Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Pages: 1
Experts,
I have recently purchased a proxmark3, and have successfully upgraded to SVN revision 839 of code. The device is happy and stable.
I have been able to successfully re-flash the device's osimage.elf with the proxbrute image (https://github.com/brad-anton/proxbrute), but then I cannot access the proxmark interface via the client to verify that it is working. So I have re-flashed to revision 839 to maintain its current functionality. Do you have any information or links to posts where people have been successful in flashing the device with proxbrute? If you can share that with me, it would be very helpful.
Also, there is a standalone cloning mod (http://colligomentis.com/2012/05/09/pro … tandalone/) that will allow headless cloning (no PC required to clone, rather than just replay, like the standard image does). Again, if you have any information or links to posts where people have been successful with "standalone cloning," it would really help me out on my next assessment.
In summary, I am looking for a method to either re-flash and access the device with proxbrute or implement a "standalone cloning" mod.
Thank you,
-MoF
Offline
Last time I checked, proxbrute was working with the old usb interface. You are probably using CDC interface.
You need to go back to the old school proxmark 3 interface !
Offline
That would explain why I'm unable to get back to the command line. I am not familiar with using the old school usb interface. Right now, the device registers as /dev/ttyACM0, like in the documentation. Do I just use an older client to access the device after I re-flash it with the proxbrute image?
Thank you for the response,
-MoF
Offline
Using SVN revision 651 of the proxmark client from a windows machine, I was able to connect to the proxbrute-flashed proxmark3:
======================================
#Output from ProxSpace (runme.bat) Cygwin Shell
======================================
pm3 /c/project/proxmark/pm3-bin-r651$ ./client/proxmark3
Connected units:
1. SN: ChangeMe [bus-0/\\.\libusb0-0001--0x9ac4-0x4b8f]
proxmark3> hw version
#db# Prox/RFID mark3 RFID instrument
#db# bootrom: svn 839 2013-11-20 15:24:18
#db# os: svn 517-unclean 2011-12-27 21:09:24
#db# FPGA image built on 2013/11/19 at 18:17:10
#db# Starting recording
#db# TAG ID: 000000001 (0)
#db# Recorded 0 0 1
#db# Playing
#db# Red is lit, not entering ProxBrute Mode
#db# 0 0 1
#db# Stopped
#db# Done playing
#db# Playing
#db# Entering ProxBrute Mode
#db# brad a. - foundstone
#db# Current Tag: Selected = 1 Facility = 00115879 ID
#db# Trying Facility = 00115879 ID 0303067f
#db# Tags can only have 44 bits.
#db# Trying Facility = 00115879 ID 0303067e
#db# Tags can only have 44 bits.
======================================
For some reason, the old clients aren't working on Linux, but work just fine on Windows.
Hope this helps someone else,
-MoF
Offline
I'm not to sure about proxbrute (no offence iceman) it seems like a buggy POS. But then again I am prob doing it all wrong so don't listen to me....
HF Standalone Emulation
Hold down button until LEDs blink to enter standalone mode.
C&D light and remain lit.
Touch card to antenna.
It gets stored into bank 0 and immediately begins emulating the card.
LED B,C, and A are lit.
HF Standalone Cloning
Copy card to bank0.
Touch writable card to antenna.
Hold down the button to clone.
A goes out and then B goes out release button.
Card is now being cloned.
Standalone LF emulation
Long press button until
Several LED flash in sequence
LED C is now lit
Long press button until LED D lights as well as C
Place card on antenna to be read
D goes off when card is read
Short press button
B and C is lit
Card is now being Emulated
Standalone LF cloning
When only C is lit and has already captured/stored a card to bank 0:
Hold button down until C and A are lit, place T5577(or equivalent) card on LF Antenna
Release button, A and D blink and go out and C remains lit
This bank has now been cloned to the T5577 card
Proxbrute use
Hold button until lights flash and release.
C stays lit.
Short press button: C&B are lit
Short press button: only A is lit
Hold button until A&D light up
Scan a valid card
Short press button: B&C&A stay lit
It is now brute forcing the key space starting with the scanned card and decrements the hex values until you find a new valid card
HID1000-bruteforce use
Hold button until lights flash and release.
C stays lit.
Short press button until: A&C are lit
Hold button until A&C&D are lit
Scan a valid card
Short press button: B&C&A stay lit
It is now brute forcing the key space starting with the scanned card and decrements card numbers
Short press the button again to increment card numbers
Matty's Mifare1k Standalone emulation/cloning
Hold card up to antenna.
Long press button.
A&D light and B flashes if card is held to antenna.
Wait for A&D to go off and B will stay lit.
Mifare card is now being emulated.
Press button again to clone the card to a Chinese magic card.
Note: If C stays lit then the keys were not found and tag can not be emulated.
Try holding tag over antenna before pressing the button and try again.
Offline
no offence taken, the different standalone modes isn't my creations.
I think someone made a cheatsheet for how they work or intended to work, or is that the one you pasted?
ps.
a 5 year old thread brought back from the eternal peace...
Offline
Pages: 1