Is it possible to copy tag without knowing what kind it is
  • chickendinerchickendiner August 2016
    I was thinking about getting an RFID implant and copy my school badge on it.
    But I don't know what kind of tag my card is.

    Is there a way to find it out?
    I asked my school if they tell me, but I think they are scared that I will somehow hack the system or anything. Because our badge works as payment for copies and lunch, entry to buildings, etc.

    I don't want to get an implant and then not be able to use it for anything.

    All I know about the tag is that I can't read it with my LG G3, and therefor I think its an RFID and not a NFC tag.

    Thanks for any advice
  • MeanderpaulMeanderpaul August 2016
    Probably an RFID. Does it say anything on the card? Most likely in the lower corner or on the edge? Maybe a brand or model. A jumbling of numbers or letter?

    When you use the card does it need to touch the reader or can there be a space between it and the reader at your school?
  • chickendinerchickendiner August 2016
    @Meanderpaul it doesn't say anything on the card, except for my studentnumber, etc. No manufacturer, model or anything.

    It does need to touch the reader on our vending machines.

    I think I found the manufacturere (only german and french), but they produce all kinds of different cards:
    • Mifare Classic 1K/4K
    • Mifare DesFire 4K/ 8K
    • Legic Prime MIM 256, 1024 bytes
    • Legic Advant ATC 1024, 2048, 4096 bytes
    • others by request
  • MeanderpaulMeanderpaul August 2016
    So I saw that they were talking about bringing RFID technology but never saw them say NFC on the site. (I can barely understand both those languages yay for know a little of both and switching between to fill gaps!)

    I believe it to be RFID and not NFC. What led you to that site?
  • chickendinerchickendiner August 2016
    there's a module from them on our vending machines.

    http://imgur.com/ZOCsuq0
    (I can't upload the picture)
  • MeanderpaulMeanderpaul August 2016
    Is it contact on every reader or just the vending machine? That's fine about the picture And your sure there isn't any sort of ingrained numbers or anything on the card?

    Do you have access to a RFID reader? If it is NFC it could be protected from being read by things other then their machines.

    I found the product list and again it says RFID do you see anything that says hid on it?

    I did a quick look up of the cards and most of them say 13.56mhz which is an NFC.
    I'm going to guess if your card is one of the listed it is NFC. For a reader you may not be able to copy it because it could be locked and only readable with their scanner. If you can find a dual reader for NFC and RFID you'd be golden but again likely locked by manufacturer.
  • NLmaxNLmax August 2016
    Try using a nfc Reader like acr122u, its a cheap nfc Reader. Or pn532 or rc522 (arduino kind) if you are familiar with it. They Read All my nfc cards as far as ive tried. Atleast my bankcards are Read by the acr122u. So if you are into nfc, its money well spend. If you need a RFID Reader, they are harder to get ( in my opinion). Ive currently Have acr122u and the rc522 with a rfidcopier in order waiting to be delivered.

    So in adition to what @meanderpaul said( not trying to teach him or hate) :), my suggestion would be to get a hold of a nfc Reader and try if they read your Card. Or look up how you can make a "nfc detector " on internet . Its basicly a Small thin Electronical wire wound up 3-4 Times around three vingers to create a loop and just solder a LED to it. If you hold that against a nfc Reader it will light up. Check YouTube on how to make one. ;)
  • MeanderpaulMeanderpaul August 2016
    I've never heard of that! Thanks for the info drop @nlmax! I'm always for a good teaching.

    Can you get a photo of the card maybe? Or even the readers could have a make/ model which could give us an idea on what it is.
  • chickendinerchickendiner August 2016
    Thanks guys.
    I'm just on thr way home from a festival, so i cant check tonight. But tomorrow i will look into it again and let you know.

    Thank you very much for the tips so far
  • chickendinerchickendiner August 2016
    Ok, I guess I was wrong. I got a mail from our IT dept. And he gave me this link: http://www.legic.com/en/products-and-services/507876/technology.html

    So after all we are not using the polysafe chips.
    He said thats all he knows.

    There are still differents tags but we are using them for payment, access control, payment of photocopies and prints directly at the printer and I think parketing.

    I hope this is better.

    As soon as I get hands on a computer I will upload a pic of my card. And I checked for models and stuff on the readers and there is nothing, probably only on the other side I can't see.

    edit: changed to english link
  • NLmaxNLmax August 2016
    Well it looks like an NFC Card? I only saw the First Page of the site but it says NFC, and thats All i can understand from german haha. Try getting a nfc Reader other than phone to make sure its nfc. I suggest the Acr122u ( order it from China to save money) as its used for contactless payments aswell ;).

    If you are close to me Im willing to scan it with Mine ( I'm from the netherlands).

    Or make a nfc detector with a led and simply hold it against the reader on school.

    You should try to narrow it Down to nfc or RFID first
  • mmuyskensmmuyskens August 2016
    Trusty translation shows this;

    Transponder chip (ID-medium)

    Passive memory chip with up to 4 kB memory, for integration into cards,
    key fobs, key or as a virtual transponder also in banking, credit cards
    or mobile phones (NFC).


    As well as this;

    Reader Chip

    Integrated circuit (IC), with high-frequency unit and microprocessor
    with comprehensive security features for the realization of readers for
    access control, time & attendance, cashless payment etc.

    and lastly this;


    RF interface
    Contactless data and power transmission on the frequency of 13.56 MHz for communication distances of up to 50 cm.
    The LEGIC technology components support the RF standards ISO 14443, ISO
    15693, NFC and the LEGIC RF and other standards of third parties (see
    table below).


    Going to say either NFC or IC, might need the xIC implant;

    https://dangerousthings.com/shop/xic-icode-sli-2x12mm-glass-tag/

  • chickendinerchickendiner August 2016
    hmm. I think with the RF interface they are talking to about the readers on the machines etc. And with transponder chip they mean the card itself.

    When I go to the overview of the transponder chips and then choose the chips I get this overview, but there are a lot different ones. And I am not sure which one we are using.

    So I guess the easiest thing to do is to get a NFC reader and see what I can get.

    Here are the pics of my card. No numbers or model.

    frontside



    @NLmax I'm from Switzerland, so the Netherlands aren't just around the corner. But thanks for the offer.
    With the reader/writer you mentioned it would be possible to read more NFC tags than with my phone? Could it be that I can't read my student card with my phone NFC but this reader can do it?
  • NLmaxNLmax August 2016
    I can't confirm 100% that it reads More than my phone as my current phone has a bad and Tiny nfc antenna. But i remember trying to crack a few mifares with the acr122u. And the plus side of that Reader is that it is able to be used by shops as contactless payments. So i know it detects my bankcards which are obvisously encrypted.

    So my opinion would be to use a makeshift nfcdetector to filter out if its nfc or not. That would be the cheapest First Step.

    My Experience with that Reader is that it has a bad library and drivers for anything like cracking or copying, but i often use it to check for nfc and if my makeshift nfc works ;). So maybe invest in it or a cheap knockoff arduino with nfc Reader?
  • chickendinerchickendiner September 2016
    UPDATE:

    So I got myself a PN532 NFC board and a 125khz Handheld read/write.

    I connected the PN532 to my arduino and got to read some tags I had around. But sadly not my card. I tried it with the "iso14443" example on the arduino.
    It is also possible that I wired something wrong, I am not sure about that.

    And the RFID handheld does also not receive anything. But when I got it I saw that it only supports em4100, but not the second option HID and AWID. Whatever that means.
    Is that a problem?

    Would it help to get an RDM6300 Module?
    Or should I just forget about it?


    But on the other hand I got an PN532 to play around with now. So I got that going for me, which is nice
  • AlexSmithAlexSmith October 2016
    I assume proxmark3 is out of your price range, but it has by far the best support for different types of NFC and RFID tags.

    If you can find someone near you with a proxmark3, you could get them to scan the card.... if if you could spare it for a couple of weeks over the holidays you could send it to me and I'll scan it.
  • chickendinerchickendiner October 2016
    Thanks for the offer.
    I discovered a local hackerspace near me and am now checking with them if they have the knowledge and the equipment.
    I hope we get it to finally read this tag.
  • chickendinerchickendiner October 2016
    Short update:

    I contacted the manufacturer of the chips we use at my school. And he told me, he can't tell me what they are using, but if I can't read it with my phone it probably is their prime Standard. Which only THEY use.



    So I guess I won't be paying my lunch with my hand anytime soon.

    But thank you all very much for your help and tips. I really appreciate it.


  • decaldecal October 2016
    If it's something proprietary (ie. unknown), then this requires a SIGINT (Signals Intelligence) approach.  If you only need to fingerprint the signal transmission, then a spectrum analyzer will suffice, otherwise you'll need an RF training system.. Alternatively, you could take advantage of their SDR equivalents (I would recommend HackRFOne).  With the software-defined approach, you'll be manually analysing the waveform yourself with a Fast Fourier Transform algorithm.  This ELINT (electronics intelligence) document might help:


    Hope This Helps..