-
Notifications
You must be signed in to change notification settings - Fork 159
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add mode fuzzing for MF1 emulation #193
base: main
Are you sure you want to change the base?
Conversation
You are welcome to add an entry to the CHANGELOG.md as well |
Built artifacts for commit 6a03449FirmwareClient |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's a great PR! I have a couple of improvements to suggest.
Also, a nice addition would be to (optionally) log the commands and answers. WDYT?
Thanks Co-authored-by: Pierre <[email protected]>
Co-authored-by: Pierre <[email protected]>
Thanks for the suggestions @p-l- |
Co-authored-by: Pierre <[email protected]>
Hi, For me this PR is ready to be merged. Or if you think it is not relevant I am OK to close it as well. Just let me know. |
This PR aims to provide a new mode called fuzzing. When in fuzzing mode, the slot generate a new (random)
content each time it is read. This allows to fuzz a reader for which the keys are known but required UID/bitfield values are not.
For example, we read twice the same slot on the ChameleonUltra, configured in fuzzing mode:
And we obtain different data:
It is a per-slot setting, configurable through the CLI:
It is also possible to specify keys to use for fuzzing mode for each sector:
Note that the current implementation does not randomize keys and access mode when generating new data.
Any feedback on the idea and/or on the implementation (client or firmware side) is welcome.