Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

Pages: 1

#1 2011-06-25 14:14:34

merlok
Contributor
Registered: 2011-05-16
Posts: 132

Some thoughts about an emulator and the new RC0 emulator

here:
http://code.google.com/p/proxmark3/source/detail?r=486

OK, It seems that I have make an working emulator)

At first let get the logs from emulator and standard MIFARE chip.

log from MIFARE CARD:

 ETU     :rssi: who bytes
---------+----+----+-----------
 +      0:   0: TAG 04  00
 +    918:    :     93  20
 +     66:   0: TAG e6  84  87  f3  16
 +   1790:    :     93  70  e6  84  87  f3  16  5e  35
 +     66:   0: TAG 08  b6  dd
 + 801069:    :     60  04  d1  3d
 +    112:   0: TAG 85  90  30  22
 +    977:    :     df  03  6d  49  80  85  57  6c     !crc
 +     64:   0: TAG 8e! 99! 9d  83
 +1059143:    :     af  f7  8f  09     !crc
 +     72:   0: TAG e7! be! ab! 58! 51! 44! ad! bd! 81! 6a  44  5c  f8! ad! 3c! ca! 8f! 01!    !crc
 +2395872:    :     d5  d4  09  ae     !crc

log from EMULATOR

 ETU     :rssi: who bytes
---------+----+----+-----------
 +      0:    :     52
 +    290:   0: TAG 04! 00!
 +    910:    :     93  20
 +    560:   0: TAG e6  84  87  f3  16
 +   1630:    :     93  70  e6  84  87  f3  16  5e  35
 +    390:   0: TAG 08! b6  dd!
 + 784842:    :     60  04  d1  3d
 +    640:   0: TAG 01  02! 03! 04
 +    780:    :     a0  03  79  76  eb  72  d7  da     !crc
 +    960:   0: TAG 36! dc  38  2a!
 + 889996:    :     ed  c1  45  e7     !crc
 +   2570:   0: TAG 53  f7  99  d9  ee! 90  ac! c5! 2d! 35! 55! 35! 39  ec! 17 89  c5! 9b     !crc
 +4254260:    :     d3  3b  c1  6b     !crc

P.S. MIFARE card ETU equals 1,8 us. in the emulator log ETU=us

Last edited by merlok (2011-06-25 14:23:00)

Offline

#2 2011-06-25 14:22:38

merlok
Contributor
Registered: 2011-05-16
Posts: 132

Re: Some thoughts about an emulator and the new RC0 emulator

Several thougts about proxmark3 as an emulator:

1. proxmark cant have elecromagnetic field behavier same as a card. It cant shortcut an antena and it dont need to have power from antenna.
2. lets see into the anticollision timings:
card allways answers at 64-66 ETU (118us) <-- IT MUST HAVE from iso14443
emulator stops sending at 200-300 us (290-36=254us)
3. lets see at the authentication timings:
card allways sends the answer at 112 and 64 ETU (first and secont part accordingly) (201 and 115 us)
emulator stops sending at 640 and 960 us (572 and 892 us)
4. lets see at readblock command
card: ETU=72 (129 us)
emulator : 2570 - ((18 * 9bit + start bit + stop bit)*1.8 = 295us) == 2275us = 2,2ms (

OK, the conclusion:
proxmark3 can work as an emulator, but it easily can be detected by system and banned)

If you want to make an really good emulator you have to make it into modern FPGA core... )
or you have to put here ARM9 at at least 500MHz or 1GHZ and modern FPGA (for syncronized i/o with the field).

P.S. some of system integrators dont have high professional level developers, so that their systems can be easilly broken.
BUT for skilled developet its not a problem to avoid of using emulators in their systems. )

Last edited by merlok (2011-06-25 14:37:46)

Offline

Pages: 1

Board footer

Powered by FluxBB