Has anyone heard of using an NFC enabled device to imitate a RFID gate pass? My complex won't give me another one for my fiance. I thought I could copy it, and swipe my Gnex at the gate while my fiance use the proxicard HID.
I'm ignorant of the details of the two technologies, so this is probably impossible. Worth asking. Thanks
I would sure hope not. Sounds like that would be a pretty big security risk for companies that use such cards for sensitive locations.
Sent from my Galaxy Nexus using Tapatalk 2
It is possible I believe. I know for Bamboozle that the NFC wristbands had no security and I was able to get into VIP area with no problems.
I would imagine that it is likely since I doubt that their NFC security is high.
With Regards to cloning an NFC tag and an RFID card. No it won't be possible. You have mentioned two technologies that are similar but not the same. NFC and RFID work the same in theory, but at different radio bands. Think of it like ATT phones vs. T-Mo phones. Some PC adaptors can read/write both, but the GNex can't.
Second flaw is that you probably wouldn't be able to use the GNex itself to open the door. The much more likely solution would be to use the GNex to capture the info on the old tag and write it to a different tag of the same type.
Third, and this ties into what Self Righteos Banana said about the NFC wrist bands at Bamboozle, most places don't have high security on their NFC or RFID solutions, but the software isn't quite there for GNex to fully exploit this. We were able to read the wristbands and determine that all of them, VIP, 1 day, 3 day etc. etc. had the same info stored on the tag. They were relying on the site staff to visually identify the various wristbands as well as scan to see if they were genuine. With this, a little social engineering got us into restricted access. We weren't able to rewrite the wristbands completely without altering other bits yet though. One of us wrote Hello to an unused portion of the memory, but it wrote header info in adjacent bits, not zeroes. I assume this is based on protocols that the phone (or other NFC devices use). So we were able to read and write to the tags, but could not clone them. For that I think you would still need a PC until software catches up.
EDIT: Also since this is a question, I feel I should remind you to post it in the Q&A section and not general. Also there is an NFC Hacking subforum.
Thanks a lot for the valuable info. I'll hunt around in the NFC hacking section. Sorry about posting in the wrong forum. I won't make mistake again.
Related
I have a bunch of blank NFC tags from Texas Instruments (about 40 in total) in varying sizes (both physical and storage-wise), shapes, and casings. While I'm able to read them on my Galaxy S3, none of the apps I've tried are able to write to them.
After some poking around, I determined that these are all NFC-V tags (ISO/IEC 15693 compliant), which are apparently not NDEF-compatible. While the Android OS supports them, it provides no functionality to interface with them other than transcieve (raw read/write). Lacking the knowledge to write my own interface app, I'm reduced to research, questions, and experimentation.
Does anybody have any experience using Android to write to NFC-V tags? If so, what were you able to store and how did you do it?
https://play.google.com/store/apps/...1bGwsMSwxLDEsImNvbS5ueHAubmZjLnRhZ3dyaXRlciJd
try this app, it might work for you.
Thanks for the reply. That's actually the first app I tried, and no matter what type of data I try to write, I get the following: ow.ly/c5ubE
I've been putting a lot of my effort into getting this (ow.ly/c5uaz) app to work since it specifies NFC-V and ISO/IEC 15693 compatibility, but I still can't get it to write any data (NDEF or raw). From reading up on NFC-V, I get the impression this may be an issue with one-bit vs two-bit addressing and the app assuming which it is wrongly, but I have no way to confirm that. That said, the source for that app is available for download from its developer here (ow.ly/c5uaR) if anybody is interested in picking it apart.
Aren't they locked?
I can't give you more clues as I've just started reading about NFC.
daniel_loft said:
Aren't they locked?
I can't give you more clues as I've just started reading about NFC.
Click to expand...
Click to collapse
Not that I'm aware. I can read them, and the access conditions allow writes. TI also advertises that they're shipped unlocked and unprotected.
Having done a fair amount of research since, it seems the issue is that NFC-V tags are not part of the NFC Forum standard, and there's no standard way to store NDEF data on them. Short of writing my own app with a proprietary method of doing so, I think the only option for those tags is to wait until NXP, TI, the NFC Forum, etc decide on a standard, then all the NFC Android apps update appropriately.
Fortunately, I've since gained access to the NXP Semiconductors samples ordering system, and their MiFARE tags are differently complicated but NDEF-formatable, so I'm making some headway.
rowanator0 said:
Not that I'm aware. I can read them, and the access conditions allow writes. TI also advertises that they're shipped unlocked and unprotected.
Having done a fair amount of research since, it seems the issue is that NFC-V tags are not part of the NFC Forum standard, and there's no standard way to store NDEF data on them. Short of writing my own app with a proprietary method of doing so, I think the only option for those tags is to wait until NXP, TI, the NFC Forum, etc decide on a standard, then all the NFC Android apps update appropriately.
Fortunately, I've since gained access to the NXP Semiconductors samples ordering system, and their MiFARE tags are differently complicated but NDEF-formatable, so I'm making some headway.
Click to expand...
Click to collapse
Hm, I belive that NFCIP-2 specifies something according to vicinity cards, but I don't remember what exactly. The main problem is though that the NFC chip of the SG3, which should be PN544 (not 100% sure, but I tihnk its the same as in the predecessor, and NXP didn't release PN547 yet) does not have the capability to write vicinity cards. I think there were datasheets on this though.
Damastus said:
Hm, I belive that NFCIP-2 specifies something according to vicinity cards, but I don't remember what exactly. The main problem is though that the NFC chip of the SG3, which should be PN544 (not 100% sure, but I tihnk its the same as in the predecessor, and NXP didn't release PN547 yet) does not have the capability to write vicinity cards. I think there were datasheets on this though.
Click to expand...
Click to collapse
Can you define "vicinity" in this context? If you're referring specifically to NFC-V, you may be on to something. If you just mean proximity cards in general, though, I am able to write to MiFARE tags. Furthermore, as I understand it, with the right software behind an NFC reader/writer, you can theoretically read/write just about anything that uses 13.56MHz, simply as a result of the way the active field works.
Additionally, you seem to be correct about the NFC chip in the S3 (see ow.ly/foV15), but according to the NXP spec sheet for that chip (ow.ly/foUYj), it should be able to read/write tags that meet the same ISO standards as my TI tags. Apologies for the shortened URLs; I don't have enough posts yet to post links and that seems to be the only way to get around it.
rowanator0 said:
Can you define "vicinity" in this context? If you're referring specifically to NFC-V, you may be on to something. If you just mean proximity cards in general, though, I am able to write to MiFARE tags. Furthermore, as I understand it, with the right software behind an NFC reader/writer, you can theoretically read/write just about anything that uses 13.56MHz, simply as a result of the way the active field works.
Additionally, you seem to be correct about the NFC chip in the S3 (see ow.ly/foV15), but according to the NXP spec sheet for that chip (ow.ly/foUYj), it should be able to read/write tags that meet the same ISO standards as my TI tags. Apologies for the shortened URLs; I don't have enough posts yet to post links and that seems to be the only way to get around it.
Click to expand...
Click to collapse
ISO15693 is the vicinity card standard (basicly the same as the other ISO14443 standard, but those ISO15693 cards have a bigger range up to several meters). Cards that can be read via NFC-V are vicinity cards / tags. Though I checked again, you are right, coming from the data sheet, it should be able to read and write them.
Btw, your idea to be able to read and write anything that uses 13.56MHz is to idealistic. There are many kinds of cards and standards with many different protocols (many of them are even proprietary, like Mifare Classic, Legic, iClass etc.) involved in this. These protocols are most of the time implemented on the hardware level. One of the reasons for that is the fact that there are also very strict timings cards, tags and reader have to comply to. Going up layers of software can be to slow in that case.
You can read most of the ISO 14443 A and B compliant cards for example, but Mifare Classic can only be read with phones that feature chips that implement the ISO 14443-3 A protocol. The PN544 can read Mifare Classic, because hes manufactured by NXP, the same company that holds the patents and rights of the Mifare Classic standard.
Damastus said:
ISO15693 is the vicinity card standard (basicly the same as the other ISO14443 standard, but those ISO15693 cards have a bigger range up to several meters). Cards that can be read via NFC-V are vicinity cards / tags. Though I checked again, you are right, coming from the data sheet, it should be able to read and write them.
Btw, your idea to be able to read and write anything that uses 13.56MHz is to idealistic. There are many kinds of cards and standards with many different protocols (many of them are even proprietary, like Mifare Classic, Legic, iClass etc.) involved in this. These protocols are most of the time implemented on the hardware level. One of the reasons for that is the fact that there are also very strict timings cards, tags and reader have to comply to. Going up layers of software can be to slow in that case.
You can read most of the ISO 14443 A and B compliant cards for example, but Mifare Classic can only be read with phones that feature chips that implement the ISO 14443-3 A protocol. The PN544 can read Mifare Classic, because hes manufactured by NXP, the same company that holds the patents and rights of the Mifare Classic standard.
Click to expand...
Click to collapse
Which leaves us pretty much back where we started.
As for my "WORKS WITH EVERYTHING" comment, you're absolutely right. I should have specified ISO14443/15693 (and even then my original statement would be wrong). Basically, I was referring to the fact that if you have the command set for something that operates on the 13.56MHz frequency, you can in theory write software to interface with it, as you can send and receive pretty much any raw data you want. However, you're right--there are plenty of 13.56MHz devices, both passive and active, that some active modules simply cannot communicate with.
Hey all!
I love NFC, just as much as you - seeing as you're reading this in the NFC section, I assume you use NFC regularly. I think it'll be fantastic when it's main stream, however for it to become a truly mainstream it needs more data type. just like you get vCards, URL's, SMS's etc - I think we need more help from Google, Microsoft and all the hardware vendors - along with the NFC forum itself - to help extend NFC's capabilities.
Sure we on XDA know how to extend it's abilities - either by hacking it or knowing which app lets you do a certain additional function. Unfortunately normal members of the public won't know about the XDA way or about the apps. For example the problem is you can write an NFC tag to connect to a a device to a particular wifi network, however you need the app that wrote the tag or another app that understands what to do with the tag for it to work. Now the problem is that your guests probably won't have the app installed, so you'll have to connect them manually or download the app over 2G/3G/4G and depending on network strength - just like my area - could take a long time!
What came first, the chicken or the egg? What came first the wifi or the adoption of more standard / capabilities, across OS's / vendors ?
There are plenty more examples, but this is the most useful and self explanatory I can think of.
Please, please, please read my blog post about this and if you so wish, sign the petition, message the NFC Forum telling them to get their butt's into gear - message Google and the Android dev's do what you can to make NFC better and help it's adoption :good:
http://jaytongarnett.blogspot.co.uk/2012/09/is-nfc-over-rated-we-need-nfc-20.html
TheLegendaryJay said:
Hey all!
I love NFC, just as much as you - seeing as you're reading this in the NFC section, I assume you use NFC regularly. I think it'll be fantastic when it's main stream, however for it to become a truly mainstream it needs more data type. just like you get vCards, URL's, SMS's etc - I think we need more help from Google, Microsoft and all the hardware vendors - along with the NFC forum itself - to help extend NFC's capabilities.
Sure we on XDA know how to extend it's abilities - either by hacking it or knowing which app lets you do a certain additional function. Unfortunately normal members of the public won't know about the XDA way or about the apps. For example the problem is you can write an NFC tag to connect to a a device to a particular wifi network, however you need the app that wrote the tag or another app that understands what to do with the tag for it to work. Now the problem is that your guests probably won't have the app installed, so you'll have to connect them manually or download the app over 2G/3G/4G and depending on network strength - just like my area - could take a long time!
What came first, the chicken or the egg? What came first the wifi or the adoption of more standard / capabilities, across OS's / vendors ?
There are plenty more examples, but this is the most useful and self explanatory I can think of.
Please, please, please read my blog post about this and if you so wish, sign the petition, message the NFC Forum telling them to get their butt's into gear - message Google and the Android dev's do what you can to make NFC better and help it's adoption :good:
http://jaytongarnett.blogspot.co.uk/2012/09/is-nfc-over-rated-we-need-nfc-20.html
Click to expand...
Click to collapse
As much as it pains me to say it...we need Apple to implement native NFC support in iOS. I was really excited to see Passbook (or whatever its called) and was nearly positive this meant NFC support for the iPhone 5. Unfortunately, not this go round. It's ok though, wait a couple iterations of iOS/iPhone and NFC will finally be deemed acceptable for the public...magically...revolutionarily.
I know, and I think why the heck should we wait? Apple might only bring NFC with the iPhone 7. What's the harm in trying to change it now?
Sent from my GT-I9300 using xda app-developers app
I haven't used it much, but I am for interested. I guess I need a better understanding of its purpose and how I can use it in everyday situations. I already use wifi-direct for a bunch of transferring.
Sent from my SAMSUNG-SGH-I717 using xda app-developers app
booyakasha said:
As much as it pains me to say it...we need Apple to implement native NFC support in iOS. I was really excited to see Passbook (or whatever its called) and was nearly positive this meant NFC support for the iPhone 5. Unfortunately, not this go round. It's ok though, wait a couple iterations of iOS/iPhone and NFC will finally be deemed acceptable for the public...magically...revolutionarily.
Click to expand...
Click to collapse
The fanboys say that apple is afraid of NFC till they can develop a version of their own that is "Secure"...
Souler19 said:
The fanboys say that apple is afraid of NFC till they can develop a version of their own that is "Secure"...
Click to expand...
Click to collapse
Yeah, they need something the can control - they need to devise a way to make money out of it otherwise it's not in their interest.
I know this is XDA Developers and we can make NFC do what we want, but we all have people in our lives who won't even use NFC because they don't know about it or know what it can do which is why I'd like us to make a change at the OS level on behalf of all of our non-technical friends and family. Let's get the big players like Google, Microsoft and anyone else that's already using NFC in their products to want to make a change - for Grandma
Lets be honest guys, the majority of people around us have iPhones, mainly 4s's. Imagine if all of them had NFC and we could all play nicely sharking playlists and sending phone numbers to eachother?
nfc
TheLegendaryJay said:
Yeah, they need something the can control - they need to devise a way to make money out of it otherwise it's not in their interest.
I know this is XDA Developers and we can make NFC do what we want, but we all have people in our lives who won't even use NFC because they don't know about it or know what it can do which is why I'd like us to make a change at the OS level on behalf of all of our non-technical friends and family. Let's get the big players like Google, Microsoft and anyone else that's already using NFC in their products to want to make a change - for Grandma
Click to expand...
Click to collapse
NFC is the next big thing just give it time. once it rolls out. more in new devices we shall see. it's development grow more and any phone worth it's salt will have to have it
I agree - a revolution. Right now, when I mention NFC to most people they give me that "HUH???" expression. Then I have to explain what it is and then I have to give them examples of what it can do. Seems like almost no one knows what it is or has any idea all the cool things you can do with it.
What we need is a Samsung or Google or HTC to run a commercial that features people using NFC - with tags to automate stuff at home/work, with Google Wallet to pay for stuff, other things. Then the average person would be like "oh I know what that is - I saw it on a commercial"
Unfortunately right now it seems like it's just us tech geeks who know about it...
hollywoodfrodo said:
I agree - a revolution. Right now, when I mention NFC to most people they give me that "HUH???" expression. Then I have to explain what it is and then I have to give them examples of what it can do. Seems like almost no one knows what it is or has any idea all the cool things you can do with it.
What we need is a Samsung or Google or HTC to run a commercial that features people using NFC - with tags to automate stuff at home/work, with Google Wallet to pay for stuff, other things. Then the average person would be like "oh I know what that is - I saw it on a commercial"
Unfortunately right now it seems like it's just us tech geeks who know about it...
Click to expand...
Click to collapse
Dont call us geeks;p j/k
Well, we've already got a very usefull feature for NFC like very fast files transfer, the only what we need is more phones that support it. It will be as famous as bluetooth i think hopefully
Sent from my LT26i using xda app-developers app
gallardo5 said:
Dont call us geeks;p j/k
Well, we've already got a very usefull feature for NFC like very fast files transfer, the only what we need is more phones that support it. It will be as famous as bluetooth i think hopefully
Sent from my LT26i using xda app-developers app
Click to expand...
Click to collapse
How much data can actually be transfered via NFC? I always thought the bandwidth for transfers was rather small, which is why most items transfered are under 144 bytes.
For larger transfers wouldn't using NFC for the handshake then Bluetooth for data transfers be better?
Sent from my EVO using Tapatalk 2
I have to admit I am one of those people who do not know about its capabilites. I know what it is and have it activated on my phone, but what can I do with it...I do not know besides I think you can tranfer pictures, phone numbers and stuff.
Can someone maybe explain it in more detail and tell us about its uses? Maybe I should have done a search about NFC (Near Field Communications) before I wrote this.
P.S. I wish more people would put the acronym meaning after the acronym, like I did above, in this forum...ooh that gives me an idea!! (light in head goes off!! lol)
Psichi said:
How much data can actually be transfered via NFC? I always thought the bandwidth for transfers was rather small, which is why most items transfered are under 144 bytes.
For larger transfers wouldn't using NFC for the handshake then Bluetooth for data transfers be better?
Sent from my EVO using Tapatalk 2
Click to expand...
Click to collapse
I cannot tell you if there is a limit in filesize, but since the biggest NFC tags you can buy at the moment (afaik) are 8kb, anything beyond 1mb is most likely to take to long to be economic.
i know precious little about the nitty-gritty of RFID or NFC stuff, but i'm wondering if there's such a thing as an RFID or NFC spoofer (emulator) that works at the standard nfc frequency of 13.56mhz, and uses the iso 14443 standard.
i'm wondering if it's possible to spoof those sky-landers figures, which use nfc. it's currently impossible to write one figure onto another because of access restrictions on the first little block in the rfid tag. and I'm not aware of any commercially available generic RFID tags that have *quite* the same hardware as the figures.
I believe the sky-landers use MiFare Classic tags, and have a locked block 0 (or UID), in that block 0 is the code which says which character they are.
is it in principle, possible to "project" a fake MiFare tag from an nfc equipped phone, also with a fake UID?
for that matter, are there any breakout boards that can do this, like an arduino shield?
*BUMP*
I'd also like to pull this off with my G-Nex...
The breakout board I use is from Adafruit.com which at the moment is hooked up to a raspberry pi. You could theoretically spoof a tag if you will. But I don't follow the logic to do so. I think what you want to do is more like cloning and siphoning. Check over on the Kali Linux forums, new version of backtrack they are working on something that does just that. I read a little into it about how they were basically bumping into people at a conference or getting in range of someone with there phone out texting or not paying attention and we're able to do just that.
Sent from my SAMSUNG-SGH-I747 using xda premium
Osbor said:
i know precious little about the nitty-gritty of RFID or NFC stuff, but i'm wondering if there's such a thing as an RFID or NFC spoofer (emulator) that works at the standard nfc frequency of 13.56mhz, and uses the iso 14443 standard.
i'm wondering if it's possible to spoof those sky-landers figures, which use nfc. it's currently impossible to write one figure onto another because of access restrictions on the first little block in the rfid tag. and I'm not aware of any commercially available generic RFID tags that have *quite* the same hardware as the figures.
I believe the sky-landers use MiFare Classic tags, and have a locked block 0 (or UID), in that block 0 is the code which says which character they are.
is it in principle, possible to "project" a fake MiFare tag from an nfc equipped phone, also with a fake UID?
for that matter, are there any breakout boards that can do this, like an arduino shield?
Click to expand...
Click to collapse
In theory one is able to emulate a NXP MiFare Classic card using an Android device. However, the firmware of the NFC chip is programmed to produce a different UID with each transmission, therefore the new firmware for the chip would have to modified to produce a static UID. If you want to learn more of the capabilities of the NXP NFC chips used in most Android devices, navigate to NXP's website and there is plenty of info.
From The Q, Of Course
live the life you love, love the life you live
hello everyone, im a bit new to this. i recently saw a video on youtube of someone's proof of concept that it would be possible to emulate disney infinity rfid tags by using some special hardware and listening in on the traffic between the disney figurine base and the xbox 360 by routing it through a laptop. my question was of a similar nature. i have a bunch of these disney infinity figurines, and it gets annoying trying to keep track of them. especially since my little brother is the one that uses them and they wind up in miscellaneous places in the house, occasionally broken. i understand that they are some kind of 13.56 mhz rfid tag with a toy on top of them. my question is, how would i use an android phone, (samsung galaxy s5 rooted) or some kind of rfid reader to determine the hex key that is locking the information that is contained inside the rfid tag, so that i can make a copy of the figurine in case my brother steps on one of them again. so that way i can just have him use a clone of the tag. as far as i understand, since i PAID for these figurines, they are mine, so if i copy them for backup purposes thats completely fine. i have tried a few things, i tried "nfc - war" which was not too usefull, and a couple of other apps to no avail. is there an app, or a windows program (and compatible hardware) that i can use to either brute force the keys out or use some sort of exploit to get the keys? as far as i understand it is a mifare classic ndef formatable tag. help would be greatly appreciated. also im not on here to do anything illegal, or wrong in any way. so anyone whom would like to simply complain to me about how backing up my own property is wrong, please direct your comments elsewhere because i really don't care.
Let me start by saying that I hope that I've posted this topic in the right place.
The scenario: so let's say I'd have a bunch of devices I wanted to unlock via NFC. Per device I'd have 1 tag.
The problem: but then I'd have to carry a bunch of tags around -- and god forbid if I'd happen to lose one.
The solution: what would make things much more convenient, is to use my phone as a NFC-tag keychain. I'd store the virtual tags in an app or some thing, and I'd emulate a tag through the phone when I want to unlock a device.
The questions: how and what would enable me to store multiple tags on my phone, and easily access them? And if I would select a virtual tag, could my phone then use that virtual tag to emulate a phyisical NFC tag?
I've genuinely tried to research all this, but I could just not find any clear cut answers. I guess that my sought-after-solution is either not mainstream enough, or I'm not posing the right queries to Google. Also I can't do my own testing, because my current phone does not support NFC. My near-future phone definitely will. You might ask why I am posing these questions now then? Reason is is that right now I want to building some NFC readers for locks for said devices. But before I do so, I'd have to know if my phone can indeed act as an NFC-tag keychain.
This many views and no response? Surely someone has got an insight into the matter?