Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Pages: 1
Committed as SVN845:
long awaited fix for Snoop/Sniff
enhanced tracing: hf 14a list now shows meaningful timing information. With new option f it also shows the frame delay times (fdt)
small fix for hf 14b list - it used to run into the trace trailer
hf 14a sim now obeys iso14443 timing (fdt of 1172 or 1234 resp.). hf mf sim however is too slow to achieve this
Details:
Problem with Snoop/Sniff was the Manchester Decoder which could no longer sync on external reader's clock. My fault introduced in SVN839.
I made use of GetCountSspClk() (former GetCountMifare()) to measure sending and receiving times. Together with the known length of received and sended frames plus the known delays in the FPGA we can determine the times "on air" and trace them. Works with snoop, sim, read, ... hf mf sniff being an exception because it uses the trace buffer for interpreted data. There's a downside as well. Tracing the end of each transmission costs space in the trace buffer.
Reactivated the use of fdt_signal (in FPGA). It signals when it is time to send a tag response from ARM to FPGA. Previously we had a for-loop sending 10 "0"s before the actual response. Very simple to achieve a minimum fdt but consequentially ignored the feature of the FPGA to exactly delay "early" data until fdt is reached.
A specific problem was this variable delay queue in the FPGA for measuring times. I therefore had to change the FPGA to report the current length of the queue when sending data.
Changed the FPGA to sync on the reader's clock when emulating a tag. Previously the end of last reader's modulation was sampled in 16ticks increments - consequentially the simulated tag's response couldn't comply to the correct fdt. Same was true for the phase of the subcarrier.
Offline
Thank you very much ! Looking at the modified sources... you spent lot of time over this patch !! Added compiled windows and android r845 !!
Piwi is it possible to contact you by email or other "media" ?
Last edited by asper (2014-02-20 13:05:50)
Offline
Piwi is it possible to contact you by email or other "media" ?
I am a little bit reluctant to post my email address here. If you can sign in on proxmark google code, you can look it up in the list of project members.
Offline
Does hf mf sniff d command (were decrypt some sequence in log) were completely removed, it were at leat in svn809
Offline
Does hf mf sniff d command (were decrypt some sequence in log) were completely removed, it were at leat in svn809
Why do you think that it has been removed?
Nevertheless: try r846 with more reliable sniff.
Offline
hi, i upgraded to r845 and i have 'Can't select card' / 'Card selec failed' message on hf 14a read, hf mf mifare and hf mf neasted. i have a correct voltage and the card is mifare classic 1k. Am i doing somthing wrong ? advice to go through is welcome! thanks.
Offline
To be sure: what is the distance between card and antenna?
The card cannot be powered by the field if it is placed directly on top of the antenna.
Offline
yes i placed the card over antenna directly in contact. i understand it s wrong, witch space is required to obtain working conditions ? thanks
Offline
Sometimes it works just over the antenna but 0,5/1 cm are usually enough to have a good working distance anyway it depends on antennas, try to put different space "quantity" between tag and antenna and test pm3 functionality until you find the best one.
Offline
hi, i upgraded to r845 and i have 'Can't select card' / 'Card selec failed' message on hf 14a read, hf mf mifare and hf mf neasted. i have a correct voltage and the card is mifare classic 1k. Am i doing somthing wrong ? advice to go through is welcome! thanks.
on svn 807 were command hf mf sniff d which were decrpty 1st part of sniffed sequence example log:
received trace len: 820 packages: 70
tag select uid:00 00 00 5d f0 fa 96 atqa:04 00 sak:0x08
RDR(1):61 3f 59 ab
TAG(2):59 12 16 e4
RDR(3):66 4a 62 24 ee 53 f5 9f
TAG(4):ca 88 ef 95
key> ffffffffffff
Could not append log file RDR(5):56 54 58 44
dec> 30 3f 76 61
Could not append log file TAG(6):3b 2e 2d 19 0b 74 85 bb 79 f9 4f 0b 99 01 3f 05 9d 5b
dec> 00 00 00 00 00 00 ff 07 80 69 ff ff ff ff ff ff d4 55
Could not append log file RDR(7):90 3e 62 fa
dec> 30 3e ff 70
Could not append log file TAG(8):fa f8 da ea 35 dd 94 d2 c3 44 c6 a0 92 a8 c4 62 c7 22
dec> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 37 49
Could not append log file RDR(9):29 45 7f f2
dec> 30 3d 64 42
Could not append log file TAG(10):c0 0f 5a b7 bf 03 05 35 cf 16 19 82 da 7f c4 14 d8 04
dec> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 37 49
Could not append log file RDR(11):ed 72 4f a6
dec> 30 3c ed 53
Could not append log file TAG(12):d6 0a 36 44 e6 1c 40 00 31 f3 a8 f5 ee 23 b8 7c 66 d5
dec> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 37 49
Could not append log file RDR(13):d8 7e 67 16
dec> 61 3b 7d ed
Could not append log file TAG(14):8d b0 1e 20
RDR(15):ab 2f 63 be 9d e3 27 d4
TAG(16):49 c5 0b 9e
key> 7e4c9fa7e7d6
Could not append log file RDR(17):ea 0f 5e 70
but in svn 845 it not works
Offline
I cannot confirm your issue. Tried today and the result looks exactly like in previous versions including the logfile error :-(
proxmark3> hf mf sniff d
-------------------------------------------------------------------------
Executing command.
Press the key on the proxmark3 device to abort both proxmark3 and client.
Press the key on pc keyboard to abort the client.
-------------------------------------------------------------------------
........>
received trace len: 855 packages: 2
tag select uid:00 00 00 db 9a 17 ef atqa:04 00 sak:0x08
RDR(1):e0 81 b8 62
TAG(2):04
tag select uid:00 00 00 db 9a 17 ef atqa:04 00 sak:0x08
RDR(4):60 00 f5 7b
TAG(5):72 99 cb 50
RDR(6):91 77 f7 6d 93 6a ee d7
TAG(7):78 67 20 08
key> a0a1a2a3a4a5
Could not append log file RDR(8):86 e5 19 b0
dec> 30 00 02 a8
Could not append log file TAG(9):32 f7 a9 26 fb b3 06 a6 77 b3 52 91 4c 98 0a 51 4f 60
dec> db 9a 17 ef b9 88 04 00 46 b9 94 d4 45 60 34 09 f7 13
Could not append log file RDR(10):c7 f1 2a 58
dec> 30 01 8b b9
Could not append log file TAG(11):fe 85 51 57 ec 8e 89 1c 72 9d 90 92 bf 68 26 b0 a4 8c
dec> e1 00 40 38 40 38 00 00 00 00 00 00 00 00 00 00 43 c7
Could not append log file RDR(12):31 60 7b 21
dec> 30 02 10 8b
Could not append log file TAG(13):66 01 26 a7 e3 21 fd fb 2c 59 c1 c7 63 c6 37 aa d8 c4
dec> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 37 49
Could not append log file RDR(14):ce e5 25 5b
dec> 30 03 99 9a
Could not append log file TAG(15):a5 f4 da 7a 1c 00 db 7f 5a cd 11 e5 40 66 ae 9b 33 25
dec> 00 00 00 00 00 00 78 77 88 c1 00 00 00 00 00 00 3e 30
Could not append log file tag select uid:00 00 00 db 9a 17 ef atqa:04 00 sak:0x08
RDR(17):60 05 58 2c
TAG(18):df ab 0d 19
RDR(19):c6 c6 77 ca 8f 40 46 cc
tag select uid:00 00 00 db 9a 17 ef atqa:04 00 sak:0x08
RDR(21):50 00 57 cd
tag select uid:00 00 00 db 9a 17 ef atqa:04 00 sak:0x08
RDR(23):50 00 57 cd
tag select uid:00 00 00 db 9a 17 ef atqa:04 00 sak:0x08
RDR(25):50 00 57 cd
...#db# cancelled by button
#db# COMMAND FINISHED
#db# maxDataLen=2, Uart.state=0, Uart.len=0 proxmark3>However, this is with r847. Please update to latest version and try again. If the problem still persists please send the output of hw ver.
Offline
Sometimes it works just over the antenna but 0,5/1 cm are usually enough to have a good working distance anyway it depends on antennas, try to put different space "quantity" between tag and antenna and test pm3 functionality until you find the best one.
=> you were right! with a space between 0.5 - 1 cm it s working like a charm. thanks.
Offline
Pages: 1