Skip to content

Commit

Permalink
RFID NFC - Mifare Pages
Browse files Browse the repository at this point in the history
  • Loading branch information
swisskyrepo committed Jul 31, 2024
1 parent 026c16d commit 76ef765
Show file tree
Hide file tree
Showing 14 changed files with 739 additions and 522 deletions.
4 changes: 3 additions & 1 deletion docs/gadgets/flipper-zero.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
7. On the Flipper Zero, once booted, press down, and left until you are on the 'Browser' screen. Scroll down until you see the 'update' directory and click on it.
8. You should now see the contents you uploaded and an 'update' option. Hover over the 'update' option, click the center button on your Flipper, once again on the 'Run in App' option.


### Firmware Update - WebUpdater

* [DarkFlippers/unleashed-firmware - Web Update](https://lab.flipper.net/?url=https://unleashedflip.com/fw_extra_apps/flipper-z-f7-update-unlshd-038e.tgz&channel=release-cfw&version=unlshd-038e)
Expand All @@ -39,6 +40,7 @@
* [Flipper Zero: is this for you? Follow our 1st tests! - Penthertz](https://www.youtube.com/watch?v=W5YYObSBUno)
* [Flipper Zero: french collection video on the Flipper Zero, tutorial and explain](https://www.youtube.com/playlist?list=PLq_UnUtYZ15eoAiElH4T2XEB29iwZSi5a)


## Tutorials and Resources

* [Flipper Zero Hacking 101 - pingywon](https://flipper.pingywon.com/flipper/)
Expand All @@ -47,8 +49,8 @@
* [Unleashed Firmware - Update firmware](https://github.com/DarkFlippers/unleashed-firmware/blob/dev/documentation/HowToInstall.md)



## References

* [The Ultimate Guide / CheatSheet to Flipper Zero - Ilias Mavropoulos - 17/01/2024](https://infosecwriteups.com/the-ultimate-guide-cheatsheet-to-flipper-zero-d4c42d79d32c)
* [djsime1/Awesome FlipperZero - 🐬 A collection of awesome resources for the Flipper Zero device](https://github.com/djsime1/awesome-flipperzero)
* [Reading NFC cards - Flipper Docs](https://docs.flipper.net/nfc/read)
46 changes: 46 additions & 0 deletions docs/gadgets/icopy-x.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
# iCopy-X

iCopy-X is a "super" automated handheld RFID copier based on Proxmark3. iCopy-X can read, crack, duplicate, sniff and simulate without the use of a PC.

* [iCopy-X-Community](https://github.com/iCopy-X-Community)
* [iCopy-X-Community/icopyx-upstream](https://github.com/iCopy-X-Community/icopyx-upstream) - Collecting elements provided by the manufacturer
* [iCopy-X-Community/icopyx-community-pm3](https://github.com/iCopy-X-Community/icopyx-community-pm3) - Scrap repo for various tests
* [iCopy-X-Community/icopyx-teardown](https://github.com/iCopy-X-Community/icopyx-teardown)


## Update

Latest firmware: `1.0.90 2022-08-16`

* [icopy-x.com/otasys](https://icopy-x.com/otasys/index.php)


**Step 1**: Enter the device S/N (found under the “About” menu) on the website and download the upgrade package to your PC.

**Step 2**: Connect the iCopy-X to your computer using the supplied USB TYPE C cable and delete any files that end in “.ipk” from the root directory.

**Step 3**: Copy the newly downloaded upgrade package to the root directory.

**Step 4**: Press "Ok" on the second page of the "About" menu on the iCopy-X to start the automatic upgrade.

**TIP**: Ensure that the serial number has been entered correctly before starting as this could cause the upgrade to fail.


## PC Mode

In PC-Mode, after connecting to the computer, open the client in the built-in U disk, you can directly use the Proxmark3 universal CMD to operate.

```ps1
COM Port (Check Device Manager, numbers only): 4
[=] Session log E:/CLIENT_X86/.proxmark3/logs/log_20240730.txt
[+] loaded from JSON file E:/CLIENT_X86/.proxmark3/preferences.json
[=] Using UART port /com4
[=] Communicating with PM3 over USB-CDC
[usb] pm3 -->
```


## References

* [iCopy-X - Kickstarter - iCopy-X: Handheld Smart RFID Multi-Tool - Nikola T. Lab](https://www.kickstarter.com/projects/nikola-lab/icopy-x-0)
* [icopy-x Official Website](https://icopy-x.com/)
3 changes: 2 additions & 1 deletion docs/gadgets/raspberry-pi.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,4 +12,5 @@

## References

* [Raspberry Pi As Poor Man’s Hardware Hacking Tool - Arun-Magesh - December 14, 2018](https://payatu.com/using-rasberrypi-as-poor-mans-hardware-hacking-tool)
* [Raspberry Pi As Poor Man’s Hardware Hacking Tool - Arun-Magesh - December 14, 2018](https://payatu.com/using-rasberrypi-as-poor-mans-hardware-hacking-tool)
* [Hardware Hacking with a Raspberry Pi - Configuring the PiFex - voidstarsec - JULY 2024](https://voidstarsec.com/blog/pifex-config)
73 changes: 73 additions & 0 deletions docs/protocols/can.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
# CAN Bus

The Controller Area Network (CAN) bus is a high-integrity serial communication protocol designed for real-time data exchange in embedded systems, particularly in automotive and industrial applications. It operates on a multi-master, message-oriented architecture, allowing multiple devices (nodes) to communicate on the same network without a central controller.


## Interact

```ps1
pip install python-can
pip install python-can-utils
```

```py
import can
bus = can.Bus()
while True:
msg = can.Message(3, data=[0 for _ in range(8)])
bus.send(msg)
```

* [Tbruno25/can-explorer](https://github.com/Tbruno25/can-explorer) - Visualize CAN Bus messages in real time


## UDS

> Unified Diagnostic Services (UDS) is a communication protocol used in automotive Electronic Control Units (ECUs) to enable diagnostics, firmware updates, routine testing and more.
### Implementation

* [pylessard/python-udsoncan](https://github.com/pylessard/python-udsoncan) - Python implementation of UDS (ISO-14229) standard.
* [driftregion/iso14229](https://github.com/driftregion/iso14229) - C implementation of ISO 14229 (UDS) server and client for embedded systems


### SID

| UDS SID (Request) | UDS SID (Response) | UDS Service | Details |
| ----------------- | --------------------- | ------------- | ------- |
| 0x10 | 0x50 | Diagnostic session control | Control which UDS services are available. |
| 0x11 | 0x51 | ECU Reset | It resets the ECU (includes hard reset, key off and soft reset) |
| 0x27 | 0x67 | Security access | It enables use of security critical services via authentication. |
| 0x28 | 0x68 | Communication control | This field turns send/receive of messages ON or OFF in the ECU. |
| 0x29 | 0x69 | Aunthentication | Enables more advanced authentication vs. 0x27 (PKI based exchange). |
| 0x3E | 0x7E | Tester present | Send a heartbeat message periodically to remain in existing session . |
| 0x83 | 0xC3 | Access timing parameters | View/Modify timing parameters used in client/server communication. |
| 0x84 | 0xC4 | Secured Data Transmission | Send encrypted data via ISO 15764 (extended data link security) |
| 0x85 | 0xC5 | Control DTC Settings | Enable/Disable detection of errors (e.g. used during diagnostics) |
| 0x86 | 0xC6 | Response On Event | Request that ECU processes a service request if an event happens |
| 0x87 | 0xC7 | Link Control | Set the baud rate for diagnostic access |
| 0x22 | 0x62 | Read Data by Identifier | Read data from targetted ECU - e.g. VIN, sensor data etc. |
| 0x23 | 0x63 | Read Data by Address | Read data from physical memory (e.g. to understand software behaviour) |
| 0x24 | 0x64 | Read Scaling Data By Identifier | Read information about how to scale data identifiers |
| 0x2A | 0x6A | Read Data by Identifier Periodic | Request ECU to broadcast sensor data at slow/medium/fast/stop rate |
| 0x2C | 0x6C | Dynamically Define Data Identifier | Define data parameter for use in 0x22 or 0x2A dynamically |
| 0x2E | 0x6E | Write Data By Identifier | Program specific variables determined by data parameters |
| 0x3D | 0x7D | Write Memory By address | Write information to the ECU's memory |
| 0x14 | 0x54 | Clear Diagnostic Information | Delete stored DTCs |
| 0x19 | 0x59 | Read DTC Information | Read stored DTCs as well as related information |
| 0x2F | 0x6F | Input Output Control By Identifier | Gain control over ECU analog/digital inputs/outputs |
| 0x31 | 0x71 | Routine Control | Initiate/stop routines (e.g. self testing, erasing of flash memory) |
| 0x34 | 0x74 | Request Download | Start request to add software/data to ECU (including location/size) |
| 0x35 | 0x75 | Request Upload | Start request to read software/data from ECU (including location/size) |
| 0x36 | 0x76 | Transfer Data | Perform actual transfer of data following use of 0x74/0x75 |
| 0x37 | 0x77 | Request Transfer Exit | Stop the transfer of data |
| 0x38 | 0x78 | Request File Transfer | Perform a file download/upload to/from the ECU |
| 0x7F | Negative Response | Send with a negative response code when a request can not be handled. |


## References

* [Awesome CAN bus tools, hardware and resources - iDoka](https://github.com/iDoka/awesome-canbus)
* [UDS SID Table | UDS SID Request And Response - rfwireless-world](https://www.rfwireless-world.com/Terminology/UDS-SID-Table.html)
* [UDS Explained - A Simple Intro (Unified Diagnostic Services) - csselectronics](https://www.csselectronics.com/pages/uds-protocol-tutorial-unified-diagnostic-services)
* [Unified Diagnostic Services (UDS) Explained - A Simple Intro [2022] - csselectronics](https://youtu.be/CV_B8tJgI5E)
Loading

0 comments on commit 76ef765

Please sign in to comment.