From 1b03632d8171771b0b807f9fbaa949aaefccb66d Mon Sep 17 00:00:00 2001 From: David Date: Mon, 18 Jul 2022 16:45:10 -0500 Subject: [PATCH] Update 31 Added FAQ --- FAQ.md | 122 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ README.md | 10 +++++ 2 files changed, 132 insertions(+) create mode 100644 FAQ.md diff --git a/FAQ.md b/FAQ.md new file mode 100644 index 00000000..75e8dbfb --- /dev/null +++ b/FAQ.md @@ -0,0 +1,122 @@ + + Flipper Zero FAQ + + + + + + + + + + + + + + +
Table of Contents
MetaGeneralSub-GHzNFC & RFIDInfrarediButtonBadUSBWiFi board
+ +## Preamble +- *This is a community FAQ. Please consider also reading the [Official docs](https://docs.flipperzero.one/).* +- *This FAQ is still being worked on, and contributions are welcome.* +- *If your question isn't answered here, **SEARCH** the [Discord](https://flipperzero.one/discord) and check pinned messages before asking there.* + +## Meta + +### What is Awesome Flipper Zero? +It's an [Awesome List](https://github.com/sindresorhus/awesome/blob/main/awesome.md) that I ([djsime1](https://dj.je)) created shortly after receiving Lurat, my lovely dolphin sidekick. + +## General +(TODO) + +## Sub-GHz + +### How do I hack my neighbors garage or unlock some random persons car?!? +Short answer: You don't. That's illegal, and NOT what Flipper was designed for. + +### What does "This frequency can only be used for RX in your region" mean? +Due to legal regulations, Flipper is not allowed to transmit on certain frequencies depending on your order location. +For more information, read this: https://docs.flipperzero.one/sub-ghz/frequencies +If you have no regard for laws, you can use custom firmwares such as Unleashed to bypass this restriction **at your own risk.** + +### How do I find the frequency of a device/transponder? +If it's a commonly used frequency, bring the device *really close* to the Flipper and use the Frequency analyzer. +If that didn't work, check for the device's FCC ID. It's legally required to be somewhere on the device if it's sold in the US. +Then, look up that ID on https://fccid.io. + +### I can't tune Flipper to capture a specific frequency. +(TODO) + +### I captured a garage/car/etc. signal, but it doesn't work when I replay it. +Unless the item of interest is extremely old, it probably uses rolling codes. Read more below. + +### What is a rolling code? +Think of it like this: Imagine your garage door was programmed to open whenever it received the code "1234" from a transponder. +This would be a static code, where a replay attack (Read RAW) would be able to open the garage. +Since replay attacks are so easy, most devices will shuffle the code after each use. +So the first time you open your garage, the transponder sends "1234" and the second time it sends "5678." +Rolling codes aren't that simple, but you get the gist. + +### I replayed a rolling code and now my original keyfob/transponder doesn't work. +You'll have to re-sync your old device manually, since it's now lagging behind on the rolling code. + +### What is a Debruin/Brute force code? +A brute force code tries every possible code for a specific bit length, however this is inefficient. +Example: 0001, 0002, 0003, 0004 ... 9998, 9999. +Debruin sequences are more efficient by merging multiple codes together. +Example: 365, 136, and 650 can all be found in 13650 by looking at 3 digits individually. + + +## NFC & RFID + +### Feature/Compatability table + +| Card name/type | Read | Write | Save | Emulate | Notes | +| :---------------: | :--: | :---: | :--: | :-----: | :--------------------: | +| Mifare Classic | X | | X | X | Emulation is hit/miss | +| Mifare DESFire | X | | | | | +| Mifare Ultralight | X | | X | X | Non-password protected | +| EMV Cards | X | | | | Can read bank cards | +| NTAG-21X | X | | X | X | | +| iClass/PicoPass | X | | | | Third-party app | +| EM4100/EM4102 | X | | X | X | | +| H10301 | X | | X | X | | +| Indala | X | | X | X | | +| T5577 | X | X | X | X | | + +### How do I identify which type of card I have? +Run the "Read card" action in the NFC app. If you don't see "NFC-A", your card is unfortunately unsupported. +Note that you've only read the card UID and type, *not the actual data.* For that you need to select the "Run compatible app" option. + +### Why can't I write an NFC tag? +Currently unsupported, but is being worked on. + +### Mifare Ultralight/NTAG was detected, but nothing happens when I'm trying to read the data. +This happens when the tag is password protected. There's no quick fix for this, but solutions are in the works. + +### Why does it take so long to read a Mifare Classic? +The data on Mifare Classic cards is split up into sections, and each section is protected by a key. +Flipper attempts to read the card by preforming a dictionary attack on the card using a bunch of common keys. +Some sectors will be unlocked, others won't be. + +### What does it mean when no sectors could be read on a Mifare Classic? +The data on Mifare Classic cards is split up into sections, and each section is protected by a key. +The read has failed, meaning the card didn't use any common keys. Workarounds are being developed. + +### What does it mean when some but not all sectors could be read on a Mifare Classic? +The data on Mifare Classic cards is split up into sections, and each section is protected by a key. +The read wasn't successful, but it didn't fail either. Some of the card's data was read and saved, but not all. +Even if not all sectors were read, it's still worth trying to use the partial save. + +### Why isn't Mifare Classic emulation working? +There are a number of reasons, some of which can be fixed while others can't. +Most prominently, the Flipper's NFC chip doesn't have hardware support for Mifare Classic, so it's been offloaded to the CPU. +However, the CPU's clock cycle can't conform to the exact (and strict) timings that Mifare Classics communicate with. +This means that some readers will respond to emulation, while others won't. This can not be fixed with firmware. + +### Why can't I save/emulate Mifare DESFire? +DESFire is a very complicated and much more secure protocol. There are no known attacks against it yet. + +### What are the .sha files in the NFC directory? +These are shadow files, and they're created whenever an emulated tag is written to. +They store a copy of the original file with whatever was written. This way, the original file remains untouched. \ No newline at end of file diff --git a/README.md b/README.md index 2a96f6df..822d95ca 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,11 @@
+ Awesome Flipper Zero
+

A collection of Awesome resources for the Flipper Zero device.

@@ -13,6 +15,14 @@ Hack the planet

+ +
+

+ 👋 New to Flipper Zero? Got questions?
+ Check out the FAQ Document❗ +

+
+