Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
I recently went and bought a pm3 rdv2 after experiment with cheaper alternatives.
I wanted to snoop an authentication between a reader and card ( mifare classic 1k)
hf search:
ATQA : 00 04
SAK : 08 [2]
TYPE : NXP MIFARE CLASSIC 1k | Plus 2k SL1
proprietary non iso14443-4 card found, RATS not supported
No chinese magic backdoor command detected
Prng detection: HARDENED (hardnested)
Valid ISO14443A Tag Found - Quiting SearchI have tired all the other methods with no sucess, so capturing the authentication seems the only option since I have unlimited access to reader.
But when i type: 'hf 14a snoop' - nothing happens. Just goes back to letting me a new command. Any help would be greatly appreciated.
Other information: STD light is always on and CHR is always flashing no matter what.
Using Kali btw.
Last edited by p45a (2019-01-29 21:40:14)
Offline
Looks like your firmware doesn't match the client software.
Offline
Would I need to re-flash to an older firmware?
hw ver:
proxmark3> hw ver
Prox/RFID mark3 RFID instrument
bootrom: master/v3.1.0-49-g0d2624a-suspect 2019-01-16 18:36:24
os: master/v3.1.0-49-g0d2624a-suspect 2019-01-16 18:36:25
fpga_lf.bit built for 2s30vq100 on 2015/03/06 at 07:38:04
fpga_hf.bit built for 2s30vq100 on 2018/11/28 at 08:33:11
SmartCard Slot: not available
uC: AT91SAM7S512 Rev B
Embedded Processor: ARM7TDMI
Nonvolatile Program Memory Size: 512K bytes. Used: 202546 bytes (39%). Free: 321742 bytes (61%).
Second Nonvolatile Program Memory Size: None
Internal SRAM Size: 64K bytes
Architecture Identifier: AT91SAM7Sxx Series
Nonvolatile Program Memory Type: Embedded Flash Memory Last edited by p45a (2019-01-18 16:07:42)
Offline
Depends on your client software. Whenever you install a new client software you should flash the firmware and vice versa.
Offline
Not sure what you mean? by software do you mean the firmware installed on pm3? - I followed the guide to install the latest from github. Also used Windows client to run commands, the same issue persists there are as well.
Have i got a faulty chip?
hw tune:
Measuring antenna characteristics, please wait.........
# LF antenna: 34.24 V @ 125.00 kHz
# LF antenna: 25.30 V @ 134.00 kHz
# LF optimal: 34.24 V @ 125.00 kHz
# HF antenna: 25.42 V @ 13.56 MHz
Displaying LF tuning graph. Divisor 89 is 134khz, 95 is 125khz.and hw status:
proxmark3> hw status
#db# Memory
#db# BIGBUF_SIZE.............40000
#db# Available memory........40000
#db# Tracing
#db# tracing ................1
#db# traceLen ...............0
#db# Fgpa
#db# mode....................LF
#db# LF Sampling config:
#db# [q] divisor: 95
#db# [b] bps: 8
#db# [d] decimation: 1
#db# [a] averaging: 1
#db# [t] trigger threshold: 0
#db# USB Speed:
#db# Sending USB packets to client...
#db# Time elapsed: 1500ms
#db# Bytes transferred: 909824
#db# USB Transfer Speed PM3 -> Client = 606549 Bytes/s
#db# Various
#db# MF_DBGLEVEL......2
#db# ToSendMax........2135293927
#db# ToSendBit........0 Last edited by p45a (2019-01-18 19:01:41)
Offline
By "client softare" I mean the software on you PC (proxmark3.exe). By "firmware" I mean what is flashed onto the device. Both must match. Your firmware seems to be pretty new.
Up to now I cannot see any unusual with your description. Nothing indicates a fault. Snooping is continuing until either the trace memory is full or you press the button on the device. Try it.
As long as there is no reader in the vicinity, nothing will be recorded. If you approach a reader, LED D should be lit to indicate that a HF field has been detected. When either reader or tag are sending this is indicated by LEDs B and C.
The result of your snooping can then be displayed by 'hf list 14a'.
Offline
Thanks you're correct and it does in fact pick up the auth.
Offline