Add Reference Material

rfidtool · Feb 4, 2018 · 9899705 · 9899705
1 parent 7d075ff
commit 9899705
Show file tree

Hide file tree

Showing 7 changed files with 180 additions and 5 deletions.
diff --git a/Images/5355keypad-bin2pin.jpg b/Images/5355keypad-bin2pin.jpg
diff --git a/Keypad/README.md b/Keypad/README.md
@@ -0,0 +1 @@
+![HID-5355-Bin2Pin-Reference](../Images/5355keypad-bin2pin.jpg?raw=true) 
diff --git a/Magstripe/README.md b/Magstripe/README.md
@@ -0,0 +1,49 @@
+Magstripe Reader Tested: HID 3110-6445 Magstripe Pass-Through Reader 
+ * set to rotary position B (Raw Data - All Bits Wiegand) 
+
+RFID-Tool Specific Settings 
+ * set buffer size to 256 bits or greater 
+
+See [aba-decode.php](aba-decode.php) script for converting binary card data to ascii (Script by: AndrewMohawk) 
+ * Command Line: /usr/bin/php aba-decode.php 1101000001100000100011001001001010101101111000001010011101101111100010 
+ * Web: https://www.LegacySecurityGroup.com/aba-decode.php?binary=1101000001100000100011001001001010101101111000001010011101101111100010 
+
+Binary: 
+5 bits 
+Little Endian Format 
+
+LRC(Longitudinal Redundancy Check): 
+Count # of set bits(1's) in column 
+EVEN = 0 
+ODD = 1 
+
+Track 2 Debit/Credit Card Format(for example): 
+;1234567890123456=YYMMSSSDDDDDDDDDDDDDD?* 
+; = Start Sentinel 
+1234567890123456 = 16 Digit Card # 
+= = End Card # 
+YY = Expiration Year 
+MM = Expiration Month 
+SSS = Service Code (As Understood From Wikipedia: "201" means chip required, "101" means no chip, be sure to recalculate the LRC if changing, it is not advised to experimental here without knowing the laws involved) 
+DDDDDDDDDDDDDD = Discretionary Data 
+? = End Sentinel 
+*=LRC 
+
+Binary Reference: 
+11010 ; - Start Sentinel 
+00001 0 
+10000 1 
+01000 2 
+11001 3 
+00100 4 
+10101 5 
+01101 6 
+11100 7 
+00010 8 
+10011 9 
+00111 < 
+01110 > 
+01011 : 
+10110 = - End Card Number 
+11111 ? - End Sentinel 
+00010 LRC 
diff --git a/Magstripe/aba-decode.php b/Magstripe/aba-decode.php
@@ -0,0 +1,121 @@
+<?php
+header("Content-type: text/plain");
+
+echo "Original script by: AndrewMohawk\n";
+// [email protected]
+echo "http:https://www.andrewmohawk.com\n\n";
+
+echo "Modified slightly by: Corey Harding\n";
+echo "www.LegacySecurityGroup.com / www.Exploit.Agency\n\n";
+
+//USAGE:
+//Command Line: /usr/bin/php aba-decode.php 1101000001100000100011001001001010101101111000001010011101101111100010
+//Web: www.server.com/aba-decode.php?binary=1101000001100000100011001001001010101101111000001010011101101111100010
+
+/* Decode Track 2 data from binary */
+if (defined('STDIN')) {
+ $binary = $argv[1];
+} else { 
+ $binary = $_GET['binary'];
+}
+
+// this function by mtroy dot student at gmail dot com taken from http:https://php.net/manual/en/function.strpos.php
+function strpos_r($haystack, $needle)
+{
+ if(strlen($needle) > strlen($haystack))
+ trigger_error(sprintf("%s: length of argument 2 must be <= argument 1", __FUNCTION__), E_USER_WARNING);
+
+ $seeks = array();
+ while($seek = strrpos($haystack, $needle))
+ {
+ array_push($seeks, $seek);
+ $haystack = substr($haystack, 0, $seek);
+ }
+ return $seeks;
+}
+
+function processBinary($binary)
+{
+ $AsciiOutput = "";
+
+ //find start sentinel
+ $start_sentinel = strpos($binary,"11010");
+ if($start_sentinel === false)
+ {
+ echo "Could not find start sentinel\n";
+ return false;
+ }
+
+ //find end sentinel
+ $end_sentinel = false;
+ $end_sentinel = strrpos($binary,"11111");
+ if(count($end_sentinel) == 0)
+ {
+ echo "Could not find end sentinel\n";
+ return false;
+ }
+
+ //Lets decode the data:
+ $bit_length = 5; // 4 bits for data, 1 bit for odd-parity or LRC checking
+
+
+ $data = substr($binary,$start_sentinel,($end_sentinel-$start_sentinel+5));
+
+ $currentBits = "";
+ $currentNum = 0;
+ $finalString = "";
+
+ for($i=0;$i<strlen($data);$i++)
+ {
+ if(strlen($currentBits) < $bit_length)
+ {
+ $currentBits .= $data[$i];
+
+ }
+
+ if(strlen($currentBits) == $bit_length)
+ {
+ $parityBit = $currentBits[4];
+ $dataBits = substr($currentBits,0,4);
+
+ $asciiChar = 0;
+
+
+ for($x=0;$x<4;$x++)
+ {
+ $currentNum += $dataBits[$x];
+ }
+
+
+
+ $dec = bindec($dataBits);
+ $dec = str_pad($dec, 2, "0", STR_PAD_LEFT); // just so output is nice
+ $asciiChar = chr(bindec(strrev($dataBits))+48); // reverse the binary (since its LSB first) then convert to dec, add 48 and then take it to ASCII
+ echo "$currentBits - Data ($dataBits) Parity($parityBit) Decimal ($dec) Ascii($asciiChar)";
+ if(($currentNum + $parityBit) % 2 == false)
+ {
+ echo " __ Parity: Invalid";
+ }
+ else
+ {
+ echo " __ Parity: Valid";
+ }
+ $AsciiOutput .= $asciiChar;
+ echo "\n";
+ $currentBits = "";
+ $currentNum = 0;
+
+ }
+
+
+ }
+ echo "\n\nTotal Out (ascii): $AsciiOutput\n";
+}
+echo "Trying One way:\n\n";
+if (processBinary($binary) == false)
+{
+ //reverse.
+ echo "\n\n";
+ echo "Trying The Reverse:\n\n";
+ processBinary(strrev($binary));
+}
diff --git a/README.md b/README.md
@@ -14,8 +14,8 @@ Hardware is manufactured by April Brother and can be purchased for ~$19.00 from
 * eBay Store: https://www.ebay.com/itm/ESP-RFID-Tool-for-logging-Wiegand-data-/253354070711  
 
 Video Demos:  
-* https://youtu.be/0o8r_ufRrFo 
-* https://youtu.be/B86926CHImE 
+* Biometric/Keypad: https://youtu.be/0o8r_ufRrFo 
+* Portable RFID Reader: https://youtu.be/B86926CHImE 
 
 Firmware:  
 * Official 
@@ -36,7 +36,7 @@ Firmware:
 * Simulating an access control system using multiple units of ESP-RFID-Tool. 
 
 ## What is it? 
-A universal data logger that captures the raw binary data from a standard 5V Wiegand Interface. The device is capable of logging the credentials for access control systems or nearly any device that utilizes a Wiegand Interface such as RFID card readers, pin pads, magnetic stripe systems, and even some biometric readers. Wiegand Interfaces also do not have to be limited to just access control systems. The main target group for this device is 26-37bit HID cards. For known card types both the binary and hexidecimal data is displayed directly in the log file for easy badge identification and also in case a clone of a card may be needed. For unknown card types only the raw binary data is shown. 
+A universal data logger that captures the raw binary data from a standard 5V Wiegand Interface. The device is capable of logging the credentials for access control systems or nearly any device that utilizes a Wiegand Interface such as RFID card readers, pin pads, magnetic stripe systems, barcode, and even some biometric readers. Wiegand Interfaces also do not have to be limited to just access control systems. The main target group for this device is 26-37bit HID cards. For known card types both the binary and hexidecimal data is displayed directly in the log file for easy badge identification and also in case a clone of a card may be needed. For unknown card types only the raw binary data is shown. 
 
 ## How do you install it? 
 The device may be installed directly into an existing system drawing its power from the preexisting wiring or it can also be used to turn a reader into a standalone portable unit for data logging when a battery is added. Wiring is simple and consists of 4 wires, (+), (-), D0(Green), and D1(White). The device is capable of operating on voltages ranging from around 4.5V up to a maximum of 18V. Commonly found voltages are 12V and 5V. **(See Installation Notes Below) 
@@ -65,6 +65,10 @@ The device was made with minimal hardware to keep costs extremely low and in rea
 * Configure settings 
  * See Below 
 
+## Making Sense of the Binary Data 
+[Keypads](Keypad/README.md) 
+[Magstripe](Magstripe/README.md) 
+
 ## Flashing Firmware 
 From Web Interface: 
 * Download one of the latest releases from 

diff --git a/Source Code/esprfidtool/esprfidtool.ino b/Source Code/esprfidtool/esprfidtool.ino
diff --git a/Source Code/esprfidtool/version.h b/Source Code/esprfidtool/version.h
@@ -1 +1 @@
-String version = "1.0.4";
+String version = "1.0.4a";