How many 13.56MHz implants needed, and where to put them..?

I’m trying to figure out which implants I need and how to configure them to work as I want… As a girl with little to no experience with tech and no friends that are interested in things like this, it’s a bit overwhelming, so I guess alot of stupied questions will be asked…

The Proxmark, which software do you need? I think I read somewhere that Python where used with it. Sounds difficult for a noob?

There are no stupid questions.
Stupid is to not let yourself move forward due to a question not asked. :wink:

And I’m happy to say that this community feels like a fairly safe space in that regard.

The proxmark… You are in luck! @amal just got this post up yesterday:


should have everything you need there!

2 Likes

I’ve tried my chip on the readers, and NXP TagInfo on the cards. Did not work, so I’m currently waiting to get the ACR122U and a diagnostic card delivered by mail - guessing it will take a week.

As little as I know, I have no problem understanding that it’s bullshit that a implant is less safe than the card. So yes, it’s very frustrating. I’ve tried debating this with them twice, but…

1 Like

:+1:

Honestly if you can afford it, the PM3 easy is a worthwhile investment to many people, and likely would be for you too. When you get a diagnostic card that’ll tell you a bit more.

After that, it’ll likely come down to a PM3. Are you a windows or linux user? Also if you get a PM3, hop on over to the DT discord - there are often people around more than willing to hop into a voice chat and walk you through stuff! Often easier for individuals that way, though info gets lost so we also appreciate writeups to the forum.

2 Likes

I feel you. :confused:

I am quite hated by the security guys at my (cyber security) company… Mostly because they are incompetent and hate when you point that out publicly :sweat_smile:

Also… I’ve proven far too many times that the technical security on a badge is the least thing you need to worry. I get in and out of so many security firms without even working there… Most of the time all you need is a nice suit and a smile. It never ceases to amaze me how gullible and biased (borderline racist) people are…

Anyway… back on track:

I think the ACR122U is still only able to deal with HF (NFC)… please someone who uses it correct me.

It is a very good reader, though, and hardware-purposed to work with windows/PC (and that’s exactly why I don’t use it much)

Other than that… I can only repeat what @DonFire just said. all of it.

1 Like

that’s correct :slight_smile:

1 Like

Specifically the acr122u uses the pn532 reader chip inside. This limits the acr122u to only ISO 14443A/B and felica. It cannot read 13.56MHz ISO 15793. That means chips like the Spark1 or any icode or other iso 15693 tag types like some legic chips cannot be read by the acr122u.

1 Like

Oh, fantastic - thanks!
I see that the post shows how to do this in Windows. Do you know if there is a similar and good guide for people that are using Macbook…?

Neither Windows or Linux, I have a Macbook… Useless or just tricky?

Mac OS needs some compiler tools installed but you should be able to run the tools… I think… haven’t tried it.

I know some people have gotten it working, as Amal said. I (and probably quite a few others) would be willing to work with you to get it working should you get a PM3 easy.

From what I’ve seen, its at least possible: see here.

Haha, I feel you. I don´t even work with tech or security, and even I think there is alot of improvment…
I think I´ll try to copy my work badge into a chip even tho they said no. Like, I don´t think they would even notice it, and if they do - well, then I have kind of proven my point.

Hm… I definetly have a lot to learn. Looking forward to it! Won´t be going home for christmas this year because of corona so I´ll have two weeks of holiday to just read up. Thanks for sharing your knowlegde guys!

1 Like

Hm… Well, it´s definitly worth a try. I feel a PM3 is a bit next level, so I´ll start with the ACR122U and the diagnostic card while I´ll read up a bit first. I´ll let you know when I´m ready, - thanks a lot for wanting to help me out!

2 Likes

There is! I had great luck with this one by @identity.

2 Likes

Many of the things that work on Linux will have some way or another to work on Mac via command line… but I couldn’t say for sure. The less I use my Mac the happier I am, usually. :laughing:

Exactly the route I would (and did) take. :wink:

I have found out that my work badge has two chips in it; a EM and a Mifare.
Not sure about which type of Mifire yet, (I have the name of the readers tho) but are allready confused :sweat_smile:

I belive I’ll need a xM1 for my friends building (some old system) and possibly also for my parents house (yaleman v2n). I can enroll my chip into my parents system, but that is not an option at my friends house or at work.
If I have understood it correct, that means I would need two UID chips because one can’t hold to IDs at the same time, right?

But Mifare seems to be a lot of different chips. Does the xM1 work with several Mifare types or only classic? DESFire only work with DESFire?

That is unusual.

I venture that the door access authentication is done on the EM, and the Mifare is there for something else - possibly unused in your company, if whoever procured the card simply bought a batch of whatever happened to work from that reseller and the Mifare part of it was just extra unused cruft.

It’s highly unlikely that the door access uses dual-frequency readers and authenticates on both frequencies. If it does, I really want to know what make/model it is.

My suggestion is: get yourself a DT RFID Diagnostic Card and present it to the reader at your workplace:

  • If the LF LED lights up, you’ll need a xEM, flexEM, or NExT or flexNExT.
  • If the HF LED lights up, you’ll need a xM1 or flexM1.
  • If both light up, you’ll need a flexMT and you need to tell me who makes the reader :slight_smile:

The xM1 (of flexM1, or the HF part of the flexMT) is a “Magic Chinese” Mifare Classic 1K chip. That is, a Mifare Classic that happens to have a hidden command that lets you program its sector 0 - which is not programmable normally on genuine M1Ks - so you can make 1:1 clones.

Some smarty-pants readers are aware of the “hidden” Magic Chinese command (which isn’t much of a secret anymore) and issue it, to probe whether the card is a clone or genuine. It’s not the norm however, although it is getting more common.

In short, unless you’re unlucky, a properly programmed xM1, flexM1 or flexMT will pass off as the genuine article and fool the reader if indeed it is a HF reader.

All this of course is assuming the reader does in fact require a Mifare Classic, which isn’t even certain. It may just be happy with any old ISO14443A transponder that spews out a UID that’s enrolled into the system.

It’s not as unusual as you might think… often times these are the natural choice for facilities that want to transition from insecure LF to a more secure HF like iClass or something… but have tons of LF only badges deployed. Often times they enable LF and HF until all LF badges are cycled out and then disable LF… sometimes… if the security people haven’t changed since the decision was made… and if they remember.

Chances are good the LF side still works fine… it would totally be worth trying to clone just the LF side.

1 Like

Yeah, but… transition to a Mifare Classic? That seems like yesterday’s fight. That’s why I said it’s unusual.

Unless our friend has an older transitional card, and they’ve transitioned to the then-more-secure Mifare Classic years ago. Hmm… didn’t think about that.