大家好,欢迎来到IT知识分享网。
官方的指南:
https://github.com/Proxmark/proxmark3/wiki/Ubuntu-Linux
我的系统是 ubuntu 18.04 x64
1)安装工具,编译器等
sudo apt install p7zip git build-essential libreadline5 libreadline-dev libusb-0.1-4 libusb-dev libqt4-dev perl pkg-config wget libncurses5-dev gcc-arm-none-eabi libstdc++-arm-none-eabi-newlib libpcsclite-dev pcscd
2)获取源代码
git clone https://github.com/proxmark/proxmark3.git
cd proxmark3
git pull
3)安装linux的usb规则
sudo cp -rf driver/77-mm-usb-device-blacklist.rules /etc/udev/rules.d/77-mm-usb-device-blacklist.rules
sudo udevadm control –reload-rules
4)把用户加入到 dialout 组,并且注销重新进入确保成功
sudo adduser $USER dialout
5)编译
make clean && make all
6)插入 proxmark3
dmesg | grep -i usb
[95101.025870] usb 3-4: new full-speed USB device number 2 using xhci_hcd
[95101.845904] usb 3-4: device descriptor read/64, error -71
[95112.550785] usb 3-4: New USB device found, idVendor=2d2d, idProduct=504d, bcdDevice= 0.01
[95112.550788] usb 3-4: New USB device strings: Mfr=1, Product=2, SerialNumber=0
[95112.550790] usb 3-4: Product: PM3
[95112.550792] usb 3-4: Manufacturer: proxmark.org
[95112.646926] cdc_acm 3-4:1.0: ttyACM0: USB ACM device
这是新版的 cdc 驱动,也就是模拟串口,对应的设备是 /dev/ttyACM0
7)烧录镜像(可选)
最开始使用的 libusb 的 HID 驱动,后来改了 CDC 虚拟串口驱动,但已经有好几年时间了。
所以这里不介绍老的HID驱动,可以自己去官方wifi看。
这里介绍 CDC 驱动
如果中途退出了,别怕,只要bootrom还在,就可以重新烧录
按着板上的按键不放,重新插拔usb,则强制进入升级模式,不要松开按键,一直按着
执行升级命令,直到升级完成才松手。
升级很快,10秒就完成,如果失败了,可以按照这个步骤重新做。
1,烧录 bootrom,!!!!!! 没有必要,不要随便烧bootrom,可能变砖 !!!!!!!!!!
变砖了只能用jtag来重新烧录了,不过好在有JTAG接口,也不是难事。
首先需要强制进入升级模式,方法是:按着板上的按键不放,重新插拔usb,按键不要送收,运行命令
$ client/flasher /dev/ttyACM0 -b bootrom/obj/bootrom.elf
Loading ELF file ‘bootrom/obj/bootrom.elf’…
Loading usable ELF segments:
0: V 0x00100000 P 0x00100000 (0x00000200->0x00000200) [R X] @0x94
1: V 0x00200000 P 0x00100200 (0x00000cd4->0x00000cd4) [R X] @0x298
Waiting for Proxmark to appear on /dev/ttyACM0 ……
Found.
Flashing…
Writing segments for file: bootrom/obj/bootrom.elf
0x00100000..0x001001ff [0x200 / 1 blocks]. OK
0x00100200..0x00100ed3 [0xcd4 / 7 blocks]……. OK
Resetting hardware…
All done.
Have a nice day!
2,烧录单片机和FPGA固件
$ client/flasher /dev/ttyACM0 armsrc/obj/fullimage.elf
Loading ELF file ‘armsrc/obj/fullimage.elf’…
Loading usable ELF segments:
0: V 0x00102000 P 0x00102000 (0x00030250->0x00030250) [R X] @0x94
1: V 0x00200000 P 0x00132250 (0x00001238->0x00001238) [RW ] @0x302e4
Note: Extending previous segment from 0x30250 to 0x31488 bytes
Waiting for Proxmark to appear on /dev/ttyACM0 ……………
Found.
Flashing…
Writing segments for file: armsrc/obj/fullimage.elf
0x00102000..0x00133487 [0x31488 / 395 blocks]…………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………….. OK
Resetting hardware…
All done.
Have a nice day!
8)使用
运行客户端软件:运行硬件的一些信息
$ client/proxmark3 /dev/ttyACM0
Prox/RFID mark3 RFID instrument
bootrom: master/v3.1.0-197-gebf1404-suspect 2020-06-29 02:15:00
os: master/v3.1.0-197-gebf1404-suspect 2020-06-29 02:15:01
fpga_lf.bit built for 2s30vq100 on 2019/11/21 at 09:02:37
fpga_hf.bit built for 2s30vq100 on 2020/03/05 at 19:09:39
SmartCard Slot: not available
uC: AT91SAM7S256 Rev D
Embedded Processor: ARM7TDMI
Nonvolatile Program Memory Size: 256K bytes. Used: 210055 bytes (80%). Free: 52089 bytes (20%).
Second Nonvolatile Program Memory Size: None
Internal SRAM Size: 64K bytes
Architecture Identifier: AT91SAM7Sxx Series
Nonvolatile Program Memory Type: Embedded Flash Memory
简单的使用 :
运行客户端,连接上的话显示版本信息,CPU信息等
$ client/proxmark3 /dev/ttyACM0
Prox/RFID mark3 RFID instrument
bootrom: master/v3.1.0-197-gebf1404-suspect 2020-06-29 02:15:00
os: master/v3.1.0-197-gebf1404-suspect 2020-06-29 02:15:01
fpga_lf.bit built for 2s30vq100 on 2019/11/21 at 09:02:37
fpga_hf.bit built for 2s30vq100 on 2020/03/05 at 19:09:39
SmartCard Slot: not available
uC: AT91SAM7S256 Rev D
Embedded Processor: ARM7TDMI
Nonvolatile Program Memory Size: 256K bytes. Used: 210055 bytes (80%). Free: 52089 bytes (20%).
Second Nonvolatile Program Memory Size: None
Internal SRAM Size: 64K bytes
Architecture Identifier: AT91SAM7Sxx Series
Nonvolatile Program Memory Type: Embedded Flash Memory
proxmark3>
例如一些命令
1)系统命令,获取状态,版本等
proxmark3>hw status
proxmark3>hw version
proxmark3>hw tune
proxmark3>quit
2)读取iso14443a 卡的信息,这里是 m1卡
proxmark3> hf 14a info
#db# ISO14443A Timeout set to 1060 (10ms)
#db# ISO14443A Timeout set to 10 (0ms)
#db# ISO14443A Timeout set to 1060 (10ms)
UID : 6f 91 aa e9
ATQA : 00 04
SAK : 08 [2]
TYPE : NXP MIFARE CLASSIC 1k | Plus 2k SL1
proprietary non iso14443-4 card found, RATS not supported
#db# ISO14443A Timeout set to 1060 (10ms)
No chinese magic backdoor command detected
#db# ISO14443A Timeout set to 1060 (10ms)
#db# ISO14443A Timeout set to 10 (0ms)
#db# ISO14443A Timeout set to 1060 (10ms)
Prng detection: WEAK
proxmark3>
3)模拟作为一张M1卡,uid=12345678 ,可以放到读卡器上面读取。
proxmark3> hf mf sim u 12345678
mf sim cardsize: 1K, uid: 12 34 56 78, numreads:0, flags:2 (0x02)
#db# 4B UID: 12345678
#db# SAK: 08
#db# ATQA: 00 04
#db# ISO14443A Timeout set to 1060 (10ms)
proxmark3>
免责声明:本站所有文章内容,图片,视频等均是来源于用户投稿和互联网及文摘转载整编而成,不代表本站观点,不承担相关法律责任。其著作权各归其原作者或其出版社所有。如发现本站有涉嫌抄袭侵权/违法违规的内容,侵犯到您的权益,请在线联系站长,一经查实,本站将立刻删除。 本文来自网络,若有侵权,请联系删除,如若转载,请注明出处:https://yundeesoft.com/15505.html