The Boscloner has been designed from the ground up to allow penetration testers and tech enthusiasts to build their own from the ground up with minimal effort. We provide full build instructions for both beginners and advanced users (soldering g0ds).
Now shipping all orders!!
iOS and Android Apps now Available!
The new iOS and Android apps work with v1.5 boards that have the new BLE module attached.
For those on v1.0 legacy boards with Bluetooth 2.0 (HC-05/06) modules, fear not! You can continue using the legacy Android app OR simply solder on a new BLE module. If you are a previous customer, I'll send you a BLE module free of charge. It only requires a few solder points to be connected. If you wish to purchase it yourself, this is the BLE module that the Boscloner v1.5 board has been developed and thoroughly tested with:
DSD TECH HM-10 Bluetooth 4.0 BLE iBeacon UART Module with 4PIN Base Board
The Boscloner/Proxmark3 (BC/PM3) board is based upon the available Proxmark3 design. The BC/PM3 has the added following features. The BC/PM3 board has added 2x 8 Pin headers which breakout the SPI bus and extra IO on the PM3 board. The extra headers are used to allow a Boscloner “shield” to be plugged into and communicate with the PM3 board. The Boscloner Shield is intended to act as a gateway to the PM3 which allows for custom commands and functionality to added to the base functionality of the PM3. The shield also allows for many types of additional functions to be added, some of which were used on the Boscloner Shield board.
See below images of the BC/PM3 and the attached Boscloner Shield.
PM3 Boscloner BOM:
PM3 Boscloner Shield BOM
To build the board, the user can order the parts from the supplied BOM and self build the board.
PM3 with Boscloner Shield
The Boscloner PM3 functionality is based upon the stock Proxmark ProxSpace project which contains all of the stock PM3 functionality. Instructions for setting using the Proxmark3 (all apply to using the Boscloner Proxmark3) can be found on the Proxmark3 github wiki here (https://github.com/Proxmark/proxmark3/wiki/Windows). The modified source code for the Boscloner project is available from the Boscloner source package (https://goo.gl/gdNiVp) and can be used as a basis for further adding additional custom functionality to the Boscloner/PM3 environment.
The Boscloner Shield (BCS) was designed as a shield to plug into the BC/PM3 board and add the following features.
The BCS can be built in two different ways to allow it to be easily assembled using off-the-shelf modules or to be professional built using standard SMT assembly processes.
The BCS uses standard SMT components to allow to be be easily assembled by any SMT assembly house. Or optionally, a user can hand-build the board using standard SMT parts from the supplied BOM.
Complete SMT build
The BCS was designed to allow for a number of off-the-shelf modules to be directly plugged in and soldered to additional headers on the board.
Adafruit 1.3” or .96” 128x64 OLED display
HC-06 / HC-05 Bluetooth module*
*Optional - any Bluetooth module with the same pinout can be used.
SD Card Module
Ebay SD Card Module: “TF Micro SD Card ModuleMini SD Card Module Memory Module For Arduino ARM”
Optionally, any SD module with the same pinout can be used.
Module Header Locations
The Boscloner shield uses a freescale kinetis MCU, which is a high performance and low cost processor very capable of handling any job that the user may want to do when working with the proxmark3 board. The source code was developed in Kinetis Design Studio (KDS) (http://www.nxp.com/products/software-and-tools/run-time-software/kinetis-software-and-tools/ides-for-kinetis-mcus/kinetis-design-studio-integrated-development-environment-ide:KDS_IDE) which is a free unlimited eclipse based IDE that users can use to modify the existing source to create their own custom functionality. The IDE runs on Linux or Windows OS. There are many types of additional functionality that could potentially be added to the Boscloner shield and new pieces of functionality can be easily added using this environment and the available source code.
The HID Maxiprox 5375 Long Range Reader can be purchased from a variety of sources, including eBay and Amazon. Expected average price is anywhere between $230 - $400:
The cable should be roughly 12” in length. The wiring should be as shown in the image:
Pin1: D0 connect to TB3-1
Pin2: D1 connect to TB3-2
Pin3: Ground connect to TB1-3 (with the power supply ground)
Custom Power Cable : See section “Maxiprox Boscloner Power Supply” for instructions
Lenmar Powerport 19V/5V Power Supply - PPU916RS
The supplied output power cable for the Lenmar will need to be cut and connected as shown below in order to power the Maxiprox from the Lenmar power supply.
Lenmar Power cable wiring
White = 19V Power - connect to TB1 pin1 as shown of the Maxiprox
Copper = Ground - Solder to Wiegand ground and connect to TB1 Pin3 of the Maxiprox header as shown.
The user can directly download the Boscloner APK application package from the download link (https://goo.gl/dEJUvA). There may be some warnings about installing an application from outside of the Google Play Store. Click OK on these warnings and install the Boscloner App.
Source code files for the Boscloner app for the purpose of revising the source code, adding features, etc.. can be found below:
2) Once the HC-06 / HC-05 has been paired, you can open the Boscloner app and connect to the HC-06 / HC-05. Select the HC06 / HC-05 from the drop down menu and press the Connect button. The pink “clone” button will light up and the terminal window will show “MCU ACK” (acknowledge).
3) The “Clone” button is enabled by default and will cause the Boscloner/PM3 to autoclone cards when the Maxiprox scans card data.
The terminal window will show the data that is “cloned” or “scanned” (only read and not cloned) in the terminal window. When a card is “cloned” the card ID will be stored in the “History” window of the App.
The user can view and clone card IDs directly from the “History” window from the Boscloner App.
4) To clone a stored history value. Click the “...” icon from the main window in the Boscloner App. This will bring up all stored ID values. Scroll to the ID you want to clone and Long Press the ID. A pop-up will ask you if you really want to clone this ID value. Click “OK” and the ID will be sent to the Boscloner/PM3 to be cloned. The result will be displayed on the OLED display of the Boscloner/PM3.
The Boscloner PM3 has the features outlined in the Overview section. The below image shows the given functions applicable to using the Boscloner to clone and scan cards.
Once the board is powered it will be “Auto-Clone” mode and once a card ID is received from the Wiegand Cable a clone will be run on the PM3 Board and LF Antenna. The display will update with events that are occurring. The Auto-Clone feature can be enabled or disabled using the left push button. Connect to the board using the Boscloner App to utilize more features.
Desired Future Features
Boscloner Real-World Use
Simple Faraday Cage
Created with a paper cup, wrapped with tin foil and duct tape on the outside of the cup.
Want your own Boscloner?
Please visit the official Boscloner GitHub for the latest firmware and software updates!