How to clone a mifare Hid card


#1

Hey peeps, I got two NFCs and One RFID chip implants, I am trying to figure out how to clone my work pass so I don’t have to carry it around. On the back it says mifare HID. When I scan it with an android device it says 1k milfare. Only the first block is used.

I have put my hand up to the scanner, only the RFID reads not the NFC. I have a xEM.

Is it possible to clone to the xEM? What should I do? Should I create a rfid cloner with an arduino?

Thanks!


#2

First, lets correct your terminology so there is no confusion. The term “RFID” encompasses a wide range of Radio Frequency Identification products. All your implants are RFID. Both the xEM and xNT are “RFID”. The term NFC in general refers to a subset of RFID products that use specific protocols and communicate at 13.56MHz (referred to as “high frequency”). The xNT is an NFC compatible tag. The xEM is not NFC. It operates at 125kHz (referred to as “low frequency”.)

HID makes both dual tag cards and dual frequency readers. Your card has a miFare tag in it as you have discovered using your phone. But the reader you say only responds to your xEM? At this point you don’t have enough info.

You need to figure out
1: is your card a dual tag card (You may be able to just hold it up to a bright light to see if there are two antennas/chips inside.). Otherwise you’ll need a cloner or proxmark to check it.
2: is the reader a dual frequency reader? Just because it didn’t read the xNT doesn’t mean anything if it’s expecting a miFare card. The Dangerous Things Diagnostic card is an excellent tool for this… it will tell you immediately what kind of reader it is. https://dangerousthings.com/shop/rdc/

If it is a dual reader, and they are using the miFare (high frequency) tag in the card, the xM1+ would be clonable (or possibly just added to the system if you get in good with the people who provision the badges into the system) https://dangerousthings.com/shop/xm1-plus/

If they are indeed using the low frequency HID card, then you can clone your xEM using a proxmark.