Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
if for some reason the demod doesn't provide a "Raw ID" to use as entry into the sim commands (for use at another time) use data printdemodbuf after demoding and it will give the binary of the Raw ID (convert to hex before using in sim commands)
Fixes now in master trunk.
only took 5 months
Guys... I've tried today the new PM3... I'm enthusiastic! The sim works like a charm!
I renew my best compliments for the wonderful job!
The lf search is a real swiss-knife!
I was telling myself: now that the sim works, the best thing would be that the simulator/cloner in STANDALONE mode act as em4x instead as HID, because the most widespread lf system for access control is em4x.
Honestly I ever found a HID system in my life...
I'm interested in your opinion about that!
P.S.: and what about the "pcf7931 write"? It would be more useful than using the raw command for writing...
Last edited by MilkThief (2015-03-19 19:00:52)
STANDALONE mode act as em4x instead as HID, because the most widespread lf system for access control is em4x.
Honestly I ever found a HID system in my life...
Maybe where you live. I've actually never seen an em access system. It is all hid here.
Anyway it is easy to adjust the calls for your personal situation, but be warned, the ask/Manchester demod takes wicked long on the arm. (20-30 secs) so plan accordingly.
P.S.: and what about the "pcf7931 write"? It would be more useful than using the raw command for writing...
What is a pcf7931 used for? Anyone want to send one to the US?
Last edited by marshmellow (2015-03-19 20:35:07)
MilkThief wrote:STANDALONE mode act as em4x instead as HID, because the most widespread lf system for access control is em4x.
Honestly I ever found a HID system in my life...Maybe where you live. I've actually never seen an em access system. It is all hid here.
Ok, I did not know that. Central Europe uses EM (I mean Italy, Germany, France, Swiss, Slovenia, Croatia, Austria). I see a great market proposal from China about EM (attendance tracking and access control), I thought it was the most used worldwide.
Anyway it is easy to adjust the calls for your personal situation, but be warned, the ask/Manchester demod takes wicked long on the arm. (20-30 secs) so plan accordingly.
Unfortunately can't figure out the way... I don't know C so good.
MilkThief wrote:P.S.: and what about the "pcf7931 write"? It would be more useful than using the raw command for writing...
What is a pcf7931 used for? Anyone want to send one to the US?
Maybe I can provide one to you. Let me search for.
Feel free to start programming
I have too many other things like the ul-ev1, ul-c (missing pwd), pcf9731, to think about this.
Unfortunately I'm not a C programmer... Thank you for your honest opinion ;-)
Heh, I'm not a c programmer either (as holiman and others have noticed. . ). But we make due.
can i assume the pcf9731 read works well? it looks like an inverse biphase (or conditional dephase encoding) with some special bits between the output of each block. can someone post a trace?
the timing is pretty critical for the write mode it looks like, i don't think i could accomplish it without a tag to test with. (plus i'm still working on other items)
I can post some.
Here are some recorded wave traces.
Password bits can be decoded like the following example:
As you can see tghe write procedure is done using Pulse Position Modulation [PPM].
Last edited by asper (2015-03-23 13:15:20)