I am looking to get my first implant and I’m trying to decide what implant to get. I would like to be able to put my school ID on the implant, but I’m not sure that’s even possible. The ID card seems to be HID Seos Px I9Y and when I tried to scan it I got very little to no information off of it.
Is there any x-series implant that I can clone this ID card to? If not is there an implant that offers the same level of security as this card?
Otherwise, does anyone have any recommendations for a first implant? I’m thinking x-series because they are a little more “broken-in” than the flex series, but I’m up for suggestions.
They are currently out of stock of the new FlexClass
BUT
This was 2 days ago, and it would probably be your best bet.
However, the FlexClass doesn’t do an “xClass” version, so if you were only wanting an xSeries. What you could do is grab a Mifare 1k test card, write the UID of you school ID to it, and see if that works.
If you don’t have a ProxMark3 to write to the test card, you could grab a Mifare 1k test card Gen 2, and use your phone to change the NUID.
If that works, you could grab an xM1 and a ProxMark3, the only real unknown from then is the coupling of the xM1 to your readers for a reliable read.
So you have a few options, you just need to decide which path you want to take.
Thank you for your help @Pilgrimsmaster ! I’m going to try using a ProxMark3 to clone my ID and see how it goes. At the very least I’ll learn a little bit more about how RFID works.
So I’ve been playing around with my ProxMark3 and my ID card and this is the extent of the information I can get off the card. From everything I can find there is no way to clone an ID card of this security. Is this true, or is there something I’m missing?
[|] Searching for ISO14443-A tag...
[+] UID: 08 F1 E2 C4
[+] ATQA: 00 01
[+] SAK: 20 [1]
[+] Possible types:
[+] HID SEOS (smartmx / javacard)
[+] NTAG 4xx
[=] -------------------------- ATS --------------------------
[+] ATS: 05 78 77 80 02 [ 3a 00 ]
[=] 05............... TL length is 5 bytes
[=] 78............ T0 TA1 is present, TB1 is present, TC1 is present, FSCI is 8 (FSC = 256)
[=] 77......... TA1 different divisors are supported, DR: [2, 4, 8], DS: [2, 4, 8]
[=] 80...... TB1 SFGI = 0 (SFGT = (not needed) 0/fc), FWI = 8 (FWT = 1048576/fc)
[=] 02... TC1 NAD is NOT supported, CID is supported
[?] Hint: try `hf mfdes info`
[+] Valid ISO 14443-A tag found
This part is telling… if it’s a javacard chip then chances are the access control system is not using the UID at all, but is talking to an application on the card.
You might want to explore sniffing the ISO14443A traffic between legit card and reader to confirm. Put the proxmark HF antenna between the reader and card, then issue the command;
hf 14a sniff
After the reader reads the card successfully, tap the button on the side to end the sniffing process. Then you can use the following command to list out the sniffer buffer;
hf 14a list
This should give you a somewhat accurate (depending on your accurate placement of proxmark3 and card overtop of it) list of all the ISO14443A commands between reader and card.
Thank you for suggesting this. I tried this and got quite a lot of data back, but I don’t really know how to interpret it. From everything I can find it seems this card is impossible to clone/emulate, but one last verification from someone based on this information would be great. Thanks in advance!
