Cheap RFID read/writer
skylight
Posts: 1,915
Not sure if Erco has already seen these but I don't know how they can do them so cheap
Comes with two headers straight and angled plus a keyfob and a card!
ebay.co.uk/itm/181370295071?_trksid=p2057872.m2749.l2649&ssPageName=STRK%3AMEBIDX%3AIT
Has anyone written an obex object for this chip RC522?
Comes with two headers straight and angled plus a keyfob and a card!
ebay.co.uk/itm/181370295071?_trksid=p2057872.m2749.l2649&ssPageName=STRK%3AMEBIDX%3AIT
Has anyone written an obex object for this chip RC522?
Comments
About a year ago I gave a presentation in Las Vegas for an "RFID sniffer" able to detect and decode a passive RFID tag signal from about 20 feet from the door reader. The bill of materials was less than a dollar using off the shelf components. So far, I think our group holds the world record for a passive RFID tag read from a year ago last May at RMISC (Rocky Mountain Information Security Conference) ... it was that event in May that led to our presentation at Las Vegas in August as BSides.
The basic idea of the circuit is to create a radio that is tuned to 125kHz ... in this case I am using a regenerative one transistor receiver derived from a few different designs I researched over the internet to come up with my own derivative ... Search for Q-multipliers and regenerative radio receivers. In my circuit I have combined the "tickler coil" into the tuning coil with an emitter follower arrangement acting to positively re-enforce the signal (<-- the regenerative portion). The Op-Amp is really only there for a buffer. ... <-- backtrack a little... the goal of this Las Vegas presentation was to purposefully show and exploit how simple this was to do with "off-the-shelf" components and I literally just grabbed a few things out of my junk box ... The transistor immediately after the Op-Amp amplifies the signal, but the capacitor across the C-E junction cause it to function as a low-pass filter ... this may seem counter intuitive, because we are tuning into 125kHz and then immediately putting it through a low-pass filter which removes all of the 125kHz component. What we are left with is the modulated low-frequency signal from the RFID tag. The last stage transistor simply just cleans the signal up enough so that a micro processor can directly read the TTL style signal. The RFID tags are coded in Manchester and following the RFID receiver, the output was connected directly to a PIC16F54 micro controller that performed the necessary Manchester decoding on the fly and sent the decoded result out serially at 57.6k baud So I have no doubt that a Propeller or any other micro could decode the Manchester just as easily.
Note: With the RFID exciter, the code inside the PIC simply generated a free running differential square wave at 125kHz ... nothing special.
With this arrangement, it is possible to place a passive RFID tag near the RFID exciter (or Door reader) and use the receiver at some distance away to read the tag over the air at a considerable distance.
RFID receiver:
<removed>
RFID exciter:
<Removed>
Pretty awesome. Unless of course you're beaming microwaves or gamma rays at the guy wearing the RFID tag. Hot sterile Hulk smash puny reader!
So let me get this straight. The reader in a door, say, excites the RFID tag as usual. Your circuit then reads what the door/tag is doing from some great distance.
Very sneaky.
I'm wondering if that neat little regen circuit would make a nice receiver for the time transmissions form Germany and France that are down at 100KHz or so, without the 10uF filter capacitor, using the little ferrite antenna I have here.
Exactly, that's how the circuit works. The real danger is that with this circuit you can "see" both sides of the negotiation between a card and the card reader. That part of it is why I gave a presentation in Las Vegas to exploit this vulnerability with RFID tagging ... the concept will work with other tags as well and is not necessarily locked down to 125kHz.