Proxmark3 developers community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

#1 2015-04-13 06:10:23

borjaburgos
Contributor
From: New York, New York
Registered: 2011-07-05
Posts: 38

Interesting undesired HID behavior with Proxmark (help please!)

Hello everyone!

I've got a Proxmark with some interesting behavior and was hoping someone could help me.

I've compiled the latest master branch from github and I'm running on Ubuntu 14.10. Here's more info:

- If I simply power on the Proxmark, it seems to go on a loop: 4 lights on -> click -> 2 lights on -> 15 seconds -> click -> 4 lights on -> repeat
- dmesg shows this over and over

[== Undefined ==]
[  632.296836] usb usb2-port4: unable to enumerate USB device
[  648.176034] usb 2-4: new full-speed USB device number 17 using xhci_hcd
[  648.288219] usb 2-4: device descriptor read/64, error -71
[  648.504504] usb 2-4: device descriptor read/64, error -71
[  648.720806] usb 2-4: new full-speed USB device number 18 using xhci_hcd
[  648.832997] usb 2-4: device descriptor read/64, error -71
[  649.049299] usb 2-4: device descriptor read/64, error -71
[  649.265643] usb 2-4: new full-speed USB device number 19 using xhci_hcd
[  649.265746] usb 2-4: Device not responding to setup address.
[  649.470003] usb 2-4: Device not responding to setup address.
[  649.674192] usb 2-4: device not accepting address 19, error -71
[  649.786375] usb 2-4: new full-speed USB device number 20 using xhci_hcd
[  649.786476] usb 2-4: Device not responding to setup address.
[  649.990705] usb 2-4: Device not responding to setup address.

- If I press and hold the button, I get this:

[  775.770678] usb 2-4: new full-speed USB device number 49 using xhci_hcd
[  780.906498] usb 2-4: New USB device found, idVendor=9ac4, idProduct=4b8f
[  780.906504] usb 2-4: New USB device strings: Mfr=1, Product=2, SerialNumber=0
[  780.906508] usb 2-4: Product: ProxMark-3 RFID Instrument
[  780.906511] usb 2-4: Manufacturer: J. Westhues
[  780.908038] hid-generic 0003:9AC4:4B8F.0009: hiddev0,hidraw5: USB HID v1.00 Device [J. Westhues ProxMark-3 RFID Instrument] on usb-0000:12:00.0-4/input0

- By holding the button I can flash the bootrom using the old hid-flasher successfully, but behavior does not change:

~/proxmark3/client/hid-flasher$ sudo ./flasher -b ../../bootrom/obj/bootrom.elf
sudo ./flasher -b ../../bootrom/obj/bootrom.elf
[sudo] password for borjaburgos:
Loading ELF file '../../bootrom/obj/bootrom.elf'...
Loading usable ELF segments:
0: V 0x00100000 P 0x00100000 (0x00000200->0x00000200) [R X] @0x94
1: V 0x00200000 P 0x00100200 (0x00000b60->0x00000b60) [RWX] @0x298

Waiting for Proxmark to appear on USB...............
Connected units:
	1. SN: ? [002/075]
 Found.

Flashing...
Writing segments for file: ../../bootrom/obj/bootrom.elf
 0x00100000..0x001001ff [0x200 / 2 blocks].. OK
 0x00100200..0x00100d5f [0xb60 / 12 blocks]............ OK

Resetting hardware...
All done.

Have a nice day!

I cannot seem to be able to upgrade my proxmark to new CDC interface.

Anybody any ideas to what could be going on? Thank you very much for your help!

Cheers,

Offline

#2 2015-04-13 08:59:04

app_o1
Contributor
Registered: 2013-06-22
Posts: 244

Re: Interesting undesired HID behavior with Proxmark (help please!)

I assume you did the "blacklist" part from the instructions?

Have you tried using new flasher after that?
/proxmark3/client/flasher$

And are you able to flash the rest? (from /proxmark3/armsrc/obj)

Last edited by app_o1 (2015-04-13 09:00:38)

Offline

#3 2015-04-13 19:57:01

borjaburgos
Contributor
From: New York, New York
Registered: 2011-07-05
Posts: 38

Re: Interesting undesired HID behavior with Proxmark (help please!)

Didn't read about the blacklist here: https://github.com/proxmark/proxmark3/wiki/Gentoo%20Linux

But I see it documented here: https://code.google.com/p/proxmark3/wiki/Linux

I'll try that when I get home later tonight, thanks!

I can also add that I was able to flash the new fullimage by holding the button down on boot, and using the old hid-flasher. If I hold the button down device boots as HID device just fine.  I just cannot seem to be able to get it to exit the loop I described earlier when holding the button down, nor have it show up as something other than a HID device.

Offline

#4 2015-04-14 02:02:57

borjaburgos
Contributor
From: New York, New York
Registered: 2011-07-05
Posts: 38

Re: Interesting undesired HID behavior with Proxmark (help please!)

No luck, same behavior.

Holding down the button I can flash fullimage.elf (see below). I cannot use the new flasher as I don't see any the device in /dev/

[== Undefined ==]
~/proxmark3/client/hid-flasher$ sudo ./flasher ../../armsrc/obj/fullimage.elf
sudo ./flasher ../../armsrc/obj/fullimage.elf
Loading ELF file '../../armsrc/obj/fullimage.elf'...
Loading usable ELF segments:
0: V 0x00102000 P 0x00102000 (0x0002d63b->0x0002d63b) [R X] @0x98
1: V 0x00200000 P 0x0012f640 (0x00002a30->0x00002a30) [RWX] @0x2d6d8
Note: Extending previous segment from 0x2d63b to 0x30070 bytes
Note: 0x5-byte hole created

Waiting for Proxmark to appear on USB...
Connected units:
	1. SN: ? [002/029]
 Found.

Flashing...
Writing segments for file: ../../armsrc/obj/fullimage.elf
 0x00102000..0x0013206f [0x30070 / 769 blocks]................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................. OK

Resetting hardware...
All done.

Have a nice day!

And dmesg keeps showing the same, repeating every time the Proxmark restarts. Any ideas?

[ 2099.947322] usb 2-4: new full-speed USB device number 88 using xhci_hcd
[ 2100.059533] usb 2-4: device descriptor read/64, error -71
[ 2100.275848] usb 2-4: device descriptor read/64, error -71
[ 2100.492133] usb 2-4: new full-speed USB device number 89 using xhci_hcd
[ 2100.604360] usb 2-4: device descriptor read/64, error -71
[ 2100.820641] usb 2-4: device descriptor read/64, error -71
[ 2101.036959] usb 2-4: new full-speed USB device number 90 using xhci_hcd
[ 2101.037105] usb 2-4: Device not responding to setup address.
[ 2101.241269] usb 2-4: Device not responding to setup address.
[ 2101.445465] usb 2-4: device not accepting address 90, error -71
[ 2101.557709] usb 2-4: new full-speed USB device number 91 using xhci_hcd
[ 2101.557826] usb 2-4: Device not responding to setup address.
[ 2101.761933] usb 2-4: Device not responding to setup address.
[ 2101.966238] usb 2-4: device not accepting address 91, error -71
[ 2101.966326] usb usb2-port4: unable to enumerate USB device

Offline

#5 2015-04-14 22:46:08

midnitesnake
Contributor
Registered: 2012-05-11
Posts: 151

Re: Interesting undesired HID behavior with Proxmark (help please!)

You either need to read up on the old documentation using the old flasher to install new firmware ( from memory i think it was svn version 652 ?)

Or easier method: use a buspirate, and connect it to the jtag interface and flash the newer firmware onto the proxmark3.

Offline

#6 2015-04-14 22:48:17

marshmellow
Moderator
From: US
Registered: 2013-06-10
Posts: 2,298

Re: Interesting undesired HID behavior with Proxmark (help please!)

or get your pm3 updated to aspers windows client release on a windows machine first then update from your compile environment.

Offline

#7 2015-04-14 22:48:26

iceman
Administrator
Registered: 2013-04-25
Posts: 5,868
Website

Re: Interesting undesired HID behavior with Proxmark (help please!)

The old HidFlasher is now in the Pm3-master again.


If you feel the love,  https://www.patreon.com/iceman1001

modhex(hkhehghthbhudcfcdchkigiehgduiehg)

Offline

#8 2015-04-15 01:12:29

borjaburgos
Contributor
From: New York, New York
Registered: 2011-07-05
Posts: 38

Re: Interesting undesired HID behavior with Proxmark (help please!)

I'm using master from Github. The old hid-flasher is in client/hid-flasher/ correct? I can use that to flash bootrom.elf and fullimage.elf just fine (see earlier posts) whilst holding down the Proxmark3 button (appears as an HID device). But after I let go of the button, it enters that never ending loop described above. So, I just purchased a Bus Pirate, will be trying to flash using that next, unless somebody has other suggestions? Thanks for all the help.

Offline

#9 2015-04-15 01:22:17

marshmellow
Moderator
From: US
Registered: 2013-06-10
Posts: 2,298

Re: Interesting undesired HID behavior with Proxmark (help please!)

Sounds like what happens when the bootrom and osimage are not from the same version, did both flashes take?  BTW on windows I flash osimage instead of fullimage, is that a os thing or preference thing?

Offline

#10 2015-04-15 05:26:26

borjaburgos
Contributor
From: New York, New York
Registered: 2011-07-05
Posts: 38

Re: Interesting undesired HID behavior with Proxmark (help please!)

Same behavior when flashing osimage.elf... any other ideas? BUS pirate already on its way...

~/proxmark3/client/hid-flasher$ sudo !!
sudo ./flasher ../../armsrc/obj/osimage.elf
[sudo] password for borjaburgos:
Loading ELF file '../../armsrc/obj/osimage.elf'...
Loading usable ELF segments:
0: V 0x00102000 P 0x00102000 (0x0002d63b->0x0002d63b) [R X] @0x98
1: V 0x00200000 P 0x0012f640 (0x00002a30->0x00002a30) [RWX] @0x2d6d8
Note: Extending previous segment from 0x2d63b to 0x30070 bytes
Note: 0x5-byte hole created

Waiting for Proxmark to appear on USB....
Connected units:
	1. SN: ? [002/018]
 Found.

Flashing...
Writing segments for file: ../../armsrc/obj/osimage.elf
 0x00102000..0x0013206f [0x30070 / 769 blocks]................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................. OK

Resetting hardware...
All done.

Have a nice day!
[  377.878326] usb 2-4.1: new full-speed USB device number 40 using xhci_hcd
[  377.950429] usb 2-4.1: device descriptor read/64, error -32
[  378.126730] usb 2-4.1: device descriptor read/64, error -32
[  378.302992] usb 2-4.1: new full-speed USB device number 41 using xhci_hcd
[  378.375110] usb 2-4.1: device descriptor read/64, error -32
[  378.551364] usb 2-4.1: device descriptor read/64, error -32
[  378.727599] usb 2-4.1: new full-speed USB device number 42 using xhci_hcd
[  378.727692] usb 2-4.1: Device not responding to setup address.
[  378.931740] usb 2-4.1: Device not responding to setup address.
[  379.135953] usb 2-4.1: device not accepting address 42, error -71
[  379.208297] usb 2-4.1: new full-speed USB device number 43 using xhci_hcd
[  379.208389] usb 2-4.1: Device not responding to setup address.
[  379.412400] usb 2-4.1: Device not responding to setup address.
[  379.616674] usb 2-4.1: device not accepting address 43, error -71
[  379.616962] usb 2-4-port1: unable to enumerate USB device

Offline

#11 2015-04-15 15:01:56

piwi
Contributor
Registered: 2013-06-04
Posts: 676

Re: Interesting undesired HID behavior with Proxmark (help please!)

borjaburgos wrote:
Flashing...
Writing segments for file: ../../armsrc/obj/fullimage.elf
 0x00102000..0x0013206f [0x30070 / 769 blocks...........

That's too long (unless you have implemented lots of additional stuff on your own). This wouldn't fit on a 256k ARM. Should be approximately half the size.

I therefore assume that your problem already starts during compile and link.

Offline

#12 2015-04-15 16:31:49

borjaburgos
Contributor
From: New York, New York
Registered: 2011-07-05
Posts: 38

Re: Interesting undesired HID behavior with Proxmark (help please!)

Thanks Piwi! That's interesting, it didn't occur to me that could have been the cause of this. I have not added/changed anything from master. Could this also be a problem with bootrom.elf? if I recall fullimage.elf was the same size on the two platforms I compiled (OSX 10.10 and Ubuntu 14.10), I'll check later tonight. Any ideas what could be the issue and how to go about troubleshooting this? Thanks again.

Offline

#13 2015-04-15 17:01:43

piwi
Contributor
Registered: 2013-06-04
Posts: 676

Re: Interesting undesired HID behavior with Proxmark (help please!)

I just noticed that the number of bytes is correct, only the number of blocks is too high. Might be that the old flasher simply uses another block size. In this case I am on the wrong track.

Offline

#14 2015-04-15 17:37:30

marshmellow
Moderator
From: US
Registered: 2013-06-10
Posts: 2,298

Re: Interesting undesired HID behavior with Proxmark (help please!)

I would download one of the older bootrom and os images precompiled and try to flash those first..  Aspers 0.0.7? 
Then if successful try the newest.

Offline

#15 2015-05-02 19:42:08

borjaburgos
Contributor
From: New York, New York
Registered: 2011-07-05
Posts: 38

Re: Interesting undesired HID behavior with Proxmark (help please!)

Gave up and got a Bus Pirate.... but now I'm facing the following problem:

On the Opencd side of things:

openocd -f at91sam7s512-buspirate.cfg                                                                                
Open On-Chip Debugger 0.8.0 (2015-05-02-13:16)
Licensed under GNU GPL v2
For bug reports, read
	http://openocd.sourceforge.net/doc/doxygen/bugs.html
Warn : Adapter driver 'buspirate' did not declare which transports it allows; assuming legacy JTAG-only
Info : only one transport option; autoselect 'jtag'
adapter speed: 1000 kHz
srst_only srst_pulls_trst srst_gates_jtag srst_open_drain connect_deassert_srst
Info : Buspirate Interface ready!
Info : This adapter doesn't support configurable speed
Info : JTAG tap: sam7x.cpu tap/device found: 0x3f0f0f0f (mfg: 0x787, part: 0xf0f0, ver: 0x3)
Info : Embedded ICE version 1
Info : sam7x.cpu: hardware has 2 breakpoint/watchpoint units
Info : accepting 'telnet' connection from 4444
target state: halted
target halted in ARM state due to debug-request, current mode: Supervisor
cpsr: 0x600000d3 pc: 0x00200c70
Error: status register: 0x7d47f605
Error: Lock Error Bit Detected, Operation Abort
Error: failed erasing sectors 0 to 15

and on telnet:

elnet localhost 4444                                                                                                                             
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Open On-Chip Debugger
> halt
target state: halted
target halted in ARM state due to debug-request, current mode: Supervisor
cpsr: 0x600000d3 pc: 0x00200c70
> flash erase_sector 0 0 15
status register: 0x7d47f605
Lock Error Bit Detected, Operation Abort
failed erasing sectors 0 to 15

Any help appreciated!

Offline

#16 2015-05-02 19:58:20

borjaburgos
Contributor
From: New York, New York
Registered: 2011-07-05
Posts: 38

Re: Interesting undesired HID behavior with Proxmark (help please!)

I was able to get past that by executing:

flash protect 0 0 15 off
flash protect 1 0 15 off

Offline

#17 2015-05-02 20:01:06

borjaburgos
Contributor
From: New York, New York
Registered: 2011-07-05
Posts: 38

Re: Interesting undesired HID behavior with Proxmark (help please!)

but now I'm stuck when executing the flash command, it seems to freeze, with no feedback on opencd nor telnet windows.

Offline

#18 2015-05-02 20:21:08

borjaburgos
Contributor
From: New York, New York
Registered: 2011-07-05
Posts: 38

Re: Interesting undesired HID behavior with Proxmark (help please!)

Solved the last issue with patience... all good now!

proxmark3> hw version
#db# Prox/RFID mark3 RFID instrument
#db# bootrom: master/v2.0.0-45-g5023d4c-suspect 2015-05-02 17:17:31
#db# os: master/v2.0.0-45-g5023d4c-suspect 2015-05-02 17:17:32
#db# HF FPGA image built on 2015/03/09 at 08:41:42
uC: AT91SAM7S256 Rev B
Embedded Processor: ARM7TDMI
Nonvolatile Program Memory Size: 256K bytes
Second Nonvolatile Program Memory Size: None
Internal SRAM Size: 64K bytes
Architecture Identifier: AT91SAM7Sxx Series
Nonvolatile Program Memory Type: Embedded Flash Memory

thanks for the help!

Offline

Board footer

Powered by FluxBB