Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Pages: 1
I am currently trying to clone this key fob that I have and ran into some issues with it, and I can't tell if I am doing anything wrong. I ran the fob through the NFC tool on Andriod, and it classified the fob as a Mifare Class 1k.
I dumped it, obtained all the keys, and cloned it to a magic card; however, whenever I placed the clone card to the reader, it flashed red. I used a ChameleonTiny to the key reader, and it still flashed red. The ChameleonTiny could not get any information from the key reader at all, making me think that it is not a Mifare Classic Fob or reader. I ran "hf search", and this is the result I got.
[usb] pm3 --> hf search
? Searching for ISO14443-A tag...
[+] UID: 13 4B 9A E7
[+] ATQA: 00 04
[+] SAK: 08 [2]
[+] POSSIBLE TYPE: MIFARE Classic 1K / Classic 1K CL2
[+] POSSIBLE TYPE: MIFARE Plus 2K / Plus EV1 2K
[+] POSSIBLE TYPE: MIFARE Plus CL2 2K / Plus CL2 EV1 2K
[=] proprietary non iso14443-4 card found, RATS not supported
[+] Prng detection: hard
[+] Valid ISO14443-A tag found
However, when every a place a blank or clone magic card to the reader, it flashes read rejecting the card.
However when I run "lf search" I get the following
[usb] pm3 --> lf search
[=] NOTE: some demods output possible binary
[=] if it finds something that looks like a tag
[=] False Positives ARE possible
[=]
[=] Checking for known tags...
[=]
[+] HID Prox TAG ID: 20041401d2 (233) - Format Len: 26 bit - OEM: 000 - FC: 10 - Card: 233
[+] Valid HID Prox ID found!
This makes me think that it is an HID Prox card, and when a place a blank T5577 card to the reader, it flashes green like it is going to unlock but no luck. Even when I clone it, it does not unlock, which makes me wonder, is it possible to have a key be both? I am still getting into NFC and RFID security and would appreciate any help.
Last edited by commandersnuggle (2021-02-17 09:16:48)
Offline
I'm no expert (yet), but there are indeed dual-frequency cards, but I am unsure as to how they are utilized/processed on the back end from an authentication standpoint. Hopefully someone more knowledgeable will chime in.
Offline
I don't suppose it's a KMS HS Tag by any chance?
They use dual Frequency and I found that by copying both the Mifare 1K and the T5577 Parts of the tag to a writable dual Frequency tag then it works.
you'll just need to pick up a Dual frequency writable tag. If you are in the UK drop me a PM
Offline
@commandersnuggle
This is an lf loop/chip + an hf loop/chip in the same fob. Common for apartments. HID for building doors, MF for apartment doors. Try cloning your t5577 with lf hid clone 20041401d2, that should work.
Yes, it is possible to have a key be both. Some readers even verify both at once, but it's kinda pointless because hid is so weak.
Offline
Pages: 1