Bought a Proxmark Easy from Piswords (it’ll take forever to arrive in the mail)
The person who manages the access control system at work is happy to add my NExT into the system
When I got a peek at the enrollment software, it looks like there were various protocols that the system can accept, I saw HID on the list. So even though the badges they are administering are MIFARE EV1 cards, I am assuming I don’t need to clone one of those, and could use a different protocol instead.
My question is: Assuming the reader really can accept a wider range of protocols… do you think there’s a certain protocol I should learn toward using with my NExT?
I definitely haven’t seen every access control system frontend on the market, but in this case I would wager that the company who installed it uses 1 software to control all the different types of reader hardware they sell, but only activate 1 type of protocol in the software per customer depending on what readers they install in the building.
Most readers that I’ve seen can only support 1 protocol. So for example even though ISO 14443a and ISO 15693 are very similar protocols operating on the same frequency (13.56MHz) very few door swipe readers can be configured to read both. They purposely limit them, even though they often charge more than $100 for a reader and it hypothetically could read anything if the firmware was better. It’s quite a racket.
MIFARE Classics are also a completely different memory structure than the HF chip in the NExT. You’d need like an xM1 for that. You should hope the system runs on HID, because then at least there’s a chance you can clone it onto the LF side
I did some research. Below is a screenshot from the user manual. Looks like it’s possible to switch different protocols on/off. Verbiage in manual didn’t seem to indicate that they’re disabled unless you pay for the feature… appears to be something you can easily toggle.
When I was able to look at our setup, there was just 1 switch flipped on, I assume it was 14443 Secure MiFare.
Hoping that if we flip more on, I can get NExT to work.
Also-- when I hold the Diagnostic Card up to the reader, LF and HF blink.
After attempting to make the changes in the access system today, I have mixed news…
Bad news - you cannot have “14443 UID (CSN)” and “14443 Secure MiFare Plus” enabled at the same time. You must choose one or the other, and obviously we need to keep the latter enabled because it’s what everyone else is using.
Good news - that seems to be the only restriction, all the other options can be turned on in conjunction with “14443 Secure MiFare Plus”.
So that being said… what protocol do you think I should try next? The only one that rings a bell to me is “Schlage HID”… but I’m not sure!
Either HID or AWID are nicely supported on the T5577, pick your poison. I’d probably go HID because it seems to be more widely compatible for if you want to use the same implant for multiple things.
After several more failed attempts, we have SUCCESS! I got it to work by using my Proxmark Easy to program the T5577 side of my NExT as HID. Being friends with the person who handles the access system was invaluable.
It felt pretty surreal to use my hand to unlock the doors at work this morning
THANK YOU ALL for your help & expertise! I hope to pay it forward.
Tips for anyone else trying to work with the “Allegion Engage” access control system in the future:
Scanning the ID (at the door or the computer reader) is the ONLY way to enroll any type of card. You cannot go into the web portal and type in a UID (that type of manual entry is not supported).
There’s a screenshot of all the supported protocols in a post above. If you have the Allegion system, all of those protocols are available to you. It’s not feature-locked. You just flip the switch to enable. However, there are some protocols you cannot have on at the same time, so you’ll need to play around.
You can easily enroll MiFare cards via the USB attachment on the admin’s computer. But if you want to enroll most other types of cards (such as HID) you must enroll at the actual door reader using the mobile phone app.
-Card reader on the building is MT15, it does LF and HF, lots of options to turn certain protocols on/off
-The Enrollment reader that plugs into computer (to add/remove cards from user profiles) is MT20W, it can only do MiFare cards
