Wall of Flippers Busts Flipper Zero BLE Spammers Red Handed!

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

what is going on you guys it is the talking Sasquatch and it's great to have you back now chances are if you're watching this you've already seen at least one of my videos on bluo BL spam and if you haven't I made three whole videos about it what are you waiting for now initially it was kind of just a fun joke you can make stupid little things pop up on people's phones no big deal right wrong cuz obviously this is the internet and we just can't have nice things since then I've seen videos all over the place of people going into Apple Stores crashing all their phones Siro I'm looking at you actually you haven't joined the alc Discord Siro is the leader of it all he's an absolutely awesome dude great hacker it's a fantastic Community Link down below join now well the whole thing kind of got serious when it came down to the Midwest furest now say what you want about furries the ones that I know are super cool but yes somebody rolled up in the midwest fur Fest ran some be attacks and according to allegations there were issues with people's Android devices now I'm not just talking about cell phones I'm talking about medical devices again this is all allegedly speaking I wasn't there I don't know firsthand but I do know when this happened they actually reached out to our Discord now fortunately for them we actually have a ton of super super talented people just hanging out in the Discord pretty much all the time well kiomi and Amelia actually have already worked on a project called wall of flippers that's kind of perfect for this exact situation now up until then wall of flippers was just a project that they made for Defcon so when they walked around places they could log every single flipper that they ran into now this program's already sniffing for for Flippers so it's also using Bluetooth LE which is what they're using for these spam attacks so they can just as easily sniff those out so I thought it was kind of my responsibility as one of the people that you know broadcasted and showed people how to do these be attacks to show the wall of flippers not only cuz it's a really cool project and you know I want to support the community but at the same time I want to let people know that we see you now just because you're using a flipper zero doesn't mean you're anonymous and with the availability of tools like wall of flippers it's going to be easier and easier for people to find Bad actors so that being said don't be a skid and let's get at [Music] it now right up top let me be totally honest with you I initially wanted to run this on C Net Hunter which I've installed on my phone right here the problem was this is the rootless way of doing it because this phone in particular which is a leftover phone I have doesn't have a proper kernel route that allows it to access Bluetooth I spent a whole night trying to get that to work and then infos red rolled up and he's like yo not going to happen so after that I honestly considered rooting my nothing one phone but I really didn't want to factory reset it in the process it's reasonably new phone but I still don't want to you know completely redo the setup on it just to root it I probably will down the road just because it's a cool thing to do but I didn't really have the time to do it this week now while there is a Windows version of wall of flippers it's you know definitely a development in process and it doesn't have the functionality to sniff out bluetooth attacks the windows version shows every flipper around but it doesn't tell you about the B attacks but one cool thing is that they're actually working on a CTF which is more or less you're going to see how many flippers you can find and see you can find the most so what I ended up doing was spinning up a VM of Cali Linux and then installing wall of flipper there so let's hop on over to the desktop and I'll show you what it looks like now before we get into all that let's take a quick second to thank today's sponsor PCB way now I've spoken about all of the cool things that PCB way could do for you however did you know that they can actually help you design your own pcbs they have a professional team of expert Engineers that will be there to help you through every step of the way from schematic design to PCB layout all the way out to rapid prototyping they can help you with all of it they can help you designing closures for your projects as well and of course print them for you as well do you need software developed well guess what they've got you covered there there too so check out all of PCB Way's Design Services linked down below as always thank you so much for the continued support PCB way you guys are fantastic let's get back at it all right here is my Cali virtual machine and one thing I actually have to do uh the only way that I can make this work is with a Bluetooth adapter and I have to unplug it and plug it back in there we go so I can connect it directly to the virtual machine this was a issue I ran into the first time trying this because the virtual machine can't easily access my board Bluetooth so it made it a lot more difficult to figure this out the first time luckily for me Ki actually hopped into a call with me and we were able to sort it all out so let's open up our terminal and get wall of flippers going and actually real quick first I can go over to ki's GitHub and give you a little bit of a brief once over on the installation process it's not really all that hard so all you really have to do they're working on the documentation as we speak more or less you're just going to install git you're going to clone the Repository like we've done before but we're using CLI in Linux so it's a little different obviously you know installing Python and then you install bloopy and the libg 2.0. deev allthough those are just prerequisites to make everything work but you know it's pretty straightforward so yeah let's get this out of the way and we're going to go to CD wall of flippers cuz I've already done this and then I think I have to go to nope okay cool it's just Python 3 and then uh wallof flippers py and this should load up so this is good so far so before I had Bluetooth working as soon as I would select option one it would give me a bunch of Errors uh whoops so of course you have to run the pseudo pseudo so super user on that one and then um with Python 3 wall of flippers py here we go now I can run it and it's working properly we had to add this in HCI device so by default it wants to use device zero Which is my on board Bluetooth however the Cali machine doesn't access that easily so I use a Bluetooth adapter which is going to be HCI 1 that makes everything work and already you can see my flippers now it's It's cool cuz you can see that there's three flippers here it even shows the color of them I do have the transparent flipper obviously my other ones have aftermarket cases that I made so they're not technically white but they were white flippers so right now since I'm not doing any BL spam nothing shows up but watch what happens when I start an attack so I'm going to run the lockup crash for Apple there we go and then boom right there it says b Apple iOS crash long very cool now we'll notice that the addresses on these things change so if I change to a different attack let's go to random action you'll see right here it's going to show a completely different address when we run that now that's because when they coded this the only easy way to make it so that it would actually crash phones they're not even crash phones but make the popups pop up all the times to make it look like these are different unique devices by changing the MAC address now not everybody has three flippers but just so you you know get an idea of what's going on I'm going to run attacks on all three of mine starting right now one two and three let's see what happens all of a sudden you see yeah 151 advertisements it's just flooding we got the iOS crash we got the uh the love sense distance activation there's just so many things going on 200 advertisements it's just it goes nuts there just so many so many different attacks going on at the exact same time I can stop one and then you can see let's see what else happens here cuz I'm running the random action I'm running the Apple Action Modo and I think they're running basically the same thing so let's stop this hopefully nobody anywhere near me has an Apple phone and you can see right here on my Apple phone I've got the popups right here and it just keeps popping up no matter what I do it's running the um it's running the spam right now but yeah just pop up after pop up I mean you know how this stuff works now it's also really interesting is actually the code for this so let me pull up visual studio code hello there we go we already have the wall of flipper code pulled up so you can see right here is the beginnings of the CTF koomi showed me a brief beta on how this worked it was actually really cool what's cool about it is yeah you could collect flippers so the more you'd run into the more points you got also they could fix special amounts to like transparent flippers or even black flippers that came out for the kickstarter kids so we take a quick look at our code here it's pretty pretty interesting so this is the general just normal wall of flipper stuff but down here are the Forbidden packets now what's interesting about the Forbidden packets scroll down a little bit is that these blank spaces these underscores are actually where the data is randomized for each attack initially one of the tricky parts to figuring this all out was figuring out which parts of this data were static and which parts of the data were just randomized so you have to account for the static data as well as the randomized data and that's really the only way to get real positives on these things so trying to figure this all out was not particularly simple what's also cool is that in The Flipper code itself or in the wall of flipper code itself there are little random letters and stuff so this right here will change based on what's going on and there's some you know random coded in uh little phrases and that's pretty cool don't be a skid and it's got the Discord in there too which is cool but yeah as we scroll down through here we can see kind of how everything works and it shows all the different devices and pairings like that and that's the way that the actual wall of flippers is able to detect these attacks so that's the wall of flipper project by kyomi and Amelia now this project is still in its infancy and you know there's a lot of work to be done still that's where I'm reaching out to you are you a Windows or a mobile device Dev if you are can you help Port Walla flipper over to whatever platform you like to use there are also already apps like NRF sniffer by Nordic semiconductors that can kind of do pretty similar to what wall ofp flippers Cannon however there's definitely work to be done to make it a little bit easier to you know actually do the sniffing and stuff so a standalone app would be way better obviously I always love reaching out to the community for help on these projects because honestly they never seem to disappoint so if you want to get involved comment down below and we'll hook you up with the right people all right you guys are the greatest we'll catch you next time hey

Info

Channel: Talking Sasquach

Views: 18,103

Rating: undefined out of 5

Keywords: flipper zero, flipper, hacking, technology, watch dogs, deauth, flipperzero, talkingsasquach, talking sasquach, flipper zero hacks, flipperzero hacks, flipperzero how to, flipperzero unleashed, flipper zero rogue master, flipperzero roguemaster, flipper zero talkingsasquach, flipperzero talkingsasquach, flipper zero talking sasquach, flipperzero talking sasquach, talkingsasquatch, talking sasquatch, flipper0, wall of flippers, BLE spam, fur con 2023, hacking scammer, technology news

Id: Pnw-uqd0GFM

Channel Id: undefined

Length: 10min 40sec (640 seconds)

Published: Sun Dec 31 2023