Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2015-07-26 09:33:06

PetNoc
Member
Registered: 2015-07-21
Posts: 8

T55x7 based jammer (GuardBunny)

Hi Folks

I played a bit with HID Prox and T5567 cards and thought if it would be possible to program T55x7 to
jam the reader.

The idea and proof of concept device (GuardBunny) was presented by Kristin (previously Chris)  Paget during 2012 Shmoocon

https://www.shmoocon.org/2012/presentations/Paget_shmoocon2012-credit-cards.pdf

She used a passively powered (like a regular  RFID card) pcb circuit.
The project seems to have died it seems though.

T55x7 work in 125kHz spectrum so another one would be needed for 13.56MHz to protect passports and credit cards.

So the question is:
Is it possible to encode such a bit stream on the RFID card (T55x7 for 125kHZ)  that it would jam/confuse the anti-collision protocol ?

And one more T55x7 related question.
Are they in any way detectable / distinguishable from the original HID cards for example ?

Regards
Peter

Offline

#2 2015-07-26 22:57:50

asper
Contributor
Registered: 2008-08-24
Posts: 1,409

Re: T55x7 based jammer (GuardBunny)

A jammer is a frequency saturating the working one.
i really don't think it is possible to transform a T55x7 in a jammer...

Offline

#3 2015-07-27 05:03:09

marshmellow
Contributor
From: US
Registered: 2013-06-10
Posts: 2,302

Re: T55x7 based jammer (GuardBunny)

Asper is correct a t55x7 cannot "jam" the 125khz range. however, most 125 kHz tags don't have any Anticollision capabilities, so if you know the target modulation then two t55x7 well placed should render useless. (Two so that the reader doesn't just always read the one tag.). But it wouldn't be perfect, and your tags would have to match the reader modulation to cause disruption.

Offline

#4 2015-07-27 05:07:29

marshmellow
Contributor
From: US
Registered: 2013-06-10
Posts: 2,302

Re: T55x7 based jammer (GuardBunny)

Oh and sometimes the t55x7 can be detected especially if they are not locked down.  However, hid did use the t55x7 for some tags in the past, but they almost always locked them down.  (And they got a special version that didn't follow atmels std serial number specs.)

Last edited by marshmellow (2015-07-27 05:07:53)

Offline

#5 2015-07-27 08:05:21

PetNoc
Member
Registered: 2015-07-21
Posts: 8

Re: T55x7 based jammer (GuardBunny)

Thanks a lot Gents.

Offline

Board footer

Powered by FluxBB