I have decided to publish how to add the bidirectional communications capability to the actual Open RFID Tag hardware (version 0.3).
I spent some time figuring how to do it with the least number of components and avoiding damage the PCB (without cutting any trace). Finally I manage to do it with one diode, one resistor and 3 capacitors.
I don't have time right now to publish the instructions for modifying the hardware, but I will do it the next week.
And this is the result:
100% passive cloner. Actually it can clone only the EM4100 family, but I will add support for others.
How the EM4100 cloner works
Pressing button S1 when approaching the Open RFID tag to a RFID reader will boot the capture mode.
In this mode, the Open RFID Tag sniffs and decodes the communication between the RFID tag and the RFID reader. If an EM4100 memory map is correctly captured (the CRC and parity is checked), the memory map is stored and LED1 is switched on.
If S1 is not pressed, the Open RFID Tag emulates the latest RFID tag captured.
No hay comentarios:
Publicar un comentario
Gracias por tu comentario