fishd72

#!/bin/bash

cd /usr/local/src/pwnagotchi

sudo git pull

sudo mkdir /usr/local/lib/python3.7/dist-packages/pwnagotchi/ui/hw/libs/waveshare/v3/
sudo cp /usr/local/src/pwnagotchi/pwnagotchi/ui/display.py /usr/local/lib/python3.7/dist-packages/pwnagotchi/ui/
sudo cp /usr/local/src/pwnagotchi/pwnagotchi/ui/hw/__init__.py /usr/local/lib/python3.7/dist-packages/pwnagotchi/ui/hw/
sudo cp /usr/local/src/pwnagotchi/pwnagotchi/ui/hw/libs/waveshare/v3/epd2in13_V3.py /usr/local/lib/python3.7/dist-packages/pwnagotchi/ui/hw/libs/waveshare/v3/

equipter

Mifare Classic - SAK Swapping Explained

What is SAK Swapping

Behaviour has been observered where some system using Mifare Classic credentials will identify with one SAK (0x08/18) on a basic search (Wake up) but when the block 0 is dumped, the SAK appears to be different (0x88/0x98)

This is because the SAK reported on a Wake up is not coming from Block 0 but is instead burned into the card, The SAK in Block 0 is merely a Vanity SAK.

If the dump is loaded onto a Magic Mifare Classic that Mirrors the vanity SAK as the actual SAK on Wake up it will tell the system that the credential is a duplicate & to deny access.

rscs

A list of rewritable RFID blanks that are compatible with Flipper Zero.

X indicates a particular protocol is writable.

? indicates it is unknown if a particular protocol is writable.

Brand	Type	Chip	EM4100	H10301	Indala26	IoProxXSF	AWID	FDX-A	FDX-B	HIDProx	HIDExt	Pyramid	Viking	Jablotron	Paradox	PAC/Stanley	Keri	Gallagher
ETEKJOY	Fob	EM4305	X		X	X							X	X			X

natmchugh

How to copy, read and write Paxton fobs and cards with an RFIDler

A newer version of this info is available at https://badcfe.org/how-to-paxton-with-rfidler/

Paxton fobs and readers are popular in the UK especially the Net2 system where the fobs look like this with a blue ring:

Paxton readers often look like this:

sidprice

Usage: D:\DataRoot\Projects\blackmagic\src\blackmagic.exe [options]
	-h, --help		This help
	-l, --list		List available supported probes
	-v, --verbosity	<bitmask> Set the output verbosity, some combination of:
						1 = INFO, 2 = GDB, 4 = TARGET, 8 = PROBE, 16 = WIRE
						
	Probe selection options (if used choose one):
	-d, -device		<path> Use a serial device at the given path (Deprecated!)
	-P, probe		<number> Use the <number>th debug probe found while scanning the
                        system, see the output from list for the order

jinschoi

#!/usr/bin/env python

# Find the raw bitstring from a captured Flipper RAW .sub file.
# Must provide the bitlength in ms, and the allowable error which can be tolerated.

import re
import sys
import math

filename = sys.argv[1]

jinschoi

#!/usr/bin/env python3

from typing import Iterable, Union, Any

# freq: frequency in Hz
# zerolen: length of space bit in μs
# onelen: length of mark bit in μs
# repeats: number of times to repeat sequence
# pause: time to wait in μs between sequences
# bits: string of ones and zeros to represent sequence

jamchamb

#!/usr/bin/python3
import argparse
import hexdump
import struct
import time
from greatfet import GreatFET


def reset(gf, reset_pin):
    """Pulse the reset pin low"""

petewill

/*
  //  This program is free software; you can redistribute it and/or
  //  modify it under the terms of the GNU General Public License
  //  version 2 as published by the Free Software Foundation.
  //
  //  DESCRIPTION
  //  This sketch provides a way to control blinds from www.blinds.com using a 433MHz RF
  //  signal. The motors in the blinds are Dooya DV24CE motors.
  //  See https://forum.mysensors.org/topic/7/controlling-blinds-com-rf-dooya-motors-with-arduino-and-vera
  //  for more info.

darconeous

Tesla Key Card Protocol

Researched by Robert Quattlebaum [email protected].

Last updated 2020-02-03.