New Tag

Go_tus · 2015-07-09 16:18:22

[== Undefined ==]
proxmark3> lf search u
Reading 30000 bytes from device memory
          
Data fetched          
WARNING: Command buffer about to overwrite command! This needs to be fixed!          
Samples @ 8 bits/smpl, decimation 1:1           
NOTE: some demods output possible binary
  if it finds something that looks like a tag          
False Positives ARE possible
          

Checking for known tags:
          

No Known Tags Found!
          

Checking for Unknown tags:
          
Possible Auto Correlation of 1 repeating samples          
no data found, clk: 16, invert: 0, numbits: 1, errCnt: 0          

No Data Found!
          
proxmark3> lf read
#db# Sampling config:                  
#db#   [q] divisor:           95                  
#db#   [b] bps:               8                  
#db#   [d] decimation:        1                  
#db#   [a] averaging:         1                  
#db#   [t] trigger threshold: 0                  
#db# Done, saved 40000 out of 40000 seen samples at 8 bits/sample                 
#db# buffer samples: 72 73 72 74 73 74 73 73 ...                 
proxmark3> data plot
proxmark3> data samples 40000
Reading 39999 bytes from device memory
          
Data fetched          
Samples @ 8 bits/smpl, decimation 1:1           
proxmark3> 
Using Clock:16, invert:0, Bits Found:149          
PSK1 demoded bitstream:          
1111111111111111
1111111111111111
1111111111111111
1111111111101010
1010101010101010
1010101010101010
1010101010101010
1010101010101010
1010101010101010
10101          
proxmark3> data rawdemod p2

Using Clock:16, invert:0, Bits Found:149          
PSK2 demoded bitstream:          
1000000000000000
0000000000000000
0000000000000000
0000000000011111
1111111111111111
1111111111111111
1111111111111111
1111111111111111
1111111111111111
11111

1436455025_screen_shot_2015-07-10_at_12.28.27_am.png

Please guide me how to investigate this tag

Last edited by Go_tus (2015-07-09 16:22:48)

marshmellow · 2015-07-09 16:31:38

are you sure it is LF since your trace is just noise - no tag

iceman · 2015-07-09 20:38:10

i agree with @marshmellow, that looks like noice

Go_tus · 2015-07-10 10:32:15

Its a t55xx tag, I try hf 14a read and other hf command no respond. I think its a tricky one, although the company said they using 13.4 Mhz, but I think it's not.

marshmellow · 2015-07-10 12:43:00

Use hw tune with and without the tag on the antennas. Which antenna does the tag suck power from?

Last edited by marshmellow (2015-07-10 15:00:29)

ntk · 2015-07-10 14:59:57

one of those?

AVID Standard chips (9 digit format such as XXX*XXX*XXX) are not ISO compatible, due to their encryption (they were produced early on).

AVID Euro Chips are in fact ISO compatible and will work in various countries and are 10-digit chips.

Last edited by ntk (2015-07-10 19:16:16)

Go_tus · 2015-07-10 19:56:00

hi everyone, I tried hw tune command. these are the result, first one is LF then HF antenna.

[== Undefined ==]

Measuring antenna characteristics, please wait........          
# LF antenna: 17.88 V @   125.00 kHz          
# LF antenna: 13.61 V @   134.00 kHz          
# LF optimal: 21.59 V @   129.03 kHz          
# HF antenna:  0.25 V @    13.56 MHz          
# Your HF antenna is unusable.          
Displaying LF tuning graph. Divisor 89 is 134khz, 95 is 125khz.

1436554270_screen_shot_2015-07-11_at_4.03.04_am.png

[== Undefined ==]
proxmark3> data buffclear
#db# Buffer cleared (40000 bytes)                 
proxmark3> hw tune

Measuring antenna characteristics, please wait........          
# LF antenna:  0.00 V @   125.00 kHz          
# LF antenna:  0.00 V @   134.00 kHz          
# LF optimal:  0.00 V @ 12000.00 kHz          
# HF antenna:  3.69 V @    13.56 MHz          
# Your LF antenna is unusable.          
# Your HF antenna is marginal.          
proxmark3>

1436554441_screen_shot_2015-07-11_at_4.06.44_am.png

marshmellow · 2015-07-10 21:51:11

you need to compare the results of the tune with no tag vs with tag.

marshmellow · 2015-07-10 21:52:12

but either your HF antenna is bad or there is a HF tag on it. try hf search

Last edited by marshmellow (2015-07-10 21:52:24)

Go_tus · 2015-07-11 16:05:52

I try the hf search nothing happen

iceman · 2015-07-11 16:08:13

if its a t55xx tag, then "Hf search" will do nothing.

However, if it is T55XX tag, then the picture above looks like it is password protected. I've gotten the same noice from t55xx tags in password mode.

Have you programmed it yourself?

Go_tus · 2015-07-11 16:29:34

This Tag is original Sielox tag it's can be emulate using T55xx, how to repair an antenna
I tried with another antenna, better result but still unknown

the tag data
https://www.sendspace.com/file/nwau8v
hacking for fun

marshmellow · 2015-07-11 19:39:19

Again. Your trace is noise, not a response from a tag. Remove the tag and do a read, you will get the same trace.

marshmellow wrote:

you need to compare the results of the tune with no tag vs with tag.

I think you have a hf tag.
And if it is a sielox tag then I know you have a hf tag. Just they have their own unique protocols so none of the current modes on the pm3 will work.

ntk · 2015-07-11 22:23:53

"Sielox tag"

that was 2011, and it is HF tag

ntk · 2015-07-11 22:27:40

Sielox tag? is it printed on the chip or how do we know it? If it is so good why it has not conquered the whole market?

marshmellow · 2015-07-12 02:46:32

Ntk, don't jump to conclusions. No one said sielox was good. There are hundreds if not thousands of different RFID tags out there, the pm3 does a few dozen. What do you expect from an open source project with relatively few ppl contributing who are kind enough to share and actually know what they are doing. (I don't include myself in that either).

Btw, the "Market" buys the tag with the best brand and marketing, not usually the best technology. Despite our best efforts to expose this folly.

ntk · 2015-07-12 04:34:00

Is the name printed on the chip? Marchmellow?

"Good" in the sense of :for 4 year already and it still could hide its secrete of protocol format. It is hardly any where mentioned apart from advertising datas. Sielox also brought out the new most advanced access system Reported in a hacker space in 2011.

To deserve that title from hacker "most advanced" They seems not to be simple.

Last edited by ntk (2015-07-12 04:43:26)

ntk · 2015-07-12 05:01:21

marshmellow wrote:

Ntk, don't jump to conclusions. No one said sielox was good. There are hundreds if not thousands of different RFID tags out there, the pm3 does a few dozen. What do you expect from an open source project with relatively few ppl contributing who are kind enough to share and actually know what they are doing. (I don't include myself in that either).

If there a wiki site or "hacker's" teaching seminar demonstrating/guiding student about history how to implement a new different RFID tags out there from gathering infos to final coding function implementation in a language ... Do you think it will bring more success? Like in Korea India 15 20 years ago they built special schools where children from age 10,11 could start to learn coding or China nowadays they encourage to bring children in early stage (primary school!) to programming technique, because they want to secure the best place in technology for their people.

I am not claiming that people keep knowledge hidden. In you are living in cities, there were interesting free classes, seminars about others fields offered, BUT unfortunately not offer on Sunday... Who would think hackers need rest days too...

I mean similar to "The girl with the dragon tatoo", the only 3 books of Stieg Larson the romans had opened a new world for interested people, not that all tell tales in there were true, but it shown direction, possibility, capacity, aim and methods ... it opened eyes

marshmellow wrote:

Btw, the "Market" buys the tag with the best brand and marketing, not usually the best technology. Despite our best efforts to expose this folly.

I have seen some of our capable people on that war path ... that why I don't hump I silently admit they and some other must be good in hiding

Last edited by ntk (2015-07-12 05:35:09)

ntk · 2015-07-12 05:20:10

...

Last edited by ntk (2015-07-12 05:23:50)

ntk · 2015-07-12 05:23:13

Apart from doing encryption technique, if they listen on one frequency and answer on a completely different how long would take us to adapt or are we already prepared to confrontation that technique Marshmellow, Asper, Iceman, Moebious, 0xFFFF, Adam, Roel?

asper · 2015-07-12 08:55:47

Ntk you are making too much mess in this forum with your "conclusion", thinkings and offtopic "brainstormings".
You need to study lot of stuff before making questions but you seem to want to have it all and immediately. .. well things don't go this way.

From now on i will stop answering you. I hope you will find your answers without posting so often here.

Last edited by asper (2015-07-12 08:58:10)

Proxmark3 community

Announcement

#1 2015-07-09 16:18:22

New Tag

#2 2015-07-09 16:31:38

Re: New Tag

#3 2015-07-09 20:38:10

Re: New Tag

#4 2015-07-10 10:32:15

Re: New Tag

#5 2015-07-10 12:43:00

Re: New Tag

#6 2015-07-10 14:59:57

Re: New Tag

#7 2015-07-10 19:56:00

Re: New Tag

#8 2015-07-10 21:51:11

Re: New Tag

#9 2015-07-10 21:52:12

Re: New Tag

#10 2015-07-11 16:05:52

Re: New Tag

#11 2015-07-11 16:08:13

Re: New Tag

#12 2015-07-11 16:29:34

Re: New Tag

#13 2015-07-11 19:39:19

Re: New Tag

#14 2015-07-11 22:23:53

Re: New Tag

#15 2015-07-11 22:27:40

Re: New Tag

#16 2015-07-12 02:46:32

Re: New Tag

#17 2015-07-12 04:34:00

Re: New Tag

#18 2015-07-12 05:01:21

Re: New Tag

#19 2015-07-12 05:20:10

Re: New Tag

#20 2015-07-12 05:23:13

Re: New Tag

#21 2015-07-12 08:55:47

Re: New Tag

Board footer