Chameleon Mini RevE rebooted Usage

Summary

Functionality and usage of Chameleon Mini RevE rebooted

Requirements

• Operating systems are referred as:
  • Linux: Ubuntu 18.04 bionic amd64
  • Windows: Windows 10 (tested in a VM)

Description

Functionality of Chameleon Mini RevE rebooted

Chameleon Mini RevE rebooted has 8 card slots to simulate cards/UIDs, each slot can be set in an own configuration mode to

• simulate cards/UIDs to readers
• help getting a first auth key from a dialogue with a reader
• only first slot allows up to 4K dumps/uploads because of memory limitations
• the default firmware can only configure MIFARE cards
• RevE does not copy cards

Chameleon Mini RevE rebooted is a stand-alone device powered by CR2032 button battery

Card configurations supported by default firmware

• NONE: No functionality, ChameleonMini does nothing, the current setting is skipped when cycling through the settings
• MF_ULTRALIGHT: Emulates a MiFare Ultralight card
• MF_ULTRALIGHT_EV1_80B: Emulates a MiFare Ultralight EV1 80B card
• MF_ULTRALIGHT_EV1_164B: Emulates a MiFare Ultralight EV1 164B card
• MF_CLASSIC_1K: Emulates a MiFare Classic 1k card
• MF_CLASSIC_4K: Emulates a MiFare Classic 4k card
• MF_CLASSIC_1K_7B: Emulates a MiFare Classic 1k card with 7b UID
• MF_CLASSIC_4K_7B: Emulates a MiFare Classic 4k card with 7b UID
• MF_DETECTION: Emulates a MiFare Classic 1k card and saves nonces which can be used for mfkey32 attack in GUI

(Source: https://github.com/iceman1001/ChameleonMini-rebooted/wiki/Configurations, Feb 2,2020)

Hardware Description

• Red Leds on left side:

- 8 red LEDs which indicate the active slot

• Black Button - "KEY":

- “short press” referred as BUTTON in commands and GUI and let you switch the active slot

- “long press” - BUTTON_LONG

- “long press while plugging USB cable” - BOOTLOADER Mode

• Red Buttern - "POWER":

- used to power on the device when used stand-alone on battery

Device Recognition

Linux

The linux kernel recognizes a usb device from the idVendor 03eb with the product id 2fe4

   dmesg | grep usb
   [  167.571731] usb 1-3: USB disconnect, device number 3
   [  180.768751] usb 1-3: new full-speed USB device number 11 using xhci_hcd
   [  180.917821] usb 1-3: New USB device found, idVendor=03eb, idProduct=2fe4, bcdDevice= 0.04
   [  180.917829] usb 1-3: New USB device strings: Mfr=0, Product=0, SerialNumber=0
   

The chameleon RevE is seen as a USB modem

   lsusb
   Bus 001 Device 011: ID 03eb:2fe4 Atmel Corp. ATxmega32A4U DFU bootloader
   

Windows

• in the Windows device manager should appear an Atmel USB Device: ATxmega32A4U

![]()

• On start of the Windows GUI (https://github.com/iceman1001/ChameleonMini-rebootedGUI) the device should be recogniced with

GUI Usage

Used Hardware

Chameleon Mini: RevE Rebooted

References

• Wiki: https://github.com/iceman1001/ChameleonMini-rebooted/wiki
• Linux GUI: https://github.com/WolfgangMau/chamgo-qt/releases
• Windows GUI: https://github.com/iceman1001/ChameleonMini-rebootedGUI
• Product description: https://lab401.com/products/chameleon-mini-reve-rebooted