iceman1001
commented
9 years ago You might want to move your antenna off the reader before running the "hf mf sim" command. And then put the antenna on to the read, with some distance
Closed p-l- closed 6 years ago
iceman1001
commented
9 years ago You might want to move your antenna off the reader before running the "hf mf sim" command. And then put the antenna on to the read, with some distance
p-l-
commented
9 years ago Yeah I have tried this several times... I'll try again. Is it normal during hf mf sim that nod LED is on?
iceman1001
commented
9 years ago if I remember it, my leds are off until it detects some field changes.
p-l-
commented
9 years ago If that may help, here is the trace I get with hf 14a sim (working):
0 | 1056 | Rdr | 26 | | REQA
2228 | 4596 | Tag | 04 00 | |
11426 | 13890 | Rdr | 93 20 | | ANTICOLL
15062 | 20886 | Tag | 00 00 00 00 00 | |
27684 | 38212 | Rdr | 93 70 00 00 00 00 00 9c d9 | | SELECT_UID
39384 | 42904 | Tag | 08 b6 dd | | And here is what I get with hf mf sim i (same reader)
0 | 1056 | Rdr | 26 | | REQA
2484 | 4852 | Tag | 04 00 | |
38402346 | 38403338 | Rdr | 69 | | ?
89468522 | 89469514 | Rdr | 69 | | ?
96696868 | 96697924 | Rdr | 26 | | REQA
96699480 | 96701848 | Tag | 04 00 | |
104557534 | 104558590 | Rdr | 26 | | REQA
104560018 | 104562386 | Tag | 04 00 | |
157243806 | 157244862 | Rdr | 26 | | REQA
157246226 | 157248594 | Tag | 04 00 | | It seems to me that the reader does not get the 04 00 response to its 26 request with hf mf sim, while it does get it with hf 14a sim. What do you think?
iceman1001
commented
9 years ago It could be a antenna position issue..
p-l-
commented
9 years ago Then why would hf 14a sim work perfectly in the same conditions? Do both command use different signal levels?
iceman1001
commented
9 years ago they use different kind of field-detection.. edge.. but whatever, if you tested it with different pos and its not work, then it doesnt work for you. how is your "hw tune" output?
p-l-
commented
9 years ago # HF antenna: 12,16 V @ 13.56 MHz I tried some "hf mf sim" yesterday, and I don't have an issue with it. eload, sim, take the antenna over the reader, and it flashes lights when the reader tries to read, and press button, then "hf list 14a" to download trace. All works well.
p-l-
commented
9 years ago OK. Does 12,16 V seems like a reasonable value to you?
iceman1001
commented
9 years ago is that with tag on antenna or off ;)
Yes, its not the best but good. Its when you only have 6-8v where the problems arises
p-l-
commented
9 years ago Without tag on the antenna, I forgot to mention.
iceman1001
commented
9 years ago And you tested different distance between antenna and reader. And you have the latest source, and flashed arm.. hm, what type of reader do you have?
And do you have two pm3? where one could sim, and the other be a reader or sniff.
p-l-
commented
9 years ago Unfortunately I only own one PM3. I'll try to find someone else to test.
BTW, can you tell me with which exact firmware & client versions you have run your test? I'd like to try with the same versions.
iceman1001
commented
9 years ago I run my fork (which has some mods merged in)
If you can't get it to work, try @marshmellow42 fork instead, its more aligned with PM3 master and runs the same base for firmware.
p-l-
commented
9 years ago OK I've just tried with your fork, same result. I'll try to find other readers.
I suppose there is no (easy) way to use the field detection from hf 14a sim in hf mf sim?
iceman1001
commented
9 years ago This trace is from my setup, (fork and antenna 16.91v) right now. It works fine
pm3 --> hf li 14a Recorded Activity (TraceLen = 3936 bytes)
Start = Start of Start Bit, End = End of last modulation. Src = Source of Transfer iso14443a - All times are in carrier periods (1/13.56Mhz) iClass - Timings are not as accurate
Start | End | Src | Data (! denotes parity error) | CRC | Annotation |------------|------------|-----|-----------------------------------------------------------------|-----|--------------------|
0 | 1056 | Rdr |26 | | REQA
2420 | 4788 | Tag |44 00 | |
57086 | 59550 | Rdr |93 20 | | ANTICOLL
61170 | 66994 | Tag |88 04 e9 36 53 | |
131492 | 141956 | Rdr |93 70 88 04 e9 36 53 d6 6c | ok | SELECT_UID
143640 | 147160 | Tag |04 da 17 | |
196542 | 199006 | Rdr |95 20 | | ANTICOLL-2
200690 | 206578 | Tag |62 8f 33 80 5e | |
270910 | 281438 | Rdr |95 70 62 8f 33 80 5e 00 f7 | ok | ANTICOLL-2
282994 | 286514 | Tag |08 b6 dd | |
334432 | 339200 | Rdr |50 00 57 cd | ok | HALT
549952 | 551008 | Rdr |26 | | REQA
771456 | 771808 | Rdr |02 | | ?The antenna is about 1cm from reader.
iceman1001
commented
9 years ago however, lets check something. can u email me, iceman at iuse dot se
Gator96100
commented
8 years ago I'm having the same problem, did you manage to fix it?
iceman1001
commented
8 years ago I got what I wanted out from the "hf 14a sim" so I never bothered to dig more into the "hf mf sim" and why it doesn't work so well.
iceman1001
commented
8 years ago When I found the bug for "hf mf mifare", it seems to have fixed this one aswell..
pm3 --> hf mf sim i uid:N/A, numreads:0, flags:1 (0x01) Press pm3-button or send another cmd to abort simulation
pm3 --> hf list 14a Recorded Activity (TraceLen = 133 bytes)
Start = Start of Start Bit, End = End of last modulation. Src = Source of Transfer iso14443a - All times are in carrier periods (1/13.56Mhz) iClass - Timings are not as accurate
Start | End | Src | Data (! denotes parity error) | CRC | Annotation |------------|------------|-----|-----------------------------------------------------------------|-----|--------------------|
0 | 992 | Rdr |52 | | WUPA
2676 | 5044 | Tag |04 00 | |
7040 | 9504 | Rdr |93 20 | | ANTICOLL
11252 | 17076 | Tag |00 00 00 00 00 | |
19584 | 30112 | Rdr |93 70 00 00 00 00 00 9c d9 | ok | SELECT_UID
31604 | 35124 | Tag |08 b6 dd | |
1479870 | 1484638 | Rdr |e0 80 31 73 | ok | RATS
1486194 | 1486834 | Tag |04 | |
2766296 | 2767288 | Rdr |40 | | MAGIC WUPC1
2904280 | 2905592 | Rdr |43 | | MAGIC WUPC2
3042648 | 3047416 | Rdr |50 00 57 cd | ok | HALTpm3 -->
marshmellow42
commented
8 years ago What exactly was the bug and fix in the code?
iceman1001
commented
8 years ago Good question. Lately there has been a bunch of users both sides not wanting to share and complaining about hardnested etc that I feel reluctant to share anymore of my findings
Gator96100
commented
8 years ago Please @iceman1001 share your findings, I need to have a working mifare emulation in order to finish my school project. Be not as selfish as other users and share your findings in order to enable a better proxmark3 experience for everybody.
iceman1001
commented
8 years ago The "hf 14a sim" works, so your school project is save. And a question, what have you brought to the proxmark project? I fail to notice your username in the contributors list.
Gator96100
commented
8 years ago The "hf 14a sim" command unfortunately isn't as powerful and would require modifications in order to work for my school project. The reason I haven't had a chance to contribute to this project is that I got my proxmark 3 weeks ago.
holiman
commented
8 years ago Everyone doesn't have to contribute, that's all right. I'm using 100s of softwares I'm not contributing to. I don't understand this whole discussion.
iceman1001
commented
8 years ago Thank you for your understanding.
merlokk
commented
6 years ago 
pwpiwi
commented
6 years ago Yes. Same issue is taken up in #412 again.
Closing this one as duplicate because #412 is based on much more recent software.
Not sure where the problem is.
When I run
hf mf sim, nothing seems to happen (I have tried several readers), buthf 14a simworks with all my readers.Any ideas about what could happen here? Thanks!