Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2017-01-27 04:48:53

fidel
Contributor
Registered: 2016-10-17
Posts: 28

G-Prox (32 Bit)

Hi, I have the Id  ( Hexadecimal: 527F83E3 )  for a 32 bit G-prox card, how can I use this to clone the card using PM3.
In other word how to get the Raw from this Id, so I can write the Blocks 1 to 4.
Is it possible to Clone a G-prox using Pm3, directly knowing FC & CN
Cheers

Offline

#2 2017-01-27 17:29:46

Sentinel
Contributor
Registered: 2012-11-26
Posts: 191

Re: G-Prox (32 Bit)

PLS see topic http://www.proxmark.org/forum/viewtopic.php?id=1459
usually G-Prox cards printed decimal number.
you have the number [527F83E3] printed on the card?

Offline

#3 2017-01-27 18:33:55

Sentinel
Contributor
Registered: 2012-11-26
Posts: 191

Re: G-Prox (32 Bit)

Hexadecimal: 527F83E3

Temic
0 0x00150060
1 0x1BC6E5BC
2 0x6F395817
3 0xB9E81BDF

Offline

#4 2017-01-27 19:20:25

iceman
Administrator
Registered: 2013-04-25
Posts: 9,536
Website

Re: G-Prox (32 Bit)

*hm* use the 'lf guard' commands

Offline

#5 2017-01-31 18:11:33

fidel
Contributor
Registered: 2016-10-17
Posts: 28

Re: G-Prox (32 Bit)

thank you all for your respond,

Sentinel, how did you get the value for  block 1,2 and 3.
when I write these blocks, I get the different ID: 8E4D2E5D    G prox 32bit.

Iceman : I tried " Lf guard " on my PM3 Does not work, What can cause this,
Thanks for your help

Offline

#6 2017-01-31 19:52:37

iceman
Administrator
Registered: 2013-04-25
Posts: 9,536
Website

Re: G-Prox (32 Bit)

...depends on which firmware/client you use...

Offline

#7 2017-01-31 20:34:06

fidel
Contributor
Registered: 2016-10-17
Posts: 28

Re: G-Prox (32 Bit)

hi Iceman,
I use PM3-bin2.5.0
Can you please let me know if there is a better version that supports Other commands,
Cheers

Offline

#8 2017-01-31 20:55:29

Sentinel
Contributor
Registered: 2012-11-26
Posts: 191

Re: G-Prox (32 Bit)

for calculate CRC10  I use GROX reader and brute-force attack

Try that:  00000000 (32 bit zero) card
0 0x00150060
1 0x0AD2A4AC
2 0x2B0AC2B0
3 0xAC2B0ADF

Offline

#9 2017-01-31 21:12:42

fidel
Contributor
Registered: 2016-10-17
Posts: 28

Re: G-Prox (32 Bit)

Hi Sentinel,
I did try it, Again Wrong ID 510A884f comes up.

Offline

#10 2017-01-31 21:29:16

iceman
Administrator
Registered: 2013-04-25
Posts: 9,536
Website

Re: G-Prox (32 Bit)

the original thread deals with 26bits, 
ref http://www.proxmark.org/forum/viewtopic … 790#p14790

Offline

#11 2017-01-31 23:32:24

fidel
Contributor
Registered: 2016-10-17
Posts: 28

Re: G-Prox (32 Bit)

Thanks Iceman,
If I may can you help me with  the following issue as well,
I am trying to Clone an HID prox II fob as well, the Id that I get from PM#3 search is 9e00001fd4827f000134320 (41360), I think is 84 bit
I use " lf hid clone 9e00001fd4827f000134320 l " to clone it
But when  do a "lf search" on the cloned T5577 The read out is 9e9e00001fd4827f000134320  there is an added 9e in the beginning of the new id, what causes this?
Cheers

Offline

#12 2017-02-01 00:08:09

iceman
Administrator
Registered: 2013-04-25
Posts: 9,536
Website

Re: G-Prox (32 Bit)

its a preamble thing, which gets added to the clone.  So don't add the 0x9e when cloning. 
I know, its not very clear and not userfriendly.

Offline

#13 2017-02-01 01:01:53

fidel
Contributor
Registered: 2016-10-17
Posts: 28

Re: G-Prox (32 Bit)

Thank you,
It Works. I respect you Rfid knowledge.
cheers

Offline

#14 2017-02-01 01:06:01

iceman
Administrator
Registered: 2013-04-25
Posts: 9,536
Website

Re: G-Prox (32 Bit)

funny thing is that I notice the same thing for some weeks ago when I was remaking the "wiegand" part and were aiming for a more unified output from 'lf search'.  I thought "noone will ever notice since its been there for a long time"... and here you come.

Offline

#15 2017-02-01 03:42:31

marshmellow
Contributor
From: US
Registered: 2013-06-10
Posts: 2,302

Re: G-Prox (32 Bit)

it is very rare to find a long hid formatted card.  i bet very few if any have actually used that piece of code.

Offline

#16 2017-02-10 00:29:07

fidel
Contributor
Registered: 2016-10-17
Posts: 28

Re: G-Prox (32 Bit)

Hi Sentinel,
where can i find a GROX reader, or other reader that can be used,
Also i have read about  brute-force attack, but a bit confused,
please direct me to right resource regarding this subject.
cheers

Offline

#17 2017-02-10 13:44:10

Sentinel
Contributor
Registered: 2012-11-26
Posts: 191

Re: G-Prox (32 Bit)

hi Fidel!
I use Mullion arming station G-prox, and Wiegand indicator
HsgXLJI.jpg
When write to Temic this:
0 0x00150060
1 0x1BC6E5BC
2 0x6F395817
3 0xB9E81BDF
Reader show 527F83E3 (32bit)
G-Prox uses 10-bit polynomial to verify the authenticity of the card
To create the correct card has to go through all the options in 1024
10-bit polynomial remains a mystery

Offline

#18 2017-02-10 15:16:12

Sentinel
Contributor
Registered: 2012-11-26
Posts: 191

Re: G-Prox (32 Bit)

If U need only copy the card - use proxmark )

Offline

#19 2017-02-10 15:18:34

Sentinel
Contributor
Registered: 2012-11-26
Posts: 191

Re: G-Prox (32 Bit)

If U want a card number to make it a clone (the original card you do not have), you will need a card reader G-Prox, and a lot of free time, because at card will have to be written Temik 1024 times, and then test them on the reader G-Prox

Offline

#20 2017-02-10 21:32:53

fidel
Contributor
Registered: 2016-10-17
Posts: 28

Re: G-Prox (32 Bit)

Hi Sentinel,
Thank you for the info,
You mentioned If I need to copy the card use PM3,
Can you please let me know How it is done?
I do not see any command under G-prox
I am using bin-2.5
Can you please clarify the steps needed.
Cheers

Offline

Board footer

Powered by FluxBB