• Registered: 2009-11-05
  • Posts: 28

Topic: Debugging half-working proxmark

So I soldered my proxmark together, and was able to program the firmware onto the device. I programed the pre-compiled firmware from the 20090905-r216 release.

I am missing the TLV3502 right now, should have it soon.

My LEDS light up as follows:

(LED layout on my board is   red,green,yellow  and then another red near push-button when looking at the board with the relay to the bottom left)

ALL ON
RED+GREEN ON
ALL OFF
RED LED beside pushbutton flashes


Proxmark Client Software:
-Runs and detects the proxmark.
-tune command outputs the following:

LF Antenna: 10.88 V @ 125.00khz
LF Antenna: 11.01V  @ 134.00khz
LF optimal:   23.36V  @ 48.58khz
HF Antenna: 3.09V    @ 13.56mhz

Edit:
I'm able to get  13.7V@125khz, 13.16V@134khz, 1.78V@81khz...

I only have a LF antenna connected (and badly tuned it appears).


loread:

RED led near push button turns on.
Then the proxmark resets.


I'm checking a few pins now..

Last edited by cmolson (2009-12-11 15:40:38)

  • Registered: 2008-10-14
  • Posts: 42

Re: Debugging half-working proxmark

Hopefully this isn't too late to help -- everything through the 'tune' output sounds correct, although your tuning results point to poor tuning of the LF receive circuit -- what antenna are you using?   What tuning capacitor do you have installed on the PM3 and/or antenna?  The missing TLV3502 should not affect anything until you get to the point of trying to simulate an LF tag.

The loread / reset thing sounds like a crash, maybe you could try adding some additional debug output to the firmware, or try to figure out where it's crashing using the JTAG interface?

  • Registered: 2009-11-05
  • Posts: 28

Re: Debugging half-working proxmark

Thanks for the help bushing

I received a hot air rework station for x-mas (cheap Aoyue 852A++). So I was able to remove and re-solder the  atmel, and  FPGA.

I am getting some better results now, I am able to *sometimes* read a TI tag using tiread command.

#TAG 1
> tiread
#db# Info: TI tag is rewriteable
#db# Info: TI tag ident is valid
#db# Info: Tag data_hi, data_lo, crc = 
#db# 55555555, 55555555, 0000852c

#db# Info: CRC is good

#TAG 2
> tiread
#db# Info: TI tag is readonly
#db# Info: Tag data_hi, data_lo, crc = 
#db# 00000000, 08e97f53, 000041a1

#db# Info: CRC is good

My Antenna results are as follows:

# LF antenna: 12.08 V @   125.00 kHz
# LF antenna: 17.19 V @   134.00 kHz
# LF optimal: 31.02 V @   324.32 kHz
# HF antenna:  3.67 V @    13.56 MHz
# Your HF antenna is marginal

I am using an antenna designed for 134khz tags(iirc), but it was a cheap one so I am sure if I invest in a better antenna my results will improve.

So it looks like it is mostly working (at least the lf).

I will get back about the capacitor I am using, as I forget at the moment which one I installed (I ordered the partslist one, and the other suggested one).

I am so excited that it can read a tag though!

Last edited by cmolson (2010-01-05 19:28:39)