Proxmark3 community
Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Announcement
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
#1 2018-10-31 02:44:26
- minivan
- Contributor
- Registered: 2018-08-30
- Posts: 6
Project Trying to Learn - Chinese reader Snooping
So... I'm attempting to increase my skills with the Proxmark. Before ordering, I was cloning using a chinese multifrequency reader. I've been trying to snoop and see if I can get the password that is set by the chinese reader with no luck. I have adjusted my LF config to the specs below and attached a trace from the reader. I'm looking for some help here... I set the LF config settings, snooped the programming process, brought up my samples on the trace, and then.... I get lost. Looking for any advice or hints of where to go from here.
Trace Located At:
https://drive.google.com/open?id=1pbD5g … IHcdBOM-7r
Settings:
https://drive.google.com/open?id=1EeZ5H … YE7dw76LTJ
HW Tune:
https://drive.google.com/open?id=1pycYE … ocAS_ph5Gd
Didn't really know where else to post up some of the data so GDrive it is. Do I take the samples, trim them up and try to decode? Do I need to adjust settings on the "lf configure" to get something better? Any help would be appreciated!
Last edited by minivan (2018-10-31 02:46:07)
Offline
#2 2018-10-31 19:40:45
- anybody
- Contributor
- Registered: 2016-12-20
- Posts: 36
Re: Project Trying to Learn - Chinese reader Snooping
write commands
blk1: 44 B4 4C AE (pwd) - FF 80 00 00 (data)
blk2: 44 B4 4C AE (pwd) - 00 60 1A 52 (data) (EM4100: 00 00 00 30 39)
blk7: 44 B4 4C AE (pwd) - 00 01 2B 2B (data (new pwd))
blk1: ...
blk2: ...
blk7: ...
Last edited by anybody (2018-11-01 06:31:44)
Offline
#3 2018-10-31 21:35:51
- minivan
- Contributor
- Registered: 2018-08-30
- Posts: 6
Re: Project Trying to Learn - Chinese reader Snooping
Do you mind helping out on how you came up with that? Looks like this device programs with multiple passwords... I'm looking to see if I can possibly find a pattern or algorithm. Card I programmed with it does not work with that password. I'm guessing it's alternating. Thank You!
Last edited by minivan (2018-10-31 21:38:25)
Offline
#4 2018-11-01 06:29:39
- anybody
- Contributor
- Registered: 2016-12-20
- Posts: 36
Re: Project Trying to Learn - Chinese reader Snooping
I do not see the configuration block in your trace.
Can you attach another trace from your Chinese reader, for comparison?
Offline
#5 2018-11-01 13:01:50
- minivan
- Contributor
- Registered: 2018-08-30
- Posts: 6
Re: Project Trying to Learn - Chinese reader Snooping
I can attempt when getting home. So, the writer writes for a good bit of time (lets roughly say 8 seconds). The snoop command seems to grab the first half'ish if the programming. This could be why I'm not getting it, but I'll give it another shot.
Offline
#6 2018-12-10 22:43:37
- minivan
- Contributor
- Registered: 2018-08-30
- Posts: 6
Re: Project Trying to Learn - Chinese reader Snooping
I'm attempting to get some of the information you were able to extract from that... All I'm getting is random bits or errors. The only think I can rawdemod is FSK? What other work do I need to put in?
Offline