基於ubuntu的proxmark3編譯使用

官方的指南：
https://github.com/Proxmark/proxmark3/wiki/Ubuntu-Linux

我的系統是 ubuntu 18.04 x64

1）安裝工具，編譯器等
sudo apt install p7zip git build-essential libreadline5 libreadline-dev libusb-0.1-4 libusb-dev libqt4-dev perl pkg-config wget libncurses5-dev gcc-arm-none-eabi libstdc++-arm-none-eabi-newlib libpcsclite-dev pcscd

2）獲取源代碼
git clone https://github.com/proxmark/proxmark3.git
cd proxmark3
git pull

3）安裝linux的usb規則
sudo cp -rf driver/77-mm-usb-device-blacklist.rules /etc/udev/rules.d/77-mm-usb-device-blacklist.rules
sudo udevadm control --reload-rules

4）把用戶加入到 dialout 組，並且註銷重新進入確保成功
sudo adduser $USER dialout

5）編譯
make clean && make all

6）插入 proxmark3 
dmesg | grep -i usb

[95101.025870] usb 3-4: new full-speed USB device number 2 using xhci_hcd
[95101.845904] usb 3-4: device descriptor read/64, error -71
[95112.550785] usb 3-4: New USB device found, idVendor=2d2d, idProduct=504d, bcdDevice= 0.01
[95112.550788] usb 3-4: New USB device strings: Mfr=1, Product=2, SerialNumber=0
[95112.550790] usb 3-4: Product: PM3
[95112.550792] usb 3-4: Manufacturer: proxmark.org
[95112.646926] cdc_acm 3-4:1.0: ttyACM0: USB ACM device

這是新版的 cdc 驅動，也就是模擬串口，對應的設備是 /dev/ttyACM0

7）燒錄鏡像（可選）

最開始使用的 libusb 的 HID 驅動，後來改了 CDC 虛擬串口驅動，但已經有好幾年時間了。
所以這裏不介紹老的HID驅動，可以自己去官方wifi看。
這裏介紹 CDC 驅動

如果中途退出了，別怕，只要bootrom還在，就可以重新燒錄
按着板上的按鍵不放，重新插拔usb，則強制進入升級模式，不要鬆開按鍵，一直按着
執行升級命令，直到升級完成才鬆手。
升級很快，10秒就完成，如果失敗了，可以按照這個步驟重新做。

1，燒錄 bootrom，！！！！！！ 沒有必要，不要隨便燒bootrom，可能變磚 ！！！！！！！！！！
變磚了只能用jtag來重新燒錄了，不過好在有JTAG接口，也不是難事。
首先需要強制進入升級模式，方法是：按着板上的按鍵不放，重新插拔usb，按鍵不要送收，運行命令

$ client/flasher /dev/ttyACM0 -b bootrom/obj/bootrom.elf

Loading ELF file 'bootrom/obj/bootrom.elf'...
Loading usable ELF segments:
0: V 0x00100000 P 0x00100000 (0x00000200->0x00000200) [R X] @0x94
1: V 0x00200000 P 0x00100200 (0x00000cd4->0x00000cd4) [R X] @0x298

Waiting for Proxmark to appear on /dev/ttyACM0 ......
 Found.

Flashing...
Writing segments for file: bootrom/obj/bootrom.elf
 0x00100000..0x001001ff [0x200 / 1 blocks]. OK
 0x00100200..0x00100ed3 [0xcd4 / 7 blocks]....... OK

Resetting hardware...
All done.

Have a nice day!

2，燒錄單片機和FPGA固件

$ client/flasher /dev/ttyACM0 armsrc/obj/fullimage.elf

Loading ELF file 'armsrc/obj/fullimage.elf'...
Loading usable ELF segments:
0: V 0x00102000 P 0x00102000 (0x00030250->0x00030250) [R X] @0x94
1: V 0x00200000 P 0x00132250 (0x00001238->0x00001238) [RW ] @0x302e4
Note: Extending previous segment from 0x30250 to 0x31488 bytes

Waiting for Proxmark to appear on /dev/ttyACM0 ...............
 Found.

Flashing...
Writing segments for file: armsrc/obj/fullimage.elf
 0x00102000..0x00133487 [0x31488 / 395 blocks]........................................................................................................................................................................................................................................................................................................................................................................................................... OK

Resetting hardware...
All done.

Have a nice day!

8）使用
運行客戶端軟件：運行硬件的一些信息

$ client/proxmark3 /dev/ttyACM0

Prox/RFID mark3 RFID instrument          
bootrom: master/v3.1.0-197-gebf1404-suspect 2020-06-29 02:15:00
os: master/v3.1.0-197-gebf1404-suspect 2020-06-29 02:15:01
fpga_lf.bit built for 2s30vq100 on 2019/11/21 at 09:02:37
fpga_hf.bit built for 2s30vq100 on 2020/03/05 at 19:09:39
SmartCard Slot: not available
          
uC: AT91SAM7S256 Rev D          
Embedded Processor: ARM7TDMI          
Nonvolatile Program Memory Size: 256K bytes. Used: 210055 bytes (80%). Free: 52089 bytes (20%).          
Second Nonvolatile Program Memory Size: None          
Internal SRAM Size: 64K bytes          
Architecture Identifier: AT91SAM7Sxx Series          
Nonvolatile Program Memory Type: Embedded Flash Memory    

簡單的使用 ：

運行客戶端，連接上的話顯示版本信息，CPU信息等

$ client/proxmark3 /dev/ttyACM0

Prox/RFID mark3 RFID instrument          
bootrom: master/v3.1.0-197-gebf1404-suspect 2020-06-29 02:15:00
os: master/v3.1.0-197-gebf1404-suspect 2020-06-29 02:15:01
fpga_lf.bit built for 2s30vq100 on 2019/11/21 at 09:02:37
fpga_hf.bit built for 2s30vq100 on 2020/03/05 at 19:09:39
SmartCard Slot: not available
          
uC: AT91SAM7S256 Rev D          
Embedded Processor: ARM7TDMI          
Nonvolatile Program Memory Size: 256K bytes. Used: 210055 bytes (80%). Free: 52089 bytes (20%).          
Second Nonvolatile Program Memory Size: None          
Internal SRAM Size: 64K bytes          
Architecture Identifier: AT91SAM7Sxx Series          
Nonvolatile Program Memory Type: Embedded Flash Memory     
     
proxmark3> 

例如一些命令
1）系統命令，獲取狀態，版本等
proxmark3>hw status
proxmark3>hw version
proxmark3>hw tune
proxmark3>quit

2）讀取iso14443a 卡的信息，這裏是 m1卡
proxmark3> hf 14a info
#db# ISO14443A Timeout set to 1060 (10ms)          
#db# ISO14443A Timeout set to 10 (0ms)          
#db# ISO14443A Timeout set to 1060 (10ms)          
 UID : 6f 91 aa e9          
ATQA : 00 04          
 SAK : 08 [2]          
TYPE : NXP MIFARE CLASSIC 1k | Plus 2k SL1          
proprietary non iso14443-4 card found, RATS not supported          
#db# ISO14443A Timeout set to 1060 (10ms)          
No chinese magic backdoor command detected          
#db# ISO14443A Timeout set to 1060 (10ms)          
#db# ISO14443A Timeout set to 10 (0ms)          
#db# ISO14443A Timeout set to 1060 (10ms)          
Prng detection: WEAK          
proxmark3> 

3）模擬作爲一張M1卡，uid=12345678 ，可以放到讀卡器上面讀取。
proxmark3> hf mf sim u 12345678
mf sim cardsize: 1K, uid: 12 34 56 78, numreads:0, flags:2 (0x02)           
#db# 4B UID: 12345678          
#db# SAK:    08          
#db# ATQA:   00 04          
#db# ISO14443A Timeout set to 1060 (10ms)          
proxmark3>