This is a great video demonstrating the vulnerabilities in many of the low security card solutions that are currently deployed around the world, in booth public and government facilities. We have kiosks here in the USA where you can actually duplicate low security cards at a convenience store in seconds or buy card duplicators online. There are lots of great access control solutions on the market today that support both high assurance or encrypted credentials that eliminate these types of vulnerability and the only thing that we can do is educate. Please keep up the good content.

@agend-007

2 жыл бұрын

Could you give examples? Secured system at a normal price? Thank you

@spencercpu1983

2 жыл бұрын

Wow I have never seen a kiosk that copies RFID cards before that is pretty cool

Only just discovered your channel. You are doing a great job! Thanks!

Man I wish I could afford all these test rfid systems and cloners, appreciate your vids bro!

I don't wish to sound critical, just helpful, in North America,(Canada) we call the lock you used a solenoid lock because the magnet does not directly hold the door. Otherwise your content is excellent so thank you for taking the time to produce a very well made video with great content. Im going to look for the PM3 / Chameleon info. Take care.

@QuentynTaylor

4 жыл бұрын

aah i think you are correct in the UK as well. a maglock is a different kind of lock. Thanks for pointing this out !

I'm learning so much

Hi Could you please put a video showing how to update the chameleon mini thanks

what if you lost the card? is there anyway to copy the key sensor & place it onto a new card?

Great video!

could you explain abit more on how to changes values for example you said you could change the balance on a vending machine card

Great stuff. Many thanks

Thank you for the info Quentyn, we have a system where we think it is a HF 1K reader. We have some cards available to us but we would like to sniff out some other numbers as we think it is simply using the UID numbers. When you sniff out the reader is it giving you some current read cards or the initial cards stored on the data base and if so how many UID's would it give you. It sounds like the Proxmark 3 from 401 would be our best tool would you say. Does the Proxmark 3 come with any form of instructions. Thanks again for you assistance.

Thank you so much, you will hear more from my local bank :) Just kidding, thank you for the video

Hello, may I ask what kind of chip is often used in residency permit card?

hey, are is anyone familiar with act enterprise management. im having an issue with some guy using a fob that he has probably hacked, when it accesses a barrier the space where the card details come up is blank and im unable to click in to it or get any information on it from the live system

Would you happen to know If Paxton net 2 cards are similar to this,

is there an app that can do the same thing as the camelion? my phone has NFC, WIFI and Bluethooth

@QuentynTaylor

3 жыл бұрын

no there are useful tools like NFC pro but there arent ones that allow you to emulate another card in the same way

@amirezat7854

3 жыл бұрын

@@QuentynTaylor ahh what a shame, Chameleon it is then! Thanks for the reply

Do you have to have a writeable key or can you emulate the same technology from your phone using NFC?

@QuentynTaylor

2 жыл бұрын

if your phone supports it then yes

Is there a way to clone a card and open a door without it registering in the system?? We are having issues at work, where people are getting in (witnessed), but when we go into the system, there is no marker!....??

@QuentynTaylor

2 жыл бұрын

it really depends on the system and how its setup

Hi Quentyn, love your content. Can the Proxgrind Chameleon tiny emulate mifare DESFire cards? I see it has hardware capability but no current option in the app

@QuentynTaylor

3 жыл бұрын

indeed its not in the app, if you want to play with this you will need to use the terminal which is in the desktop app or you can use telnet on your favorite platform. Note that the support is experimental at the moment ( I havent played with it in a while)

Hello, I have a question. I have a desfire EV2 with a 7 byte UID. I tried the command that you do at 7:43 (hf mf csetuid), but then it says it wants 8 HEX symbols (my card has 14 HEX symbols) . I can't figure out what to do to fix this, can you help me please?

@QuentynTaylor

2 жыл бұрын

hi the cmds are specific to a mifare classic not desfire

Correct me if I’m wrong, but in order to expose this vulnerability you need to have access to a card that is registered into the system. Is there any way to get around needing to obtain a registered card?

@QuentynTaylor

2 жыл бұрын

yes in thes systems you only need to spoof the card ID. You can either get a starting point from 1 card ( that you know is in the valid range) or you can i suppose just brute force a load of ID's

@submh0938

2 жыл бұрын

@@QuentynTaylor thank you for the quick response and the answer. I appreciate it.

Hi! Great video! Would a MIFARE classic card be copied if the card number for the access control system is encrypted in the memory of the card (not CSN/UID but using the internal memory)? I read MIFARE could be cracked and then the keys revealed, then it would be easy to program any card with the same or with any card number and the access control readers at doors could read these fake cards.

@QuentynTaylor

3 жыл бұрын

well there is the ID number of the card is one thing and that can always be read. In the video above i am just showing how to simulate the ID number. However in other videos i show how to copy the data on an encrypted card and then you can write to any compatible card

Hi Quentyn, very informative video's thank you. we are asked to copy cards in the past and try and make replacement cards for customers with lost cards and systems that are just full. We used to have a knowledgeable chap who would help on occasion but sadly he has retired. Sifting through all the videos we are getting a feel of things firstly we would need re-writable cards (mainly Mifare 1K H.F) would we be able to copy existing cards and write to a new card with a Chameleon Tiny. Can you explain how sniffing works, what card does it sniff from a reader, is it the last card used or initial master/programming cards and can we do this with a Chameleon Tiny. In my past life I used to fly model helicopters for films etc plus Drone work before drones were about very bulky in those days. Thanking you in advance for any info.

@QuentynTaylor

2 жыл бұрын

HI Vago, if you just want to copy cards then the icopyx may be a better option though for ease you will need to use their branded cards. The chameleon will need something to do the actual cracking / data dumping such as a proxmark etc

@vagonordigian8445

2 жыл бұрын

@@QuentynTaylor Thanks for your reply. can you enplane what is actually retrieved from sniffing is it the last card that was used or is it the original master card ID numbers and what is the best piece of equipment to use for this

@QuentynTaylor

2 жыл бұрын

@@vagonordigian8445 well in the case of the video above its just the uid of the card thats accessed. Sniffing would be the act of capturing the traffic between the card and reader which you would do if you have a valid UID and want to sniff the initial key the reader will send

Is it better than mifare ultralight?

May I ask the chip which is not orginal 4K but compatible with 4K milfare card can be read and edited?

@QuentynTaylor

3 жыл бұрын

you can edit the data on the card if you need i show how on the yale conexis video

@huangjian7703

3 жыл бұрын

​@@QuentynTaylor thank you. We are supplying this kind of card which is not original, worry about if our chip cannot match our client system

What program/ client do you have on your computer in order to display/ modify code and decrypt?

@QuentynTaylor

2 жыл бұрын

using the proxmark with the iceman software build

Would I be able to add my 8 conta less credit cards on there?

@QuentynTaylor

3 жыл бұрын

not really, it depends on the technology that the card uses. Many / most are desfire ev2's or similar and they cant ( for good reason) be copied so easily

Do u have vids on Hid iclass readers?

@QuentynTaylor

3 жыл бұрын

i dont as due to lock down i dont have access to one - as soon as lockdown finishes i will try to find one to have a play

will any of these work with paxton fobs?

@QuentynTaylor

2 жыл бұрын

sorry i dont have any paxton fobs to try with

Hey bro do you know if the chameleon or proxymark3 will clone Keri?

@QuentynTaylor

3 жыл бұрын

i dont think so as Keri are 125khz - you would need something like an icopyX

@QuentynTaylor

3 жыл бұрын

by the way the proxmark will clone a keri but not the chameleon as the chameleon is only HF

@AK47z

3 жыл бұрын

Cool was reading the same thing earlier on proxymark that has both HF and LF antennas and can handle the encryption so I’ll order 1 off Alibaba tonight, thanks again for the help.👍

Do you ship to the Unites States of America ?? Please say yes

@QuentynTaylor

4 жыл бұрын

err i dont actually sell anything - so i dont ship anywhere

So are there ways to overcome this?

@QuentynTaylor

3 жыл бұрын

yes dont use mifare classic use desfire or similar - and dont use mifare classic that auths only on the ID of the card

electronic systems are always more vurnable than physical locks.

Hello

this is not "bypassing" anything. It's copying an existing fob. Thats like saying I'm bypassing my door lock if I get a new key cut at the store and use that. It's not. Bypassing it would be entering without having access to the original key, and make it accept a custom key of your own, or even better, if you can open the door bypassing the whole reader entirely

I have a project related you

@QuentynTaylor

2 жыл бұрын

do go on i am interested

But at the end, you still need a card to clone from.. otherwise all this hacking setup is lame...

Not at all what I w a s looking for

Bro, your music is way too loud. Some of us have big speakers with sleeping people and have to turn it up quite a bit to hear your voice. Great content otherwise.

@QuentynTaylor

4 жыл бұрын

apologies for that - i will try to balance the music and the vocals to be similar volume

@dieselphiend

4 жыл бұрын

@@QuentynTaylor Thanks :)

@car24dude

3 жыл бұрын

Try some headphones