This Makes Hacking TOO Easy - Flipper Zero

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

it looks like a children's toy but it's actually one of the most versatile hacking tools to ever hit the market and if you've been on Tick Tock in the last six months there's a good chance you've seen people using it to change gas station signs set off department store PA systems and open up Tesla charging ports it's been deemed so nefarious that even though it is legal shipments have been seized in the U.S Brazil and Israel which kind of makes sense because out of the box The Flipper zero can read and emulate NFC RFID infrared and I button devices and even more worrisome is its ability to read and emulate sub gigahertz frequencies like the ones used in car keys garage doors motion sensors doorbells and more rest assured if there's a wireless device this thing can find a way to attack it disrupt it or become it which seems concerning right but does it actually pose a risk to society or is the hysteria simply a knee-jerk reaction from the uninformed when we're done with the flipper zero you're going to know what's true and what is hazardous clickbait misinformation you'll also know about our sponsor build Redux hey Gamers tired of choppy performance and inconsistent frame rates level up your gaming experience with build Redux they'll have your new pc built and shipped directly to your doorstep check them out at the link in the video description the fact of the matter is that once you cut through the marketing and the fud the actual capabilities of The Flipper 0 are not only limited but can almost entirely be replicated using an Arduino or a Raspberry Pi along with readily available add-on boards take for example the sub gigahertz transceiver feature which mischievous folks are using to change gas lines open locks and Gates and set off customer service announcements in Walgreens customer service needed in the coffin coal Department according to Flipper's documentation sub gigahertz is handled by the Texas instrument cc1101 a chip that's been around since at least 2007 and can be purchased on Amazon complete with antenna breakout board and free shipping for less than 10 dollars so is it bad that any slack jaw Yokel can go around changing the price shown on gas station signs well probably but let's look at the bigger picture here if you owned a gas station would you rather some kid came along and pranked your sign in a totally reversible manner or would you rather that the vulnerability was exploited by someone else someone with the kind of skills to take that 10 Amazon purchase and turn it into a far more costly incident speaking from recent personal experience I'll take the mostly harmless reminder to harden my security eight days out of the week the good news is that the remedy is relatively simple instead of sending the same code each time for a particular action a rolling Code system uses its key hash and counter to cryptographically generate a new code each time an action is performed the receiver stores a list of upcoming codes and checks the sent code against those just in case a few were missed once a code is used it's removed from the list of valid codes and the new code is generated according to Anna prospectova flippers head of sales the zero is specifically designed to not break these systems problem solved then well sort of there's bad news too while Ms prospectova seems proud that Flipper's moral code is strict enough that you don't need to worry about your car being stolen with a zero she also points out that not only can rolling codes be beaten but that if a device that performs such function existed it would also be legal and while they might not be as viral she is absolutely right there are plenty of other hacking gadgets like this one from Great Scott gadgets that do exist can beat rolling codes and are legal the hack RF was first demonstrated in 2015 at Defcon and its party trick is that it can both jam and read the same RF signals as The Flipper zero this setup allows it to collect two codes from the transmitter pass one of them along so the target doesn't get suspicious and then keep the stolen code then as long as it stays in jamming range it can continue to steal new codes and perform actions against the target at will or assuming it can steal enough codes you can even make an attempt at decrypting the key the point here though is not that you shouldn't bother updating to a rolling Code system but rather that there are much more sophisticated attacks out there and if the flipper zero was all it took to hack your Mainframe you should be grateful for the wake-up call but what about low frequency RFID the kind that might be used to open doors at an apartment building The Flipper can read save emulate and even brute force them I find this function pretty unnerving personally in the wrong hands it could be extremely dangerous or even fatal and in many cases the victim would have no power to update the security practices of say the hotel they're staying in or the poorly maintained apartment that they rent but we've got to remember once again that the flipper zero isn't doing anything particularly game changing here other than alerting us to the availability of these tools as a method of copying tags The Flipper zero is only useful if there's either very old encryption or not on at all if you were worried about something more modern like the RFID on your passport getting stolen it's probably not an issue since that's encrypted it should be noted that the key is the passport's document number expiry date and date of birth which is why you should always keep your passport in a safe place like the RFID blocking pocket of the LTT backpack lttstore.com now I know I said that it can Brute Force RFID locks as well thankfully most RFID readers only read every few seconds as a way to combat this sort of attack so if you were to see a flipper zero used to crack the vault in a movie Heist you would know that the writers are taking some artistic Liberties one thing the RFID reader is quite useful for though is reading pet microchips while they may sometimes be encrypted it's not uncommon for them to just be raw data and most countries that use them have some sort of central database these databases probably won't tell you any owner info but they will at least tell you what agency to get in contact with to get a Lost Pet back to its family yay now NFC is a subset of RFID though at higher frequencies and The Flipper 0 can read write and emulate NFC as well as before the zero then can hack devices that are using older encryption like me Fair Classic but if you present it with anything newer it won't be useful for much one exception to that though is tap to pay credit cards which will spit out a fair bit of easily readable information though it shouldn't include the postal or zip code card holder name or CVV so the attacker will likely also need access to the physical card in order to actually use it by which point they might as well just snap a picture rather than use a high-tech doohickey it's even less of a danger reading a tap to pay credit card on someone's phone since banking apps typically add an extra security layer by generating a new number for each payment similarly things like Transit cards will only allow you to read the uid not the full contents required for it to be usable transit systems that do have security flaws related to their NFC are often quick to patch it to as happened here in Vancouver when translinks tapped pay system rolled out in 2016. the ability to rewrite single-use cards was being exploited by people who were using their Androids NFC system if you've got a Nintendo switch you might find one good use case for the NFC is to emulate amiibos but once again you can get similar functionality with an Android phone this time by using a bunch of single-use NFC 215 tags that can be purchased for about 30 cents a pop on Amazon another functionality you could get with the flipper zero but could also get with an Android device is bad USB if you've seen our video on the USB rubber ducky bad USB is very similar it's a keyboard emulator that can be used to stealthily execute macros and scripts on a Target device using an unlicensed version of the ducky script coding language when we spoke to Jacobi the creator of the largest bad USB repo on GitHub as well as the top contributor to the payload hub for the rubber ducky they said when compared against something like the rubber ducky or the OMG cable The Flipper 0 doesn't stand a chance as far as performance goes but to plug it in behind someone's setup it could be controlled with your phone and then the danger rating is no longer determined by the device itself but rather by the creativity of the threat actor Ah that's an interesting and important point we're already recognizing this pattern where anything The Flipper zero can do something else can do and may be better but it's the versatility that sets it apart The Flipper zero can be controlled remotely from both phones and computers using their extremely slick apps qflipper also works on the steam deck as demonstrated in this Reddit post by the flipper zero CEO while this type of Wireless attack could be dangerous on its own a particularly ingenious nerdul could take things much further with the Zero's general purpose in and out pins through gpio add-on boards can be used to tack on features like Wi-Fi a camera or 2.4 gigahertz RF it just so happens that Logitech unifying receivers also use 2.4 gigahertz RF signals with the addition then of less than five dollars worth of electronics the xero is able to connect to Old unpatched Logitech receivers and execute bad USB ducky script without ever having to touch the computer that's a big yikes but it still doesn't change our main point so could a pie or an Arduino or realistically an Android phone so yes the sky is the limit when it comes to the capabilities of a microcontroller and a robust gpio system I mean we've seen Geiger counters light meters ultrasonic distance sensors and there's plenty of people working on new additions but the device is not the danger it's the Ingenuity of people and the power of the community that flipper devices Inc has built around their particular Gadget I mean it's an incredible success story starting out as a Kickstarter campaign The Flipper zero raised 5 million dollars and then this is the really shocking part delivered fully on its promises not only did The Flipper team Peak the interest of tens of thousands of people they fostered a community that's willing to innovate and evangelize which has pushed their Niche Gadget into the mainstream Spotlight and turned it into a true Swiss army knife of hacking devices and if the current momentum is any indication new add-ons programs and custom firmware are going to continue to to extend the lifespan and utility of the device as time goes on is it as good for gaming as a Nintendo switch as stealthy as a rubber ducky as a moral as a hack rf1 no but for something so pocketable it is shockingly decent and all of these things without crossing the line into illegality whatever scary stories might have been told by sensationalist media personalities from our point of view then the flipper zero has the potential for mischief and much worse but it also has legitimate uses the best of which is to find out if you're vulnerable to attacks that would cost a determined butt head less than a 4K monthly subscription to float plane without actually getting hit by them then once you're sure you're safe from the plethora of basic vectors that it can perform well you still have yourself a cute little electronic dolphin friend that can play Doom uh what it can't do yet though is Segway to our sponsor Squarespace if you want to build a brand online you need a website but if you just learned how to turn on the little flashlight on your phone how are you going to build the whole website well Squarespace can help they're the one stop no frills all-in-one platform for expanding your presence on the internet Squarespace lets you build beautiful websites engage with your audience and sell anything and everything from products to content without needing to spend four years getting a website building degree we love Squarespace so much we use it here at OMG for LTX Expo atlantismediagroup.com and it's custom templates make it easy to stand out with a plethora of themes and customization options to fit your needs you can maximize your visibility thanks to a suite of integrated SEO features there's also analytic insights to help you optimize for performance so you can see what's working well and What needs tweaking get started today and head to squarespace.com forward slash LTT to get 10 off your first purchase if you enjoyed this video check out the shenanigans we got into with the USB rubber ducky why are these devices so cutely named when they're so Insidious

Info

Channel: Linus Tech Tips

Views: 5,682,877

Rating: undefined out of 5

Keywords: flipper zero, flipper, hacking, hacking device, nfc, rfid, sub ghz, rf, infrared, ir, mitm, bruteforce, hack, badusb, bad usb, rubber ducky, wifi hacking

Id: nLIp4wd0oXs

Channel Id: undefined

Length: 12min 11sec (731 seconds)

Published: Sun Apr 09 2023