Ok, there are a couple of approaches we can try.
I THINK the easiest is to start from scratch.
To do that, we will remove the password and reset your NExT to blank…so T5577 with nothing on it.
BUT
First, lets get you familiar with the PM3 (dont worry, it seems daunting, but its truly just a step by step)
@Aoxhwjfoavdlhsvfpzha made an AWESOME tool for this, Basically a Proxmark emulator, It will teach you the commands. Its a web page, so you can practice without a PM3, But learn how to step through what you are try to do when you actually have a PM3 infront of you.
Stay with me, its truly easier than it sounds
Go here
https://siliconbased.us/pm3/ref/
Tap on lf
, because that’s what we are dealing with
Scroll to t5577, because thats the chip we are dealing with
Scroll to the bottom to wipe, because thats what we are trying to do
Again, scroll to the bottom, to see the wipe with the password command
This is where you should have ended up
https://siliconbased.us/pm3/ref/lf-t55xx-wipe.php
THATS IT, Thats the command you will use.
To learn the commands you might be dealing with you can play with the emulator before you get your hands on the PM3, just dig around, you cant break it.
Proxmark Day
Let’s remove the password
Place the Proxmark LF Antenna perpendicular to your NExT
First do an lf search or similar a few times to make sure you are well coupled between NExT and PM3
without moving your NExT and PM3 send
‘lf t5 wipe --p 51243648’
(have this ready to go so you don’t have to type or ask the PM3 owner to help)
This is what we learnt from above but using the known password instead of the example
‘lf t5 wipe --p 51243648’
this SHOULD revert back to blank T5577
if you have issues, check the coupling and maybe try with test mode -t at the end
lf t5 wipe --p 51243648 -t
from there just write whatever you want to it, we want to know what to write
So, you need to lf search
on your fob.
This will tell us what you will end up writing
Lets guess it results in em
If it is, your next command will be something like
lf em 41 reader
(this will attempt to read and extract tag data)
Then you will take the result and attemt to write to your NExT
Coupling is super important, you might want to do a couple of
‘lf t5 detect’
to ensure you have good coupling
THEN
you write the info from your results
eg.
lf em 41 clone --id 1122334455
There is an extra step in there you dont need but we’ll just do it anyway, there are a couple of curve balls that may pop up, there might be a different result, BUT with the emulator you should have learned how the commands work, how you can step by step command it, you SHOULD be able to interpret the data enough to know what to do with it.
The Proxmark (and emulator) steps you through, it give you options ans it gives you examples.
Use those examples, substitute the example data with YOUR data and all going well, it should work.
It’s tricky to help without having hands on, typing this all out on my phone, trying to make it easy, but also providing you with enough info to do it yourself.
I hope this all makes sense
give that all try and let us know how it goes