Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Hi,
I have a unknown lf card. Doing a lf search, the proxmark detected it as a EM4100 card, but I am confident it is not a EM4100 card because:
1. Copying it as a EM4100 card resulted in the copy not working.
2. I have a different device that I normally use to read EM4100 cards which I have used for a long time without problem. This does not detect it as a EM4100 card.
I believe I saw another post in this thread with a similar thing and in the thread it had instructions on what to do. Something like to look for the 111111111 in the demod and then how to program block 0, 1, 2 & 3 in the t55x7 tag?
If anyone knows the post I am talking about, I would greatly appreciate if if you could link to it as I have spent much time searching for it.
Thanks
There are different types of em410x with different clocks and number of bytes. The em410xwrite does not cover them all. So if you used that to clone it could fail.
It is very rare, though I suppose not totally impossible, to get a false positive with current firmware on the em410x as it verifies multiple parties.
Sure.
Last edited by marshmellow (2015-07-17 14:03:40)
Btw I haven't seen anything yet.
Hmmm. I don't see it.
Oops.. Found it, sorry. I'll take a look in a little bit.
the verdict is it is an em410x, just one of the rf/32 clock varieties instead of rf/64. so the em410xwrite did not clone it correctly (it uses rf/64)
i suppose i could patch the command to take an optional argument for clock. ... soon - ish...
i suppose i could patch the command to take an optional argument for clock. ... soon - ish...
Thanks for working out the problem.
In the meantime, would it be possible for me to write it with the normal em410xwrite command but then change block 0 by writing to it with the configuration block for EM4100 RF/32 instead of the EM4100 RF/64?
Hi,
Would the following steps be the correct way to change the clock variety to RF/32 ?
1. program the card normally using the em410xwrite command. checking lf t55xx detect shows:
[== Undefined ==]
proxmark3> lf t55xx detect
clk 255
Modulation : ASK
Bit Rate : 5 - RF/64
Inverted : No
Offset : 1
Block0 : 0x00148040
2. change block 0 from rf/64 to rf/32 with "lf t55xx write 0 0x00088040" command. checking lf t55xx detect shows:
[== Undefined ==]
proxmark3> lf t55xx detect
clk 255
Found [2] possible matches for modulation.
--[1]---------------
Modulation : ASK
Bit Rate : 2 - RF/32
Inverted : No
Offset : 0
Block0 : 0x00088040
--[2]---------------
Modulation : DIRECT/NRZ
Bit Rate : 2 - RF/32
Inverted : Yes
Offset : 14
Block0 : 0x10080001
Could not detect modulation automatically. Try setting it manually with 'lf t55x
x config'