RFID Cards Hacking [Cloning] Using Arduino

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
in this video i'm going to show you how you can copy your original rfid memory card or maybe employee badge to a new programmed key fob where you will be able to use your new programmed key fob to get access or to get authorized instead of using your old original member card or employee badge all of this in this video stay tuned now what is rfid rfid or radio frequency identification is the use of radio waves to read and capture information from another id card attached to an object now when we are talking about arf ids then we always have two main components we have the rfid tag slash card and we have the rfid readers for example you have a an rfid tag or an rfid card and you want to get authorized to do something or get access to somewhere so you basically present your rfid tag to the reader and then the reader reads your tag and if you have the correct tag then it lets you in so basically rfid is a contactless form of authentication now rfid works on different frequencies we have the low frequency high frequency and ultra high frequency the low frequency operates on 125 kilohertz and it's it's the oldest version of our id and the easiest to clone and it's mostly used in employee badges and door and gate access control then we have the high frequency that operates on 13.56 megahertz and it has higher security format and it's mostly used in electronic ids passports and credit cards and last but not least we have the ultra high frequency that operates on between 860 megahertz to 960 and ultra high frequency cards have a read range up to 50 feet and it's mostly used in identification and transaction processes now if you want to read low frequency cards then we need a low frequency reader and if you want to read a high frequency cards then we need a high frequency reader the reader that we are going to use in this video is the rc 522 and it's a high frequency reader because my member card actually is a operates on 13.56 megahertz which is high frequency that's why we are going to use the rc 522 now hrf id tag or card has a unique identification number or uid and in my case when i tried to clone my member card it actually used a unique id so the reader will only look on the uid and compare to its database and if my member id matches the uid that's in its database then it lets me in so our only job is to program our rfid tag and change its uid so the uid of this card has to be exactly the same of the uid of my member card and then when when we go to the reader that's in the gem so when i go to the gem i can just present my rfid tag to the reader the reader will look at the uid that's inside the chip and if it matches what it has in the database then it lets me in now we have two different types or rfid tag chips we have the read write microchip and we also have the read only microchip with the read write microchip you are allowed to read write raise and override data as much as you want but if you have a read only microchip then you can only write once to the card and then read as much as you want so you cannot overwrite or modify or erase the data from the microchip so the rf id tag that we have to have or to get from ebay or maybe amazon is a read write rfid tag that allows us to change its uid write data on it modify the data and maybe erase the data so we don't want to buy the read on the rfid this won't work for us and as i said we have two types of microchips we have the em4100 chips that are not writable so don't get these what we actually want is the t5577 or t5577 chip that allow us to change the uid and modify it and maybe erase the data or even override the data to the card and they are also called the chinese magic cards so if you want to buy it from aliexpress then you just type chinese magic cards and then make sure that they are the t5577 chips and then get them if you don't have them now if you want to protect ourselves from this attack then we need to buy or have a protective sleeve that will isolate our card from the reader so when you put the sleeve on the card and then you present the card to the reader the reader won't be able to read the card because actually your card is isolated now without being said let's dive to our computer and see how we can perform this attack now before we get started we need to make sure that we have the following we should have the arduino uno or it could be the arduino mega nano leonardo or pro micro you can use either one of these versions of arduino we also should have the arduino software installed and we have an rfid writable card as well as the rc 522 module that we will connect it to the arduino so you can buy the arduino from the official website this in my case i have the arduino mega so you can buy the ono mega nano pro micro etc and all of these versions should work with us and you can buy them either from amazon ebay or from the official website second we need to install the arduino software and i'll add all the links in the description and installing the software is very easy just download the installer file and double click on it next next next and then it will be installed then we need to have the key fob or the card that you want to write your data on so we'll be using these key fobs to paste our data from the card that we have cloned into this card and you can see that this is a 13.56 megahertz changeable smart key fob that will allow us to change its data and lastly we need the rc 522 module that you can buy it from aliexpress amazon or ebay but of course the cheapest website will be aliexpress and this is the module that we are looking for like this one and the last thing we want to do is to connect like once we have the um rc 520 522 module and we have the arduino then we need to connect the arduino with the module and you can look at this website that will show you how you can connect to it and you can see these are the pins on the rc module and these are the pins on the arduino for example here the sdi pin has to be connected to the port on a digital temporary on the arduino uno and you can look at the graph here where you can see how you can connect to it so i think connecting it to the arduino won't be a trouble and if you have any problem connecting to it so please comment on this video and i'll be glad your response once we have all the requirements the arduino the software the cards and the module and we have successfully connected the module to the arduino owner the first thing we are going to do is to run the arduino software and then we need to install a library that will allow us to change the uid dump all the data from the card and maybe clone the card that we want to clone without having to code any program so all of this will be ready to use so to do this we are going to the edit or to sketch and then i'm going to go to the include library and then manage libraries and from here we are going to download a library called rf or i think it's rc 522 so here is it it's mfrc 522 which is the name of the module you just have to click on install a new case you'll find like a button like this it's called install install it and wait for one or two minutes and then it will be installed after installing the library to the arduino we are going to browse the library by going to sketch and then include library and here where you will see the mfr 522 library installed so if you want to have a look what's inside this library we are going to file and then examples and these are all the modules that come with arduino software and we can use any of these ones but in our case we are going to use the one that we have installed which is the mfrc 522 and you can see that the all of these modules are for the mfr5 module and what's interesting here is the changeuid dump info and we also have the arp id cloner so the dump info module will allow us to read the data that are on our rfid card the changeuid module will allow us to change the uid of our writable key fob or card that we have bought from alex brace which is the magic card and the rfid cloner will allow us to copy all the data that are on the first card for example my fitness card and put it in our new card and the difference between the rfid cloner and the changeuid the change uid will only change the uid of the rf id card but the rfid cloner would not change the uid of the card instead it's going to copy the information that is on the old card to the new card for example if our old card has its first name or our first name and last name then we can copy our first and last name to the new card which means that whenever someone reads our new card he will be able to see our first and last name so i'm gonna be starting with dump info module which is this one and you can see that this payload is configured to run on the arduino uno but in my case for example i have the arduino mega so i'm going to be changing the reset and the sda ports from 9 and 10 to 5 and 53 and if you have for example the arduino nano then you are going to change it from 9 to d9 and from 10 to d10 for example so here we have a 9 i'm going to change it to 5 and here we have a 10 and i'm going to change it to 53 and then we want to make sure that we go to the tools and make sure that our board is connected so you might want to make sure that your arduino is connected to your pc and after doing that go to the tools and then click on get board info and here you can see that you have an arduino mega or mega 2560 in my case and then you want to go to tools again and then go to board and you want to select the port or not the board that you are using for example if you are using the arduino uno then click on the arduino uno and if you are using any different type of arduino then you can select it from here so in my case i have selected this one the mega one and then i'm going to make sure that it's clicked on the port or the port is selected which is in my case that it's only one port which is to the com three so you want to make sure that this is selected and this means that our arduino mega is connected to our pc and we are ready to upload any program so i'm going to click on this arrow to upload the file and now we are done uploading and if we want to execute the code then we can just go to this search or serial monitor and click on it and now it's waiting for us to present our rfid card or tag to the reader so that it can read it so first i'm going to present my empty or my new rfid tag so i'm going to put it here and wait and now it's done now the first thing it scans is the card uid which is very important that this is we're going what we're going to change and we also have the card sak or it's the manufacturer code and with this code you can know what is the manufacturer it's very similar to the mac address where this first six letters or six digits allow you to know which manufacturer manufactured your card and then we have the type of the card which is my fare one kilobit and then we have all of the information now we can see that the this card is empty and i'm going to show you how an empty card looks like and how a card with information actually looks like we can see that there is bunch of zeros and ff07 at the beginning of each sector and in the link in the last sector in the last uh block we can see the uid at the beginning of it or the uid of the card and now let me show you how a card with information look likes so i'm going to present my fitness card to the reader so when we scroll up we can see that we have a different uid it starts with a b the first one actually started with nine seven you can see here and then when we look at here at the bottom you can see that it's full of zeros and f zero seven and we need when we come down we can see that we have different information in here and this is what the rfid cloner module will copy when you want to clone the information from the old card to the new card now let me copy the uid of the first card which is the empty one and paste it in my notepad so the first uid is for the empty card and the second uid is for the fitness card so and now we are going to see how we can change the uid of this card to be identical to this one so i'm going to close this window and i'm going to open a new example which is the change your id module so i'm going to click on change your id so here's the module let me close this one and we have to do the same we have to change the port from 9 and 10 to 5 to 53 and 53 and then i'm going to scroll down and here we can see where we can change our uid so we only have to change these letters that are after the x to the new one so here is my new fitness card uid this is the one that i'm going to copy to the new card or to the empty card so i'm going to replace the d e with a b and the id with four one b e with sixty lastly ef with fc now that we have the new uid in here the last thing we are going to do is to upload the script or the code and now it's done uploading then i'm going to execute it and now i'm going to place my new card or my new rfid tag on the card reader so here is it i'm going to place it here for some reason the first try didn't work and you can see that we have got an error in here which is activating the uid backdoor failed and then what i did is i just placed the card again which changed the uid we can see wrote a new uid to the card and when we go to the bottom of the card or the code we can see that this is our new uid so when we close this window for example and open the dump info module i'm going to change the values here now let me execute it and now let me place my new rfid tag to the reader and see what is its uid so as you can see here that our new uid is ab416 d6fc so we have successfully changed the uid you can see this is our old uid it starts with 97 and now we have the similar uid of the fitness card so when we place our fitness card again we can see that we have the same uid so as you can see we have the same uid as our new card and now with your new rfid tag you can access your gem without having to have your old card i have already used the rfid tag to access to the gem just by using my new rfid tag and how the reader actually works is just by looking at the uid and comparing it whether it have it in its database or not if it has it then it lets you in and if it doesn't have it then the door won't open i actually wanted to show you this in real time where i can go to the gym and present it to the reader and show you how we can open the door but now because of covert if you want to go to the gym then you need to present your car to the receptionist and you also have to show him a negative covet test and then the receptionist will let you in so it's not about the card even if you try the right card the door won't open because they need or the receptionist need to see your id card the or the member card and your copy test and in our case we can't show him our new rfid tag because he may ask us how did you get this how did you do this but this video is only for educational purposes now let's say that we want to copy the information that are on our member id card like this one to our new rfid tag which has the similar uid so what we're going to do is to use the rfid cloner module so let's go to the file example and click on rfid cloner and we also have to change the port number and then i'm going to upload it and we are done let me execute the code and you can see that you have three options the first option is read card the second one is right to card and the third one is copy the data now let me tell you that read the card or the first option is used to copy the information from the old card so what you should do is to place your old arf id card or your member card in my case my gem card on the reader and then press one and then hit enter and then it will copy the information from the card after copying you need to paste the information in your new rf id tag so you are going to be using option number three so first you have to use option number one to copy the information and then you have to use option number three to paste the information to your new rfid tag so let's try this i'm going to place my first or my member card on the reader and then i'm gonna click on one and hit enter so now it's done it's copied all of the information and what we are going to do now is to use option number three and before we do this we have to place our new rfid tag on the reader like this and then i'm going to press number three and hit enter and now it's done so let's see how the information looks like when we use dump info we want to see if we have actually uploaded this or copied the card to the new rfid tag so i'm going to be using the same module the dump info i'm going to upload it and then execute it and now let me place my new rfid tag and we can see that we have the exactly same information that were on our gem member card so let me show you let me remove this and add this card so we can see that the results are identical this is from the new or this is from the old card it starts with 4 7 b or 8 a 8 b let's go up and see that we have similar information so we have copied the new information which means that whatever was on our old card like the first last name or maybe the address is now on our new rfid tag so we have the same uid and we have the same information which means that these two the rfid tag and the card are now identical now the last thing i'm going to show you is how we can erase the information from from our new rfid tag the only thing that we have to do is just to place the card and use the exact same module which is the rfid cloner so let me upload it to arduino and then let me run the script and then now let me place my rfid tag and then hit number three and enter so this will actually clear all the information that are on our new rfid tag so let me hit enter and now let me come back to the dump info and upload this script and i'm gonna run it and now we can see that today we have no information so all the information that we had previously are now gone and replaced with zeros and ff that's it for this video i hope you enjoyed watching the video and learned something new please if you like this video don't forget to subscribe to the channel and like the video and follow us on social media and lastly thank you very much for watching please if you have any question please post it in the q a section or in the comment section i'll be very happy to answer all of your questions
Info
Channel: CyberSudo
Views: 44,217
Rating: undefined out of 5
Keywords: Arduino, RFID Hacking, RFID Cloning, RFID card, Hacking
Id: VXx6l3vgBno
Channel Id: undefined
Length: 23min 44sec (1424 seconds)
Published: Sun Sep 12 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.