Difference between revisions of "Proxmark3"
From Fixme.ch
(→Flash the Proxmark using a BusPirate) |
(→Information) |
||
(6 intermediate revisions by the same user not shown) | |||
Line 3: | Line 3: | ||
* http://www.proxmark.org/proxmark | * http://www.proxmark.org/proxmark | ||
* http://code.google.com/p/proxmark3/wiki/Compiling | * http://code.google.com/p/proxmark3/wiki/Compiling | ||
+ | * DIY hf antenna | ||
+ | ** https://code.google.com/p/proxmark3/wiki/Antennas | ||
+ | ** http://www.proxmark.org/files/Documents/Antennas/How%20to%20design%20a%2013.56%20MHz%20customized%20tag%20antenna.pdf | ||
+ | * https://www.brmlab.cz/project/freakcard | ||
+ | |||
+ | == Proxmark 3 client == | ||
+ | * Build the client/bootloader: | ||
+ | sudo apt-get install build-essential libreadline5 libreadline-dev libusb-0.1-4 libusb-dev libqt4-dev perl pkg-config | ||
+ | |||
+ | cd /tmp | ||
+ | wget http://sourceforge.net/p/devkitpro/perlupdaters/ci/master/tree/devkitARMupdate.pl?format=raw -o devkit.pl | ||
+ | chmod devkit.pl | ||
+ | ./devkit.pl | ||
+ | export DEVKITPRO=~/devkitPro | ||
+ | export DEVKITARM=${DEVKITPRO}/devkitARM | ||
+ | export PATH=$DEVKITARM/bin/:${PATH} | ||
+ | |||
+ | svn co http://proxmark3.googlecode.com/svn/trunk proxmark3-read-only | ||
+ | cd proxmark3-read-only | ||
+ | make | ||
+ | * Plug the Proxmark | ||
+ | ./client/proxmark3 | ||
+ | * Use it as Mifare emulator, https://code.google.com/p/proxmark3/wiki/Mifare | ||
== Flash the Proxmark using a BusPirate == | == Flash the Proxmark using a BusPirate == | ||
Line 10: | Line 33: | ||
./configure --enable-buspirate --enable-maintainer-mode --disable-werror --disable-shared | ./configure --enable-buspirate --enable-maintainer-mode --disable-werror --disable-shared | ||
make && sudo make install | make && sudo make install | ||
− | * Build the proxmark roms (bootrom and fullimage), see | + | * Build the proxmark roms (bootrom and fullimage), see above |
* Wire the BusPirate to the Proxmark3 | * Wire the BusPirate to the Proxmark3 | ||
+ | ** Pin 20 is GND and the the closest to the center of the board | ||
** Connect GND, TDO, TMS, TDI, TCK using these pinouts, respectively p3 and buspirate | ** Connect GND, TDO, TMS, TDI, TCK using these pinouts, respectively p3 and buspirate | ||
[[Image:Ulink_arm20pin_proxmark.gif|x200px]] | [[Image:Ulink_arm20pin_proxmark.gif|x200px]] | ||
Line 18: | Line 42: | ||
wget https://raw.githubusercontent.com/hewittc/proxmark3lcd/master/tools/at91sam7s512-buspirate.cfg | wget https://raw.githubusercontent.com/hewittc/proxmark3lcd/master/tools/at91sam7s512-buspirate.cfg | ||
openocd -f at91sam7s512-buspirate.cfg | openocd -f at91sam7s512-buspirate.cfg | ||
− | * Connect and flash | + | * Connect the p3 by USB |
+ | * Connect to openocd and flash | ||
nc localhost 4444 | nc localhost 4444 | ||
> halt | > halt | ||
> flash erase_sector 0 0 15 | > flash erase_sector 0 0 15 | ||
> flash erase_sector 1 0 15 | > flash erase_sector 1 0 15 | ||
− | > flash write_image | + | > flash write_image /full/path/to/armsrc/obj/fullimage.elf |
− | > flash write_image | + | > flash write_image /full/path/to/bootrom/obj/bootrom.elf |
+ | * Wait and enjoy the P3 | ||
* References | * References | ||
** http://umeahackerspace.se/2013/03/21/bus-pirate-saves-the-day-proxmark3-jtag-flashing/ | ** http://umeahackerspace.se/2013/03/21/bus-pirate-saves-the-day-proxmark3-jtag-flashing/ | ||
** http://michaldemin.wordpress.com/2010/02/27/how-to-buspirate-and-openocd/ | ** http://michaldemin.wordpress.com/2010/02/27/how-to-buspirate-and-openocd/ | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== See Also == | == See Also == | ||
* [[Bus_pirate]] | * [[Bus_pirate]] |
Latest revision as of 17:15, 29 April 2014
Information
- http://www.proxmark.org/proxmark
- http://code.google.com/p/proxmark3/wiki/Compiling
- DIY hf antenna
- https://www.brmlab.cz/project/freakcard
Proxmark 3 client
- Build the client/bootloader:
sudo apt-get install build-essential libreadline5 libreadline-dev libusb-0.1-4 libusb-dev libqt4-dev perl pkg-config
cd /tmp wget http://sourceforge.net/p/devkitpro/perlupdaters/ci/master/tree/devkitARMupdate.pl?format=raw -o devkit.pl chmod devkit.pl ./devkit.pl export DEVKITPRO=~/devkitPro export DEVKITARM=${DEVKITPRO}/devkitARM export PATH=$DEVKITARM/bin/:${PATH}
svn co http://proxmark3.googlecode.com/svn/trunk proxmark3-read-only cd proxmark3-read-only make
- Plug the Proxmark
./client/proxmark3
- Use it as Mifare emulator, https://code.google.com/p/proxmark3/wiki/Mifare
Flash the Proxmark using a BusPirate
- Get OpenOCD and compile it for the BusPirate
git clone git://openocd.git.sourceforge.net/gitroot/openocd/openocd cd openocd ./configure --enable-buspirate --enable-maintainer-mode --disable-werror --disable-shared make && sudo make install
- Build the proxmark roms (bootrom and fullimage), see above
- Wire the BusPirate to the Proxmark3
- Pin 20 is GND and the the closest to the center of the board
- Connect GND, TDO, TMS, TDI, TCK using these pinouts, respectively p3 and buspirate
- Connect to the bus pirate
wget https://raw.githubusercontent.com/hewittc/proxmark3lcd/master/tools/at91sam7s512-buspirate.cfg openocd -f at91sam7s512-buspirate.cfg
- Connect the p3 by USB
- Connect to openocd and flash
nc localhost 4444 > halt > flash erase_sector 0 0 15 > flash erase_sector 1 0 15 > flash write_image /full/path/to/armsrc/obj/fullimage.elf > flash write_image /full/path/to/bootrom/obj/bootrom.elf
- Wait and enjoy the P3
- References