ProxmarkPro - Using HID Brute
This blog post covers how to do a brute force attack with a HID tag on the ProxmarkPro. A Brute force attack is done by trying to guess multiple tag UID's similar to a known working tag UID to gain access.
For this post you will need the following:
- HID Tag Saved
There will be no client setup necessary for this post. Everything will be done using Unchained mode on the ProxmarkPro. We will be using a HID tag that is already saved on the SD Card to start the brute force process.
HID Brute with ProxmarkPro
1. Connect the LF Antenna and navigate to the Load Tag Menu option. Select HID and then your desired Tag. We will be using a Tag that we have named Office on the SD Card.
2. Navigate to the HID menu and then the Brute option.
3. In the Brute menu select Method, Card Random. Select From Current. The current tag loaded will now be set for the Brute.
4. In the Brute menu select Start. The ProxmarkPro will now attempt to do a brute force attack on the reader with card numbers similar to the tag you have loaded.
Note: In the brute menu You also have the option to manually change the HID tag UID, Facility Code, and format length. Some readers may require a faster or slower replay rate, you can change this as well in the menu options.