New NFC Implant Toolkit Application

Hey everyone! I’m a longtime member here with the DangerousThings ecosystem, but aside from my participation in some of the earlier beta tests, I’ve been pretty quiet. Lately though, I’ve been trying to get more involved as I’m finding myself with a bit more time (and finally, a bit of pertinent knowledge) to play a more active role in the community.

Because of this, I wanted to share a project I’ve been working on. I’ve been making an Android application that is designed to provide common features that I find myself wanting to use with my NFC implants. The application itself is comparatively barebones to what I have in my head for it in the future, but I am actively working on it most evenings after work.

BioCom

The application is now live here: https://play.google.com/store/apps/details?id=com.hoker.biocom

Current features/options include:

  • Basic read/write options for Text NDEF records
  • Basic device information (damn fingerprinting these things is hard).
  • Erase NFC Tag contents (With true bit randomization)
  • Prompt for decryption on detection of PGP encrypted text payload (Demo here)

This started as a simple project to let me more easily decrypt PGP text record stored in my Gen1 flexDF so that all my personal info wasn’t just in plain text in my arm, but seeing that I have had some extra time as of late, I wanted to expand it into an actual “implant toolkit” application. I know that the application is pretty barebones right now, but I’m actively working on it, and am currently trying an idea I had where I can use Intent filters to filter for custom mime types for BioCom and, by extension, be able to store and retrieve actual files (.jpg, .mp3, .md, or custom mapped data) from NFC tags. I’m thinking that I can simply write raw bytes flagged with said mime type, thus allowing the application to know how to parse the retrieved bytes back into the original file type upon filter.

I’ve also got some P60 cards coming from Fidesmo in a few days that I want to start experimenting with. Hopefully I can get some Vivokey specific functionality figured out with a bit of tinkering.

Anyways, hopefully you guys can get some use out of it, and if not, I’ll be sure that you will in the future with a couple of updates:) For those of you with a Vivokey or high capacity tag implanted, I really do recommend giving the decryption feature a try out, as I honestly find myself using it ALL the time, and after about 1K of data, I find that encrypted with PGP doesn’t really add all that much size to a text payload.

If you like the application, be sure to leave a rating, as I’d really appreciate it!:slight_smile:

Lastly, if you’d like to tinker with it yourself at all, the project’s GitHub is here: GitHub

I’ll keep this post up to date as updates are finished.

12 Likes

That’s awesome, hoker! Thanks for giving back to the community.

This app is pretty nice. I like the UI. It only reads Text Records, right? I couldn’t get it to read URI Records. Here’s what I got when I ran the Tag Info for my NExT:


And my flexDF1:

I look forward to seeing where this goes as you continue to develop it :smiley:

2 Likes

Thanks man! URI detection isn’t in 1.0, just text/plain, but it is in my working branch I’ve got at home, so it will be up soon!:slight_smile:

Hey looks awsome! Love the UI, I’d love to see you able to scan a tag at the open screen without having to click read. (It supposedly works but dosent without a ndef on my s10?)

Question when writing how does it handle larger tags i.e. the xsiid

Just being picky now sorry :disappointed: reading my info on my xsiid it calls it a mifar ultralight its actually a NTAG I²C Plus 2K

1 Like

Thank you!! It does scan from the main screen, but yes, I need to add to the list of types it filters for. That’s actually nearly finished and ready for the next update:)

It works fine for me! I re-write messages to the flexDF in my right arm, as well as to an 8K NDEF emulator in my Vivokey without a hitch.

So this is interesting. The value of Mifare Ultralight is actually returned by your implant as its designated “type”. Same for my NTAG216 implants. To determine the exact “Model”, I still need to add additional fingerprinting logic (comparing storage capacities to datasheets, NFC Type comparison, etc.) as the tags themselves don’t really know what they are, if that makes sense. Definitely something planned for the near future though, just tedious:)

4 Likes

This is incredible!

@amal I think this would be a solid base for some of the features we were investigating?

2 Likes

Thank you! I’ll be pushing some updates to it soon that will add some missing functionality I know it needs.

I’ll be trying to get up to speed with Javacard development as soon as my Fidesmo cards come in, and I’ll probably be reaching out to you with questions every once in a while when I do.

I’d love to help with anything you’ve got in mind.:slight_smile:

Love the project :wink:
I got that with the nextflex:

1 Like

Thank you!

Nice! I plan on making the whole TagInfo page much more useful in the near future:)

1 Like

Just wanted to give you a heads up, tested it with ntag 210 212 213 215 216 today worked great.

I tried my xsiid (ntag i2c plus) it can write to first sector fine but not the second sector would be amazing if it could.

2 Likes

Sweet!

Yeah, I realized after I had the base text writing functionality, “wait, this will only write 1 record…”. So I plan on going back and adding almost like a running transaction object that is page persistent that you can add records to, and then be able to write the entire transaction as one NDEF message with children sub-records.

1 Like

the NTAG series has a GET_VERSION command you can toss at them… really helps not mis-identify an NTAG as ultralight

Nice! I’ll give that a shot

1 Like

love where this is going so far! any plans for an fdroid version at some point?

2 Likes

Thanks for the support!

Yes! I plan on looking into getting up on fdroid with R1.1!:slight_smile:

2 Likes

jep, same thing here with my flexnext, works fine!
And yeees, would be great to have on f-droid as well :wink:

1 Like

Feature suggestion that I haven’t seen anywhere else: the possibility to use the phone as a usb nfc reader for pc. That would also require a little python prog on the pc but nothing too complicated overall I think.
Good way to recycle old smartphones

4 Likes

@Rosco might be able to give you some more details, but he got that working for SiRFIDaL

2 Likes

Thats great but I’m mostly using windows on my home pc. A multi platform beginner friendly version is what I was thinking of

I looked into that a while back, and if I remember correctly, I believe it would require kernel alterations to the Android device to have it work correctly. I admittedly did not look for too long though, and I will definitely give a more in depth look here soon after I finish this update I’m working on for the app:)

1 Like