From 78a15913924b08d5c62ae3f93ac8b53d9be75e87 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Tue, 31 May 2022 16:39:47 -0400 Subject: [PATCH 01/27] Update to Readme Reorganized much of the info. Removed redundant entries. Grammar changes. Consistent wording and format. Added a small amount of new info. --- README.md | 446 +++++++++++++++++++++++++++--------------------------- 1 file changed, 221 insertions(+), 225 deletions(-) diff --git a/README.md b/README.md index f3acdd9f..13ed22ba 100644 --- a/README.md +++ b/README.md @@ -1,142 +1,146 @@ -Chameleon-Mini -============== -This is NOT the official repository of ChameleonMini, a freely programmable, portable tool for NFC security analysis that can emulate and clone contactless cards, read RFID tags and sniff/log RF data. +# Chameleon-Mini -Chameleon BLE API -[**Codes.RAR**](https://github.com/RfidResearchGroup/ChameleonBLEAPI/blob/master/code.rar) +This is NOT the official repository of ChameleonMini, a freely programmable portable tool for NFC security analysis that can emulate and clone contactless cards, read RFID tags and sniff/log RF data. -Our Project is based on the open-source project by ChameleonMini RevG by Kasper & Oswald [Webshop](https://shop.kasper.it/). +Our Project is based on the open-source project [ChameleonMini RevG](/../../../../emsec/ChameleonMini) by Kasper & Oswald. They also have their own [Webshop](https://shop.kasper.it/). -Our ChameleonMini / ChameleonTiny by ProxGrind is available on Indiegogo now. -**[Done](https://www.indiegogo.com/campaigns/chameleonmini-rev-g-chameleontiny-by-proxgrind/)** - -Our Asia & Oceania Reseller -**[Here](https://sneaktechnology.com/)** - -Our Europe Reseller -**[Here](https://lab401.com/)** - -Our US Reseller -**[Here](https://hackerwarehouse.com/)** - -Most information can be found on **[Here](http://chameleontiny.com/)** - -Our Android APP can be found here: **[Here](https://play.google.com/store/apps/details?id=com.proxgrind.chameleon)** - -[Bettse](https://github.com/bettse) wrote an iOS app: **[ChameleonTiny Manager](https://apps.apple.com/us/app/chameleontiny-manager/id1601341565)** - -Dropbox download for all relevant files: [Link-Broken] ----------------------------------------- -**[Here](https://www.dropbox.com/s/xt2o9ugalaam4xu/REV.G%20User%20Manual%2020200309.zip?dl=0)** **Dropbox** - -**[Here](https://drive.google.com/open?id=1nU6r8VS4HwFRkp9hhhIlAmfU49p4cbn6)** **Google Drive** - -A.Upgrade to the latest firmware -============================== - -1.Upgrade Chameleon AVR Firmware ------------------------------ - -(1) Prepare your Windows computer. Linux or MAC please refer to GITHUB. - -(2) Prepare the firmware. Go to GITHUB to compile the latest firmware: -**[Here](https://github.com/RfidResearchGroup/ChameleonMini)** - -Or use the firmware in attachment. - -(3) Install the DFU driver. The DFU driver comes from ATMEL's official LIBUSB driver library. You can download it yourself or find it in attachment. - -(4) Enter the chameleon DFU mode. When the device is off, press and hold the yellow button near the USB (TINY is the B button), insert the USB, and then you can enter the DFU upgrade mode. Or send the command "UPGRADE" in the connected state, and it can also enter the DFU upgrade mode. - -(5) Start to upgrade the firmware. Run the "ChameleonFirmwareUpgrade.bat" file in the attachment to automatically start the firmware upgrade. It usually takes 2-5 seconds. After the progress bar is complete, the firmware upgrade is complete! - -(6) A description of the firmware. The chameleon REV.G version uses the same firmware for both the MINI with Bluetooth version and ITNY. The hardware design of the RF part is exactly the same. -The hardware is also compatible with the official firmware of the KAOS brothers: **[Here](https://github.com/emsec/ChameleonMini)** - -It should be noted that the Android APP is currently not compatible with the official firmware. - -2. Upgrade (OTA) Bluetooth firmware for Chameleon MINI - -(1) Prepare Android phone and install APP. - -Google Store: **[Here](https://play.google.com/store/apps/details?id=com.proxgrind.chameleon)** - -**Password: e4g1** - -(2) Open the app and connect the device using Bluetooth. Press any button on the MINI, and the white battery light is on, and Bluetooth is connectable. At this time, open the app again and click Connect to automatically connect the chameleon. - -(3) Start upgrade (OTA) Bluetooth firmware. In the “Device Information” column, press “BLE CMD Version” 5 times. -It will pop up the OTA upgrade page, click "Auto Upgrade", and the APP will immediately start to upgrade the latest Bluetooth firmware that comes with it. Automatically exit after the upgrade is complete. - ------------------------ - -B. Quick Crash Course -==================== - -**1.Detect keys and upload card files** - -(1) Prepare the computer GUI, Android APP, or iOS App: -  -Computer GUI download address: **[Here](http://www.icesql.se/download/ChameleonMiniGUI/publish.htm)** - -Source: **[Here](https://github.com/iceman1001/ChameleonMini-rebootedGUI)** - -Android APP download address: - -Google Store:**[Here](https://play.google.com/store/apps/details?id=com.proxgrind.chameleon)** - -iOS App download address: - -Apple App Store: **[Here](https://apps.apple.com/us/app/chameleontiny-manager/id1601341565)** - -**Password: e4g1** - -(2) Connect the Chameleon MINI or TINY using the Android APP. - -USB port direct connection: Both the Chameleon MINI and TINY support direct connection to the mobile phone USB port. For the MINI, an additional OTG adapter needs to be purchased. TINY uses its own dual-headed TYPE-C data cable to connect directly to TYPE-C mobile phones. -Bluetooth connection: Chameleon MINI has built-in Bluetooth BLE4.0. Press any button first to wake up Bluetooth. Turn on Bluetooth on your Android phone and the app will automatically connect. - -(3) Use Android APP to enable detection mode. - -   After connecting, click on a single card slot and select DETECTION_1K or 4K in the "card slot mode". This card slot has the detection mode turned on. Write the original card number in the "UID Card Number" column. Click "Write." If you don't know the UID number, you can fill in it at will. Then click the "Clear" button below to clear the last detection record. - -(4) Use Android APP to get keys. - -At this time, take the chameleon to the access control reader and swipe. The key and access traces when the chaser reads the chameleon will be recorded by the chameleon. -. At this time, connect back to the mobile phone and click the "crack" button. After few seconds, the app will automatically solve and list the results, as shown in the figure below: +- Information: + - Most information can be found: **[Here](http://chameleontiny.com/)** + - Chameleon BLE API: [**Codes.RAR**](/../../../../RfidResearchGroup/ChameleonBLEAPI/blob/master/code.rar) +- Apps: + - Android: **[Chameleon](https://play.google.com/store/apps/details?id=com.proxgrind.chameleon)** + - IOS: **[ChameleonTiny Manager](https://apps.apple.com/us/app/chameleontiny-manager/id1601341565)** + - Credit to **[bettse](/../../../../bettse)** + - Password: e4g1 +- Resellers: + - Our Asia & Oceania Reseller: **[Here](https://sneaktechnology.com/)** + - Our Europe Reseller: **[Here](https://lab401.com/)** + - Our US Reseller: **[Here](https://hackerwarehouse.com/)** +Repository Structure +-------------------- +The code repository contains +- Doc: A doxygen documentation +- Drivers: Chameleon drivers for Windows and Linux +- Dumps: Dumps of different smartcards +- Hardware: The layout and schematics of the PCB +- Firmware: The complete firmware including a modified Atmel DFU bootloader and LUFA +- Software: Contains a python tool for an easy configuration (and more) of the ChameleonMini, Note that this is currently under construction +- RevE: Contains the whole contents of the discontinued RevE repository. +- RevE-light: Contains our development files for the RevE-light - **WARNING:** currently not supported / not functional + +## A. Upgrade to the latest firmware + +### A1. Upgrade Chameleon AVR Firmware +--- + +#### 1. Prepare your Windows. Linux, or MAC computer + + 1. Prepare the firmware. Go to GITHUB to compile the latest firmware: **[Here](/../../../../RfidResearchGroup/ChameleonMini)**. + 1. Or use the precompiled [firmware in the release section](/../../../../iceman1001/ChameleonMini-rebooted/releases). + 2. Install the DFU driver. The DFU driver comes from ATMEL's official LIBUSB driver library. You can download it yourself or find it in attachment. + +#### 2. Write the firmware + + 1. Enter the chameleon DFU mode. When the device is off, press and hold the yellow button near the USB (TINY uses the B button), insert the USB, and then you can enter the DFU upgrade mode. Or send the command `UPGRADE` in the connected state, and it can also enter the DFU upgrade mode. + 2. Start to upgrade the firmware. Run the `ChameleonFirmwareUpgrade.bat` file in the attachment to automatically start the firmware upgrade. It usually takes 2-5 seconds. After the progress bar is complete, the firmware upgrade is complete. + +- Note: + - The chameleon REV.G version uses the same firmware for both the MINI with Bluetooth version and TINY. The hardware design of the RF part is exactly the same. The hardware is also compatible with the official firmware of the [KAOS brothers](/../../../../emsec/ChameleonMini). + - The Android APP is currently not compatible with the official firmware. + +### A2. Upgrade (OTA) Bluetooth firmware for Chameleon MINI +--- + +#### 1. Download the APP: + - Android: **[Chameleon](https://play.google.com/store/apps/details?id=com.proxgrind.chameleon)** + - IOS: **[ChameleonTiny Manager](https://apps.apple.com/us/app/chameleontiny-manager/id1601341565)** + - Password: e4g1 +#### 2. Open the app and connect the device using Bluetooth. + 1. Press any button on the MINI and the white battery light should come on. You can now connect via Bluetooth. + 2. Open the app again and click `Connect` to automatically connect the chameleon. +#### 3. Start the upgrade (OTA) of the Bluetooth firmware. + 1. In the `Device Information` column, press `BLE CMD Version` 5 times. + 2. On the `OTA upgrade` page, click `Auto Upgrade`, and the APP will immediately start to upgrade to the latest Bluetooth firmware that comes with it. + 3. The app will automatically exit after the upgrade is complete. + +## B. Crash Course + +### B1. Detect keys and upload card files +--- + +#### 1. Prepare the computer GUI, Android APP, or iOS APP + + 1. Tools: + - Windows GUI: **[Here](http://www.icesql.se/download/ChameleonMiniGUI/publish.htm)** + - Source: **[Here](/../../../../iceman1001/ChameleonMini-rebootedGUI)** + 2. Download the APP: + - Android: **[Chameleon](https://play.google.com/store/apps/details?id=com.proxgrind.chameleon)** + - IOS: **[ChameleonTiny Manager](https://apps.apple.com/us/app/chameleontiny-manager/id1601341565)** + - Password: e4g1 + 3. Connect to the Chameleon MINI or TINY using the APP. + - Connect via USB + + - Note: + - Both the Chameleon MINI and TINY support direct connection to the mobile phone USB port. + - For the MINI, an additional OTG adapter needs to be purchased. TINY uses its own dual-headed TYPE-C data cable to connect directly to TYPE-C mobile phones. + - Chameleon MINI has built-in Bluetooth BLE4.0. Press any button first to wake up Bluetooth. Turn on Bluetooth on your Android phone and the app will automatically connect. + +#### 2. Use Android APP to enable detection mode + + 1. After connecting, click on a single card slot and select `DETECTION_1K` or `4K` in the `card slot mode`. This card slot will now have the detection mode turned on. + 2. Write the original card number in the `UID Card Number` column. Click `Write`. If you don't know the UID number, you can fill in it at will. + 3. Then click the `Clear` button below to clear the last detection record. + +#### 3. Use the APP to get keys + + 1. Take the chameleon to the access control reader and swipe. The key and access traces when the chaser reads the chameleon will be recorded by the chameleon. + 2. Connect back to the mobile phone and press the `crack` button. + 3. After few seconds, the app will automatically solve and list the results, as shown in the figure below: + Untitled-1 -The list shows which blocks the read head just visited, and what password was used for each access. -At this point, click the "History" button, the APP will automatically list the keys separately and copy it automatically for easy copying to other software for next use. -If your mobile phone comes with NFC function, you can directly put the original card on the mobile phone NFC at this time, the APP will automatically use the key in the list to read the entire card, and after successful, it will automatically save the entire card data file on the mobile phone. . -Note: Multiple red LEDs are on at the same time during detection, which means the memory is full, just clear the memory. + 4. The list shows which blocks the read head just visited, and what password was used for each access. + 5. Click the `History` button. The APP will automatically list the keys separately and copy it for other software if it is needed for the next use. + 6. If your mobile phone comes with an NFC function, you can put the original key directly on the mobile phone. + 7. The APP will automatically use the key in the list to read the entire card, and after successful, it will automatically save the entire card data file on the mobile phone. -(5) Use Android APP to import existing card data files in batches. + - Note: + - Multiple red LEDs are on at the same time during detection, which means the memory is full, just clear the memory. - Use QQ to send the card data file to the mobile phone QQ, or connect the mobile phone to the computer and transfer the file to any directory on the mobile phone. -Open the app, click the "DUMP" column below, click the "Scanner" in the "plus sign" in the upper right corner, click the three horizontal line buttons in the upper left corner, and select this phone. Then select the root directory of the QQ receiving file or the previously copied directory, and click Allow Access. All card data files will be automatically scanned into the "DUMP file" interface, which can be uploaded or edited at will. +#### 4. Use Android APP to import existing card data files in batches. -Click the card data file in the “DUMP” column below, and click “Upload” below to upload to the card slot corresponding to the chameleon. + 1. Use QQ to send the card data file to the mobile phone QQ, or connect the mobile phone to the computer and transfer the file to any directory on the mobile phone. + 2. Open the app, click the `DUMP` column below, click the `Scanner` in the plus sign in the upper right corner. + 3. Click the three horizontal line buttons in the upper left corner, and select this phone. + 4. Select the root directory of the QQ receiving file or the previously copied directory, and click `Allow Access`. + 5. All card data files will be automatically scanned into the `DUMP` file interface, which can be uploaded or edited at will. + 6. Click the card data file in the `DUMP` column below, and click `Upload` below to upload to the card slot corresponding to the chameleon. -**2. Introduction to UID mode and SAK mode** +### B2. Introduction to UID mode and SAK mode +--- -(1) UID mode +#### 1. UID Mode -After the UID mode is turned on, the card simulated by Chameleon will become a GEN1a card, commonly known as a UID card, Chinese magic card. -Global card slot takes effect. -How to open: Click the button "UID Changeable (GEN1a)" in the APP or directly send the command "UIDMODE = 1" to turn it on, and "UIDMODE = 0" to turn it off. + 1. Enter UID mode: + - Click the button `UID Changeable (GEN1a)` in the APP or directly send the command `UIDMODE = 1` to turn it on, and `UIDMODE = 0` to turn it off. + 2. After the UID mode is turned on, the card simulated by Chameleon will become a GEN1a card, commonly known as a UID card or Chinese magic card. + 3. Global card slot takes effect. -(2) SAK mode +#### 2. SAK mode -After the SAK mode is turned on, the card will feedback the real SAK value when it is being found. The SAK value is determined by the 0 sector and 0 block, and the position is the position of the sixth byte immediately after the UID number. If the SAK mode is not turned on, the SAK is a fixed value of 08, and 0 blocks of data are ignored. -This function is used to meet the situation that some cards with special SAK values cannot be used normally after being copied, and can achieve better compatibility. -The current card slot takes effect. -How to open: Click the "SAK Mode" button in the APP or directly send the command "SAKMODE = 1" to turn it on, and "SAKMODE = 0" to turn it off. + 1. Click the `SAK Mode` button in the APP or directly send the command `SAKMODE = 1` to turn it `ON`, and `SAKMODE = 0` to turn it `OFF`. + 2. After the `SAK Mode` is turned `ON`, the card will feedback the real SAK value when it is found. + 3. The SAK value is determined by the 0 sector, 0 block, and the position is the position of the sixth byte immediately after the UID number. + 4. If the SAK mode is not turned on, the SAK is a fixed value of 08, and 0 blocks of data are ignored. + 5. This function is used to meet the situation that some cards with special SAK values cannot be used normally after being copied, and can achieve better compatibility. + 6. The current card slot takes effect. -**3. Card slot function introduction** +### B3. Card Slot Functions +--- + +#### 1. UID Card Function Class -UID Card Function Class |Option | Type | Length of UID | Memory Size | | ------------------- |:-------------------:| -------------------:| -------------------:| @@ -151,8 +155,9 @@ SL2S2002|-|8 Byte|8192 byte| TITAGITSTANDARD|-|8 Byte|44 byte| EM4233|-|8 Byte|208 byte| -**Cracking and card reading functions** -  +#### 2. Cracking and Card Reading Functions + + |Option | Ability | Cracking Type | APP Supported | | ------------------- |:-------------------:| -------------------:| -------------------:| MF_DETECTION_1K|Detecting reader to obtain keys|MFKEY32V2|List results directly| @@ -161,7 +166,8 @@ ISO14443A_READER|Reader Mode|-|Display UID| ISO14443A_SNIFF|Sniffing|-|Not supported| ISO15693_SNIFF|Sniffing|-|Supported| -**4. Button Custom Function Introduction** +#### 3. Custom Button Functions + |Option names | Description | | ------------------- |:-------------------:| @@ -180,42 +186,75 @@ STORE_LOG|Write the log data in the temporary cache to the memory, which can be CLEAR_LOG|Clear log data immediately after pressing| CLONE|Read the UID card number immediately after pressing, continue searching, and simulate immediately after reading the card| -Button Usage ------------ -When the power is off, press any button once to turn on the Bluetooth power, and at the same time, display the current power with a white LED. -In the Bluetooth 'ON' state, click any button to turn off the Bluetooth power, the power LED goes out, and the system sleeps. -Bluetooth will sleep automatically 15 seconds after no operation. -Press any button for a long time, you can quickly check the power, and immediately sleep when you release. -Click the button three times to turn on the power of chameleon. Sleep automatically after 5 seconds without operation. -When shutting down, press and hold the button next to USB and then connect USB. You can enter DFU mode. -Charging: Any time you connect USB, it will automatically start charging. Stop automatically after filling. The white LED indicates the power level. -Detect memory full: If the memory is full during dense flow detection, multiple red LEDs will be abnormally lit. +## C. Hardware and Basic Use + +### C1. All units +--- + +#### 1. Charging: + - Any time you connect USB, it will automatically start charging. + - It will stop automatically after filling. + - The white LED indicates the power level. + +#### 2. Detect memory full: + - If the memory is full during dense flow detection, multiple red LEDs will be abnormally lit. + +#### 3. Charging and Standby Mode + + - Charging method: Plug in the USB at any time and start charging immediately + - Battery type: LIR2032H replaceable lithium-ion rechargeable battery + - Charging time: 2 hours @ 0-100% + - Charging current: 40mA + - Start-up current: 38mA + - Card reading current: 65mA + - Sleep current: 5uA (9uA-MAX) + - Battery capacity: 70mAh + - Duration: Swipe the card 3 times a day for 5 seconds each time, and it can be used for one year on a single charge + - Sleeping time: Fully charged, it can be left for two years when it is turned off and sleeping + - Port type: + - MINI: MicroUSB + - TINY: Type-C + +#### 4. Schematics for ChameleonMini + + - Chameleon Tiny: **[Here](http://chameleontiny.com/downloads/)** -C.Hardware Introduction -======================= +### C2. ChameleonMini Rev G +--- -**1.Button function introduction** +#### 1. Turn on Bluetooth and check the battery: + 1. When the power is `OFF`, press any button once to turn on the Bluetooth power, and at the same time, display the current power with a white LED. + 2. With the Bluetooth in the `ON` state, click any button to turn off the Bluetooth power, the power LED goes out, and the system sleeps. + 3. Bluetooth will sleep automatically after no operation for 15 seconds. + - Press any button once to shut down immediately. -(1)ChameleonMini Rev G +#### 2. Turn on the chameleon: + 1. With the Bluetooth in the `ON` state, double click any button. Or in the `OFF` state, triple click any button times to turn `ON` the chameleon. + 2. The red LED lights up to indicate the slot number. + 3. Chameleon will automatically sleep and shut down after no operation for 5 seconds. + +#### 3. Bootloader/DFU firmware upgrade methods: + 1. With the chameleon in the `OFF` state, press and hold the yellow button near the USB while inserting it into the USB port. The chameleon will enter the `DFU firmware upgrade` mode. + 2. Plug your chameleon in via USB into a PC and use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. + 3. [Further instrucitons](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) -Turn on Bluetooth and check the battery: -In the off state, press any button once to turn on the Bluetooth power and light up the white LED to show the current power. After 15 seconds, it will automatically shut down after no operation. Bluetooth is on. Press any button once to sleep and shut down immediately. Can be used to quickly check the battery level. -Turn on the chameleon: -When the Bluetooth is on, press any button twice (double-click), or in the off state, press any button three times (three-click) to turn on the chameleon. The red LED lights up to indicate the slot number. After 5 seconds without operation, it will automatically sleep and shut down. -DFU firmware upgrade status: -In the closed state, press and hold the yellow button near the USB, and then let go after inserting the USB, the chameleon enters the DFU firmware upgrade mode. +### C3. Chameleon Tiny +--- -(2 ) ChameleonTiny +#### 1. Turn on the chameleon: + 1. With the chameleon in the `OFF` state, press the A button once to turn on the chameleon power. + 2. The red LED lights up to indicate the slot number. + 3. Chameleon will automatically sleep and shut down after no operation for 5 seconds. This can be adjusted in the Android APP. -Turn on the chameleon: -In the off/standby state, press the A button once to turn on the chameleon power. The red LED lights up to indicate the slot number. After 5 seconds without operation, it will automatically sleep and shut down. This can be adjusted in Android Application. -DFU firmware upgrade status: -In the off state, hold down the B button and connect the USB. You can enter the DFU mode to flash new firmware . +#### 2. Bootloader/DFU firmware upgrade methods: + 1. With the chameleon in the `OFF` state, press and hold the B button while inserting it into the USB port. - **Appendix** - ================= +## D. Appendix -**1.Feature comparison table for each version** +### D1.Feature comparison table for each version +--- + +#### 1. Comparison Table of Specs |- | Rev.G Official by KAOS | Rev.E Old Rdv2.0 by ProxGrind | Rev.G by ProxGrind |Rev.G Tiny by ProxGrind | | ------------------- |:-------------------:| -------------------:| -------------------:|-------------------: @@ -236,7 +275,8 @@ In the off state, hold down the B button and connect the USB. You can enter the **Android APP**|×|×|√|√| **Firmware anti lost**|×|×|√|×| -**2.Comparison Table Analog Card Characteristic** +#### 2.Comparison Table of Analog Card Characteristics +--- ||**Rev.G Official By KAOS**|**Rev.E old RDV2.0 By PROXGRIND**|**Rev.G new RDV2.0 By PROXGRIND** |**M1 white tag**| | ------------------- |:-------------------:| -------------------:| ------------------- |-------------------:| @@ -249,7 +289,8 @@ In the off state, hold down the B button and connect the USB. You can enter the **Magic back door** |By default|No|Dual mode|No **SAK ATQA Support**|No|No|Modifiable|No| -**3.List of new commands** +#### 3.Comparison Table of New Commands +--- | Command | Effect Range | Description | | ------------------- |:-------------------:| -------------------:| @@ -264,23 +305,22 @@ In the off state, hold down the B button and connect the USB. You can enter the **DETECTION=0**|Device|Clears the detection log memory| **DETECTION?**|Device|Wait for an XModem connection and then downloads the binary detection log data.| -4.Complete Instruction List ------------------------ - -From the official: -**[Here](https://rawgit.com/emsec/ChameleonMini/master/Doc/Doxygen/html/_page__command_line.html)** +### D2.Complete Instruction List +--- -Or see the instruction sheet in the attached files. +#### 1. From EMSEC: + - [Here]((/../../../../emsec/ChameleonMini/master/Doc/Doxygen/html/_page__command_line.html) + +#### 2. This repo + - [Instruction sheet](/../../../../RfidResearchGroup/ChameleonMini/blob/proxgrind/Doc/DoxygenPages/CommandLine.txt) -(1)Simulation Support +### D5. Supported Cards, Encoding, & Simulation Types +--- -5.Supported Cards & Encoding Types -------------------------------- +#### 1. From EMSEC: + - [Here](/../../../../emsec/ChameleonMini/wiki/Supported-Cards-and--Codecs) -From the official: -**[Here](https://github.com/emsec/ChameleonMini/wiki/Supported-Cards-and--Codecs)** - -(1)Simulation Support +#### 2. Comparison Table of Encoding/Simulation Types |Card Type|Encoding Type|Whether the hardware supports|Does the software support|Whether the application layer supports|Note| | ------------------- |:-------------------:| -------------------:| ------------------- |:-------------------:| -------------------:| @@ -300,7 +340,7 @@ TiTagIT Standard|ISO15693|Support|Support|Support| EM4233|ISO15693|Support|Support|Support| -(2)Sniff Mode Support Type +#### 3. Comparison Table of Sniff Modes |Encoding type|Whether the hardware supports|Does the software support| Whether the application layer supports|Note| @@ -310,7 +350,7 @@ ISO 14443 A 106 kbit/s|Reader -> card Direction sniffing|Maybe support the other ISO 15693|Support|Support|Support|Single subcarrier only| -(3) Card Type Supported via Reading + #### 4. Comparison Table of Supported Reading Card Types Card type |Encoding type| Whether the hardware stand by|Whether the software stand by|Whether the application layer supports|Note @@ -319,60 +359,16 @@ Non13.56MHz|Not Supported|Not Supported|Not Supported| Mifare Ultralight|ISO14443A 106 kbit/s|Support|Support|SupportCommand: dump_mfu MifareClassic1K/4K 4B/7B|ISO14443A 106 kbit/s|Support|Support|Not Supported|No card reading instruction, encryption function has been implemented|MIFARE DESFIRE|ISO14443A High rate|Supports low rates, or possibly higher rates| Only supported Low rate|Not Supported|No card reading instruction, encryption function is being supported| -2.Charging and Standby Mode ------------------------ - -Charging method: Plug in the USB at any time and start charging immediately. -Battery type: LIR2032H replaceable lithium-ion rechargeable battery -Charging time: 2 hours @ 0-100% -Charging current: 40mA -Start-up current: 38mA -Card reading current: 65mA -Sleep current: 5uA (9uA-MAX) -Battery capacity: 70mAh -Duration: Swipe the card 3 times a day for 5 seconds each time, and it can be used for one year on a single charge. -Sleeping time: Fully charged, it can be left for two years when it is turned off and sleeping. -Port type: -MINI: MicroUSB -TINY: Type-C - -Parameter ------------------------- -Battery Type: LIR2032h rechargeable lithium ion battery -Charging Time: 2 hours @ 0-100% -Charging Current: 40mA -Standby Current: 38ma -Sleep Current: 4uA -Card Reading Current: 65mA -Battery Capacity: 70mah -Usage Time: Use the tag 3 times a day, power on for 5 seconds each time, can use up to one year. -Port Type: Micro USB (ChameleonMini) / Type-C (ChameleonTiny) +### D5. Usage Guide for new functions +--- -Repository Structure --------------------- -The code repository contains -* Doc: A doxygen documentation -* Drivers: Chameleon drivers for Windows and Linux -* Dumps: Dumps of different smartcards -* Hardware: The layout and schematics of the PCB -* Firmware: The complete firmware including a modified Atmel DFU bootloader and LUFA -* Software: Contains a python tool for an easy configuration (and more) of the ChameleonMini, Note that this is currently under construction -* RevE: Contains the whole contents of the discontinued RevE repository. -* RevE-light: Contains our development files for the RevE-light - **WARNING:** currently not supported / not functional - -Schematics for ChameleonMini --------------------------- - -**[Here](http://chameleontiny.com/downloads/)** - -Usage Guide for new function ---------------------------- EUd-Gl7w-Uw-AAg-Cf6
-External Contributions ----------------------- -Iceman -Philippe Teuwen -Willok -DXL -ProxGrind aka Olaf +## E. External Contributions +--- + +- Iceman +- Philippe Teuwen +- Willok +- DXL +- ProxGrind aka Olaf From 91dcf1167dea46c44500a7ceb24796b00ac56941 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Tue, 31 May 2022 17:08:01 -0400 Subject: [PATCH 02/27] Minor fixes Minor fixes --- README.md | 94 ++++++++++++++++++++++++++++++------------------------- 1 file changed, 52 insertions(+), 42 deletions(-) diff --git a/README.md b/README.md index 13ed22ba..34ca0db7 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Chameleon-Mini -This is NOT the official repository of ChameleonMini, a freely programmable portable tool for NFC security analysis that can emulate and clone contactless cards, read RFID tags and sniff/log RF data. +This is NOT the official repository of ChameleonMini, a freely programmable portable tool for NFC security analysis that can emulate and clone contactless cards, read RFID tags, and sniff/log RF data. Our Project is based on the open-source project [ChameleonMini RevG](/../../../../emsec/ChameleonMini) by Kasper & Oswald. They also have their own [Webshop](https://shop.kasper.it/). @@ -16,18 +16,17 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - Our Asia & Oceania Reseller: **[Here](https://sneaktechnology.com/)** - Our Europe Reseller: **[Here](https://lab401.com/)** - Our US Reseller: **[Here](https://hackerwarehouse.com/)** - -Repository Structure --------------------- -The code repository contains -- Doc: A doxygen documentation -- Drivers: Chameleon drivers for Windows and Linux -- Dumps: Dumps of different smartcards -- Hardware: The layout and schematics of the PCB -- Firmware: The complete firmware including a modified Atmel DFU bootloader and LUFA -- Software: Contains a python tool for an easy configuration (and more) of the ChameleonMini, Note that this is currently under construction -- RevE: Contains the whole contents of the discontinued RevE repository. -- RevE-light: Contains our development files for the RevE-light - **WARNING:** currently not supported / not functional +- Repository Structure: + - **Doc:** A folder for doxygen documentation + - **Drivers:** Chameleon drivers for Windows and Linux + - **Dumps:** Dumps of different smartcards + - **Hardware:** The layout and schematics of the PCB + - **Firmware:** The complete firmware including a modified Atmel DFU bootloader and LUFA + - **Software:** Contains a python tool for an easy configuration (and more) of the ChameleonMini + - **WARNING:** This is currently under construction + - **RevE:** Contains the entire contents of the discontinued RevE repository + - **RevE-light:** Contains our development files for the RevE-light + - **WARNING:** currently not supported / not functional ## A. Upgrade to the latest firmware @@ -36,14 +35,19 @@ The code repository contains #### 1. Prepare your Windows. Linux, or MAC computer - 1. Prepare the firmware. Go to GITHUB to compile the latest firmware: **[Here](/../../../../RfidResearchGroup/ChameleonMini)**. - 1. Or use the precompiled [firmware in the release section](/../../../../iceman1001/ChameleonMini-rebooted/releases). - 2. Install the DFU driver. The DFU driver comes from ATMEL's official LIBUSB driver library. You can download it yourself or find it in attachment. + 1. Prepare the firmware. + 2. Go to GITHUB to compile the latest firmware: **[Here](/../../../../RfidResearchGroup/ChameleonMini)** + - Or use the precompiled [firmware in the release section](/../../../../iceman1001/ChameleonMini-rebooted/releases). + 3. Install the DFU driver. + - The DFU driver comes from ATMEL's official LIBUSB driver library. You can download it yourself or find it in the [repo](/../../../../iceman1001/ChameleonMini-rebooted/tree/master/Drivers). #### 2. Write the firmware - 1. Enter the chameleon DFU mode. When the device is off, press and hold the yellow button near the USB (TINY uses the B button), insert the USB, and then you can enter the DFU upgrade mode. Or send the command `UPGRADE` in the connected state, and it can also enter the DFU upgrade mode. - 2. Start to upgrade the firmware. Run the `ChameleonFirmwareUpgrade.bat` file in the attachment to automatically start the firmware upgrade. It usually takes 2-5 seconds. After the progress bar is complete, the firmware upgrade is complete. + 1. Enter the chameleon DFU mode. + 1. When the device is off, press and hold the yellow button near the USB (TINY uses the B button), insert the USB, and then you can enter the DFU upgrade mode. Or send the command `UPGRADE` in the connected state, and it can also enter the DFU upgrade mode. + 2. Start to upgrade the firmware. + 1. Run the `ChameleonFirmwareUpgrade.bat` file in the repo to automatically start the firmware upgrade. + 2. It usually takes 2-5 seconds. After the progress bar is complete, the firmware upgrade is complete. - Note: - The chameleon REV.G version uses the same firmware for both the MINI with Bluetooth version and TINY. The hardware design of the RF part is exactly the same. The hardware is also compatible with the official firmware of the [KAOS brothers](/../../../../emsec/ChameleonMini). @@ -53,13 +57,18 @@ The code repository contains --- #### 1. Download the APP: + - Android: **[Chameleon](https://play.google.com/store/apps/details?id=com.proxgrind.chameleon)** - IOS: **[ChameleonTiny Manager](https://apps.apple.com/us/app/chameleontiny-manager/id1601341565)** - Password: e4g1 -#### 2. Open the app and connect the device using Bluetooth. + +#### 2. Open the app and connect the device using Bluetooth + 1. Press any button on the MINI and the white battery light should come on. You can now connect via Bluetooth. 2. Open the app again and click `Connect` to automatically connect the chameleon. -#### 3. Start the upgrade (OTA) of the Bluetooth firmware. + +#### 3. Start the upgrade (OTA) of the Bluetooth firmware + 1. In the `Device Information` column, press `BLE CMD Version` 5 times. 2. On the `OTA upgrade` page, click `Auto Upgrade`, and the APP will immediately start to upgrade to the latest Bluetooth firmware that comes with it. 3. The app will automatically exit after the upgrade is complete. @@ -84,9 +93,9 @@ The code repository contains - Note: - Both the Chameleon MINI and TINY support direct connection to the mobile phone USB port. - For the MINI, an additional OTG adapter needs to be purchased. TINY uses its own dual-headed TYPE-C data cable to connect directly to TYPE-C mobile phones. - - Chameleon MINI has built-in Bluetooth BLE4.0. Press any button first to wake up Bluetooth. Turn on Bluetooth on your Android phone and the app will automatically connect. + - Chameleon MINI has built-in Bluetooth BLE4.0. Press any button first to wake up Bluetooth. Turn `ON` Bluetooth on your phone and the APP will automatically connect. -#### 2. Use Android APP to enable detection mode +#### 2. Use APP to enable detection mode 1. After connecting, click on a single card slot and select `DETECTION_1K` or `4K` in the `card slot mode`. This card slot will now have the detection mode turned on. 2. Write the original card number in the `UID Card Number` column. Click `Write`. If you don't know the UID number, you can fill in it at will. @@ -101,9 +110,9 @@ The code repository contains Untitled-1 4. The list shows which blocks the read head just visited, and what password was used for each access. - 5. Click the `History` button. The APP will automatically list the keys separately and copy it for other software if it is needed for the next use. + 5. Click the `History` button. The APP will automatically list the keys separately and save them for other software to use. 6. If your mobile phone comes with an NFC function, you can put the original key directly on the mobile phone. - 7. The APP will automatically use the key in the list to read the entire card, and after successful, it will automatically save the entire card data file on the mobile phone. + 7. The APP will automatically use the key in the list to read the entire card, and after it is successful, it will automatically save the entire card data file on the mobile phone. - Note: - Multiple red LEDs are on at the same time during detection, which means the memory is full, just clear the memory. @@ -123,8 +132,9 @@ The code repository contains #### 1. UID Mode 1. Enter UID mode: - - Click the button `UID Changeable (GEN1a)` in the APP or directly send the command `UIDMODE = 1` to turn it on, and `UIDMODE = 0` to turn it off. - 2. After the UID mode is turned on, the card simulated by Chameleon will become a GEN1a card, commonly known as a UID card or Chinese magic card. + - Click the button `UID Changeable (GEN1a)` in the APP or directly send the command `UIDMODE = 1` to turn it on, and `UIDMODE = 0` to turn it `OFF`. + 2. After the UID mode is turned `ON`, the card simulated by Chameleon will become a GEN1a card. + - Commonly known as a UID card or Chinese magic card. 3. Global card slot takes effect. #### 2. SAK mode @@ -133,7 +143,7 @@ The code repository contains 2. After the `SAK Mode` is turned `ON`, the card will feedback the real SAK value when it is found. 3. The SAK value is determined by the 0 sector, 0 block, and the position is the position of the sixth byte immediately after the UID number. 4. If the SAK mode is not turned on, the SAK is a fixed value of 08, and 0 blocks of data are ignored. - 5. This function is used to meet the situation that some cards with special SAK values cannot be used normally after being copied, and can achieve better compatibility. + 5. This function is used to meet the situation where some cards with special SAK values cannot be used normally after being copied. This achieve better compatibility. 6. The current card slot takes effect. ### B3. Card Slot Functions @@ -215,10 +225,6 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a - MINI: MicroUSB - TINY: Type-C -#### 4. Schematics for ChameleonMini - - - Chameleon Tiny: **[Here](http://chameleontiny.com/downloads/)** - ### C2. ChameleonMini Rev G --- @@ -236,7 +242,11 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a #### 3. Bootloader/DFU firmware upgrade methods: 1. With the chameleon in the `OFF` state, press and hold the yellow button near the USB while inserting it into the USB port. The chameleon will enter the `DFU firmware upgrade` mode. 2. Plug your chameleon in via USB into a PC and use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. - 3. [Further instrucitons](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) + 3. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) + +#### 4. Schematics for ChameleonMini + + - Chameleon Tiny: **[Here](http://chameleontiny.com/downloads/)** ### C3. Chameleon Tiny --- @@ -249,9 +259,13 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a #### 2. Bootloader/DFU firmware upgrade methods: 1. With the chameleon in the `OFF` state, press and hold the B button while inserting it into the USB port. +#### 3. Schematics + + - Same as the Mini + ## D. Appendix -### D1.Feature comparison table for each version +### D1. Feature comparison table for each version --- #### 1. Comparison Table of Specs @@ -275,7 +289,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a **Android APP**|×|×|√|√| **Firmware anti lost**|×|×|√|×| -#### 2.Comparison Table of Analog Card Characteristics +#### 2. Comparison Table of Analog Card Characteristics --- ||**Rev.G Official By KAOS**|**Rev.E old RDV2.0 By PROXGRIND**|**Rev.G new RDV2.0 By PROXGRIND** |**M1 white tag**| @@ -289,7 +303,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a **Magic back door** |By default|No|Dual mode|No **SAK ATQA Support**|No|No|Modifiable|No| -#### 3.Comparison Table of New Commands +#### 3. Comparison Table of New Commands --- | Command | Effect Range | Description | @@ -305,11 +319,11 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a **DETECTION=0**|Device|Clears the detection log memory| **DETECTION?**|Device|Wait for an XModem connection and then downloads the binary detection log data.| -### D2.Complete Instruction List +### D2. Complete Instruction List --- #### 1. From EMSEC: - - [Here]((/../../../../emsec/ChameleonMini/master/Doc/Doxygen/html/_page__command_line.html) + - [Here](/../../../../emsec/ChameleonMini/master/Doc/Doxygen/html/_page__command_line.html) #### 2. This repo - [Instruction sheet](/../../../../RfidResearchGroup/ChameleonMini/blob/proxgrind/Doc/DoxygenPages/CommandLine.txt) @@ -339,9 +353,7 @@ Epass|ISO14443A/B|Supported / Supported|Low rate only / not supported|No| TiTagIT Standard|ISO15693|Support|Support|Support| EM4233|ISO15693|Support|Support|Support| - -#### 3. Comparison Table of Sniff Modes - +#### 3. Comparison Table of Sniff Modes |Encoding type|Whether the hardware supports|Does the software support| Whether the application layer supports|Note| | ------------------- |:-------------------:| -------------------:| ------------------- |-------------------:| @@ -349,10 +361,8 @@ Non-13.56MHz|Not Supported|Not Supported|Not Supported| ISO 14443 A 106 kbit/s|Reader -> card Direction sniffing|Maybe support the other direction|Currently only supported Reader -> card Direction sniffing || ISO 15693|Support|Support|Support|Single subcarrier only| - #### 4. Comparison Table of Supported Reading Card Types - Card type |Encoding type| Whether the hardware stand by|Whether the software stand by|Whether the application layer supports|Note | ------------------- |:-------------------:| -------------------:| ------------------- |-------------------:|-------------------:| Non13.56MHz|Not Supported|Not Supported|Not Supported| From e49ad0a7e9df66740336227bf816fa2591f679a5 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Tue, 31 May 2022 17:20:58 -0400 Subject: [PATCH 03/27] More minor changes --- README.md | 55 ++++++++++++++++++++++++++++++------------------------- 1 file changed, 30 insertions(+), 25 deletions(-) diff --git a/README.md b/README.md index 34ca0db7..b8be3dd7 100644 --- a/README.md +++ b/README.md @@ -33,7 +33,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. ### A1. Upgrade Chameleon AVR Firmware --- -#### 1. Prepare your Windows. Linux, or MAC computer +#### 1. Prepare your Windows. Linux, or MAC computer: 1. Prepare the firmware. 2. Go to GITHUB to compile the latest firmware: **[Here](/../../../../RfidResearchGroup/ChameleonMini)** @@ -41,7 +41,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. 3. Install the DFU driver. - The DFU driver comes from ATMEL's official LIBUSB driver library. You can download it yourself or find it in the [repo](/../../../../iceman1001/ChameleonMini-rebooted/tree/master/Drivers). -#### 2. Write the firmware +#### 2. Write the firmware: 1. Enter the chameleon DFU mode. 1. When the device is off, press and hold the yellow button near the USB (TINY uses the B button), insert the USB, and then you can enter the DFU upgrade mode. Or send the command `UPGRADE` in the connected state, and it can also enter the DFU upgrade mode. @@ -62,12 +62,12 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - IOS: **[ChameleonTiny Manager](https://apps.apple.com/us/app/chameleontiny-manager/id1601341565)** - Password: e4g1 -#### 2. Open the app and connect the device using Bluetooth +#### 2. Open the app and connect the device using Bluetooth: 1. Press any button on the MINI and the white battery light should come on. You can now connect via Bluetooth. 2. Open the app again and click `Connect` to automatically connect the chameleon. -#### 3. Start the upgrade (OTA) of the Bluetooth firmware +#### 3. Start the upgrade (OTA) of the Bluetooth firmware: 1. In the `Device Information` column, press `BLE CMD Version` 5 times. 2. On the `OTA upgrade` page, click `Auto Upgrade`, and the APP will immediately start to upgrade to the latest Bluetooth firmware that comes with it. @@ -78,7 +78,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. ### B1. Detect keys and upload card files --- -#### 1. Prepare the computer GUI, Android APP, or iOS APP +#### 1. Prepare the computer GUI, Android APP, or iOS APP: 1. Tools: - Windows GUI: **[Here](http://www.icesql.se/download/ChameleonMiniGUI/publish.htm)** @@ -95,13 +95,13 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - For the MINI, an additional OTG adapter needs to be purchased. TINY uses its own dual-headed TYPE-C data cable to connect directly to TYPE-C mobile phones. - Chameleon MINI has built-in Bluetooth BLE4.0. Press any button first to wake up Bluetooth. Turn `ON` Bluetooth on your phone and the APP will automatically connect. -#### 2. Use APP to enable detection mode +#### 2. Use APP to enable detection mode: 1. After connecting, click on a single card slot and select `DETECTION_1K` or `4K` in the `card slot mode`. This card slot will now have the detection mode turned on. 2. Write the original card number in the `UID Card Number` column. Click `Write`. If you don't know the UID number, you can fill in it at will. 3. Then click the `Clear` button below to clear the last detection record. -#### 3. Use the APP to get keys +#### 3. Use the APP to get keys: 1. Take the chameleon to the access control reader and swipe. The key and access traces when the chaser reads the chameleon will be recorded by the chameleon. 2. Connect back to the mobile phone and press the `crack` button. @@ -117,7 +117,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - Note: - Multiple red LEDs are on at the same time during detection, which means the memory is full, just clear the memory. -#### 4. Use Android APP to import existing card data files in batches. +#### 4. Use Android APP to import existing card data files in batches: 1. Use QQ to send the card data file to the mobile phone QQ, or connect the mobile phone to the computer and transfer the file to any directory on the mobile phone. 2. Open the app, click the `DUMP` column below, click the `Scanner` in the plus sign in the upper right corner. @@ -129,7 +129,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. ### B2. Introduction to UID mode and SAK mode --- -#### 1. UID Mode +#### 1. UID Mode: 1. Enter UID mode: - Click the button `UID Changeable (GEN1a)` in the APP or directly send the command `UIDMODE = 1` to turn it on, and `UIDMODE = 0` to turn it `OFF`. @@ -137,13 +137,13 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - Commonly known as a UID card or Chinese magic card. 3. Global card slot takes effect. -#### 2. SAK mode +#### 2. SAK mode: 1. Click the `SAK Mode` button in the APP or directly send the command `SAKMODE = 1` to turn it `ON`, and `SAKMODE = 0` to turn it `OFF`. 2. After the `SAK Mode` is turned `ON`, the card will feedback the real SAK value when it is found. 3. The SAK value is determined by the 0 sector, 0 block, and the position is the position of the sixth byte immediately after the UID number. 4. If the SAK mode is not turned on, the SAK is a fixed value of 08, and 0 blocks of data are ignored. - 5. This function is used to meet the situation where some cards with special SAK values cannot be used normally after being copied. This achieve better compatibility. + 5. This function is used to meet the situation where some cards with special SAK values cannot be used normally after being copied. This achieves better compatibility. 6. The current card slot takes effect. ### B3. Card Slot Functions @@ -196,20 +196,18 @@ STORE_LOG|Write the log data in the temporary cache to the memory, which can be CLEAR_LOG|Clear log data immediately after pressing| CLONE|Read the UID card number immediately after pressing, continue searching, and simulate immediately after reading the card| -## C. Hardware and Basic Use +## C. Hardware, Lights, and Basic Use ### C1. All units --- #### 1. Charging: + - Any time you connect USB, it will automatically start charging. - It will stop automatically after filling. - The white LED indicates the power level. -#### 2. Detect memory full: - - If the memory is full during dense flow detection, multiple red LEDs will be abnormally lit. - -#### 3. Charging and Standby Mode +#### 2. Charging and Standby Mode: - Charging method: Plug in the USB at any time and start charging immediately - Battery type: LIR2032H replaceable lithium-ion rechargeable battery @@ -225,6 +223,15 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a - MINI: MicroUSB - TINY: Type-C +#### 3. Detect memory full: + + - If the memory is full during dense flow detection, multiple red LEDs will be abnormally lit. + +#### 4. Usage Guide for New Functions: + +EUd-Gl7w-Uw-AAg-Cf6
+ + ### C2. ChameleonMini Rev G --- @@ -244,7 +251,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a 2. Plug your chameleon in via USB into a PC and use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. 3. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) -#### 4. Schematics for ChameleonMini +#### 4. Schematics for ChameleonMini: - Chameleon Tiny: **[Here](http://chameleontiny.com/downloads/)** @@ -259,7 +266,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a #### 2. Bootloader/DFU firmware upgrade methods: 1. With the chameleon in the `OFF` state, press and hold the B button while inserting it into the USB port. -#### 3. Schematics +#### 3. Schematics: - Same as the Mini @@ -323,15 +330,18 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a --- #### 1. From EMSEC: + - [Here](/../../../../emsec/ChameleonMini/master/Doc/Doxygen/html/_page__command_line.html) -#### 2. This repo +#### 2. This repo: + - [Instruction sheet](/../../../../RfidResearchGroup/ChameleonMini/blob/proxgrind/Doc/DoxygenPages/CommandLine.txt) -### D5. Supported Cards, Encoding, & Simulation Types +### D3. Supported Cards, Encoding, & Simulation Types --- #### 1. From EMSEC: + - [Here](/../../../../emsec/ChameleonMini/wiki/Supported-Cards-and--Codecs) #### 2. Comparison Table of Encoding/Simulation Types @@ -369,11 +379,6 @@ Non13.56MHz|Not Supported|Not Supported|Not Supported| Mifare Ultralight|ISO14443A 106 kbit/s|Support|Support|SupportCommand: dump_mfu MifareClassic1K/4K 4B/7B|ISO14443A 106 kbit/s|Support|Support|Not Supported|No card reading instruction, encryption function has been implemented|MIFARE DESFIRE|ISO14443A High rate|Supports low rates, or possibly higher rates| Only supported Low rate|Not Supported|No card reading instruction, encryption function is being supported| -### D5. Usage Guide for new functions ---- - -EUd-Gl7w-Uw-AAg-Cf6
- ## E. External Contributions --- From 091cfb77e97961f22365539838c816b030f63229 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Tue, 31 May 2022 18:15:49 -0400 Subject: [PATCH 04/27] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index b8be3dd7..32cfde4c 100644 --- a/README.md +++ b/README.md @@ -88,7 +88,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - IOS: **[ChameleonTiny Manager](https://apps.apple.com/us/app/chameleontiny-manager/id1601341565)** - Password: e4g1 3. Connect to the Chameleon MINI or TINY using the APP. - - Connect via USB + - Connect via USB or Bluetooth - Note: - Both the Chameleon MINI and TINY support direct connection to the mobile phone USB port. From d0458a1659270986f695045d0228f3b3e5a6a2b0 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Wed, 1 Jun 2022 08:56:54 -0400 Subject: [PATCH 05/27] Update README.md --- README.md | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 32cfde4c..744184b2 100644 --- a/README.md +++ b/README.md @@ -35,7 +35,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. #### 1. Prepare your Windows. Linux, or MAC computer: - 1. Prepare the firmware. + 1. Prepare the firmware: 2. Go to GITHUB to compile the latest firmware: **[Here](/../../../../RfidResearchGroup/ChameleonMini)** - Or use the precompiled [firmware in the release section](/../../../../iceman1001/ChameleonMini-rebooted/releases). 3. Install the DFU driver. @@ -236,19 +236,22 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a --- #### 1. Turn on Bluetooth and check the battery: + 1. When the power is `OFF`, press any button once to turn on the Bluetooth power, and at the same time, display the current power with a white LED. 2. With the Bluetooth in the `ON` state, click any button to turn off the Bluetooth power, the power LED goes out, and the system sleeps. 3. Bluetooth will sleep automatically after no operation for 15 seconds. - Press any button once to shut down immediately. #### 2. Turn on the chameleon: + 1. With the Bluetooth in the `ON` state, double click any button. Or in the `OFF` state, triple click any button times to turn `ON` the chameleon. 2. The red LED lights up to indicate the slot number. 3. Chameleon will automatically sleep and shut down after no operation for 5 seconds. #### 3. Bootloader/DFU firmware upgrade methods: + 1. With the chameleon in the `OFF` state, press and hold the yellow button near the USB while inserting it into the USB port. The chameleon will enter the `DFU firmware upgrade` mode. - 2. Plug your chameleon in via USB into a PC and use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. + 2. Usee your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. 3. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) #### 4. Schematics for ChameleonMini: @@ -259,12 +262,16 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a --- #### 1. Turn on the chameleon: + 1. With the chameleon in the `OFF` state, press the A button once to turn on the chameleon power. 2. The red LED lights up to indicate the slot number. 3. Chameleon will automatically sleep and shut down after no operation for 5 seconds. This can be adjusted in the Android APP. #### 2. Bootloader/DFU firmware upgrade methods: + 1. With the chameleon in the `OFF` state, press and hold the B button while inserting it into the USB port. + 2. Usee your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. + 3. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) #### 3. Schematics: From 3f8abc6dccfa9946dbda13d967ab20fcb47b1085 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Wed, 1 Jun 2022 08:59:16 -0400 Subject: [PATCH 06/27] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 744184b2..973e87b6 100644 --- a/README.md +++ b/README.md @@ -251,7 +251,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a #### 3. Bootloader/DFU firmware upgrade methods: 1. With the chameleon in the `OFF` state, press and hold the yellow button near the USB while inserting it into the USB port. The chameleon will enter the `DFU firmware upgrade` mode. - 2. Usee your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. + 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. 3. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) #### 4. Schematics for ChameleonMini: @@ -270,7 +270,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a #### 2. Bootloader/DFU firmware upgrade methods: 1. With the chameleon in the `OFF` state, press and hold the B button while inserting it into the USB port. - 2. Usee your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. + 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. 3. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) #### 3. Schematics: From 2f5e5c2a4c10093182b91c1352a996060ebcf201 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Wed, 1 Jun 2022 09:57:58 -0400 Subject: [PATCH 07/27] Update README.md --- README.md | 66 +++++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 50 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 973e87b6..05595c61 100644 --- a/README.md +++ b/README.md @@ -35,19 +35,41 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. #### 1. Prepare your Windows. Linux, or MAC computer: - 1. Prepare the firmware: + 1. Tools: + - Optional GUI: + - Windows: **[Here](http://www.icesql.se/download/ChameleonMiniGUI/publish.htm)** + - Source: **[Here](/../../../../iceman1001/ChameleonMini-rebootedGUI)** + - Terminal APP: + - Putty or similar APP 2. Go to GITHUB to compile the latest firmware: **[Here](/../../../../RfidResearchGroup/ChameleonMini)** - - Or use the precompiled [firmware in the release section](/../../../../iceman1001/ChameleonMini-rebooted/releases). + - Or use the precompiled [firmware in the release section](/../../../../RfidResearchGroup/ChameleonMini/tree/proxgrind/Firmware/Chameleon-Mini/Latest). 3. Install the DFU driver. - - The DFU driver comes from ATMEL's official LIBUSB driver library. You can download it yourself or find it in the [repo](/../../../../iceman1001/ChameleonMini-rebooted/tree/master/Drivers). + - The DFU driver comes from ATMEL's official LIBUSB driver library. You can download it yourself or find it in the [repo](/../../../../RfidResearchGroup/ChameleonMini/tree/proxgrind/Drivers) #### 2. Write the firmware: - 1. Enter the chameleon DFU mode. - 1. When the device is off, press and hold the yellow button near the USB (TINY uses the B button), insert the USB, and then you can enter the DFU upgrade mode. Or send the command `UPGRADE` in the connected state, and it can also enter the DFU upgrade mode. - 2. Start to upgrade the firmware. - 1. Run the `ChameleonFirmwareUpgrade.bat` file in the repo to automatically start the firmware upgrade. - 2. It usually takes 2-5 seconds. After the progress bar is complete, the firmware upgrade is complete. + 1. Enter the chameleon DFU mode: + + - Method 1 (CLI): + + - Mini: + + 1. With the chameleon in the `OFF` state, press and hold the yellow button near the USB while inserting it into the USB port. The chameleon will enter the `DFU firmware upgrade` mode. + 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. + 3. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) + + - Tiny: + + 1. ~~~ + + - Method 2 [GUI](https://github.com/iceman1001/ChameleonMini-rebootedGUI): + + 1. Send the command `UPGRADE` in the connected state, and it can also enter the DFU upgrade mode. + + 2. Start to upgrade the firmware: + + 1. Run the `ChameleonFirmwareUpgrade.bat` file in the [repo](/../../../../RfidResearchGroup/ChameleonMini/tree/proxgrind/Firmware/Chameleon-Mini) to automatically start the firmware upgrade. + 2. It usually takes 2-5 seconds. After the progress bar is complete, the firmware upgrade is complete. - Note: - The chameleon REV.G version uses the same firmware for both the MINI with Bluetooth version and TINY. The hardware design of the RF part is exactly the same. The hardware is also compatible with the official firmware of the [KAOS brothers](/../../../../emsec/ChameleonMini). @@ -56,11 +78,18 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. ### A2. Upgrade (OTA) Bluetooth firmware for Chameleon MINI --- -#### 1. Download the APP: +#### 1. Download Tools and APP: - - Android: **[Chameleon](https://play.google.com/store/apps/details?id=com.proxgrind.chameleon)** - - IOS: **[ChameleonTiny Manager](https://apps.apple.com/us/app/chameleontiny-manager/id1601341565)** - - Password: e4g1 + 1. Tools: + - Optional GUI: + - Windows: **[Here](http://www.icesql.se/download/ChameleonMiniGUI/publish.htm)** + - Source: **[Here](/../../../../iceman1001/ChameleonMini-rebootedGUI)** + - Terminal APP: + - Putty or similar APP + 2. Download the APP: + - Android: **[Chameleon](https://play.google.com/store/apps/details?id=com.proxgrind.chameleon)** + - IOS: **[ChameleonTiny Manager](https://apps.apple.com/us/app/chameleontiny-manager/id1601341565)** + - Password: e4g1 #### 2. Open the app and connect the device using Bluetooth: @@ -250,9 +279,14 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a #### 3. Bootloader/DFU firmware upgrade methods: - 1. With the chameleon in the `OFF` state, press and hold the yellow button near the USB while inserting it into the USB port. The chameleon will enter the `DFU firmware upgrade` mode. - 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. - 3. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) + - Method 1 (CLI): + + 1. With the chameleon in the `OFF` state, press and hold the yellow button near the USB while inserting it into the USB port. The chameleon will enter the `DFU firmware upgrade` mode. + 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. + 3. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) + + - Method 2 [GUI](https://github.com/iceman1001/ChameleonMini-rebootedGUI): + 1. `Upgrade` button #### 4. Schematics for ChameleonMini: @@ -267,7 +301,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a 2. The red LED lights up to indicate the slot number. 3. Chameleon will automatically sleep and shut down after no operation for 5 seconds. This can be adjusted in the Android APP. -#### 2. Bootloader/DFU firmware upgrade methods: +#### 2. Bootloader/DFU firmware upgrade 1. With the chameleon in the `OFF` state, press and hold the B button while inserting it into the USB port. 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. From 0e89d1037a620ecd55c3555cfae59e05ddb303d8 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Thu, 2 Jun 2022 00:53:14 -0400 Subject: [PATCH 08/27] Update README.md --- README.md | 66 +++++++++++++++++++++++++++++++++---------------------- 1 file changed, 40 insertions(+), 26 deletions(-) diff --git a/README.md b/README.md index 05595c61..d5266ee5 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ -# Chameleon-Mini +# ChameleonMini -This is NOT the official repository of ChameleonMini, a freely programmable portable tool for NFC security analysis that can emulate and clone contactless cards, read RFID tags, and sniff/log RF data. +This is NOT the official repository of ChameleonMini, a freely programmable portable tool for NFC security analysis that can emulate and clone contactless cards, read RFID tags, and sniff/log RF data. This repository brings support for the Chameleon Tiny. Our Project is based on the open-source project [ChameleonMini RevG](/../../../../emsec/ChameleonMini) by Kasper & Oswald. They also have their own [Webshop](https://shop.kasper.it/). @@ -41,38 +41,61 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - Source: **[Here](/../../../../iceman1001/ChameleonMini-rebootedGUI)** - Terminal APP: - Putty or similar APP - 2. Go to GITHUB to compile the latest firmware: **[Here](/../../../../RfidResearchGroup/ChameleonMini)** + 2. Go to GITHUB to compile the latest firmware: **[Here](/../)** - Or use the precompiled [firmware in the release section](/../../../../RfidResearchGroup/ChameleonMini/tree/proxgrind/Firmware/Chameleon-Mini/Latest). 3. Install the DFU driver. - - The DFU driver comes from ATMEL's official LIBUSB driver library. You can download it yourself or find it in the [repo](/../../../../RfidResearchGroup/ChameleonMini/tree/proxgrind/Drivers) + - The DFU driver comes from ATMEL's official LIBUSB driver library. You can download it yourself or find it in the [repo](/../../proxgrind/Drivers) #### 2. Write the firmware: 1. Enter the chameleon DFU mode: - - Method 1 (CLI): +
Method 1: CLI - Mini: - 1. With the chameleon in the `OFF` state, press and hold the yellow button near the USB while inserting it into the USB port. The chameleon will enter the `DFU firmware upgrade` mode. + 1. With the chameleon in the `OFF` state, press and hold the black (Rev E) or yellow (Rev G) button near the USB while inserting it into the USB port. The chameleon will enter the `DFU firmware upgrade` mode. 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. 3. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) - Tiny: - 1. ~~~ + 1. With the chameleon in the `OFF` state, press and hold the B button while inserting it into the USB port. The chameleon will enter the `DFU firmware upgrade` mode. + 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. + 3. Device should now be read. + 4. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) - - Method 2 [GUI](https://github.com/iceman1001/ChameleonMini-rebootedGUI): +
+ +
Method 2: Windows Only GUI - 1. Send the command `UPGRADE` in the connected state, and it can also enter the DFU upgrade mode. + - Mini or Tiny: + + 1. With the chameleon in the `OFF` position, connect it via USB cable to your computer. + 2. Send the`UPGRADE` command while it is connected. + 3. Device should now be ready + 4. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) + +
2. Start to upgrade the firmware: +
Method 1: Automatic Windows Only + 1. Run the `ChameleonFirmwareUpgrade.bat` file in the [repo](/../../../../RfidResearchGroup/ChameleonMini/tree/proxgrind/Firmware/Chameleon-Mini) to automatically start the firmware upgrade. 2. It usually takes 2-5 seconds. After the progress bar is complete, the firmware upgrade is complete. + +
+ +
Method 2: Manual + + 1. Step 1 + 2. Step 2 + +
- Note: - - The chameleon REV.G version uses the same firmware for both the MINI with Bluetooth version and TINY. The hardware design of the RF part is exactly the same. The hardware is also compatible with the official firmware of the [KAOS brothers](/../../../../emsec/ChameleonMini). + - The chameleon MINI REV.G version uses the same firmware for both the MINI with Bluetooth version and TINY. The hardware design of the RF part is exactly the same. The hardware is also compatible with the official firmware of the [KAOS brothers](/../../../../emsec/ChameleonMini). - The Android APP is currently not compatible with the official firmware. ### A2. Upgrade (OTA) Bluetooth firmware for Chameleon MINI @@ -261,7 +284,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a EUd-Gl7w-Uw-AAg-Cf6
-### C2. ChameleonMini Rev G +### C2. Chameleon Mini --- #### 1. Turn on Bluetooth and check the battery: @@ -279,18 +302,11 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a #### 3. Bootloader/DFU firmware upgrade methods: - - Method 1 (CLI): - - 1. With the chameleon in the `OFF` state, press and hold the yellow button near the USB while inserting it into the USB port. The chameleon will enter the `DFU firmware upgrade` mode. - 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. - 3. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) - - - Method 2 [GUI](https://github.com/iceman1001/ChameleonMini-rebootedGUI): - 1. `Upgrade` button + - See [Here](#2-write-the-firmware) #### 4. Schematics for ChameleonMini: - - Chameleon Tiny: **[Here](http://chameleontiny.com/downloads/)** + - Chameleon Mini: **[Here](http://chameleontiny.com/downloads/)** ### C3. Chameleon Tiny --- @@ -303,9 +319,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a #### 2. Bootloader/DFU firmware upgrade - 1. With the chameleon in the `OFF` state, press and hold the B button while inserting it into the USB port. - 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. - 3. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) +hhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh #### 3. Schematics: @@ -338,7 +352,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a **Firmware anti lost**|×|×|√|×| #### 2. Comparison Table of Analog Card Characteristics ---- + ||**Rev.G Official By KAOS**|**Rev.E old RDV2.0 By PROXGRIND**|**Rev.G new RDV2.0 By PROXGRIND** |**M1 white tag**| | ------------------- |:-------------------:| -------------------:| ------------------- |-------------------:| @@ -351,8 +365,8 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a **Magic back door** |By default|No|Dual mode|No **SAK ATQA Support**|No|No|Modifiable|No| -#### 3. Comparison Table of New Commands ---- +#### 3. Table of New Commands + | Command | Effect Range | Description | | ------------------- |:-------------------:| -------------------:| From 0539337f708731232a881eff0fbe584fff449c57 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Thu, 2 Jun 2022 15:37:44 -0400 Subject: [PATCH 09/27] Update README.md --- README.md | 305 ++++++++++++++++++++++++++++++------------------------ 1 file changed, 170 insertions(+), 135 deletions(-) diff --git a/README.md b/README.md index d5266ee5..8d5e8d50 100644 --- a/README.md +++ b/README.md @@ -6,12 +6,29 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - Information: - Most information can be found: **[Here](http://chameleontiny.com/)** - - Chameleon BLE API: [**Codes.RAR**](/../../../../RfidResearchGroup/ChameleonBLEAPI/blob/master/code.rar) -- Apps: - - Android: **[Chameleon](https://play.google.com/store/apps/details?id=com.proxgrind.chameleon)** - - IOS: **[ChameleonTiny Manager](https://apps.apple.com/us/app/chameleontiny-manager/id1601341565)** - - Credit to **[bettse](/../../../../bettse)** - - Password: e4g1 + - Chameleon BLE API: [**Here**](/../../../../RfidResearchGroup/ChameleonBLEAPI/blob/master/code.rar) +- Tools: + - Phone APP: + - Android: **[Chameleon](https://play.google.com/store/apps/details?id=com.proxgrind.chameleon)** + - The Android APP is currently **NOT** compatible with the official firmware + - IOS: **[ChameleonTiny Manager](https://apps.apple.com/us/app/chameleontiny-manager/id1601341565)** + - The IOS APP is currently **NOT** compatible with the official firmware + - Credit to **[bettse](/../../../../bettse)** + - Password: e4g1 + - Optional GUI (Winodws Only): + - Windows: **[Here](http://www.icesql.se/download/ChameleonMiniGUI/publish.htm)** + - Source: **[Here](/../../../../iceman1001/ChameleonMini-rebootedGUI)** + - Chameleon Firmware: + - Compile the latest firmware: **[Here](/Firmware)** + - Or use the precompiled: **[Here](/../Firmware/Chameleon-Mini/Latest)** + - The Chameleon Mini REV.G version uses the same firmware for both the Mini with Bluetooth version and Tiny + - The hardware design of the RF part is exactly the same + - The hardware is also compatible with the official firmware of the [KAOS brothers](/../../../../emsec/ChameleonMini) + - Terminal APP: + - Putty or similar APP + - DFU driver: + - The DFU driver comes from ATMEL's official LIBUSB driver library + - You can download it yourself or from the repo: [Here](/../../proxgrind/Drivers) - Resellers: - Our Asia & Oceania Reseller: **[Here](https://sneaktechnology.com/)** - Our Europe Reseller: **[Here](https://lab401.com/)** @@ -33,150 +50,154 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. ### A1. Upgrade Chameleon AVR Firmware --- -#### 1. Prepare your Windows. Linux, or MAC computer: +#### 1. Obtain Tools: - 1. Tools: - - Optional GUI: - - Windows: **[Here](http://www.icesql.se/download/ChameleonMiniGUI/publish.htm)** - - Source: **[Here](/../../../../iceman1001/ChameleonMini-rebootedGUI)** - - Terminal APP: - - Putty or similar APP - 2. Go to GITHUB to compile the latest firmware: **[Here](/../)** - - Or use the precompiled [firmware in the release section](/../../../../RfidResearchGroup/ChameleonMini/tree/proxgrind/Firmware/Chameleon-Mini/Latest). - 3. Install the DFU driver. - - The DFU driver comes from ATMEL's official LIBUSB driver library. You can download it yourself or find it in the [repo](/../../proxgrind/Drivers) + - Optional GUI (Windows Only) + - Terminal APP + - Firmware + - DFU driver #### 2. Write the firmware: + + 1. Enter the Chameleon DFU mode: + +
Method 1: GUI (Windows Only) + + - Mini or Tiny: + + 1. With the Chameleon in the `OFF` position, connect it via USB cable to your computer + - On the Mini, it may be a good idea to remove the battery before putting the device into DFU + 2. Send the`UPGRADE` command while it is connected + 3. Device should now be ready + 4. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) - 1. Enter the chameleon DFU mode: +
-
Method 1: CLI +
Method 2: CLI - Mini: - - 1. With the chameleon in the `OFF` state, press and hold the black (Rev E) or yellow (Rev G) button near the USB while inserting it into the USB port. The chameleon will enter the `DFU firmware upgrade` mode. - 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. - 3. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) + 1. With the Chameleon in the `OFF` state, press and hold the black (Rev E) or yellow (Rev G) button near the USB while inserting it into the USB port + - It may be a good idea to remove the battery before putting the device into DFU + 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter` + 3. The Chameleon will enter the `DFU firmware upgrade` mode + 4. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) - Tiny: - - 1. With the chameleon in the `OFF` state, press and hold the B button while inserting it into the USB port. The chameleon will enter the `DFU firmware upgrade` mode. - 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter`. - 3. Device should now be read. + 1. With the Chameleon in the `OFF` state, press and hold the B button while inserting it into the USB port + 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter` + 3. The Chameleon will enter the `DFU firmware upgrade` mode 4. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) - -
-
Method 2: Windows Only GUI + - Note: + - More info from source: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) - - Mini or Tiny: - - 1. With the chameleon in the `OFF` position, connect it via USB cable to your computer. - 2. Send the`UPGRADE` command while it is connected. - 3. Device should now be ready - 4. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) - -
+
2. Start to upgrade the firmware: -
Method 1: Automatic Windows Only +
Method 1: Automatic (Windows Only) - 1. Run the `ChameleonFirmwareUpgrade.bat` file in the [repo](/../../../../RfidResearchGroup/ChameleonMini/tree/proxgrind/Firmware/Chameleon-Mini) to automatically start the firmware upgrade. - 2. It usually takes 2-5 seconds. After the progress bar is complete, the firmware upgrade is complete. - + - Mini or Tiny: + 1. After either compiling or obtaining the firmware HEX and EEP files, place them in the same diretory as [ChameleonFirmwareUpgrade.bat] (/../../../../RfidResearchGroup/ChameleonMini/tree/proxgrind/Firmware/Chameleon-Mini) + 2. Ensure Chameleon is in `DFU firmware upgrade` mode + 3. Run the `ChameleonFirmwareUpgrade.bat` file to automatically start the firmware upgrade + 4. It usually takes 2-5 seconds + 5. After the progress bar is complete, the firmware upgrade is complete +
+ +
Method 2: Manual -
Method 2: Manual - - 1. Step 1 - 2. Step 2 - -
+ - Mini or Tiny: + - Guides: + - Icemans Guide (Windows): [Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Getting-started#get-ready-to-flash-bootloader-mode) and [Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Getting-started#get-ready-to-flash-bootloader-mode) + - Icemans Guide (Linux): [Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Compiling-Linux-(Unix)) + - Icemans Guide (Mac): [Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Compiling-OSX) + + - Note: + - Replace any relevant files or other parts with the resources in this repo -- Note: - - The chameleon MINI REV.G version uses the same firmware for both the MINI with Bluetooth version and TINY. The hardware design of the RF part is exactly the same. The hardware is also compatible with the official firmware of the [KAOS brothers](/../../../../emsec/ChameleonMini). - - The Android APP is currently not compatible with the official firmware. +
-### A2. Upgrade (OTA) Bluetooth firmware for Chameleon MINI +### A2. Upgrade (OTA) Bluetooth Firmware (Chameleon Mini only) --- -#### 1. Download Tools and APP: +#### 1. Obtain Tools: - 1. Tools: - - Optional GUI: - - Windows: **[Here](http://www.icesql.se/download/ChameleonMiniGUI/publish.htm)** - - Source: **[Here](/../../../../iceman1001/ChameleonMini-rebootedGUI)** - - Terminal APP: - - Putty or similar APP - 2. Download the APP: - - Android: **[Chameleon](https://play.google.com/store/apps/details?id=com.proxgrind.chameleon)** - - IOS: **[ChameleonTiny Manager](https://apps.apple.com/us/app/chameleontiny-manager/id1601341565)** - - Password: e4g1 + - Optional GUI + - Terminal APP + - Phone APP + - Firmware -#### 2. Open the app and connect the device using Bluetooth: +#### 2. Open the APP and connect the device using Bluetooth: - 1. Press any button on the MINI and the white battery light should come on. You can now connect via Bluetooth. - 2. Open the app again and click `Connect` to automatically connect the chameleon. + 1. Press any button on the Mini and the white battery light should come `ON` + - You can now connect via Bluetooth + 2. Open the APP again and click `Connect` to automatically connect the Chameleon #### 3. Start the upgrade (OTA) of the Bluetooth firmware: - 1. In the `Device Information` column, press `BLE CMD Version` 5 times. - 2. On the `OTA upgrade` page, click `Auto Upgrade`, and the APP will immediately start to upgrade to the latest Bluetooth firmware that comes with it. - 3. The app will automatically exit after the upgrade is complete. + 1. In the `Device Information` column, press `BLE CMD Version` 5 times + 2. On the `OTA upgrade` page, click `Auto Upgrade` + 3. The APP will immediately start to upgrade to the latest Bluetooth firmware that comes with it + 4. The APP will automatically exit after the upgrade is complete ## B. Crash Course ### B1. Detect keys and upload card files --- -#### 1. Prepare the computer GUI, Android APP, or iOS APP: +#### 1. Obtain Tools and Connect Device: - 1. Tools: - - Windows GUI: **[Here](http://www.icesql.se/download/ChameleonMiniGUI/publish.htm)** - - Source: **[Here](/../../../../iceman1001/ChameleonMini-rebootedGUI)** - 2. Download the APP: - - Android: **[Chameleon](https://play.google.com/store/apps/details?id=com.proxgrind.chameleon)** - - IOS: **[ChameleonTiny Manager](https://apps.apple.com/us/app/chameleontiny-manager/id1601341565)** - - Password: e4g1 - 3. Connect to the Chameleon MINI or TINY using the APP. + 1. Tools: + - Optional GUI + - Terminal APP + - Phone APP + - Firmware + + 2. Connect to the Chameleon Mini or Tiny using the APP - Connect via USB or Bluetooth - Note: - - Both the Chameleon MINI and TINY support direct connection to the mobile phone USB port. - - For the MINI, an additional OTG adapter needs to be purchased. TINY uses its own dual-headed TYPE-C data cable to connect directly to TYPE-C mobile phones. - - Chameleon MINI has built-in Bluetooth BLE4.0. Press any button first to wake up Bluetooth. Turn `ON` Bluetooth on your phone and the APP will automatically connect. + - Both the Chameleon Mini and Tiny support direct connection to the mobile phone USB port + - For the Mini, an additional OTG adapter needs to be purchased + - Tiny uses its own dual-headed TYPE-C data cable to connect directly to TYPE-C mobile phones + - Chameleon Mini has built-in Bluetooth BLE4.0. Press any button first to wake up Bluetooth + - Turn Bluetooth `ON` on your phone and the APP will automatically connect #### 2. Use APP to enable detection mode: - 1. After connecting, click on a single card slot and select `DETECTION_1K` or `4K` in the `card slot mode`. This card slot will now have the detection mode turned on. - 2. Write the original card number in the `UID Card Number` column. Click `Write`. If you don't know the UID number, you can fill in it at will. - 3. Then click the `Clear` button below to clear the last detection record. + 1. After connecting, click on a single card slot and select `DETECTION_1K` or `4K` in the `card slot mode` + 2. This card slot will now have the detection mode turned `ON` + 3. Write the original card number in the `UID Card Number` column. Click `Write` + - If you don't know the UID number, you can fill in it at will + 4. Then click the `Clear` button below to clear the last detection record #### 3. Use the APP to get keys: - 1. Take the chameleon to the access control reader and swipe. The key and access traces when the chaser reads the chameleon will be recorded by the chameleon. - 2. Connect back to the mobile phone and press the `crack` button. - 3. After few seconds, the app will automatically solve and list the results, as shown in the figure below: + 1. Take the Chameleon to the access control reader and swipe + 2. The key and access traces when the chaser reads the Chameleon will be recorded by the Chameleon + 3. Connect back to the mobile phone and press the `Crack` button + 4. After a few seconds, the APP will automatically solve and list the results, as shown in the figure below: Untitled-1 - 4. The list shows which blocks the read head just visited, and what password was used for each access. - 5. Click the `History` button. The APP will automatically list the keys separately and save them for other software to use. - 6. If your mobile phone comes with an NFC function, you can put the original key directly on the mobile phone. - 7. The APP will automatically use the key in the list to read the entire card, and after it is successful, it will automatically save the entire card data file on the mobile phone. + 5. The list shows which blocks the read head just visited, and what password was used for each access + 6. Click the `History` button. The APP will automatically list the keys separately and save them for other software to use + 7. If your mobile phone comes with an NFC function, you can put the original key directly on the mobile phone + 8. The APP will automatically use the key in the list to read the entire card, and after it is successful, it will automatically save the entire card data file on the mobile phone - Note: - Multiple red LEDs are on at the same time during detection, which means the memory is full, just clear the memory. #### 4. Use Android APP to import existing card data files in batches: - 1. Use QQ to send the card data file to the mobile phone QQ, or connect the mobile phone to the computer and transfer the file to any directory on the mobile phone. - 2. Open the app, click the `DUMP` column below, click the `Scanner` in the plus sign in the upper right corner. - 3. Click the three horizontal line buttons in the upper left corner, and select this phone. - 4. Select the root directory of the QQ receiving file or the previously copied directory, and click `Allow Access`. - 5. All card data files will be automatically scanned into the `DUMP` file interface, which can be uploaded or edited at will. - 6. Click the card data file in the `DUMP` column below, and click `Upload` below to upload to the card slot corresponding to the chameleon. + 1. Use QQ to send the card data file to the mobile phone QQ, or connect the mobile phone to the computer and transfer the file to any directory on the mobile phone + 2. Open the APP, click the `DUMP` column below, click the `Scanner` in the plus sign in the upper right corner + 3. Click the three horizontal line buttons in the upper left corner, and select this phone + 4. Select the root directory of the QQ receiving file or the previously copied directory, and click `Allow Access` + 5. All card data files will be automatically scanned into the `DUMP` file interface, which can be uploaded or edited at will + 6. Click the card data file in the `DUMP` column below, and click `Upload` below to upload to the card slot corresponding to the Chameleon ### B2. Introduction to UID mode and SAK mode --- @@ -184,19 +205,20 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. #### 1. UID Mode: 1. Enter UID mode: - - Click the button `UID Changeable (GEN1a)` in the APP or directly send the command `UIDMODE = 1` to turn it on, and `UIDMODE = 0` to turn it `OFF`. - 2. After the UID mode is turned `ON`, the card simulated by Chameleon will become a GEN1a card. - - Commonly known as a UID card or Chinese magic card. - 3. Global card slot takes effect. + - Click the button `UID Changeable (GEN1a)` in the APP or directly send the command `UIDMODE = 1` to turn it on, and `UIDMODE = 0` to turn it `OFF` + 2. After the UID mode is turned `ON`, the card simulated by Chameleon will become a GEN1a card + - Commonly known as a UID card or Chinese magic card + 3. Global card slot takes effect #### 2. SAK mode: - 1. Click the `SAK Mode` button in the APP or directly send the command `SAKMODE = 1` to turn it `ON`, and `SAKMODE = 0` to turn it `OFF`. - 2. After the `SAK Mode` is turned `ON`, the card will feedback the real SAK value when it is found. - 3. The SAK value is determined by the 0 sector, 0 block, and the position is the position of the sixth byte immediately after the UID number. - 4. If the SAK mode is not turned on, the SAK is a fixed value of 08, and 0 blocks of data are ignored. - 5. This function is used to meet the situation where some cards with special SAK values cannot be used normally after being copied. This achieves better compatibility. - 6. The current card slot takes effect. + 1. Click the `SAK Mode` button in the APP or directly send the command `SAKMODE = 1` to turn it `ON`, and `SAKMODE = 0` to turn it `OFF` + 2. After the `SAK Mode` is turned `ON`, the card will feedback the real SAK value when it is found + 3. The SAK value is determined by the 0 sector, 0 block, and the position is the position of the sixth byte immediately after the UID number + 4. If the SAK mode is not turned on, the SAK is a fixed value of 08, and 0 blocks of data are ignored + 5. This function is used to meet the situation where some cards with special SAK values cannot be used normally after being copied + - This achieves better compatibility + 6. The current card slot takes effect ### B3. Card Slot Functions --- @@ -248,16 +270,15 @@ STORE_LOG|Write the log data in the temporary cache to the memory, which can be CLEAR_LOG|Clear log data immediately after pressing| CLONE|Read the UID card number immediately after pressing, continue searching, and simulate immediately after reading the card| -## C. Hardware, Lights, and Basic Use +## C. Hardware & Lights ### C1. All units --- #### 1. Charging: - - Any time you connect USB, it will automatically start charging. - - It will stop automatically after filling. - - The white LED indicates the power level. + - Any time you connect USB, it will automatically start charging + - The Mini will have a white light while the Tiny will have a red light over the USB port to indicate if it is charging #### 2. Charging and Standby Mode: @@ -272,58 +293,71 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a - Duration: Swipe the card 3 times a day for 5 seconds each time, and it can be used for one year on a single charge - Sleeping time: Fully charged, it can be left for two years when it is turned off and sleeping - Port type: - - MINI: MicroUSB - - TINY: Type-C + - Mini: MicroUSB + - Tiny: Type-C #### 3. Detect memory full: - - If the memory is full during dense flow detection, multiple red LEDs will be abnormally lit. + - If the memory is full during dense flow detection, multiple red LEDs will be abnormally lit #### 4. Usage Guide for New Functions: EUd-Gl7w-Uw-AAg-Cf6
- ### C2. Chameleon Mini --- #### 1. Turn on Bluetooth and check the battery: - 1. When the power is `OFF`, press any button once to turn on the Bluetooth power, and at the same time, display the current power with a white LED. - 2. With the Bluetooth in the `ON` state, click any button to turn off the Bluetooth power, the power LED goes out, and the system sleeps. - 3. Bluetooth will sleep automatically after no operation for 15 seconds. - - Press any button once to shut down immediately. + 1. When the power is `OFF`, press any button once to turn on the Bluetooth power, and at the same time, display the current power with a white LED + 2. With the Bluetooth in the `ON` state, click any button to turn off the Bluetooth power, the power LED goes out, and the system sleeps + 3. Bluetooth will sleep automatically after no operation for 15 seconds + - Press any button once to shut down immediately -#### 2. Turn on the chameleon: +#### 2. Turn on the Chameleon: - 1. With the Bluetooth in the `ON` state, double click any button. Or in the `OFF` state, triple click any button times to turn `ON` the chameleon. - 2. The red LED lights up to indicate the slot number. - 3. Chameleon will automatically sleep and shut down after no operation for 5 seconds. + 1. With the Bluetooth in the `ON` state, double click any button. + - Or in the `OFF` state, triple click any button times to turn `ON` the Chameleon + 2. The red LED lights up to indicate the slot number + 3. Chameleon will automatically sleep and shut down after no operation for 5 seconds #### 3. Bootloader/DFU firmware upgrade methods: - - See [Here](#2-write-the-firmware) + - Section A1: **[Here](#2-write-the-firmware)** -#### 4. Schematics for ChameleonMini: +#### 4. Schematics for Chameleon Mini: - Chameleon Mini: **[Here](http://chameleontiny.com/downloads/)** +#### 5. Demos + + - [ChameleonMini RevG In Lab Demo / Technical Explanation of Command Line Interface](https://www.dailymotion.com/video/x3lf45p) + - [Mifare Reader Attack: Sniffing, Cracking, Emulation, Open! LAB401 Academy - CHAMELEON MINI Tutorial](https://www.youtube.com/watch?v=pI7k5b0yhb0) + - [AndreasBujok/ChameleonMini](/../../../../AndreasBujok/ChameleonMini) + - [How to use the new Proxgrind Chameleon Tiny and Mini with the APP](https://www.youtube.com/watch?v=PiSc9WEbeCE) + ### C3. Chameleon Tiny --- -#### 1. Turn on the chameleon: +#### 1. Turn on the Chameleon and Bluetooth: - 1. With the chameleon in the `OFF` state, press the A button once to turn on the chameleon power. - 2. The red LED lights up to indicate the slot number. - 3. Chameleon will automatically sleep and shut down after no operation for 5 seconds. This can be adjusted in the Android APP. + 1. With the Chameleon in the `OFF` state, press the `A button` once to turn `ON` the Chameleon power + 2. The red LED lights up to indicate the slot number + 3. Chameleon will automatically sleep and shut down after no operation for 5 seconds + - This can be adjusted in the APP -#### 2. Bootloader/DFU firmware upgrade +#### 3. Bootloader/DFU firmware upgrade -hhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh + - Section A1: **[Here](#2-write-the-firmware)** #### 3. Schematics: - - Same as the Mini + - ~~Same as the Mini~~ ? + +#### 4. Demos + + - [How to use the new Proxgrind Chameleon Tiny and Mini with the APP](https://www.youtube.com/watch?v=PiSc9WEbeCE) + - [ChameleonTiny 8 Prox in1 & Sniff - Crack RFID ~ NFC ~ UID](https://www.youtube.com/watch?v=6yITj165tS4) ## D. Appendix @@ -332,6 +366,7 @@ hhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh #### 1. Comparison Table of Specs + |- | Rev.G Official by KAOS | Rev.E Old Rdv2.0 by ProxGrind | Rev.G by ProxGrind |Rev.G Tiny by ProxGrind | | ------------------- |:-------------------:| -------------------:| -------------------:|-------------------: **Simulation**|Good performance, has blind area|Poor compatibility|Perfect performance|no blind area|Perfect performance|no blind area| @@ -386,18 +421,18 @@ hhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh #### 1. From EMSEC: - - [Here](/../../../../emsec/ChameleonMini/master/Doc/Doxygen/html/_page__command_line.html) + - Repo: **[Here](/../../../../emsec/ChameleonMini/master/Doc/Doxygen/html/_page__command_line.html)** #### 2. This repo: - - [Instruction sheet](/../../../../RfidResearchGroup/ChameleonMini/blob/proxgrind/Doc/DoxygenPages/CommandLine.txt) + - Instruction sheet: **[Here](/../../../../RfidResearchGroup/ChameleonMini/blob/proxgrind/Doc/DoxygenPages/CommandLine.txt)** ### D3. Supported Cards, Encoding, & Simulation Types --- #### 1. From EMSEC: - - [Here](/../../../../emsec/ChameleonMini/wiki/Supported-Cards-and--Codecs) + - Repo: [Here](/../../../../emsec/ChameleonMini/wiki/Supported-Cards-and--Codecs) #### 2. Comparison Table of Encoding/Simulation Types From 4dd13e72465476a4aea14732207cacb02fe10975 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Thu, 2 Jun 2022 16:22:28 -0400 Subject: [PATCH 10/27] Spacing --- README.md | 83 +++++++++++++++++++++++++++---------------------------- 1 file changed, 41 insertions(+), 42 deletions(-) diff --git a/README.md b/README.md index 8d5e8d50..669a5f7a 100644 --- a/README.md +++ b/README.md @@ -63,59 +63,58 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../.
Method 1: GUI (Windows Only) - - Mini or Tiny: - - 1. With the Chameleon in the `OFF` position, connect it via USB cable to your computer - - On the Mini, it may be a good idea to remove the battery before putting the device into DFU - 2. Send the`UPGRADE` command while it is connected - 3. Device should now be ready - 4. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) - + - Mini or Tiny: + 1. With the Chameleon in the `OFF` position, connect it via USB cable to your computer + - On the Mini, it may be a good idea to remove the battery before putting the device into DFU + 2. Send the`UPGRADE` command while it is connected + 3. Device should now be ready + 4. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) +
Method 2: CLI - - Mini: - 1. With the Chameleon in the `OFF` state, press and hold the black (Rev E) or yellow (Rev G) button near the USB while inserting it into the USB port - - It may be a good idea to remove the battery before putting the device into DFU - 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter` - 3. The Chameleon will enter the `DFU firmware upgrade` mode - 4. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) - - - Tiny: - 1. With the Chameleon in the `OFF` state, press and hold the B button while inserting it into the USB port - 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter` - 3. The Chameleon will enter the `DFU firmware upgrade` mode - 4. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) + - Mini: + 1. With the Chameleon in the `OFF` state, press and hold the black (Rev E) or yellow (Rev G) button near the USB while inserting it into the USB port + - It may be a good idea to remove the battery before putting the device into DFU + 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter` + 3. The Chameleon will enter the `DFU firmware upgrade` mode + 4. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) + + - Tiny: + 1. With the Chameleon in the `OFF` state, press and hold the B button while inserting it into the USB port + 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter` + 3. The Chameleon will enter the `DFU firmware upgrade` mode + 4. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) + + - Note: + - More info from source: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) - - Note: - - More info from source: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) - -
+
2. Start to upgrade the firmware: -
Method 1: Automatic (Windows Only) - - - Mini or Tiny: - 1. After either compiling or obtaining the firmware HEX and EEP files, place them in the same diretory as [ChameleonFirmwareUpgrade.bat] (/../../../../RfidResearchGroup/ChameleonMini/tree/proxgrind/Firmware/Chameleon-Mini) - 2. Ensure Chameleon is in `DFU firmware upgrade` mode - 3. Run the `ChameleonFirmwareUpgrade.bat` file to automatically start the firmware upgrade - 4. It usually takes 2-5 seconds - 5. After the progress bar is complete, the firmware upgrade is complete +
Method 1: Automatic (Windows Only) + + - Mini or Tiny: + 1. After either compiling or obtaining the firmware HEX and EEP files, place them in the same diretory as [ChameleonFirmwareUpgrade.bat](/../../../../RfidResearchGroup/ChameleonMini/tree/proxgrind/Firmware/Chameleon-Mini) + 2. Ensure Chameleon is in `DFU firmware upgrade` mode + 3. Run the `ChameleonFirmwareUpgrade.bat` file to automatically start the firmware upgrade + 4. It usually takes 2 - 5 seconds + 5. After the progress bar is complete, the firmware upgrade is complete
-
Method 2: Manual - - - Mini or Tiny: - - Guides: - - Icemans Guide (Windows): [Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Getting-started#get-ready-to-flash-bootloader-mode) and [Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Getting-started#get-ready-to-flash-bootloader-mode) - - Icemans Guide (Linux): [Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Compiling-Linux-(Unix)) - - Icemans Guide (Mac): [Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Compiling-OSX) - - - Note: - - Replace any relevant files or other parts with the resources in this repo +
Method 2: Manual + + - Mini or Tiny: + - Guides: + - Icemans Guide (Windows): [Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Getting-started#get-ready-to-flash-bootloader-mode) and [Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Getting-started#get-ready-to-flash-bootloader-mode) + - Icemans Guide (Linux): [Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Compiling-Linux-(Unix)) + - Icemans Guide (Mac): [Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Compiling-OSX) + + - Note: + - Replace any relevant files or other parts with the resources in this repo
From 77a39bcbe6915abbaf591d7ec3acea4adbcdd157 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Thu, 2 Jun 2022 19:31:25 -0400 Subject: [PATCH 11/27] Consistent bolding Other minor changes as well. --- README.md | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 669a5f7a..eb122c5b 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - Putty or similar APP - DFU driver: - The DFU driver comes from ATMEL's official LIBUSB driver library - - You can download it yourself or from the repo: [Here](/../../proxgrind/Drivers) + - You can download it yourself or from the repo: **[Here](/../../proxgrind/Drivers)** - Resellers: - Our Asia & Oceania Reseller: **[Here](https://sneaktechnology.com/)** - Our Europe Reseller: **[Here](https://lab401.com/)** @@ -43,7 +43,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - **WARNING:** This is currently under construction - **RevE:** Contains the entire contents of the discontinued RevE repository - **RevE-light:** Contains our development files for the RevE-light - - **WARNING:** currently not supported / not functional + - **WARNING:** This is currently not supported / not functional ## A. Upgrade to the latest firmware @@ -68,7 +68,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - On the Mini, it may be a good idea to remove the battery before putting the device into DFU 2. Send the`UPGRADE` command while it is connected 3. Device should now be ready - 4. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) + 4. Further information from the original: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)**
@@ -79,13 +79,13 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - It may be a good idea to remove the battery before putting the device into DFU 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter` 3. The Chameleon will enter the `DFU firmware upgrade` mode - 4. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) + 4. Further information from the original: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** - Tiny: 1. With the Chameleon in the `OFF` state, press and hold the B button while inserting it into the USB port 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter` 3. The Chameleon will enter the `DFU firmware upgrade` mode - 4. Further information from the original: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) + 4. Further information from the original: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** - Note: - More info from source: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) @@ -109,9 +109,9 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - Mini or Tiny: - Guides: - - Icemans Guide (Windows): [Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Getting-started#get-ready-to-flash-bootloader-mode) and [Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Getting-started#get-ready-to-flash-bootloader-mode) - - Icemans Guide (Linux): [Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Compiling-Linux-(Unix)) - - Icemans Guide (Mac): [Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Compiling-OSX) + - Icemans Guide (Windows): **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Getting-started#get-ready-to-flash-bootloader-mode)** and **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Getting-started#get-ready-to-flash-bootloader-mode)** + - Icemans Guide (Linux): **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Compiling-Linux-(Unix))** + - Icemans Guide (Mac): **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Compiling-OSX)** - Note: - Replace any relevant files or other parts with the resources in this repo @@ -357,6 +357,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a - [How to use the new Proxgrind Chameleon Tiny and Mini with the APP](https://www.youtube.com/watch?v=PiSc9WEbeCE) - [ChameleonTiny 8 Prox in1 & Sniff - Crack RFID ~ NFC ~ UID](https://www.youtube.com/watch?v=6yITj165tS4) + - [Chameleontiny pro -Standalone clone of a MIFARE 1K UID](https://www.youtube.com/watch?v=Ce5DlCHyeGY) ## D. Appendix @@ -431,7 +432,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a #### 1. From EMSEC: - - Repo: [Here](/../../../../emsec/ChameleonMini/wiki/Supported-Cards-and--Codecs) + - Repo: **[Here](/../../../../emsec/ChameleonMini/wiki/Supported-Cards-and--Codecs)** #### 2. Comparison Table of Encoding/Simulation Types From ab4c7893813bc3005f5d5452839ccebdea8916d8 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Thu, 2 Jun 2022 22:47:58 -0400 Subject: [PATCH 12/27] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index eb122c5b..b4727838 100644 --- a/README.md +++ b/README.md @@ -97,7 +97,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../.
Method 1: Automatic (Windows Only) - Mini or Tiny: - 1. After either compiling or obtaining the firmware HEX and EEP files, place them in the same diretory as [ChameleonFirmwareUpgrade.bat](/../../../../RfidResearchGroup/ChameleonMini/tree/proxgrind/Firmware/Chameleon-Mini) + 1. After either compiling or obtaining the firmware HEX and EEP files, place them in the same diretory as [ChameleonFirmwareUpgrade.bat](/../Firmware/Chameleon-Mini) 2. Ensure Chameleon is in `DFU firmware upgrade` mode 3. Run the `ChameleonFirmwareUpgrade.bat` file to automatically start the firmware upgrade 4. It usually takes 2 - 5 seconds From a47c9653886f4e372f8c41ea9ce24377c0c67e7f Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Thu, 2 Jun 2022 23:01:11 -0400 Subject: [PATCH 13/27] Fix links --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index b4727838..72b6feda 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - Source: **[Here](/../../../../iceman1001/ChameleonMini-rebootedGUI)** - Chameleon Firmware: - Compile the latest firmware: **[Here](/Firmware)** - - Or use the precompiled: **[Here](/../Firmware/Chameleon-Mini/Latest)** + - Or use the precompiled: **[Here](/Firmware/Chameleon-Mini/Latest)** - The Chameleon Mini REV.G version uses the same firmware for both the Mini with Bluetooth version and Tiny - The hardware design of the RF part is exactly the same - The hardware is also compatible with the official firmware of the [KAOS brothers](/../../../../emsec/ChameleonMini) @@ -28,7 +28,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - Putty or similar APP - DFU driver: - The DFU driver comes from ATMEL's official LIBUSB driver library - - You can download it yourself or from the repo: **[Here](/../../proxgrind/Drivers)** + - You can download it yourself or from the repo: **[Here](/Drivers)** - Resellers: - Our Asia & Oceania Reseller: **[Here](https://sneaktechnology.com/)** - Our Europe Reseller: **[Here](https://lab401.com/)** @@ -97,7 +97,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../.
Method 1: Automatic (Windows Only) - Mini or Tiny: - 1. After either compiling or obtaining the firmware HEX and EEP files, place them in the same diretory as [ChameleonFirmwareUpgrade.bat](/../Firmware/Chameleon-Mini) + 1. After either compiling or obtaining the firmware HEX and EEP files, place them in the same diretory as [ChameleonFirmwareUpgrade.bat](/Firmware/Chameleon-Mini/ChameleonFirmwareUpgrade.bat) 2. Ensure Chameleon is in `DFU firmware upgrade` mode 3. Run the `ChameleonFirmwareUpgrade.bat` file to automatically start the firmware upgrade 4. It usually takes 2 - 5 seconds @@ -425,7 +425,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a #### 2. This repo: - - Instruction sheet: **[Here](/../../../../RfidResearchGroup/ChameleonMini/blob/proxgrind/Doc/DoxygenPages/CommandLine.txt)** + - Instruction sheet: **[Here](/Doc/DoxygenPages/CommandLine.txt)** ### D3. Supported Cards, Encoding, & Simulation Types --- From fc62b8b37deadecb3a5ab3ca311a33c4004469a0 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Thu, 2 Jun 2022 23:19:27 -0400 Subject: [PATCH 14/27] Update README.md --- README.md | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 72b6feda..d289158a 100644 --- a/README.md +++ b/README.md @@ -64,11 +64,12 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../.
Method 1: GUI (Windows Only) - Mini or Tiny: - 1. With the Chameleon in the `OFF` position, connect it via USB cable to your computer + 1. If it is a Chameleon Mini, ensure it is in the `OFF` position + 2. Connect it via USB cable to your computer - On the Mini, it may be a good idea to remove the battery before putting the device into DFU - 2. Send the`UPGRADE` command while it is connected - 3. Device should now be ready - 4. Further information from the original: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** + 3. Send the`UPGRADE` command while it is connected + 4. Device should now be ready + 5. Further information from the original: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)**
@@ -82,13 +83,13 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. 4. Further information from the original: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** - Tiny: - 1. With the Chameleon in the `OFF` state, press and hold the B button while inserting it into the USB port + 1. Press and hold the B button while inserting it into the USB port 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter` 3. The Chameleon will enter the `DFU firmware upgrade` mode 4. Further information from the original: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** - Note: - - More info from source: [Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt) + - More info from source: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)**
From 32312b7563923f2830664ced9a1eee4ea13b6804 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Fri, 3 Jun 2022 00:27:13 -0400 Subject: [PATCH 15/27] Add driver instructions Also reorganized some parts --- README.md | 95 +++++++++++++++++++++++++++++-------------------------- 1 file changed, 51 insertions(+), 44 deletions(-) diff --git a/README.md b/README.md index d289158a..d0ea1f0c 100644 --- a/README.md +++ b/README.md @@ -57,65 +57,72 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - Firmware - DFU driver -#### 2. Write the firmware: +#### 2. Enter the Chameleon Direct Firmware Update (DFU) mode: - 1. Enter the Chameleon DFU mode: +
Method 1: GUI (Windows Only) -
Method 1: GUI (Windows Only) + - Mini or Tiny: + 1. If it is a Chameleon Mini, ensure it is in the `OFF` position + 2. Connect it via USB cable to your computer + - On the Mini, it may be a good idea to remove the battery before putting the device into DFU + 3. Send the`UPGRADE` command while it is connected + 4. Chameleon should now be in `DFU` mode + 5. Further information from the original: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** - - Mini or Tiny: - 1. If it is a Chameleon Mini, ensure it is in the `OFF` position - 2. Connect it via USB cable to your computer - - On the Mini, it may be a good idea to remove the battery before putting the device into DFU - 3. Send the`UPGRADE` command while it is connected - 4. Device should now be ready - 5. Further information from the original: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** +
-
- -
Method 2: CLI +
Method 2: CLI - - Mini: - 1. With the Chameleon in the `OFF` state, press and hold the black (Rev E) or yellow (Rev G) button near the USB while inserting it into the USB port - - It may be a good idea to remove the battery before putting the device into DFU - 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter` - 3. The Chameleon will enter the `DFU firmware upgrade` mode - 4. Further information from the original: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** + - Mini: + 1. With the Chameleon in the `OFF` state, press and hold the black (Rev E) or yellow (Rev G) button near the USB while inserting it into the USB port + - It may be a good idea to remove the battery before putting the device into DFU + 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter` + 3. Chameleon should now be in `DFU` mode + 4. Further information from the original: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** - - Tiny: - 1. Press and hold the B button while inserting it into the USB port - 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter` - 3. The Chameleon will enter the `DFU firmware upgrade` mode - 4. Further information from the original: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** + - Tiny: + 1. Press and hold the B button while inserting it into the USB port + 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter` + 3. Chameleon should now be in `DFU` mode + 4. Further information from the original: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** - - Note: - - More info from source: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** + - Note: + - More info from source: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** -
+
- 2. Start to upgrade the firmware: +#### 3. Install DFU Driver (Windows): + + - Mini or Tiny: + 1. Download the drivers from the repo + 2. Ensure you have connected your Chameleon and that it is in DFU mode + 3. You should have an unknow USB device in device manager + 4. Update the device with the driver files from the repo + 5. You should now have an 'ATxmega*' device + +#### 4. Start to upgrade the firmware: -
Method 1: Automatic (Windows Only) +
Method 1: Automatic (Windows Only) - - Mini or Tiny: - 1. After either compiling or obtaining the firmware HEX and EEP files, place them in the same diretory as [ChameleonFirmwareUpgrade.bat](/Firmware/Chameleon-Mini/ChameleonFirmwareUpgrade.bat) - 2. Ensure Chameleon is in `DFU firmware upgrade` mode - 3. Run the `ChameleonFirmwareUpgrade.bat` file to automatically start the firmware upgrade - 4. It usually takes 2 - 5 seconds - 5. After the progress bar is complete, the firmware upgrade is complete + - Mini or Tiny: + 1. After either compiling or obtaining the firmware HEX and EEP files, place them in the same diretory as [ChameleonFirmwareUpgrade.bat](/Firmware/Chameleon-Mini/ChameleonFirmwareUpgrade.bat) + 2. Ensure Chameleon is in `DFU firmware upgrade` mode + 3. Run the `ChameleonFirmwareUpgrade.bat` file to automatically start the firmware upgrade + 4. It usually takes 2 - 5 seconds + 5. After the progress bar is complete, the firmware upgrade is complete -
+
-
Method 2: Manual +
Method 2: Manual - - Mini or Tiny: - - Guides: - - Icemans Guide (Windows): **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Getting-started#get-ready-to-flash-bootloader-mode)** and **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Getting-started#get-ready-to-flash-bootloader-mode)** - - Icemans Guide (Linux): **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Compiling-Linux-(Unix))** - - Icemans Guide (Mac): **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Compiling-OSX)** + - Mini or Tiny: + - Guides: + - Icemans Guide (Windows): **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Getting-started#get-ready-to-flash-bootloader-mode)** and **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Getting-started#get-ready-to-flash-bootloader-mode)** + - Icemans Guide (Linux): **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Compiling-Linux-(Unix))** + - Icemans Guide (Mac): **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Compiling-OSX)** - - Note: - - Replace any relevant files or other parts with the resources in this repo + - Note: + - Replace any relevant files or other parts with the resources in this repo
From 34e1563f60371e1a76465bbe11a2fb10a5926ab8 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Fri, 3 Jun 2022 01:07:52 -0400 Subject: [PATCH 16/27] Update README.md --- README.md | 103 +++++++++++++++++++++++++++++------------------------- 1 file changed, 56 insertions(+), 47 deletions(-) diff --git a/README.md b/README.md index d0ea1f0c..09a9ad65 100644 --- a/README.md +++ b/README.md @@ -50,7 +50,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. ### A1. Upgrade Chameleon AVR Firmware --- -#### 1. Obtain Tools: +#### 1. Obtain and Prepare Tools: - Optional GUI (Windows Only) - Terminal APP @@ -64,10 +64,15 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - Mini or Tiny: 1. If it is a Chameleon Mini, ensure it is in the `OFF` position 2. Connect it via USB cable to your computer - - On the Mini, it may be a good idea to remove the battery before putting the device into DFU - 3. Send the`UPGRADE` command while it is connected + - On the Mini, it may be a good idea to remove the battery before putting the device into `DFU` mode + 3. Under the `Settings` tab, Send the `Upgrade` command while the Chameleon is connected + - This only puts the Chameleon in `DFU` mode + - It does **NOT** start installing the firmware at all 4. Chameleon should now be in `DFU` mode - 5. Further information from the original: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** + + - Further information: + - **[emsec](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** + - **[Iceman GUI](https://github.com/iceman1001/ChameleonMini-rebooted/wiki/Getting-started)**
@@ -75,20 +80,22 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - Mini: 1. With the Chameleon in the `OFF` state, press and hold the black (Rev E) or yellow (Rev G) button near the USB while inserting it into the USB port - - It may be a good idea to remove the battery before putting the device into DFU + - It may be a good idea to remove the battery before putting the device into `DFU` mode 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter` + - This only puts the Chameleon in `DFU` mode + - It does **NOT** start installing the firmware at all 3. Chameleon should now be in `DFU` mode - 4. Further information from the original: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** - Tiny: 1. Press and hold the B button while inserting it into the USB port 2. Use your favorite terminal application to connect to it. Type `upgrade` and hit `Enter` + - This only puts the Chameleon in `DFU` mode + - It does **NOT** start installing the firmware at all 3. Chameleon should now be in `DFU` mode - 4. Further information from the original: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** - - Note: - - More info from source: **[Here](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** - + - Further information: + - **[emsec](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** +
#### 3. Install DFU Driver (Windows): @@ -100,7 +107,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. 4. Update the device with the driver files from the repo 5. You should now have an 'ATxmega*' device -#### 4. Start to upgrade the firmware: +#### 4. Start Firmware Upgrade:
Method 1: Automatic (Windows Only) @@ -129,20 +136,20 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. ### A2. Upgrade (OTA) Bluetooth Firmware (Chameleon Mini only) --- -#### 1. Obtain Tools: +#### 1. Obtain and Prepare Tools: - Optional GUI - Terminal APP - Phone APP - Firmware -#### 2. Open the APP and connect the device using Bluetooth: +#### 2. Use APP to Connect to Chameleon Using Bluetooth: 1. Press any button on the Mini and the white battery light should come `ON` - You can now connect via Bluetooth 2. Open the APP again and click `Connect` to automatically connect the Chameleon -#### 3. Start the upgrade (OTA) of the Bluetooth firmware: +#### 3. Start Bluetooth Firmware Upgrade: 1. In the `Device Information` column, press `BLE CMD Version` 5 times 2. On the `OTA upgrade` page, click `Auto Upgrade` @@ -151,10 +158,10 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. ## B. Crash Course -### B1. Detect keys and upload card files +### B1. Detect Keys and Upload Card files --- -#### 1. Obtain Tools and Connect Device: +#### 1. Obtain and Prepare Tools: 1. Tools: - Optional GUI @@ -169,21 +176,21 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - Both the Chameleon Mini and Tiny support direct connection to the mobile phone USB port - For the Mini, an additional OTG adapter needs to be purchased - Tiny uses its own dual-headed TYPE-C data cable to connect directly to TYPE-C mobile phones - - Chameleon Mini has built-in Bluetooth BLE4.0. Press any button first to wake up Bluetooth + - Chameleon Mini has built-in Bluetooth BLE4.0. Press any button to wake up Bluetooth - Turn Bluetooth `ON` on your phone and the APP will automatically connect -#### 2. Use APP to enable detection mode: +#### 2. Use APP to Enable Detection Mode: - 1. After connecting, click on a single card slot and select `DETECTION_1K` or `4K` in the `card slot mode` - 2. This card slot will now have the detection mode turned `ON` - 3. Write the original card number in the `UID Card Number` column. Click `Write` + 1. After connecting, click on a single card slot and select `DETECTION_1K` or `4K` in the `Card Slot` mode + 2. This card slot will now have the `Detection` mode turned `ON` + 3. Write the original card number in the `UID Card Number` column - If you don't know the UID number, you can fill in it at will 4. Then click the `Clear` button below to clear the last detection record -#### 3. Use the APP to get keys: +#### 3. Use APP to Get Keys: - 1. Take the Chameleon to the access control reader and swipe - 2. The key and access traces when the chaser reads the Chameleon will be recorded by the Chameleon + 1. Take the Chameleon to the access control reader and swipe it across + 2. The key and access traces are recorded by the Chameleon when you swipe 3. Connect back to the mobile phone and press the `Crack` button 4. After a few seconds, the APP will automatically solve and list the results, as shown in the figure below: @@ -197,16 +204,18 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - Note: - Multiple red LEDs are on at the same time during detection, which means the memory is full, just clear the memory. -#### 4. Use Android APP to import existing card data files in batches: +#### 4. Use APP to Import Existing Card Files: - 1. Use QQ to send the card data file to the mobile phone QQ, or connect the mobile phone to the computer and transfer the file to any directory on the mobile phone - 2. Open the APP, click the `DUMP` column below, click the `Scanner` in the plus sign in the upper right corner - 3. Click the three horizontal line buttons in the upper left corner, and select this phone - 4. Select the root directory of the QQ receiving file or the previously copied directory, and click `Allow Access` - 5. All card data files will be automatically scanned into the `DUMP` file interface, which can be uploaded or edited at will - 6. Click the card data file in the `DUMP` column below, and click `Upload` below to upload to the card slot corresponding to the Chameleon + 1. Use QQ to send the card data file to the mobile phone QQ + - Or connect the mobile phone to the computer and transfer the file to any directory on the mobile phone + 2. Open the APP and click the `Dump` column + 3. Click the `Scanner` in the plus sign in the upper right corner + 4. Click the three horizontal line buttons in the upper left corner and select this phone + 5. Select the root directory of the QQ receiving file or the previously copied directory, and click `Allow Access` + 6. All card data files will be automatically scanned into the `Dump` file interface, which can be uploaded or edited at will + 7. Click the card data file in the `Dump` column below, and click `Upload` below to upload to the card slot corresponding to the Chameleon -### B2. Introduction to UID mode and SAK mode +### B2. Introduction to UID Mode and SAK Mode --- #### 1. UID Mode: @@ -217,15 +226,15 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - Commonly known as a UID card or Chinese magic card 3. Global card slot takes effect -#### 2. SAK mode: +#### 2. SAK Mode: 1. Click the `SAK Mode` button in the APP or directly send the command `SAKMODE = 1` to turn it `ON`, and `SAKMODE = 0` to turn it `OFF` 2. After the `SAK Mode` is turned `ON`, the card will feedback the real SAK value when it is found 3. The SAK value is determined by the 0 sector, 0 block, and the position is the position of the sixth byte immediately after the UID number - 4. If the SAK mode is not turned on, the SAK is a fixed value of 08, and 0 blocks of data are ignored - 5. This function is used to meet the situation where some cards with special SAK values cannot be used normally after being copied + 4. If the `SAK Mode` is not turned on, the SAK is a fixed value of 08, and 0 blocks of data are ignored + - This function is useful when special SAK values cannot be used normally after being copied - This achieves better compatibility - 6. The current card slot takes effect + 5. The current card slot takes effect ### B3. Card Slot Functions --- @@ -279,7 +288,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a ## C. Hardware & Lights -### C1. All units +### C1. All Units --- #### 1. Charging: @@ -303,7 +312,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a - Mini: MicroUSB - Tiny: Type-C -#### 3. Detect memory full: +#### 3. Detect Memory Full: - If the memory is full during dense flow detection, multiple red LEDs will be abnormally lit @@ -314,21 +323,21 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a ### C2. Chameleon Mini --- -#### 1. Turn on Bluetooth and check the battery: +#### 1. Turn on Bluetooth and Check the Battery: 1. When the power is `OFF`, press any button once to turn on the Bluetooth power, and at the same time, display the current power with a white LED 2. With the Bluetooth in the `ON` state, click any button to turn off the Bluetooth power, the power LED goes out, and the system sleeps 3. Bluetooth will sleep automatically after no operation for 15 seconds - Press any button once to shut down immediately -#### 2. Turn on the Chameleon: +#### 2. Turn On the Chameleon: - 1. With the Bluetooth in the `ON` state, double click any button. + 1. With the Bluetooth in the `ON` state, double click any button - Or in the `OFF` state, triple click any button times to turn `ON` the Chameleon 2. The red LED lights up to indicate the slot number 3. Chameleon will automatically sleep and shut down after no operation for 5 seconds -#### 3. Bootloader/DFU firmware upgrade methods: +#### 3. Bootloader/DFU Firmware Upgrade Methods: - Section A1: **[Here](#2-write-the-firmware)** @@ -346,14 +355,14 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a ### C3. Chameleon Tiny --- -#### 1. Turn on the Chameleon and Bluetooth: +#### 1. Turn Chameleon and Bluetooth On: 1. With the Chameleon in the `OFF` state, press the `A button` once to turn `ON` the Chameleon power 2. The red LED lights up to indicate the slot number 3. Chameleon will automatically sleep and shut down after no operation for 5 seconds - This can be adjusted in the APP -#### 3. Bootloader/DFU firmware upgrade +#### 3. Bootloader/DFU Firmware Upgrade - Section A1: **[Here](#2-write-the-firmware)** @@ -369,7 +378,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a ## D. Appendix -### D1. Feature comparison table for each version +### D1. Feature Comparison Table for Each Version --- #### 1. Comparison Table of Specs @@ -431,9 +440,9 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a - Repo: **[Here](/../../../../emsec/ChameleonMini/master/Doc/Doxygen/html/_page__command_line.html)** -#### 2. This repo: +#### 2. This Repo: - - Instruction sheet: **[Here](/Doc/DoxygenPages/CommandLine.txt)** + - Instruction Sheet: **[Here](/Doc/DoxygenPages/CommandLine.txt)** ### D3. Supported Cards, Encoding, & Simulation Types --- From 871112d67980128b63c8b05569adf45829f39ad2 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Fri, 3 Jun 2022 01:54:48 -0400 Subject: [PATCH 17/27] Added DFU Programmer Info --- README.md | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 09a9ad65..1256cead 100644 --- a/README.md +++ b/README.md @@ -29,6 +29,8 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - DFU driver: - The DFU driver comes from ATMEL's official LIBUSB driver library - You can download it yourself or from the repo: **[Here](/Drivers)** + - DFU Programmer: + - Zip file from Iceman: **[Here](/../../../../iceman1001/ChameleonMini-rebooted/blob/master/Software/Flashing-Windows/dfu-programmer-win-0.7.2.zip)** - Resellers: - Our Asia & Oceania Reseller: **[Here](https://sneaktechnology.com/)** - Our Europe Reseller: **[Here](https://lab401.com/)** @@ -55,9 +57,17 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - Optional GUI (Windows Only) - Terminal APP - Firmware - - DFU driver + - DFU Driver + - DFU Programmer -#### 2. Enter the Chameleon Direct Firmware Update (DFU) mode: +#### 2. Create a Working Directory + + 1. Create a directory to work from + 2. Place the Chameleon firmware in the directory + 3. Unzip the DFU Programmer folder to the working directory + 4. If you are using the auto install on Windows, place [ChameleonFirmwareUpgrade.bat](/Firmware/Chameleon-Mini/ChameleonFirmwareUpgrade.bat) in the working directory as well + +#### 3. Enter the Chameleon Direct Firmware Update (DFU) mode:
Method 1: GUI (Windows Only) @@ -98,23 +108,23 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../.
-#### 3. Install DFU Driver (Windows): +#### 4. Install DFU Driver (Windows): - Mini or Tiny: 1. Download the drivers from the repo - 2. Ensure you have connected your Chameleon and that it is in DFU mode + 2. Ensure you have connected your Chameleon and that it is in `DFU` mode 3. You should have an unknow USB device in device manager 4. Update the device with the driver files from the repo 5. You should now have an 'ATxmega*' device -#### 4. Start Firmware Upgrade: +#### 5. Start Firmware Upgrade:
Method 1: Automatic (Windows Only) - Mini or Tiny: - 1. After either compiling or obtaining the firmware HEX and EEP files, place them in the same diretory as [ChameleonFirmwareUpgrade.bat](/Firmware/Chameleon-Mini/ChameleonFirmwareUpgrade.bat) - 2. Ensure Chameleon is in `DFU firmware upgrade` mode - 3. Run the `ChameleonFirmwareUpgrade.bat` file to automatically start the firmware upgrade + 1. If you haven't already, place [ChameleonFirmwareUpgrade.bat](/Firmware/Chameleon-Mini/ChameleonFirmwareUpgrade.bat) in your working directory with your firmware and other tools + 2. Ensure Chameleon is in `DFU` mode + 3. Run the `ChameleonFirmwareUpgrade.bat` file **AS ADMIN** to automatically start the firmware upgrade 4. It usually takes 2 - 5 seconds 5. After the progress bar is complete, the firmware upgrade is complete From 87be57ec644adf50a11c0aebdd5dc702a1c4a22f Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Fri, 3 Jun 2022 09:12:18 -0400 Subject: [PATCH 18/27] Update README.md --- README.md | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 1256cead..dc41eb3f 100644 --- a/README.md +++ b/README.md @@ -446,20 +446,18 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a ### D2. Complete Instruction List --- -#### 1. From EMSEC: +#### 1. Links: - - Repo: **[Here](/../../../../emsec/ChameleonMini/master/Doc/Doxygen/html/_page__command_line.html)** - -#### 2. This Repo: - - - Instruction Sheet: **[Here](/Doc/DoxygenPages/CommandLine.txt)** + - Instruction Sheet: **[Here](/Doc/DoxygenPages/CommandLine.txt)** + - emsec: **[Here](/../../../../emsec/ChameleonMini/master/Doc/Doxygen/html/_page__command_line.html)** + - AndreasBujok: **[Here](https://github.com/AndreasBujok/ChameleonMini)** ### D3. Supported Cards, Encoding, & Simulation Types --- -#### 1. From EMSEC: +#### 1. Links: - - Repo: **[Here](/../../../../emsec/ChameleonMini/wiki/Supported-Cards-and--Codecs)** + - emsec: **[Here](/../../../../emsec/ChameleonMini/wiki/Supported-Cards-and--Codecs)** #### 2. Comparison Table of Encoding/Simulation Types From f651832afdfaec1b8c43c784695d1bfc5ed45e71 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Fri, 3 Jun 2022 09:19:29 -0400 Subject: [PATCH 19/27] Update README.md --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index dc41eb3f..e158bc42 100644 --- a/README.md +++ b/README.md @@ -231,10 +231,10 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. #### 1. UID Mode: 1. Enter UID mode: - - Click the button `UID Changeable (GEN1a)` in the APP or directly send the command `UIDMODE = 1` to turn it on, and `UIDMODE = 0` to turn it `OFF` + - Click the button `UID Changeable (GEN1a)` in the APP or directly send the command `UIDMODE = 1` to turn it `ON`, and `UIDMODE = 0` to turn it `OFF` 2. After the UID mode is turned `ON`, the card simulated by Chameleon will become a GEN1a card - Commonly known as a UID card or Chinese magic card - 3. Global card slot takes effect + 3. The current card slot takes effect #### 2. SAK Mode: @@ -335,8 +335,8 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a #### 1. Turn on Bluetooth and Check the Battery: - 1. When the power is `OFF`, press any button once to turn on the Bluetooth power, and at the same time, display the current power with a white LED - 2. With the Bluetooth in the `ON` state, click any button to turn off the Bluetooth power, the power LED goes out, and the system sleeps + 1. When the power is `OFF`, press any button once to turn `ON` the Bluetooth power, and at the same time, display the current power with a white LED + 2. With the Bluetooth in the `ON` state, click any button to turn `OFF` the Bluetooth power, the power LED goes out, and the system sleeps 3. Bluetooth will sleep automatically after no operation for 15 seconds - Press any button once to shut down immediately From c94d44d6902d70c4264a20b5bf7f9a094ce7143c Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Fri, 3 Jun 2022 11:27:04 -0400 Subject: [PATCH 20/27] Add info on documentation --- README.md | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index e158bc42..c149b857 100644 --- a/README.md +++ b/README.md @@ -5,8 +5,17 @@ This is NOT the official repository of ChameleonMini, a freely programmable port Our Project is based on the open-source project [ChameleonMini RevG](/../../../../emsec/ChameleonMini) by Kasper & Oswald. They also have their own [Webshop](https://shop.kasper.it/). - Information: - - Most information can be found: **[Here](http://chameleontiny.com/)** + - Chameleon Tiny Site: **[Here](http://chameleontiny.com/)** - Chameleon BLE API: [**Here**](/../../../../RfidResearchGroup/ChameleonBLEAPI/blob/master/code.rar) + - Doxygen: **[Here](/../../../../doxygen/doxygen)** + - For viewing some of the documentation + - Binaries: **[Here](https://www.doxygen.nl/download.html)** + - Install: **[Here](https://www.doxygen.nl/manual/install.html)** + - Documentation (RfidResearchgroup): **[Here](https://github.com/RfidResearchGroup/ChameleonMini/tree/proxgrind/Doc/Doxygen/html)** + - Need to manually download and view + - Open [Doc/Doxyfile](Doc/Doxyfile) and then `Show HTML Output` + - Documentation (emsec): **[Here](https://rawgit.com/emsec/ChameleonMini/master/Doc/Doxygen/html)** + - Source: **[Here](/../../../../emsec/ChameleonMini/tree/master/Doc)** - Tools: - Phone APP: - Android: **[Chameleon](https://play.google.com/store/apps/details?id=com.proxgrind.chameleon)** @@ -177,7 +186,6 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - Optional GUI - Terminal APP - Phone APP - - Firmware 2. Connect to the Chameleon Mini or Tiny using the APP - Connect via USB or Bluetooth From 11844d6a360ceb84e03423220812bc6567498d7e Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Fri, 3 Jun 2022 13:59:31 -0400 Subject: [PATCH 21/27] Update README.md --- README.md | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index c149b857..6c61b05f 100644 --- a/README.md +++ b/README.md @@ -39,7 +39,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - The DFU driver comes from ATMEL's official LIBUSB driver library - You can download it yourself or from the repo: **[Here](/Drivers)** - DFU Programmer: - - Zip file from Iceman: **[Here](/../../../../iceman1001/ChameleonMini-rebooted/blob/master/Software/Flashing-Windows/dfu-programmer-win-0.7.2.zip)** + - Zip file from SourceForge: **[Here](https://sourceforge.net/projects/dfu-programmer/files/dfu-programmer/0.7.2/dfu-programmer-win-0.7.2.zip/download)** - Resellers: - Our Asia & Oceania Reseller: **[Here](https://sneaktechnology.com/)** - Our Europe Reseller: **[Here](https://lab401.com/)** @@ -76,6 +76,10 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. 3. Unzip the DFU Programmer folder to the working directory 4. If you are using the auto install on Windows, place [ChameleonFirmwareUpgrade.bat](/Firmware/Chameleon-Mini/ChameleonFirmwareUpgrade.bat) in the working directory as well + - Further information: + - **[Here](/Doc/Doxygen/html/_page__getting_started.html) + - **[emsec](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** + #### 3. Enter the Chameleon Direct Firmware Update (DFU) mode:
Method 1: GUI (Windows Only) @@ -113,7 +117,8 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. 3. Chameleon should now be in `DFU` mode - Further information: - - **[emsec](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** + - **[Here](/Doc/Doxygen/html/_page__getting_started.html) + - **[emsec](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)**
@@ -199,7 +204,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. #### 2. Use APP to Enable Detection Mode: - 1. After connecting, click on a single card slot and select `DETECTION_1K` or `4K` in the `Card Slot` mode + 1. After connecting, click on a single card slot and select `MF_DETECTION_1K` or `MF_DETECTION_4K` in the `Card Slot` mode 2. This card slot will now have the `Detection` mode turned `ON` 3. Write the original card number in the `UID Card Number` column - If you don't know the UID number, you can fill in it at will @@ -366,8 +371,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a #### 5. Demos - [ChameleonMini RevG In Lab Demo / Technical Explanation of Command Line Interface](https://www.dailymotion.com/video/x3lf45p) - - [Mifare Reader Attack: Sniffing, Cracking, Emulation, Open! LAB401 Academy - CHAMELEON MINI Tutorial](https://www.youtube.com/watch?v=pI7k5b0yhb0) - - [AndreasBujok/ChameleonMini](/../../../../AndreasBujok/ChameleonMini) + - [Mifare Reader Attack: Sniffing, Cracking, Emulation, Open! LAB401 Academy - CHAMELEON MINI Tutorial](https://www.youtube.com/watch?v=pI7k5b0yhb0 - [How to use the new Proxgrind Chameleon Tiny and Mini with the APP](https://www.youtube.com/watch?v=PiSc9WEbeCE) ### C3. Chameleon Tiny @@ -458,7 +462,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a - Instruction Sheet: **[Here](/Doc/DoxygenPages/CommandLine.txt)** - emsec: **[Here](/../../../../emsec/ChameleonMini/master/Doc/Doxygen/html/_page__command_line.html)** - - AndreasBujok: **[Here](https://github.com/AndreasBujok/ChameleonMini)** + - [AndreasBujok/ChameleonMini](/../../../../AndreasBujok/ChameleonMini) ### D3. Supported Cards, Encoding, & Simulation Types --- From b15ba66e24f71f31a8cc82679c7a8d2be30daa38 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Fri, 3 Jun 2022 14:11:19 -0400 Subject: [PATCH 22/27] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 6c61b05f..03119a89 100644 --- a/README.md +++ b/README.md @@ -371,7 +371,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a #### 5. Demos - [ChameleonMini RevG In Lab Demo / Technical Explanation of Command Line Interface](https://www.dailymotion.com/video/x3lf45p) - - [Mifare Reader Attack: Sniffing, Cracking, Emulation, Open! LAB401 Academy - CHAMELEON MINI Tutorial](https://www.youtube.com/watch?v=pI7k5b0yhb0 + - [Mifare Reader Attack: Sniffing, Cracking, Emulation, Open! LAB401 Academy - CHAMELEON MINI Tutorial](https://www.youtube.com/watch?v=pI7k5b0yhb0) - [How to use the new Proxgrind Chameleon Tiny and Mini with the APP](https://www.youtube.com/watch?v=PiSc9WEbeCE) ### C3. Chameleon Tiny @@ -384,7 +384,7 @@ CLONE|Read the UID card number immediately after pressing, continue searching, a 3. Chameleon will automatically sleep and shut down after no operation for 5 seconds - This can be adjusted in the APP -#### 3. Bootloader/DFU Firmware Upgrade +#### 2. Bootloader/DFU Firmware Upgrade - Section A1: **[Here](#2-write-the-firmware)** From c9068c49b46e503dc150ad2c399a66b7d05a98d1 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Fri, 3 Jun 2022 16:13:19 -0400 Subject: [PATCH 23/27] Add Clone_MFU command --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 03119a89..9d9de833 100644 --- a/README.md +++ b/README.md @@ -308,6 +308,7 @@ TOGGLE_FIELD|Click once to turn off the antenna and click again to turn on the a STORE_LOG|Write the log data in the temporary cache to the memory, which can be saved even when power is off| CLEAR_LOG|Clear log data immediately after pressing| CLONE|Read the UID card number immediately after pressing, continue searching, and simulate immediately after reading the card| +CLONE_MFU|Clones a Mifare Ultralight card that is in the range of the antenna to the current slot, which is then accordingly configured to emulate it| ## C. Hardware & Lights From 2d31453780d925b12de1aed2e341a5f2c5d4be88 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Tue, 7 Jun 2022 14:42:59 -0400 Subject: [PATCH 24/27] Update README.md --- README.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 9d9de833..1ff2d3ef 100644 --- a/README.md +++ b/README.md @@ -243,15 +243,16 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. #### 1. UID Mode: - 1. Enter UID mode: - - Click the button `UID Changeable (GEN1a)` in the APP or directly send the command `UIDMODE = 1` to turn it `ON`, and `UIDMODE = 0` to turn it `OFF` + 1. Click the button `UID Changeable (GEN1a)` in the APP or directly send the command `UIDMODE = 1` to turn it `ON` + - `UIDMODE = 0` to turn it `OFF` 2. After the UID mode is turned `ON`, the card simulated by Chameleon will become a GEN1a card - Commonly known as a UID card or Chinese magic card 3. The current card slot takes effect #### 2. SAK Mode: - 1. Click the `SAK Mode` button in the APP or directly send the command `SAKMODE = 1` to turn it `ON`, and `SAKMODE = 0` to turn it `OFF` + 1. Click the `SAK Mode` button in the APP or directly send the command `SAKMODE = 1` to turn it `ON` + - `SAKMODE = 0` to turn it `OFF` 2. After the `SAK Mode` is turned `ON`, the card will feedback the real SAK value when it is found 3. The SAK value is determined by the 0 sector, 0 block, and the position is the position of the sixth byte immediately after the UID number 4. If the `SAK Mode` is not turned on, the SAK is a fixed value of 08, and 0 blocks of data are ignored From 0828ed9dea5dc0d7d98c99b033bc1a31906b87bc Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Tue, 7 Jun 2022 15:09:10 -0400 Subject: [PATCH 25/27] Update README.md --- README.md | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index 1ff2d3ef..d68ecaa2 100644 --- a/README.md +++ b/README.md @@ -77,7 +77,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. 4. If you are using the auto install on Windows, place [ChameleonFirmwareUpgrade.bat](/Firmware/Chameleon-Mini/ChameleonFirmwareUpgrade.bat) in the working directory as well - Further information: - - **[Here](/Doc/Doxygen/html/_page__getting_started.html) + - **[Here](/Doc/Doxygen/html/_page__getting_started.html)** - **[emsec](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)** #### 3. Enter the Chameleon Direct Firmware Update (DFU) mode: @@ -117,19 +117,22 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. 3. Chameleon should now be in `DFU` mode - Further information: - - **[Here](/Doc/Doxygen/html/_page__getting_started.html) + - **[Here](/Doc/Doxygen/html/_page__getting_started.html)** - **[emsec](/../../../../emsec/ChameleonMini/blob/master/Doc/DoxygenPages/GettingStarted.txt)**
-#### 4. Install DFU Driver (Windows): +#### 4. Install DFU Driver: - - Mini or Tiny: +
Windows + + - Mini or Tiny: 1. Download the drivers from the repo 2. Ensure you have connected your Chameleon and that it is in `DFU` mode 3. You should have an unknow USB device in device manager 4. Update the device with the driver files from the repo 5. You should now have an 'ATxmega*' device +
#### 5. Start Firmware Upgrade: @@ -145,15 +148,14 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../.
Method 2: Manual - - - Mini or Tiny: - - Guides: - - Icemans Guide (Windows): **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Getting-started#get-ready-to-flash-bootloader-mode)** and **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Getting-started#get-ready-to-flash-bootloader-mode)** - - Icemans Guide (Linux): **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Compiling-Linux-(Unix))** - - Icemans Guide (Mac): **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Compiling-OSX)** - - - Note: - - Replace any relevant files or other parts with the resources in this repo + +- Mini or Tiny: + - Guides: + - Icemans Guide (Windows): **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Getting-started#get-ready-to-flash-bootloader-mode)** and **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Getting-started#get-ready-to-flash-bootloader-mode)** + - Icemans Guide (Linux): **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Compiling-Linux-(Unix))** + - Icemans Guide (Mac): **[Here](/../../../../iceman1001/ChameleonMini-rebooted/wiki/Compiling-OSX)** + - Note: + - Replace any relevant files or other parts with the resources in this repo
@@ -243,7 +245,7 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. #### 1. UID Mode: - 1. Click the button `UID Changeable (GEN1a)` in the APP or directly send the command `UIDMODE = 1` to turn it `ON` + 1. Click the button `UID Changeable (GEN1a)` in the APP or directly send the command `UIDMODE = 1` to turn it `ON` - `UIDMODE = 0` to turn it `OFF` 2. After the UID mode is turned `ON`, the card simulated by Chameleon will become a GEN1a card - Commonly known as a UID card or Chinese magic card @@ -364,7 +366,7 @@ CLONE_MFU|Clones a Mifare Ultralight card that is in the range of the antenna to #### 3. Bootloader/DFU Firmware Upgrade Methods: - - Section A1: **[Here](#2-write-the-firmware)** + - Section A1: **[Here](#a1-upgrade-chameleon-avr-firmware)** #### 4. Schematics for Chameleon Mini: From 516e67345c22e34ed19184c87fc316289e0f6555 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Tue, 7 Jun 2022 15:47:29 -0400 Subject: [PATCH 26/27] Update README.md --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index d68ecaa2..5fab8a63 100644 --- a/README.md +++ b/README.md @@ -14,7 +14,8 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - Documentation (RfidResearchgroup): **[Here](https://github.com/RfidResearchGroup/ChameleonMini/tree/proxgrind/Doc/Doxygen/html)** - Need to manually download and view - Open [Doc/Doxyfile](Doc/Doxyfile) and then `Show HTML Output` - - Documentation (emsec): **[Here](https://rawgit.com/emsec/ChameleonMini/master/Doc/Doxygen/html)** + - Documentation (emsec): + - **[Here](https://rawgit.com/emsec/ChameleonMini/master/Doc/Doxygen/html)** - Source: **[Here](/../../../../emsec/ChameleonMini/tree/master/Doc)** - Tools: - Phone APP: From 70f66f1cb8244290190404f15e970e9a06b28d35 Mon Sep 17 00:00:00 2001 From: sawft99 <81699231+sawft99@users.noreply.github.com> Date: Tue, 7 Jun 2022 15:50:08 -0400 Subject: [PATCH 27/27] Update README.md --- README.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 5fab8a63..1554b5d1 100644 --- a/README.md +++ b/README.md @@ -11,11 +11,12 @@ Our Project is based on the open-source project [ChameleonMini RevG](/../../../. - For viewing some of the documentation - Binaries: **[Here](https://www.doxygen.nl/download.html)** - Install: **[Here](https://www.doxygen.nl/manual/install.html)** - - Documentation (RfidResearchgroup): **[Here](https://github.com/RfidResearchGroup/ChameleonMini/tree/proxgrind/Doc/Doxygen/html)** - - Need to manually download and view - - Open [Doc/Doxyfile](Doc/Doxyfile) and then `Show HTML Output` + - Documentation (RfidResearchgroup): + - Source: **[Here](https://github.com/RfidResearchGroup/ChameleonMini/tree/proxgrind/Doc/Doxygen/html)** + - Need to manually download and view + - Open [Doc/Doxyfile](Doc/Doxyfile) and then in application `Show HTML Output` - Documentation (emsec): - - **[Here](https://rawgit.com/emsec/ChameleonMini/master/Doc/Doxygen/html)** + - Doxygen: **[Here](https://rawgit.com/emsec/ChameleonMini/master/Doc/Doxygen/html)** - Source: **[Here](/../../../../emsec/ChameleonMini/tree/master/Doc)** - Tools: - Phone APP: