Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

  • Logged in as ikarus
  • Last visit: Today 11:22:42

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2017-06-30 15:26:27

abdo79
Contributor
Registered: 2017-06-18
Posts: 22

official update (30/6/2017) ERR command response

hi;
  i tried the new official update (30/6/2017) the command for (HW Tune ) and (HID simulate) doesn't work in a right way.please reply back to me with the way to fix it

Prox/RFID mark3 RFID instrument         
bootrom: master/v2.2.0-532-g82e8eee-suspect 2017-06-30 09:27:56
os: master/v2.2.0-532-g82e8eee-suspect 2017-06-30 09:28:01
LF FPGA image built for 2s30vq100 on 2015/03/06 at 07:38:04
HF FPGA image built for 2s30vq100 on 2017/05/17 at 17:48:26
uC: AT91SAM7S256 Rev D         
Embedded Processor: ARM7TDMI         
Nonvolatile Program Memory Size: 256K bytes. Used: 192561 bytes (73%). Free: 69583 bytes (27%).         
Second Nonvolatile Program Memory Size: None         
Internal SRAM Size: 64K bytes         
Architecture Identifier: AT91SAM7Sxx Series         
Nonvolatile Program Memory Type: Embedded Flash Memory         
proxmark3> hw tune
Measuring antenna characteristics, please wait...         
# LF antenna:  0.00 V @   125.00 kHz         
# LF antenna:  0.00 V @   134.00 kHz         
# LF optimal:  0.00 V @ 12000.00 kHz         
# HF antenna:  0.00 V @    13.56 MHz         
# Your LF antenna is unusable.         
# Your HF antenna is unusable.         
proxmark3>
proxmark3> hw tune
Measuring antenna characteristics, please wait...         
# LF antenna:  0.00 V @   125.00 kHz         
# LF antenna:  0.00 V @   134.00 kHz         
# LF optimal:  0.00 V @ 12000.00 kHz         
# HF antenna:  0.00 V @    13.56 MHz         
# Your LF antenna is unusable.         
# Your HF antenna is unusable.         
proxmark3>
proxmark3> lf hid sim 20065a92b6
Emulating tag with ID 20         65a92b6         
Press pm3-button to abort simulation         
proxmark3>
proxmark3> #db# Stopped     
thanks

Offline

#2 2017-06-30 15:36:24

platinium gsm
Contributor
Registered: 2016-08-06
Posts: 28

Re: official update (30/6/2017) ERR command response

DO you use the same client/firmware?

Offline

#3 2017-06-30 19:39:53

gator96100
Contributor
From: Austria
Registered: 2016-03-25
Posts: 177

Re: official update (30/6/2017) ERR command response

Be sure you don't mix client and firmware versions.
Did you check your antenna connections?

Offline

#4 2017-07-01 00:36:38

abdo79
Contributor
Registered: 2017-06-18
Posts: 22

Re: official update (30/6/2017) ERR command response

i used two different clients and both had the same results. the antenna is fine cause it works well with no issues with iceman copy. actually if works fine with the official copy but only the HW tune command doesn't work right. i can read and write data to cards but the tune command itself doesn't work.
same with HID sim command

Offline

#5 2017-07-01 09:00:02

ntk
Contributor
Registered: 2015-05-24
Posts: 701

Re: official update (30/6/2017) ERR command response

@abdo79
I like to assist you step by step to see where it goes wrong. but I need more infos and swift because sw development is very active now-a-days, one day apart and your sw and mine could behave very differently. Would you give me
1/ pic of your Pm3 HW
2/ when you received it did you run any experiment with hw tune read copy etc  antenena fine at that time.?
3/ you have official update so you build with gator's upgrade proxspace? your environment?
4/ pls pull again today as you always do upgrading of your SW and rebuild and pls show me rebuild report (you may have to set the screen buffer to capture the whole terminal log from start to run experiments)? import ant is how do how do you flash, result of flash, result of hw tune, "lf aw clo 256 256 66666"
5/ you said you run with 2 diff clients!  you mean from two different SW version iceman's and official?
6/how do you do compare result of 2 different SW? Do you have two directories
7/you still have iceman version ? pls share the /iceman-sw/client/proxmark3.log. pls go to directory where you have the 30/06 SW update and send send to me promark3.log
8/ now you do exact step by step this it is important to give me some insights:
a/ make a new directory for example c:/1
b/ "cd c:/1"
c/ run "git clone https://github.com/Proxmark/proxmark3.git"
d/ Then compile/flash
e/ run "data plo" first then run some experiments with tune; reading of some tags HID EM AW HID IO inda Hitag any then cloning similar even you have no tag on the antenna etc.. the more divers the better
f/ Pls give the screen capture of the terminal and the proxmark3.log in the c:/1/proxmark3/client

Offline

#6 2017-07-01 09:37:17

abdo79
Contributor
Registered: 2017-06-18
Posts: 22

Re: official update (30/6/2017) ERR command response

1. pic of PM3: https://www.emartee.com/Images/websites/emartee.com/Proxmark3.jpg
2. i did do tests with pm3-bin-2.4.0 and all command were working fine
3. i got the windows official update from here : http://www.proxmark.org/forum/viewtopic.php?id=3975
4. the shared long is the last update available for windows on the above mentioned link
5. i used both official and iceman latest updates
6. two different directories where i execute the same commands: hw tune works only on iceman copy. but hid sim doesn't work on any of them. the following is the iceman copy log

Prox/RFID mark3 RFID instrument         
bootrom: iceman/master/v1.1.0-2051-ge82496ca 2017-06-17 15:11:42
os: iceman/master/v1.1.0-2051-ge82496ca 2017-06-17 15:11:47
LF FPGA image built for 2s30vq100 on 2015/03/06 at 07:38:04
HF FPGA image built for 2s30vq100 on 2015/11/ 2 at  9: 8: 8
uC: AT91SAM7S256 Rev D         
Embedded Processor: ARM7TDMI         
Nonvolatile Program Memory Size: 256K bytes. Used: 216650 bytes (83%). Free: 45494 bytes (17%).         
Second Nonvolatile Program Memory Size: None         
Internal SRAM Size: 64K bytes         
Architecture Identifier: AT91SAM7Sxx Series         
Nonvolatile Program Memory Type: Embedded Flash Memory         
proxmark3> hw tune
Measuring antenna characteristics, please wait..........         
# LF antenna: 17.19 V @   125.00 kHz         
# LF antenna: 22.00 V @   134.00 kHz         
# LF optimal: 22.00 V @   133.33 kHz         
# HF antenna: 23.54 V @    13.56 MHz         
Displaying LF tuning graph. Divisor 89 is 134khz, 95 is 125khz.
proxmark3>
proxmark3> lf hid sim 20065a92b6
Emulating tag with ID 20         65a92b6         
Press pm3-button to abort simulation         
proxmark3>
proxmark3> #db# Simulation stopped                 

i have never compiles any of the github. i always use the official or iceman copies available on this link
http://www.proxmark.org/forum/viewtopic.php?id=3975
could yo give me more details on how to do it and i will follow up.
thanks

Offline

#7 2017-07-01 10:59:13

ntk
Contributor
Registered: 2015-05-24
Posts: 701

Re: official update (30/6/2017) ERR command response

which system do you use?
if window you can follow https://github.com/Proxmark/proxmark3/wiki/Windows I have checked reading it seems OK.
Ony one step I do differently: personally I use the terminal in C:\ProxSpace\msys. old modish only

Offline

#8 2017-07-01 13:27:34

abdo79
Contributor
Registered: 2017-06-18
Posts: 22

Re: official update (30/6/2017) ERR command response

i used proxspace to compile the latest on github and then used it to flash bootroom and fpga as follows:

D:\downloads\proxmark\ProxSpace\pm3\client>flasher.exe com15 -b D:\downloads\pro
xmark\ProxSpace\pm3\bootrom\obj\bootrom.elf
Loading ELF file 'D:\downloads\proxmark\ProxSpace\pm3\bootrom\obj\bootrom.elf'..
.
Loading usable ELF segments:
0: V 0x00100000 P 0x00100000 (0x00000200->0x00000200) [R X] @0x94
1: V 0x00200000 P 0x00100200 (0x00000cc0->0x00000cc0) [RWX] @0x298

Waiting for Proxmark to appear on com15. Found.
Entering bootloader...
(Press and release the button only to abort)
Waiting for Proxmark to reappear on com15...... Found.

Flashing...
Writing segments for file: D:\downloads\proxmark\ProxSpace\pm3\bootrom\obj\bootr
om.elf
0x00100000..0x001001ff [0x200 / 1 blocks]. OK
0x00100200..0x00100ebf [0xcc0 / 7 blocks]....... OK

Resetting hardware...
All done.

Have a nice day!

D:\downloads\proxmark\ProxSpace\pm3\client>flasher.exe com15 -b D:\downloads\pro
xmark\ProxSpace\pm3\armsrc\obj\fullimage.elf
Loading ELF file 'D:\downloads\proxmark\ProxSpace\pm3\armsrc\obj\fullimage.elf'.
..
Loading usable ELF segments:
0: V 0x00102000 P 0x00102000 (0x0002b5f8->0x0002b5f8) [R X] @0x94
1: V 0x00200000 P 0x0012d5f8 (0x00001a3c->0x00001a3c) [RW ] @0x2b68c
Note: Extending previous segment from 0x2b5f8 to 0x2d034 bytes

Waiting for Proxmark to appear on com15. Found.
Entering bootloader...
(Press and release the button only to abort)
Waiting for Proxmark to reappear on com15.........................^C
D:\downloads\proxmark\ProxSpace\pm3\client>flasher.exe com5 -b D:\downloads\prox
mark\ProxSpace\pm3\armsrc\obj\fullimage.elf
Loading ELF file 'D:\downloads\proxmark\ProxSpace\pm3\armsrc\obj\fullimage.elf'.
..
Loading usable ELF segments:
0: V 0x00102000 P 0x00102000 (0x0002b5f8->0x0002b5f8) [R X] @0x94
1: V 0x00200000 P 0x0012d5f8 (0x00001a3c->0x00001a3c) [RW ] @0x2b68c
Note: Extending previous segment from 0x2b5f8 to 0x2d034 bytes

Waiting for Proxmark to appear on com5. Found.

Flashing...
Writing segments for file: D:\downloads\proxmark\ProxSpace\pm3\armsrc\obj\fullim
age.elf
0x00102000..0x0012f033 [0x2d034 / 361 blocks]..................................
................................................................................
................................................................................
................................................................................
................................................................................
....... OK

Resetting hardware...
All done.

Have a nice day!

-------------------------------
then i checked the same command again
Prox/RFID mark3 RFID instrument         
bootrom: master/v3.0.1-28-g1cbb352-dirty-suspect 2017-07-01 11:38:17
os: master/v3.0.1-28-g1cbb352-dirty-suspect 2017-07-01 11:38:24
LF FPGA image built for 2s30vq100 on 2015/03/06 at 07:38:04
HF FPGA image built for 2s30vq100 on 2017/05/17 at 17:48:26
uC: AT91SAM7S256 Rev D         
Embedded Processor: ARM7TDMI         
Nonvolatile Program Memory Size: 256K bytes. Used: 192561 bytes (73%). Free: 69583 bytes (27%).         
Second Nonvolatile Program Memory Size: None         
Internal SRAM Size: 64K bytes         
Architecture Identifier: AT91SAM7Sxx Series         
Nonvolatile Program Memory Type: Embedded Flash Memory         
proxmark3> hw tune
Measuring antenna characteristics, please wait...         
# LF antenna:  0.00 V @   125.00 kHz         
# LF antenna:  0.00 V @   134.00 kHz         
# LF optimal:  0.00 V @ 12000.00 kHz         
# HF antenna:  0.00 V @    13.56 MHz         
# Your LF antenna is unusable.         
# Your HF antenna is unusable.         



no difference

any ideas?

Offline

#9 2017-07-01 13:47:20

ntk
Contributor
Registered: 2015-05-24
Posts: 701

Re: official update (30/6/2017) ERR command response

you seem to use window.

concerning is COM15 when flash bootrom then COM5 for flashing OS.
If you switch on view hidden device, see in device manager and send screen capture why you have so many devices there

Pls be very specific what do you mean with
"-------------------------------
then i checked the same command again
Prox/RFID mark3 RFID instrument          "
after you did the step "
D:\downloads\proxmark\ProxSpace\pm3\client>flasher.exe com5 -b D:\downloads\prox
mark\ProxSpace\pm3\armsrc\obj\fullimage.elf"

how did you do?

the antenna on this easy PM3 is fitted so there can not be a connection problem. but still have you try to take it off and reattach again?

HW tune give all 0V is very strange particularly 0.00 V @ 12000.00 kHz  is when an antenna is not connected.

and you said in one early SW version from iceman you can read clone HID?

Could you strictly re-flash with that SW and do all the steps again for me. pls in details so I can follow you

Last edited by ntk (2017-07-01 13:51:59)

Offline

#10 2017-07-01 14:14:07

abdo79
Contributor
Registered: 2017-06-18
Posts: 22

Re: official update (30/6/2017) ERR command response

the device changes between com5 and com15 each time i flash it. that is why i use flasher again for the fullimage cause the device get disconnected and when connected again it appears in com15

when i said i checked the same command again, i meant (HW tune) that is why i printed the log starting from (Prox/RFID mark3 RFID instrument) so that youu can see the version update.

i did that by using proxmark3.exe com5

i won't do any hardware changes or resetting antenna cause it works fine with iceman windows copy

(HW tune) works on iceman copy but not on official copy. meanwhile (lf HID Sim) doesn't work on both iceman or official copies

i did already printed the full screen for flashing and then using the command on the new official copy. do you want me to do the same with iceman copy?
is that what u r looking for?

Offline

#11 2017-07-01 14:33:59

piwi
Contributor
Registered: 2013-06-04
Posts: 704

Re: official update (30/6/2017) ERR command response

@abdo79: Your hw version shows that you managed to flash the firmware despite the changing com port. You now just need to make sure that you use the corresponding proxmark3.exe as well. Don't use Iceman proxmark3.exe with 3.0.1 firmware. Don't use official proxmark3.exe with Iceman firmware.

It is normal that you see the com port change issue when you switch between Iceman and recent official builds.

Offline

#12 2017-07-01 16:48:31

ntk
Contributor
Registered: 2015-05-24
Posts: 701

Re: official update (30/6/2017) ERR command response

@abdo79
anything better?

forget for the moment about Sim. Not all of us has HID for test HID SIM so very possible that it may not work in latest release. I just think ... maybe there is a way...

I ask you to do again with an other SW version in expectation that makes you fed up with my questions, so you would then take the steps very carefully and after doing the bootrom flashing, then  fullimage flashing, you start "proxmark3 com5" at that same place same level. A mixing of proxmark3 and firmware is then not possible.
.
Have you losen a little the screws and re-attach antenna?

Load the SW you said it has worked with HW tune, do the simple tune and reading test HF LF (be specific in each step, or I will ask and make you loading and flashing and run test again because I need to follow every step).

We concentrate to get your PM3 working on reading just simple tag card first, you have EM, T55X7, mifare classic 1K come with your kit?

Offline

#13 2017-07-01 17:08:26

ntk
Contributor
Registered: 2015-05-24
Posts: 701

Re: official update (30/6/2017) ERR command response

@abdo79

If the previous proposal still not helpful, then we come to the last step:

I help you to rebuild the SW, we run test and can close the experiment with a final verdict

Offline

#14 2017-07-01 23:12:47

abdo79
Contributor
Registered: 2017-06-18
Posts: 22

Re: official update (30/6/2017) ERR command response

ok, what i have done is that i used the latest official coy that was released today. i flashed the pm3 and then used it with the same proxmark3.exe that came with it

the tunning works fine
Prox/RFID mark3 RFID instrument
bootrom: master/v2.2.0-534-g1cbb352-suspect 2017-07-01 10:09:53
os: master/v2.2.0-534-g1cbb352-suspect 2017-07-01 10:09:57
LF FPGA image built for 2s30vq100 on 2015/03/06 at 07:38:04
HF FPGA image built for 2s30vq100 on 2017/05/17 at 17:48:26

uC: AT91SAM7S256 Rev D
Embedded Processor: ARM7TDMI
Nonvolatile Program Memory Size: 256K bytes. Used: 192561 bytes (73%). Free: 69583 bytes (27%).
Second Nonvolatile Program Memory Size: None
Internal SRAM Size: 64K bytes
Architecture Identifier: AT91SAM7Sxx Series
Nonvolatile Program Memory Type: Embedded Flash Memory
proxmark3> hw tune

Measuring antenna characteristics, please wait.........
# LF antenna: 17.32 V @   125.00 kHz
# LF antenna: 22.14 V @   134.00 kHz
# LF optimal: 22.14 V @   133.33 kHz
# HF antenna: 23.11 V @    13.56 MHz
Displaying LF tuning graph. Divisor 89 is 134khz, 95 is 125khz.



proxmark3> lf hid sim 20065a92b6
Emulating tag with ID 20         65a92b6
Press pm3-button to abort simulation
#db# Stopped
proxmark3>

maybe the reason was that i was using the proxmark3.exe from a different build. but still the issue wih the HID simulation doesn't work. i have an hid card and it doesn't work. the clonning works fine but the simulation doesn't. any ideas?

thanks

Offline

#15 2017-07-01 23:20:52

abdo79
Contributor
Registered: 2017-06-18
Posts: 22

Re: official update (30/6/2017) ERR command response

the simulate command is as follows:

proxmark3> lf hid sim 20065a92b6
Emulating tag with ID 20         65a92b6
Press pm3-button to abort simulation
#db# Stopped

the id given in the command (20065a92b6) was executed differently "20         65a92b6"
the cloning of the same ID works fine with the reader but the simulation, doesn't
what could be the reason?

Offline

#16 2017-07-02 03:57:50

marshmellow
Contributor
From: US
Registered: 2013-06-10
Posts: 2,302

Re: official update (30/6/2017) ERR command response

simulating FSK (what hid uses) and PSK is difficult with the current hardware and implementation.  antenna size and reader strength often determines whether it works or not.  but it is far from perfect.  ASK is much easier for the pm3.

Offline

#17 2017-07-02 06:52:07

abdo79
Contributor
Registered: 2017-06-18
Posts: 22

Re: official update (30/6/2017) ERR command response

hi;
how do u explain this video emulating hid card?
https://www.youtube.com/watch?v=7hTYBUFCPuw

thanks

Offline

#18 2017-07-02 14:10:55

marshmellow
Contributor
From: US
Registered: 2013-06-10
Posts: 2,302

Re: official update (30/6/2017) ERR command response

I didn't say it can't be done...

Offline

#19 2017-07-02 14:15:40

abdo79
Contributor
Registered: 2017-06-18
Posts: 22

Re: official update (30/6/2017) ERR command response

well, that is what i got from your answer. do u know how to do it?

Offline

#20 2017-07-02 14:28:39

marshmellow
Contributor
From: US
Registered: 2013-06-10
Posts: 2,302

Re: official update (30/6/2017) ERR command response

Yes, with varying degrees of success as I said..., But I also have 7 different antennas built...
But, besides that video isn't even showing a hid card or reader.

Offline

#21 2017-07-02 14:42:48

abdo79
Contributor
Registered: 2017-06-18
Posts: 22

Re: official update (30/6/2017) ERR command response

thanks for your help . but does this mean that HID simulation or LF cards can be emulated sing proxmark3? are there anyway to try it?

Offline

#22 2017-07-02 15:07:39

marshmellow
Contributor
From: US
Registered: 2013-06-10
Posts: 2,302

Re: official update (30/6/2017) ERR command response

Some readers will pick up the pm3 using default antennas, others need more focused antennas, and still others don't seem to pick it up at all.  (Pm3 is too weak)

Offline

Quick reply

Write your message and submit

Board footer

Powered by FluxBB