Reprogrammable RFID credentials are very popular with penetration testers, red teamers, and hackers. While conventional white plastic ID cards are the most typical format for such badges, RFID credentials come in a variety of sizes and form factors. Small fobs and stickers are somtimes seen. For a more covert approach, some red teamers will opt to wear an RFID ring. The most hardcore folk will even rely on biohacking implants that don't show up visibly at all!
But these smaller types of credentials (especially rings, implants, and tiny sticker dots) can exhibit reliability problems with some readers due to the very small size of their antennas.
If you are interested in having a "covert" RFID credential on you that doesn't look like a work badge or wireless fob at first glance, perhaps you'd find this Red Team Tools wristaband credential useful. While there are other "wristband" style RFID tags on the market, most are -- to put it mildly -- absolutely ugly. Ours, however, is designed to have the appearance of a popular health and fitness wearable. The product's size means that the internal antennas are larger and thus much more reliable with a wide range of readers.
This RFID wristband contains two separate programmable and re-writable credentials inside of it:
1. a T5577-compatible Low Frequency 125KHz read/writable credential which can be programmed to emulate many popular access control system cards. The specific chip is the EM4x05 which is capable of emulating the following access control credential cards:
- HID Prox
- Indala Flexpass
- Kantech ioProx
- Swatch EM41xx
- Applied Wireless AWID
- Farpointe Data Systems
- Honeywell NexWatch
- eTag SecuraKey
2. an ISO14443A "Magic MIFARE" chip High Frequency RFID 13.56 MHz read/writable credential with some notable features:
- Designed to mimic the functionality of a Mifare 1K card
- UID Changeable Card
- Operating frequency: 13.56 MHz
- 16-bit CRC, parity, bit anti-collision coding, bit counting
- Data transfer of 106 kbit/s
Most field teams opt to interact with these credentials using a tool such as the Proxmark3, but it is also possible to program and configure these RFID chips with smaller tools like the Flipper Zero, "Cloner Guns", etc.