Skip to content

lf_tharexde.md

Latest commit

 

History

History
99 lines (71 loc) · 2.69 KB

lf_tharexde.md

File metadata and controls

99 lines (71 loc) · 2.69 KB

LF_THAREXDE — EM4x50 Simulator/Collector

Author: tharexde Frequency: LF (125 kHz) Hardware: RDV4 (requires flash memory)

Back to Standalone Modes Index | Source Code | Development Guide

What

A dual-mode standalone for EM4x50 tags: simulate an EM4x50 tag loaded from a flash dump file, or read/collect EM4x50 data (including passwords) to flash.

Why

EM4x50 is a more advanced LF tag than EM4100 — it supports password protection, memory blocks, and bidirectional communication. This mode handles both offensive and defensive EM4x50 scenarios:

  • Simulation: Load a dumped EM4x50 tag and emulate it at a reader
  • Collection: Capture EM4x50 data and passwords from cards in the field

How

SIM mode:

  1. Loads tag data from lf_em4x50_simulate.eml on flash
  2. Configures the EM4x50 simulation engine
  3. Continuously emulates the tag

READ mode:

  1. Listens for EM4x50 tags
  2. Reads all accessible memory blocks
  3. If password authentication is observed, logs it to lf_em4x50_passwords.log
  4. Full tag dumps go to lf_em4x50_collect.log

LED Indicators

LED Meaning
A (solid) Simulating (blinks if no data or error)
B (solid) Reading / recording
D (solid) Unmounting / syncing flash

Button Controls

Action Effect
Single click Toggle between SIM and READ modes
Hold Exit to shell
USB command Exit standalone mode

State Machine

stateDiagram-v2
    [*] --> SIM : Startup (eml file exists)
    [*] --> READ : Startup (no eml file)

    SIM --> READ : Button click
    READ --> SIM : Button click

    SIM --> SIM : Continuous emulation
    READ --> READ : Continuous collection

    SIM --> [*] : Button hold / USB data
    READ --> [*] : Button hold / USB data

    note right of SIM
        Loads from:
        lf_em4x50_simulate.eml
    end note

    note right of READ
        Logs to:
        lf_em4x50_passwords.log
        lf_em4x50_collect.log
    end note
Loading

Flash Files

File Purpose
lf_em4x50_simulate.eml Input: tag data to simulate
lf_em4x50_passwords.log Output: captured passwords
lf_em4x50_collect.log Output: full tag dumps

Compilation

make clean
make STANDALONE=LF_THAREXDE -j
./pm3-flash-fullimage

Related