RFID with the Proxmark3
Please don't plug in your proxmark into your computer until you are instructed to. They are expensive and somewhat easy to brick during the setup phase.
Contents
The install
Start your install on Ubuntu with your proxmark not plugged into your PC.
The guide below is a composite of:
https://github.com/RfidResearchGroup/proxmark3
You must remove modem manager to eliminate the chance of bricking your Proxmark
sudo apt remove modemmanager
Update the packages list
sudo apt-get update
Install the requirements
sudo apt-get install --no-install-recommends git ca-certificates build-essential pkg-config libreadline-dev gcc-arm-none-eabi libnewlib-dev qtbase5-dev libbz2-dev libbluetooth-dev libssl-dev
Get the Proxmark git repo
git clone https://github.com/RfidResearchGroup/proxmark3.git
Move into the directory with:
cd proxmark3
Then:
sudo make udev
Plug it in and:
sudo dmesg | grep -i USB
to check that it is installed. You can also
lsusb
Get permissions to use /dev/ttyACM0 by adding the current user to the proper group to get permission to use /dev/ttyACM0. This step can be done from the RRG/Iceman Proxmark3 repo with
make accessrights make
Plug in the Proxmark3
./pm3-flash-all
Perform a:
sudo dmesg | grep -i USB
to check that it is installed
Using the Proxmark 3
Then you can start proxmark with
./pm3
Have a play with the following commands:
[usb] pm3 --> hw status [usb] pm3 --> hw version [usb] pm3 --> hw tune
To get an overview of the available commands for LF RFID and HF RFID:
[usb] pm3 --> lf [usb] pm3 --> hf
To search quickly for known LF or HF tags:
[usb] pm3 --> lf search [usb] pm3 --> hf search
Tune for LF and HF
If you are having trouble getting a read try
lf tune --mix
OR
hf tune --mix
Here you are looking for the card to "couple". So the lower the voltage drops the more the RFID card is drawing from the system and the better the read you will get.
Start your Skills Test here
At this point, you are ready to start your skills test. Use the materials below as well as your tutor as a guide to complete your skills test as a group.
LF T5577 card
If you think this could be a T55xx you can run a:
lf t55 detect
This should return the type of card. You can then examine the datasheet here: http://ww1.microchip.com/downloads/en/DeviceDoc/ATA5577C-Read-Write-LF-RFID-IDIC-100-to-150-kHz-Data-Sheet-DS70005357B.pdf
You can try to read all of the blocks with the following command:
lf t55xx dump
This should dump all the blocks on the t55xx card
HF Mifare
High Frequency Mifare cards are also super common. You should be able to detect one with the standard:
hf search
If you find a tag record what sort of tag you think it could be. Try just typing:
hf
This should reveal all the different types of cards that can be read. Try to correlate the previous info from hf search against the info that you see in the image to the right. You could now try a:
hf mfu info
If that reveals that it is a gen 1a then you could consider executing a command frame the following block:
Probably a more generic set of commands are those that sit under the operations OR Recovery banners. In theory, these should work on all the Mifare cards.
You could also read the entire card with:
pm3 --> hf mfu dump
You would then open a separate terminal and:
xxd hf-mf-ABCEDFIG-dump.bin
This should provide you with the binary output.