Proxmark3 developers community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

#1 2009-03-27 22:33:37

rule
Moderator
Registered: 2008-05-21
Posts: 416

Incomplete trace

Hey Ed,

I thought it would be useful to let people give you an easy feedback on the manual.
As a kick-start I would like to give my contribution wink.

In the "running" section the following trace is incomplete. It misses the [ 93 20 ] message between the ATQA and UID+BCC.

cheers,

  Roel

proxmark3> hi14alist
> hi14alist
recorded activity:
ETU     :rssi: who bytes
---------+----+----+-----------
+      0:    :     26    
+ 106901:   0: TAG 04  00    
+   3520:   0: TAG 84  76  81  dd  ae    
+   7352:    :     93  70  84  76  81  dd  ae  01  9a    
+     64:   0: TAG 08  b6  dd    
proxmark3>

Offline

#2 2009-03-28 09:52:00

edo512
Contributor
Registered: 2008-10-07
Posts: 103

Re: Incomplete trace

Thanks Roel, great idea! I'll check this asap,

Ed

Offline

#3 2009-03-28 10:30:23

edo512
Contributor
Registered: 2008-10-07
Posts: 103

Re: Incomplete trace

Roel: updated the page, better now ?

Offline

#4 2009-03-28 13:40:09

rule
Moderator
Registered: 2008-05-21
Posts: 416

Re: Incomplete trace

It is indeed complete now. Though there are some minor things you may want to know.

You used the OMNIKEY 5321 reader. It is a simple and cheap product with some nice example applications. One big problem though is that the driver v1.1.1.5 (and other versions) have a bug in them. The driver automatically tries to read out the first block (30 00 + CRC). This is useful for a MIFARE Ultralight card where you do not need to authenticate. A MIFARE Classic card in stead, requires a successful authentication before it will answer to any other command.

As you can see you use the a buggy driver version where it sends out the read command. The tag will immediately respond with a NACK (4 bits frame with the value 0x04). After this the tag is halted, so the HALT command (50 00 + CRC) does actually nothing here (but it does not expect an answer anyway, so the failure will not be detected).

How to fix this? For example you could use a different version v1.1.1.4 works without a problem. Since I could not found it anymore on the official website I have mirrored it in the files section here.

It could be the case that the (current) newest driver v1.2.0.6 on the official website works without a problem, I have not tested this.

What you could notice is that your OMNIKEY (at least mine 5121) starts blinking RED once in a while in stead of flickering GREEN the whole time. The RED light probably indicates something wrong. When you use the v1.1.1.4 driver the READ command is only fired by an MIFARE Ultralight tag and it will not blink RED.

For more info about the messages in an anti-collision procedure check out this example.

> hi14alist
recorded activity:
 ETU     :rssi: who bytes
---------+----+----+-----------
 +      0:    :     26    
 + 381383:    :     26    
 + 381375:    :     26    
 +     64:   0: TAG 04  00    
 +   3432:    :     93  20    
 +     64:   0: TAG 84  76  81  dd  ae    
 +   7345:    :     93  70  84  76  81  dd  ae  01  9a    
 +     64:   0: TAG 08  b6  dd    
 +  97771:    :     30  00  02  a8
 +     72:   0: TAG 04    
 +   5368:    :     50  00  57  cd    
...

Offline

#5 2009-03-28 14:53:57

edo512
Contributor
Registered: 2008-10-07
Posts: 103

Re: Incomplete trace

Thanks Roel, good insight on the Omnikey reader. I use the Linux driver, actually.

Offline

#6 2009-03-28 20:10:30

rule
Moderator
Registered: 2008-05-21
Posts: 416

Re: Incomplete trace

Interesting, maybe they used the wrong driver to port it for linux support. A second possibility is that the firmware in the OMNIKEY itself has a problem. Then it is just not able to handle the cards correct (well, at least according to the MIFARE specs wink). Though it still sounds strange that here it was solved using driver v1.1.1.4 smile

Offline

Board footer

Powered by FluxBB