Sniff/snoop issue's

Stanger · 2015-07-28 20:03:36

I cannot get snooped data dumped. I tried a lot of different antenna stances and I made also a new antenna because I thought my stock one had a too low voltage. I get next to the orange light a flashing red light and a constant green one when card and reader interact. Here is some debug:

[== Undefined ==]
proxmark3> hf 14a snoop
#db# COMMAND FINISHED                 
#db# maxDataLen=5, Uart.state=0, Uart.len=1                 
#db# traceLen=2997, Uart.output[0]=00000052                 

proxmark3> hf list 14a
Recorded Activity (TraceLen = 0 bytes)          
          
Start = Start of Start Bit, End = End of last modulation. Src = Source of Transfer          
iso14443a - All times are in carrier periods (1/13.56Mhz)          
iClass    - Timings are not as accurate          
          
     Start |       End | Src | Data (! denotes parity error)                                   | CRC | Annotation         |          
-----------|-----------|-----|-----------------------------------------------------------------|-----|--------------------|

and with the other command

[== Undefined ==]
proxmark3> hf mf sniff
-------------------------------------------------------------------------
Executing command. 
Press the key on the proxmark3 device to abort both proxmark3 and client.
Press the key on pc keyboard to abort the client.
-------------------------------------------------------------------------
.........................>
received trace len: 0 packages: 1          
.................................#db# cancelled by button                 
#db# COMMAND FINISHED                 
#db# maxDataLen=2, Uart.state=0, Uart.len=0

Here is some hardware info:

[== Undefined ==]
proxmark3> hw version
#db# Prox/RFID mark3 RFID instrument                 
#db# bootrom: svn 0 2014-04-01 12:12:24                 
#db# os: svn 0 2014-04-01 12:12:24                 
#db# FPGA image built on 2014/03/24 at 21:54:44                 
Prox/RFID mark3 RFID instrument

Antenna: # HF antenna: 10,83 V @ 13.56 MHz
With card on it: # HF antenna: 8,60 V @ 13.56 MHz
With card and reade r # HF antenna: 6,09 V @ 13.56 MHz

I didn't succeed in flashing my firmware because the flasher keeps waiting till the device is detected on /dev/ttyACM0

Last edited by Stanger (2015-07-28 20:04:10)

iceman · 2015-07-28 21:09:46

You'll need to update your software. It's outdated.
Try press the button before you attach it to your computer, and keep holding it pressed until you flashed.
its a one hand operation

Stanger · 2015-07-28 21:27:39

Yep I did it exactly like that but it can't transfer to my device. I also tried with an old flasher but it didn't work also. Here is the debug:

[== Undefined ==]
:~/proxmark3/client$ sudo ./flasher -b ../bootrom/obj/bootrom.elf
[sudo] password for mark: 
Loading ELF file '../bootrom/obj/bootrom.elf'...
Loading usable ELF segments:
0: V 0x00100000 P 0x00100000 (0x00000200->0x00000200) [R X] @0x94
1: V 0x00200000 P 0x00100200 (0x00000b58->0x00000b58) [RWX] @0x298
Attempted to write bootloader but bootloader writes are not enabled
Error while loading ../bootrom/obj/bootrom.elf

with device port

[== Undefined ==]
sudo ./flasher /dev/ttyACM0 -b ../bootrom/obj/bootrom.elf
Loading ELF file '../bootrom/obj/bootrom.elf'...
Loading usable ELF segments:
0: V 0x00100000 P 0x00100000 (0x00000200->0x00000200) [R X] @0x94
1: V 0x00200000 P 0x00100200 (0x00000b58->0x00000b58) [RWX] @0x298

Waiting for Proxmark to appear on /dev/ttyACM0..................................

So it seems to be that the proxmark haven't made stable connection to the pc.

Running dmesg while holding button:

[== Undefined ==]
[40220.770257] usb 2-1.4.1: Manufacturer: proxmark.org
[40220.770514] cdc_acm 2-1.4.1:1.0: This device cannot do calls on its own. It is not a modem.
[40220.770538] cdc_acm 2-1.4.1:1.0: ttyACM1: USB ACM device
[40226.638671] usb 2-1.4.1: USB disconnect, device number 43
[40230.409760] usb 2-1.4.1: new full-speed USB device number 44 using ehci-pci
[40230.502801] usb 2-1.4.1: New USB device found, idVendor=2d2d, idProduct=504d
[40230.502803] usb 2-1.4.1: New USB device strings: Mfr=1, Product=0, SerialNumber=0

So now my device is suddenly ttyACM1

running code again:

[== Undefined ==]
:~/proxmark3/client$ sudo ./flasher /dev/ttyACM1 -b ../bootrom/obj/bootrom.elf
Loading ELF file '../bootrom/obj/bootrom.elf'...
Loading usable ELF segments:
0: V 0x00100000 P 0x00100000 (0x00000200->0x00000200) [R X] @0x94
1: V 0x00200000 P 0x00100200 (0x00000b58->0x00000b58) [RWX] @0x298

Waiting for Proxmark to appear on /dev/ttyACM1\.... Found.
Sending bytes to proxmark failed

Last edited by Stanger (2015-07-28 21:28:44)

iceman · 2015-07-28 21:32:50

I just pushed some changes to the old hid_flasher code. Its usb_cmd.h wasn't in sync with the one inside /common/usb_cmd.h

This could be your issue with a failed flash.

Stanger · 2015-07-28 21:47:20

Nope I just downloaded the newest software and remade it but it gives still the same error: Sending bytes to proxmark failed

iceman · 2015-07-28 21:56:08

forgot to mention that I pushed it to my fork... not the PM3 master.
https://github.com/iceman1001/proxmark3 … f3e2681c3d
you'll see the changes I did.

Stanger · 2015-07-28 22:29:34

I assumed these changes were the only ones relevant for testing the error:

[== Undefined ==]
+#define USB_CMD_DATA_SIZE 512
+
 typedef struct {
-	uint32_t	cmd;
-	uint32_t	arg[3];
+	uint64_t	cmd;
+	uint64_t	arg[3];
 	union {
-		uint8_t		asBytes[48];
-		uint32_t	asDwords[12];
+    uint8_t  asBytes[USB_CMD_DATA_SIZE];
+    uint32_t asDwords[USB_CMD_DATA_SIZE/4];
 	} d;
 } PACKED UsbCommand;
+// A struct used to send sample-configs over USB
+typedef struct{
+	uint8_t decimation;
+	uint8_t bits_per_sample;
+	bool averaging;
+	int divisor;
+	int trigger_threshold;
+} sample_config;

I have clean and made it again but it still give this error:( What is remarkable is that when I often plug the pm3 in while holding the button, the address change from ttyACM0 to ttyACM1

iceman · 2015-07-28 22:47:41

yes, those were the relevant changes.

I assume you have the blacklist rules needed for *nux env.

Strange behavior indeed, however 2014 firmware should use the newer usb..
Did you try both the older hid-flasher and the new one inside client?

Stanger · 2015-07-28 23:23:39

I have nothing blacklisted.

I have r623 compiled and I use that flasher with the bootrom.elf located in newest version. I use it like this:

[== Undefined ==]
:~$ sudo ./proxmark3-old/client/flasher -b ./proxmark3/bootrom/obj/bootrom.elf
Loading ELF file './proxmark3/bootrom/obj/bootrom.elf'...
Loading usable ELF segments:
0: V 0x00100000 P 0x00100000 (0x00000200->0x00000200) [R X] @0x94
1: V 0x00200000 P 0x00100200 (0x00000b58->0x00000b58) [RWX] @0x298

Waiting for Proxmark to appear on USB...........................................

I cannot give the location in the command. It will see the /dev/ttyACM1 command as a directory.

iceman · 2015-07-28 23:32:43

PROXMARK DRIVER INSTALLATION

No drivers are required to use the Proxmark within Linux. You will however need to do a couple of things as root:

    Add yourself to the dialout group: 

    sudo adduser <username> dialout 

    (You will need to logoff before the changes will take effect.) 

    Configure modem-manager to ignore the proxmark (this is important as it will block flashing): 

    sudo vi /etc/udev/rules.d/77-mm-usb-device-blacklist.rules 

    Create this file if it doesn't already exist, and add the following:

    # proxmark3 - http://www.proxmark.org/
    ATTRS{idVendor}=="2d2d" ATTRS{idProduct}=="504d", ENV{ID_MM_DEVICE_IGNORE}="1"

    restart udev hotplug control: 

    sudo udevadm control --reload-rules

iceman · 2015-07-28 23:43:50

You have the CDC version of the bootrom, so you don't need the old HID-Flasher. (forget it)

Stanger · 2015-07-29 00:05:31

Thanks a ton it worked!! I had to do a few things different as the manual but that was the issue. I assume it isn't normal that the red and orange light stay on? The flashing went good I suppose.

Last edited by Stanger (2015-07-29 00:11:50)

iceman · 2015-07-29 00:16:42

that was good news.
How is you sniff/snooping now?

After flashing bootrom, and fullimage?

Stanger · 2015-07-29 00:35:25

I try to flash the fpga but the pm doesn’t get recognized by the flasher. Waiting for Proxmark to appear on /dev/ttyACM1.......................
dmesg does recognize the pm on ttyACM1. I will go further with it tomorrow:)

iceman · 2015-07-29 00:38:26

Try the button press - trick again.

Stanger · 2015-07-29 11:27:01

I succeeded flashing fullimage but the manuals are a bit outdated. I would have no problems with fixing that.

The hf 14a snoop works amazing. The hf mf sniff command is a little bit harder but thats no big deal as long as I can snoop.

Thanks a lot Iceman!

Last edited by Stanger (2015-07-29 11:38:44)

iceman · 2015-07-29 14:38:15

You are welcome.

I'm looking forward to when you will be contributing to the sourcecode aswell.

Proxmark3 community

Announcement

#1 2015-07-28 20:03:36

Sniff/snoop issue's

#2 2015-07-28 21:09:46

Re: Sniff/snoop issue's

#3 2015-07-28 21:27:39

Re: Sniff/snoop issue's

#4 2015-07-28 21:32:50

Re: Sniff/snoop issue's

#5 2015-07-28 21:47:20

Re: Sniff/snoop issue's

#6 2015-07-28 21:56:08

Re: Sniff/snoop issue's

#7 2015-07-28 22:29:34

Re: Sniff/snoop issue's

#8 2015-07-28 22:47:41

Re: Sniff/snoop issue's

#9 2015-07-28 23:23:39

Re: Sniff/snoop issue's

#10 2015-07-28 23:32:43

Re: Sniff/snoop issue's

#11 2015-07-28 23:43:50

Re: Sniff/snoop issue's

#12 2015-07-29 00:05:31

Re: Sniff/snoop issue's

#13 2015-07-29 00:16:42

Re: Sniff/snoop issue's

#14 2015-07-29 00:35:25

Re: Sniff/snoop issue's

#15 2015-07-29 00:38:26

Re: Sniff/snoop issue's

#16 2015-07-29 11:27:01

Re: Sniff/snoop issue's

#17 2015-07-29 14:38:15

Re: Sniff/snoop issue's

Board footer