBRUTE LF_HIDBRUTE LF_FOO
STANDALONE_MODES += HF_YOUNG HF_MATTYRUN HF_COLIN HF_BOG
STANDALONE_MODES := LF_... LF_FOO
STANDALONE_MODES += HF_...
```
If your mode is using one of the unique features of the RDV4, add it to the proper list:
```
STANDALONE_MODES_REQ_SMARTCARD :=
STANDALONE_MODES_REQ_FLASH := HF_COLIN HF_BOG
STANDALONE_MODES_REQ_FLASH :=
```
## Update MAKEFILE.INC
Add your source code files like the following sample in the `Makefile.inc`
```
# WITH_STANDALONE_LF_ICERUN
ifneq (,$(findstring WITH_STANDALONE_LF_ICERUN,$(APP_CFLAGS)))
SRC_STANDALONE = lf_icerun.c
# WITH_STANDALONE_LF_SKELETON
ifneq (,$(findstring WITH_STANDALONE_LF_SKELETON,$(APP_CFLAGS)))
SRC_STANDALONE = lf_skeleton.c
endif
# WITH_STANDALONE_LF_FOO
@ -140,4 +140,13 @@ The final steps is to
When compiling you will see a header showing what configurations your project compiled with.
Make sure it says your standalone mode name.
## Submitting your code
Once you're ready to share your mode, please
* add a line in CHANGELOG.md
* add your mode in the modes table in doc/md/Use_of_Proxmark/4_Advanced-compilation-parameters.md
and submit your PR.
Happy hacking!

6
armsrc/iso14443a.c
View file

@ -837,7 +837,7 @@ static void Code4bitAnswerAsTag(uint8_t cmd) {
// stop when button is pressed or client usb connection resets
// or return TRUE when command is captured
//-----------------------------------------------------------------------------
static bool GetIso14443aCommandFromReader(uint8_t *received, uint8_t *par, int *len) {
bool GetIso14443aCommandFromReader(uint8_t *received, uint8_t *par, int *len) {
// Set FPGA mode to "simulated ISO 14443 tag", no modulation (listen
// only, since we are receiving, not transmitting).
// Signal field is off with the appropriate LED
@ -873,7 +873,7 @@ static bool GetIso14443aCommandFromReader(uint8_t *received, uint8_t *par, int *
return false;
}
static bool prepare_tag_modulation(tag_response_info_t *response_info, size_t max_buffer_size) {
bool prepare_tag_modulation(tag_response_info_t *response_info, size_t max_buffer_size) {
// Example response, answer to MIFARE Classic read block will be 16 bytes + 2 CRC = 18 bytes
// This will need the following byte array for a modulation sequence
// 144 data bits (18 * 8)
@ -919,7 +919,7 @@ bool prepare_allocated_tag_modulation(tag_response_info_t *response_info, uint8_
}
}
static bool SimulateIso14443aInit(int tagType, int flags, uint8_t *data, tag_response_info_t **responses, uint32_t *cuid, uint32_t counters[3], uint8_t tearings[3], uint8_t *pages) {
bool SimulateIso14443aInit(int tagType, int flags, uint8_t *data, tag_response_info_t **responses, uint32_t *cuid, uint32_t counters[3], uint8_t tearings[3], uint8_t *pages) {
uint8_t sak = 0;
// The first response contains the ATQA (note: bytes are transmitted in reverse order).
static uint8_t rATQA[2] = { 0x00 };

3
armsrc/iso14443a.h
View file

@ -112,6 +112,8 @@ RAMFUNC int ManchesterDecoding(uint8_t bit, uint16_t offset, uint32_t non_real_t
void RAMFUNC SniffIso14443a(uint8_t param);
void SimulateIso14443aTag(uint8_t tagType, uint8_t flags, uint8_t *data);
bool SimulateIso14443aInit(int tagType, int flags, uint8_t *data, tag_response_info_t **responses, uint32_t *cuid, uint32_t counters[3], uint8_t tearings[3], uint8_t *pages);
bool GetIso14443aCommandFromReader(uint8_t *received, uint8_t *par, int *len);
void iso14443a_antifuzz(uint32_t flags);
void ReaderIso14443a(PacketCommandNG *c);
void ReaderTransmit(uint8_t *frame, uint16_t len, uint32_t *timing);
@ -136,6 +138,7 @@ int EmSendCmdParEx(uint8_t *resp, uint16_t respLen, uint8_t *par, bool collision
int EmSendPrecompiledCmd(tag_response_info_t *p_response);
bool prepare_allocated_tag_modulation(tag_response_info_t *response_info, uint8_t **buffer, size_t *max_buffer_size);
bool prepare_tag_modulation(tag_response_info_t *response_info, size_t max_buffer_size);
bool EmLogTrace(uint8_t *reader_data, uint16_t reader_len, uint32_t reader_StartTime, uint32_t reader_EndTime, uint8_t *reader_Parity,
uint8_t *tag_data, uint16_t tag_len, uint32_t tag_StartTime, uint32_t tag_EndTime, uint8_t *tag_Parity);

47
client/CMakeLists.txt
View file

@ -1,3 +1,10 @@
# MINGW:
# On ProxSpace 3.4:
# cmake -G"MSYS Makefiles" ..
# On Proxspace 3.3 or less, you need to install cmake:
# pacman -S mingw-w64-x86_64-cmake
# /mingw64/bin/cmake -G"MSYS Makefiles" ..
cmake_minimum_required(VERSION 3.10)
project(proxmark3)
@ -5,8 +12,6 @@ if(CMAKE_VERSION VERSION_LESS "3.7.0")
set(CMAKE_INCLUDE_CURRENT_DIR ON)
endif()
set(CMAKE_CXX_STANDARD 14)
if(APPLE AND EXISTS /usr/local/opt/qt5)
# Homebrew installs Qt5 (up to at least 5.11.0) in
# /usr/local/qt5. Ensure that it can be found by CMake
@ -32,29 +37,6 @@ endforeach()
SET (CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} "${CMAKE_CURRENT_SOURCE_DIR}/cmake")
INCLUDE(FindSSE)
if(NOT SSE2_FOUND)
MESSAGE(STATUS "Could not find hardware support for SSE2 on this machine.")
endif(NOT SSE2_FOUND)
if(NOT SSE3_FOUND)
MESSAGE(STATUS "Could not find hardware support for SSE3 on this machine.")
endif(NOT SSE3_FOUND)
if(NOT SSSE3_FOUND)
MESSAGE(STATUS "Could not find hardware support for SSSE3 on this machine.")
endif(NOT SSSE3_FOUND)
if(NOT SSE4_1_FOUND)
MESSAGE(STATUS "Could not find hardware support for SSE4.1 on this machine.")
endif(NOT SSE4_1_FOUND)
if(NOT AVX_FOUND)
MESSAGE(STATUS "Could not find hardware support for AVX on this machine.")
endif(NOT AVX_FOUND)
if(NOT AVX2_FOUND)
MESSAGE(STATUS "Could not find hardware support for AVX2 on this machine.")
endif(NOT AVX2_FOUND)
if(NOT AVX512_FOUND)
MESSAGE(STATUS "Could not find hardware support for AVX512 on this machine.")
endif(NOT AVX512_FOUND)
add_subdirectory(deps)
set (TARGET_SOURCES
@ -207,10 +189,6 @@ if (APPLE)
set(ADDITIONAL_LNK "-framework Foundation" "-framework AppKit")
endif (APPLE)
if (MINGW)
set(CMAKE_CXX_FLAGS "-mno-ms-bitfields -fexec-charset=cp850 ${CMAKE_CXX_FLAGS}")
endif (MINGW)
if (Qt5_FOUND)
message("Qt5 library found, building gui :)")
set(CMAKE_AUTOMOC ON)
@ -238,6 +216,17 @@ add_executable(
target_compile_options(proxmark3 PUBLIC -Wall -Werror -O3)
if (MINGW)
# Mingw uses by default Microsoft printf, we want the GNU printf (e.g. for %z)
# and setting _ISOC99_SOURCE sets internally __USE_MINGW_ANSI_STDIO=1
# FTR __USE_MINGW_ANSI_STDIO seems deprecated in Mingw32
# but not Mingw64 https://fr.osdn.net/projects/mingw/lists/archive/users/2019-January/000199.html
target_compile_definitions(proxmark3 PRIVATE _ISOC99_SOURCE)
set(CMAKE_C_FLAGS "-mno-ms-bitfields -fexec-charset=cp850 ${CMAKE_C_FLAGS}")
set(CMAKE_CXX_FLAGS "-mno-ms-bitfields -fexec-charset=cp850 ${CMAKE_CXX_FLAGS}")
endif (MINGW)
target_include_directories(proxmark3 PRIVATE
../common
../common_fpga

30
client/Makefile
View file

@ -57,11 +57,16 @@ LIBS = -I$(LUALIBPATH) -I$(MBEDTLSLIBPATH) -I$(JANSSONLIBPATH) -I$(CBORLIBPATH)
INCLUDES_CLIENT = -I./src -I../include -I../common -I../common_fpga $(LIBS)
CFLAGS ?= -Wall -Werror -O3
# We cannot just use CFLAGS+=... because it has impact on sub-makes if CFLAGS is defined in env:
PM3CFLAGS = $(CFLAGS) -std=c99 -D_ISOC99_SOURCE $(INCLUDES_CLIENT)
PM3CFLAGS = $(CFLAGS) $(INCLUDES_CLIENT)
# WIP Testing
#PM3CFLAGS = $(CFLAGS) -std=c11 -pedantic $(INCLUDES_CLIENT)
PREFIX ?= /usr/local
ifneq (,$(findstring MINGW,$(platform)))
# Mingw uses by default Microsoft printf, we want the GNU printf (e.g. for %z)
# and setting _ISOC99_SOURCE sets internally __USE_MINGW_ANSI_STDIO=1
# FTR __USE_MINGW_ANSI_STDIO seems deprecated in Mingw32
# but not Mingw64 https://fr.osdn.net/projects/mingw/lists/archive/users/2019-January/000199.html
PM3CFLAGS += -D_ISOC99_SOURCE
PM3CFLAGS += -mno-ms-bitfields -fexec-charset=cp850
endif
CXXFLAGS ?= -Wall -Werror -O3
@ -77,6 +82,8 @@ else
LDFLAGS += -framework Foundation -framework AppKit
LDLIBS := -L/usr/local/opt/readline/lib $(LDLIBS)
LIBS := -I/usr/local/opt/readline/include $(LIBS)
# cf brew info qt: qt not symlinked anymore
PKG_CONFIG_PATH := PKG_CONFIG_PATH=/usr/local/opt/qt/lib/pkgconfig
else
LUALIB += -ldl
LUAPLATFORM = linux
@ -85,18 +92,19 @@ endif
ifneq ($(SKIPQT),1)
# Check for correctly configured Qt5
QTINCLUDES = $(shell pkg-config --cflags Qt5Core Qt5Widgets 2>/dev/null)
QTLDLIBS = $(shell pkg-config --libs Qt5Core Qt5Widgets 2>/dev/null)
MOC = $(shell pkg-config --variable=host_bins Qt5Core)/moc
UIC = $(shell pkg-config --variable=host_bins Qt5Core)/uic
QTINCLUDES = $(shell $(PKG_CONFIG_PATH) pkg-config --cflags Qt5Core Qt5Widgets 2>/dev/null)
QTLDLIBS = $(shell $(PKG_CONFIG_PATH) pkg-config --libs Qt5Core Qt5Widgets 2>/dev/null)
MOC = $(shell $(PKG_CONFIG_PATH) pkg-config --variable=host_bins Qt5Core)/moc
UIC = $(shell $(PKG_CONFIG_PATH) pkg-config --variable=host_bins Qt5Core)/uic
ifeq ($(QTINCLUDES), )
# if Qt5 not found check for correctly configured Qt4
QTINCLUDES = $(shell pkg-config --cflags QtCore QtGui 2>/dev/null)
QTLDLIBS = $(shell pkg-config --libs QtCore QtGui 2>/dev/null)
MOC = $(shell pkg-config --variable=moc_location QtCore)
UIC = $(shell pkg-config --variable=uic_location QtCore)
QTINCLUDES = $(shell $(PKG_CONFIG_PATH) pkg-config --cflags QtCore QtGui 2>/dev/null)
QTLDLIBS = $(shell $(PKG_CONFIG_PATH) pkg-config --libs QtCore QtGui 2>/dev/null)
MOC = $(shell $(PKG_CONFIG_PATH) pkg-config --variable=moc_location QtCore)
UIC = $(shell $(PKG_CONFIG_PATH) pkg-config --variable=uic_location QtCore)
else
PM3CXXFLAGS += -std=c++11 -fPIC
# On OSX Qt5 is claiming for a C++11 compiler (gnu++14 works too, but if nothing it fails)
PM3CXXFLAGS += -fPIC -std=c++11
endif
ifeq ($(QTINCLUDES), )
# if both pkg-config commands failed, search in common places
@ -106,7 +114,7 @@ ifneq ($(SKIPQT),1)
ifneq ($(wildcard $(QTDIR)/include/QtWidgets),)
QTINCLUDES += -I$(QTDIR)/include/QtWidgets
QTLDLIBS = -L$(QTDIR)/lib -lQt5Widgets -lQt5Gui -lQt5Core
PM3CXXFLAGS += -std=c++11 -fPIC
PM3CXXFLAGS += -fPIC -std=c++11
endif
MOC = $(QTDIR)/bin/moc
UIC = $(QTDIR)/bin/uic

168
client/cmake/FindSSE.cmake
View file

@ -1,168 +0,0 @@
# Check if SSE/AVX instructions are available on the machine where
# the project is compiled.
IF(CMAKE_SYSTEM_NAME MATCHES "Linux")
EXEC_PROGRAM(cat ARGS "/proc/cpuinfo" OUTPUT_VARIABLE CPUINFO)
STRING(REGEX REPLACE "^.*(sse2).*$" "\\1" SSE_THERE ${CPUINFO})
STRING(COMPARE EQUAL "sse2" "${SSE_THERE}" SSE2_TRUE)
IF (SSE2_TRUE)
set(SSE2_FOUND true CACHE BOOL "SSE2 available on host")
ELSE (SSE2_TRUE)
set(SSE2_FOUND false CACHE BOOL "SSE2 available on host")
ENDIF (SSE2_TRUE)
# /proc/cpuinfo apparently omits sse3 :(
STRING(REGEX REPLACE "^.*[^s](sse3).*$" "\\1" SSE_THERE ${CPUINFO})
STRING(COMPARE EQUAL "sse3" "${SSE_THERE}" SSE3_TRUE)
IF (NOT SSE3_TRUE)
STRING(REGEX REPLACE "^.*(T2300).*$" "\\1" SSE_THERE ${CPUINFO})
STRING(COMPARE EQUAL "T2300" "${SSE_THERE}" SSE3_TRUE)
ENDIF (NOT SSE3_TRUE)
STRING(REGEX REPLACE "^.*(ssse3).*$" "\\1" SSE_THERE ${CPUINFO})
STRING(COMPARE EQUAL "ssse3" "${SSE_THERE}" SSSE3_TRUE)
IF (SSE3_TRUE OR SSSE3_TRUE)
set(SSE3_FOUND true CACHE BOOL "SSE3 available on host")
ELSE (SSE3_TRUE OR SSSE3_TRUE)
set(SSE3_FOUND false CACHE BOOL "SSE3 available on host")
ENDIF (SSE3_TRUE OR SSSE3_TRUE)
IF (SSSE3_TRUE)
set(SSSE3_FOUND true CACHE BOOL "SSSE3 available on host")
ELSE (SSSE3_TRUE)
set(SSSE3_FOUND false CACHE BOOL "SSSE3 available on host")
ENDIF (SSSE3_TRUE)
STRING(REGEX REPLACE "^.*(sse4_1).*$" "\\1" SSE_THERE ${CPUINFO})
STRING(COMPARE EQUAL "sse4_1" "${SSE_THERE}" SSE41_TRUE)
IF (SSE41_TRUE)
set(SSE4_1_FOUND true CACHE BOOL "SSE4.1 available on host")
ELSE (SSE41_TRUE)
set(SSE4_1_FOUND false CACHE BOOL "SSE4.1 available on host")
ENDIF (SSE41_TRUE)
STRING(REGEX REPLACE "^.*(avx).*$" "\\1" SSE_THERE ${CPUINFO})
STRING(COMPARE EQUAL "avx" "${SSE_THERE}" AVX_TRUE)
IF (AVX_TRUE)
set(AVX_FOUND true CACHE BOOL "AVX available on host")
ELSE (AVX_TRUE)
set(AVX_FOUND false CACHE BOOL "AVX available on host")
ENDIF (AVX_TRUE)
STRING(REGEX REPLACE "^.*(avx2).*$" "\\1" SSE_THERE ${CPUINFO})
STRING(COMPARE EQUAL "avx2" "${SSE_THERE}" AVX2_TRUE)
IF (AVX2_TRUE)
set(AVX2_FOUND true CACHE BOOL "AVX2 available on host")
ELSE (AVX2_TRUE)
set(AVX2_FOUND false CACHE BOOL "AVX2 available on host")
ENDIF (AVX2_TRUE)
STRING(REGEX REPLACE "^.*(avx512).*$" "\\1" SSE_THERE ${CPUINFO})
STRING(COMPARE EQUAL "avx512" "${SSE_THERE}" AVX2_TRUE)
IF (AVX512_TRUE)
set(AVX512_FOUND true CACHE BOOL "AVX512 available on host")
ELSE (AVX2_TRUE)
set(AVX512_FOUND false CACHE BOOL "AVX512 available on host")
ENDIF (AVX512_TRUE)
ELSEIF(CMAKE_SYSTEM_NAME MATCHES "Darwin")
EXEC_PROGRAM("/usr/sbin/sysctl -n machdep.cpu.features" OUTPUT_VARIABLE
CPUINFO)
STRING(REGEX REPLACE "^.*[^S](SSE2).*$" "\\1" SSE_THERE ${CPUINFO})
STRING(COMPARE EQUAL "SSE2" "${SSE_THERE}" SSE2_TRUE)
IF (SSE2_TRUE)
set(SSE2_FOUND true CACHE BOOL "SSE2 available on host")
ELSE (SSE2_TRUE)
set(SSE2_FOUND false CACHE BOOL "SSE2 available on host")
ENDIF (SSE2_TRUE)
STRING(REGEX REPLACE "^.*[^S](SSE3).*$" "\\1" SSE_THERE ${CPUINFO})
STRING(COMPARE EQUAL "SSE3" "${SSE_THERE}" SSE3_TRUE)
IF (SSE3_TRUE)
set(SSE3_FOUND true CACHE BOOL "SSE3 available on host")
ELSE (SSE3_TRUE)
set(SSE3_FOUND false CACHE BOOL "SSE3 available on host")
ENDIF (SSE3_TRUE)
STRING(REGEX REPLACE "^.*(SSSE3).*$" "\\1" SSE_THERE ${CPUINFO})
STRING(COMPARE EQUAL "SSSE3" "${SSE_THERE}" SSSE3_TRUE)
IF (SSSE3_TRUE)
set(SSSE3_FOUND true CACHE BOOL "SSSE3 available on host")
ELSE (SSSE3_TRUE)
set(SSSE3_FOUND false CACHE BOOL "SSSE3 available on host")
ENDIF (SSSE3_TRUE)
STRING(REGEX REPLACE "^.*(SSE4.1).*$" "\\1" SSE_THERE ${CPUINFO})
STRING(COMPARE EQUAL "SSE4.1" "${SSE_THERE}" SSE41_TRUE)
IF (SSE41_TRUE)
set(SSE4_1_FOUND true CACHE BOOL "SSE4.1 available on host")
ELSE (SSE41_TRUE)
set(SSE4_1_FOUND false CACHE BOOL "SSE4.1 available on host")
ENDIF (SSE41_TRUE)
STRING(REGEX REPLACE "^.*(AVX).*$" "\\1" SSE_THERE ${CPUINFO})
STRING(COMPARE EQUAL "AVX" "${SSE_THERE}" AVX_TRUE)
IF (AVX_TRUE)
set(AVX_FOUND true CACHE BOOL "AVX available on host")
ELSE (AVX_TRUE)
set(AVX_FOUND false CACHE BOOL "AVX available on host")
ENDIF (AVX_TRUE)
STRING(REGEX REPLACE "^.*(AVX2).*$" "\\1" SSE_THERE ${CPUINFO})
STRING(COMPARE EQUAL "AVX2" "${SSE_THERE}" AVX2_TRUE)
IF (AVX2_TRUE)
set(AVX2_FOUND true CACHE BOOL "AVX2 available on host")
ELSE (AVX2_TRUE)
set(AVX2_FOUND false CACHE BOOL "AVX2 available on host")
ENDIF (AVX2_TRUE)
STRING(REGEX REPLACE "^.*(AVX512).*$" "\\1" SSE_THERE ${CPUINFO})
STRING(COMPARE EQUAL "AVX512" "${SSE_THERE}" AVX2_TRUE)
IF (AVX2_TRUE)
set(AVX2_FOUND true CACHE BOOL "AVX512 available on host")
ELSE (AVX2_TRUE)
set(AVX2_FOUND false CACHE BOOL "AVX512 available on host")
ENDIF (AVX2_TRUE)
ELSEIF(CMAKE_SYSTEM_NAME MATCHES "Windows")
# TODO
set(SSE2_FOUND true CACHE BOOL "SSE2 available on host")
set(SSE3_FOUND false CACHE BOOL "SSE3 available on host")
set(SSSE3_FOUND false CACHE BOOL "SSSE3 available on host")
set(SSE4_1_FOUND false CACHE BOOL "SSE4.1 available on host")
set(AVX_FOUND false CACHE BOOL "AVX available on host")
set(AVX2_FOUND false CACHE BOOL "AVX2 available on host")
set(AVX512_FOUND false CACHE BOOL "AVX512 available on host")
ELSE(CMAKE_SYSTEM_NAME MATCHES "Linux")
set(SSE2_FOUND true CACHE BOOL "SSE2 available on host")
set(SSE3_FOUND false CACHE BOOL "SSE3 available on host")
set(SSSE3_FOUND false CACHE BOOL "SSSE3 available on host")
set(SSE4_1_FOUND false CACHE BOOL "SSE4.1 available on host")
set(AVX_FOUND false CACHE BOOL "AVX available on host")
set(AVX2_FOUND false CACHE BOOL "AVX2 available on host")
set(AVX512_FOUND false CACHE BOOL "AVX512 available on host")
ENDIF(CMAKE_SYSTEM_NAME MATCHES "Linux")
if(NOT SSE2_FOUND)
MESSAGE(STATUS "Could not find hardware support for SSE2 on this machine.")
endif(NOT SSE2_FOUND)
if(NOT SSE3_FOUND)
MESSAGE(STATUS "Could not find hardware support for SSE3 on this machine.")
endif(NOT SSE3_FOUND)
if(NOT SSSE3_FOUND)
MESSAGE(STATUS "Could not find hardware support for SSSE3 on this machine.")
endif(NOT SSSE3_FOUND)
if(NOT SSE4_1_FOUND)
MESSAGE(STATUS "Could not find hardware support for SSE4.1 on this machine.")
endif(NOT SSE4_1_FOUND)
if(NOT AVX_FOUND)
MESSAGE(STATUS "Could not find hardware support for AVX on this machine.")
endif(NOT AVX_FOUND)
if(NOT AVX2_FOUND)
MESSAGE(STATUS "Could not find hardware support for AVX2 on this machine.")
endif(NOT AVX2_FOUND)
if(NOT AVX512_FOUND)
MESSAGE(STATUS "Could not find hardware support for AVX512 on this machine.")
endif(NOT AVX512_FOUND)
mark_as_advanced(SSE2_FOUND SSE3_FOUND SSSE3_FOUND SSE4_1_FOUND, AVX_FOUND, AVX2_FOUND)

2
client/deps/amiibo.cmake
View file

@ -5,8 +5,6 @@
#amiitool.c $(MYSRCS) ../../../../common/../../commonutil.c ../ui.c -lreadline -lm ../../../../common/mbedtls/libmbedtls.a \
#-o amiitool
set_property(SOURCE PROPERTY C_STANDARD 99)
add_library(amiibo STATIC
amiitool/amiibo.c
amiitool/drbg.c

2
client/deps/amiitool/Makefile
View file

@ -1,6 +1,6 @@
MYSRCPATHS =
MYINCLUDES = -I. -I.. -I../jansson -I../../../common -I../../../include
MYCFLAGS = -std=c99 -D_ISOC99_SOURCE
MYCFLAGS =
MYDEFS =
MYSRCS = \
amiibo.c \

2
client/deps/cliparser/Makefile
View file

@ -1,6 +1,6 @@
MYSRCPATHS =
MYINCLUDES = -I../../../common -I../../../include -I../../src
MYCFLAGS = -std=c99 -D_ISOC99_SOURCE
MYCFLAGS =
MYDEFS =
MYSRCS = \
argtable3.c \

13
client/deps/hardnested.cmake
View file

@ -1,22 +1,23 @@
set_property(SOURCE PROPERTY C_STANDARD 99)
## CPU-specific code
## These are mostly for x86-based architectures, which is not useful for many Android devices.
add_library(hardnested_nosimd OBJECT
hardnested/hardnested_bf_core.c
hardnested/hardnested_bitarray_core.c)
target_compile_options(hardnested_nosimd PRIVATE -Wall -Werror -O3)
target_include_directories(hardnested_nosimd PRIVATE
../../common
../../include)
target_compile_options(hardnested_nosimd PRIVATE -Wall -Werror -O3)
set(X86_CPUS x86 x86_64 i686)
## CPU-specific code
## These are mostly for x86-based architectures, which is not useful for many Android devices.
## Mingw platforms: AMD64
set(X86_CPUS x86 x86_64 i686 AMD64)
message(STATUS "CMAKE_SYSTEM_PROCESSOR := ${CMAKE_SYSTEM_PROCESSOR}")
if ("${CMAKE_SYSTEM_PROCESSOR}" IN_LIST X86_CPUS)
message(STATUS "Building optimised x86/x86_64 binaries")
target_compile_options(hardnested_nosimd BEFORE PRIVATE
-mno-mmx -mno-sse2 -mno-avx -mno-avx2 -mno-avx512f)

4
client/deps/hardnested/Makefile
View file

@ -1,6 +1,6 @@
MYSRCPATHS =
MYINCLUDES = -I../../../common -I../../../include -I../../src -I../jansson
MYCFLAGS = -std=c99 -D_ISOC99_SOURCE
MYCFLAGS =
MYDEFS =
MYSRCS = hardnested_bruteforce.c
@ -24,7 +24,7 @@ MYOBJS += $(MULTIARCHSRCS:%.c=$(OBJDIR)/%_NOSIMD.o) \
$(MULTIARCHSRCS:%.c=$(OBJDIR)/%_AVX.o) \
$(MULTIARCHSRCS:%.c=$(OBJDIR)/%_AVX2.o)
SUPPORTS_AVX512 := $(shell echo | gcc -E -mavx512f - > /dev/null 2>&1 && echo "True" )
SUPPORTS_AVX512 := $(shell echo | $(CC) -E -mavx512f - > /dev/null 2>&1 && echo "True" )
HARD_SWITCH_NOSIMD = -mno-mmx -mno-sse2 -mno-avx -mno-avx2
HARD_SWITCH_MMX = -mmmx -mno-sse2 -mno-avx -mno-avx2

2
client/deps/hardnested/hardnested_tables.c
View file

@ -20,7 +20,7 @@
//-----------------------------------------------------------------------------
// To compile it:
// gcc -std=c99 -I ../../common -o hardnested_tables hardnested_tables.c
// gcc -I../../../common -I../../../include -o hardnested_tables hardnested_tables.c
#include <inttypes.h>
#include <stdbool.h>

2
client/deps/jansson.cmake
View file

@ -1,5 +1,3 @@
set_property(SOURCE PROPERTY C_STANDARD 99)
add_library(jansson STATIC
jansson/dump.c
jansson/error.c

2
client/deps/jansson/Makefile
View file

@ -1,6 +1,6 @@
MYSRCPATHS =
MYINCLUDES = -I.
MYCFLAGS = -std=c99 -D_ISOC99_SOURCE -Wno-unused-function
MYCFLAGS = -Wno-unused-function
MYDEFS = -DHAVE_STDINT_H
MYSRCS = \
dump.c \

3
client/deps/liblua/Makefile
View file

@ -1,7 +1,6 @@
MYSRCPATHS =
MYINCLUDES = -I.
# Lua lib is not ready for C99 style...
#MYCFLAGS = -std=c99 -D_ISOC99_SOURCE
# Lua lib requires GNU extensions (implicit declarations of functions): -std=gnu99 or -std=gnu11
MYCFLAGS =
MYDEFS = -DLUA_COMPAT_ALL $(SYSCFLAGS)
MYSRCS = lapi.c lcode.c lctype.c ldebug.c ldo.c ldump.c lfunc.c lgc.c llex.c \

2
client/deps/mbedtls.cmake
View file

@ -1,5 +1,3 @@
set_property(SOURCE PROPERTY C_STANDARD 99)
add_library(mbedtls STATIC
../../common/mbedtls/aes.c
../../common/mbedtls/asn1parse.c

2
client/deps/reveng.cmake
View file

@ -1,5 +1,3 @@
set_property(SOURCE PROPERTY C_STANDARD 99)
add_library(reveng STATIC
reveng/bmpbit.c
reveng/cli.c

2
client/deps/reveng/Makefile
View file

@ -5,7 +5,7 @@
MYSRCPATHS =
MYINCLUDES = -I../cliparser
MYCFLAGS = -std=c99 -D_ISOC99_SOURCE
MYCFLAGS =
MYDEFS = -DPRESETS
MYSRCS = \
bmpbit.c \

1
client/deps/tinycbor/Makefile
View file

@ -1,7 +1,6 @@
MYSRCPATHS =
MYINCLUDES =
# Strange errors on Mingw when compiling with C99
#MYCFLAGS = -std=c99 -D_ISOC99_SOURCE
MYCFLAGS =
MYDEFS =
MYSRCS = \

2
client/deps/zlib.cmake
View file

@ -1,5 +1,3 @@
set_property(SOURCE PROPERTY C_STANDARD 99)
add_library(z STATIC
../../common/zlib/deflate.c
../../common/zlib/adler32.c

390
client/luascripts/mfc_gen3_writer.lua
View file

@ -1,390 +0,0 @@
local utils = require('utils')
local getopt = require('getopt')
local cmds = require('commands')
local read14a = require('read14a')
--
---
-------------------------------
-- Notes
-------------------------------
---
--
--[[
---Suggestions of improvement:
--- Add support another types of dumps: BIN, JSON
--- Maybe it will be not only as `mfc_gen3_writer`, like a universal dump manager.
--- Add undependence from the operation system. At the moment code not working in Linux.
--- Add more chinesse backdoors RAW commands for UID changing (find RAW for the 4 byte familiar chinese card, from native it soft: http://bit.ly/39VIDsU)
--- Hide system messages when you writing a dumps, replace it to some of like [#####----------] 40%
-- iceman notes:
-- doesn't take consideration filepaths for dump files.
-- doesn't allow A keys for authenticating when writing
-- doesn't verify that card is magic gen3.
-- doesn't take several versions of same dump ( -1, -2, -3 ) styles.
--]]
--
---
-------------------------------
-- Script hat
-------------------------------
---
--
copyright = ''
author = 'Winds'
version = 'v1.0.0'
desc = [[
The script gives you a easy way to write your *.eml dumps onto normal MFC and magic Gen3 cards.
Works with both 4 and 7 bytes NXP MIFARE Classic 1K cards.
The script also has the possibility to change UID and permanent lock uid on magic Gen3 cards.
It supports the following functionality.
1. Write it to the same of current card UID.
2. Write it to magic Gen3 card.
3. Change uid to match dump on magic Gen3 card.
4. Permanent lock UID on magic Gen3 card.
5. Erase all data at the card and set the FF FF FF FF FF FF keys, and Access Conditions to 78778800.
Script works in a wizard styled way.
]]
example = [[
1. script run mfc_gen3_writer
]]
usage = [[
Select your *.eml dump from list to write to the card.
]]
--
---
-------------------------------
-- Global variables
-------------------------------
---
--
local DEBUG = false -- the debug flag
local files = {} -- Array for eml files
local b_keys = {} -- Array for B keys
local eml = {} -- Array for data in block 32
local num_dumps = 0 -- num of found eml dump files
local tab = string.rep('-', 64)
local empty = string.rep('0', 32) -- Writing blocks
local default_key = 'FFFFFFFFFFFF' -- Writing blocks
local default_key_type = '01' --KeyA: 00, KeyB: 01
local default_key_blk = 'FFFFFFFFFFFF78778800FFFFFFFFFFFF' -- Writing blocks
local piswords_uid_lock = 'hf 14a raw -s -c -t 2000 90fd111100'
local piswords_uid_change = 'hf 14a raw -s -c -t 2000 90f0cccc10'
local cmd_wrbl = 'hf mf wrbl %d B %s %s' -- Writing blocks
--
---
-------------------------------
-- A debug printout-function
-------------------------------
---
--
local function dbg(args)
if not DEBUG then return end
if type(args) == 'table' then
local i = 1
while args[i] do
dbg(args[i])
i = i+1
end
else
print('###', args)
end
end
--
---
-------------------------------
-- This is only meant to be used when errors occur
-------------------------------
---
--
local function oops(err)
print('ERROR:', err)
core.clearCommandBuffer()
return nil, err
end
--
---
-------------------------------
-- Usage help
-------------------------------
---
--
local function help()
print(copyright)
print(author)
print(version)
print(desc)
print('Example usage')
print(example)
print(usage)
end
--
---
-------------------------------
-- GetUID
-------------------------------
---
--
local function GetUID()
return read14a.read(true, true).uid
end
--
local function dropfield()
read14a.disconnect()
core.clearCommandBuffer()
end
--
---
-------------------------------
-- Wait for tag (MFC)
-------------------------------
---
--
local function wait()
read14a.waitFor14443a()
end
--
---
-------------------------------
-- Return key code 00/01 to string
-------------------------------
---
--
local function KeyAB()
if default_key_type == '00' then
return 'KeyA'
else
return 'KeyB'
end
end
--
---
-------------------------------
-- Check response from Proxmark
-------------------------------
---
--
local function getblockdata(response)
if response.Status == 0 then
return true
else
return false
end
end
--
---
-------------------------------
-- Check 0xFFFFFFFFFFFF key for tag (MFC)
-------------------------------
---
--
local function checkkey()
local status = 0
for i = 1, #eml do
cmd = Command:newNG{cmd = cmds.CMD_HF_MIFARE_READBL, data = ('%02x%02x%s'):format((i-1), default_key_type, default_key)}
if (getblockdata(cmd:sendNG(false)) == true) then
status = status + 1
print(('%s %02s %s %s %s'):format(' ', (i-1), KeyAB(), default_key, 'OK'))
else
break
end
end
if status == #eml then
return true
end
end
--
---
-------------------------------
-- Check Pissword backdor
-------------------------------
---
--
local function checkmagic()
--Have no RAW ISO14443A command in appmain.c
cmd = Command:newNG{cmd = cmds.CMD_HF_ISO14443A_READER, data = piswords_uid_change .. GetUID()} -- sample check to pull the same UID to card and check response
if (getblockdata(cmd:sendNG(false)) == true) then
print('Magic')
else
print('Not magic')
end
end
--
---
-------------------------------
-- Main function
-------------------------------
---
--
local function main(args)
--
---
-------------------------------
-- Arguments for script
-------------------------------
---
--
for o, a in getopt.getopt(args, 'hd') do
if o == 'h' then return help() end
if o == 'd' then DEBUG = true end
end
--
wait()
print(tab)
--
---
-------------------------------
-- Detect 7/4 byte card
-------------------------------
---
--
if string.len(GetUID()) == 14 then
eml_file_uid_start = 18 -- For windows with '---------- ' prefix
eml_file_uid_end = 31
eml_file_lengt = 40
else
eml_file_uid_start = 18 -- For windows with '---------- ' prefix
eml_file_uid_end = 25
eml_file_lengt = 34
end
dropfield()
--
---
-------------------------------
-- List all EML files in /client
-------------------------------
---
--
local dumpEML = 'find "." "*dump.eml"' -- Fixed for windows
local p = assert(io.popen(dumpEML))
for _ in p:lines() do
-- The length of eml file
if string.len(_) == eml_file_lengt then
num_dumps = num_dumps + 1
-- cut UID from eml file
files[num_dumps] = string.sub(_, eml_file_uid_start, eml_file_uid_end) -- cut numeretic UID
print(' '..num_dumps..' | '..files[num_dumps])
end
end
--
p.close()
--
if num_dumps == 0 then return oops("Didn't find any dump files") end
--
print(tab)
print(' Your card has UID '..GetUID())
print('')
print(' Select which dump to write (1 until '..num_dumps..')')
print(tab)
io.write(' --> ')
--
local uid_no = tonumber(io.read())
print(tab)
print(' You have been selected card dump No ' .. uid_no .. ', with UID: ' .. files[uid_no] .. '. Your card UID: ' .. GetUID())
--
--
---
-------------------------------
-- Load eml file
-------------------------------
---
--
local dumpfile = assert(io.open('./hf-mf-' .. files[uid_no] .. '-dump.eml', 'r'))
for _ in dumpfile:lines() do table.insert(eml, _); end
dumpfile.close()
--
---
-------------------------------
-- Extract B key from EML file
-------------------------------
---
--
local b = 0
for i = 1, #eml do
if (i % 4 == 0) then
repeat
b = b + 1
-- Cut key from block
b_keys[b] = string.sub(eml[i], (#eml[i] - 11), #eml[i])
until b % 4 == 0
end
end
print(tab)
dbg(b_keys)
dbg(eml)
--
---
-------------------------------
-- Change UID on certain version of magic Gen3 card.
-------------------------------
---
--
if (utils.confirm(' Change UID ?') == true) then
wait()
core.console(piswords_uid_change .. tostring(eml[1]))
print(tab)
print(' The new card UID : ' .. GetUID())
end
print(tab)
--checkmagic()
--
---
-------------------------------
-- Lock UID
-------------------------------
---
--
if (utils.confirm(' Permanent lock UID ? (card can never change uid again) ') == true) then
wait()
core.console(piswords_uid_lock)
end
--
print(tab)
print(' Going to check the all ' .. KeyAB() .. ' by ' .. default_key)
print(tab)
--
if checkkey() == true then
print(tab)
if (utils.confirm(' Card is Empty. Write selected dump to card ?') == true) then
for i = 1, #eml do
core.console(string.format(cmd_wrbl, (i-1), default_key, eml[i]))
end
end
else
print(tab)
if (utils.confirm(' Delete ALL data and write all keys to 0x' .. default_key .. ' ?') == true) then
wait()
for i = 1, #eml do
if (i % 4 == 0) then
core.console(string.format(cmd_wrbl, (i-1), b_keys[i], default_key_blk))
else
core.console(string.format(cmd_wrbl, (i-1), b_keys[i], empty))
end
end
else
print(tab)
if (utils.confirm(' Write selected dump to card ?') == true) then
print(tab)
wait()
for i = 1, #eml do
core.console(string.format(cmd_wrbl, (i-1), b_keys[i], eml[i]))
end
end
end
end
dropfield()
print(tab)
print('You are welcome')
end
--
---
-------------------------------
-- Start Main function
-------------------------------
---
--
main(args)

67
client/resources/aid_desfire.json
View file

@ -122,17 +122,17 @@ FFFFFF General Issuer Information (FIDs 00: MAD Version; 01: Card Holder; 02: Ca
},
{
"AID": "F518F0",
"Vendor": "TELENOT",
"Vendor": "Telenot Electronic GmbH",
"Country": "DE",
"Name": "TELENOT Tag",
"Name": "Telenot Tag",
"Description": "",
"Type": "alarm system"
},
{
"AID": "F38091",
"Vendor": "MICROTRONIC",
"Vendor": "Microtronic AG",
"Country": "CH",
"Name": "MICROTRONIC Tag",
"Name": "Microtronic Tag",
"Description": "",
"Type": "payment system"
},
@ -256,5 +256,62 @@ FFFFFF General Issuer Information (FIDs 00: MAD Version; 01: Card Holder; 02: Ca
"Name": "BAT",
"Description": "",
"Type": "transport"
},
},
{
"AID": "05845F",
"Vendor": "InterCard GmbH Kartensysteme",
"Country": "DE",
"Name": "InterCard",
"Description": "Campus Card",
"Type": "student"
},
{
"AID": "15845F",
"Vendor": "InterCard GmbH Kartensysteme",
"Country": "DE",
"Name": "InterCard",
"Description": "Campus Card",
"Type": "student"
},
{
"AID": "25845F",
"Vendor": "InterCard GmbH Kartensysteme",
"Country": "DE",
"Name": "InterCard",
"Description": "Campus Card",
"Type": "student"
},
{
"AID": "35845F",
"Vendor": "InterCard GmbH Kartensysteme",
"Country": "DE",
"Name": "InterCard",
"Description": "Campus Card",
"Type": "student"
},
{
"AID": "55845F",
"Vendor": "InterCard GmbH Kartensysteme",
"Country": "DE",
"Name": "InterCard",
"Description": "Campus Card",
"Type": "student"
},
{
"AID": "65845F",
"Vendor": "InterCard GmbH Kartensysteme",
"Country": "DE",
"Name": "InterCard",
"Description": "Campus Card",
"Type": "student"
},
{
"AID": "75845F",
"Vendor": "InterCard GmbH Kartensysteme",
"Country": "DE",
"Name": "InterCard",
"Description": "Campus Card",
"Type": "student"
},
}
]

2
client/src/crypto/libpcrypto.c
View file

@ -10,6 +10,7 @@
//-----------------------------------------------------------------------------
#include "crypto/libpcrypto.h"
#include "crypto/asn1utils.h"
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
@ -23,7 +24,6 @@
#include <mbedtls/ctr_drbg.h>
#include <mbedtls/entropy.h>
#include <mbedtls/error.h>
#include <crypto/asn1utils.h>
#include <util.h>
// NIST Special Publication 800-38A — Recommendation for block cipher modes of operation: methods and techniques, 2001.

4
client/src/proxmark3.c
View file

@ -117,7 +117,7 @@ static const char *prompt_dev = "";
static const char *prompt_ctx = "";
static void prompt_compose(char *buf, size_t buflen, const char *prompt_ctx, const char *prompt_dev) {
snprintf(buf, buflen-1, PROXPROMPT_COMPOSE, prompt_dev, prompt_ctx);
snprintf(buf, buflen - 1, PROXPROMPT_COMPOSE, prompt_dev, prompt_ctx);
}
static int check_comm(void) {
@ -187,8 +187,6 @@ main_loop(char *script_cmds_file, char *script_cmd, bool stayInCommandLoop) {
bool stdinOnPipe = !isatty(STDIN_FILENO);
char script_cmd_buf[256] = {0x00}; // iceman, needs lua script the same file_path_buffer as the rest
PrintAndLogEx(DEBUG, "ISATTY/STDIN_FILENO == %s\n", (stdinOnPipe) ? "true" : "false");
if (session.pm3_present) {
// cache Version information now:
if (execCommand || script_cmds_file || stdinOnPipe)

2
common/mbedtls/Makefile
View file

@ -1,6 +1,6 @@
MYSRCPATHS =
MYINCLUDES = -I. -I..
MYCFLAGS = -std=c99 -D_ISOC99_SOURCE
MYCFLAGS =
MYDEFS =
MYSRCS = \
aes.c \

2
common/zlib/Makefile
View file

@ -1,7 +1,7 @@
MYSRCPATHS = ../../common/zlib
MYSRCS = deflate.c adler32.c trees.c zutil.c inflate.c inffast.c inftrees.c
MYINCLUDES = -I../../common/zlib
MYCFLAGS = -std=c99 -D_ISOC99_SOURCE
MYCFLAGS =
MYDEFS = -DZ_SOLO -DNO_GZIP -DZLIB_PM3_TUNED
#-DDEBUG -Dverbose=1

25
doc/md/Use_of_Proxmark/4_Advanced-compilation-parameters.md
View file

@ -72,21 +72,22 @@ Here are the supported values you can assign to `STANDALONE` in `Makefile.platfo
| STANDALONE | DESCRIPTION |
|-----------------|----------------------------------------|
| | No standalone mode
| LF_SAMYRUN (def)| HID26 read/clone/sim - Samy Kamkar
| LF_ICERUN | standalone mode skeleton - Iceman
| LF_PROXBRUTE | HID ProxII bruteforce - Brad Antoniewicz
| LF_HIDBRUTE | HID corporate 1000 bruteforce - Federico dotta & Maurizio Agazzini
| HF_YOUNG | Mifare sniff/simulation - Craig Young
| HF_MATTYRUN | Mifare sniff/clone - Matías A. Ré Medina
| HF_COLIN | Mifare ultra fast sniff/sim/clone - Colin Brigato
| HF_BOG | 14a sniff with ULC/ULEV1/NTAG auth storing in flashmem - Bogito
| HF_14ASNIFF | 14a sniff storing to flashmem - Micolous
| LF_ICEHID | LF HID collector to flashmem - Iceman
| LF_EM4100EMUL | LF EM4100 simulator standalone mode - temskiy
| LF_SKELETON | standalone mode skeleton - Iceman
| LF_EM4100EMUL | LF EM4100 simulator standalone mode - temskiy
| LF_EM4100RWC | LF EM4100 read/write/clone mode - temskiy
| LF_HIDBRUTE | HID corporate 1000 bruteforce - Federico dotta & Maurizio Agazzini
| LF_ICEHID | LF HID collector to flashmem - Iceman
| LF_PROXBRUTE | HID ProxII bruteforce - Brad Antoniewicz
| LF_SAMYRUN | HID26 read/clone/sim - Samy Kamkar
| HF_14ASNIFF | 14a sniff storing to flashmem - Micolous
| HF_BOG | 14a sniff with ULC/ULEV1/NTAG auth storing in flashmem - Bogito
| HF_COLIN | Mifare ultra fast sniff/sim/clone - Colin Brigato
| HF_LEGIC | HF Legic Prime standalone - uhei
| HF_MATTYRUN | Mifare sniff/clone - Matías A. Ré Medina
| HF_MSDSAL (def)| EMV Read and emulation - Salvador Mendoza
| HF_YOUNG | Mifare sniff/simulation - Craig Young
By default `STANDALONE=LF_SAMYRUN`.
By default `STANDALONE=HF_MSDSAL`.
## Next step

9
tools/mfkey/Makefile
View file

@ -1,7 +1,7 @@
MYSRCPATHS = ../../common ../../common/crapto1
MYSRCS = crypto1.c crapto1.c bucketsort.c
MYINCLUDES = -I../../include -I../../common
MYCFLAGS = -std=c99 -D_ISOC99_SOURCE
MYCFLAGS =
MYDEFS =
BINS = mfkey32 mfkey32v2 mfkey64
@ -9,6 +9,13 @@ INSTALLTOOLS = $(BINS)
include ../../Makefile.host
# checking platform can be done only after Makefile.host
ifneq (,$(findstring MINGW,$(platform)))
# Mingw uses by default Microsoft printf, we want the GNU printf (e.g. for %z)
# and setting _ISOC99_SOURCE sets internally __USE_MINGW_ANSI_STDIO=1
CFLAGS += -D_ISOC99_SOURCE
endif
mfkey32 : $(OBJDIR)/mfkey32.o $(MYOBJS)
mfkey32v2 : $(OBJDIR)/mfkey32v2.o $(MYOBJS)
mfkey64 : $(OBJDIR)/mfkey64.o $(MYOBJS)

9
tools/nonce2key/Makefile
View file

@ -1,7 +1,7 @@
MYSRCPATHS = ../../common ../../common/crapto1
MYSRCS = crypto1.c crapto1.c bucketsort.c
MYINCLUDES = -I../../include -I../../common
MYCFLAGS = -std=c99 -D_ISOC99_SOURCE
MYCFLAGS =
MYDEFS =
BINS = nonce2key
@ -9,4 +9,11 @@ INSTALLTOOLS = $(BINS)
include ../../Makefile.host
# checking platform can be done only after Makefile.host
ifneq (,$(findstring MINGW,$(platform)))
# Mingw uses by default Microsoft printf, we want the GNU printf (e.g. for %z)
# and setting _ISOC99_SOURCE sets internally __USE_MINGW_ANSI_STDIO=1
CFLAGS += -D_ISOC99_SOURCE
endif
nonce2key : $(OBJDIR)/nonce2key.o $(MYOBJS)