Proxmark3 community
Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Announcement
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
#1 2016-03-10 22:46:49
- M&S
- Contributor
- Registered: 2015-12-15
- Posts: 44
pls Help identify a square white card ...
I have problem with identify a card a friend gave to me.
Inside, it has round antenna so it looks like 125 kHz. It is white, look like a clam shell about 2xthicker than T5557, outside there is nothing to be noted. Nothing at all.
Hw tune without and with the card show very big voltage difference. Never seen similar before
and lf search can not see it.
here is my proxmark log http://pastebin.com/tZmt294R
and my trace file https://www.dropbox.com/s/53w7rzybife6o8q/square_whiteCard_round_antenna.pm3?dl=0
the plot shows only noise. I ran several time plots shown really only noise.
He insists the card is a working one. has no problem reported.
Could it be t55x7 I run few T55 commands
proxmark3> lf t55xx detect
Could not detect modulation automatically. Try setting it manually with 'lf t55xx config'
proxmark3> lf t55xx config
Chip Type : T55x7
Modulation : ASK
Bit Rate : 0 - RF/8
Inverted : No
Offset : 0
Seq. Term. : No
Block0 : 0x00000000
proxmark3>
I dont think the result of t55 config makes any sense.
I run out of idea what to do next.
part2:
The white clam shell card look similar the HID prox card II which came in the package I bought with the proxmark. The HID proxCardII has 06311 1151004370-1 printed on it.
When I use HID sector commands, it get this reading from the HID ProxCardII
proxmark3> lf hid fskdemod 1
proxmark3>
proxmark3> #db# TAG ID: 2006e2314f (6311) - Format Len: 26bit - FC: 113 - Card: 6311
But with the same command "lf hid fskdemod 1" nothing happens with my mysterious white clam shell card.
how do I know what it is? and if I can clone it? how to clone it?
Last edited by M&S (2016-03-11 00:11:23)
Offline
#2 2016-03-11 07:08:10
- iceman
- Administrator
- Registered: 2013-04-25
- Posts: 9,538
- Website
Re: pls Help identify a square white card ...
that trace wasn't useful.
you might need a wake up command for it.
Offline
#3 2016-03-11 10:04:28
- ntk
- Contributor
- Registered: 2015-05-24
- Posts: 701
Re: pls Help identify a square white card ...
thank you thank you
Strange I can not at url/picture/quote etc any more (someone restricts my movement before banned status, maybe)
if you say "you might need a wake up command for it" do you mean the wake command similar the one in the sector T55. I have a lookk at it, it requires to fill in a password field!
I don't know mine has any .... and also doing a read with password or call a command which is related to a PW usage, even without filling in the PW field could not cause issue, like hose/waste your card???
Or, is there a hidden wake up for HID, I haven't seen yet???
Last edited by ntk (2016-03-11 13:00:30)
Offline
#4 2016-03-12 06:07:26
- marshmellow
- Contributor
- From: US
- Registered: 2013-06-10
- Posts: 2,302
Re: pls Help identify a square white card ...
that trace wasn't useful.
you might need a wake up command for it.
Iceman is dead on. you probably have a tag that either needs a simple wake up call (with a password) for a t55x7 compatible or you might have a more complex hitag chip.
can you identify the reader model?
Last edited by marshmellow (2016-03-12 06:08:45)
Offline
#5 2016-03-12 07:36:57
- iceman
- Administrator
- Registered: 2013-04-25
- Posts: 9,538
- Website
Re: pls Help identify a square white card ...
if you have access to the reader, would you mind making a snoop between the valid card and reader?
Offline
#6 2016-03-12 10:51:45
- ntk
- Contributor
- Registered: 2015-05-24
- Posts: 701
Re: pls Help identify a square white card ...
Unfortunately I don't have access to the reader.
Nothing in the trace would relieve its origin? Some where on the forum I have read that by checking of a the trace people can trace back even to the building address where the card/fob was designed for
In the case we have access to a reader, where the card has to be valid/registered, then we can snoop, then we can use snoop info generally to make a clone of that type of reader? Do we have a work like that n the forum. I would like very much to read into it.
Offline
#7 2016-03-12 11:46:21
- iceman
- Administrator
- Registered: 2013-04-25
- Posts: 9,538
- Website
Re: pls Help identify a square white card ...
I think you are refering to the trace and dumps from an iclass system, where they also mentioned their country..
The assigned numbers for a cardsystem is connected with specific buildings,. You have a LF tag with a number on it.
If someone has access to where HID has sold its number-ranges then maybe it could be traced...
Offline
#8 2016-03-12 13:21:41
- ntk
- Contributor
- Registered: 2015-05-24
- Posts: 701
Re: pls Help identify a square white card ...
ah, but this one is fully blank. from the construction it just looks very much like the clam shell HID proxcardII so I think it could be a kin of HID class. but it does not work with those commands
Offline
#9 2016-03-12 13:28:44
- iceman
- Administrator
- Registered: 2013-04-25
- Posts: 9,538
- Website
Re: pls Help identify a square white card ...
if you had access to the reader, you could have snooped and might been able to see the password used to activate it. Or at least this is my quess.
Offline