Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
on iso 14443b what is the capabilities of proxmark3?
1-read/write/emulate?
2- is it implement BPSK (the modulations of 14443b)?
3- on witch fpga file that iso used?
thank you all
Offline
Re 1: typing 'hf 14b help' produces the available commands:
info Find and print details about a 14443B tag
list [Deprecated] List ISO 14443B history
reader Act as a 14443B reader to identify a tag
sim Fake ISO 14443B tag
snoop Eavesdrop ISO 14443B
sri512read Read contents of a SRI512 tag
srix4kread Read contents of a SRIX4K tag
sriwrite Write data to a SRI512 | SRIX4K tag
raw Send raw hex data to tagHowever, I cannot tell how complete those commands are - 14B is not very popular.
Re 2: Of course, otherwise those commands would not be possible
Re 3: hi_simulate.v, hi_read_tx.v, and hi_read_rx_xcorr.v
Offline
Re 1: typing 'hf 14b help' produces the available commands:
info Find and print details about a 14443B tag list [Deprecated] List ISO 14443B history reader Act as a 14443B reader to identify a tag sim Fake ISO 14443B tag snoop Eavesdrop ISO 14443B sri512read Read contents of a SRI512 tag srix4kread Read contents of a SRIX4K tag sriwrite Write data to a SRI512 | SRIX4K tag raw Send raw hex data to tagHowever, I cannot tell how complete those commands are - 14B is not very popular.
Re 2: Of course, otherwise those commands would not be possible
Re 3: hi_simulate.v, hi_read_tx.v, and hi_read_rx_xcorr.v
thank about your reply
1- can you please show me where BPSK implement on the code?
2- i not see where on hi_simulate.v, hi_read_tx.v, and hi_read_rx_xcorr.v implement 14443-b
i only see for ex. fpga file hi_iso14443a.v for 14443a but i not see where 14443b impelemnt on fpga code
thank you a lot
Offline
1- can you please show me where BPSK implement on the code?
BPSK modulation: is implemented in FPGA file hi_simulate.v:
modulating_carrier <= ssp_dout ^ ssp_clk_divider[3] // XOR means BPSKBPSK demodulation: hi_read_rx_xcorr.v implements an I/Q demodulator. The BPSK demodulation is then done on these signals by the Handle14443bSamplesDemod() function in iso14443b.c
Offline
p761845@mvrht.net wrote:1- can you please show me where BPSK implement on the code?
BPSK modulation: is implemented in FPGA file hi_simulate.v:
modulating_carrier <= ssp_dout ^ ssp_clk_divider[3] // XOR means BPSKBPSK demodulation: hi_read_rx_xcorr.v implements an I/Q demodulator. The BPSK demodulation is then done on these signals by the Handle14443bSamplesDemod() function in iso14443b.c
thank about your reply.
1. hi_simulate.v contain implement bpsk (for 14443b) and ask (for 14443a)?
2. why 14443A has seperat fpga file and 14443b don't ?
3. why did you point on this line on hi_simulate.v ?this line is not all the implenent for bpsk?
Last edited by p761845@mvrht.net (2017-10-11 07:32:01)
Offline
Re 1.: no. All 14443A functions (reader, simulate tag, sniff) are in hi_iso14443a.v
Re 2.: ISO14443A is much more complex mainly due to the strict timing requirements on tag response (fdt = n * 128 + 20 or fdt = n * 128 + 84 depending on the last reader command bit)
Re 3.: Oh yes, it is. BPSK modulation of digital signals requires just an XOR gate. If ssp_dout is logic 0, then modulating carrier will be equal to the subcarrier (ssp_clk_divider[3]). If ssp_dout is logic 1, then modulating_carrier will be equal to the inverted (= phase shifted by 180 degrees) subcarrier.
Offline
Re 1.: no. All 14443A functions (reader, simulate tag, sniff) are in hi_iso14443a.v
Re 2.: ISO14443A is much more complex mainly due to the strict timing requirements on tag response (fdt = n * 128 + 20 or fdt = n * 128 + 84 depending on the last reader command bit)
Re 3.: Oh yes, it is. BPSK modulation of digital signals requires just an XOR gate. If ssp_dout is logic 0, then modulating carrier will be equal to the subcarrier (ssp_clk_divider[3]). If ssp_dout is logic 1, then modulating_carrier will be equal to the inverted (= phase shifted by 180 degrees) subcarrier.
thank you about your reply
so it is the only line on fpga implement bpsk
1-can you please show me where is the rest implement on fpga to emulate 14443b(like sri 512?)
2- can you show me please where is the implement on fpga to read/identify 14443b(like sri 512?)
thank you so much!
Last edited by p761845@mvrht.net (2017-10-13 16:08:20)
Offline
so it is the only line on fpga implement bpsk
No, it is the only line on FPGA implementing bpsk modulation.
Regarding your questions:
1. FPGA code for ISO14443B emulation is in hi_simulate.v. Full SRI512 emulation is not implemented yet.
2. FPGA code for ISO14443B tag reading is in hi_read_rx_xcorr.v, which implements an I/Q demodulator. The BPSK demodulation is then done on these signals by the Handle14443bSamplesDemod() function in iso14443b.c
May I ask a question as well? What are you after and what are your intentions?
Offline
Hi,
I play with a tag 14443b and commands since few days.
Is it any issue to dump the tag, or export to a bin ? I use fir the moment the pm3 log
But i must reverse hex to srix4write.
Thanks
Offline