I’m attempting to use an esp key planted behind a hid reader to gain access to a building. I know I can get through that door but I would like further access beyond that point. I would like to preferably do this with an RFID card but I haven’t found almost anything online about doing this sort of thing. I was sort of wondering if this could be done with a proxmark? but I really don’t know. Any info helps.
esp keys interrupt the signal between the weigand reader and the controller. It is capturing that unencrypted information such as Facility Code, USer, etc.
You can replay that code through the ESP Key, but as far as encoding it to the chip you need to go scan the reader to see if there is any additional information the reader is passing along as well as capture the frequency the reader is operating at.
Once you know reader Frequency, you can get a magic card, and use a device like a proxmark to write the info to it.
2 Likes
You, uh, have permission to be messing with their doors and readers, right?
2 Likes
2 Likes
What would the reader be sending that wouldn’t be captured by the ESPkey?
Lots. For instance Slix tags can contain a password that can only be captured on contact from a known card. Once authenticated it opens up the card to be read. The wiegand data wouldn’t possess that information.
1 Like
I know this is an old thread but hopefully ya’ll are still active. When you say scan the reader, scan it with what?
If you can just scan info from the reader couldn’t you just do that in the first place, and not use the esp key at all?
The most important information to get from the reader is the frequency and type of credentials it’s expecting, this can be done by just looking up the reader if it’s distinct enough, or by using something like the RDC to check what frequency(ies) the reader uses.
1 Like
Gotcha,
So in theory - once you know the frequency, and the information that the ESP gets, you could write it to a card using proxmark or something similar?
You also need to know the type of cards that the reader will accept, so you know what kind of cards to clone to