logo elektroda
logo elektroda
X
logo elektroda
Advanced Search
logo elektroda

Title: Copying 125khz RFID Intercom Pit: Issues with Chinese Device & Overwriting Different Types

kuba435 24108 79
ADVERTISEMENT
Treść została przetłumaczona polish » english Zobacz oryginalną wersję tematu
Reply | New topic
  • #61 21530939
    sociak55
    Level 11  
    >>21530902 .
    Is there any way around this? Generally I was wondering how the reader verifies this if the same number is uploaded as in the original chip. It is not possible to use a variable code here.
  • ADVERTISEMENT
  • #62 21530960
    Interesant
    Level 33  
    ...
    >>21530939 .
    No. It's likely that some shortcoming of the T5577 and EM4305 chip based key fobs has been exploited, the only option is probably hardware emulators like Flipper Zero.
    You are wrong, these Chinese copiers add something from themselves to the keyrings they save, that later from a copy you will not make a working copy and forget that another programmer will program it.
  • #63 21531046
    sociak55
    Level 11  
    >>21530960 .
    Right as far as the Chinese copier is concerned it is known that it can add something but the flipper rather read the whole thing correctly since it emulates correctly. Do you know how to prepare the seed if it was a regular Elkontrol reader but without this AN/CL option? I'll play around with it some more, maybe I'll get something right.
  • ADVERTISEMENT
  • #64 21531414
    Interesant
    Level 33  
    ...
    >>21531046 .
    I don't know, I don't own a flipper zero, but it seems to me that the same way you copy them now.
  • #65 21531543
    sociak55
    Level 11  
    Display of an electronic device showing modulation selection set to PSK2, with options for RF Clock, Max User Block, and Edit Block. >>21531414 .
    there is an option to prepare the chip for a specific modulation and number of blocks, it looks like the picture, In modulation there are choices:
    -direct
    -PSK1
    -PSK2
    -PSK3
    -FSK1
    -FSK2
    -FSK1a
    -FSK2a
    -ASK/MC
    -Biphase
    -Diphase
  • #66 21532021
    Interesant
    Level 33  
    ...
    You have everything in the manual from Flipper and on youtube + datasheet of EM4100, EM4302 and T5577 chips
  • #67 21532310
    sociak55
    Level 11  
    >>21532021 .
    If it was that simple I wouldn't be looking for help, I've tested many combinations and unfortunately none worked so I've asked for help here on the forum in the hope that someone has already dealt with a similar case and is able to give more suggestions.
  • #68 21532392
    Interesant
    Level 33  
    ...
    >>21532310
    I don't get into the circumstances under which you became the owner of the Flipper Zero, but if you thought that the Flipper, despite its infantile appearance, doesn't require minimal effort from the user (even to play DOOM) and knowledge, you were sorely mistaken - it's not a washing machine, it's more like a mixing table.
    The best form of learning is self-learning by trial and error, and you forgot that on this forum we don't bypass security.
  • #69 21532405
    sociak55
    Level 11  
    >>21532392 .
    The forum is more for advice and help in situations when someone does not cope with something, I'm not a programmer but for my applications flipper is enough for me, I wrote a post hoping that someone will advise / help me, comments like find it yourself does not contribute anything here. I'm not bypassing security, I have the original seed from this reader, I just wanted to try at home to make a spare ;) .
  • ADVERTISEMENT
  • #70 21532426
    Interesant
    Level 33  
    ...
    sociak55 wrote:
    >>21532392 .
    The forum is more for advice and help in situations when someone does not deal with something, I'm not a programmer but for my applications flipper is enough for me, I wrote a post hoping that someone will advise/help me, comment like find it yourself does not contribute anything here. I'm not bypassing security, I have the original seed from this reader, I simply wanted to try at home to make a spare ;)
    Now you have, and in 5 minutes you won't have the original. And so you break (circumvent) the security by opening with another device (flipper) the famous article 267 of the Criminal Code. If you hang a reader with an "anti-clone", that means one thing, to make it difficult for third parties to access the area shielded by that reader.
    You have confused the forum with the sandpit; in the sandpit children are led by the hand, but not in the forum.
    Ps. Now roll up your sleeves, because the documentation is not going to google and translate itself.
  • #71 21532500
    sociak55
    Level 11  
    >>21532426 .
    I'm a bit too old for the sandbox although I won't say I'd love to play sometimes. I've been reading Electrode for a good 15 years and as you can see from the statistics I don't ask much because most of the questions were actually solved after reading the topic. RFID is not my field so I was hoping for some specific guidance, I will probably sit down and keep trying, in general if I don't succeed the world won't collapse, I was treating it more as a curiosity. I don't quite understand your approach, don't want to help or can't you? All in all I probably won't find out anyway ;) .
  • #72 21566789
    CYRUS2
    Level 43  
    Quote:
    Copying a 125khz RFID intercom seed
    I bought a very cheap Chinese copier.
    (under 50zł)
    I made a copy of my service RFiD.
    The copy works.
    The reader reads a non-programmable RFID number.
    You will not write anything to that RFID.
    Interesant wrote:
    If you hang a reader with an "anti-clone"
    Must distinguish the clone from the original.
  • #74 21568149
    sociak55
    Level 11  
    >>21566813 .
    From what I've deduced the anti-clone function somehow detects the type of tag applied (it distinguishes between a T5577 and a seed with a permanently entered number) I was wondering if it was possible to somehow block the possibility of another code being written to the T5577 so that the reader thinks it's a normal tag, but unfortunately I couldn't do this, emulating the code from the flipper is detected correctly and the lock reads it as a valid tag. I have used two Chinese copiers to copy, flipper and a fake chameleon ultra but with no results. Strangely enough emulating from the chameleon ultra doesn't work either.
  • #75 21568543
    kulmar
    Level 32  
    It appears that if a programmable tag is used, it responds to the reader to the command sent. The original UNIQUE just sends data in a loop. So detecting the copy is simple - if the card (tag) responds to a command (e.g. LOGIN) with a special sequence, then it is a programmable card and can be ignored by the system.
  • ADVERTISEMENT
  • #76 21568779
    sociak55
    Level 11  
    >>21568543 .
    That's my understanding too, I was wondering if it's possible to just somehow block the T5577 to send data in a loop like the original.
  • #77 21568799
    kulmar
    Level 32  
    We would have to assume that the manufacturer of the chip wanted to make a 'perfect chip'. But that is unlikely to have been his intention - and it is always possible to communicate with the card by sending a command. And this is what sets it apart from the original.

    Added after 1 [minute]:

    On the other hand, it is possible to make a clone of the UNIQUE card using a processor and antenna programmed with the appropriate code.
  • #78 21569114
    sociak55
    Level 11  
    Quote:
    It is possible to make a clone of the UNIQUE card using a processor and antenna programmed with the appropriate code.


    Will you elaborate more on this?
  • #79 21569121
    Interesant
    Level 33  
    ...
    >>21566789 .
    Only a working copy from a copy you won't make.
    Ps. Elog's anti-clone controllers do a good job of distinguishing the RW keyring from the RO.

    Added after 15 [minutes]:

    ...
    >>21569114 .
    This substitute would be akin to a packet of cigarettes, a colleague suggests an active RFID key fob, Flipper Zero you already have.
  • #80 21569364
    sociak55
    Level 11  
    >>21569121 .
    But do you think if I keep recording the key ripped into Flipper's memory it won't work either? It rather reads everything and doesn't add rubbish.

    Active keyring then I will agree, flipper manages here, whereas I thought chameleon ultra would also be an active keyring that would work but unfortunately it doesn't, zero response at the reader.
Reply | New topic
Report a violation of the law

Topic summary

The discussion revolves around issues related to copying 125kHz RFID intercom key fobs, particularly focusing on the differences between programmable and non-programmable chips. Users express concerns about the inability to overwrite certain RFID tags, specifically EM4100 (read-only) and EM4305 (rewritable) chips. The conversation highlights the importance of understanding the type of RFID chip being used, as some devices, like the Elkontrol 3000 reader, only recognize specific chip types. Users also discuss the implications of using Chinese cloning devices, which may restrict the ability to rewrite chips once programmed. The need for a programmable key fob to replicate a non-signaling key fob is emphasized, along with the potential for confusion regarding the functionality of different key fobs in intercom systems.
Summary generated by the language model.
ADVERTISEMENT