Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2019-04-07 13:27:49

pablomf
Contributor
Registered: 2019-04-07
Posts: 16

[solved] SimulateIso14443aTag

Hi,

I want to simulate a JCOP card and I made some small updates and now the tag it is detected successfully in stand-alone but when I tried to simulate the ATS it gives me the following error:

#db# Stand-alone mode! No PC necessary.
#db# Enabling iso14443a reader mode for [Bank: 0]...
#db# Read UID:
#db# 4f ZZ ZZ 36 00 00 00 00
#db# 00 00
#db# Bank[0] received a 4-byte UID
#db# ATQA = 0400
#db# SAK = 28
#db# Playing
#db# Simulating ISO14443a tag with uid[0]: 4fZZZZ36, uid[1]: 00000000 [Bank: 0]
#db# JCOP v2.3.1.
#db# Calculated CRC: bc d3
#db# Out of memory, when modulating bits for tag answer:
#db# 10 78 00 c0 02 00 31 c0
#db# 64 b0 fc 10 00 00 90 00
#db# bc d3

The change I made is:

uint8_t response6[] = { 0x04, 0x58, 0x80, 0x02, 0x00, 0x00 }; // dummy ATS (pseudo-ATR), answer to RATS:
ComputeCrc14443(CRC_14443_A, response6, 4, &response6[4], &response6[5]);

for this:

uint8_t response6[] = { 0x10, 0x78, 0x00, 0xC0, 0x02, 0x00, 0x31, 0xC0, 0x64, 0xB0, 0xFC, 0x10 ,0x00, 0x00, 0x90, 0x00, 0x00, 0x00 }; // New ATR
ComputeCrc14443(CRC_14443_A, response6, 16, &response6[16], &response6[17]);

How can I do to do not throw the error "Out of Memory"?

This is the output of the sniff I want to simulate:

      Start |        End | Src | Data (! denotes parity error)                                   | CRC | Annotation         |
------------|------------|-----|-----------------------------------------------------------------|-----|--------------------|
          0 |       2368 | Tag | 04  00                                                          |     |
      14704 |      20528 | Tag | 4f  ZZ  ZZ  36  21                                              |     |
      53616 |      57136 | Tag | 28  b4  fc                                                      |     |
      74976 |      95840 | Tag | 10  78  00  c0  02  00  31  c0  64  b0  fc  10  00  00  90  00  |     |
            |            |     | bc  d3                                                          |  ok |
     327872 |     331392 | Tag | c2  e0  b4                                                      |     |
    1572224 |    1572736 | Tag | 03!

Thank you very much.

Pablo.

Last edited by pablomf (2019-04-11 13:38:31)

Offline

#2 2019-04-08 07:29:52

piwi
Contributor
Registered: 2013-06-04
Posts: 704

Re: [solved] SimulateIso14443aTag

Search armsrc/iso14443a.c for

#define ALLOCATED_TAG_MODULATION_BUFFER_SIZE 273

and increase it accordingly (there are some comments that should help to define the correct size)

Last edited by piwi (2019-04-08 07:30:07)

Offline

#3 2019-04-08 16:10:48

pablomf
Contributor
Registered: 2019-04-07
Posts: 16

Re: [solved] SimulateIso14443aTag

It works! Thank you!

#db# Stand-alone mode! No PC necessary.
#db# Enabling iso14443a reader mode for [Bank: 0]...
#db# Read UID:
#db# 4f d0 88 36 00 00 00 00
#db# 00 00
#db# Bank[0] received a 4-byte UID
#db# ATQA = 0400
#db# SAK = 28
#db# Playing
#db# Simulating ISO14443a tag with uid[0]: 4fd08836, uid[1]: 00000000 [Bank: 0]
#db# JCOP
#db# ATS Sent!

Pablo.

Offline

#4 2019-04-10 21:35:33

iceman
Administrator
Registered: 2013-04-25
Posts: 9,497
Website

Re: [solved] SimulateIso14443aTag

I suggest you edit your first post and add the prefix [solved] to your title

Offline

Board footer

Powered by FluxBB