ProxMark3 复制ID低频卡
ID卡是出厂时写死ID,不可修改的低频卡。一般ID卡,仅仅是判断该卡的ID是否在数据库中,在就放行,不在就拒绝。所以只要把ID卡的ID写入到可复制的ID中,就可以过门禁。1、将原ID卡放到proxmark3的低频天线上,点击“读ID/HID卡号”。
##读取ID的信息,其中lf是指采用低频工具包
Proxmark3> lf search
NOTE: some demods output possible binary
if it finds something that looks like a tag
False Positives ARE possible
Checking for known tags:
EM410x pattern found
EM TAG ID : 88004631F6
Possible de-scramble patterns
Unique TAG ID: 1100628C6F
HoneyWell IdentKey {
DEZ 8 : 04600310
DEZ 10 : 0004600310
DEZ 5.5 : 00070.12790
DEZ 3.5A : 136.12790
DEZ 3.5B : 000.12790
DEZ 3.5C : 070.12790
DEZ 14/IK2 : 00584120152566
DEZ 15/IK3 : 000073020902511
DEZ 20/ZK : 01010000060208120615
}
Other : 12790_070_04600310
Pattern Paxton : 2287628278
Pattern 1 : 9001275
Pattern Sebury : 12790 70 4600310
[+] Valid EM410x ID Found!
Proxmark3>
从回显结果,可以获知卡的类型是EM410x,EM ID是88004631F6。
2、接着直接写入新卡,将T5577新卡放到proxmark3的低频天线上,点击“克隆ID卡”。
## if em 410x_write工具写入,最后1和64是写入的数据块大小
pm3 --> lf em 410x_write 08003C9F5F 1 64
Writing T55x7 tag with UID 0x08003c9f5f (clock rate: 64)
#db# Started writing T55x7 tag ...
#db# Clock rate: 64
#db# Tag T55x7 written with 0xff822001b12f2bd6
页:
[1]