Differenze tra le versioni di "125Khz RFID spoofing"
Jump to navigation
Jump to search
m |
m (→Code) |
||
(4 versioni intermedie di uno stesso utente non sono mostrate) | |||
Riga 1: | Riga 1: | ||
== Circuit schematics == | == Circuit schematics == | ||
− | [[File:rfid125spoofschematics. | + | [[File:rfid125spoofschematics.png|450px]] |
List of materials: | List of materials: | ||
* an antenna (there are many 125khz antennas on e-bay) | * an antenna (there are many 125khz antennas on e-bay) | ||
− | * Capacitor 1nF (maybe this value | + | * Capacitor 1nF (maybe this value needs some tuning for the best resonance of the antenna) |
* 4 diodes 1N4148 | * 4 diodes 1N4148 | ||
* Resistor 100Kohm | * Resistor 100Kohm | ||
Riga 32: | Riga 32: | ||
int data_count =0; | int data_count =0; | ||
− | + | unsigned char spoofed_card[64]; | |
void setup() | void setup() | ||
Riga 57: | Riga 57: | ||
} | } | ||
− | + | int hexchar(char hexa) | |
− | + | { | |
− | + | if (hexa >= '0' && hexa <= '9') | |
− | + | return hexa - '0'; | |
− | + | else if (hexa >= 'A' && hexa <= 'F') | |
− | + | return hexa - 'A' + 10; | |
− | + | else if (hexa >= 'a' && hexa <= 'f') | |
− | + | return hexa - 'a' + 10; | |
− | + | else | |
− | + | return 0; | |
− | + | } | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | //http://www.priority1design.com.au/em4100_protocol.html | |
− | + | void compute_em4100(char *in, unsigned char *out) { | |
− | + | int i; | |
− | + | int j; | |
− | + | int parity; | |
− | + | static const int prefix = 9; | |
− | + | for (i = 0; i < prefix; i++) | |
− | + | out[i] = 1; | |
+ | for (i = 0, j = prefix; i < 10; i++, j += 5) { | ||
+ | int raw_data = hexchar(data[i]); | ||
+ | out[j] = !!(raw_data & 8); | ||
+ | out[j + 1] = !!(raw_data & 4); | ||
+ | out[j + 2] = !!(raw_data & 2); | ||
+ | out[j + 3] = !!(raw_data & 1); | ||
+ | } | ||
+ | for (i = 0 + prefix; i < 50 + prefix; i += 5) { | ||
+ | for (parity = 0, j = 0; j < 4; j++) | ||
+ | parity += spoofed_card[i + j]; | ||
+ | spoofed_card[i + j] = parity & 1; | ||
+ | } | ||
+ | for (i = 0 + prefix; i < 4 + prefix; i++) { | ||
+ | for (parity = 0, j = 0; j < 50; j += 5) | ||
+ | parity += spoofed_card[i + j]; | ||
+ | spoofed_card[i + j] = parity & 1; | ||
+ | } | ||
+ | out[63] = 0; | ||
} | } | ||
void spoofcard(){ | void spoofcard(){ | ||
− | + | compute_em4100(data, spoofed_card); | |
for(int h = 0; h < 50; h++) | for(int h = 0; h < 50; h++) | ||
spoofnow(); | spoofnow(); | ||
Riga 113: | Riga 121: | ||
delayMicroseconds(256); | delayMicroseconds(256); | ||
} | } | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
} | } | ||
</pre> | </pre> |
Versione delle 07:56, 8 apr 2019
Circuit schematics
List of materials:
- an antenna (there are many 125khz antennas on e-bay)
- Capacitor 1nF (maybe this value needs some tuning for the best resonance of the antenna)
- 4 diodes 1N4148
- Resistor 100Kohm
- zener diode 5.1v
Usage
Connect the two terminals of the circuit to GND and pin 12.
Compile and Load the code herebelow.
Open a serial terminal (9600 bit/s), e.g.
screen /dev/ttyUSB0 9600
Type in 10 hexadecimal digits (characters are not echoed). (the code computes all the parity bits, both horizontal and vertical).
Code
#define coil_pin 12 char data[10]; int data_count =0; unsigned char spoofed_card[64]; void setup() { pinMode(coil_pin, OUTPUT); digitalWrite(coil_pin, LOW); Serial.begin(9600); } void loop() { if(Serial.available()){ char key = Serial.read(); if(key != '\0') { data[data_count] = key; if(data_count == 9){ spoofcard(); data_count = 0; } else data_count ++; } } } int hexchar(char hexa) { if (hexa >= '0' && hexa <= '9') return hexa - '0'; else if (hexa >= 'A' && hexa <= 'F') return hexa - 'A' + 10; else if (hexa >= 'a' && hexa <= 'f') return hexa - 'a' + 10; else return 0; } //http://www.priority1design.com.au/em4100_protocol.html void compute_em4100(char *in, unsigned char *out) { int i; int j; int parity; static const int prefix = 9; for (i = 0; i < prefix; i++) out[i] = 1; for (i = 0, j = prefix; i < 10; i++, j += 5) { int raw_data = hexchar(data[i]); out[j] = !!(raw_data & 8); out[j + 1] = !!(raw_data & 4); out[j + 2] = !!(raw_data & 2); out[j + 3] = !!(raw_data & 1); } for (i = 0 + prefix; i < 50 + prefix; i += 5) { for (parity = 0, j = 0; j < 4; j++) parity += spoofed_card[i + j]; spoofed_card[i + j] = parity & 1; } for (i = 0 + prefix; i < 4 + prefix; i++) { for (parity = 0, j = 0; j < 50; j += 5) parity += spoofed_card[i + j]; spoofed_card[i + j] = parity & 1; } out[63] = 0; } void spoofcard(){ compute_em4100(data, spoofed_card); for(int h = 0; h < 50; h++) spoofnow(); } void send_manchester(int clock_half, int signal) { int man_encoded = clock_half ^ signal; if(man_encoded == 1) digitalWrite(coil_pin, LOW); else digitalWrite(coil_pin, HIGH); } void spoofnow(){ for(int i = 0; i < 64; i++) { send_manchester(0, spoofed_card[i]); delayMicroseconds(256); send_manchester(1, spoofed_card[i]); delayMicroseconds(256); } }