My 125khz antenna

rleroy · 2009-07-09 16:50:36

Hi everybody!

Since the last couple of days, I’ve been thinking to a way to solidify my 125khz antenna. I want to share the design with you. I’ve been able to do something pretty clean and pretty robust, although pretty big It’s convenient because you can take off the antenna of the proxmark3 device anytime because it’s USB. It looks like this with my proxmark3 attached to it:

Yes, it’s big, but it’s possible to make it smaller by modifying the position of the USB wire. It fits my needs pretty well, so I didn’t bother

Material needed:

- 1 Hirose USB wire;
- Some heat shrinking tube;
- Some tie-wraps;
- A circuit board;
- An already pre-built, and oh so fragile, 125khz antenna. The one that you see on the above picture comes from the http://www.proxmark3.com website for $19USD. It’s also possible to get one from http://store.qkits.com/moreinfo.cfm/AN0301 for only $3.95USD. I think they are both the same, with the same level of performance. You can also build it up yourself

HOWTO:

Basically, I’ve soldered the white and red wires from the USB cable to the wires of the 125khz antenna, and I put some shrinking heat tubes on top of the soldered wires in order to solidify it and make it cleaner. I used a hair dryer to shrink the tubes, because I did not have a heat gun. I use tie-wraps in order to immobilize my USB wire on the board:

The antenna is also positioned on the board and secured using tie-wraps:

Here is how the back of my board looks like:

You still need to take care of the 125khz antenna wires because they are fragile:

Results
Here are the values from the 'tune' command:

>> Started prox, built Jul 1 2009 20:10:49
>> Connected to device
> tune
# LF antenna @ 14 mA / 18395 mV [1273 ohms] 125Khz
# LF antenna @ 34 mA / 41357 mV [1187 ohms] 134Khz
# HF antenna @ 0 mA / 96 mV [235 ohms] 13.56Mhz

And here is the result of the 'sweeplf'/'losamples'/'plot' commands. You can notice the peak around 90:

With this antenna, I was successful at both reading a HID card, and replaying it in front of HID reader, reliably

That’s it, I hope it’s clear enough Thanks to Amal Graafstra, as some of my ideas come from his book, http://www.rfidtoys.net/.

--
rleroy

Last edited by rleroy (2009-07-10 14:38:54)

adam@algroup.co.uk · 2009-07-10 11:54:23

Cool! The 4 buck units could come in handy!

Please post the results of 'tune' and 'sweeplf' commands.

rleroy · 2009-07-10 14:38:15

Updated with 'tune' and 'sweeplf' values! Cool I didn't know about 'sweeplf'

adam@algroup.co.uk · 2009-07-10 15:28:18

If you get the latest version, it also gives you the resonant frequency:

proxmark3> tune
> tune
# LF antenna @ 32 mA / 41625 mV [1273 ohms] 125Khz
# LF antenna @ 13 mA / 16247 mV [1187 ohms] 134Khz
# HF antenna @ 0 mA / 64 mV [235 ohms] 13.56Mhz
proxmark3> sweeplf
> sweeplf
#db# Antenna resonates at:
#db# 125.000 kHz

rleroy · 2009-07-10 16:48:44

Author: a...@algroup.co.uk
Date: Jul 07 (2 days ago)
Review scores: No one has yet scored this revision.

Log message
'sweeplf' tells us antenna's resonant frequency

Sweet I will update the post with the proper output of the 'sweeplf' command as soon as I setup a build environment and can compile the latest firmware.

Right now my attention is focused on trying to build the best antenna in order to read 14443B transactions succesfully and reliably

Last edited by rleroy (2009-07-10 16:49:10)

d18c7db · 2009-07-11 04:25:57

Right, those cocksuckers at anti-sec finally figured out how to upload pictures into someone else's Imageshack account and think that by violating someone's account and committing Internet vandalism their message somehow gains my respect?

Their tactics diminish the potency of their message and denegrate their ideology. By their own actions, they've sunk themselves to the level of taggers and the script-kiddies they despise so much. If I didn't have a prior position on the subject and had to make a decision based solely on their message above, I'd become an anti anti-sec in a heartbeat. Bravo guys, way to make your point!

rleroy, you might want to try and cleanup that crap that's stinking up this place. [EDIT] nevermind, imageshack took care of it pronto, if you're wandering what I'm talking about, all pictures in the original post used to come up with this instead. Was announced here and here.

Well done on the antennas, when I have some disposable cash I'll look at getting some PCB antennas made and if they work OK I'll publish the design. The advantage of a PCB antenna is that it's compact and can be built repeatably by anyone without any variations. Maybe some web shop can then sell them reasonably cheap

Last edited by d18c7db (2009-07-11 04:53:09)

rleroy · 2009-07-11 16:24:44

Interesting I think that for a group of script kids, targeting an image sharing web site is a great way to be famous in a short amount of time.

On the other hand, I think that the message they are trying to transmit is very old, without new ideas at all. It is just a pale copy of the old project mayhem from PHC - http://dsr.segfault.es/stuff/website-mirrors/pHC/ .

The anti-sec are only young kids searching for quick fame. I'm very interested in knowing what kind of exploit they used to hack inside imageshack, I highly doubt that it's a unknown flaw. Would they have the same level of knowledge if it was not of the publicly available security sites? I highly doubt it.

Being black or white hat is futile, the only important thing is how much love you put into what you do.

Back to topic! Thanks for the good feedback. Let us know when you have development on these PCB antennas

samy · 2009-07-20 19:01:23

rleroy,

Regarding the imageshack hack ("images(hack)"), I heard it was related to this:
OpenSSH <= 5.2 zero day exploit

Whether that's legitimate or not...we'll see. If so, wow. This should be interesting.

rleroy · 2009-07-20 21:13:27

Interesting, I can't wait to see what they will post in two days, if they post something ...

If I recall correctly, I think publishing exploits is against what they fight for, no?

But anyway, anybody with the skills to audit/research the source code, discover the vulnerability and write a reliable exploit for the latest version of OpenSSH has the rights to publish his research, imho, considering the amount of work it took ... But I highly doubt that they did that research

XEROEFFECT · 2009-09-03 09:25:49

Guys,
I stuffed my 125khz antanna playing around with it. The smallest enamelled wire that I could find is 0.25mm thick. In your opinion, is this too thick?

Last edited by XEROEFFECT (2009-09-03 09:26:22)

samy · 2009-09-03 09:28:55

Xero, what did you do to it?

XEROEFFECT · 2009-09-03 09:49:05

I was trying to increase inductance by shaping/bending it. I think I went to far.

rleroy · 2010-11-10 01:14:13

petrovyoung, I could probably make it smaller, but that was not the point of the experiment... The constraint will always be the loop of wire, it needs the appropriate shape to be able to communicate with a card ...

Good luck!

sujai · 2011-11-18 06:40:12

hi rleroy,

really it was nice. here i am trying to do long read range antenna for this reader. the read range is about 4 feet. can i design long read range antenna by increasing the size of the antenna.

i am planning to do 1m x 1m or 500mm x 500mm antenna. can i reach my read range if i design these type of antenna ?
and reader support for it?

thanks in advance
sujai

Bugman1400 · 2011-11-18 17:49:24

sujai wrote:

hi rleroy,
really it was nice. here i am trying to do long read range antenna for this reader. the read range is about 4 feet. can i design long read range antenna by increasing the size of the antenna.
i am planning to do 1m x 1m or 500mm x 500mm antenna. can i reach my read range if i design these type of antenna ?
and reader support for it?
thanks in advance
sujai

HID makes a long range device for the LF tags, but I don't think that the PM3 would be successful because of the current limitation of the parts. I think the HID device has components that are capable of higher current. See link below.....notice the big heat sink in the picture.

http://www.proxclone.com/Long_Range_Cloner.html

carl55 · 2012-03-18 16:28:27

Urbanbaby,
Developing a long range reader involves much more than simply replacing the antenna with a larger one. In order to maximize the operating distance of the electromagnetic field you need to generate a higher amplitude 125Khz signal. This involves using a circuit that is rated for a higher voltage, is capable of switching high currents, has very low rise and fall times, and that employs the use of a very heavy gauge wire in the antenna circuit. To get even more read range the sensitivity of the receiver circuit also needs to be improved. The Proxmark circuit was never designed to achieve the range that you are looking for. Here is an example of a driver that that I have used in my own long range reader. I have achieved excellent results using it to drive 14AWG antenna wire.
http://ww1.microchip.com/downloads/en/d … 21420d.pdf

Proxmark3 community

Announcement

#1 2009-07-09 16:50:36

My 125khz antenna

#2 2009-07-10 11:54:23

Re: My 125khz antenna

#3 2009-07-10 14:38:15

Re: My 125khz antenna

#4 2009-07-10 15:28:18

Re: My 125khz antenna

#5 2009-07-10 16:48:44

Re: My 125khz antenna

#6 2009-07-11 04:25:57

Re: My 125khz antenna

#7 2009-07-11 16:24:44

Re: My 125khz antenna

#8 2009-07-20 19:01:23

Re: My 125khz antenna

#9 2009-07-20 21:13:27

Re: My 125khz antenna

#10 2009-09-03 09:25:49

Re: My 125khz antenna

#11 2009-09-03 09:28:55

Re: My 125khz antenna

#12 2009-09-03 09:49:05

Re: My 125khz antenna

#13 2010-11-10 01:14:13

Re: My 125khz antenna

#14 2011-11-18 06:40:12

Re: My 125khz antenna

#15 2011-11-18 17:49:24

Re: My 125khz antenna

#16 2012-03-18 16:28:27

Re: My 125khz antenna

Board footer