Maxim’s iButtons, which are small ICs in button-sized disks, are starting to show up in more and more places. They have a range of uses, from temperature loggers to identification, and all use the 1-wire protocol to communicate. Over a furrtek, they hacked an iButton used for buying things from vending machines and created an infinite money cheat. They built a small rig based on the ATmega8 to read and write data to the chip. The data was encrypted, so it wasn’t feasible to put an arbitrary amount on the card. Instead, they used a similar technique to the Boston subway hack and restored a previous state to the iButton after something was bought. They also created a hand-held device to backup and restore the contents of a button for portable hacking.
[Thanks furrtek]
As much as I like iButtons, this is the fault of whatever engineer decided that it was a good idea to use the NVRAM button instead of one of the secure buttons. The DS1961S or DS1991 would have been a much better choice.
Otherwise, they may as well just use MMC cards.
Our device has been used for years to duplicate iButton DS1990 successfully. It is very lowcost and can emulate any serial number. etipo01@gmail.com
Where can i get this emulator for a dallas 1991 Ibutton i have 1 1991 ibutton but i need 20 thanks
agreed, the secure buttons are more difficult to do anything with and i’ve noticed more and more companies using them instead. actually i’ve not even seen any nvram buttons for use with any security type situations around here. heck even arcade games use the secure ones, look at megatouch games, the use the secure buttons to determine which version of their software the machine is able to run.
Remember that the person who has given you the iButton has most likely recorded your serial number and probably checks the audit records of who’s buying what and how much and how much money they actually pay in. You may just find yourself looking at something a lot more expensive if they figure out someone’s been messing with (read stealing from) their vending system.
True that they may audit serial numbers and that stuff, but if there are self serve recharge machines, and you can just buy any DS1992 buttons from another source, and load $10 on one of them, then it would be a lot harder to track down.
The epic fail is the replay attack working, because of no tracking whatsoever, between vending machines, or even on the one machine itself.
As I remember each ibutton has a unique 64-bit id number so if the vending machine does log each transactions with the time and date then it would be only a waiting game before you were caught on CCTV once they realised what was going on!
Nonsecure iButtons work great as a key (until they get skimmed of course).
Anyway, You can buy an iButton-to-RJ11 cable off-the-shelf and hook up an emulator for more fun.
They did not hack an iButton. The company that uses the damn thing were morons and used a cheap non protected ibutton. They “hacked” a moron system.
it’s not hacking if the maker was a bag of retards and used a standard ibutton instead of a crypto one.
Call me when they actually hack an ibutton instead of something that some idiot screwed up.
I WOULD LOVE TO DATE A COUGAR LOL, epic fail
it’s sad to see that spammers are getting on this website now :[
This is what happens when you depend on security through not all that obscurity.
Where are these ibuttons being used?
And they probably arn’t monitoring the logs until after they notice a big difference in money/product. After all, they probably think these things are 100% secure, or not common knowledge like the coke soda trick.
These are used as keys at my apartments, but I’m almost certain that they use the iButtons that only contain a fixed number. They claim that they’re unduplicatable. I want to prove them wrong, but I doubt they would appreciate my white-hat endeavors.
It’s worth noting that maxim is very generous with sending out free sample parts, including many items from their ibutton line. check their website for details.
About those used as keys: we are also building an even simpler device that can emulate a DS1990 with any serial number. So yes, they’re very easily duplicatable.
@jan: The DS1991 was broken years ago and, AFAIK, has not been fixed… http://tinyurl.com/nwz54v
I am looking for emulator of Dallas DS1990 , please whoever know source for it to advise me
Our device has been used for years to duplicate iButton DS1990 successfully. It is very lowcost and can emulate any serial number. etipo01@gmail.com
i need to hack the i-button on my e-range key in order to get free golf range balls at the local course so I can practice for free. How do I go about this?
Succeeded ?
same here i wish there was a hack to get free range balls out of that machine with my e-range key
If you need a device to emulate the DS1990, contact us at etipo01@gmail.com.
For educational use only!
We still have it!
DS1990 simulator.
Micro-controller based unit.
etipo01@gmail.com
does the simulator simulate DS1990A and DS1990A?
THANKS.
**DS1990A and DS1990R
I have a ds ibutton 1991 and 9091 b adapter, only that he has a password ibutton I can copy it?
Is ther anyone out there that can help me hack a DS1971-F5 i button
I had a break in and the i button coder was stolen.
I hope someone out there can help.
Andy if you did it could you explain how?
I am also interested in this…! Is it possible to copy contents of this DS1971 to , for instance, a DS1990A??
I have a ds1971 f5 as a golf range key. If I did find a copier, does the ibutton only contain my profile, or does it also have my balance as well? Basically, would I be able to fill one button with $50 and then keep copying the filled button to other buttons and have the $50 balance on every key? Or is the driving range dispenser hooked up to a system that keeps track of my balance?
Might be a bit late to the party, but did anyone get an answer. I do have the same questions
I think it only contains a serial number if I understand the Dallas format correctly. So I think you could emulate or copy keys but the balance is stored elsewhere.
https://blog.flipperzero.one/taming-ibutton/
Do you have ansWer?
Does anybody knows how to emulate a DS 1963 L Ibutton?
have you found any answer? i need it as well
I am working on a project with the same device. did you have any luck?