Yeah great plan, Just remember your NExT will need to be in EM mode, ( Which it comes from the factory ) so if you can enrol it, you obviously, haven’t bricked it or written to it as an HID.
You don’t have to do the mod like Myself or Rosco to get a good read/write it just helps.
I would recommenced for now you just wait to see your results from you xAC test.
Try to enrol your NExT to the xAC if it works, just hold off writing until you can mod your cloner
Alternatively, You could also try reading an xAC tag with the blue cloner and write that to your NExT ( 2 beeps on read, 2 beeps on Write )
Either way will confirm you haven’t “bricked” your NExT ( Remember, there is a good chance it is fine, and even if you have, there is a good chance it can be recovered, with a ProxMark )
Quick update. I wired up the good ol xACv2, got it powered using my trusty Arduino (basically didn’t want to cut the 9v to barrel adapter power supply), and wired in the same setup that @amal had in his YT video but with a resistor and LED to signal it was working.
Then I got it setup with the add and clear as Amal did in the video. Went to add my NEXT as an entry, and got a rapidly-blinking (sometimes solid) green light. Tried it with my (HID not EM) ID, same thing. Tried it with the T5577 fobs (at least I think they are T5577) I ordered, same thing. Tried it with my mom’s gym pass, same thing.
So, I concluded that if the ID, gym pass and fobs are not accepted by the xAC, then they are not EM. I also know that they yield the same solid green light as my chip does when I try to add it to the xAC.
Of course I just realized the three beeps on the cloner copying my ID and gym pass confirms it’s HID for sure (duh).
Anyways, am I correct in assuming this means either my chip is definitely bricked, OR it’s successfully converted to the HID UID of my ID? Is there a middle level of f*cked where it’s both HID and bricked?
from this test procedure it’s difficult to know exactly what state the NExT is in at this point, but it was definitely altered from factory EM settings.
no not really… what you are doing is changing the T5577’s analog front end to work like an HID card does, and updating the memory where the ID lives to match your HID card… if the analog front end bits were diddled wrong because of a page tear during the write attempt, the T5577 is going to have a hard time talking. In this case, the proxmark3 is the only thing that can really have a chance of fixing it, because you will probably need to engage some test mode commands and force it to correct the configuration.
Because the blue cloner will not talk to it at all now, this is the most likely state, and you will need to get a proxmark3 involved.
OK guys, quick update. Got my 12V 1A power supply in and hooked up with the Arduino out of the equation, and nothing changed chip-wise… although the xAC seemed happier with more juice.
Sigh, guess I’ll need to learn the Ways of the Proxmark this weekend or next week. Before I make a whole new post about it, do you all think forum members would be responsive to the concept of a zoom call for me to get sort of walked through the process? I’d compensate for time via cashapp or paypal or whatever, just don’t know how well-received the concept would be.
Thanks again for the help on this, it means a lot. Learning the hard way, but I’m learning. Just wished I hadn’t spent the $40 on the blue cloner (but it’s 100% my fault for messing it up in the first place)
When you get the PM3Easy in let us know and we can hop on the Discord. It supports video calls and there’s already a channel in place. We have a few proxmark wizards on there (including Iceman) who would be more than happy to help get you started.
Normally I would say go play around an learn yourself for a bit before you start asking people questions, but the Proxmark can be a really challenging tool. You need to update the firmware and learn some basic commands like hw tune before you can do anything. It might be wise to chat with people before you try anything with your implant.