Skip to content

Releases: RfidResearchGroup/ChameleonUltra

Development release

19 Aug 00:14
Compare
Choose a tag to compare
Development release Pre-release
Pre-release

Auto-Generated DFU packages from latest main commit.
For development purposes only.
These are not tested, here be dragons.
Built from commit c68ea99

Release v2.0.0

26 Sep 15:59
Compare
Choose a tag to compare

Auto-Generated DFU packages for Release v2.0.0
Built from commit 4747d38

What's Changed

  • Changed APP_FW_VER now deduced from git tag vx.y.z (@doegox)
  • Changed initial button wakeup from 4 to 8 seconds (@aramova)
  • Added MIFARE Ultralight reading features (@FlUxIuS & @doegox)
  • Fixed MF1 write mode SHADOW was not preserved properly (@doegox)
  • Changed field LED now active also in reader mode to indicate that reader is powering the field (@doegox)
  • Changed slot enabled logic: now we have separate enabled_hf and enabled_lf, changed GET_ENABLED_SLOTS and SET_SLOT_ENABLE (@doegox)
  • Changed tag type enum to be ready for new types, changed stored slotConfig and GET_SLOT_INFO (@doegox)
  • Added HF14A_RAW and its support in hf 14a raw (@xianglin1998)
  • Removed MF1_DETECT_DARKSIDE (@doegox)
  • Added MF1_STATIC_NESTED_ACQUIRE and its support in hf mf nested (@xianglin1998)
  • Changed hf 14a scan: Automatically send RATS to 14443-4a tags (@augustozanellato)
  • Changed Darkside: use LEDs for visual feedback of attack progression (@doegox)
  • Changed Darkside: longer RF field off for reset and longer CLI timeout (@doegox)
  • Fixed Darkside: parity byte-to-array bug made it low probability to succeed (@doegox)
  • Changed hw detection decrypt show progression and remove duplicate keys (@doegox)
  • Changed dynamic cmd_map_init() by static cmd_map initialization (@doegox)
  • Changed hf slot list to add clarity and colors (@doegox)
  • Changed hf mf sim and hf mf info to support ATS (still to be used in actual emulation) (@doegox)
  • Changed hf mf eload and hf mf eread: uploads/downloads are now 30x faster (@doegox)
  • Changed CLI HF14AInfo logic merged inside HF14AScan for more consistent display of the results (@doegox)
  • Added guessed type information for NXP tags, and reorganization of HF information part. (@FlUxIuS)
  • Changed hw raw to detail status message (@doegox)
  • Changed CLI to query capabilities on connect, not on every single command if device does not support get_device_capabilities (@doegox)
  • Changed CLI to not instanciate ChameleonCMD on every single command (@doegox)
  • Changed massively the protocol and its handlers for more consistency and easier maintenance and future dev (@doegox)
  • Added hf settings blepair command to get and set ble pairing enable state, and default disable ble pair (@xianglin1998)
  • Added hf mf info command to get UID/SAK/ATQA from slot (@Foxushka)
  • Added hw raw to send raw command to Chameleon (@Foxushka)
  • Added command to fetch all available commands from Chameleon and test if Chameleon supports it (@Foxushka)
  • Fixed ChameleonLite emulation bug (@spp2000)
  • Fixed MFC emulation issues with OEM readers, also temporarily disabling NFC_MF1_FAST_SIM (@xianglin1998)
  • Fixed Chameleon crash during BLE pairing (@Foxushka)
  • Fixed CLI takes into account Lite refusing to enter Reader mode (@doegox)
  • Added BLE Security support (@xianglin1998)
  • Added hw settings blekey to get and set ble connect key (@xianglin1998)
  • Added hw ble bonds clear to delete all ble bonds (@xianglin1998)
  • Fixed argument completion bug inserting additional hyphens (@szymex73)
  • Fixed device address not the same within app (@taichunmin)
  • Added initial version of the user guides (@GameTec-live)
  • Added support for pasting several command lines at once with prompt_toolkit (@doegox)
  • Added support for interrupting sleep sequence with a button press during animation (@doegox)
  • Fixed logs corruption and app reset on FDS write, added logs flush on sleep (@doegox)
  • Added support for long-press of buttons (@nemanjan00)
  • Changed hw slot delete, now it can always delete from slot (@augustozanellato)
  • Changed CI pipeline (@augustozanellato)
  • Added offline copy EM card uid for btnpress (@nemanjan00)
  • Added offline copy ic card uid for btnpress (@xianglin1998)
  • Added hw settings btnpress to get and set button press function (@xianglin1998)
  • Added hw battery to get battery information (@xianglin1998)
  • Added hw slot delete to delete HF or LF out of a HF+LF slot (@augustozanellato)
  • Changed CLI prompt autocompletion, saved history and internal cmd registration (@szymex73)
  • Fixed SDK NFC IRQ handler busy loop (@doegox)
  • Added hf mf eread to download slot dump to file (@domints)
  • Added lf em sim get and old lf em sim is now lf em sim set (@domints)
  • Changed MF1 command ids (@domints)
  • Changed nonce randomness on nested auth for hardnested attack (@Foxushka)
  • Added commands to configure MF1 emulation magic modes and more (@Foxushka)
  • Added hw factory_reset to wipe user data (@augustozanellato)
  • Changed slot nickname encoding gbk -> utf8 (@doegox)
  • Added 5-second watchdog (@doegox)
  • Added option to enable NRF_LOG UART on SWO pin (@doegox)
  • Added hw slot list (@Foxushka)
  • Added hw version (@nemanjan00 and @augustozanellato)
  • Fixed data sanity check in MF1 emulation (@sgnusov)
  • Fixed settings/dumps/nicks data corruption in flash (@doegox)
  • Fixed slot LED on button wake-up (@doegox)
  • Added support for init, reset and migrate settings (@augustozanellato)
  • Added support to save settings in flash (@domints)
  • Added hw settings animation to configure startup animation (@domints)
  • Fixed compilation warnings from SDK (@doegox)
  • Changed TagSenseType, TagSpecificType and SlotNumber enums (@F9Alejandro and @doegox)
  • Added support for 7-byte UID MF1 emulation (@xianglin1998)
  • Added high perf MF1 emulation (@xianglin1998)
  • Added udev rules file (@iceman1001)
  • Added documentation to use BlackMagicProbe out of ST-Link and show RTT NRF_LOG (@doegox)
  • Added hw chipid and hw address (@gentilkiwi)
  • Added helper scripts to enter DFU from USB or BLE and flash over DFU (@doegox)
  • Fixed recv thread exception after hw dfu (@doegox)
  • Fixed entering sleep after BLE disconnection (@doegox)
  • Added ChameleonLite and ChameleonUltra hardware resources (@xianglin1998)
  • Added NTAG21x emulation support (@ca1e)
  • Fixed LF EM410x emulation (@doegox)
  • Added automatic file format detection in hf mf eload (@GameTec-live)
  • Fixed CLI exit exception (@doegox)
  • Added CI pipeline, producing DFU packages (@augustozanellato)
  • Added docker toolchain (@augustozanellato)
  • Added automatic port detection (@GameTec-live)
  • Added GET_MF1_DETECTION_STATUS (@Foxushka)
  • Fixed compilation errors with GCC 12 (@Foxushka)
  • Added documentation for JLink (@xianglin1998)
  • Added support for ST-Link and debugging documentation (@derGraph)

New Contributors

Full Changelog: v1.0...v2.0.0

Basic Factory Firmware

21 Jun 11:51
Compare
Choose a tag to compare

What are the features of this release?

  • Factory production uses this version of firmware
  • Basic simulation card and decryption card functions have been implemented

chameleon_XXX_app_update.zip

This zip file is an APP update package that can be updated through NRFUTIL or NRF DFU APP.

XXX.hex

This hex file is all in one(SD + BOOT + APP) fw file. you can flash using debug probe like JLINK or XXXLink etc.

Source code.XXX

You don't even know what this is? go ask Chatgpt.