2013年2月28日星期四
proxmark3 read simulation and clone em4100 id card
em410xread [clock]
Reads the ID from an EM410x tag (the plot should contain the raw tag). Clock is optional, usually has a value of 64.
Example :
> loread> losamples 2000 > em410xreadAuto-detected clock rate: 64 EM410x Tag ID: 1a0041375d
em410xsim [tag id]
Simulates an EM410x tag with the specified ID. Example :
> em410xsim 1a0041375d (The orange light will turn on. Press the button on the PM3 to stop emulating the tag.)
em410xwatch
Watches for an EM410x tag until it detects one. Essentially "loread + losamples 2000 + em410xread" until a tag is detected. Example :
> em410xwatchAuto-detected clock rate: 64 EM410x Tag ID: 1a0041375dem410xwrite
copy em4100 id to a t5557 card.
proxmark3> lf em4x
help This help
em410xread [clock rate] -- Extract ID from EM410x tag
em410xsim <UID> -- Simulate EM410x tag
em410xwatch Watches for EM410x tags
em410xwrite <UID> <'0' T5555> <'1' T55x7> -- Write EM410x UID to T5555(Q5)
or T55x7 tag
em4x50read Extract data from EM4x50 tag
proxmark3>
--------
gezhi electronic
www.xfpga.com or ebay shop
email: xfpga@hotmail.com
qq:1074079485
tel: +86-13113330725
Michael
Clone HID card with proxmark3
Clone HID card with proxmark3
1. use lf hid fskdemo to read the hid card ' ID.
2. replace a blank t5557 card to the antenna,
use lf hid clone xxx(the ID you just read)
That is all.
here is a video of howto do it.
www.youtube.com/watch?v=MXljGb47IKM
1. use lf hid fskdemo to read the hid card ' ID.
2. replace a blank t5557 card to the antenna,
use lf hid clone xxx(the ID you just read)
That is all.
here is a video of howto do it.
www.youtube.com/watch?v=MXljGb47IKM
2013年2月26日星期二
proxmark3:Some commands for MIFARE
proxmark3:Some commands for MIFARE
How can I read a card contents?
- 'hf mf rdbl 0 a ffffffffffff', where 0 - block number, a - key type, ffffffffffff - key
or:
- 'hf mf rdsc 0 a ffffffffffff', where 0 - sector number, a - key type, ffffffffffff - key
How can I write a block into a card?
- 'hf mf wrbl 0 a ffffffffffff 000102030405060708090a0b0c0d0e0f', where 0 - block number, a - key type, ffffffffffff - key,
000102030405060708090a0b0c0d0e0f - block data.
How can I break a card?
- 'hf mf mifare'
- if it dont found a key: 'hf mf mifare XXXXXXXX' , where XXXXXXXX - Nt from previous run
- 'hf mf nested 1 0 a FFFFFFFFFFFF', where 1 - card type MIFARE CLASSIC 1k, FFFFFFFFFFFF - key that found at previous step.
How to save emulator dump from a card
- 'hf mf mifare'
- if it dont found a key: 'hf mf mifare XXXXXXXX' , where XXXXXXXX - Nt from previous run
- 'hf mf nested 1 0 a FFFFFFFFFFFF t', where 1 - card type MIFARE CLASSIC 1k, FFFFFFFFFFFF - key that found at previous step.
- 'hf mf efill a FFFFFFFFFFFF'
- 'hf mf esave filename'
How to emulate a card
- 'hf mf mifare'
- if it dont found a key: 'hf mf mifare XXXXXXXX' , where XXXXXXXX - Nt from previous run
- 'hf mf nested 1 0 a FFFFFFFFFFFF t', where 1 - card type MIFARE CLASSIC 1k, FFFFFFFFFFFF - key that found at previous step.
- 'hf mf efill a FFFFFFFFFFFF'
- 'hf mf sim'
How to emulate a new card
- 'hf mf eclr'
- 'hf mf sim'
How to emulate a card with help of dump from file
- 'hf mf eload filename', where filename - dump's file name (<filename>.eml)
- 'hf mf sim'
How to have look at the emulator memory
- 'hf mf eget 00', where 00 - block number from 0 to 0x63. Each block contains 16 bytes of memory.
How to make changes into the emulator memory
- 'hf mf eset 01 000102030405060708090a0b0c0d0e0f',
where:
- 00 - block number from 0 to 0x63. Each block contains 16 bytes of memory.
- 000102030405060708090a0b0c0d0e0f - block data.
Proxmark3 Flashing the board
Proxmark3 Flashing the board
Once the driver is installed, you can move on to first flashing the new bootloader, then the "fullimage.elf" provided in the ZIP archive:
Once the driver is installed, you can move on to first flashing the new bootloader, then the "fullimage.elf" provided in the ZIP archive:
D:\Documents\Hobbies\RFID\Proxmark Firmware\Winter 2010 Release r419>flasher.exe -b bootrom.elfLoading ELF file 'bootrom.elf'... Loading usable ELF segments: 0: V 0x00100000 P 0x00100000 (0x00000200->0x00000200) [R X] @0x94 1: V 0x00200000 P 0x00100200 (0x0000175c->0x0000175c) [R X] @0x294 Waiting for Proxmark to appear on USB... Found. Entering bootloader... (Press and release the button only to abort) Waiting for Proxmark to reappear on USB... Found. Flashing... Writing segments for file: bootrom.elf 0x00100000..0x001001ff [0x200 / 2 blocks].. OK 0x00100200..0x0010195b [0x175c / 24 blocks]........................ OK Resetting hardware... All done. Have a nice day! D:\Documents\Hobbies\RFID\Proxmark Firmware\Winter 2010 Release r419>flasher.exe fullimage.elfLoading ELF file 'fullimage.elf'... Loading usable ELF segments: 0: V 0x00102000 P 0x00102000 (0x0000a4bc->0x0000a4bc) [R ] @0xb4 1: V 0x00110000 P 0x00110000 (0x000140b8->0x000140b8) [R X] @0xa570 2: V 0x00200000 P 0x001240b8 (0x00000004->0x00000004) [RW ] @0x1e628 Note: Extending previous segment from 0x140b8 to 0x140bc bytes Waiting for Proxmark to appear on USB... Found. Entering bootloader... (Press and release the button only to abort) Waiting for Proxmark to reappear on USB... Found. Flashing... Writing segments for file: fullimage.elf 0x00102000..0x0010c4bb [0xa4bc / 165 blocks]................................... ................................................................................ .................................................. OK 0x00110000..0x001240bb [0x140bc / 321 blocks].................................. ................................................................................ ................................................................................ ................................................................................ ............................................... OK Resetting hardware... All done. Have a nice day! D:\Documents\Hobbies\RFID\Proxmark Firmware\Winter 2010 Release r419>
From there on, you should not need to update the Bootloader upon new firmware releases - unless of course there is another large bootloader upgrade at a later stage!
订阅:
博文 (Atom)