Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

Pages: 1

#1 2014-03-16 21:23:34

midnitesnake
Contributor
Registered: 2012-05-11
Posts: 151

Unique Tags

Asper and I have been investigating different EM4100 formats, and we came across unique from Trovan (http://www.trovan.com)

We found this tag :

unique = 8800f1b052
raw     = ff8c60047c0da688
raw_binary  = 1111111110001100011000000000010001111100000011011010011010001000

is actually the same as EM4100 which makes a EM41x UID=11008f0d4a

so whats different?  Asper quickly discovered this part....

When you extract the binary components (removing the parity bits) your left with:
00010001 00000000 10001111 00001101 01001010 (11008f0d4a)

simply reading in from the LSB first instead of the MSB yields the unique UID:
10001000 00000000 11110001 10110000 01010010 (8800f1b052)

One quick hack later, and the proxmark can dump unique UIDs alongside EM4100 UIDs:

proxmark3> lf em4x em410xwatch
#db# buffer samples: 00 00 00 00 00 16 1f 16 ...                 
Reading 16000 samples
          
Done!
          
Auto-detected clock rate: 64          
EM410x Tag ID: 11008f0d4a          
Unique Tag ID: 88001f0b25

svn diff against r845

Index: cmdlfem4x.c
===================================================================
--- cmdlfem4x.c	(revision 845)
+++ cmdlfem4x.c	(working copy)
@@ -35,6 +35,7 @@
   int i, j, clock, header, rows, bit, hithigh, hitlow, first, bit2idx, high, low;
   int parity[4];
   char id[11];
+  char id2[11];
   int retested = 0;
   uint8_t BitStream[MAX_GRAPH_TRACE_LEN];
   high = low = 0;
@@ -101,6 +102,7 @@
       {
         /* Read another byte! */
         sprintf(id+rows, "%x", (8 * BitStream[i]) + (4 * BitStream[i+1]) + (2 * BitStream[i+2]) + (1 * BitStream[i+3]));
+        sprintf(id2+rows, "%x", (8 * BitStream[i+3]) + (4 * BitStream[i+2]) + (2 * BitStream[i+1]) + (1 * BitStream[i]));
         rows++;
 
         /* Keep parity info */
@@ -135,6 +137,7 @@
       {
         /* Sweet! */
         PrintAndLog("EM410x Tag ID: %s", id);
+        PrintAndLog("Unique Tag ID: %s", id2);
 
         /* Stop any loops */
         return 1;

Offline

#2 2014-03-16 22:15:59

asper
Contributor
Registered: 2008-08-24
Posts: 1,409

Re: Unique Tags

Great job ! Thank you !!

Offline

#3 2014-03-23 13:46:16

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: Unique Tags

Great, commited as r851

Offline

#4 2014-03-23 21:50:17

asper
Contributor
Registered: 2008-08-24
Posts: 1,409

Re: Unique Tags

Hi holiman, please read here about new sorce code repository on github;
If you can please have a look to the r850 patch that is not implemented yet on github (r851 is already implemented): do you think r850 is a valid patch? (more info in the github thread linked few lines above).

Last edited by asper (2014-03-23 21:50:44)

Offline

#5 2014-03-23 22:49:15

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: Unique Tags

Oh, I've missed that completely.. I'll read it all later.. I'm all for github

Offline

Pages: 1

Board footer

Powered by FluxBB