Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Reading Hitag2



  • Yes, I'm going to write decoders for all the sniffer, but right now I'm chasing down a really weird bug to do with the reader ISR ticking twice after a read error. Very strange!!!

    I also need to finish off EM4X05.

    The list keeps growing! :P
  • edited June 2015
    Very Great!
    Oh, good Luck with the bug! Maybe it comes with the error handling? I dont have a idea so far :P

    good Luck!!!!
  • ive got a problem sniffing hitag1. 
    i tried several times. When sniffing the communication i just get blank lines as result most times. some times the rfidler crashed (rebooted). Some times i get some bits, but they are different each time.

    What can i do?
  • Yes, there seems to be some memory corruption bug in there somewhere - I've had a few crashes/reboots as well. I'm going to be working on Tamagochi sniffing with Tony later this week, so we'll take a look then...
  • HITAG1 sniff decoding is now working:

    *HITAG1> sniff-pwm                                                             
    Waiting for PWM (hit any key to abort/report)...                               
    00110, SET_CC                                                                  
    000001010011011010111000110010011010111011100, SELECT:A6D71935:DC              
    10000001000101010110, WRITE_PLAINTEXT_PAGE:11:56                               
    1010101111001101111011110000000100110010, DATA:ABCDEF01:32                     
    00110, SET_CC                                                                  
    000001010011011010111000110010011010111011100, SELECT:A6D71935:DC              
    11000001000101111011, READ_PLAINTEXT_PAGE:11:7B                                

    Plaintext commands only at the moment, as i've yet to implement crypto for HITAG1
  • thank you a lot!
    I'm looking forward to crypto implementation :)
  • @adam, are there any updates yet?

  • edited August 2016

    Hi Adam, 
    Do we need an external Hitag 2 reader for the RFidler to sniff the exchange or can RFidler now read all data on a hitag 2 fob like the Paxton Net 2 Bullet one?

    If it can read all the data, what fob would we clone it to?

  • edited August 2016
    If you know the crypto key RFIDler can read/write direct to the tag. If you have an external reader, you should also be able to sniff the conversation. Standard blank Hitag2 tags for cloning.
  • edited August 2016
    But a hitag2 Blank tag will still have a unique ID so I guess you can't copy that like with the old Mifare Classic S50 and S70 Chinese blanks?

  • So I now have the Paxton Software and a Paxton Reader so I can see the number being read and by the reader and software, 
    Would anyone be interested in meeting up to sniff the exchange to get the password?
    I have some bullet fobs as well and am happy to travel to get this done as it's really frustrating me.
  • I know this is an old thread, but I'd be interested in helping you work out the Paxton Net2 password.

    There's only a slim chance I'll be able to help you, but which part of which country are you in?
Sign In or Register to comment.