Thanks a ton for the dummy crash course. I really need to learn more about how these systems work. When the test cards come in I’ll try them out. The reader itself is off limits, I can’t change that in any way, but if I can get a chip that it reads he is willing to put the implant in the system.
Process for figuring this out:
take my test cards to the site
tap a card
2a. if it doesn’t beep, try another card
2b. if it beeped, goto 3
check the system logs to see if it read an ID code
3a. If yes, that’s the kind of implant to get
3b. if no, grab another card and keep trying
hopefully come back here with the card type that beeped and sent an ID
throw money at Amal to make my hand go beepbeep too
I’ve got a dozen mifare classic cards in hand, I can swing by some time and see if they make it beep, the others will have to wait for my test card sampler packs get in.
I wanted to say again how much I appreciate you folks, your patience and willingness to explain things is wonderful.
Best practice would have been that they turned off any mode they aren’t using for security reasons (look up Iceman and Babak’s great DEFCON talk from this year where Babak demonstrates a technology downgrade attack to see why!) but about half of the time that never happens and you might be in luck.
Basically, you are counting on the integrator having done it wrong - let us know how you get on!
Very cool, Christmas in September, I am excited for you. I just hope they came with batteries
Also
Whilst waiting for the install,
I draw your attention to
Followed Satur9’s step by step linked above for the P40 this evening and cloned it onto a T5577 card with no issues. Trying to get the NExT installed this weekend hopefully. Had to postpone due to a health issue, so hopefully soon now that I’m feeling better. Still waffling on position 0 vs knife edge, but we’ll see.
Had to postpone the implant and then had trouble matching schedules up with my installer, but tomorrow is the day! Getting the NExT put in tomorrow afternoon.
*scan *
not working yet
*scan *
not working yet
*scan *
not working yet
*scan *
not working yet
*scan *
not working yet
*scan *
not working yet sigh is it healed yet?
Playing with the proxmark tonight a little. I can’t flash iceman on it, I get the exact same error as this post: FlexMT HF Reading Issues
I set the threshold using lf config t 40 to keep it searching for a tick in case the implant just isn’t in ideal position, that gives me time to wiggle it a bit. It does react to the implant when I scan it.
proxmark3> lf search
Waiting for a response from the proxmark...
You can cancel this operation by pressing the pm3 button
NOTE: some demods output possible binary
if it finds something that looks like a tag
False Positives ARE possible
Checking for known tags:
No Data Found! - maybe not an LF tag?
proxmark3>
That pops up immediately when I scan the implant, it does not wait for the timeout, so the field is getting triggered. This is exactly what happens when I scan the T5577 card that I cloned my ioProx fob onto, so that is promising.
Then I try to write the data:
proxmark3> lf t55xx write b 0 d 00147040
Writing page 0 block: 00 data: 0x00147040
proxmark3> lf io clone 0078776039a8ddf3
Cloning ioProx tag with ID 00787760 39a8ddf3
proxmark3>
But there is no confirmation of write and the NExT doesn’t respond to lf t55xx detect after that, which the cloned-to card does. Is there a way to confirm the write or force it to wait to first detect a chip before randomly broadcasting the write?
Despite the PM3 not being able to read it back, I did try it today on my front door and it worked just fine. Which is really kinda cool because… I locked myself out and swiped it out of pure optimism, not really expecting it to work. LOL
At the very least, you became cool when you joined our little band of unhinged individuals. The fact that your chip worked but you hadn’t realized it yet doesn’t change your coolness birthday
in September, I am excited for you. I just hope they came with batteries 
