ChameleonTiny Professional (With Bluetooth)

admin — Thu, 02 Jul 2020 12:02:34 +0000

Description

What is a ChameleonMini ?

ChameleonMini is a versatile tool for practical NFC and RFID security analysis, compliance and penetration tests, and various end-user applications. The freely programmable platform can create perfect clones of various existing commercial smartcards, including cryptographic functions and the Unique Identifier (UID). It can be employed to assess security aspects in RFID and NFC environments in different attack scenarios, such as replay or relay attacks, state restoration attacks, sniffing of NFC communication, or functional tests of RFID equipment. New firmware for the ChameleonMini can be comfortably uploaded via a USB bootloader. A convenient, human-readable command set allows to configure its behavior and update the settings and content of up to eight internally stored, virtualized contactless cards. During battery-powered stand-alone operation, the integrated buttons and LEDs enable user interaction and feedback.

What’s new with our ChameleonTiny Prof Rev.G by ProxGrind ?

We have added more new things into the ChameleonMini than before.

√ Android App

√ Bluetooth NRF52832

√ Many many more ! (Check below for details)

Android App Showcase:

Parameter

Battery Type: LIR2032h rechargeable lithium-ion battery

Charging Time: 2 hours @ 0-100%

Charging Current: 40mA

Standby Current: 38ma

Sleep Current: 4uA

Card Reading Current: 65mA

Battery Capacity: 70mah

Usage Time: Use the tag 3 times a day, power on for 5 seconds each time, can use up to one year.

Port Type: Type-C (Tiny Pro)

The post ChameleonTiny Professional (With Bluetooth) first appeared on ChameleonMini & ChameleonTiny by ProxGrind.

B. Quick Crash Course

admin — Wed, 11 Mar 2020 07:00:56 +0000

Quick Crash Course

1.Detect keys and upload card files

(1) Prepare the computer GUI or Android APP.

Computer GUI download address: http://www.icesql.se/download/ChameleonMiniGUI/publish.htm

Source: https://github.com/iceman1001/ChameleonMini-rebootedGUI

Android APP download address:

Google Store: https://play.google.com/store/apps/details?id=com.proxgrind.chameleon

(2) Connect the Chameleon MINI or TINY using the Android APP.

USB port direct connection: Both the Chameleon MINI and TINY support direct connection to the mobile phone USB port. For the MINI, an additional OTG adapter needs to be purchased. TINY uses its own dual-headed TYPEC data cable to connect directly to TYPEC mobile phones.

Bluetooth connection: Chameleon MINI has built-in Bluetooth BLE4.0. Press any button first to wake up Bluetooth. Turn on Bluetooth on your Android phone and the app will automatically connect.

(3) Use Android APP to enable detection mode.

After connecting, click on a single card slot and select DETECTION_1K or 4K in the “card slot mode”. This card slot has the detection mode turned on. Write the original card number in the “UID Card Number” column. Click “Write.” If you don’t know the UID number, you can fill in it at will. Then click the “Clear” button below to clear the last detection record.

(4) Use Android APP to get keys.

. At this time, connect back to the mobile phone and click the “crack” button. After few seconds, the app will automatically solve and list the results, as shown in the figure below:

The list shows which blocks the read head just visited, and what password was used for each access.

At this point, click the “History” button, the APP will automatically list the keys separately and copy it automatically for easy copying to other software for next use.

If your mobile phone comes with NFC function, you can directly put the original card on the mobile phone NFC at this time, the APP will automatically use the key in the list to read the entire card, and after successful, it will automatically save the entire card data file on the mobile phone. .

Note: Multiple red LEDs are on at the same time during detection, which means the memory is full, just clear the memory.

(5) Use Android APP to import existing card data files in batches.

Use QQ to send the card data file to the mobile phone QQ, or connect the mobile phone to the computer and transfer the file to any directory on the mobile phone.

Open the app, click the “DUMP” column below, click the “SCanner” in the “plus sign” in the upper right corner, click the three horizontal line buttons in the upper left corner, and select this phone. Then select the root directory of the QQ receiving file or the previously copied directory, and click Allow Access. All card data files will be automatically scanned into the “DUMP file” interface, which can be uploaded or edited at will.

Click the card data file in the “DUM” column below, and click “Upload” below to upload to the card slot corresponding to the chameleon.

Introduction to UID mode and SAK mode

(1) UID mode

After the UID mode is turned on, the card simulated by Chameleon will become a GEN1a card, commonly known as a UID card, Chinese magic card.

Global card slot takes effect.

How to open: Click the button “UID Changeable (GEN1a)” in the APP or directly send the command “UIDMODE = 1” to turn it on, and “UIDMODE = 0” to turn it off.

(2) SAK mode

After the SAK mode is turned on, the card will feedback the real SAK value when it is being found. The SAK value is determined by the 0 sector and 0 block, and the position is the position of the sixth byte immediately after the UID number. If the SAK mode is not turned on, the SAK is a fixed value of 08, and 0 blocks of data are ignored.

This function is used to meet the situation that some cards with special SAK values cannot be used normally after being copied, and can achieve better compatibility.

The current card slot takes effect.

How to open: Click the “SAK Mode” button in the APP or directly send the command “SAKMODE = 1” to turn it on, and “SAKMODE = 0” to turn it off.

3. Card slot function introduction

UID Card Function Class

Cracking and card reading functions

4. Button Custom Function Introduction

The post B. Quick Crash Course first appeared on ChameleonMini & ChameleonTiny by ProxGrind.