Let's Make Robots!

RFID Part 2 - Multipass Cuckoo

Continuation of Hacked Multipass RFID reader ......

Now updated with absolute decode of the 19 byte "Secret-Cypher" hex string to 10 digit readable numerical string....YAY

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

I am however, curious as to why you are using the HEX string rather than converting it to the actual 10 digit decimal. Would it not be easier to make card/fob additions by first converting the card/fob RFID string to the decimal and then comparing the decimal?

In short the rfid reader acts as hid device. Unhacked it spits out the code over the USB port. However in usb protocol. I have no way of decoding this directly on the propeller yet......yet. So I have tapped into the raw data coming off the rfid (ie a stage before conversion to USB) . This presents me with 19 bytes of data @9600 baud. If I could find a way of decoding this then yes I could use decimal number, so this is why I am using hexvalues. However I am not interested in knowing the number, all I need to now is that it matches with a preprogrammed number in my database. If you know a way to decode the data (only 5 bytes actually relate to the full decimal number btw)

for the laser pointer.

BD 05 27 27 27 1E 25 05 03 BD 06 22 1E 1E 20 23 28 05 03

189 5 39 39 39 30 37 5  3 189  6 34 30 30 32 35 40 5  3

          0  0   0   1   8                   5   1   1   3  6

Once you have read the card, drop the 1st, 2nd, 8th-11th, 17th-19th numbers and convert the remaining ones from HEX to DEC and use a bit of math to get the card number. I was just thinking that to add a new card/fob, typing the related number in would be faster than copy/paste and break the HEX number up into bytes.

All works .........

     Basically from your impulse....... i have added 16dec (hex13) to all the characters received from the RFID ....  to temp data buffer.

...... this directly sorts out the 1 to 9 numbers....

... then a second parse on the buffer is needed to check for the wrong character "0"s  (and blast with real "0") as these are a special case as you pointed out in the shoutbox.

Then the comparison is dead easy ....YAY

repeat index from 0 to 18                      ; read in 19 bytes of raw RFID data
    RFIDTEMP[index] := pstrfid.CharIn

    RFIDRX[0]  :=  RFIDTEMP[2] +$13    ; load RXbuffer with relevant extracted raw numbers and add  hex13 to them
    RFIDRX[1]  :=  RFIDTEMP[3] +$13
    RFIDRX[2]  :=  RFIDTEMP[4] +$13     ;.....etcetcetc

.....repeat index from 0 to 9        ; parse numbers
        if RFIDRX[index]  ==  $3A  ; search for bogus zeros "0"s
           RFIDRX[index]  :=  $30   ; replace with real "0"s

      if strcomp(@RFIDRX, @Multipass)     ;compare with database
          pst.Str(String("Multipass 0001837321"))
          OUTA[2]~~ 'Make P2 high    ; fire the door solenoid
          waitcnt(clkfreq+cnt)              ; 1 second is enough
          OUTA[2]~ 'Make P2 low        ; reset solenoid

dat    Multipass     Byte "0001837321", 0  .......etcetcetc list of your RFID codes .....NOW in DECIMAL YAY

        RFIDRX        Byte "1234567890",0                      ;  10 digit number buffer , holds the end number result
        RFIDTEMP   Byte "1234567890123456789",0      ;   19 digit raw buffer


I have to admit i have been puzzled by these numbers - how the heck did you see through them.......

It was killing me that they looked like numbers......but not just exactly numbers..... and they where all low and in a 0 to 9 span.

This is a great help and i will have fun writing a decode proggy for it.........Coolio Birdmun


Once they were decoded from HEX to DEC seeing the 3 39's I figured they were 0's and then just plonked the rest of the numbers in sequence.