Jump to content

User:Coldheader/sandbox

From Wikipedia, the free encyclopedia

Proxmark3

[edit]

The Proxmark 3 is an improved version of proxmarkii.[1] It is a dedicated, highly-capable multi-tool for RFID analysis, providing reading, writing, analysis, snooping, replaying, emulation, modulation, demodulation, decoding, encoding, decryption, encryption for any RFID system operating in the 125KHz, 134KHz and 13.56MHz frequencies.[2] Proxmark can be considered the most powerful RFID and Near Field Communication research device currently available.[3]

Licence

[edit]

The hardware design and firmware of this latest version is in the public domain since May 2007 under the General Public License.[4]

The the cost of the device was around 200 euro and since the schematics are online, it can be ordered through any local printed circuit board (PCB) supplier.[4]

About

[edit]

The original Proxmark 3 was originally created as a PHD project by Jonathan Westhues in 2007 to facilitate the research of RFID systems. The Proxmark supports all major modulation and encoding schemes. Therefore, it is able to communicate with many different proprietary communication protocols used by various RFID tags. It can act as a reader. It can eavesdrop on a transaction between another reader and a tag. It can analyze the signal received over the air more closely, for example to perform an attack in which we derive information from the tag's instantaneous power consumption. It can pretend to be a tag itself. It is also capable of some less obviously useful operations that might come in handy for development work.[5]

Hardware
[edit]
  • It is additionally equipped with a Field Programmable Gate Array (FPGA) which is mainly responsible for the low-level signal processing and allows to set up multiple signal processing schemes.[4]
  • Supports both low (125 kHz-134 kHz) and high frequency (13.56MHz) signal processing. This is achieved by two parallel antenna circuits that can be used independently[4]
  • Has a USB interface to the computer. The current implementation uses the default Human Interface Device (HID) USB protocol. Flashing of the microcontroller and the FPGA can be done via USB. Only the first time the JTAG interface is used to set up a bootloader on the microcontroller.[4]
Software
[edit]
  • It can operate in three different mores: sniffing mode; card emulation mode; and reader mode.[4]
  • The client application works as a console application and connects to the Proxmark via the standard HID USB protocol.[4]

Models

[edit]

There are currently five different variations of Proxmark3 available for purchase.

From the very first 3rd model, Proxmark has been gradually modernized and improved, so the differences between neighboring models are not as dramatic as between the first and the last.[3]

Proxmark3

[edit]
Proxmark 3

Since it was open-sourced, there have been multiple commercial versions of the Proxmark. Originally manufactured individually or in small runs, a handful of manufacturers began to commercialise the device.[5]

Versions of note:
[edit]
  • Original
  • XFPGA / RadioWar
  • Rysc
  • Elechouse[6]

Specifications

[edit]
  • CPU Variants of AT91SAM7S512
  • Storage 512Kb SPI flash
  • Interface Typically, 1x mode LEDs, 1x button.
  • Antennas
    • LF Untuned, external
    • HF Untuned, external[6]
Proxmark 3 Easy

Proxmark3 Easy (V3.0)

[edit]

The Proxmark 3 Easy was designed and produced by Elechouse, the creators of the Proxmark 3 RDV 2. It was designed as a lower-cost version of the Proxmark 3 RDV 2 specifically for domestic sales in China via TaoBao. It was created to be a cheaper, less capable fork of the RDV 2.

Its lower price point came at the cost of performance:

  • Downgraded microcontroller: AT91SAM7S256 (smaller memory 256kb)
  • Removed lithium battery management and socket.
  • Removed Relay
  • Removed Amplifier

These hardware changes resulted in the Proxmark 3 Easy being incapable of performing several of the Proxmark's advanced features, including the Mifare Hard-Nested attacks.

Despite these differences, several Western distibutors sold the Proxmark 3 Easy as a 1:1 alternative to the RDV 2.[7]

Specifications
[edit]
  • CPU AT91SAM7S256
  • Storage 256Kb SPI flash
  • Interface 4x mode LEDs, 1x button.
  • Antennas
    • LF Attached
    • HF Integrated[7]

Proxmark3 RDV2

[edit]
Proxmark 3 RDV 2

Designed and manufactured by Elechouse, the Proxmark 3 RDV 2, or "Revision Two" was the first major evolution in the Proxmark framework for many years.

All major hardware components, including the microcontroller, FPGA and flash memory were revised and updated.

However, the most significant changes were in the antenna design and implementation. The bulky, awkward and untuned antennas of the Proxmark 3 were replaced with compact, pre-tuned HF and LF antennas, using the standard SMA interface instead of the USB-Hirose cables previously used.

The Proxmark 3 RDV 2 was the first all-in-one design, with its stacked PCB design providing a case and attach points for the antennas, finally enabling the device to be used in environments where more discretion was required.

The Proxmark 3 RDV 2 was quickly adopted as the "industry standard" device. Its popularity resulted in grey-market / counterfeit versions of the device surfacing on AliExpress / TaoBao. These devices had known issues with their antenna performance and suffered from failing relays.[8]

Specifications

[edit]
  • CPU AT91SAM7S512
  • Storage 512Kb SPI flash
  • Interface 4x mode LEDs, 1x button.
  • Battery External battery connector
  • Antennas
    • LF Pretuned, Removable
    • HF Pretuned, Removable[8]

Proxmark3 EVO

[edit]
Proxmark 3 EVO

The Proxmark 3 EVO, or "Evolution" is designed by Elechouse to be the ultimate evolution of the Proxmark 3 Platform.

No larger than a wallet, the Proxmark 3 Evo has been miniaturised and modernised to respond to the evolving requirements of the community.

It can be considered the ultimate desktop device for RFID researchers and hobbists.

  • Durable: High quality ABS case protects your hardware, even on the go
  • Flexible: Only proxmark to feature an RGB LED for intuative status indication
  • Android Compatible: Works with Project Walrus for automated red-teaming[9]
Device Characteristics
[edit]
  • Miniaturised: 60 x 90 x 12mm
  • Internalised, Pre-tuned antennas
  • RGB LED (integrated into official codebase)
  • ABS case
  • 100% Compatible with the official Proxmark codebase[9]

Specifications

[edit]
  • CPU AT91SAM7S512
  • Storage External 2MBits / 512Kb SPI flash
  • Interface 1x RGB LED, 1x button.
  • Battery External battery connector
  • Antennas
    • LF Pretuned, Internal
    • HF Pretuned, Internal[9]

Proxmark3 RDV4

[edit]
Proxmark 3 RDV4
Proxmark 3 RDV4

The Proxmark 3 RDV4 is the latest revision of the Proxmark 3 Platform. It is designed and manufactured by RRG, a company formed by four people instrumental to the Proxmark 3 including:

  • Chris Hermann (iceman) - Moderator of the proxmark forums
  • Kevin (0xFFFF) - Moderator of the proxmark forums

The RDV 4 revision represents a highly optimised piece of hardware specifically designed for the pen-testing community:

  • Covert: Fits easily into a hand and pocket
  • Modular: Rapidly switch pre-tuned antennas for more range when in the field
  • Intuiative: Multiple Status LEDs for at-a-glance status checking
  • Android Compatible: Works with Project Walrus for automated red-teaming
  • Expandable: BLE/Wifi module expansion capability for automated data egress[10]
Device Characteristics
[edit]
  • Smallest Proxmark Ever: 54 x 87 x 10mm
  • Internalised, Pre-tuned antennas
  • SIM/Smart card reader
  • Miniaturised ABS case
  • Expandable Framework:
    • Hot-swappable mid and long range antennas
    • BLE/Wifi module compatible[10]
Specifications
[edit]
  • CPU SAM7S512
  • Storage External 2MBits / 256Kb SPI flash
  • Interface 4x power LEDs, 4x mode LEDs, 1x button.
  • Performance
    • LF (125KHz): 70mm @ 65V
    • HF (13.56MHz): 88mm @ 44V[10]
What's included:
[edit]
Standard Accessory Pack
[edit]
  • 1x Proxmark 3 RDV4.01
  • 1x Pretuned LF Antenna - 125KHz & 134KHz (Internal)
  • 1x Pretuned HF Antenna - 13.56MHz (Internal)
  • 1x Micro USB Cable
  • 1x Screw Driver (for external antenna mounting)
  • 1x SIM / SAM Reader Module
RFID Tags / Cards
[edit]
  • 1x 'Magic' 1k UID Changeable - PVC Card format
  • 1x T5577 Tag - PVC Card format
Complete Accessory Pack
[edit]
  • 1x Standalone Module (Battery + Bluetooth)
  • 1x HF Antenna Pack (1x Mid Range, 1x Long Range)
  • 1x LF Antenna Pack (1x Mid Range, 1x Long Range)
  • 1x Flashing Support[10]

Compatible systems

[edit]
  • Windows: XP, 7, 8, 10 (All Versions)
  • OS/X: 10.0 - 10.7 (All Versions)
  • Linux: Debian, Ubuntu, CentOS, etc (All Versions)
  • Android: Specific Builds[11]

Proxmark 3 technical comparison

[edit]

There are multiple versions of the Proxmark, optimised for desktop use or penetration testing. Please check the table below to find the version that corresponds with your needs.[11]

Feature Proxmark 3 RDV 4.01 Proxmark 3 EVO Others (RDV2, Easy, etc)
CPU SAM7S512 AT91SAM7S512 AT91SAM7S512 / AT91SAM7S256
Memory External 2MBits Internal 512Kb SPI External 2MBits Internal 512Kb SPI External None Internal 256 - 512Kb SPI
LF Read Range 70mm @ 65V 40mm @ 55V 10mm - 35mm
HF Read Range 40 - 85mm @ 44V 50mm @ 40V 10mm - 40mm
HF Read Range (medium antenna) 90mm
HF Read Range (large antenna) 100 - 120mm
Dimensions 54x87x10mm 60x90x12mm At least 150x50mmx50mm
Expandable Framework? Yes

Proxmark 3 functionality comparison

[edit]

There are multiple versions of the Proxmark, optimised for desktop use or penetration testing. Please check the table below to find the version that corresponds with your needs.[11]

Feature Proxmark 3 RDV 4.01 Proxmark 3 EVO Others (RDV2, Easy, etc)
Internal Antennas X X
ABS Case X X
Miniaturised X X
Pentesting Optimised X
Desktop Optimised X
SIM/SAM Reader X
Swappable Antennas X
Long Range Antenna X
Interface 8x LED 1x RGB LED 1x LED
  1. ^ "A Test Instrument for HF/LF RFID". cq.cx. Retrieved 2021-05-03.
  2. ^ "Proxmark 3 RDV4.01". Lab401. Retrieved 2021-05-03.
  3. ^ a b "[0] Proxmark3 - Introduction". 04/25/2019. {{cite web}}: |first= missing |last= (help); Check date values in: |date= (help)CS1 maint: url-status (link)
  4. ^ a b c d e f g "Tutorial: Proxmark, the Swiss Army Knife for RFID Security Research" (PDF). cs.ru.nl. {{cite web}}: |first= missing |last= (help); line feed character in |title= at position 50 (help)CS1 maint: multiple names: authors list (link) CS1 maint: url-status (link)
  5. ^ a b "Proxmark 3 | Proxmark". proxmark.com. Retrieved 2021-05-03.
  6. ^ a b "Proxmark 3 Easy | Proxmark". www.proxmark.com. Retrieved 2021-05-03.
  7. ^ a b "Proxmark 3 Easy | Proxmark". www.proxmark.com. Retrieved 2021-05-03.
  8. ^ a b "Proxmark 3 RDV 2 | Proxmark". www.proxmark.com. Retrieved 2021-05-03.
  9. ^ a b c "Proxmark 3 EVO | Proxmark". www.proxmark.com. Retrieved 2021-05-03.
  10. ^ a b c d "Proxmark 3 RDV4 | Proxmark". www.proxmark.com. Retrieved 2021-05-03.
  11. ^ a b c "Proxmark 3 RDV4.01". Lab401. Retrieved 2021-05-03.