Proxmark developers community

Research, development and trades concerning the powerful Proxmark3 device!

You are not logged in.

#1 Re: MIFARE Classic » Issues with obtaining all keys » Today 10:58:59

So the only remaining way is to snoop a transaction with the real reader.

#2 Re: MIFARE Classic » Issues with obtaining all keys » Today 10:52:43

It is all 00. Did you tested it ?

#3 Re: MIFARE Classic » Issues with obtaining all keys » Today 09:17:25

In the above table you have all 16 sector keys, what key are you looking for?

#4 Re: Website Feedback » Enable/Configure HTTPS for proxmark.org » 2015-02-26 10:26:05

I agree with marshmellow.

The post in the news and announcement section is not "answerable" so I write there: I would like to choose a forum Platform which is secure; for what I read phpBB3 is secure, any other suggestion about the Platform ?

#6 Re: Questions and Requests » Windows Client COM31 » 2015-02-22 00:06:48

You can change the number of the com port settings under windows device manager. Replace any existing port before 31 even if already in use.

#7 Re: MIFARE Classic » mifare reverse engenering??? » 2015-02-20 17:21:44

Those cards are mifare clones.
There is a more than clear relation between the above exposed data.
Those cards are used in payment systems so I hope you will not get any help (I politely ask everybody to stop helping people looking for stored cash alogs).

#9 Re: MIFARE Classic » Darkside attack not working ?? » 2015-02-16 20:45:24

Can you tell us where do you get that card ?

#10 Re: MIFARE Classic » Darkside attack not working ?? » 2015-02-15 22:14:57

A magic card with 7bytes uid? Can you tell where you bought it?

#11 Re: MIFARE Classic » Mifare Dump - need help to interpret » 2015-02-15 17:44:29

Maybe the vending machne and the cash/recharger are connected together and they store the value using the card UID; you can try to clone another card with a rewritable UID chinese mifare card and see if the credit is maintained (in official mifare cards you cannot change the UID, you need a special chinese card).

#12 Re: MIFARE Classic » Mifare Dump - need help to interpret » 2015-02-15 16:26:39

If the dumps are identical there must be something stored somewhere else. Please show sector1 data and 2 blocks with 2 different stored values acquired in different times and let see if there are really no differences.

#13 Re: 125 kHz - ISO 11784 / 11785 » new lf commands summary » 2015-02-14 21:42:13

Thank you man ! The GUI is getting always better wink

#14 Re: Questions and Requests » ISO 15693 - Help, with some identification values » 2015-02-14 21:28:57

EM seems not to have a spacific way to "name" his ICs... it seems to be a random naming/numbering system (I tryed to check date-time ralation, release year relation, but I was out of luck..)

#15 Re: Questions and Requests » ISO 15693 - Help, with some identification values » 2015-02-14 15:35:19

They will probably use also bit47 (not confirmed, no offical doc available).

#16 Re: Questions and Requests » ISO 15693 - Help, with some identification values » 2015-02-14 14:17:36

E0 16 .. .. . .
16 = Manufacturer Code (EM Microelectronic)
IC id is represented by bits from 42 to 46 (starting from bit0)

EXAMPLE: UID = E0162466061C4E6C -> 11100000 00010110 0[01001]00 01100110 00000110 00011100 01001110 01101100

IC id is between [].

You can remove 1 of the 2 "EM4233 [IC id = 09]"


I agree with a new ISO15693 section.

#17 Re: 125 kHz - ISO 11784 / 11785 » Hacking on Farpointe/Pyramid 26 bit, need encoding help » 2015-02-14 00:08:04

I noticed that values 00, 03, 06, 09 and 0C are missing... this can be only a coincidence... but this can also be a starting point.

#18 Re: 125 kHz - ISO 11784 / 11785 » new lf commands summary » 2015-02-14 00:03:07

As you whish. I will try to stay up to date wink

#19 Re: 125 kHz - ISO 11784 / 11785 » new lf commands summary » 2015-02-12 19:14:16

Ok man, thank you ! As soon as I gat back to my pc I will update them ! It is quite difficult to stay up to date to commands I am not developing tongue

#20 Re: Various off-topic communication » Cheap casing for the Proxmark3 » 2015-02-12 09:34:25

Not as good as a "professional" one but it can do the job! Thank you for sharing.

#21 Re: Questions and Requests » Help Cloning Paradox 125khz Cards » 2015-02-12 09:28:44

I put the paradox demod under LF -> TAGs (I would like to separate specific cards/tags commands form generic commands and in the GUI I can do that wink ).
Anyway the command is "lf data fskparadoxdemod" (it can be not working in the 0.0.7, maybe I forgot to add "data" between lf and fskparadoxdemod).

I hope to get some time tomorrow to go through the settings.xml file to see what other errors exist

Great ! Please use this file to test, it is my latest with new lf and hf additions (this file is not fully compatible with 0.0.7 because some stuff was not yet implemented in that version). It only misses the very latest lf modifications (I updated it almost 2-3 days ago).

#23 Re: Questions and Requests » Skidata tickets (iso 15693) » 2015-02-11 13:28:55

Thanks for pointing that out, someone should fix it; E01624xxxxxxx correspond to an EM4233 (not EM4233SLIC, they are different).

#24 Re: Calypso » Calyso card » 2015-02-09 15:05:16

Atttif wrote:

You could try to use the iclass snoop function in the recent proxmark firmware.
It uses the same modulation and encoding, although the protocol/crc is different, in principle it should be possible to capture (raw) frames.You could try to use the iclass snoop function in the recent proxmark firmware.
It uses the same modulation and encoding, although the protocol/crc is different, in principle it should be possible to capture (raw) frames.


iclass snoop can be used to snoop ISO15693 protocol, not ISO14443AorB; to snoop ISO14443AorB there is a specific command.

If the protocol is ISO14443B' (as Calypso can be B') no snooping method will be correct because ISO14443B' is not a free-documented protocol (no datasheets available until now).

#25 Re: Felica » TOPAZ » 2015-02-08 10:10:20

thefkboss wrote:

Ntag125 is similar to mifare ultralight ev1 ???
Is password protected?

Password can be used. Similar tags. EV1 has a bit more commands.

Board footer

Powered by FluxBB