Proxmark developers community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

#1 2013-04-25 22:00:26

cipcaps
Member
Registered: 2013-03-18
Posts: 5

HF antenna connection instability

Hi.

What I'm trying to do?

I'm trying to emulate Mifare Card(1k and UltraLight).

What I'm using?

I'm using the antenna that came with proxmark, but there is some interesting behavior with the `field`reader.

I have written my own emulator functions for proxmark, I have striped out a lot of delays and optimized very much of overall code.

The problem

Everything is fine with my home reader, but I'm having issues with `field` read as I sad.

I have located the cause of problem and I believe it is the antenna - the feald reader is having troubles keeping steady connection. Some times it works, but ~ 90% of tries it fails.

Dump of `hw detectreader` for my home reader:

#db# HF 13.56 Field Change: 0 b 301c       
#db# HF 13.56 Field Change: b 1f 1       
#db# HF 13.56 Field Change: 1f 33 1       
#db# HF 13.56 Field Change: 33 4b 1       
#db# HF 13.56 Field Change: 4b 65 1       
#db# HF 13.56 Field Change: 65 82 1       
#db# HF 13.56 Field Change: 82 90 1       
#db# HF 13.56 Field Change: 90 9b 9b       
#db# HF 13.56 Field Change: 9b 0 d8       
#db# HF 13.56 Field Change: 0 93 1       
#db# HF 13.56 Field Change: 93 85 1       
#db# HF 13.56 Field Change: 85 56 1       
#db# HF 13.56 Field Change: 56 1c 1       
#db# HF 13.56 Field Change: 1c 0 1       


Dump of `hw detectreader` for my `field` reader:

#db# HF 13.56 Field Change: 5 10 155       
#db# HF 13.56 Field Change: 10 0 1       
#db# HF 13.56 Field Change: 0 b 58       
#db# HF 13.56 Field Change: b 16 1       
#db# HF 13.56 Field Change: 16 0 1       
#db# HF 13.56 Field Change: 0 1a 25       
#db# HF 13.56 Field Change: 1a 2a 1       
#db# HF 13.56 Field Change: 2a 0 1       
#db# HF 13.56 Field Change: 0 4c 25       
#db# HF 13.56 Field Change: 4c 74 1       
#db# HF 13.56 Field Change: 74 0 1       
#db# HF 13.56 Field Change: 0 f3 25       
#db# HF 13.56 Field Change: f3 156 1       
#db# HF 13.56 Field Change: 156 0 1       
#db# HF 13.56 Field Change: 0 1ec 25       
#db# HF 13.56 Field Change: 1ec 198 14       
#db# HF 13.56 Field Change: 198 0 1       
#db# HF 13.56 Field Change: 0 1ea 13       
#db# HF 13.56 Field Change: 1ea 1c0 1       
#db# HF 13.56 Field Change: 1c0 0 1       

AND another test

b# HF 13.56 Field Change: 14 1f 1       
#db# HF 13.56 Field Change: 1f 0 1       
#db# HF 13.56 Field Change: 0 2a 27       
#db# HF 13.56 Field Change: 2a 3b 1       
#db# HF 13.56 Field Change: 3b 0 1       
#db# HF 13.56 Field Change: 0 3b 24       
#db# HF 13.56 Field Change: 3b 62 1       
#db# HF 13.56 Field Change: 62 0 1       
#db# HF 13.56 Field Change: 0 7b 27       
#db# HF 13.56 Field Change: 7b 98 1       
#db# HF 13.56 Field Change: 98 0 1       
#db# HF 13.56 Field Change: 0 c5 24       
#db# HF 13.56 Field Change: c5 ea 1       
#db# HF 13.56 Field Change: ea 0 1       
#db# HF 13.56 Field Change: 0 132 27       
#db# HF 13.56 Field Change: 132 14f 1       
#db# HF 13.56 Field Change: 14f 0 1       
#db# HF 13.56 Field Change: 0 197 25       
#db# HF 13.56 Field Change: 197 1b5 1       
#db# HF 13.56 Field Change: 1b5 0 1       
#db# HF 13.56 Field Change: 0 1cd 25       
#db# HF 13.56 Field Change: 1cd 184 14       
#db# HF 13.56 Field Change: 184 0 1       
#db# HF 13.56 Field Change: 0 f 12       
#db# HF 13.56 Field Change: f 1d7 1       
#db# HF 13.56 Field Change: 1d7 7 1       
#db# HF 13.56 Field Change: 7 1d8 27       
#db# HF 13.56 Field Change: 1d8 17c 14       
#db# HF 13.56 Field Change: 17c 6 1       
#db# HF 13.56 Field Change: 6 101 13       
#db# HF 13.56 Field Change: 101 49 1       
#db# HF 13.56 Field Change: 49 5 1         

Here is command track:

#db# #-|--Command:        
#db# #-----|--length: 1       
#db# #--------|-- 26         
#db# #------|--length: 2       
#db# #---------|- 4400       
#db# #-|-------------------       
#db# #-|--Command:        
#db# #-----|--length: 1       
#db# #--------|-- 26         
#db# #------|--length: 2       
#db# #---------|- 4400       
#db# #-|-------------------       
#db# #-|--Command:        
#db# #-----|--length: 1       
#db# #--------|-- 26         
#db# #------|--length: 2       
#db# #---------|- 4400       
#db# #-|-------------------       
#db# #-|--Command:        
#db# #-----|--length: 1       
#db# #--------|-- 26         
#db# #------|--length: 2       
#db# #---------|- 4400       
#db# #-|-------------------       
#db# #-|--Command:        
#db# #-----|--length: 2       
#db# #--------|-- 9320
#db# #-----|--length: 5       
#db# #---------|- 8804dd0657    
#db# #-|-------------------          
#db# #-|--Command:        
#db# #-----|--length: 9       
#db# #--------|-- 93708804dd06579f79       
#db# #-----|--length: 3       
#db# #---------|- 04da17       
#db# #-|-------------------       
#db# #-|--Command:        
#db# #-----|--length: 1       
#db# #--------|-- 26       
#db# #-----|--length: 2       
#db# #---------|- 4400       
#db# #-|-------------------       
#db# #-|--Command:        
#db# #-----|--length: 2       
#db# #--------|-- 9320       
#db# #-----|--length: 5       
#db# #---------|- 8804dd0657       
#db# #-|-------------------       
#db# #-|--Command:        
#db# #-----|--length: 1       
#db# #--------|-- 26       
#db# #-----|--length: 2       
#db# #---------|- 4400       
#db# #-|-------------------       
#db# #-|--Command:        
#db# #-----|--length: 2       
#db# #--------|-- 9320       
#db# #-----|--length: 5       
#db# #---------|- 8804dd0657       
#db# #-|-------------------       

I'm 100% sure the reader is not the one cutting(by cutting I mean stopping because of invalid response or so) the connection. Because I have successful read and writes too.

I believe this is some kind of detection mechanism to save energy or so, because I don't see any other reasons why reader should beep signal like it does.

The way I test:
     READER                                                         Original cable(connecting antenna)
______                                                                  _____
------\                                                                /     \
-------\                                                              /      ||_
--------\                                                            /       |--|
--------||                                                          ||       |--|
--------||                     //                               A   ||       |--|  P
--------||                    //                                n   ||       |--|  r
--------||                   //     <=====                      t   ||       |--|  x
--------||                 <            <==========             e   ||       |--|  m
--------||                   \\     <=====                      n   ||       |--|  a
--------||                    \\                                n   ||       |--|  r
--------||                     \\                               s   ||       |--|  k
--------||                                                          ||       |--|
--------/                                                                    |--|  3
-------/             I move the proxmark with antenna slowly,                |--| 
------/                 starting from about 20 cm, closer                      \\
-----/                           to the reader.                                 \\
----/                                                                            \\         USB Cable to my notebook(in backpack)
---/                                                                              \\
--/                                                                                \\====================//
-/
/

I have tried different angles too, and moving it from side in front of the reader, but it does not help.

Most success I have had with this approach.

Summary

Do some one have any ideas, or advice?

How to get steady connection with `feald` reader?

Thanks

Offline

#2 2013-04-26 16:47:18

o0o0o0o
Contributor
From: Germany
Registered: 2011-10-06
Posts: 64

Re: HF antenna connection instability

May I ask you, where are you from ?
--
The antenna that

came with proxmark

is it plugged with the "Enclosed Proxmark III" or do you have the 'not enclosed' one ?


And would you share what you did with the community ? The "own emulator functions for proxmark".

Last edited by o0o0o0o (2013-04-26 16:48:31)

Offline

#3 2013-04-26 21:39:33

cipcaps
Member
Registered: 2013-03-18
Posts: 5

Re: HF antenna connection instability

Hi.

I'm from Latvia.

----

I have not enclosed proxmark.

----

Yea, sure, I will be happy to share, but I wan't to get it working first.

Offline

#4 2013-04-27 14:58:23

vivat
Contributor
Registered: 2010-10-26
Posts: 332

Re: HF antenna connection instability

cipcaps
Do you know what your `field` reader model is?

Offline

#5 2013-04-27 14:59:54

cipcaps
Member
Registered: 2013-03-18
Posts: 5

Re: HF antenna connection instability

No, it is just white/gray plastic device, no model or company on it.

Offline

#6 2013-04-27 15:17:22

vivat
Contributor
Registered: 2010-10-26
Posts: 332

Re: HF antenna connection instability

Do you have photo?

Offline

#7 2013-05-31 13:45:18

cipcaps
Member
Registered: 2013-03-18
Posts: 5

Re: HF antenna connection instability

Hi.

Sorry for delay, but I was working very hard, I can get the photo, but I found a solution.

The problem was not antenna, the problem was software.

What I found about the reader is that it uses timing as communication validity check, as in Mifare standard, but after testing proxmark and different software version, I came to conclusion that proxmark is taking too muck time to send/receive commands, the biggest delay was after send and receiving(starting to process) next command, so the reader denied the connection, restarted the antenna and tried again.. and again...

So I came to conclusion that I have to make two new softwares, one for my reader, and one for proxmark.

I started with reader and I made software that only communicates as specified in standard. And now my reader was too not able to connect to the simulator. [I to checked if built in proxmark Mifare simulator was working, and it failed, I thought maybe my code was the cause of problem, but after this test, I came to conclusion it was not].

Then I started analyzing proxmark software, and I found that lots of function could be optimized, lots of code was unused, left from older revision so on...., I started a new project, and started writing proxmark software from scratch.

And.....

I got it working.

It took me a lot of time, but it was most definitely worth it.

As I was not using USB to send commands to proxmark I was not focusing on USB connections, but now I thought of some cool new features for proxmark, I will not discuss them here I don't want to go off topic, and so I have started to write GUI app for data sending to proxmark.

BTW

One thing I have not seen currently on proxmark is multitasking..., I know it makes everything more complex, but ARM7 is designer for it and does it very well, so I'm using it.

Offline

Board footer

Powered by FluxBB