So I just installed my NExT and I’m trying to use it at work. The company I work for has 2 different HID card systems, both of them use HID seperate HID 0009p cards.
At the one site I was able to clone my card to the next NExT using a Chinese Blue cloner. (I knew about the password, but didn’t know it could brick it until I did more research. So I’m not planning on using it any more.)
So I programmed my other card into my NExT but I’m not getting a read from the reader.
I used the Diagonstic card on the reader(HID pivClass RK40 I think) and It is receiving a HF 13.57MHZ signal, but not 125KHz signal. I tried to find the LF antenna with the round tester and I don’t receive any signal at all.
From my understanding, the HID 0009p is only a low frequency 125KHz card. So it shouldn’t be able to communicate with the 13.57MHz. Could it be dropping to 125KHz when it detects a card is near?
I’m waiting for my Proxmark3 easy to arrive it is currently on back order.
Has anyone seen had experienced this issue before? Is there is something that the proxmark3 would be able to copy that the Blue cloner isn’t like a Password?
I’m pretty sure multi-frequency readers can be configured by the controller to be one or both frequencies… maybe they just turned off LF functionality.
Supports reading non FIPS-201 credentials such as iCLASS, iCLASS SE, Seos and standard Prox
This suggests to me that it is Multiclass, and it could explain what is going on. see my note at the bottom.
Can you try and scan you access card with TagInfo and post the results here ( If any, If only LF you wont get a read )
But if you do get a read
The PM3 will allow us to get a bitmore info about the card and potentially find out what is going on…plus remove the blue cloner password
Sorry I am all over the place with my reply.
Whilst we wait for your PM3 to arrive
When you reply can you put your replies in a logical order, something like
Site A Reader:
Photo:
Make:
Model: Diagnostic Card results: Site A Card:
Photo / Description: TagInfo results:
Site B Reader:
Photo:
Make:
Model: Diagnostic Card results: Site B Card:
Photo / Description: TagInfo results:
This site is tricky, It is my main site, but the card system is ran by the county. To make matters worse they have a wierd sense of security. (Will walk into our server rooms because it’s their building, wont allow us to have our own camera in there because 2 seperate camera systems can’t run in the the same room… Our departments have clashed)
So I don’t think they will program It but who know I can always ask.
Site B
Reader
It’s a bad photo but I can get a better one tomorrow.
I believe that it is a pivClass RK40
When I use the RFID Diagonstic card only the 13.56MHz shows up.
Okay.
Here are my thoughts.
Because both cards didn’t read on TagInfo, and they both allow you access, they must be LF only.
Because both cards are labelled HID I am going to assume they are HID Prox.
Which your bluecloner can read/write from/to.
It is strange however that your LF LED on the Diagnostic card is not illuminating
and also that you could only successfully write the site B card.
Because you have better access to the Site A system, I would suggest:
Waiting for your Proxmark then:
Remove the password
Write the Site B to your NExT ( actually to a test card/fob first )
then enroll that same info to your Site A profile on that system.
This in theory will give you access to both sites with one card / Implant
In fact, in the interim I would grab a test card T5577
With your , copy and write the Site B info to your card.
Test that at Site B
If that works, try to enroll that card at site A.
If that works, the only thing left to do write the site B info to your NExT, then test the coupling of your NExT on the readers.
I know you didn’t manage to write Site B to your NExT previously, but that can sometimes be fickle.
If you can’t write to the T5577 card, then we may need to wait for the Proxmark3 to do some more diagnostics.
Thank you! I will wait until the Proxmark3 arrives.
In the mean time I’ll at least be able to get into site A with my implant. I will play around with NFC commands.
I’m not quite sure what I want to do with it. Currently it plays Mr.Roboto by Styx.
I will update this post when I reciept the PM3 and try it
When will I get it??? JK . I love you’re company! Literally, the best Costomer service I have ever seen.
I ordered the bundle and you offered to send the implant out early! I thought I was going to have to wait a couple more weeks to become a cyborg!
The HID 0009p does certainly appear to be a low frequency card. Could you try presenting both the diagnostic card and your credential simultaneously to the reader? That should show if the low frequency does turn on as well.
Based on that, your implant and card are the same, and they are low frequency.
I would suggest holding your diagnostic card and pass to the reader at the same time and see if the LF lights up then. Nevermind I see that You tried that already. That reader must be doing something strange.
Update,
I was able to successfully clone the t5577 card that came with the PM3 and used it to open the doors at Site B.
Unfortunately, even after removing the password the the Blue cloner set up on my implant and reprogramming it with the Proxmark3 my implant still doesn’t work.
I think that the low frequency side of the reader may be to weak to communicate with the implant.
This might just give me an excuse to purchase the FlexMT!
password
to do some more diagnostics.
but no read on the 
. I love you’re company! Literally, the best Costomer service I have ever seen.
