Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Pages: 1
Hello!
I would like to check if em4x50 chips are vulnerable to timing attack - i.e if the NAK response time varies depending if the first byte of the password is valid or not.
Is there a (semi) simple way of getting a trace of proxmark command and response? I have only one device.
Offline
Hi, Phaseloop you have to do an lf search to identify the tag or key, then lf em 4x50 info & you will see if there is protection by passwd or not, I put you a check of my key em 4x50 we can see that it there is no protection.
If it is the same case for you then easy to dump or write in the --blk, otherwise you will have to sniff to extract the passwd.
Good day.
If you have a pm3 easy Lf antenna that is not of very good quality, you will have to find the right position.
[usb] pm3 --> lf em 4x50 info
[=] --- Tag Information ---------------------------
[=] # | word (msb) | word (lsb) | desc
[=] ----+-------------+-------------+--------------------
[=] 32 | 94 EE 8C C0 | 03 31 77 29 | device serial number (read only)
[=] 33 | 4C 08 00 41 | 82 00 10 32 | device identification (read only)
[=] ----+-------------+-------------+--------------------
[=] ---- Configuration ----
[=] first word read.... 0
[=] last word read..... 0
[=] password check..... off <<no passwd
[=] read after write... off
[=] --------- Protection ------------
[=] first word read protected.... 0
[=] last word read protected..... 0
[=] first word write inhibited... 0
[=] last word write inhibited.... 0
[=] zero values may indicate read protection
Offline
The OP haven't been there for a while, and ISTM you are answering the wrong question.
Offline
Hello quterydyf, I answered by telling him that he will come to nothing in detecting the em 4x50 because he is trying with a pm3 easy and the LF antenna & of poor quality, in addition in case he happens to make an lf em 4x50 info to see the protection by a passwd.
Now you can answer his question correctly.
Good day.
Last edited by fazer (2023-05-17 12:27:06)
Offline
Pages: 1