New commands since 2.1.0 release.

asper · 2015-06-22 23:27:09

This thread is about new commands (updated/removed/added) since 2.1.0.

Last edited by asper (2015-06-23 17:16:06)

marshmellow · 2015-06-23 04:41:37

the list that was in 2.1.0 release starting with hf mfu commands (mostly remade):

hf mfu dump k <key> l n <filename w/o .bin>       (remade)
  Options :
  k <key> : (optional) key for authentication [UL-C 16bytes, EV1/NTAG 4bytes]
  l       : (optional) swap entered key's endianness
  n <FN > : filename w/o .bin to save the dump as
  p <Pg > : starting Page number to manually set a page to start the dump at
  q <qty> : number of Pages to manually set how many pages to dump

   sample : hf mfu dump
          : hf mfu dump n myfile
          : hf mfu dump k 00112233445566778899AABBCCDDEEFF
          : hf mfu dump k AABBCCDDD

hf mfu rdbl b <block number> k <key> l            (remade)

  Options:
  b <no>  : block to read
  k <key> : (optional) key for authentication [UL-C 16bytes, EV1/NTAG 4bytes]
  l       : (optional) swap entered key's endianness

   sample : hf mfu rdbl b 0
          : hf mfu rdbl b 0 k 00112233445566778899AABBCCDDEEFF
          : hf mfu rdbl b 0 k AABBCCDDD

hf mfu wrbl b <block number> d <data> k <key> l         (remade)

  Options:
  b <no>   : block to write
  d <data> : block data - (8 hex symbols)
  k <key>  : (optional) key for authentication [UL-C 16bytes, EV1/NTAG 4bytes]
  l        : (optional) swap entered key's endianness

    sample : hf mfu wrbl b 0 d 01234567
           : hf mfu wrbl b 0 d 01234567 k AABBCCDDD

proxmark3> hf mfu info h
It gathers information about the tag and tries to detect what kind it is.
Sometimes the tags are locked down, and you may need a key to be able to read the information
The following tags can be identified:

Ultralight, Ultralight-C, Ultralight EV1, NTAG 203, NTAG 210,
NTAG 212, NTAG 213, NTAG 215, NTAG 216, NTAG I2C 1K & 2K
my-d, my-d NFC, my-d move, my-d move NFC

Usage:  hf mfu info k <key> l
  Options :
  k <key> : (optional) key for authentication [UL-C 16bytes, EV1/NTAG 4bytes]
  l       : (optional) swap entered key's endianness

   sample : hf mfu info
          : hf mfu info k 00112233445566778899AABBCCDDEEFF
          : hf mfu info k AABBCCDDD

REMOVED:
hf mfu crdbl
hf mfu cwrbl  (now integrated into wrbl)

t55xx command changes: - did these make it in 2.0?

lf t55xx config [d <demodulation>] [i 1] [o <offset>]
Options:
       h                        This help
       b <8|16|32|40|50|64|100|128>     Set bitrate
       d <FSK|FSK1|FSK1a|FSK2|FSK2a|ASK|PSK1|PSK2|NZ|BI|BIa>  Set demodulation FSK / ASK / PSK / NZ / Biphase / Biphase A
       i [1]                            Invert data signal, defaults to normal
       o [offset]                       Set offset, where data should start decode in bitstream

Examples:
      lf t55xx config d FSK          - FSK demodulation
      lf t55xx config d FSK i 1      - FSK demodulation, inverse data
      lf t55xx config d FSK i 1 o 3  - FSK demodulation, inverse data, offset=3,start from position 3 to decode data

lf t55xx detect    (detect t55xx chip and auto configure)
lf t55xx readblock  REMOVED
lf t55xx writeblock REMOVED
lf t55xx writeblockPWD   REMOVED
lf t55xx readblockPWD   REMOVED
lf t55xx readtrace     REMOVED

Usage:  lf t55xx write <block> <data> [password]
     <block>, block number to write. Between 0-7
     <data>,  4 bytes of data to write (8 hex characters)
     [password], OPTIONAL password 4bytes (8 hex characters)

Examples:
      lf t55xx write 3 11223344           - write 11223344 to block 3
      lf t55xx write 3 11223344 feedbeef  - write 11223344 to block 3 password feedbeef

Usage:  lf t55xx read <block> <password>
     <block>, block number to read. Between 0-7
     <password>, OPTIONAL password (8 hex characters)

Examples:
      lf t55xx read 0           - read data from block 0
      lf t55xx read 0 feedbeef  - read data from block 0 password feedbeef

Usage:  lf t55xx trace [1]
     [graph buffer data], if set, use Graphbuffer otherwise read data from tag

Examples:
      lf t55xx trace
      lf t55xx trace 1

Usage:  lf t55xx info [1]
     [graph buffer data], if set, use Graphbuffer otherwise read data from tag.

Examples:
      lf t55xx info
      lf t55xx info 1

Usage:  lf t55xx dump <password>
     <password>, OPTIONAL password 4bytes (8 hex symbols)

Examples:
      lf t55xx dump
      lf t55xx dump feedbeef

Other changes:

hf search         (searches for known hf tags near antenna and outputs found type)
data psknexwatchdemod   (Demodulate a NexWatch tag (nexkey, quadrakey) (PSK1) from GraphBuffer)
data printdemodbuffer x o <offset>
  Options:
       h          This help
       x          output in hex (omit for binary output)
       o <offset> enter offset in # of bits

hf 14b code

hf 14b demod - REMOVED
hf 14b read - REMOVED
hf 14b simlisten - REMOVED
hf epa preplay <mse> <get> <map> <pka> <ma> Perform PACE protocol by replaying given APDUs  (by Frederik Möllers)

also not sure which of the new lf commands didn't make it into 2.0.0 so see: http://www.proxmark.org/forum/viewtopic.php?id=2260

CODE still unreleased:

data fdxbdemod     (Demodulate a FDX-B ISO11784/85 Biphase tag from GraphBuffer)
hf 14b info          (attempts to read various 14b tags and output type/uid/any other info that can be gathered)
hf 14b reader      (attempts to read various 14b tags and output type/uid)
hf 14b write CHANGED TO hf 14b sriwrite
hf 14b raw (added -s option to send REQB and ATTRIB cmd prior to next raw command)
(hf search now also searches for 14b)

reveng - not yet committed:

reveng -h
CRC RevEng, an arbitrary-precision CRC calculator and algorithm finder
Usage:  reveng  -cdDesvhu? [-bBfFlLMrStVXyz]
                [-a BITS] [-A OBITS] [-i INIT] [-k KPOLY] [-m MODEL]
                [-p POLY] [-P RPOLY] [-q QPOLY] [-w WIDTH] [-x XOROUT]
                [STRING...]
Options:
        -a BITS         bits per character (1 to 32)
        -A OBITS        bits per output character (1 to 32)
        -i INIT         initial register value
        -k KPOLY        generator in Koopman notation (implies WIDTH)
        -m MODEL        preset CRC algorithm
        -p POLY         generator or search range start polynomial
        -P RPOLY        reversed generator polynomial
        -q QPOLY        search range end polynomial
        -w WIDTH        register size, in bits
        -x XOROUT       final register XOR value
Modifier switches:
        -b big-endian CRC               -B big-endian CRC output
        -f read files named in STRINGs  -F find presets less quickly
        -l little-endian CRC            -L little-endian CRC output
        -M non-augmenting algorithm     -r right-justified output
        -S print spaces between chars   -t left-justified output
        -V reverse algorithm only       -X print uppercase hex
        -y low bytes first in files     -z raw binary STRINGs
Mode switches:
        -c calculate CRCs               -d dump algorithm parameters
        -D list preset algorithms       -e echo (and reformat) input
        -s search for algorithm         -v calculate reversed CRCs
        -g search for alg given hex+crc -h | -u | -? show this help
Common Use Examples:
           reveng -g 01020304e3
              Searches for a known/common crc preset that computes the crc
              on the end of the given hex string
           reveng -w 8 -s 01020304e3 010204039d
              Searches for any possible 8 bit width crc calc that computes
              the crc on the end of the given hex string(s)
           reveng -m CRC-8 -c 01020304
              Calculates the crc-8 of the given hex string
           reveng -D
              Outputs a list of all known/common crc models with their
              preset values

Copyright (C) 2010, 2011, 2012, 2013, 2014, 2015  Gregory Cook
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Version 1.3.0                             <http://reveng.sourceforge.net/>

Last edited by marshmellow (2015-06-30 05:41:39)

asper · 2015-06-23 16:32:15

Under windows "data psknexwatchdemod", without a tag on the antenna, makes the client to crash (I cannot test with a tag because I don't have any).

Last edited by asper (2015-06-23 16:34:19)

marshmellow · 2015-06-23 16:59:05

You run it with samples in the graphbuffer.

asper · 2015-06-23 17:08:32

I don't remember... anyway new gui is up and running. A release will follow soon !

EDIT: 2.1.0 released !

Thank you all Iceman, Piwi and Marshmellow !

Last edited by asper (2015-06-23 17:18:31)

asper · 2015-06-23 17:21:10

Piwi, do you plan to add Topaz full support soon to the main trunk ?

piwi · 2015-06-23 17:45:45

I got a bit distracted from the Topaz branch recently (FPGA compression, hf 14b). Let me fix the issue with hf mf mifare and then I will continue on the Topaz branch.

asper · 2015-06-23 17:52:54

Take your time man ! Your contribute is useful wherever it is focused on

marshmellow · 2015-06-23 23:45:59

updated my command list posting...

asper · 2015-06-26 09:31:42

Will hf 14b info be the same as hf 14b reader ?

marshmellow · 2015-06-26 12:54:42

Info will output more details (if we know them)

Proxmark3 community

Announcement

#1 2015-06-22 23:27:09

New commands since 2.1.0 release.

#2 2015-06-23 04:41:37

Re: New commands since 2.1.0 release.

#3 2015-06-23 16:32:15

Re: New commands since 2.1.0 release.

#4 2015-06-23 16:59:05

Re: New commands since 2.1.0 release.

#5 2015-06-23 17:08:32

Re: New commands since 2.1.0 release.

#6 2015-06-23 17:21:10

Re: New commands since 2.1.0 release.

#7 2015-06-23 17:45:45

Re: New commands since 2.1.0 release.

#8 2015-06-23 17:52:54

Re: New commands since 2.1.0 release.

#9 2015-06-23 23:45:59

Re: New commands since 2.1.0 release.

#10 2015-06-26 09:31:42

Re: New commands since 2.1.0 release.

#11 2015-06-26 12:54:42

Re: New commands since 2.1.0 release.

Board footer