I have the Dangerous Things Proxmark 3 Easy with the latest firmware.
I have successfully cloned EM cards but I’m unable to get a read on my HID work badge.
I’ve tried “auto”, “lf search”, and “lf hid reader”, each of which doesn’t offer any sort of result. I’ll include screen shots of my versions and the results of each search below:
This is still the result when holding it at about a 32v distance, approx 1 cm off the antenna:
I get the same result at intervals of 1cm further away until well outside reading range.
I can x-ray it at work but it is laminated with a photo ID so I can’t use a torch to see thru it. (I tried)
Based on the HID document, it is definitely a 125khz card. Section 1.1 of your guide is exactly this card. I also ran “hf tune” and the card has no impact on the HF voltage. I don’t have a diagnostic card and I don’t have ready access to the reader to sniff anything.
I have used “lf tune” to map out the positions/orientations to hold the card and have very stable hands to keep it in position. I don’t have a quick way to upload a photo of me holding the card. I have been holding it directly on the LF antenna for “lf search” and then moved it away from it (but still above) in 1cm increments for “lf search” every additional 1cm.
As for the handy dandy tips: I see how to chain commands but I can also just hit the up arrow to reissue the commands. I’m very confident that I am not wavering the card position enough between commands to induce an error.
I don’t have a blue cloner. My work has no trouble at all reading my badge. It is read easily at 30+ various readers around the building. Range is hard to say, because I usually just slam it up to the reader from a retractable lanyard. Although it will also activate if it just swings within a few inches of a reader while in a crowded hallway or something.
When I copied the EM tags, it was intermittent getting a read on those. I’m starting to wonder if it’s more of a software issue displaying the reads or something.
On a whim, I checked to see if I could read the T5577 tag that I wrote to clone the EM tag. I couldn’t get a read on the original tag or the clone, using “lf search” or the designated lf functions for the EM or the t55xx sections of the software. I can still use lf tune to observe a voltage drop as all of the various rfid tags are presented to the antenna.
Any insight or tips are greatly appreciated. I’m feeling like this is either hardware or software issues, but I am will to hold my tongue in the right spot and hop on one foot if someone can help me get a good read.
Also, what’s the difference between the following 2 scans? one immediately says “No known 125/134 kHz tags found!” while the subsequent scan searches for COTAG tag, times out then says, “No data found!” This was performed with a sample card that “lf tune” drops voltage down to 12 volts. I’ve attempted scans with this sample card in the same 1cm step process as listed above.
Three things I’d like to check are to ensure you are using the correct antenna on the easy. Its a common mistake even though you’ve cloned ems before.
LF antenna is the round copper antenna on the top of the board.
Hf antenna is rectangular and inlayed into the bottom pcb.
Second thing would be the results of running hw tune
I’m curious if your LF antenna isn’t working as expected or the screws have come loose. The screws are what connect the antenna to the board so ensure they are tight.
When you looked through the card, did you see any windings of anything that could resemble an antenna? Usually, even with photo I’d cards, you can still see something like an ic and some of the antenna.
I found a very bright torch and went to a very dark room. I was able to shine thru it but it’s difficult to get the light to the corners of the card without flashing my own eyes around the edge of the card and blinding myself. I could see 1 antenna wound around the perimeter, there is clearly not 2 antenna. I am certain there isn’t a magnetic strip or smart card contact chip. The antenna winding is closer to the long edge with the printed ID number than the opposite edge and there appears to be a very small chip in the upper left corner, if the “HID 0008P” label is in the bottom right and the punched slot is at the top. In this same orientation, the upper right corner has an ID printed along the edge, starting near the center of the right edge and going upward to the upper right corner. The format of this code is 12345 12345678-1.
