Proxmark 3: Using Custom Firmware
July 15, 2017LAB401 ACADEMY: CUSTOM PROXMARK FIRMWARE
INTRODUCTION: WHY?
You may have seen on the Proxmark Forum references to 'Flashing custom firmware', or people discussing the 'iceman branch', or the 'marshmellow branch'.
What are these branches, what is custom firmware, and why may it be relevant to you?
The Proxmark 3 is open source software and hardware - and as such, has many different developers working on it at any one time. As different developers research new badges, technologies and techniques, they create their own versions of the main Proxmark firmware. These separations away from the main firmware are known as 'forks'.
Forks may have interesting features that may not necessarily make it back to the 'master' firmware.
ICEMAN FORK
In the Proxmark 3 community, there are a few custom forks, with one of the most interesting being the iceman fork.
This fork is particulally interesting, as it's one of the most rapidly developed forks. If you're looking for bleeding edge functionality, this is definitely the branch for you. Some features of the iceman fork that are interesting include:
- Mifare Hardnested Attack
- 125 Tag Generation (Viking, etc)
- Optimised functions
HOW: FLASHING YOUR FIRMWARE - WINDOWS 7/10
To change the firmware on your Proxmark 3, you simply need to replace the standard firmware with the new firmware.
For this tutorial, we will be using the Proxmark 3 RDV - sold from Lab401. Our devices already have the latest default firmware - so you can easily change back and forth your firmware.
- Download the latest iceman fork: https://lab401.com/proxmark/drivers/win32/iceman/latest/
Extract the contents of the zip to a directory you will remember, such as: c:proxmark3-iceman
- Plug in your proxmark
- Check your proxmark's port
Hit the windows key, and type 'Device Manager'. Look under the section 'Ports', and you will see your device listed, with its COM Port. In our instance, it's COM3.
- Prepare the flash
- Open a command window: Windows +R, and type in 'cmd'.
- Navigate to where you saved the firmware, ie:
cdproxmark3-icemanwin32
- Update the flashing file to have the correct port:
notepad "FLASH - fullimage.bat"
- Double check the port reference is correct, if not update it.
Save the file, and close notepad.
- Open a command window: Windows +R, and type in 'cmd'.
- Begin the flash
Type in the command to start the flash:
"FLASH - fullimage.bat"
Follow the on-screen instructions.
If all goes well, you will see the device being updated, and will have a success message.
- Testing your new firmware
To test your new firmware, simply connect to the proxmark client:
proxmark3 COMX
Where COMX is the COM port of your Proxmark. For us, it's COM3.
You can then issue any command, such as:
hw tune
hf search
etc
FLASHING BACK
Should you ever need to flash back - it's a simple case of downloading the official firmware: https://lab401.com/proxmark/drivers/win32/latest/ and following the above instructions.