This week's pentestip demonstrates using the ChameleonMini to perform a standalone clone of a Mifare 1K tag. The ChameleonMini, and the ChameleonTiny are high-frequency RFID emulation devices - capable of emulating multiple chipsets, including Mifare 1K / 4K tags (with 4 & 7 byte UIDs), Ultralight & NTAG.
Beyond their emulation functionality, they can also perform MF32Key sniffing and cracking, which allows them to perform standalone cloning in certain circumstances. In this video, we show you how to perform a standalone Mifare 1K clone with the Chameleon Mini.
Check back every Friday for a new video. If you've got a tip that you'd like to see featured, just send us a tweet.
Is your iCopy-XS showing a "Boot Timeout" error? This is caused by a faulty or corrupted internal microSD card. Fortunately, it's an easy fix - no soldering or special tools required. Follow this guide to open the device, replace the microSD card, and flash a fresh image.
Bought a refurbished IoT device on Amazon? It might still be paired to the previous owner. Using a WHIDBoard Pro, we exploited a smart cooker's UART debug port to gain root access in minutes. From Android vulnerabilities to remote ADB shells, we weaponized this kitchen gadget - then installed DOOM for good measure. Refurbished doesn't mean factory reset.
Seduce sensors into spilling secrets, with the DigiLab by Lab401 and the FlipperZero. Within minutes, you can peek and poke directly into the memory of millions of modules. In this hands on tutorial, we pull temperature data directly from a LM75A temperature sensor - without anything but the DigiLab and Flipper. No Arduinos, no code, no fuss!
With Lab401's DigiLab and the FlipperZero you can interact directly with millions of modules that use I2C. What took hours now takes minutes! In this in-depth tutorial, we target a BMP280 barometric sensor: detection, identification, communication and data interpretation!