Based on the open-source RFID emulator ChameleonMini: https://github.com/emsec/
The ChameleonMini is a versatile contactless smartcard emulator compliant to NFC, ISO 14443 and ISO 15693. It has been designed and maintained by the Chair for Embedded Security of the Ruhr-University in Bochum.The freely programmable platform can be used to emulate and virtualize cards (perfect clones including the UID), for practical penetration testing.
Witness the ChameleonMini in action emulating a Mifare 1K tag.
Features of the ChameleonMini:
$125.00 USD $139.00 USD
In addition to monitoring bluetooth communications, the Ubertooth One can also be used as a 2.4Ghz spectrum analyzer.
WARNING: The Ubertooth One is test equipment for Bluetooth systems. It has not been tested for compliance with regulations governing transmission of radio signals. You are responsible for using your Ubertooth One legally.
The USB Armory Kit from Inverse Path is an open source hardware design, implementing a flash drive sized computer. The kit Includes a USB Armory, Enclosure and Host Adapter. The USB Armory Kit can be purchased with an SD Card + Adapter with Debian installed on it. With the SD Card it is an out of the box ready solution.
The compact USB powered device provides a platform for developing and running a variety of applications.
The security features of the USB Armory System on a Chip (SoC), combined with the openness of the board design, empower developers and users with a fully customizable USB trusted device for open and innovative personal security applications.
The hardware design features the Freescale i.MX53 processor, supporting advanced security features such as secure boot and ARM® TrustZone®.
The USB armory hardware is supported by standard software environments and requires very little customization effort. In fact vanilla Linux kernels and standard distributions run seamlessly on the tiny USB armory board.
The USB armory board has been created by Inverse Path to support the development of a variety of security applications.
The capability of emulating arbitrary USB devices in combination with the i.MX53 SoC speed, the security features and the flexible and fully customizable operating environment, makes the USB armory the ideal platform for all kinds of personal security applications.
The transparency of the open and minimal design for the USB armory hardware facilitates auditability and greatly limits the potentiality and scope of supply chain attacks.
The secure boot feature allows users to fuse verification keys that ensure only trusted firmware can be ever executed on a specific USB armory board.
The support for ARM® TrustZone®, in contrast to conventional TPMs, allows developers to engineer custom trusted platform modules by enforcing domain separation, between the "secure" and "normal" worlds, that propagates throughout all SoC components, and therefore not only limited to the CPU core.
An excellent overview of the technology and its support for the i.MX53 SoC can be found at the Genode framework project.
Proof of concept applications have already been tested and will soon be released.
The following example security application ideas illustrate the flexibility of the USB armory concept:
Standard connectivity options:
YARD Stick One is a sub-1 GHz wireless transceiver controlled directly from your computer. It uses the same radio circuit as the popular IM-Me. The radio functions that are possible by customizing IM-Me firmware are now at your fingertips when you attach YARD Stick One to a computer via USB. The YARD Stick One fits neatly inside our Ubertooth One Enclosure.
YARD Stick One (Yet Another Radio Dongle) comes with RfCat firmware installed, courtesy of atlas. RfCat allows you to control the wireless transceiver from an interactive Python shell or your own program running on your computer. YARD Stick One also has CC Bootloader installed, so you can upgrade RFCat or install your own firmware without any additional programming hardware.
Originally based on the ToorCon 14 Badge design, YARD Stick One has several featured not previously seen in CC1111 dongles:
Dignify your Uberooth with this custom polycarbonate case. This item does not include an Ubertooth One PCB, just the case and four screws. If you're looking for more than just an enclosure, check out the Wundertooth. The YARD Stick One fits neatly inside our Ubertooth One Enclosure.
The top piece is clear permitting the user to view the LEDs.
The PCB is mounted on 4 posts located on the bottom piece. The top and bottom pieces are fastened with screws.
The ACR122U NFC Reader is a PC-linked contactless smart card reader/writer developed based on the 13.56 MHz Contactless (RFID) Technology. Compliant with the ISO/IEC18092 standard for Near Field Communication (NFC), it supports not only Mifare® and ISO 14443 A and B cards but also all four types of NFC tags.
ACR122U is compliant with both CCID and PC/SC. It is a plug-and-play USB device allowing interoperability with different devices and applications. With an access speed of up to 424 kbps and a full USB speed of up to 12 Mbps, ACR122U can also read and write more quickly and efficiently. The proximity operating distance of ACR122U is up to 5 cm, depending on the type of contactless tag in use.
The ACR122U NFC Reader is ideal for both secure personal identity verification and online micro-payment transactions. Other applications of the ACR122U include access control, e-payment, e-ticketing for events and mass transit, toll road fare collection and network authentication.
The ACR122U is also useful in combination with the Proxmark3 for testing and verification.
Getting Started with the Proxmark3 Client on Windows, Linux, and Mac OS X.
sudo ./proxmark3 /dev/ttyACM0
$ sudo ./proxmark3 /dev/cu.usbmodem411
If you are having trouble reading a 134kHz tag here is the command you can use to read an EM4100 Tag with a Proxmark3.
proxmark3> lf em em410xwatch h Reading 8201 bytes from device memory Data fetched Samples @ 8 bits/smpl, decimation 1:1 Reading 8201 bytes from device memory Data fetched Samples @ 8 bits/smpl, decimation 1:1 EM410x pattern found: