Differenze tra le versioni di "125Khz RFID spoofing"
Jump to navigation
Jump to search
Riga 1: | Riga 1: | ||
== Circuit schematics == | == Circuit schematics == | ||
− | [[File: | + | [[File:rfid125spoofschematics.png|450px]] |
List of materials: | List of materials: |
Versione attuale delle 19:55, 13 mar 2023
Circuit schematics
List of materials:
- an antenna (there are many 125khz antennas on e-bay)
- Capacitor 1nF (maybe this value needs some tuning for the best resonance of the antenna)
- 4 diodes 1N4148
- Resistor 100Kohm
- zener diode 5.1v
Usage
Connect the two terminals of the circuit to GND and pin 12.
Compile and Load the code herebelow.
Open a serial terminal (9600 bit/s), e.g.
screen /dev/ttyUSB0 9600
Type in 10 hexadecimal digits (characters are not echoed). (the code computes all the parity bits, both horizontal and vertical).
Code
#define coil_pin 12 char data[10]; int data_count =0; unsigned char spoofed_card[64]; void setup() { pinMode(coil_pin, OUTPUT); digitalWrite(coil_pin, LOW); Serial.begin(9600); } void loop() { if(Serial.available()){ char key = Serial.read(); if(key != '\0') { data[data_count] = key; if(data_count == 9){ spoofcard(); data_count = 0; } else data_count ++; } } } int hexchar(char hexa) { if (hexa >= '0' && hexa <= '9') return hexa - '0'; else if (hexa >= 'A' && hexa <= 'F') return hexa - 'A' + 10; else if (hexa >= 'a' && hexa <= 'f') return hexa - 'a' + 10; else return 0; } //http://www.priority1design.com.au/em4100_protocol.html void compute_em4100(char *in, unsigned char *out) { int i; int j; int parity; static const int prefix = 9; for (i = 0; i < prefix; i++) out[i] = 1; for (i = 0, j = prefix; i < 10; i++, j += 5) { int raw_data = hexchar(data[i]); out[j] = !!(raw_data & 8); out[j + 1] = !!(raw_data & 4); out[j + 2] = !!(raw_data & 2); out[j + 3] = !!(raw_data & 1); } for (i = 0 + prefix; i < 50 + prefix; i += 5) { for (parity = 0, j = 0; j < 4; j++) parity += spoofed_card[i + j]; spoofed_card[i + j] = parity & 1; } for (i = 0 + prefix; i < 4 + prefix; i++) { for (parity = 0, j = 0; j < 50; j += 5) parity += spoofed_card[i + j]; spoofed_card[i + j] = parity & 1; } out[63] = 0; } void spoofcard(){ compute_em4100(data, spoofed_card); for(int h = 0; h < 50; h++) spoofnow(); } void send_manchester(int clock_half, int signal) { int man_encoded = clock_half ^ signal; if(man_encoded == 1) digitalWrite(coil_pin, LOW); else digitalWrite(coil_pin, HIGH); } void spoofnow(){ for(int i = 0; i < 64; i++) { send_manchester(0, spoofed_card[i]); delayMicroseconds(256); send_manchester(1, spoofed_card[i]); delayMicroseconds(256); } }