Newbie with xEM and cloning

So I recently bought a xEM from Digiwell and I have some questions about cloning and cloning devices.
I have read through the forum and have tried to get an understanding of how to clone and what it can do to my chip.
So my question is which cloner to get, or parts for a possible DIY cloner?
I have read that the blue handheld cloners from China set a password, but how does that affect the use? Its really the cheapest way to go, but what are the downside?
I have looked a bit a the proxmark3 but I find it quite expensive and not in my price range…
Is there any other alternatives that functions good and is somewhat cheap?

Thanks in advance!

Hey, I am also new to the space, with that being said take what I say with a grain of salt. Firstly the passcode is set to prevent malicious or accidental writes from being performed, as long as you use the same cloner this should give you no problems. However in some cases the passcode may become corrupted due to “tearing”, in such instances the passcode is changed, and there is know way to know what the new code may have been set to. This would result in the transponder becoming read only, unless you are able to brute force the passcode. Regarding The cloner, it has been removed off of the store due to the possibility of it “bricking” the implant. This is not the cloners fault, but rather could occur between any T5577 based tag, meaning that the possibility of this happening exists while using almost any cloner. In the event that the tag becomes unresponsive upon the use of the cloner, a proxmark3 is needed to resolve the issue.

More information regarding cloning xEM can be found here:

Keep in mind, when purchasing a cloner they may all look identical, but may be very different in terms of their functionality. There are many versions of the blue cloner all of which may not support the same card styles. Since the cloner has been removed fro the dangerous things store I have found another that appears to be similar:

The cloners passcode can be found here:

As I previously stated I as well am new to the space, if any misinformation is found be sure to let me know thanks. Furthermore Amal will probably give you a better answer once he has seen the post. Hope this helped!

Thanks for the great answer!
So what you are saying is that if I keep my xEM to only one cloner, I would be able to copy as long as I get the right one?
So its the same password for most of the chinese cloners? I would be able to buy another one if my cloner broke down and still use it to program my chip?
But there aren’t any easy and cheap way to control what password is set?

Thanks again! :slight_smile:

Found this at eBAY:

Is this the same as was sold here earlier?

The cloners password doesn’t change so if you are using the same cloner, the password should have no effect on you (as long as no corruption occurs), it is when you use a different cloner with a different password that you are prevented from writing to the implant. As far as I know the password is the same for most of the blue cloners, however it is possible that it could be different depending on what version you get. In the event that you’re cloner breaks, as long as you replace it with one of the same model the password will be the same. Unfortunately I don’t believe there are any ways to control what password is set, this might be possible on the proxmark3 but I’m not sure.

As far as I can tell it is a different model, as it doesn’t appear to support EM41xx tags, however to be completely honest with you, I’m not entirely sure. Amal would be the best person to ask.

I will have a look around and see :slight_smile:
Thanks! :slight_smile:

Nice explanation Luke! You are correct about the proxmark3 being able to control what password is set, it’s also a much safer way than using a Chinese cloner.

This is because:

With the proxmark3 you can write your desired password i.e. 12345678 to Block 7 of the xEM (this is where the password is stored). Then you can read block 7 back again to verify that the correct data was written. You do this before writing the Block 0 (this is where the xEM’s configuration is stored) settings to make the password become active. You can essentially check that you wrote the correct data before making the password active.