Custom DEZ lines in an EM410x Tag

So ive got a basic handle on working the proxmark 3 to read, write and clone tags, im wondering if its possible to write custom DEZ codes onto a tag

Specifically this one because its the “keyboard” output on my LF USB RFID reader

I know the Tag ID is what is read and then decoded. here-

so what i want to know is if there is a program or code i can use to customize the DEZ lines that are decoded by putting in a custom generated Tag ID or something ( im still a fracking noob)


Yes! You are correct, the DEZ line is just a mathematical equation on the Tag ID, another way of displaying it - security through obscurity!

I’m not sure what that equation is though, and not sure if there’s a ready made tool to convert, but I suspect you’ll find the answer by searching the Proxmark forums - they must know since they put it in there!


Hurray I have a basic understanding of the code! But I’m having a hard time finding anything on github, I’m going to post on there too and hope someone answers.


Line 310 of this file


PrintAndLogEx(NORMAL, "DEZ 10 : %010" PRIu64, id & 0xFFFFFFFF);

For people who are not comfortable with code I thought I’d add an explanation (admittedly I could be wrong I’m a tad sleepy and I haven’t done much C coding recently):

All that really matters is this bit:

"DEZ 10 : %010" PRIu64, id & 0xFFFFFFFF

The "DEZ 10 : %010" PRIu64 is a format string. Simply put this prints DEZ 10: and a 64bit unsigned number an 0 fills it. So 99 becomes DEZ 10: 0000000099 and 999999 becomes 0000999999 eccetera.

PRIu64 is a format specifier, introduced in C99, for printing uint64_t , where uint64_t is an unsigned integer type with width of 64 bits respectively.

%010 means 0 fill to size 10. Dez 8 is similar but is %08 which would 0 fill to 8 characters.

The id & 0xFFFFFFFF takes the UID of the card and performs a bitwise and with 0xFFFFFFFF which is a hexadecimal representation of the maximum 32 bit number.

Basically the code is truncating the UID to the 32 most significant bits and then printing it as a 10 digit number.


Any idea what that line is doing?

I tried converting decimal and hex, and a few combinations of adding/multiplying/xor with the tag ID and FFFFFFFF - didn’t have any luck :slightly_frowning_face:


Updated my reply with what the code should be doing. But it’s just from a quick skim of the code from my mobile :sweat_smile:


So I just got on my laptop. Having a 2nd look now I have a larger screen I am fairly confident in my explanation.

The ID is in hex, I prefer decimal so 2015061150 becomes 137791672656.

137791672656 is larger than 4294967295 (the decimal representation of 0xFFFFFFFF)

So the bitwise will truncate it to 352719184

Then 0 filled to get 0352719184

Feel free to check the logic with:
HEX to DEC calculator
Bitwise Math Calculator

Hope that helps :smiley:


I just got an email from someone on GitHub and it works perfectly

thank you guys so much for the info I tested it it out and it worked perfectly, I finally wrote my implant to output “lucky number”


Glad you got it working, and thanks for posting back with the results! Just an FYI, there is also a Proxmark forum that is searchable in addition to the Github, they quite often have a massive archive of knowledge to search through


Can you write a post explicitly about how IDs can be displayed in hex or decimal or bits and how they are all the same thing? We get a lot of people talking about IDs as “digits” and I’d like a definitive explanation about how data is conveyed… as a bonus maybe also cover how there is a difference between the ascii value for 4 and the decimal bitwise value of 4 and character sets, and as a double bonus go into computer theory in general and just brain dump everything into a single run-on sentence.

But really… something like this needs to me made… and for true bonus points, explaining how HID and other cards with printed decimal numbers on them encode the chip ID as printed numbers on the card… the biggest reason for this is so people who have implants can reverse this process and take their IDs converted to printed numbers to clueless security personnel to type into the system as a new card.

Lots of work I know. You’ll get a Christmas bonus.


May as well put some of the junk I know to good use :sweat_smile:

I’ll write up a primer and put it in the wiki this arvo :smiley:



Any update on the math plugin :sweat_smile: @amal

I have started writing the content but… that plugin will make everything look so much nicer… if it can be some how expedited… :heart_eyes_cat:

Edit I will assume it pops up at some point :stuck_out_tongue: will just look ugly af till then :smiley:


Well there you go :slight_smile:

Hope it is helpful

@amal let me know if you think anything else would be useful in there.


I’m so sorry for the NecroPost … But has anyone been able to get the DEZ 10 output from a kbr1 read to display as custom output?

I’d like for my scan to output as “secure password compliant”… so 8+ char, letters (lower & UPPER) numbers, and special char (!@#$%^&*)… Is this a pipe dream, or is this possible? Doesn’t have to come from my implant even… could be any compatible chip…

1 Like

Does it have to be a KBR1?
I wonder if @Zwack would have an idea from his custom keyboard wedge :man_shrugging:

1 Like

Apart from the EM being an LF chip this is exactly what the improved keyboard wedge does (I really need to get back to version 2)

It scans an HF chip and outputs a password. This can either be stored on the chip, or the wedge. (If neither it outputs the UID of the chip)


I was fully unaware this was a thing… i has all the wants and needs… are you planning on selling a batch, or just open project for all to make diy style?

It is just an open project, several people have modified it already for their own needs (different microcontrollers, different reader…)

Some people have made 3d printed case designs available as well.

I haven’t been working much on (anything really) it recently. But I intend to (re)start on version 2 soon.