hey guys,
lets say i have the following tag: (attached photo)
Is there any way to change/overwrite the manufacturer from „ST Microelectronics“ to „EM Microelectronics“ ?
It means a lot,
thanks!
hey guys,
lets say i have the following tag: (attached photo)
Is there any way to change/overwrite the manufacturer from „ST Microelectronics“ to „EM Microelectronics“ ?
It means a lot,
thanks!
Not without changing the UID.
No, you cannot change the manufacturer id. The manufacturer ID is part of the configuration data that is set during manufacturing. The configuration data is the first thing that is transmitted when a tag is read by a reader (often referred to Power On Reset). It includes things like the manufacturer ID, the tag’s serial number, and physical transmission characteristics.
I couldn’t find the spec sheet for Microelectronic’s version, but there is the spec sheet for the NXP ISO 15693. https://www.nxp.com/docs/en/data-sheet/SL113730.pdf
If you look under section 7.2 - Memory organization you can see that the configuration area is not writable or directly accessible.
Added to the repository
Cheers
changing the UID is not a problem.
To be more specific, here is the tag i have:
and this is the tag it needs to be turned in to:
Changing the UID is okay, it does not have to be a clone. I just need EM Microelectronics for manufacturer and somewhat the same UID Byte format.
so you are saying with changing the UID its possible? I read the Github but i could not find the answer
Thanks!
What are you trying to do, if you don’t mind my asking? Why the need to spoof manufacturer?
I need to replicate the chip from EM to help myself out of a pretty bad situation. I lost the original one… So i need another one, UID does not matter but needs to be the same chip and type etc.
so does anyone know if this is possible?
If its necessary to crack/hack the whole tag its fine, i just need to get my hands on one of the EM tags
This statement sort of doesn’t make sense. The UID is the single most important thing about the tag. It is the unique serial number that identifies that specific tag… so if your goal is to create a copy of the one you lost, then this is very likely the actual important thing you need to copy to another tag.
The UID also contains the manufacturer ID (EM vs NXP vs ST Micro, etc.)
Finally, the UID of legitimate transponders is read only and cannot be programmed, hacked, or changed. You will need to find a Chinese grey market knock off chip called a “magic chip” which can emulate (pretend to be) an iso15693 tag and also allow the UID to be changed.
In short, we don’t sell any magic iso15693 chips
thanks for the clarification amal.
So if i were to buy something along the lines of this: UID Changeable ISO15693 iCode SLI NTAG - 28 Blocks 56 Blocks - MTools Tec
and a proxmark 3, i could rewrite the UID and manufacturer to my liking?
Thanks!
Yes
But
Just be aware
You need (According to the suppliers) a ProxMark3-X not a just a ProxMark3
They could just be promoting the new version of the PM3X
The UID can be modified ONLY with an external device (Proxmark3 X and iCopy-X devices).
This one is what they are referring to.
If I had the gear I would test this for you, but I don’t think you will be able to change the Manufacturer.
I dont know why you need to change the manufacturer, but I dont think the reader will “care” who the manufacturer is.
Its an easy test, that’s just going to cost you $100 to prove or disprove it.
thank you for your input. I am a bit confused because half of the people ive asked so far it works and the other half denies it.
Im going to wait for @amal ‘s input here
I’m confused too because the UID of an iso15693 has 8 bytes and the first two bytes are the manufacturer ID and the product ID from that manufacturer. The last 6 bytes are the serial number… so if you can change the UID then, as far as I’m aware, you are changing the manufacturer ID and product ID of the chip along with the serial number.
Yes, thank you. As far as i know that is the case.
Right now im just figuring out with proxmark to get, i would like to get the one from the dngrs shop with the iceman firmware (easy version), but the one website mentioned i need some proxmark 3 x
As far as I can tell there isn’t a meaningful hardware difference between the proxmark3 x and the proxmark3 easy? Iceman and lua scripts should be what’s needed.
i guess with the one from the shop:
right?
I dont know why i would not be able to read/write every ISO 15693 chip with that
Yeah pretty sure… can someone check the lua scripts available for Iceman for iso15693 magic chips? I’m traveling and don’t have access to proxmark3 Iceman client
Good decision
I didn’t know this.
So, yeah, that sounds totally like it will work.
Also
The ProxMark3-X, I think the only reason they have promoted that, is because thats the only Proxmark they sell on the store that sells the ISO15693 changeable UID tag and pushing their stocked product
So I think The DangerousThings PM3 is perfectly viable.