Closed Sanduuz closed 4 months ago
Hard to replicate, since its dependent on your passport.
So its down to you to find the bug and fix it.
I tried this on another computer and was not able to reproduce it on that. I reflashed the proxmark multiple times and now I can't even reproduce the error on my original computer (yes, I reflashed on both computers). So I guess it might've been something else than a bug in this project afterall, hence I'm closing this issue.
Thanks for the quick responses and sorry for the hassle :)
Describe the bug A stack overflow is detected while trying to dump epassport with
hf emrtd dump
.To Reproduce Steps to reproduce the behavior.
./pm3-flash-all
[+] Loading ELF file /home/sanduuz/proxmark3/client/../armsrc/obj/fullimage.elf [+] ELF file version Iceman/master/v4.16717-404-gae4e97999-suspect 2023-09-03 12:32:50 455cbe400
[+] Waiting for Proxmark3 to appear on /dev/ttyACM0 🕑 59 found [+] Entering bootloader... [+] (Press and release the button only to abort) [+] Waiting for Proxmark3 to appear on /dev/ttyACM0 🕓 59 found [=] Available memory on this board: 512K bytes
[=] Permitted flash range: 0x00100000-0x00180000 [+] Loading usable ELF segments: [+] 0: V 0x00100000 P 0x00100000 (0x00000200->0x00000200) [R X] @0x94 [+] 1: V 0x00200000 P 0x00100200 (0x00001260->0x00001260) [R X] @0x298
[+] Loading usable ELF segments: [+] 1: V 0x00102000 P 0x00102000 (0x00051ecc->0x00051ecc) [R X] @0xb8 [+] 2: V 0x00200000 P 0x00153ecc (0x00001b9b->0x00001b9b) [R X] @0x51f88 [=] Note: Extending previous segment from 0x51ecc to 0x53a67 bytes
[+] Flashing... [+] Writing segments for file: /home/sanduuz/proxmark3/client/../bootrom/obj/bootrom.elf [+] 0x00100000..0x001001ff [0x200 / 1 blocks] . ok [+] 0x00100200..0x0010145f [0x1260 / 10 blocks] .......... ok
[+] Writing segments for file: /home/sanduuz/proxmark3/client/../armsrc/obj/fullimage.elf [+] 0x00102000..0x00155a66 [0x53a67 / 670 blocks] ................................................................... @@@ @@@@@@@ @@@@@@@@ @@@@@@@@@@ @@@@@@ @@@ @@@ @@! !@@ @@! @@! @@! @@! @@! @@@ @@!@!@@@ !!@ !@! @!!!:! @!! !!@ @!@ @!@!@!@! @!@@!!@! !!: :!! !!: !!: !!: !!: !!! !!: !!! : :: :: : : :: ::: : : : : : :: : . .. .. . . .. ... . . . . . .. . ................................................................... ................................................................... ................................................................... ............................. ok
[+] All done
[=] Have a nice day!
[=] Session log /home/sanduuz/.proxmark3/logs/log_20240214120403.txt [+] loaded from JSON file
/home/sanduuz/.proxmark3/preferences.json
[=] Using UART port /dev/ttyACM0 [=] Communicating with PM3 over USB-CDC8888888b. 888b d888 .d8888b.
888 Y88b 8888b d8888 d88P Y88b
888 888 88888b.d88888 .d88P
888 d88P 888Y88888P888 8888"
8888888P" 888 Y888P 888 "Y8b.
888 888 Y8P 888 888 888
888 888 " 888 Y88b d88P 888 888 888 "Y8888P" [ ☕ ]
[ Proxmark3 RFID instrument ]
[=] .. [=] Read EF_CardAccess , len 42 [+] saved 42 bytes to binary file /home/sanduuz/[REDACTED]/EF_CardAccess.BIN [=] Authentication is enforced. Will attempt external authentication. [=] External authentication with BAC successful. [=] .. [=] Read EF_COM, len: 25 [+] saved 25 bytes to binary file /home/sanduuz/[REDACTED]/EF_COM.BIN [=] .. [=] Read EF_DG1 , len 93 [+] saved 93 bytes to binary file /home/sanduuz/[REDACTED]/EF_DG1.BIN [=] ................................. [=] ................................. [=] ................................. [=] ................................. [=] ................................. [=] .......... [=] Read EF_DG2 , len 19926 [+] saved 19926 bytes to binary file /home/sanduuz/[REDACTED]/EF_DG2.BIN [+] saved 19842 bytes to binary file /home/sanduuz/[REDACTED]/EF_DG2.jpg [=] ......... [=] Read EF_DG14 , len 891 [+] saved 891 bytes to binary file /home/sanduuz/[REDACTED]/EF_DG14.BIN [=] .... [=] Read EF_DG15 , len 298 [+] saved 298 bytes to binary file /home/sanduuz/[REDACTED]/EF_DG15.BIN [=] .................[#] Stack overflow detected! Please increase stack size, currently 8480 bytes [#] Unplug your device now. [=] You can cancel this operation by pressing the pm3 button [!!] 🚨 APDU: reply timeout
[!!] 🚨 Failed to read 011D
[=] .................[#] Stack overflow detected! Please increase stack size, currently 8480 bytes [#] Unplug your device now. [=] You can cancel this operation by pressing the pm3 button [!!] 🚨 APDU: reply timeout
[!!] 🚨 Failed to read 011D
[=] Read EF_DG15 , len 298 [+] saved 298 bytes to binary file /home/sanduuz/[REDACTED]/EF_DG15.BIN [=] ....................... [=] Read EF_SOD , len 2542 [+] saved 2542 bytes to binary file /home/sanduuz/[REDACTED]/EF_SOD.BIN [+] saved 2538 bytes to binary file /home/sanduuz/[REDACTED]/EF_SOD.p7b
[usb] pm3 --> hw version
[ Proxmark3 RFID instrument ]
[ Client ] Iceman/master/v4.16717-404-gae4e97999-suspect 2023-09-03 12:32:47 455cbe400 compiled with............. GCC 12.2.0 platform.................. Linux / x86_64 Readline support.......... present QT GUI support............ present native BT support......... present Python script support..... present Lua SWIG support.......... present Python SWIG support....... present
[ Proxmark3 ] device.................... RDV4 firmware.................. RDV4 external flash............ present smartcard reader.......... present FPC USART for BT add-on... absent
[ ARM ] bootrom: Iceman/master/v4.16717-404-gae4e97999-suspect 2023-09-03 12:32:46 455cbe400 os: Iceman/master/v4.16717-404-gae4e97999-suspect 2023-09-03 12:32:50 455cbe400 compiled with GCC 12.2.1 20221205
[ FPGA ] fpga_pm3_lf.ncd image 2s30vq100 2023-08-29 16:44:07 fpga_pm3_hf.ncd image 2s30vq100 2023-08-29 16:44:19 fpga_pm3_felica.ncd image 2s30vq100 2023-08-29 16:44:43 fpga_pm3_hf_15.ncd image 2s30vq100 2023-08-29 16:44:31
[ Hardware ] --= uC: AT91SAM7S512 Rev A --= Embedded Processor: ARM7TDMI --= Internal SRAM size: 64K bytes --= Architecture identifier: AT91SAM7Sxx Series --= Embedded flash memory 512K bytes ( 67% used )
[usb] pm3 --> hw status [#] Memory [#] BigBuf_size............. 40488 [#] Available memory........ 40488 [#] Tracing [#] tracing ................ 1 [#] traceLen ............... 0 [#] Current FPGA image [#] mode.................... fpga_pm3_hf.ncd image 2s30vq100 2023-08-29 16:44:19 [#] Flash memory [#] Baudrate................ 24 MHz [#] Init.................... OK [#] Memory size............. 2 mbits / 256 kb [#] Unique ID (be).......... 0x238A0C97307C69D5 [#] Smart card module (ISO 7816) [#] version................. v3.10 [#] Outdated firmware. Please upgrade to v4.x or above. [#] LF Sampling config [#] [q] divisor............. 95 ( 125.00 kHz ) [#] [b] bits per sample..... 8 [#] [d] decimation.......... 1 [#] [a] averaging........... yes [#] [t] trigger threshold... 0 [#] [s] samples to skip..... 0 [#] [#] LF T55XX config [#] [r] [a] [b] [c] [d] [e] [f] [g] [#] mode |start|write|write|write| read|write|write [#] | gap | gap | 0 | 1 | gap | 2 | 3 [#] ---------------------------+-----+-----+-----+-----+-----+-----+------ [#] fixed bit length (default) | 29 | 17 | 15 | 47 | 15 | N/A | N/A | [#] long leading reference |N/A | N/A | N/A | N/A | N/A | N/A | N/A | [#] leading zero |N/A | N/A | N/A | N/A | N/A | N/A | N/A | [#] 1 of 4 coding reference |N/A | N/A | N/A | N/A | N/A | N/A | N/A | [#] [#] HF 14a config [#] [a] Anticol override.... std ( follow standard ) [#] [b] BCC override........ std ( follow standard ) [#] [2] CL2 override........ std ( follow standard ) [#] [3] CL3 override........ std ( follow standard ) [#] [r] RATS override....... std ( follow standard ) [#] Transfer Speed [#] Sending packets to client... [#] Time elapsed................... 500ms [#] Bytes transferred.............. 63488 [#] Transfer Speed PM3 -> Client... 126976 bytes/s [#] Various [#] Max stack usage......... 4088 / 8480 bytes [#] Debug log level......... 1 ( error ) [#] ToSendMax............... -1 [#] ToSend BUFFERSIZE....... 2308 [#] Slow clock.............. 31480 Hz [#] Installed StandAlone Mode [#] LF HID26 standalone - aka SamyRun (Samy Kamkar) [#] Flash memory dictionary loaded [#]
[+] loaded from JSON file
/home/sanduuz/.proxmark3/preferences.json
[=] Using UART port /dev/ttyACM0 [=] Communicating with PM3 over USB-CDC [ Proxmark3 RFID instrument ]