When I “hf search” my FlexM1 it will show that it is mifare and then goes through a few other tests. If I run the command again then it won’t show anything about it being mifare. It will continue on with the other tests. I feel like I had a similar issue on my proxmark3 easy. They seem to recognize mifare only once. The device needs to turn off and then turn on to try again. If I want to do testing on anything mifare then I only get one shot. What could be the issue?
My first question here is what firmware you’re running on the easy and rdv4 ?
Latest fw is Iceman/master/v4.16717
if you’re using anything older, I would strongly suggest to update the fw to latest.
Here is the repo, also having pretty good docu of everything you may need for the process
I need to take down the biochip lf antenna off my rdv4 and check with the dual antenna how it behaves with my xmagic implant. I will report back tomorrow
p.s. what if you try with another mifare tag/card ? Does the same behaviour repeats ?
1 Like
I grabbed the latest from the Iceman github this morning. I am currently trying out 3 antennae. I have the LF + HF stock antenna and also 2 long range HF antennae. I also tested with some cards and fobs. I get the same result each time. It will recognize it for the first scan but not any of the following scans
Hey @W-rabbit here is what I found so far. With stock dual antenna I cannot read my implant yet. I guess this is because it’s recently installed. ~ 12 days ago. On flipper zero, I can read it just fine, same as with my phone. Moving forward, I put the proxgrind magic card - gen1a 1k s50, and I can constantly read it.
I am using a macOS ventura 13.4.1 (c) (22F770820d). What OS you’re running. As a last resort you can open a bug to iceman in github (unless anyone else has any other fresh ideas)
I’m connecting to my android with bluetooth. I tried a mifare classic card hovering at the same distance for each scan. It still gives me the same results. I’ll check their Discord for some info and if that fails then I’ll post an issue on Github. I appreciate the help!
1 Like
@W-rabbit I think you’re really found a bug, and it’s nasty one.
I can repo what you’re experiencing 100%
What I found so far that for cards and tags it works every time, for implants, as you said first time after connecting the device(wtf). Reproducible with both NeXT and xMagic. Let me know if they responded to you on Discord. I will do some more experiments tomorrow with the hf high range antennas and I will report again.
btw my implant positioning is right, I see how the voltage drops to
[usb] pm3 --> hf tune
[=] Measuring HF antenna, click pm3 button or press Enter to exit
[=] 40102 mV / 40 V / 43 Vmax
Also implants are discoverable from flipper and android phone so.
Here is some more info
[usb] pm3 --> hw status
[#] Memory
[#] BigBuf_size............. 40788
[#] Available memory........ 36944
[#] Tracing
[#] tracing ................ 0
[#] traceLen ............... 78
[#] Current FPGA image
[#] mode.................... HF image 2s30vq100 2023-05-26 19:50:53
[#] Flash memory
[#] Baudrate................ 24 MHz
[#] Init.................... OK
[#] Memory size............. 2 mbits / 256 kb
[#] Unique ID (be).......... 0x25999F97307C69D5
[#] Smart card module (ISO 7816)
[#] version................. v4.13
[#] LF Sampling config
[#] [q] divisor............. 95 ( 125.00 kHz )
[#] [b] bits per sample..... 8
[#] [d] decimation.......... 1
[#] [a] averaging........... yes
[#] [t] trigger threshold... 0
[#] [s] samples to skip..... 0
[#]
[#] LF T55XX config
[#] [r] [a] [b] [c] [d] [e] [f] [g]
[#] mode |start|write|write|write| read|write|write
[#] | gap | gap | 0 | 1 | gap | 2 | 3
[#] ---------------------------+-----+-----+-----+-----+-----+-----+------
[#] fixed bit length (default) | 29 | 17 | 15 | 47 | 15 | N/A | N/A |
[#] long leading reference | 29 | 17 | 18 | 50 | 15 | N/A | N/A |
[#] leading zero | 29 | 17 | 18 | 40 | 15 | N/A | N/A |
[#] 1 of 4 coding reference | 29 | 17 | 15 | 31 | 15 | 47 | 63 |
[#]
[#] HF 14a config
[#] [a] Anticol override.... std ( follow standard )
[#] [b] BCC override........ std ( follow standard )
[#] [2] CL2 override........ std ( follow standard )
[#] [3] CL3 override........ std ( follow standard )
[#] [r] RATS override....... std ( follow standard )
[#] Transfer Speed
[#] Sending packets to client...
[#] Time elapsed................... 500ms
[#] Bytes transferred.............. 243712
[#] Transfer Speed PM3 -> Client... 487424 bytes/s
[#] Various
[#] Max stack usage......... 4088 / 8480 bytes
[#] Debug log level......... 1 ( error )
[#] ToSendMax............... 1
[#] ToSend BUFFERSIZE....... 2308
[#] Slow clock.............. 31105 Hz
[#] Installed StandAlone Mode
[#] LF HID26 standalone - aka SamyRun (Samy Kamkar)
[#] Flash memory dictionary loaded
[#] Mifare.................. 1508 / 2047 keys
[#] T55x7................... 122 / 1023 keys
[#] iClass.................. 28 / 511 keys
[#]
@r00t Yeah something isn’t right. This is happening with all implants, cards and fobs. I thought it might be a firmware issue so I asked in the firmware section and then explained this problem but apparently my question wasn’t in the correct section so my question wasn’t answered
Okay, so I had some time to play with proxmark in the last two days
Seems like the issue is now resolved when I built from
git show
commit eaef707fb0732f5211f998a464c1e37854ba1144 (HEAD -> master, origin/master, origin/HEAD)
Merge: aa0bd3ea1 96eededb8
Author: iceman1001 <iceman@iuse.se>
Date: Thu Aug 24 20:49:30 2023 +0200
Merge pull request #2094 from kormax/master
Remove duplicate MFP definitions. Update AIDlist
Right now my proxmark reads all my implants just fine with the stock antenna
Before that I tried last three stable versions - 4.16717, 4.16191 and 4.15864 and the issue persisted in all of them.
Here you go @W-rabbit , git clone then copy the Makefile.platform.sample to Makefile.platform and make. Then flash the bootloader image and the os image and you should be good to go!
5 Likes
Thank you! I tried it again and now it works 
3 Likes
No worries, no need to thank me, it was not me who fixed the bug.
Speaking of which, would you mind doing me a favour? I see you have next implants, could you please try to scan them with
lf search
and also
lf t55xx detect
and lmk if the proxmark detected the chip as t5577 ? Thanks!
(for the record mine doesn’t detect chip type in implants and keyfobs but it detect cards wft! I guess yet another bug)
2 Likes
I tested on a fob and on both NExT implants. lf search works on everything. lf t55xx detect only worked on the fob. It didn’t get any info for my implants
1 Like
Thank you! I’ve tried today with stock antenna and the one made for implants, and I cannot detect t55 despite the positioning for coupling. I did lf tune to find the best spot - no t55 detection, tried to increase the distance between the antenna and the fob/implant - same. I guess it’s going to be another bug for the iceman gang to address and solve … It’s funny that the flipper writes them all without any issue
Definitely looks like another bug 
I now just use my Flipper for all LF since it is so easy. For HF I will continue the proxmark3 route. Hopefully both devices evolve a bit more