Proxmark developers community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

#1 2018-09-05 01:35:21

xilni
Contributor
Registered: 2018-07-16
Posts: 6

Seeking feedback to properly display Kastle 32 bit cards

Hello,

I'm hoping to contribute some code to the iceman fork and (mainline if this issue affects them both but I haven't tested it) but I wanted to seek feedback here first.

When calling lf search on a Kastle prox card, we get the following message, card data replaced with x for privacy.

pm3 --> lf search
NOTE: some demods output possible binary
  if it finds something that looks like a tag
False Positives ARE possible


Checking for known tags:

HID Prox TAG ID: 21xxxxxxxx (xxxxx) - Format Len: 32bit - FC: 0 - Card: 0

[+] Valid HID Prox ID Found!

Now the first thing that I noticed is that the facility code and card number are not displayed formatted. Also there are more than 32 bits of card data displayed when I know for a fact that these are 32 bit cards, the two extra characters of card data are being added before the valid 32 bits (there should only be 8 hex chars, not 10). I believe the problem lies in https://github.com/RfidResearchGroup/pr … hid.c#L168.

In int CmdHIDDemod(const char *Cmd), specifically at line 183 there doesn't seem to be a 32 bit case so cardnum and fc are left with the 0 they were initialized with at L170. Now as to why extra bits are being added, I know it comes from the PrintAndLogEx printing out the value hi but I don't understand the code well enough yet to understand why hi contains 21 at all.

My hardware/software info in case it matters:

 [ CLIENT ]
 client: iceman build for RDV40 with flashmem; smartcard;

 [ ARM ]
 bootrom: iceman/master/ 2018-08-23 19:47:58
      os: iceman/master/ 2018-08-23 19:48:01

 [ FPGA ]
 LF image built for 2s30vq100 on 2017/10/25 at 19:50:50
 HF image built for 2s30vq100 on 2018/ 8/10 at 11:48:34

 [ Hardware ]
  --= uC: AT91SAM7S512 Rev B
  --= Embedded Processor: ARM7TDMI
  --= Nonvolatile Program Memory Size: 512K bytes, Used: 238733 bytes (46) Free: 285555 bytes (54)
  --= Second Nonvolatile Program Memory Size: None
  --= Internal SRAM Size: 64K bytes
  --= Architecture Identifier: AT91SAM7Sxx Series
  --= Nonvolatile Program Memory Type: Embedded Flash Memory

Offline

#2 2018-09-05 03:01:18

marshmellow
Moderator
From: US
Registered: 2013-06-10
Posts: 2,232

Re: Seeking feedback to properly display Kastle 32 bit cards

You are correct that the 32 bit format has not been included in a default recognized format (it has not been common enough to get attention).
therefore the fc and card numbers cannot be identified directly. 
feel free to add it. (though there is a fair amount of work in this area being done by another contributor.)

the answer to your other questions lie in the HID PAC formatting.  there are no bugs in your displayed data.  it successfully identified the HID tag and it's partially decoded complete ID as it is designed to do.

Offline

#3 2018-09-05 03:28:17

xilni
Contributor
Registered: 2018-07-16
Posts: 6

Re: Seeking feedback to properly display Kastle 32 bit cards

Forgot to include the Kastle 32 bit format, barkweb almost has it right.

  • The city code is only 5 bits, bit 2 is always set

  • The parity bits overlap in the middle three bits

Here's my attempt at a correct table:
47ENiEt.jpg

So yes it would require adding a third city code variable and only printing it for Kastle cards.

My attempt at fixing this for the iceman fork: https://github.com/RfidResearchGroup/proxmark3/pull/23

I'll try to work on a pull request for the mainline and take a look at the pull request you mentioned.

Last edited by xilni (2018-09-05 03:33:08)

Offline

#4 2018-09-05 05:39:47

0xFFFF
Administrator
From: Vic - Australia
Registered: 2011-05-31
Posts: 554

Re: Seeking feedback to properly display Kastle 32 bit cards

xilni wrote:

Forgot to include the Kastle 32 bit format, barkweb almost has it right.

Thanks for the update xilni.
What information do you have that proves that the information on barkweb/cardinfo is incorrect? The information supplied came from two independent sources.


Want to contact me? Here's my email address...
modhex(ecijhhhhhhhhfchdhbidhniihghdduhehvhtduhbig)

Offline

#5 2018-09-07 01:50:49

xilni
Contributor
Registered: 2018-07-16
Posts: 6

Re: Seeking feedback to properly display Kastle 32 bit cards

0xFFFF, was our discussion sufficient to proceed on this?

Offline

#6 2018-09-07 03:14:21

0xFFFF
Administrator
From: Vic - Australia
Registered: 2011-05-31
Posts: 554

Re: Seeking feedback to properly display Kastle 32 bit cards

Almost! Thank you for your help xilni smile
I need to send you a followup email or two for clarification. I will respond soon.


Want to contact me? Here's my email address...
modhex(ecijhhhhhhhhfchdhbidhniihghdduhehvhtduhbig)

Offline

#7 2018-09-12 01:14:19

0xFFFF
Administrator
From: Vic - Australia
Registered: 2011-05-31
Posts: 554

Re: Seeking feedback to properly display Kastle 32 bit cards

Ok. Now there is a K32 and a Kastle format.
K32 is the old Kastle format renamed. I'm going to speak to a few sources to obtain sample cards and test further.
Kastle is Kastle.

Thanks for your help @xilni. Can you please confirm the format is correct?


Want to contact me? Here's my email address...
modhex(ecijhhhhhhhhfchdhbidhniihghdduhehvhtduhbig)

Offline

#8 2018-09-12 01:44:42

xilni
Contributor
Registered: 2018-07-16
Posts: 6

Re: Seeking feedback to properly display Kastle 32 bit cards

Looks good to go.

Offline

Board footer

Powered by FluxBB