Any safe alternatives to xEM implant?

Hey,
I heard about the one little problem with the xEM implant, which is the ease of “bricking” them while writing data onto these devices. My question would be, as you could’ve guessed from the title: Are there any safe alternatives to the xEM implant? My use for it would be mainly for travel and work, so for example: If I check into a hotel, I wanna be able to clone my keycard onto my implant…safely of course.
Thanks :slight_smile:

Edit: Thank you all for the fast replies! I now have the necessary information to decide what I want to implant. Thanks :grinning:

1 Like

Edit:
I am tired sorry, the xEM is the LF chip isn’t it. It’s got a t5577 in it which I don’t think is that easy to brick (I’m yet to brick any)

oppsie, was thinking about the xNT

I’m no expert on this but I believe the Dangerous NFC app is designed specifically to protect from malicious and accidental bricking or locking of the xEM.

Alternatively I believe @amal has indicated that the NExT chip comes pre protected and has the advantage of having an LF chip aswell.

2 Likes

For hotels, you’re more likely to have luck with the xM1. At least in the US, and I believe Europe, no one really uses LF for hotel locks. It’s usually some Mifare variant, and often enough the Mifare Classic, which can be emulated.

1 Like

xEM is not very “brickable” infact it is very difficult to do it. What you are probably seeing is talk of the xm1 and flexm1.

From what I have found in almost I repeat almost all cases where a xEM has been “bricked” (not actually bricked) either a password was set using a blue clone or other chinese cloner or the programmer was removed while programming.

Have a search for xEM bricked Like this
Was fixed using a proxmark which is an amazing investment btw.

It’s a matter of the writer’s safety, not the implant. Basically, the cheap cloners will write a password onto the chip, so you can -only- write with that cloner. For RFID cloning, I use a ~$30 Proxmark3 Easy, which is pretty much the best device for cloning any tag.

Also, an xEM won’t do you for everything. Hotels often now use high-frequency tags, particularly ones with encryption in certain places. The NExT has both a high-frequency and low-frequency chip, but it won’t be able to clone most hotel key cards - if they don’t use crypto chips like MIFARE ones, they’ll check the UID, which can’t be changed on any implants except the xM1. If you’re lucky, the hotel will use MIFARE Classic, which can be cracked and cloned to the xM1.

1 Like

Just to clarify that :slight_smile:
The Proxmark3 family of devices are “pretty much the best devices for cloning any tag” but the Proxmark3 easy often referenced on here is a generic clone of an older revision of the Proxmark3.
Currently the Proxmark3 RDV4 is considered the best tool at the moment by most. It is used in the same way as the easy but due to the nature of cheap clones the build quality can be hit and miss. Also the RDV4 has swapable antenna which allows you to use the Proxgrind LF antenna sold by DT which relay helps when interacting with X form factor implants (the glass tubes).

1 Like

Entirely right, yeah, but figured I wouldn’t bring up the RDV4 since its price tag tends to turn people off :stuck_out_tongue:

1 Like

True.

Maybe we should start off with the Proxmark Pro, then tell people about the cheaper RDV4 :rofl::rofl::rofl:

1 Like

The xEM is safe same as the NExT. It’s more an issue with coupling when writing to the implant.

Best bet is the Proxmark 3 RDv4 and ProxLF antenna

2 Likes

In all clarity and honesty, it’s the T5577 chip which is to blame. A shit coupling between it and the writer is what brings the issue out however. In short, the T5577 has no tear protection, and a bad coupling or a writer with bad signal timing can introduce errors into the configuration bytes of the T5577 which render it so badly misconfigured that is fails to communicate properly. A longer explanation can be found here; https://forum.dangerousthings.com/t/quirks-of-the-t5577-cloning-tags-to-the-xem

The good news is, a proxmark3 can usually resolve the issue by sending test mode commands to the T5577 to wipe and reset it… usually.

2 Likes

Interesting, I had no idea about the coupling issues, yikes. I managed to hold myself off buying a cheap cloner and just waited for my PM3, thankfully :stuck_out_tongue:

2 Likes