RFID / ARDUINO

COPY A CARD WITH KNOWN KEYS

Today I want to show you how to copy a Mifare classic card with the Arduino mega and the rfid-rc522 module.

Requirements:

  • Card Reader
  • Arduino Mega
  • Arduino Library
  • Existing RFID Card ( in this example a Mifare Classic 1k )
  • New empty RFID Card

Card Reader

RC522

Card Reader

Note to all links: As an Amazon Associate and Aliexpress Affilate, I earn from qualifying purchases. The decision is yours, and whether or not you decide to buy something is completely up to you.

Connect the board with the Arduino Mega.
 
 *-----------------------------------------------------------------------
 * Pin layout should be as follows:
 * Signal Pin Pin Pin
 * Arduino Mega MFRC522 board
 * ------------------------------------------------------------
 * Reset      5    RST
 * SPI SS    53    SDA
 * SPI MOSI  51    MOSI
 * SPI MISO  50    MISO
 * SPI SCK   52    SCK
 *
 * #Note: Code will work not with Arduino UNO because of not enough SRAM

Arduino Mega

I used an Arduino MEGA 2560, because UNO has too lees RAM. Note: We have to read a 1K card and keep this in memory.

Arduino Mega

Card Reader

Note to all links: As an Amazon Associate and Aliexpress Affilate, I earn from qualifying purchases. The decision is yours, and whether or not you decide to buy something is completely up to you.

Arduino Library

For accessing there exists a lot of Arduino libraries in the net. I do not know which library I used exactly, think it was from here. https://github.com/miguelbalboa/rfid

Existing RFID Card

In my example I use a Mifare Classic 1K card.

you need to know the keys of this card.
This is just an example.

KeyA_List[][6] =
{
	{150,161,162,166,164,165},  // Sector 0
	{238, 51,226, 88, 63, 28},  // Sector 1
	{220,140,161, 12,125, 89},  // Sector 2
	{113, 97,186,136,120,156},  // Sector 3
	{112, 17,126,250,164, 50},  // Sector 4
	{212, 24,175, 51,161,155},  // Sector 5
	{139,192,187,206, 50,233},  // Sector 6
	{156, 84,200,238,139, 28},  // Sector 7
	{141, 53,120, 10, 20,141},  // Sector 8
	{178,237,163,146,170, 83},  // Sector 9
	{137,254,143,198, 79,169},  // Sector 10
	{194,105,111,160,234,209},  // Sector 11
	{264,152,043,143, 62,226},  // Sector 12
	{131,232,181,154, 81,224},  // Sector 13
	{174,  1,208,226, 63,140},  // Sector 14
	{140,161,162,163,164,165},  // Sector 15
};

byte KeyB_List[][6] =
{
	{134,135,136,137,138,139},  // Sector 0
	{146,147,148,149,140,141},  // Sector 1
	{156,157,158,159,150,151},  // Sector 2
	{166,167,178,179,180,181},  // Sector 3
	{186,187,178,179,180,181},  // Sector 4
	{140,147, 15, 51,241,  7},  // Sector 5
	{235,  8,234, 57,122,154},  // Sector 6
	{128,132, 14,  7,165,143},  // Sector 7
	{146,157,178,179,180,181},  // Sector 8
	{156,167,178,179,180,181},  // Sector 9
	{166,177,178,179,180,181},  // Sector 10
	{186,187,178,179,180,181},  // Sector 11
	{185, 19,165,113,135,140},  // Sector 12
	{176,148, 45,181,196,175},  // Sector 13
	{235, 15, 14,122,141,213},  // Sector 14
	{116,140,255, 47, 27,199},  // Sector 15
};
//---------------------------------------------------------

New empty RFID Card

Any new card. Please note that the UID number of an existing card couldn’t be copied. The UID number of an new card is normally read only, and programmed by the manufactory of the cards. Except, so called >> Chinese magic rfid card<<. My code example do not try to write the read UID number to the new card.

Code

In general I am a little bit lazy to give you a big explanation about the code. Just download it and go through… But okay some info’s I want to give you: Please note: serial baud rate is 57600 Please do not forget to change your keys

byte KeyA_List[][6] =
 {
 {150,161,162,166,164,165}, // Sector 0
 ....
 byte KeyB_List[][6] =
 {
 {134,135,136,137,138,139}, // Sector 0

Basic flow: Idea is to read a card , dump this information

byte mydumpdata[MAX_SECTOR][MAX_BLOCK_SECTOR][MAX_DATA_BLOCK];

and also add the KEY A and KEY B infos to the dumped data. see comments in my code

// Special note on KEY_A / KEY_B
// see datasheet
// When the sector trailer is read, the key bytes are blanked out by returning logical zeros. If
// Key B is configured to be readable, the data stored in bytes 10 to 15 is returned, see

So this is my first version. https://github.com/ebc81/RFIDCopyMaschine

Leave a comment

Your email address will not be published. Required fields are marked *

*

code