Hackerspace security system brings RFID, video feedback, and automatic doors

April 17, 2013 By 38 Comments

rfid-hackerspace-door-lock

[Will] has been hard at work on a replacement system for his Hackerspace’s RFID door lock. The original is now several years old and he’s decided to upgrade to a much more powerful processor, adding some bells and whistles along the way.

The control box seen above is the exterior component of the system. It’s a telephone service box like you’d find on the back of most houses in the US. They had a few of these lying around and they are a perfect choice because… well… they’re meant to be locking enclosures that brave the elements. [Will] made the jump from an Arduino which has run the locks for the last three years to a Raspberry Pi board. This gives him a lot of extra power to work with and he took advantage of that by adding a vehicle backup LCD screen for visual feedback. You can see it giving the ‘Access Granted’ message he used during testing but the demo video after the break shows that they plan to do some image scripting to display a head shot of the RFID tag owner whenever a tag is read.

There are several other features included as well. The system Tweets whenever a tag is read, helping the members keep tabs on who is hanging out at the space right now. It also patches into a sliding door which one of the members automated using a garage door opener motor.

[Read more...]

Filed Under: Raspberry Pi, security hacks Tagged With: , ,

Turning an $8 RFID reader into something useful

February 16, 2013 By 24 Comments

RFID

[Fabien] ran across a very, very inexpensive RFID reader on Deal Extreme a while ago and with money to burn, added it to his cart. When the USB RFID reader arrived, he noticed something fairly odd about it (French, Traduction). The RFID reader presented itself to his computer as a USB HID device that spit out characters into a text editor whenever an RFID card was waved above the coil. The only problem was these characters weren’t the hex values recorded on the RFID card. So what’s going on here?

As it turns out (Anglais), this random piece of Chinese electronica sends 10 bytes of data to the computer, just like this well-documented RFID reader. Apparently, both these RFID readers take the hex value of an RFID card, convert those bytes to base 10, and pass each digit through a lookup table. Exactly why it does this is anyone’s guess, but since [Fabien] figured out how it worked, he could also figure out how to reverse the process.

Unfortunately, the RFID reader in question is currently out of stock at Deal Extreme. Seeing as how most of the electronics available there are remarkably similar and differ only in the name printed on the enclosure, though, we wouldn’t be surprised if a nearly identical RFID reader was available elsewhere.

Filed Under: security hacks Tagged With: ,

An attempt to replace multiple RFID cards with a single hacked-together tag

January 21, 2013 By 31 Comments

rfid-multipass

It’s kind of a convoluted title, but [Hudson's] attempt to replace multiple HID Prox cards with one AVR chip didn’t fully pan out. The project started when he wanted to reduce the number of RFID access cards he carries for work down to just one. The cards use the HID Proximity protocol which is just a bit different from the protocols used in most of the hobby RFID projects we see. He ended up taking an AVR assembly file that worked with a different protocol and edited it for his needs.

The device above is the complete replacement tag [Hudson] used. It’s just an AVR ATtiny85 and a coil made of enameled wire. The coil pics up current from the card reader’s magnetic field, and powers the chip through the leakage on the input pins (we’ve seen this trick a few times before). The idea he had was to store multiple codes on the device and send them all in a row. He was able to get the tag to work for just one code, but the particulars of the HID Prox reader make it difficult if not impossible to send multiple codes. The card must send the same code twice in a row, then be removed from the magnetic field before the reader will poll for another combination.

Filed Under: security hacks, wireless hacks Tagged With: , , , , , ,

RFID emulator card includes a learning mode

January 18, 2013 By 21 Comments

rfid-emulator

This RFID card has a lot of nice features. But the one that stands out the most is the ability to learn the code from anther RFID tag or card.

You can see that the board includes an etched coil to interact with an RFID reader. This is the sole source of power for the device, letting it pick up enough induced current from the reader to power the PIC 12F683 seen on the upper left of the board. The underside of the PCB hosts just three components: an LED and two switches. One of the switches puts the device in learning mode. Just hold down that button as you move the board into the magnetic field of the reader. While in learning mode a second RFID tag is held up to the reader. It will identify itself and the emulator will capture the code sent during that interaction. This is all shown of in the video after the break. We wonder how hard it would be to make a version that can store several different codes selected by holding down a different button as the emulator is held up to the reader?

If you want to build your own card reader too here’s a project that does it from scratch.

[Read more...]

Filed Under: wireless hacks Tagged With: , , , ,

A better way to hack iClass RFID readers

November 20, 2012 By 15 Comments

iClass is an RFID standard that is aimed at better security through encryption and authentication. While it is more secure than some other RFID implementations, it is still possible to hack the system. But initial iClass exploits were quite invasive. [Brad Antoniewicz] published a post which talks about early attacks on the system, and then demonstrates a better way to exploit iClass readers.

We remember seeing the talk on iClass from 27C3 about a year and a half ago. While the technique was interesting, it was incredibly invasive. An attacker needed multiple iClass readers at his disposal as the method involved overwriting part of the firmware in order to get a partial dump, then patching those image pieces back together. [Brad] makes the point that this is fine with an off-the-shelf system, but high-security installations will be using custom images. This means you would need to get multiple readers off the wall of the building you’re trying to sneak into.

But his method is different. He managed to get a dump of the EEPROM from a reader using an FTDI cable and external power source. If you wan to see how he’s circumventing the PIC read protection you’ll have to dig into the source code linked in his article.

Filed Under: security hacks Tagged With: , , , , ,

Wristband RFID unlocks car door and starts engine

November 14, 2012 By 17 Comments

[João Ribeiro] is an electronics engineer by day, but in his free time he likes to ply his trade on everyday items. Recently he’s been integrating his own microcontroller network to unlock and start his car via RFID. In addition to the joy of pulling apart the car’s interior, he spent time designing his own uC breakout board and developing an RFID reader from a single chip.

He’s working with a 1988 Mercedes that has very little in the way of electronics. It sounds like the stock vehicle didn’t even include a CAN bus so the prelude to the RFID hack had him installing a CAN bus network made up of two microcontrollers. One reads the velocity and RPM while the other displays it on the tachometer. When he began the tag-based entry system he used an RFID reader module for prototyping, but eventually built his own reader around the TRF7960 chip. This included etching his own receiver coil which was mounted in the side-view mirror bracket. To unlock the doors he holds the bracelet up to the mirror and the vehicle lets him in. The video after the break starts with a demonstration of the completed project and moves on to some build videos.

We certainly like the idea of using a bracelet rather than implanting the tag in the meaty part of your hand.

[Read more...]

Filed Under: transportation hacks Tagged With: , , , ,

Configurable RFID tag from 7400 logic chips

October 12, 2012 By 16 Comments

This soldering nightmare is a configurable RFID tag which has been built from 7400-series logic chips. The beast of a project results in an iPhone-sized module which can be used as your new access card for security systems that uses the 125 kHz tags. The best part is that a series of switches makes the tag hand programmable, albeit in binary.

Of course this is an entry in this year’s 7400 Logic Competition. It’s from last year’s winner, and he’s spent a lot of time documenting the project; which we love. We were surprised that this many chips can be powered simply by what is induced in the coil from the reader. This is just one of the reasons the 7400-series have been so popular over the years. After working out the numbers, a 64-bit shift register was built to feed the tag ID to the encoding portion of the design. There were many kinks to work out along the way, but once it was functional a surface-mount design was put together resulting in the final product shown off in the video after the break.

[Read more...]

Filed Under: Microcontrollers Tagged With: , , ,
« Older Posts