add wiki pages

This commit is contained in:
aanper
2020-08-15 09:57:12 +03:00
parent 7951fcc1ae
commit cbfc5fad53
25 changed files with 909 additions and 0 deletions

View File

@@ -0,0 +1,59 @@
![Flipper Zero RFID](https://habrastorage.org/webt/jd/fb/yb/jdfbybzgw6qvg5kjeuvfg8w0iou.png)
Low-frequency proximity cards are widely used in access control systems around the world. It's pretty dumb, keeps only a short few-byte ID, and has no authentication mechanism, allowing it to be easily read, cloned, and emulated by anyone. A 125 kHz antenna is located on the bottom of Flipper's body.
## Card types supported
### Mandatory
* EM400x, EM410x, EM420x
* HID Prox (Proxcard, ISOProx, ProxKey). Not project Keysy told: _Emulation not supported on multiClass readers, can still clone to rewritable_
* HID Indala (Motorola Indala)
* Write to T55x7 compatible keycard/keyfob
### Optional
* Noralsy (KCP3000)
* Farpointe Pyramid
* Keri (KC-10X, MT-10X, PKT-10X)
* Kantech ioProx
* DoorKing (DKProx) [Not DKProx Long Range]
* AWID (Low frequency only CS-AWID, GR-AWID, KT-AWID, PW-AWID)
Keysy note: (Emulation not supported, can still clone to rewritable)
* Radio Key (SecuraKey RKKT-01, RKKT-02)
* Viking
* Visa2000
* Schlage IBF iButton (RFID portion only)
### Exotic
* Pet tags
## Features
### Reading
* Read specific card type, save ID
* card type detection (testing all protocols one by one, and read ID if found)
### Emulation
* Emulate saved cards
* Enter card ID and card type manually to saved ID library
_You can also emulate the card by entering its ID manually, so you can easily send it to your friend in a text format. Thus, Flipper owners can exchange card dumps with each other remotely without ever touching a physical card._
### Write card
* Write to T55x7 compatible keycard/keyfob
## Links
* https://scanlime.org/2008/09/using-an-avr-as-an-rfid-tag/
* [ESP8266 em4100 emulator](https://github.com/Crypter/ESP-RFID)
* https://www.kickstarter.com/projects/1708444109/rfidler-a-software-defined-rfid-reader-writer-emul
* https://github.com/AlexMalov/EasyKeyDublicatorRFID
* https://shop.hak5.org/products/keysy
# UI
## Main menu
* Read
* Saved Keys
* Enter manually

View File

@@ -0,0 +1,6 @@
Bluetooth module will allow you to interact with Flipper using your smartphone, as well as transfer interfaces like UART and SPI to your computer wirelessly.
## Bluetooth Serial adapter
User can connect Flipper Zero to UART port via GPIO and get access via Bluetooth

3
wiki/features/GPIO.md Normal file
View File

@@ -0,0 +1,3 @@
Flipper Zero can be used as a versatile tool for hardware hacking. Its 12 built-in GPIO pins are 5V tolerant and allow you to connect it to any piece of hardware while running your own code, controlling it with buttons and printing debug messages to the LCD display.
You can use it as a handy firmware flashing, debugging, and fuzzing device, as well as USB to UART/SPI/I2C/etc adapter connected to the PC.

19
wiki/features/Infrared.md Normal file
View File

@@ -0,0 +1,19 @@
The infrared transmitter can send any signal to control electronics such as TV, air conditioners, stereo systems, and others.
## Signal library
Flipper contains a built-in library of common remote commands like switching on/off, changing volume or adjusting temperature, and so on. This library is constantly updated by Flipper community users that upload new signals to Flipper's IR remote database.
## Infrared learning feature
At the same time, the IR receiver can catch signals and save them to the memory, so you can store any of your personal remotes and transmit it later, as well as upload it to the public database to share with other Flipper users.
Flipper's infrared eye can automatically detect baud rate, frequency, and modulation of the IR signals it captures without any configuration. That allows you to easily capture and store signals from all your remotes and other IR appliances.
# UI
## Main menu
* Library
* Read
* Saved signals

22
wiki/features/NFC.md Normal file
View File

@@ -0,0 +1,22 @@
The NFC standard (ISO-14443) operates at 13.56MHz. We are going to use the ST25R3916 chip, the same chip as used in the HydraNFC project.
Supported cards:
* ISO-14443 tag (mifare?) reading & writing & emulation
* Emulation — Mifare Classic & Ultralight
## Reader mode
## Write mode
## Emulate mode
# UI
### NFC
* Reader
* Emaulte

6
wiki/features/Plugins.md Normal file
View File

@@ -0,0 +1,6 @@
Users can add their own applications. Third party apps placed in `Plugins` menu.
## Plugins list
* USB -> UART
* Servo

View File

@@ -0,0 +1,49 @@
To communicate with the real world systems, Flipper Zero has a built-in radio module based on TI CC1101 chip. It supports both transmitting and receiving digital signals within the 300-928 MHz frequency range. This is the operating range for a wide class of devices and access control systems such as garage doors remotes, boom barriers, IoT sensors, and remote keyless systems.
Out of the box, Flipper Zero can emulate remotes for popular garage doors and barriers. You can keep hundreds of remotes in Flipper's memory as well as create a blank remote for the new wireless gate. Just select the right brand of the system in the Flipper menu, register a new key in your garage/barrier receiver, and give it a unique name for easy navigation between your remotes.
CC1101 is well known universal transceiver designed for low-power wireless applications. And with a ready-to-use open-source library, developers can interact with the radio subsystem without limitations. You can write any wireless application, like custom protocol or decoder, as well as use it for connecting with IoT devices and access systems.
## Frequency Scaner (Spectrum analyzer)
User should be able to detect which frequency used in specific device. For example detect if unknown remote transmit on 433MHz or 868MHz
![frequency scan example](https://github.com/Flipper-Zero/wiki/raw/master/images/rf_scan.png)
## Signal Analyzer
Detect frequency and modulation:
* ASK
* FSK
## Protocol Decoder
* Works on 315/433/868 MHz
Flipper Zero has an integrated decoder for popular remote control algorithms such as Keeloq and others, so you can analyze an unknown radio system to figure out the protocol under the hood.
## Signal recorder
Furthermore, Flipper can record the samples of radio signals to analyze it later with more sophisticated tools on the computer, as well as replay the saved samples. Many remotes and IoT devices such as doorbells, sensors, and radio sockets don't use any encryption at all — in this case, Flipper can replay the signal, even if the protocol wasn't recognized.
### Protocol Decoder demo
https://www.youtube.com/watch?v=AeCGLFKsxCU
* Detect protocol and parse it
* Analyze if it's secure on not
## Common Dummy Remote
User can use flipper as normal dummy remote for their own reciever like garage door.
For this flipper should have library of popular remotes brands.
# UI
## Main menu
* Sniffer
* Saved

View File

@@ -0,0 +1,3 @@
* Dolphin Levels — каждое активное хакерское действие увеличивает уровень дельфина
* Dolphin emotional status — если долго не играть, то дельфин начинает вести себя тупо, становится неактивным, заванивается, протухает
* Dolphin games

9
wiki/features/U2F.md Normal file
View File

@@ -0,0 +1,9 @@
Flipper Zero can act as a fully functional U2F key, that works with any U2F-enabled services such as Google, Twitter, Facebook, Dropbox, LastPass, Amazon AWS, and many others.
Universal 2nd Factor (U2F) protocol is an open standard for hardware security tokens used for secure authentication. Developed by Google, Yubico, and NXP, U2F acts as a universal key that is designed to add another layer to the traditional login+password authentication method.
Even if your password gets compromised, an attacker will not be able to log in to your account. This method is much stronger than the usual SMS 2nd-factor method, as it doesnt involve any third-parties like a cell phone operator.
### Links
https://github.com/solokeys/solo

19
wiki/features/USB.md Normal file
View File

@@ -0,0 +1,19 @@
As we all know, computers completely trust connected input devices like mouse and keyboard. Flipper Zero can emulate a USB slave device, allowing it to be recognized by the computer as a regular input device, such as HID keyboard or Ethernet adapter, just as USB Rubber Ducky. You can write your own keyboard payloads to type any key sequence, as well as fuzzing USB stack on a target device.
## Flashing firwmare (HID mode)
Firmware mode activating only when chosen from menu.
## Bad USB mode
Allow user to run scripts from menu. User should choose script before connecting to victim PC.
## USB Serial mode
GPIO can act as UART/I2C/SPI so user can use Flipper as PC serial adapter.
# UI
### Firmware update
### Bad USB
* Payloads
* Settings

View File

@@ -0,0 +1,22 @@
Flipper Zero has a built-in 1-Wire pad to read iButton (DS1990A) keys, also known as TouchMemory or Dallas keys. This technology is quite old but still widely used around the world. It's based on 1-Wire protocol and doesn't have any authentication, so Flipper can easily read these keys, save IDs into the memory, write IDs to blank keys, and emulate the key itself.
* **Reading & Writing & Emulating**
* **Protocol detection**: юзер может определить тип ключа поднося ключ к флипперу и тип считывателя поднося флиппер к домофону (цифрал, даллас и т.д.)
<img width="300" src="https://github.com/Flipper-Zero/wiki/raw/master/images/ibutton/P1020756.jpg" />
## Reading
`iButton(1-Wire) -> Reading`
Flipper will wait for iButton tag. While waiting red LED is blinking.
Lean tag on iButton reader in the back side of Flipper Zero:
<img width="300" src="https://github.com/Flipper-Zero/wiki/raw/master/images/ibutton/read1.jpeg" />
# UI
## Main menu
* Read
* Saved Keys
* Enter manually