Hack Chip. Catch all dem waves (part 4 of /n)

Im pretty happy with the Hack Chip and its wif scanning capabilities. It fun to just walk around the town and catch all those wifi waves.
As I was cleaning my desk I realized I had a Proxmark3 RDV2 kit laying around. (yea I know, “how could you forget??”)
Warning: The Proxmark3 is not a cheap tool.
Anyway so as a challenge I decided to integrate the Proxmark3 RDV2 Kit into the Hack Chip.
The Proxmark3 is a great little tool to copy/clone RFID tags/cards. Head over @hackerwarehouse’s youtube channel to see it in action.
So let’s get cracking to catch all them waves. To begin with you need a ready to go Proxmark3 ,I’m sure you can flash the Proxmark with the Hack Chip but it seems a bit unfitting.
1.Getting the Hack Chip ready.
Building the software for the Proxmark is pretty straight forward and just follow the guide on the Proxmark github. There were 3 points I had to figure out.
To install one of the dependencies “readline” you have to install the dev package
chip@192.168.1.1$ sudo apt-get install libreadline6-dev
You also need to install the gcc-arm-non-eabi package (gcc cross compiler for ARM)
chip@192.168.1.1$ sudo apt-get install gcc-arm-none-eabi
You will need to install the driver as explained in the Gentoo/Pentoo install.
The rest should be the same as the GitHub README. (git clone etc.. )
Its probably better to directly connect the Proxmark3 to the Hack Chip and not via the usb-hub, since the usb-hub is a non-powered usb hub.
Now the Hack Chip is ready to RFID shit up.
chip@192.168.1.11$ ./proxmark3 /dev/ttyACM0
proxmark3> lf search
#db# DownloadFPGA(len: 42096)
NOTE: some demods output possible binary
if it finds something that looks like a tag
False Positives ARE possible
Checking for known tags:
EM410x pattern found:
EM TAG ID : 3C006E22A6
Possible de-scramble patterns
Unique TAG ID : 3C00764465
HoneyWell IdentKey {
DEZ 8 : 07217830
DEZ 10 : 0007217830
DEZ 5.5 : 00110.08870
DEZ 3.5A : 060.08870
DEZ 3.5B : 000.08870
DEZ 3.5C : 110.08870
DEZ 14/IK2 : 00257705255590
DEZ 15/IK3 : 000257705788517
DEZ 20/ZK : 03120000070604040605
}
Other : 08870_110_07217830
Pattern Paxton : 1015177382 [0x3C8260A6]
Pattern 1 : 10295473 [0x9D18B1]
Pattern Sebury : 8870 110 7217830 [0x22A6 0x6E 0x6E22A6]
Valid EM410x ID Found!
proxmark3>

And there you go , catch all dem waves!
The Proxmark3 can be used in standalone mode (meaning it can copy write if its running without a PC) so we want to keep that functionality yet also zombie-frankenstein the Proxmark onto the Hack Chip for easy usage.
Granted this process took some trial and error, initially I wanted to run all the antenna cables internally through the Hack Chip casing, however as it turns out there just ins enough space around the battery pack to run the antenna cables without putting too much stress on the connectors or the cable.
Mounting the Proxmark3 to the Hack Chip .
For this part you gonna need a couple of things.
- M2 screws and nuts. (Preferably different length, but I mainly used M2x12 size. If you do a lot of single board building having a box full of these is a must)
2. Nylon spacers
3. A drill and a couple of different sizes bits.
4. Square file
5. Exacto Knife
Tip: To drill the holes for the cable, start with a small bit to first drill the guide hole. Drill the hole at an angle to allow smoother feeding of the cable through the casing. Use the exacto knife to clear of some of the drill burrs.

I ended using just the center 2 holes in the Proxmark3 pcb to secure the Proxmark3 to the Hack Chip. To give the Proxmark3 a lower profile (less snag possibilities) yet maintain the structural integrity I used the original Proxmark3 cover pcb but instead to the screws that come with the Proxmark3 , I just used the M2 screws and some spacers to to combine the cover pcb and the main pcb.
You will need to drill a hole for the battery connector of the PCB to escape through the Hack Chip casing. Just drill a hole and use the square file to make the hole square.

Then its just a matter of patience and finger dexterity .
Drilling the hold in the Hack Chip Case just above the batter is tricky , just go slow.

Now the Hack Chip can not only scan for Wifi but also read/clone/emulate RFID.
Next Episode: More insanity continues.