Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Pages: 1
I saw in many published papers that the first reader command is "60 xx crc crc" and the chip reply is "aa bb cc dd"
In another paper this is explained that ID is XORed with RND before entering the LFSR
ID is 4 bytes long + 1 LRC
Does the RND from the chip is "aa bb" and the CRC is "cc dd" or the RND is "aa bb cc dd" ???
To perform the XOR this is more logic to have "aa bb cc dd" otherwise I don't see how this XOR is done (perhaps only on the 2 LSBytes of the ID).
From a chip design point of view this is logic to have "aa bb" and CRC "cc dd" ...
Could someone explain ?
thanks
Offline
Great!
Offline
Pages: 1