The anti🚫-derailment🚃 & thread🧵 hijacking🔫 thread🧵 ⁉

Go fork yourself!

Was it ever fully explained why multi sleeving was so illegal?

If the meths are allowed to have a private army of sleeves, and backups etc… multi sleeving seems like a weird line to draw, that even they are held accountable to

Screenshot_20230328-1506171440×830 82.9 KB

Anybody every done any tinkering with a car key and their proxmark?

I don’t think that’s accurate

I was hanging out with a locksmith one day and checking out some of his rf stuff and showing him the flipper

I don’t remember the exact frequency range but I think it was mostly uhf 900ish stuff

I know there are some Lovecraftian fans here, so thought i would share.

https://www.kickstarter.com/projects/c-is-for-cthulhu/lovecraftplushtoys?ref=801z83

and specifically @Coma

Yeah, I have, but didnt dive too deep as there were easier ways.

HITAG is PROBABLY where you want to start

and these MIGHT help

HITAG-S2048-HTSICH56_48_SDS.pdf (247.0 KB)

HITAG 2 protocol.pdf (380.3 KB)

verdult_usenixsecurity12_slides.pdf (11.8 MB)

Ok so basically the problem here has to do with the word “transponder”… could be the passive immobilizer transponder embedded in the key body, could be the door lock control fob… could be a “keyless” fob. Generally speaking, the passive transponder embedded in the key body is 125khz (usually a TI 40bit challenge/response system similar to HITAG), while the active lock control fobs operate between 280khz and 340khz… typically… but on the electric field not through magnetic induction like the passive transponder.

I’m more interested in the immobilizer side right now, so this seems to be good news

Appears I was mistaken

What are the signs of a bricked T5577 chip?

I’ve got an LF card that I think came with the pm3, it’s clearly labeled ID-5577, lf tune reacts hard to it, but lf search returns “No data found, maybe not an LF card?”. Dead card or am I doing something wrong?

I hope you have some success with the path you are going down.

If you get stuck

A very cheap simple bypass to be able to implement an implant is using an off the shelf Transponder bypass connected to an RFID reader of your choice.

Let me know if you need anymore help with this option

Woah, now that’s a fancy product

Mostly I’m just curious if it’s possible to copy a key transponder without paying a dealership an absurd amount of money to do it. Luckily I don’t need to now, but I have needed to in the past, and it would be nice to find out before I need to again

Im sure you have already, but sometimes its easy to overlook the basic steps

lf t5 detect

and have you tried writing an LF mode to it

like this

lf em 410x clone --id 0102030405

If you only have one key with the transponder, my reccomendation would be, grab one of those bypass products, install that in the vehicle (so you cant loose it) install a hidden switch or RFID reader to power it on.
Cut just a couple of new keys ~$10 and this will give you a safety net.

Alternatively you can remove the transponder from the key and attach it to the antenna (normally surrounding the ignition) but you then loose the security the transponder provides

I have tried those and a few others found around the forum with no luck yet

I don’t think I’ve done any writing to it before, just messing around with reading it, so it seems odd that it stopped working is all

I’m sure that’s what I’ll end up doing if I have the problem again, but exploring with the proxmark is always an interesting exercise

Yeah, I figured you would have, I just didn’t want you wasting time chasing your tail if you hadn’t

partly because of the messed-up-ness. almost like a tabboo…

partly because it usually drives the multi sleeved person insane.

Some “new” RFID locks

Door Locks

Padlock (As reviewed by LPL and easily shim bypassed)

No further details
Just FYI if anybody is interested

The bottom wafer lock was featured very recently on LPL and is easily opened with a shim by pass.

Ooooooh hell…
Seriously, a glow-in-the-dark plush Cthulhu? I… kinda… NEEEEED that!