Differenze tra le versioni di "125Khz RFID spoofing"
Jump to navigation
Jump to search
m |
|||
| (3 versioni intermedie di uno stesso utente non sono mostrate) | |||
| Riga 5: | Riga 5: | ||
List of materials: | List of materials: | ||
* an antenna (there are many 125khz antennas on e-bay) | * an antenna (there are many 125khz antennas on e-bay) | ||
| − | * Capacitor 1nF (maybe this value | + | * Capacitor 1nF (maybe this value needs some tuning for the best resonance of the antenna) |
* 4 diodes 1N4148 | * 4 diodes 1N4148 | ||
* Resistor 100Kohm | * Resistor 100Kohm | ||
| Riga 32: | Riga 32: | ||
int data_count =0; | int data_count =0; | ||
| − | + | unsigned char spoofed_card[64]; | |
void setup() | void setup() | ||
| Riga 57: | Riga 57: | ||
} | } | ||
| − | + | int hexchar(char hexa) | |
| − | + | { | |
| − | + | if (hexa >= '0' && hexa <= '9') | |
| − | + | return hexa - '0'; | |
| − | + | else if (hexa >= 'A' && hexa <= 'F') | |
| − | + | return hexa - 'A' + 10; | |
| − | + | else if (hexa >= 'a' && hexa <= 'f') | |
| − | + | return hexa - 'a' + 10; | |
| − | + | else | |
| − | + | return 0; | |
| − | + | } | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | + | //http://www.priority1design.com.au/em4100_protocol.html | |
| − | + | void compute_em4100(char *in, unsigned char *out) { | |
| − | + | int i; | |
| − | + | int j; | |
| − | + | int parity; | |
| − | + | static const int prefix = 9; | |
| − | + | for (i = 0; i < prefix; i++) | |
| − | + | out[i] = 1; | |
| + | for (i = 0, j = prefix; i < 10; i++, j += 5) { | ||
| + | int raw_data = hexchar(data[i]); | ||
| + | out[j] = !!(raw_data & 8); | ||
| + | out[j + 1] = !!(raw_data & 4); | ||
| + | out[j + 2] = !!(raw_data & 2); | ||
| + | out[j + 3] = !!(raw_data & 1); | ||
| + | } | ||
| + | for (i = 0 + prefix; i < 50 + prefix; i += 5) { | ||
| + | for (parity = 0, j = 0; j < 4; j++) | ||
| + | parity += spoofed_card[i + j]; | ||
| + | spoofed_card[i + j] = parity & 1; | ||
| + | } | ||
| + | for (i = 0 + prefix; i < 4 + prefix; i++) { | ||
| + | for (parity = 0, j = 0; j < 50; j += 5) | ||
| + | parity += spoofed_card[i + j]; | ||
| + | spoofed_card[i + j] = parity & 1; | ||
| + | } | ||
| + | out[63] = 0; | ||
} | } | ||
void spoofcard(){ | void spoofcard(){ | ||
| − | + | compute_em4100(data, spoofed_card); | |
for(int h = 0; h < 50; h++) | for(int h = 0; h < 50; h++) | ||
spoofnow(); | spoofnow(); | ||
| Riga 113: | Riga 121: | ||
delayMicroseconds(256); | delayMicroseconds(256); | ||
} | } | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
} | } | ||
</pre> | </pre> | ||
Versione attuale delle 19:55, 13 mar 2023
Circuit schematics
List of materials:
- an antenna (there are many 125khz antennas on e-bay)
- Capacitor 1nF (maybe this value needs some tuning for the best resonance of the antenna)
- 4 diodes 1N4148
- Resistor 100Kohm
- zener diode 5.1v
Usage
Connect the two terminals of the circuit to GND and pin 12.
Compile and Load the code herebelow.
Open a serial terminal (9600 bit/s), e.g.
screen /dev/ttyUSB0 9600
Type in 10 hexadecimal digits (characters are not echoed). (the code computes all the parity bits, both horizontal and vertical).
Code
#define coil_pin 12
char data[10];
int data_count =0;
unsigned char spoofed_card[64];
void setup()
{
pinMode(coil_pin, OUTPUT);
digitalWrite(coil_pin, LOW);
Serial.begin(9600);
}
void loop()
{
if(Serial.available()){
char key = Serial.read();
if(key != '\0') {
data[data_count] = key;
if(data_count == 9){
spoofcard();
data_count = 0;
}
else
data_count ++;
}
}
}
int hexchar(char hexa)
{
if (hexa >= '0' && hexa <= '9')
return hexa - '0';
else if (hexa >= 'A' && hexa <= 'F')
return hexa - 'A' + 10;
else if (hexa >= 'a' && hexa <= 'f')
return hexa - 'a' + 10;
else
return 0;
}
//http://www.priority1design.com.au/em4100_protocol.html
void compute_em4100(char *in, unsigned char *out) {
int i;
int j;
int parity;
static const int prefix = 9;
for (i = 0; i < prefix; i++)
out[i] = 1;
for (i = 0, j = prefix; i < 10; i++, j += 5) {
int raw_data = hexchar(data[i]);
out[j] = !!(raw_data & 8);
out[j + 1] = !!(raw_data & 4);
out[j + 2] = !!(raw_data & 2);
out[j + 3] = !!(raw_data & 1);
}
for (i = 0 + prefix; i < 50 + prefix; i += 5) {
for (parity = 0, j = 0; j < 4; j++)
parity += spoofed_card[i + j];
spoofed_card[i + j] = parity & 1;
}
for (i = 0 + prefix; i < 4 + prefix; i++) {
for (parity = 0, j = 0; j < 50; j += 5)
parity += spoofed_card[i + j];
spoofed_card[i + j] = parity & 1;
}
out[63] = 0;
}
void spoofcard(){
compute_em4100(data, spoofed_card);
for(int h = 0; h < 50; h++)
spoofnow();
}
void send_manchester(int clock_half, int signal)
{
int man_encoded = clock_half ^ signal;
if(man_encoded == 1)
digitalWrite(coil_pin, LOW);
else
digitalWrite(coil_pin, HIGH);
}
void spoofnow(){
for(int i = 0; i < 64; i++)
{
send_manchester(0, spoofed_card[i]);
delayMicroseconds(256);
send_manchester(1, spoofed_card[i]);
delayMicroseconds(256);
}
}