Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2015-07-04 04:30:43

ntk
Contributor
Registered: 2015-05-24
Posts: 701

Why there is so little complete study about 13.56 mHz entry system?

The proximity card technologies fall into two distinct groups:

Low frequency (125kHz) – generally referred to as proximity cards

High frequency (13.56MHz) – generally referred to as (contactless) smart cards

But most the works I found on the proxmark's forum are about 125 kHz entry system only.

There is one complete study about high frequency (13.56MHz) access based system: it was Mifare classic 1K and was way back in 2010.

Why so little interest in breaking in the HF field?

Is it because their is little know about their protocol, like Siemens Honeywell Cotag etc. so there is no coding? no study no understanding about their construction?

On 125  kHz system when clone you can use At55x7 or Q5 for emulating all sort of 125 kHz chip set? What about 13.56 Mhz system is Chinese magic card the only known copy material?

Last edited by ntk (2015-07-04 09:29:29)

Offline

#2 2015-07-04 10:56:47

asper
Contributor
Registered: 2008-08-24
Posts: 1,409

Re: Why there is so little complete study about 13.56 mHz entry system?

LF (earlier technology) uses practically no standard rules to transmit signals but uses standard modulation techniques; once you uderstood the modulation you can replicate it with specific devices such as T55x7 etc. HF (more recent technology) can use standard protocols but also uses proprietary commands so they are far more complex than LF and also breaking their schemes usually break laws (proprietary encryptions).

Offline

#3 2015-07-04 13:11:44

ntk
Contributor
Registered: 2015-05-24
Posts: 701

Re: Why there is so little complete study about 13.56 mHz entry system?

Your words are very true Asper. But I still not understand how they could get away with "proprietary"

Cars, mobile phone, bluetooth, printer, wifi, software writing even  coffee making machine practically all have standard, because there are standard there are people who know them, study them and making improvement. You can not invent new when you don't know what already exist

How could the company develop, then put it on proprietary and say anyone knowing them, open them showing playing with their weaknesses would break law,

Even if they put on patent there is a time limit too. if they did the same with pad lock in 1750 would every door would still have a pad lock on them. Or if Bill gate could be able to put a "proprietary version of window OP" on the market in the 1970... and nobody could touch or shown weakness of that operating system, where would we be today... or if the church could put "Earh is flat and Sun flies around earth" as "proprietary knowledge" we would still crow in a cave

Last edited by ntk (2015-07-04 13:27:05)

Offline

#4 2015-07-04 13:19:03

ntk
Contributor
Registered: 2015-05-24
Posts: 701

Re: Why there is so little complete study about 13.56 mHz entry system?

If we don't have specification and "blind" because of their proprietary commands is it true that one way to understand them by tracing observing what their equipment is doing.

I came across some proxmark's threads people talking about the critical short-breath of "snoop" command collecting trace only for few seconds. Is it possible from programming point of view to collect the real-time traces, put it in buffer and write on HD for later display

or make "snoop" more intelligent, that it once activated, it only automatically starts collecting when a level criteria is met

Last edited by ntk (2015-07-04 13:23:19)

Offline

#5 2015-07-04 14:11:05

asper
Contributor
Registered: 2008-08-24
Posts: 1,409

Re: Why there is so little complete study about 13.56 mHz entry system?

If you find a weakness you should uncover it wisely, informing the owner of the intellectual property of the possible damages (responsible disclosure) and not to take advantages; some people here behave this way, some others don't.

Offline

#6 2015-07-04 15:27:10

ntk
Contributor
Registered: 2015-05-24
Posts: 701

Re: Why there is so little complete study about 13.56 mHz entry system?

We might step in to deep water of ethical philosophic discussion who takes advantage who loses anything who has right to discover who should cover knowledge ... Maybe I am a bad person.

However what about proxmark HF snoop tool? you a a magnet of chip types, chip knowledge, commands what about this memory problem
1/ trace communication between chip and reader why can not use the serial port buffer
2/ is there work for increasing memory pool iplaned/ntended already

Offline

#7 2015-07-04 19:30:57

asper
Contributor
Registered: 2008-08-24
Posts: 1,409

Re: Why there is so little complete study about 13.56 mHz entry system?

I don't understand what you are trying to tell me.

It is not a question of good and bad peolple, it is about rules: here we do not like people who want to steal/fraud. If we study something is for the sake of challenge/personal knowledge; if someone decide to publish their discoveries here this "someone" deserves a VERY BIG THANK YOU because he does that absolutely  for free. Some people cannot give info because they subscribed NDA acts.

About the possibility to store more bytes into an external storage device this is a wip if I well remember.

Offline

#8 2015-07-04 22:23:56

ntk
Contributor
Registered: 2015-05-24
Posts: 701

Re: Why there is so little complete study about 13.56 mHz entry system?

I am not bad-mouthing you Asper.

I mean being here or being at DEFCON in the eyes of manufacturer we are already being seen as bad, trouble stirring group, regardless why we are here whether for the sake of challenge, for enrichment of personal knowledge or just curiosity. Only the one who buy how ever expensive product without making any critical question is a manufacturer's or sale men's good person.... In that sense I am not a good person, my curiosity calls me here & makes me a "bad person" ... and I accept it...  That is all.

Hopefully a strengthened snoop version will come soon enough for Marshmellow and the people working on SiPass, Cotag, Bewator I read and search but can not do anything for help

Offline

Board footer

Powered by FluxBB