Here’s a field-programmable RFID spoofer developed by [Doug Jackson]. He was inspired by the spoofers we looked at near the end of September that didn’t have source code available. With the idea seeded in his mind he figured he could develop his own version, and then decided to share the build details with the rest of us.
The tags that he purchased for testing and developing the spoofer have a code printed on the back of them. A bit of sleuthing at the data from a tag reader and he managed to crack the code. From there he built this tag spoofer with a keypad on which you enter the number from the back of any 125 kHz tag and the device becomes that tag. If you have been waiting to test your RFID hacking skills there should be nothing holding you back now that [Doug] shared the details of his own adventure.
Nice, what uses RFID entry though? To break into businesses? 0,0
@Decius: RTFA
I prefer the old Open RFID Project
http://www.t4f.org/projects/open-rfid-tag
The author wrote a nice explanation of the circuit and it is a good start point if you want to understand how a spoofer works.
It has also a very nice and compact PCB:
http://www.t4f.org/es/projects/open-rfid-tag/53
@decius: The intent of the article is not to provide a universal tool that can break into all businesses – A Sledge Hammer is better at that than many people believe.
To use this device, you need a couple of things; 1) for the reader to use the same encoding as the device was designed for (Fairly likely – given that this is used in low cost solutions) – and 2) knowledge of the number printed on the ack of the card – A bit trickier.
I wanted to highlite that the cheap card swipe systems are not as secure as people believe. But, seriously, what would you expect for $15 with free postage????
lame, I stopped reading at field programmable and started looking at his post for FPGA code…
He’s got his own blog, but posts all the useful information on Instructables? WTF.
Like with the magstripe sensationalism, there is a challenge/response call that can’t be reversed easily where it matters. In this case with car keys and up to date building auth. This wont even work on the ones with the already cracked TI protocol.
If you can use this on a building entrance the it probably is some boring place.
people like him make a secure system unpossible!
I love people like him!
@Alex, me too.
When I hear Field-Programmable, I don’t think of “Programmable-In-The-Field” – I think of an FPGA.
Also, death to Instructables. I hate that. He has a frickin’ solid page of his own but puts it on that atrocious site?
I recognize the RFID reader – commonly available on eBay from HK.
A spoofer is not required. Simply unscrew the faceplate and short the pin labeled ‘Open’ to the one labeled ‘Ground’ and you’re in.
Would have been much more secure to have a signal passed to a more secure processor, but that would be slightly more expensive.
Can we please realise a zigBee spoofer for arduino uno ??