Proxmark3 developers community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

#1 2013-10-28 16:03:48

barbsie
Member
Registered: 2013-10-28
Posts: 5

Bootloader issue on KALI linux VM

Hi,

I have spent several days figuring out how to make my proxmark work on this KALI VM that I have. Finally, I have found a thread that was helpful: http://www.proxmark.org/forum/viewtopic.php?id=1668

I managed to flash my bootloader to the r651 bootloader using the old flasher tool and pushing the button while plugging the device in, but now I seem to be stuck when trying to flash it to the latest one (holding the button doesn't seem to be necessary anymore):


root@kali:~/proxmark3-old/client# ./flasher -b /root/proxmark3/bootrom/obj/bootrom.elf 
Loading ELF file '/root/proxmark3/bootrom/obj/bootrom.elf'...
Loading usable ELF segments:
0: V 0x00100000 P 0x00100000 (0x00000200->0x00000200) [R X] @0x94
1: V 0x00200000 P 0x00100200 (0x00000b60->0x00000b60) [RWX] @0x298

Waiting for Proxmark to appear on USB...
Connected units:
	1. SN: ChangeMe [002/017]
 Found.
Entering bootloader...
(Press and release the button only to abort)
Waiting for Proxmark to reappear on USB.....
Connected units:
	1. SN: ChangeMe [002/018]
 Found.
ReceiveCommandPoll returned 0
Note: Your bootloader does not understand the new START_FLASH command
      It is recommended that you update your bootloader


Flashing...
Writing segments for file: /root/proxmark3/bootrom/obj/bootrom.elf
 0x00100000..0x001001ff [0x200 / 2 blocks]write failed: could not detach kernel driver from interface 0: No data available!
Trying to reopen device...

Connected units:
	1. SN:  [002/018]

Connected units:
	1. SN:  [002/018]
proxmark3> ReceiveCommandPoll returned 0
Error: Unexpected reply 0x0000 (expected ACK)
 ERROR
Error writing block 0 of 2
root@kali:~/proxmark3-old/client# 

Help is highly appreciated.

Offline

#2 2013-10-28 18:56:24

midnitesnake
Contributor
Registered: 2012-05-11
Posts: 151

Re: Bootloader issue on KALI linux VM

what happens when you use fullimage.elf (proxmark3/armsrc/obj/fullimage.elf)?

Last edited by midnitesnake (2013-10-28 18:56:44)

Offline

#3 2013-10-29 09:37:36

barbsie
Member
Registered: 2013-10-28
Posts: 5

Re: Bootloader issue on KALI linux VM

dmesg output:

[ 5157.727241] usb 2-2.1: new full-speed USB device number 24 using uhci_hcd
[ 5164.707271] usb 2-2.1: New USB device found, idVendor=9ac4, idProduct=4b8f
[ 5164.707276] usb 2-2.1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 5164.707278] usb 2-2.1: Product: ProxMark-3 RFID Instrument
[ 5164.707280] usb 2-2.1: SerialNumber: ChangeMe
[ 5164.821142] hid-generic 0003:9AC4:4B8F.0014: hiddev0,hidraw1: USB HID v1.00 Device [ProxMark-3 RFID Instrument] on usb-0000:02:00.0-2.1/input0

lsusb:

root@kali:~# lsusb
Bus 002 Device 002: ID 0e0f:0003 VMware, Inc. Virtual Mouse
Bus 002 Device 003: ID 0e0f:0002 VMware, Inc. Virtual USB Hub
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 002 Device 024: ID 9ac4:4b8f J. Westhues ProxMark-3 RFID Instrument

trying the full img:

root@kali:~/proxmark3-old/client# ./flasher -b /root/proxmark3/armsrc/obj/fullimage.elf 
Loading ELF file '/root/proxmark3/armsrc/obj/fullimage.elf'...
Loading usable ELF segments:
0: V 0x00102000 P 0x00102000 (0x0000a4bc->0x0000a4bc) [R  ] @0xb4
1: V 0x00110000 P 0x00110000 (0x00013ac6->0x00013ac6) [R X] @0xa570
2: V 0x00200000 P 0x00123ac8 (0x000029e8->0x000029e8) [RWX] @0x1e038
Note: Extending previous segment from 0x13ac6 to 0x164b0 bytes
Note: 0x2-byte hole created

Waiting for Proxmark to appear on USB...
Connected units:
	1. SN: ChangeMe [002/024]
 Found.
Entering bootloader...
(Press and release the button only to abort)
Waiting for Proxmark to reappear on USB.....
Connected units:
	1. SN: ChangeMe [002/025]
 Found.
ReceiveCommandPoll returned 0
Note: Your bootloader does not understand the new START_FLASH command
      It is recommended that you update your bootloader


Flashing...
Writing segments for file: /root/proxmark3/armsrc/obj/fullimage.elf
 0x00102000..0x0010c4bb [0xa4bc / 165 blocks]write failed: No error!
Trying to reopen device...

Connected units:
	1. SN:  [002/025]

Connected units:
	1. SN:  [002/025]
proxmark3> ReceiveCommandPoll returned 0
Error: Unexpected reply 0x0000 (expected ACK)
 ERROR
Error writing block 0 of 165
root@kali:~/proxmark3-old/client# 

Offline

#4 2013-10-29 16:00:29

midnitesnake
Contributor
Registered: 2012-05-11
Posts: 151

Re: Bootloader issue on KALI linux VM

Hmm.... But looking at my notes I used the old flasher from r623, might be worth trying the slightly older revision?

Offline

#5 2013-10-29 20:56:23

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: Bootloader issue on KALI linux VM

Is it possible to obtain a 'hw version' output - or is it bricked? It would be good to see exactly what you've wound up with...

Offline

#6 2013-10-30 10:38:47

en4rab
Contributor
Registered: 2013-04-22
Posts: 36

Re: Bootloader issue on KALI linux VM

I suspect you have ended up with an old bootrom and r651 firmware, so the firmware is trying to switch to bootrom mode but the bootrom doesnt have this feature.
If this is the case (if you can run 'hw version' and you still have an old bootrom) you will still have to press and hold the button when plugging the proxmark in to ensure it is in bootloader mode and the whilst still holding the button run the command to flash the bootloader.
You can end up with a similar issue changing to the newer CDC firmwares and have a HID bootloader and CDC firmware, i ended up with that combination and had to hold the button down, plug it in ad use the old hid flasher to update the bootloader to CDC, the use the CDC flasher to flash a propper firmware.

Offline

#7 2013-10-31 13:57:41

barbsie
Member
Registered: 2013-10-28
Posts: 5

Re: Bootloader issue on KALI linux VM

This is what happens when I try to flash to newest bootrom, using old flasher while holding the button down (while connecting):

root@kali:~/proxmark3-old/client# ./flasher -b ../../proxmark3/bootrom/obj/bootrom.elf 
Loading ELF file '../../proxmark3/bootrom/obj/bootrom.elf'...
Loading usable ELF segments:
0: V 0x00100000 P 0x00100000 (0x00000200->0x00000200) [R X] @0x94
1: V 0x00200000 P 0x00100200 (0x00000b60->0x00000b60) [RWX] @0x298

Waiting for Proxmark to appear on USB...
Connected units:
	1. SN: ChangeMe [002/033]
 Found.
ReceiveCommandPoll returned 0
Error: Unknown Proxmark mode

It's similar when trying to flash to the old bootrom.

Can someone tell me how I can do a hw version when I have following dmesg output (Maybe I am a n00b, but I couldn't figure out the device to use with the proxmark3 client.

[36875.539753] usb 2-2.1: new full-speed USB device number 36 using uhci_hcd
[36883.063236] usb 2-2.1: New USB device found, idVendor=9ac4, idProduct=4b8f
[36883.063240] usb 2-2.1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[36883.063243] usb 2-2.1: Product: ProxMark-3 RFID Instrument
[36883.063245] usb 2-2.1: SerialNumber: ChangeMe
[36883.169547] hid-generic 0003:9AC4:4B8F.001D: hiddev0,hidraw1: USB HID v1.00 Device [ProxMark-3 RFID Instrument] on usb-0000:02:00.0-2.1/input0

I am using Vmware fusion 6.0.1 on a macbook pro.

Sorry if I'm asking questions which were answered before, but I find the documentation confusing, to say the least.
If there are pointers to some documentation which can explain the different types of bootloaders, how to identify which one you are running, etc... they are very welcome.

Again: thanks for all your help.

Offline

#8 2013-10-31 14:12:49

barbsie
Member
Registered: 2013-10-28
Posts: 5

Re: Bootloader issue on KALI linux VM

Oh, and using the flasher from r623 gives the same errors (the "unknown proxmark mode" with button pushed and the "Your bootloader does not understand the new START_FLASH command" with the button not pushed)

Offline

#9 2013-10-31 14:14:59

barbsie
Member
Registered: 2013-10-28
Posts: 5

Re: Bootloader issue on KALI linux VM

Ha...I just managed to use the r623 client. I didn't have to use a port here:

root@kali:~/proxmark3-r623/client# ./proxmark3 

Connected units:
	1. SN: ChangeMe [002/040]
proxmark3> hw version
#db# Prox/RFID mark3 RFID instrument                 
#db# bootrom: svn 648 2013-10-28 13:45:39                 
#db# os: svn 486-unclean 2011-08-28 18:52:03                 
#db# FPGA image built on 2009/12/ 8 at  8: 3:54 

so the question is: how to proceed smile

Offline

#10 2013-11-01 12:17:31

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: Bootloader issue on KALI linux VM

Ok, so your bootrom is fairly new, but still HID, as opposed to CDC. The OS is ancient.

To communicate with your bootrom, you need a pre-cdc flasher. The one in proxmark3-r623 should work. As enr4ab points out 'you will still have to press and hold the button when plugging the proxmark in to ensure it is in bootloader mode and the whilst still holding the button run the command to flash the bootloader.' By pressing the button prior to plugging it it, you completely bypass the OS and communicate directly with the bootrom.

So, try with something like the example below, where proxmark3-modern is the latest version.
1. Get the latest software, compile
2. Hold the button
3. Plug in
4: ~/proxmark3-r623/client/flasher -b ~/proxmark3-modern/armsrc/obj/fullimage.elf

Offline

#11 2013-11-01 12:29:05

asper
Contributor
Registered: 2008-08-24
Posts: 1,409

Re: Bootloader issue on KALI linux VM

With this "bundle" you can flash bootrom r833 (newer one) using the included old flasher (no CDC/serial).

After this flashing each other flash operations must be done with the new flasher (CDC/serial) (new flasher r833).

Last edited by asper (2013-11-01 12:31:48)

Offline

Board footer

Powered by FluxBB