So just had a random brain fart that I would like opinions on.
I was thinking about making a GUI tool for pm3 that could be used by the less technical cyborgs as it’s hard to recommend such an expensive tool that can be pretty hard to use.
After thinking about it for a while I decided that it would be too much work for me to undertake given it would not even be my preferred UI.
That’s when I had a potential brain fart. Basically have a GUI that provides a simple DSL* for more experienced users to write “scripts” that expose complex functionality in a easy to use way.
I’m picturing both having built in scripts and also forum members being able to make custom scripts to help others with specific edge cases.
The sort of experience I am picturing would be a simple UI with a list of “tasks” for example a “Clone HID to xEM/NExT” that would take the user through a wizard that walks through the process with clear steps.
“Present existing access badge to the proxmark.” - A landing page for the task, probably with more information.
“Searching…” - The proxmark then searches for a HID tag repeatedly for a certain period.
“Found!” - Displays the details of the found tag.
“Present implant to the proxmark” - Have another read loop with some feedback for when the implant is positioned correctly. That enables the write button.
“Cloned successfully/not successful” - Reads from the implant and reports if the implant now matches the source implant.
There could also be “jobs” for dumping tag data for sharing, locking implants in a similar fashion to the Dangerous NFC app, etc.
The tool itself could force a hw tune during startup, as well as helping with the installation of underlying pm3 cli and flashing the pm3 (I wonder if a docker container would be good for cross compatible pm3 installs).
As I said this is potentially just a brain fart, have not thought through the idea much, it just seemed like a good method for having a community driven GUI to help beginners that can be built up over time.
Any criticism, recommendations, or any other comments are more than welcome.
Glossary:
DSL - Domain Specific Language
Basically a formal way of describing data about a specific thing. In this case the information required for each “job” to display instructions on the wizard GUI and run the required commands on the proxmark for each step.
Mate, I think it is a great idea.
I think you hit the nail on the head -s
Without going into a rant,
For such a great and powerful tool, I don’t know why it has to be a steep learning curve right out of the box. ( Its like giving a kid a toy at xmas without batteries )
The simple UI you suggest would be enough to get people using it immediately and if that is all they need, then perfect, if they need to / want to dive deeper, then they have that option.
my
Hit the nail on the head, i had planed to make a simple c# gui for the rdv4 once I finally get one lol. Now my programming skill isn’t amazing but I can fumble through lol
I was thinking of coding it in python as it’s one of the easier languages to pick up and is easily multi platform.
Although my current idea would be to make a really simple scripting language for the “jobs”
I was roughly thing something like
NAME HID to xEM/NExT
DESCRIPTION Blah, blah, blah
VARIABLE source
PAGE Reading Tag...
INSTRUCTIONS Present original HID tag to the Proxmark3
BUTTON Cancel TO EXIT
TRY READ hid INTO source
IF FAILS GOTO Read failed.
IF SUCCEDS GOTO Read success.
PAGE Read Success.
INSTRUCTIONS HID tag successful read. Tag ID is ${source.id}. Click the next button to continue.
BUTTON Cancel TO EXIT
BUTTON Back TO GOTO Reading Tag...
BUTTON Next TO GOTO Position implant page.
...
Although maybe that would be over complicating things.
Yeah, I have seen that page, unfortunately the link in it to the application in the screen shot and it’s documentation seems to be dead. They also mention this which is an alternative.
But regardless, looking at the screenshots neither seems more user friendly than the CLI, at least with the CLI a beginner can copy paste commands from the forum. It definitely seems like improves discoverability of commands but without background knowledge of RFID tech good luck deciphering this:
The main goal of this project would be to abstract the complexity of the professional/academic tool that is the Proxmark3 and make it more accessible for newcomers.
I also feel like the goals of this community would be different from the general proxmark community as most people who use the proxmark are either pen testers or other people with significantly above average technical skills (at least in my experience). However in this community we seem to semi regularly get users who simply want to clone a work badge or gym fob to there new implant and we have to either point them at the problematic blue cloners or the proxmark and it’s unfriendly interface.
Been meaning to learn python for years just never got around to it. The only reason I use c# is thats what the programmers in work use so I can get help when not if I need it.
Maybe with these additional 3 weeks I could look at python hmmmm.
Please do this. Haha. I’m no stranger to the command line, and so far can get the proxmark to do things ok with a pile of reading, but maaaaaaaaaaan the learning curve is steep as hell and every time I think “oh I bet I could do X if I looked it up”, I look down at the thing and think “eh maybe later, too much work”
Anything to even out the learning curve even a tiny bit would be amazing for a ton of people I’m sure.
Proxmark’s power comes from its… shall we say, non intuitive interface. People use it because it can do anything by chaining together commands, so you can perform tasks that you’d never get all the buttons for in any GUI. A command line will always be more ‘feature complete’
That said, you’re 100% right! I think because the hardcore community around proxmark depend on that power, its hard for them to justify the time for a simple task-based UI.
Would be great to have simple ‘payload’ files that you can select in a GUI that prompt with step by step instructions. It kind of feels quite Hak5 elegant.
+1 - if this runs on devices with the Iceman/RRG firmware that would be a massive bonus. Maybe even a download/flash tool to install the right version to make setup easy for newcomers?
One of the traps for new players is having a different version of firmware on the Proxmark to the version of software on the PC side.
Official and Iceman won’t work together so most people realise that right away. But one of the other things you can have happen is an old firmware flashed on the PM and new software on the PC. In this case, commands can have unexpected results and can give you weird headaches that take a while to solve.
Basically, for expected behaviour to be a sure thing - firmware, command line software, and GUI all have to be compatible versions.
VERY true… but like… you could get fairly simple GUI for a ton of common, simple(ish) things to get folks used to just using the damn thing, and as things get more complex they have to go to the command line more and more… but that entry point using a GUI would help a FUCKTON of folks.
Well the “task” scripts would depend on a specific firmware, most likely the latest iceman revision.
Yeah that and automatically tuning the antennas etc would be a great feature. Having a simple GUI that you can’t use because you have to build the firmware would not be too useful.
A decent walkthrough of at least some of the basics would go a long way, with or without a gui… all the docs i’ve found so far have been… let’s say… not the most helpful hahaha
Manuals are great, but still having to deal with flashing firmware and working through manuals for a tool designed for professionals is why people still post here daily about the blue cloner - its a lower barrier to entry
without batteries )
