Unleash the Chameleons!

June 17, 2015

The ChameleonMini prototypes have been fabricated and tested! This blog post demonstrates how the ChameleonMini can emulate contactless smart cards.

These images show our ChameleonMini prototypes and the major components on the boards:

The Chameleon Mini can be controlled in Linux using cu, minicom, socat (ex. "socat - /dev/ttyACM0,crnl"), and others. Let’s use minicom to check out the features of the Chameleon Mini. We can check the device version by using the command “version?”

 

First, we can view the configuration of the ChameleonMini by using the “config?” command. You can view all supported configurations by typing “config”. We can change the configuration by using the “config=” command. Let’s change the configuration so that the Chameleon Mini will emulate Mifare Classic 1k cards:

Configuring the operating mode of the ChameleonMini

Next, we can use the Chameleon Mini to emulate a Mifare Classic 1K smart card by changing the unique identifier (UID). By using the “uid?” command we can see that the UID is currently set to 00000000. Let’s change this to the arbitrary value of ABCD1234 by using the “uid=” command.

Finally, we will try to connect to the Chameleon Mini and read this new UID using our own ACR122U USB NFC reader.

ChameleonMini being read by an ACR122U

The Mifare Reader software used for the USB NFC reader shows that connection to the Chameleon Mini was successful. The UID is displayed below and matches what we set the Chameleon Mini to emulate!

Buy your ChameleonMini Today!






Also in Blog

Black Hat / Defcon Sale - 2017
Black Hat / Defcon Sale - 2017

July 12, 2017

Save 10% plus free shipping on purchase of $300 or more.

View full article →

Getting Started with MagSpoof R3 firmware on macOS
Getting Started with MagSpoof R3 firmware on macOS

April 25, 2017

Follow this step by step guide to get started using the MagSpoof R3 firmware on macOS.

View full article →

MagSpoof R3 on GitHub
MagSpoof R3 on GitHub

April 25, 2017

Hardware and software sources for the MagSpoof R3 are now available at https://github.com/RyscCorp/magspoof_r3.

 

 

View full article →