github jaylikesbunda/Ghost_ESP v1.8
on GitHub

latest releases: prerelease-20260205-131043-11536c7, prerelease-20260204-141136-3c6235b, prerelease-20260203-123645-5e2ddeb...
3 months ago

Revival v1.8

TL;DR

  • PN532 and Chameleon Ultra support for NTAG and MIFARE Classic (read/write, NDEF, Flipper exports)
  • Cardputer ADV, optional secondary status display and IO expander support
  • WebUI redesign, 2 new main menu layouts
  • Karma attack and 802.15.4 packet capture on C5/C6
  • Heartbeat-based auto-reconnect for dual communication, stability fixes, and QoL improvements
  • Miscellaneous fixes across core, display, Wi‑Fi/BLE, DNS, IR, and wardriving

Added

NFC

PN532
  • NTAG (Type 2) support: read/write NTAG213/215/216 with NDEF parsing and save to Flipper .nfc format
  • MIFARE Classic support (Mini/1K/4K): Flipper dictionary attack, magic backdoor detection, and NDEF TLV parsing
  • File management: 'Saved' menu for .nfc files and 'User Keys' view for /mnt/ghostesp/nfc/mfc_user_dict.nfc
Chameleon Ultra
  • CLI support: connect/disconnect, status/battery, reader/emulator toggles - @tototo31
  • UI support: PN532 parity with cached details, More/Save flows and dictionary attack
  • NTAG and Mifare Classic NDEF parsing, Flipper .nfc exports from chameleon savehf/savedump/saventag - @tototo31, @jaylikesbunda

Hardware

  • Added support for Cardputer ADV
  • Added Kconfig support for a secondary status display
  • Added Kconfig support for IO Expander - @Play2BReal
  • Added heartbeat-based auto-reconnect for dual communication

UI

  • Added 2 alternate main menu layouts (Grid and List)
  • Ghost (asset by @the1anonlypr3) and Game of Life idle animations for status display
  • Added command history with up/down navigation and full in-line cursor editing to the serial console - @tototo31
  • Added joystick support for keyboard input in terminal view - @tototo31
  • Added 'set/getneopixelbrightness' commands and ability to set settings via CLI - @tototo31

Attacks

  • Added 802.15.4 packet capture (only on C5, C6)
  • Added karma attack - @tototo31 in #108

Misc

  • Added glog - a lightweight logging helper

Changed

UI

  • Use a fixed-size active-key buffer for keyboard
  • Refactor popups to use reusable popup helpers
  • Refactor options menu to use reusable options view helpers
  • Refactor touch keyboard view to significantly reduce memory usage
  • Enabled software back buttons made for encoder controls on joystick too
  • Size popup buttons based on what's in them
  • WebUI redesign (Part 2)
  • Organise BLE menu into hierarchical sub-menus - @tototo31
  • Lowered LV_MEM_SIZE from 32KB to 16KB on most display configs

Attacks

  • Flush PCAP and CSV data to SD Card on a timer
  • EAPOL capture now captures extra packet types for cracking and detects when a crackable handshake is found
  • Added a summary log when starting a packet capture and reduce filter stats frequency

Misc

  • Lowered pineap task size
  • Changed the C5 to use a single display buffer to save memory
  • Reduce VFS allocation unit size to 4KB
  • Cap displayed WiFi APs to 50 for 'scanap' output
  • Refactor comm manager to centralize packet handling, add state mutex and handshake timeout, and guard UART driver install
  • If dualcomm is set to pins used by the serial UART, disable the serial UART
  • Update main menu icons to RGB565A8
  • Refactored dualcomm logic to be more robust
  • lower all CYD LVGL memory buffers to 16KB and swap to single buffer for display

Bug Fixes

Core

  • Fixed intermittent IR learning errors by properly owning and copying received RMT symbol data before passing from ISR to task.
  • Fixed memory leak, race conditions and add buffer error handling in pcap.c
  • Track SPI host/mount state and only free initialized SPI host on unmount
  • Added NMEA handle null-checks
  • Flush PCAP header on open and close PCAP on generic stop command
  • Miscellaneous fixes and improvements
  • Small miscellaneous memory saves
  • Fixed RMT channel allocation on C5 to prevent conflicts with IR TX
  • Disable duplicate filtering in general BLE scanning
  • Removed heap alloc per command
  • Added deletions for VisualizerHandle on disconnect/stop and rgb_effect_task_handle on rgb off/stop to prevent lingering tasks
  • Removed second mdns init call
  • Preallocate handlers array, remove reallocs; replace last_company_id malloc with value+flag in BLE manager
  • Free all LED strip resources on deinit
  • Ignore self when discovering peers for dual comm
  • Prevent crash and spam in EAPOL Logoff attack
  • Fixed minor issues with the dns server
  • Fixed BLE capture stopping itself after recieving an event
  • Added sanity checks to IE parsing to prevent OOB reads
  • Accepted HCI packet types now include CMD, ACL, SCO, and ISO
  • Reduce heap churn by reusing a single 4KB transfer buffer in wifi manager streaming
  • Significantly improve reliability of capturing wifi frames
  • Remove arbitrary limitation on the lines of text in the webUI dual comm terminal
  • Fixed an issue causing potential corruption of pcaps saved to the Flipper Zero
  • Fixed wardriving encryption detection
  • Wardriving now properly hops channels for AP scanning

Display

  • Possible fix for random rotation of ST7789 displays upon flashing
  • Joystick builds now use touch keyboard layout with selection highlighting and navigation
  • Fix keyboard not using SHIFT correctly and the keyboard view forcing lowercase
  • Remove artificial delay in cardputer keyboard task to make more responsive
  • Improve and refactor terminal message handling
  • Remove key highlight on touch only devices for the keyboard view
  • Fixed duplicate back button and wrong red styling in universals IR view
Check out latest releases or
releases around jaylikesbunda/Ghost_ESP v1.8

Don't miss a new Ghost_ESP release

NewReleases is sending notifications on new releases.

Get notifications