Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

Pages: 1

#1 2017-07-10 15:44:15

kikecea
Contributor
Registered: 2017-07-06
Posts: 13

Trying to know a LF tag, someone help me, thx

Hi guys! I like the RFID tecnology and I working hard using this powerful Proxmark3, to learn about it... I have a circular tag and I am treating to know about it. I don't know which type is it, or which protocols used. I tried to read it with all of commands of to read low frecuency tags... Someone know other command to try it? Sometimes when I read it, with   proxmark>lf search u  , the proxmark says that it is an Indala tag, and other times no... I am crazy with it... What is Indala? a protocol, a type of EM4x tag... I use the data ask edgedetect to see the bit stream. These is the results what I obtained with different commands...

proxmark3> lf search u
#db# LF Sampling config:                  
#db#   [q] divisor:           95                  
#db#   [b] bps:               8                  
#db#   [d] decimation:        1                  
#db#   [a] averaging:         1                  
#db#   [t] trigger threshold: 0                  
#db# DownloadFPGA(len: 42096)                 
#db# Done, saved 40000 out of 40000 seen samples at 8 bits/sample                 
#db# buffer samples: 4f 50 53 54 57 58 5a 5b ...                 
Reading 20000 bytes from device memory
Data fetched          
Samples @ 8 bits/smpl, decimation 1:1           
NOTE: some demods output possible binary
  if it finds something that looks like a tag          
False Positives ARE possible
Checking for known tags:
No Known Tags Found!
Checking for Unknown tags:
Possible Auto Correlation of 4096 repeating samples          
Unknown ASK Modulated and Manchester encoded Tag Found!          
if it does not look right it could instead be ASK/Biphase - try 'data rawdemod ab'          
0101010101111111          
0110110111101111          
0111111111111100          
0000101100000111          
0101010101111111          
0110110111101111          
0111111111111100          
0000101100000111          
0101010101111111          
0110110111101111          
0111111111111100          
0000101100000111          
0101010101111111          
0110110111101111          
0111111111111100          
0000101100000111          
0101010101111111          
0110110111101111          
0111111111111100 
proxmark3> data rawdemod  am        
Using Clock: 64 - Invert: 0 - Bits Found: 313          
ASK/Manchester decoded bitstream:          
0101010101111111          
0110110111101111          
0111111111111100          
0000101100000111          
0101010101111111          
0110110111101111          
0111111111111100          
0000101100000111          
0101010101111111          
0110110111101111          
0111111111111100          
0000101100000111          
0101010101111111          
0110110111101111          
0111111111111100          
0000101100000111          
0101010101111111          
0110110111101111          
0111111111111100

Offline

#2 2017-07-10 15:49:40

marshmellow
Contributor
From: US
Registered: 2013-06-10
Posts: 2,302

Re: Trying to know a LF tag, someone help me, thx

it appears it may have found an ask/man encoded chip.  but without a trace or at least a plot i cannot be sure.  (note that as lf search output says ask/man can be mistaken for ask/biphase or ask/diphase or even just nrz(ask) in rare cases.) 

if you can post a trace (after search do a `data save xxxx.pm3` and post the txt file to a file share and link it here.) and provide any markings on the tag it will help identifying it properly.

Offline

#3 2017-07-11 09:12:10

kikecea
Contributor
Registered: 2017-07-06
Posts: 13

Re: Trying to know a LF tag, someone help me, thx

Hello, I'm trying to upload the trace, but i don't know how do it... After I do "data save xxxx.pm3", where is the file? I save the data but I don't find it. sorry for my unknoledge... I'm trying other option, copy the screen and after past it here, but i can't. I use "FluxBB bbcode test" with the route of the file but never work...

Last edited by kikecea (2017-07-11 09:42:56)

Offline

#4 2017-07-11 10:20:50

kikecea
Contributor
Registered: 2017-07-06
Posts: 13

Re: Trying to know a LF tag, someone help me, thx

Dcg9xSJ.jpg
e0t7xTt.jpg
qykd237.jpg
Finaly I upload the image at ingur, you can see it? I want to learn about this tecnology and I focus with this tag that I found.. thx guys

Offline

#5 2017-07-11 14:40:38

marshmellow
Contributor
From: US
Registered: 2013-06-10
Posts: 2,302

Re: Trying to know a LF tag, someone help me, thx

the auto correlation indicates your tag repeats every 4096 samples and the rawdemod detected a clock of rf/64 (or one bit per 64 samples) meaning your tag is transmitting a repeating 64 bits  (which your demodulated binary also shows)
your signal is definately ASK but it could be encoded with either manchester or biphase or the inverse of those.

the output from the data rawdemod would be all that is required to attempt a clone.

but to know more about the structure of what the binary means we need to know more about the tag and/or ID system:
are there any markings on the tag or do you know what the ID number is that the reader reads?

Offline

#6 2017-07-11 14:42:24

marshmellow
Contributor
From: US
Registered: 2013-06-10
Posts: 2,302

Re: Trying to know a LF tag, someone help me, thx

also, it appears you are using an old version of the pm3 software/firmware.  you may want to update to the latest source code on github for many new features and improvements.

Offline

#7 2017-07-11 15:31:13

kikecea
Contributor
Registered: 2017-07-06
Posts: 13

Re: Trying to know a LF tag, someone help me, thx

Hi marshmellow, thanks for your help! I download the 2.4 version:

proxmark3> hw version
[[[ Cached information ]]]
Prox/RFID mark3 RFID instrument         
bootrom: /-suspect 2015-11-19 10:08:02
os: /-suspect 2015-11-19 10:08:09
LF FPGA image built for 2s30vq100 on 2015/03/06 at 07:38:04
HF FPGA image built for 2s30vq100 on 2015/11/ 2 at  9: 8: 8
uC: AT91SAM7S512 Rev B         
Embedded Processor: ARM7TDMI         
Nonvolatile Program Memory Size: 512K bytes. Used: 169916 bytes (32%). Free: 354372 bytes (68%).         
Second Nonvolatile Program Memory Size: None         
Internal SRAM Size: 64K bytes         
Architecture Identifier: AT91SAM7Sxx Series         
Nonvolatile Program Memory Type: Embedded Flash Memory

Offline

#8 2017-07-11 15:36:04

marshmellow
Contributor
From: US
Registered: 2013-06-10
Posts: 2,302

Re: Trying to know a LF tag, someone help me, thx

2.4 is still pretty old.  We are over 3.0

Offline

#9 2017-07-11 15:56:29

kikecea
Contributor
Registered: 2017-07-06
Posts: 13

Re: Trying to know a LF tag, someone help me, thx

I think that could be ASK  Manchester, even I obtained the same chain of numbers using Manchester(from higher to lower1, from lower to higher0, depends where I start the pulse...)  that the decoded bitstream of proxmark shows... You did it? because i am not sure where I should start...

proxmark3> data rawdemod  am        
Using Clock:64, Invert:0, Bits Found:467          
ASK/Manchester - Clock: 64 - Decoded bitstream:          
0000011101010101
0111111101101101
1110111101111111
1111110000001011
0000011101010101
0111111101101101
1110111101111111
1111110000001011
0000011101010101
0111111101101101
1110111101111111
1111110000001011
0000011101010101
0111111101101101
1110111101111111
1111110000001011
0000011101010101
0111111101101101
1110111101111111
1111110000001011
0000011101010101
0111111101101101
1110111101111111
1111110000001011
0000011101010101
0111111101101101
1110111101111111
1111110000001011
0000011101010101
011

   

proxmark3> data rawdemod  ab        
Biphase Decoded using offset: 0 - clock: 64 - # errors:0 - data:          
0111101100000000
0011111100100100
1110011100111111
1111110111110001
0111101100000000
0011111100100100
1110011100111111
1111110111110001
0111101100000000
0011111100100100
1110011100111111
1111110111110001
0111101100000000
0011111100100100
1110011100111111
1111110111110001
0111101100000000
0011111100100100
1110011100111111
1111110111110001
0111101100000000
0011111100100100
1110011100111111
1111110111110001
0111101100000000
0011111100100100
1110011100111111
1111110111110001
0111101100000000
001

   
I think that could be ASK  Manchester encode

Offline

#10 2017-07-12 08:39:30

kikecea
Contributor
Registered: 2017-07-06
Posts: 13

Re: Trying to know a LF tag, someone help me, thx

marshmellow wrote:

2.4 is still pretty old.  We are over 3.0

ohhh, ok ok, I have only found in   http://proxmark.org/forum/viewtopic.php?id=1562  , but the latest version is 2.5 and my pc(xp) can't run it...  You know other pages?

Offline

#11 2017-07-12 09:04:24

Onisan
Contributor
From: London
Registered: 2016-07-18
Posts: 88

Re: Trying to know a LF tag, someone help me, thx

Do you have a pic of the tag?

Offline

#12 2017-07-13 09:16:15

kikecea
Contributor
Registered: 2017-07-06
Posts: 13

Re: Trying to know a LF tag, someone help me, thx

Hi Onisan, this is the tag. I'm trying to get more data, even remove the black plastic, to know more about the tag but I can't find anymore. In one of the tag I found: J  57

JW4yH69.jpg

Offline

Pages: 1

Board footer

Powered by FluxBB