Proxmark3 developers community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

#1 2020-03-13 06:40:43

fluxxion
Contributor
Registered: 2020-03-06
Posts: 10

RDV4 - Catalina vs Mojave and differences with clients and fw

Hello,
I'm new here and I've only recently gotten the proxmark3 rdv4.0, but I have been playing with it a lot. I've tried out firmware from proxmark3/proxmark3, iceman1001/proxmark3 and rfidresearchgroup/proxmark3 on two different versions of mac os, and I've had a mix of experiences trying to read and detect cards. So my rdv4 device came with

Prox/RFID mark3 RFID instrument          
 [ ARM ]
 bootrom: iceman/master/ice_v3.1.0-891-g6967fe66-dirty-unclean 2018-06-26 09:52:13
      os: iceman// 2018-06-26 09:54:28
 [ FPGA ]
 LF image built for 2s30vq100 on 2017/10/25 at 19:50:50
 HF image built for 2s30vq100 on 2017/11/10 at 19:24:16

I installed the mac client software with brew formula from proxmark/proxmark3 on Catalina. I was able to detect two high feq cards(the proxgrind Gen1A 1K S50 that came with the device and a Chinese Magic card) but both were identified as

   
TYPE : NXP MIFARE CLASSIC 1k | Plus 2k SL1          
proprietary non iso14443-4 card found, RATS not supported          
Chinese magic backdoor command (GEN 1b) detected          
Prng detection: WEAK          

Valid ISO14443A Tag Found - Quiting Search

On Mojave, I was able to detect a high freq card that I was not able to detect on Catalina:

TYPE : NXP MIFARE DESFire 4k | DESFire EV1 2k/4k/8k | Plus 2k/4k SL3 | JCOP 31/41          
MANUFACTURER : NXP Semiconductors Germany          
 ATS : 06 75 77 81 02 80 02 f0           
       -  TL : length is 6 bytes          
       -  T0 : TA1 is present, TB1 is present, TC1 is present, FSCI is 5 (FSC = 64)          
       - TA1 : different divisors are supported, DR: [2, 4, 8], DS: [2, 4, 8]          
       - TB1 : SFGI = 1 (SFGT = 8192/fc), FWI = 8 (FWT = 1048576/fc)          
       - TC1 : NAD is NOT supported, CID is supported          
       -  HB : 80           
No chinese magic backdoor command detected          
PRNG error: selecting tag failed, can't detect prng.          
Prng detection error.          

Valid ISO14443A Tag Found - Quiting Search

however, I was able to

hf mf sniff

my phone reading this card on Catalina (don't know how I can use this data yet...will probably ask about that in a different post). I've seen some info when trying to scan for this card on Catalina, such as the UID, ATQA, and SAK by moving the card around on the reader but it was not repeatable and didn't get any good data. I wasn't able to detect low freq cards on either Catalina or Mojave.

Next, I updated my client on Catalina and device fw with the rfidresearchgroup/proxmark3 version. I am not able to detect high freq cards, nor was I able to sniff my phone reading the mifare desire 4k card, and I can kind of detect and an HID Prox ID card, the proxgrind T5577 low freq card that came with the device, another T5577 card I have, both of the T5577 cards look like this in the client:

[=] NOTE: some demods output possible binary          
[=] if it finds something that looks like a tag          
[=] False Positives ARE possible          
[=]           
[=] Checking for known tags...          
[=]           
[-] No known 125/134 kHz tags found!           
[+] Chipset detection: T55xx           
[=] Hint: try `lf t55xx` commands  

I've tried different cables when having trouble, and sometimes repositioning the cards helped if they weren't detected right away.
Today, I updated my rdv4 device with the deprecated iceman1001/proxmark3 repo fw and client, and had the best results out of everything I tried. I think I was able to detect some of the high freq cards, although not all of them but occasionally seeing the ATQA value, and detect low freq cards but the lf cards come up as 'Indala ID' cards. Overall, it seems like the latest iceman1001/proxmark3 client and fw give the broadest functionality in terms of being able to search for HF and LF cards:

Prox/RFID mark3 RFID instrument          
 [ ARM ]
 bootrom: iceman/master/ice_v3.1.0-1097-ga23414fe 2020-03-12 13:28:56
      os: iceman/master/ice_v3.1.0-1097-ga23414fe 2020-03-12 13:28:59

 [ FPGA ]
 LF image built for 2s30vq100 on 2017/10/25 at 19:50:50
 HF image built for 2s30vq100 on 2018/ 9/ 3 at 21:40:23 

but running the iceman1001 fw with the official proxmark/proxmark3 gives the most accurate HF information(better on Mojave than Catalina since I can find that mifare desire 4k card), and the rfidresearchgroup/proxmark3 client and fw gives the best lf functionality.
I've started playing with proxdroid and RFID tools app on android but haven't done too much other than a quick check that it runs and can see the rdv4 device.
I can see that the github repos have been relatively active, particularly the research group branch, but what is the general status of features of the different clients and fw? Should I be able to detect HF cards on the rfid research group version? I don't see any releases on the rfid research group repo so I'm guessing it's not too surprising with how it works. It seems like this is the recommended version to use with the RDV4 device, but I think I'll use the deprecated iceman1001/proxmark3 branch for now since that seems to be working the best for me. I've played a little around with reading card data, plotting the data, demodulating the data, etc but a little more concerned with just being able to search and identify the cards first. Plus I don't have too many non blank cards at the moment to try and clone/simulate.
I just ordered an accessory kit that has the HF medium antenna, HF long range antenna, and the SIM/SAM extender so I'll be experimenting with those soon. Debating whether or not to get the other accessory LF antennas right now. I thought maybe getting these other HF antennas might help me read the HF cards with the research group branch, but now I'm not so sure.
Anyways, sorry for the long post. I guess basically I wanted to see how my experiences with the RDV4 line up with other people's and just get a sense with what the expected functionalities/bugs are with the different branches. Going through commits hasn't given me too much info, at least that I can make sense of, yet. Thanks.

Offline

#2 2020-03-13 06:47:32

fluxxion
Contributor
Registered: 2020-03-06
Posts: 10

Re: RDV4 - Catalina vs Mojave and differences with clients and fw

Just read this post: http://www.proxmark.org/forum/viewtopic.php?id=7039 which helps answer my questions.

Offline

#3 2020-03-13 08:46:42

iceman
Administrator
Registered: 2013-04-25
Posts: 6,269
Website

Re: RDV4 - Catalina vs Mojave and differences with clients and fw

Which OS you use shouldn't affect your Proxmark3 experience like you describe.
Switching between fw/client will.
Mixing between fw/client like you describe is a absolute no-no,  you end up disappointed.  Always use same client/fw from repo and compilation time.

Offical repo has piwi's fgpa/arm changes with makes it very different (to the better).

The hf 14a experience sounds odd between deprecated iceman fork and rrg/iceman since its not much difference in the underlaying source code.


If you feel the love,  https://www.patreon.com/iceman1001

modhex(hkhehghthbhudcfcdchkigiehgduiehg)

Offline

#4 2020-03-14 01:43:26

fluxxion
Contributor
Registered: 2020-03-06
Posts: 10

Re: RDV4 - Catalina vs Mojave and differences with clients and fw

Yeah I didn't think switching OS would have much of an effect but I'm definitely seeing a difference, mainly with being able to find that MIFARE DESFire 4k card. I can find it every time I look on Mojave but pretty much never on Catalina. I tried using a different usb port too thinking maybe there was a power issue, but hw tune seems to look fine. I should be getting the other hf antennas tomorrow so I'm curious to see if those change anything.
I'll check out piwi's changes in the official repo. Maybe I can cherry pick some changes. This leads me to another question - the proxmark3 client that gets installed via homebrew with the iceman1001/proxmark3 fork tapped is very different than the client I can run from building your code. It seems that the client I build is meant for RDV4 hardware and the one installed with brew is for older versions - is that correct? i've been using the client from building your code, which has been giving me the best results so far. Is brew installing the last release, which looks about two years older than the head of your repo?
What would be a good way to debug the hf issues I'm having with the rrg/iceman code? I'm not finding any hf cards running hf search. I also have a ISO14443-B tag that I can find with the iceman1001/proxmark3 branch. The proxmark3.log files I'm finding just seem to be logging what I see on the terminal, but are there other code debug logs being saved somewhere that might help? I may start my own fork so I can get more familiar with how things are working. Thanks for your replies!

Offline

#5 2020-03-14 07:43:52

iceman
Administrator
Registered: 2013-04-25
Posts: 6,269
Website

Re: RDV4 - Catalina vs Mojave and differences with clients and fw

I get the sneaky suspicion your homebrew is messing with you.
Having many different proxmark taps install at the same time could be not optimal.

https://github.com/RfidResearchGroup/pr … uctions.md
Since RRG/Iceman doesn't have a stable release yet, you be using

brew install --HEAD proxmark3

If you feel the love,  https://www.patreon.com/iceman1001

modhex(hkhehghthbhudcfcdchkigiehgduiehg)

Offline

#6 2020-03-15 21:05:30

fluxxion
Contributor
Registered: 2020-03-06
Posts: 10

Re: RDV4 - Catalina vs Mojave and differences with clients and fw

Ok, so I cleared out all the brew taps, made sure all other versions were uninstalled and did ran brew cleanup, and then installed the rrg/iceman branch. I did notice on my previous installations, I was getting messages like "Your branch and 'origin/master' have diverged" and "Your branch is behind 'origin/master' by 70 commits", so I naturally figured this was the issue and I was able to update the local branch and install the lasted code. Unfortunately, I'm still not having much luck getting good HF reads.

I just got the HF accessory pack and using the HF_ANT_2.6uH I'm able to read and work with the HF tags with really good consistency and stability (wasn't able to find much with the HF_ANT_1.7uH antenna). I know it shouldn't matter, but I'll probably install therrg/iceman branch on Mojave to see if there's a difference with OS on this branch with respect to these HF issues, since I was seeing differences with the other client. This new antenna is working well and I'm able to work with the rrg branch on my Catalina machine, so I'm happy about that. I'll keep playing with things, testing stuff out, and probably deep dive into the code to see what might be going on. I'll post if/when I find anything.

One unrelated side note, I also got the smart card reader accessory as well, but when I went to use it on one of my devices, I noticed that the client was telling me the sc module wasn't installed/absent. Looking back in my terminal history, I can see that it wasn't found from the first time I started to use it. I had to physically push around on the adapter to get it to finally show up. I've updated the fw for it and have since been able to use since it without issue, but I'm a little worried about how secure the hw adapter module is. Is this module known for coming loose or having issues? My other rdv4 device has been fine from the start. I suppose if I have to keep fiddling with it, I should contact my retailer about it..?

Thanks!

Offline

#7 2020-03-25 11:48:09

barmpot
Contributor
Registered: 2020-03-19
Posts: 2

Re: RDV4 - Catalina vs Mojave and differences with clients and fw

Please advise me the OS, I do not want such problems. I do not understand this.

Offline

Board footer

Powered by FluxBB