Yeah, I was juggling it myself, I should figure out a better solution 
Actually he said there’s already a provision for it!
msleep -t 3000; lf search
So basically you issue the msleep command first (in milliseconds) then a semicolon to chain commands together.
2 Likes
i’ve got it in a vice now so I have a free hand, the lf t5 detect command doesn’t find anything so maybe I’ve go the wrong config for the tag?
is the config hard coded or can it be changed using block0? What should I be using?
edit:
I don’t know if this is a good reference, but I’m only getting a 3,000mV drop on the lf tune display with my implant, compared to arround 16,000mV on another tag
but now I can’t write to, or read anything meaningfull from either of my test lf tags
ok, I can’t get a read of either of my test t5577 cards either
One card turns up with an Indala ID that changes every time I run lf search, and the other can’t find a valid tag but detects the t55xx chipset.
I can’t write to either of them using lf t55 wipe, lf t55xx write b 0 d 000880E0 -t or lf em 410 clone --id 0D00072C63
Have I done something to my proxmark?
Time to dive in… what hardware do you have? What firmware? When you launch the pm3 client it spits out some info on the screen… post that too…
proxmark3 easy from you guys (about a month old), windows, used the getting started with the proxmark3 post so: proxspace, iceman repo, reflashed this afternoon just to be sure it wasn’t something to do with that.
terminal output
pm3 ~$ ./proxmark3/client/proxmark3.exe com8
[=] Session log D:\ProxSpace\pm3/.proxmark3/logs/log_20210724.txt
[+] loaded from JSON file D:\ProxSpace\pm3/.proxmark3/preferences.json
[=] Using UART port com8
[=] Communicating with PM3 over USB-CDC
██████╗ ███╗ ███╗█████╗
██╔══██╗████╗ ████║╚═══██╗
██████╔╝██╔████╔██║ ████╔╝
██╔═══╝ ██║╚██╔╝██║ ╚══██╗
██║ ██║ ╚═╝ ██║█████╔╝ Iceman
╚═╝ ╚═╝ ╚═╝╚════╝ bleeding edge
https://github.com/rfidresearchgroup/proxmark3/
Warning: QT_DEVICE_PIXEL_RATIO is deprecated. Instead use:
QT_AUTO_SCREEN_SCALE_FACTOR to enable platform plugin controlled per-screen factors.
QT_SCREEN_SCALE_FACTORS to set per-screen DPI.
QT_SCALE_FACTOR to set the application global scale factor.
[ Proxmark3 RFID instrument ]
[ CLIENT ]
client: RRG/Iceman/master/v4.13441-276-g9625369fe 2021-07-24 11:11:32
compiled with MinGW-w64 10.3.0 OS:Windows (64b) ARCH:x86_64
[ PROXMARK3 ]
firmware.................. PM3 GENERIC
[ ARM ]
bootrom: RRG/Iceman/master/v4.13441-276-g9625369fe 2021-07-24 11:13:15
os: RRG/Iceman/master/v4.13441-276-g9625369fe 2021-07-24 11:13:58
compiled with GCC 10.1.0
[ FPGA ]
LF image built for 2s30vq100 on 2020-07-08 at 23:08:07
HF image built for 2s30vq100 on 2020-07-08 at 23:08:19
HF FeliCa image built for 2s30vq100 on 2020-07-08 at 23:08:30
[ Hardware ]
--= uC: AT91SAM7S512 Rev B
--= Embedded Processor: ARM7TDMI
--= Internal SRAM size: 64K bytes
--= Architecture identifier: AT91SAM7Sxx Series
--= Embedded flash memory 512K bytes ( 53% used )
[!] Communicating with Proxmark3 device failed
[=] Running in OFFLINE mode. Use "hw connect" to reconnect
[usb] pm3 -->
And the two t5577 cards that also don’t work (but used to) came with the pm3e
That output is offline… not actually talking to the proxmark3… would need to get output with the actual proxmark3 connected
No I accidentally unplugged it at the end is all, if I start it disconnected it would just output the last 3 lines
1 Like
Ran it again to be sure
Terminal output
pm3 ~$ ./proxmark3/client/proxmark3.exe com8
[=] Session log D:\ProxSpace\pm3/.proxmark3/logs/log_20210724.txt
[+] loaded from JSON file D:\ProxSpace\pm3/.proxmark3/preferences.json
[=] Using UART port com8
[=] Communicating with PM3 over USB-CDC
██████╗ ███╗ ███╗█████╗
██╔══██╗████╗ ████║╚═══██╗
██████╔╝██╔████╔██║ ████╔╝
██╔═══╝ ██║╚██╔╝██║ ╚══██╗
██║ ██║ ╚═╝ ██║█████╔╝ Iceman
╚═╝ ╚═╝ ╚═╝╚════╝ bleeding edge
https://github.com/rfidresearchgroup/proxmark3/
Warning: QT_DEVICE_PIXEL_RATIO is deprecated. Instead use:
QT_AUTO_SCREEN_SCALE_FACTOR to enable platform plugin controlled per-screen factors.
QT_SCREEN_SCALE_FACTORS to set per-screen DPI.
QT_SCALE_FACTOR to set the application global scale factor.
[ Proxmark3 RFID instrument ]
[ CLIENT ]
client: RRG/Iceman/master/v4.13441-276-g9625369fe 2021-07-24 11:11:32
compiled with MinGW-w64 10.3.0 OS:Windows (64b) ARCH:x86_64
[ PROXMARK3 ]
firmware.................. PM3 GENERIC
[ ARM ]
bootrom: RRG/Iceman/master/v4.13441-276-g9625369fe 2021-07-24 11:13:15
os: RRG/Iceman/master/v4.13441-276-g9625369fe 2021-07-24 11:13:58
compiled with GCC 10.1.0
[ FPGA ]
LF image built for 2s30vq100 on 2020-07-08 at 23:08:07
HF image built for 2s30vq100 on 2020-07-08 at 23:08:19
HF FeliCa image built for 2s30vq100 on 2020-07-08 at 23:08:30
[ Hardware ]
--= uC: AT91SAM7S512 Rev B
--= Embedded Processor: ARM7TDMI
--= Internal SRAM size: 64K bytes
--= Architecture identifier: AT91SAM7Sxx Series
--= Embedded flash memory 512K bytes ( 53% used )
[usb] pm3 --> exit
pm3 ~$
Hmm ok well it looks correct… and you’re putting the card on the LF antenna… that’s strange
Could I have put it in an emulation mode then put a password on it accidentally?
I really don’t think so… I’d keep trying to just do a LF em 401x clone command to write an EM id to it but put the card like an inch up off the antenna… see if that helps.
Coupling and signal are all just bitbangs with a T5577 so timing and overpowering the demod in the chip are a thing.
still nothing useful, but I managed to get it to detect the t5577 chip on both (the one with the indala id is really sensitive to position) although t55 detect doesn’t work still (or any other write)
Hmm. Try the clone again and use the --q5 switch… maybe these demo cards are T5555?? China mistake? I’m so confused at this point hah
no luck 
and that wouldn’t explain why the implant won’t respond either. Maybe a broken pm3? but hw tune seems all good
hw tune
[+] LF antenna: 24.20 V - 125.00 kHz
[+] LF antenna: 15.68 V - 134.83 kHz
[+] LF optimal: 26.91 V - 120.00 kHz
[+] Approx. Q factor (*): 6.8 by frequency bandwidth measurement
[+] Approx. Q factor (*): 7.8 by peak voltage measurement
[+] LF antenna is OK
Does anyone on here live in Melbourne AU, have a proxmark3, and think they could help troubleshooting?
Hey non-bin!
Shoot me a PM when Dan the Man does his presser tomorrow! Happy to meet up somewhere with a Proxmark when we’re allowed to - I’ve got a custom LF antenna for glassies on my PM3 Easy, so can try some things with that and see if we have any better luck!
5 Likes
Yay! Thank you so much 
As a side note I discovered that after I did a lf t5 wipe I get no output when I try to read a t5. If I write any data to it then I can read the t5 info.