This Makes Hacking TOO Easy - Flipper Zero
ฝัง
- เผยแพร่เมื่อ 18 เม.ย. 2024
- Visit www.squarespace.com/LTT and use offer code LTT for 10% off
Create your build at www.buildredux.com/linus
Banned on Amazon. Seized in Brazil. It’s capable of reading, writing, spoofing, and emulating everything from RFID to NFC, sub ghz RF to infrared, and much more. Is the Flipper Zero is too dangerous to be widely available to consumers, or is that just unfounded fear mongering?
Discuss on the forum: linustechtips.com/topic/14997...
Check out the Flipper Zero here: lmg.gg/DK9yf
Sanpopo NFC Tags: geni.us/3qJ4A
Purchases made through some store links may provide some compensation to Linus Media Group.
► GET MERCH: lttstore.com
► LTX 2023 TICKETS AVAILABLE NOW: lmg.gg/ltx23
► GET EXCLUSIVE CONTENT ON FLOATPLANE: lmg.gg/lttfloatplane
► SPONSORS, AFFILIATES, AND PARTNERS: lmg.gg/partners
► OUR WAN PODCAST GEAR: lmg.gg/wanset
FOLLOW US
---------------------------------------------------
Twitter: / linustech
Facebook: / linustech
Instagram: / linustech
TikTok: / linustech
Twitch: / linustech
MUSIC CREDIT
---------------------------------------------------
Intro: Laszlo - Supernova
Video Link: • [Electro] - Laszlo - S...
iTunes Download Link: itunes.apple.com/us/album/sup...
Artist Link: / laszlomusic
Outro: Approaching Nirvana - Sugar High
Video Link: • Sugar High - Approachi...
Listen on Spotify: spoti.fi/UxWkUw
Artist Link: / approachingnirvana
Intro animation by MBarek Abdelwassaa / mbarek_abdel
Monitor And Keyboard by vadimmihalkevich / CC BY 4.0 geni.us/PgGWp
Mechanical RGB Keyboard by BigBrotherECE / CC BY 4.0 geni.us/mj6pHk4
Mouse Gamer free Model By Oscar Creativo / CC BY 4.0 geni.us/Ps3XfE
CHAPTERS
---------------------------------------------------
0:00 Intro
1:20 Is it REALLY that dangerous?
2:32 You wouldn't download a car
4:23 RFID
6:06 NFC
7:30 BadUSB
8:44 GPIO
9:40 Final Thoughts - วิทยาศาสตร์และเทคโนโลยี
What would you use a Flipper Zero for? Nothing nefarious we hope…
Check out the Flipper Zero here: lmg.gg/DK9yf
Sanpopo NFC Tags: geni.us/3qJ4A
Purchases made through some store links may provide some compensation to Linus Media Group.
Too expensive for $50, if that worth of electornics. Id much rather try making my own
Would rather try making my own as well, wouldn't wanna be a "kiddie scraper" (or the hardware equivalent to one i guess?)
@@renderedpixels4300 You're not paying for just the hardware. You're paying for the software and future updates.
HackRF One has existed for around 9 years and is more capable.
@@renderedpixels4300 that's the point though. There's not really anything new here, it's just much more accessible for someone getting into security research and helping demonstrate security problems to bosses to get them to actually provide funding to beef up a company's security.
If some kid can breach your security with this thing, actual hackers have probably been able to do that for years without you noticing. This just shows that these systems were insecure in the first place.
lol your comment got copied by a bot account with a sexy lady in the avatar to bait people.
edit: the bot's copied comment has probably been deleted, by now.
Yep, or you've been lucky and no one has bothered to.
Eyup and somehow the "solution" is banning these devices instead of fixing these security holes.
Security through obscurity is a legitimate approach. It gets a thousand times harder when a thousand times as many attackers have access.
Somehow reminds me of Snowden. He exposed malpractice, yet HE is the one the public sees as a traitor, not the people behind PRISM. It's the old "smelt it vs dealt it" story.
In my college, there's a management company in charge of the building that won't allow students to open lab rooms with their student cards. The college themselves want us to have access, but can't because of this management company, so normally to get into labs, students ask a nearby lecturer to open it for them. My friend somehow managed to clone a staff keycard to his phone and was able to open lab rooms when theres no lecturers around.
Sounds like that management company should be fired. If the college wants people to have access and they refuse to facilitate it they are not doing their job.
There's more to this story I think. The "management company" has to do what the college's best interest is since they are hired for that. Maybe students abusing such privileges
@@billy5688 exactly, those nerds are labbing a little bit too much
@@billy5688 If they did what was best for the college they would have security that can't be beat by a phone.
Had to copy an existing key to allow it to work, this flipper is the same, only the videos online show how difficult it is to use even a copied key. They call the difficulties implementing the copied key as “hacking”
That part about cars and rolling codes reminded me of this one time when me and some of my family members were in a big parking lot and when somebody unlocked the car with the remote we could hear at least 3 other cars unlock, then they locked it and all those cars that unlocked locked again. Really shows how insecure old cars are, because the car they had was from around 2005 or so
I had a late 90s Subaru that would have the alarm system set off by random car remotes. Had the alarm disconnected and when the system was triggered I had to do a little dance with the battery to reset it
I’ve had my Flipper for many months now. It’s useful as a keychain for keyfobs and RFID cards. The IR comes in handy to control lights and other devices around the house. The Amiibo library is pretty cool but I’ve never used it. Another cool use is to check if RFID shielded wallets and bags are indeed what they claim to be. Then it’s fun for all sorts of inocent pranks such as popping Teslas (only works when the car is not running and stationary and the lid closes automatically after a couple of minutes), prematurely setting off restaurant buzzers, messing with electronic price tags in the supermarket, messing with the volume or channels on public TV displays or projectors, NFC rick rolling people’s phones (it’s just a TH-cam link that auto opens and the prank is pretty ruined with ads if the victim doesn’t have Premium)…
It’s a reminiscent of the old Blue Box days. Poke around and have fun!
By the way, unofficial firmware allows usage of rolling codes but it also unlocks restricted frequencies. Since I work mainly around hospitals I don’t dare unleashing that monster and risking accidentally messing with someone’s pacemaker!
Obviously it’s pricey but to me it sounds like a neat little machine. I think I’ll buy one
@@Skeeeeeyeeeeee Nice! I hope it will bring you as much fun as it has for me. Just note that I haven’t dared to bring it with me when travelling internationally as I’ve heard of some countries confiscating them if discovered.
Is it easy to learn to do all that if you have no experience?
There’s actually a DTMF app that has Redbox and bluebox tones. I would have killed for it a few decades ago lol
Seems more convenient to me to just save the RFID card in your phone
Linus actually said my name.
Still so hard to wrap my head around being featured in this video
And it's the 3rd time now and it still doesn't feel real.
So cool to be even a small part of something like this.
And I'm glad everyone has been enjoying my work
You also have the power to make the Flipper do sponsor segues...have at it.
Good for you dude.
But did he pronounce it properly?
What i thought of hackers: Cool, collected
Hackers in real life: OMG Linus mentioned my name, this doesnt feel real . Whats next? thanking for the likes on the youtube comment lol
same bro
Probably a good time to mention that Amazon has banned the sale of this product as of today
Edit: Amazon has only banned the sale of the product in the US. It seems to still be available in other countries via their website.
Probably done by flipper to stop resale help reduce botted purchases.
Not today couple days ago
do not buy outside of joom as scam sales of these are very common
I have one 😂
@@kernalmustang260 not true, amazon banned the sale under the guise of it being a "hacking tool". The same reason eBay did
New Flipper Owner here. For Amiibo, you can use the creation tools for the tags and write them directly to the Flipper, as it can emulate a blank tag. This is helpful if you are looking to save on all your Animal Crossing tags and storing all the tags someplace.
What else can it do?
Will this work for sky landers? 😂
@@fe1jx Yes! If you have the ability to write them, you can add them manually as Mifare Classic 1k 4byte UID cards. Otherwise, you have the ability to read them and emulate them if you have access to physical Skylanders. Amiibo uses NTAG215, which if you pair with TagMo and the bin files, you can even write new amiibo to the Flipper.
You can copy most RFID cards with your phone
Wow
I like the idea of having a multi tool like this, being able to check microchips on pets or remote control something that’s my property with one device seems great to me
yo.
This comment sold a flipper zero fr
Microchips on pets, hell yes- thats so useful for idiots who cant take care of their pets. Soooo many dogs loose in my town :(
The Flipper zero has been excellent for demonstrating problems to management. If I demonstrate an exploit using my portable workstation and expensive SDR, no matter what I say the mental picture is that it requires expensive equipment and expertise. Instead show it with something that looks like a toy and was bought online for fun-money, and the mental picture is very different.
I wonder, is that perhaps exactly why they designed it to look like it does?
To get one in Australia it's like $400... By comparison a brand new PS5 is about $650.
yeah well even 190$ aren't really fun-money for me
@@andreimunteanu750 I mean, for bad actors 190 is a fun money as long as they can gain more from it.
@@alexatkin it's actually designed to look like its predecessor, which is an actual child's toy that accidentally let you open garage doors and disable alarm systems.
This just reinforces the saying "Locks keep honest people honest, and they don't stop evil people."
Ah, fellow LPL subscriber here
Locks tell lazy thieves to move to the next one
More of "lock is only a deterrent, not a guarantee"
Very tru, my bike was stolen in Sweden under a window of 2hours😢 the thief not only cut the cable lock and pried off a frame lock… probably should use a U lock instead…
@@AaronShenghao or move to japan and you dont need to worry about locking up your bike lol
I purchased my mainly for doing home theater installations. There's so many remotes that you do not know what the IR code is and that was the main reason for my purchase. Yes, I do have a lot of TV remotes, installed air-conditioning system, ceiling fans, and some other devices I've added, it has made things very convenient when I go to customers and there's an issue with the remote.
True story, I had my first date as a 40 year old. We met at a bar that had an annoying TV in the background. I pulled the flipper and used it to turn off the TVs in the bar (It was lazy thursday afternoon; no one was watching anything). Nobody clapped, but my date and I enjoyed being able to hear each other and talk uninterrupted.
Thank you for sharing, hope jt went well
☠️🤓 “I pulled the flipper”
*Everyone clapped.
I worked as a nurse at a super ghetto/old hospital with remotes that don’t work on crappy tvs. I wonder if this would help. That alone would be worth it as a lot of patients were disappointed they weren’t able to watch tv
@RoIIingStoned it should
The amazing things about flipper zero is not just the advertised functions but the fact that they are able to pack that many functions in such a compact and neat packaging. If I were to built one myself, it would be a mainboard with wires and atennas sticking and tanggling all over the places
I backed the Kickstarter and I'd say Linus is right on point here. What made this device so attractive to me was the fact that it's small, pocketable and all-in-one. It's a fun little toy to explore and learn about security with and encourages you to really think about wireless communication security
But can i run Doom on it?
@@annoorange123 There is a "flipper zero edition", so in a sense you can lol
It sounds for you its an educational device, great!
@@ChristianBrugger It's very much an educational device, but it's also very much a toy that causes my friends to give me a side eye when I take it out :3c
It's quite versatile and I love to find new ways to mess around with things lol
@@annoorange123 Yes! Yes, you can! Some version of it, anyway. It requires custom firmware last time I checked, which is easy to install
Thanks for that video! Recently, I had a scary encounter with an RFID hack while traveling on a crowded subway. As someone who relies heavily on credit cards and digital payments, the thought of losing all my personal information to a stranger was terrifying. Luckily, I had invested in an AirTag wallet and was able to protect my cards from the hacker's attempts
Out of curiosity, have you tried any other AirTag wallet brands besides the one you currently have?
I've been researching a few different options, but I'm having trouble deciding on which one to go with since there are so many mixed reviews. If you've had experience with different brands, I'd love to hear your thoughts on which ones have worked well for you in terms of quality and security.
@@stevepatton9518 I've tried a few different AirTag wallet brands and I have to say that Vionentus is the best. I've been using their wallet for a year now and it still offers the same level of security and protection for my cards. Plus, it's stylish and durable. Highly recommend
@@stevepatton9518 Neat that we have the same last name
magine just using cash lmfaooo holy fucking zoomers
Bots
Been playing with my flipper for about a month It’s pretty much a leatherman for computers, it is one of the best IR remotes/transmitters available but all that’s good for is turning off the TVs in Walmart, to scan cards you need to physically have the card in and touch it to the back of the devices so no one is going to be using a flipper to steal your card from 30 feet away in the mall.
you can turn off tv with cheap arduino, no need for that expensive script kiddy toy to do that ...
I love the coverage of security stuff. You should do more of this kind of thing. If you really want to blow people's minds then look into physical pen testing. Door attacks, keyed alike systems, etc. It's hilarious how easy it is to just pop open pretty much any door. I guarantee almost anyone could break into nearly any building in under 5 minutes using less than $100 of kit that can easily be concealed on their person.
I just want to mention LPL (LockPickingLawyer). Its absolutely ridicolous
@@sinistressdreams7243 Most pen testers use lockpicking as a last resort.
I literally spent 5 dollars and can pop most locks on residences in the US. I can probably do it for free with a windshield wiper lol.
My wife locked us out but managed to open our door with a plastic document folder.
@@Josh_Quillan It's only possible in USA, where the gaps around the door are open and wide. Good luck doing that in Europe.
As someone who was lucky enough to get a flipper, the uses are very interesting. I've utilised it a few times during penetration tests and was sometimes amazed by the performance.
For a small, pocket sized, battery powered device, I'm not surprised this caused a stir...
However, it doesn't help that so many people are making a big deal of these and showing "hacks" online that just aren't real.
"Watch the flipper hack CCTV!!! Omg!!!"
No Travis, you turned off the TV they're connected to, any phone with an IR blaster can do that...
Does anyone still make phones with IR blasters? I don't think I've seen one in a solid decade.
@@nicoper Xiaomi
@@nicoper Xiaomi and this feature is reaaaly cool, especially in the hotels if they don't provide remote for their air conditioner for example
Some Xiaomi and Huawei phones have it.
The are some tiny IR emmiters that plug in the 3.5mm jack
Please do more security focused videos.. I love them!
Like LTT knows anything about security 😂
I just recently got a flipper zero and i live using it as a universal remote for all my TVs and devices, no more searching for remotes since i copied them all into 1 device, and it will work on any new device.... made my life SOOO much easier, i also like that I can condense my amiibos into 1 device, again makes life just easier.
I have had one for 4 months now. It’s a daily tool, all my keys and remotes are saved to it along with keyboard macros I use daily through the BadUSB feature. No more 10 RFID tags I have to keep track of and I finally have universal control of all my LEDs, TVs, and soundbars
Did you just record the IR remote signals using the flipper for LEDs?
When Linus said it could do IR, I immediately also thought of using it for a universal remote!
@@LizardVideoDude it’s Incredibly easy to make custom remotes in it I’ve been loving mine too. Garage opener too which is subghtz
@@connor7439 you can even brute force them without knowing any information about the device
and traffic lights, lol
It isn't just the ingenuity of the community, is the relaxed cybersecurity standards society has accepted.
I think that acceptance has come from general ignorance surrounding how any piece of technology works. Especially stuff like rfid
In a perfect world there wouldn't be need for any security and all that computational power, all that silicon that does encryption could do something more useful... Just think about it. We spend trillions of dollars and gigawatts of energy just to make sure that some asshole won't ruin someone's day by turning something awesome into a weapon. And despite all efforts, all resources spent on defences and security, those assholes still do their things all the time all over the world. That's depressing.
But why assholes do what they do? Maybe we should find out and spend resources to fix that instead of putting even more defences and security everywhere? I don't know... It's just hard to want to live in this world sometimes...
@dsvechnikov Doing stuff like this simply stems from only being able to gain personal satisfaction through screwing other people over.
They can't be reasoned or bargained with. "Some people just want to watch the world burn."
I was invited to a high school as a guest to go through a few cyber security does and don'ts, and the amount of people, both teachers and kids, who had no idea what threats are out there were scary. During the first two hours, I had people who connected their phones to my WiFi pineapple without second guessing. And these are kids and teachers in tech!
Also, a whole bunch of, "Why you worried about privacy, bro??? Nothing's gonna happen, bro. You're just being paranoid, bro."
I think what's cool about the flipper zero is the fact that it's so accessible. You're absolutely right that you could make one of these with an arduino easily enough, I could make one as an experienced developer and electronics tinkerer, but I don't think I would take the time to make one because I'm not motivated enough to do so. On the other hand, I'd definitely buy one of these things.
its like a Swiss knife of electronics. Yeah it has many tools and easily accessible but it'll never be as potent as a proper tool designed for a specific task. if your devices are vulnerable to Flipper Zero, then the security risk is that your security is too damn weak and horrible that a limited functionality device can open it. trying to say Flipper Zero is a hazard is like trying to say rocks are a hazard because it can open a lock. the rock is not the problem, the lock is.
Thank you Linus for clearing the purpose and positioning of the Flipper Zero up
This gives me an insight into how cool it would be for LTT to have a dedicated CyberSecurity channel
that's probably way too small of a market for them, and there are already plenty of other channels in that niche
That's pretty much what Hak5 have been doing for almost 20 years at this point.
Hosted by SwiftOnSecurity!
Very good idea
please don't
"Is the hysteria simply a kneejerk reaction from the uninformed" 98% of the time, yes.
Yep. People don't like to research... Or Read.. People ask when a place close when there's a scheduled right on the door.....
It's a symptom of piss poor media. They reach for hysteria, and get people wanting action from the authorities instead of educating people.
Yes, this goes for many things (anti gun, anti vaxxers, etc) The individuals with the least knowledge on a topic are generally the one's with the strongest opinions against them.
@@angelblue1527 I don't think you're literate either.
Covid in a nutshell.
I was waiting for a day to come when a few university students take a little freetime to get this thing together and make a product out of it. This could have happened years ago, but there we have it finally.
I wish this video had mentioned the actual child's toy that inspired the Flipper Zero. I already forget its name, but the toy accidentally allowed you to open garage doors and disable alarm systems. So this thing got kickstarted to make a legit cutesy hacking tool.
Tomogotchi
Tamagotchi, there's been a similar device before the Flipper. The Pwnagotchi.
Nah, it was some mattel toy that had an RF transceiver.
I think you are referring to the IM-ME.
@@Straithe Yeah, the IM-ME, samy is a golden boy.
I'm all for things like this being on the market. Almost every company has gotten negligently complacent with security implementations. Launching products that had literally no pentesting done.
You say this like it's a new thing
Yea but i don’t really like the idea of a 14 year old stealing my credit card info, or my car just from beeping the thing at me…
I agree. The virality of flipper should only increase cryptographic security in the long run.
@@C0yf1sh if you don't like it then don't sit here and let it happen to take precautions to prevent it
@@the_undead oh i agree, it just seems odd that these things are allowed to be sold so easily, like on websites as big and well-known as Stock-X.
I work in IT and the only thing I have used this 170$ toy for is infrared...Projectors, TVs, Etc, Its a really nice place for me to store all the remotes that could lost in one place..I have over all around 200+ different TVs saved due to how often we cycle through brands/models/etc.
the risk of echoing stuff could be removed with any kind of challenge based secret key handshake. eg:
1. key asks for challenge
2. car sends back a random seed
3. key hashes the seed with the secret key and sends it back to the car
4. the car verifies that the keys hash matches the cars hash
and of course, each challenge would be time limited (eg 100ms), so nobody can just catch the challenge result while stopping the car from getting it and using it later.
Do you suppose there is any kind of master code used by the manufacture that we do not know about? Or is that even a thing. I have not researched too much on rolling codes.
9:49 "...and then, this is the really shocking part, delivered fully on its promises."
love the subtle stab at some crowdfunding campaigns
This thing is the bane of my existence at work. Not because I deal with products vulnerable to it or anything like that, no, my problem with it is it has people scared, so everyone is asking for sleeves or covers for their car keys to block it, they then get mad when I try to explain that they don't need it, and in fact do not WANT a cover to block signals from their keys, because then their cars won't start...
It's the opposite for me. I use it to manage all of our ir remotes, rfid systems, and nfc systems. Really useful for the rest of the IT dpt
You should do more about the Mayhem hat I would love to see the potential uses you could find using it!
Man Idc how secure your network is, if someone wants to get you and they know what they are doing, your got.
a good example of why security by obscurity is never a good approach, it only takes one new device like this to show the flaws
@@LoveStrangeDr theyre basically security by inconvenience... the only people thwarted by them are people who dont want to put any effort into the attempt. anyone who actually wants in can do it.
@Andrew Perfect security does exist it's called 10-inch steel walls and a door with an airlock and DNA tester, retinal recognition, facial recognition, fingerprint, ear print, toe print, hair print, fingernail thickness, body weight, recorded attire when leaving and entering, password, physical key, remote physical key, camera verification from an alternative human, height check, and internal locks that you enable when inside.
@@pipthewarrior3738 nuke
@@pipthewarrior3738and what happens when an emp goes off and someone uses 420 pounds of dynamite with a 69 foot wick
@@pipthewarrior3738 looool
been waiting for this since u mentioned it on WAN show, tried to get one myself to mess with but couldnt find any that ship to the UK
eBay UK maybe? I see a bunch of listings on there.
@@kingzach74 might be a good shout that i'll have a look ty
Lab401 and Joom are both official outlets for the Flipper that ship to the UK.
I would recommend going with Lab401.
Joom is in China and costs a bit more, its where I got mine though as Lab401 was always out of stock. Took forever to arrive.
Lab401 is in Europe, much faster shipping, slightly cheaper too.
Loads of them on ebay for around 250£
I bought it on Ebay Since LAST year, I don't know Is Expensive now due to it sold Out on The Flipper Zero Store
"Sniffers" are old tech car key makers have used for certain chryslers for several years. I have a friend that built one in a dewalt case. Added level of encryption are standard for most access control systems worth their price.
Finally Linus is getting into cyber security. In this case physical security.
I hadn't heard about this device until now. My first thought was about how useful this thing could be in controlling some older devices remotely that I've long since lost the remote for (or for which, the remote broke)...then I saw that it's $170 and fell back down to Earth.
Or if you want to go digital and be able to control multiple devices, say in your living room, you can get something like Broadlink RM Mini, which connects to your wifi, you leave it plugged in and then you can control all your devices through the app on your phone or Home Assistant for example. I only have one and I have a few macros to control my lights, TV, soundbar, audio receiver and fume hood.
@@JerryTesar Just have in mind that new devices can have 2.4 GHz, and broadlink have 433mhz.
@@3nron Right, I was talking mainly about the IR. The RM Mini doesn't even have RF, you would have to go with the RM Pro. Most of the cheapo remotes for plugs, light, etc have 433MHz. With 2.4GHz it gets more complicated, because it can be proprietary, BT, Zigbee, etc..
@@JerryTesar i just find out that my led stripes has 2.4 so it's not exclusively for advanced devices. Buf for ir and 433 it's great and very cheap tool.
you can get fairly inexpensive universal remotes for that purpose, and a lot of them allow finding the model from a list, basically you press the on button till your device turns on then you press a number till it registers and usually you've got the correct model.
the psp 1000 is also a pretty good remote.
some phones have an ir transmitter so you can use them as a remote.
then there's also radio remotes, but they aren't that common.
a good universal remote which can get updated profiles is probably the best option for ir.
Linus brings up some good points, but there is one that I want to bring attention to... the remote capabilities. He mentions that Flipper's ability to control remotely sets it aside from other security tools... However, you can actually control the majority of the other security tools mentioned remotely as well. Some, like the Malduino W, have the functionality built in. Others require a little bit of electronics know-how to tie in an ESP32 or similar. I appreciate that Linus brought attention to the fact that this tool really does nothing better than the other tools and just gives you a nice little package for them all. I just wanted to make that distinction about the wireless capabilities. Flipper isn't some crazy criminal tool. It's like a computer. I can use my computer to hack, but it's just a tool. If people want to ban the Flipper, they may as well ban computers too. I was one of the early adopters of the Flipper Zero. I'm also in InfoSec. I say that to lend a little credibility to my argument that it's just a toy. I'm sorry to say this, but it really is. It's a neat toy. It's fun to clone an RFID card and make your friends think you're "hacking" the office/hotel card reader or show someone their credit card number (but as Linus said, no other identifiable data)... and mouse-jacking is legit fun, but it's hit or miss as it doesn't work on all mice... but it's nothing special. Most of the time I just use mine as a convenient 3v and 5v pin for electronics projects ¯\_(ツ)_/¯
maybe in your hands it is a toy. But even someone playing around with this stuff in the wrong context can be extremely dangerous. Think about if someone wanted to kill you and they were able to get through your apartments security like it was nothing.
@@mr.adamson8675 my guy, if somebody wanted you dead you think a door or window will stop them? A fking rock or fist is dangerous too, reality is not a movie.
@@mr.adamson8675 You telling me you only use a lock that relies on electronics. Kinda dumb of anyone to only trust smart locks.
I've actually used mine several times during security audits for clients when I discovered using better tools they might actually be vulnerable to such a low effort attack device. Granted this was an unnecessary step, I could have simply noted the issue in my report and left it at that but highlighting just how trivial it is with a cheap tool like this sometimes helped with penetrating the skull of the client with the information of how exposed they were.
@@Aliyah_666 I mean like to get thru a gate
There’s actually a stupidly easy fix around the rolling codes thing. The codes are only deauthenticated if the transmitter is in range. So you take your car key out of range of the car, take your flipper, hit unlock on the car key whilst reading on the flipper. That’s is now a valid and unused code. Save that, make another read, hit unlock again, do this 3-4 times and you have 3-4 unused codes ready to hit transmit near the car and unlock it.
I think the problem here to note is how easily it can be used i think. If you use an arduino , you should know how to code or atleast look for the required code in github , and copy it and other stuff. But here , if someone feels even a little angry against someone and he knows about flipper, he will just buy it , on the other hand if he had to learn coding or learn about github , ardiuno setting and other stuff, he might not do it as he is not that angry to do that much effort. Another example is. if someone wants to do something bad and has a sudden impulse he might not take the effort to learn to code , github , etc just use flipper. Im not sure if its a proper linking but i think this is really similar to how a real gun can be printed from a 3d printer. Basically its bad since it is more accessible.
I have a flipper and mostly use it as a backup for my RFID access cards just in case I lose or break one of the originals. It's a really useful tool to have quick access too.
@@harmonic5107 Yeah, I backed the Kickstarter and have had mine for almost a year. It's a very neat multitool, but I also know that I could easily replicate any one of its features with much cheaper hardware, most of which I probably have lying around somewhere.
It's excellent that it's opening regular people's eyes up to basic security flaws, though. Hopefully the end result will be shunning of bad practices and an overall improvement of security instead of everyone putting their heads in the sand and attempting to ban the sale of similar devices.
Might as well throw away those locks if anyone can duplicate the keys
@@nicoper Unfortunately in our highly corporate world it's almost certainly going to be the latter option. Why fix it when you can pretend it isn't an issue and lobby (pronounced pay) congress to ban the sale of these 'scary' devices.
I got a Flipper Zero to study the world of pentesting and its amazing I do admit on the first week of owning it I was being a bit rude with it turning TVs off in the mall but its surprising how many yes answers I've gotten from store managers to play around with it.
I considered getting one of these when it was buzzing around Twitter but I've got so many microcontroller dev kits I didn't have enough use for wireless to buy it. But I did say I'd buy one if they made it in atomic purple (still waiting on that...)
About time Linus iv been waiting for you guys to do a video on the flipper had mine for 3 months now and have no clue how to use it
The flipper is a multitool, and just like a regular multitool, it's up to the user to not do stupid stuff with it. The multitool I carry has a knife on it, but as a user, I know that's for opening boxes or (what I usually use it for) cleaning under my nails, not for stabbing people. COULD the knife hurt someone if stabbed? Of course, but it's the user's responsibility to know what is the right and wrong way to use it.
Edit: the kickstarter page even describes it as "Flipper Zero: the multitool for hackers"
You make it seem like hacking is universally bad, when only black hat style hacking is bad.
@@fateunleashed9680 really all hacking should be considered bad in an ideal world, it's only because of the especially evil hackers that we need white hats, nobody appreciates being hacked, even if it's a warning/wakeup call and they "promise" to not do anything nefarious, admittedly when contracted out to test a parties security it's somewhat more reasonable, however, there's so much wasted time, and evils disguised as good, just to fight off greater evils it pains me, I'd rather people invest their energy in constructive or creative avenues. When it comes down to it, a soldier still kills, regardless of its legality or morality I wish to live in a world without slaughter.
@@fateunleashed9680 What does black hat style hacking mean lmao
@@ManamaEd hacking to steal things that are valuable in example, personal information, passwords, etc.
@@YourPalQWERTY Never heard of the term
Linus: "What it can't do is segue to our sponsor"
Hackers: "Challenge accepted."
Your hacker sounds like Barney Stinson.
@@helloukw I was thinking more along the lines of Barney the Dinosaur
Today I learned it's segue and not segway
@@AdamHH11 Oh damn, same here...but I'm gonna blame the fact that English isn't my native language. 😆
He did say "yet" in that misquoted sentence 11:12
Freaking excellent review. Great research and presentation, thank you.
Back in the day when the Sony Ericsson phone was around, there was a tool you could get and put on the phone that used Bluetooth to connect to any nearby phone with Bluetooth and access everything on the connected phone without the other user being aware. You could make calls through their phone to yours (using their mobile plan), send yourself phone credit from theirs, access photos etc. It was like their phone was on your phone. It'd even bypass the pin code and go straight to the phones data.
I don't remember the name of the tool, too long ago. But I didn't believe it until a friend put it on my phone and showed me how easy it was to access someone's phone.
Rolling codes have been legally required for some products since the mid-1990's, so it's really hard to sympathize with manufacturers that don't use them and I'm definitely looking at Honda at this moment.
Btw if you use unofficial firmware for flipper (unleashed, xtreme etc.) it has support for rolling codes and blocked signals
Yes it's annoying, my parents neighbors open my car doors with it, hack into our home cameras, you name it.
I don't have money for a new car, they probably found a way to use it on her credit card numbers she screams over the phone also
I am over the moon glad that I live in a time where I can genuinely say "Flipper can not hold a candle to the might of the Rubber Ducky."
9:15 The important thing to understand is that any wireless keyboard you have that doesn't do real encryption is a security hole waiting to be exploited. The Logitech unified/universal wireless dongle is one known-problematic product.
The correct way to fix the issue is to fix the protocol, not to try to prevent software defined radio (SDR) devices.
The Hack RF doesn't do anything by itself. It is a radio transciever. You need antennas that are tuned for the frequencies you want to use it on, a computer to connect it to, software to use with it, and a willingness to learn. The same is true of all SDRs save for a few special cases like a ADLAM Pluto which does have an embeded computer running Linux and can be powered standalone and could do something by itself if you loaded it with scriptable software and wrote scripts to autostart when you plugged it in and then had it auto save results.
I feel like a follow up video focusing on how to step up and test your security against such things is in order, if possible.
Putting security vulnerabilities of yours(even if fixed) on video is probably a bad idea.
One of the things that certainly helps you stay secure is not sharing information about infrastructure you use. Security through obscurity is not good on its own, but in combination with other good practices it certainly helps to dodge some bullets
@@sensorer Good point, but there could be some general ideas to pass on, resources, what you should be looking for to help secure things. Maybe a tip or idea to help the lady with a stalker that potentially could hurt her. Although she probably is not watching LTT. Lol. But maybe her brother does our something. I dunno, still think there's some info that could be passed along without compromise.
The USB-UART bridge on the flipper is super nice for debugging hardware, never realized how much control I could get from 4 little pins
i love mine. i use it to park in a hotel garage next to my work instead of the public garage. lol. there are custom firmwares that have RFID bruteforcers. i mostly just copy my friends keys to their apartments so i can use their pool, or not need them to let me in.
as for car keys, many things have too complicated handshakes for the flipper to bypass.
I see the zero as a gated community (good one), it provides entry level knowledge to potential white hacks and it keeps people in a "safe" learning space. The zero then allows people to modify and extend on the product just like a diy variant would
I like this nuanced take, much better than most of the sensational coverage that demonized this.
Edit: I totally confused amoral and immoral. Meaning I fully agree with this take. Thank you for pointing that out @SirVer
Old text, so that the comments still make sense:
But I would like to point out that the HackRF is not amoral, it has very legitimate use cases in some specialized industries that deal with high frequency rf signals.
Sure but it's like how cracking a console to install homebrew isn't in itself amoral because you could legitimately be doing it to install homebrew apps that are fine and legal, but let's face it, 99% of the time people do it so they can illegally pirate stuff.
If the main use is immoral then it doesn't really matter about the tiny percentage of people who don't abuse it.
I have heard of security professionals who use it to sniff out antiquated security devices. For that the flipper makes alot of sense as companies shouldn't leave obvious vulnerabilities to lay around.
What @Verdan Koro said
A HackRF would be lovely for experimentation and learning - if they weren't so expensive
@@ViridianFlow It's not really amoral when the majority of people just want TH-cam without all the ads :p
Linus getting prepared to hack the hackers who took down his channel
Hackwars, Linus Media Group Strikes Back
He is not that good. I remember his forum got hacked and my password got leaked. I started getting tons of spam emails and phishing emails. Lol
@@BlackManOnAShortBus u got that? but i didnt
@@BlackManOnAShortBus he could hire hackers to do it for him.
Also you getting spam emails isn't due to your password leaked, it's that the email address leaked.
On WAN show Linus and Luke also discussed it best feature - using ems frequencies to turn red lights green.
Somewhere, there is a hacker in a dark room, wearing a Guy Fawkes mask and a hoodie with the hood up, watching this video, and laughing while techno music is playing in the background. He doesn't use his mouse, but just types, as a true hacker only needs to type a few keys to do anything, including hacking into the Pentagon's most top secret files.
I'm glad you did a review on the flipper zero I was quite interested in this and didn't quite understand it.
I can see this being VERY useful for field engineers that need to test unknown environments. That Geiger counter is so cool!
I've used on to check specific RF frequencies on a certain band in a casino, so I could assure the control signal of my drone was safe for a commercial shoot. Not sure there is another device as cheap that can signal monitor.
My last job at a car shop my buddy had one of these who used it to diagnose computer and electronic issues
ethical hackers also use them . people who think hacker = bad dont understand that their security relies on ethical hackers
You can buy a Geiger counter for less than 80$ tho lol
I remember back in the early 2000's i was in a gags and gifts store....I came across this little key chain device that could turn tvs on and off....Never have i imagined how much fun such a little device was back then 😆😆
HackRF wasn't first demoed at Defcon, it was Toorcon 2012. Mike gave everyone in attendance one.
The way I see it, yes you can individually buy devices that do the same things as the zero, however, you will end up with a lot more tech to carry around and at that point and will probably have spent more too. With the zero, you can put it in your pocket and you get a cute dolphin :)
It is a very cute dolphin. Let's be honest here.
You can just get a custom board made for like 5$ and solder all the components yourself and it's probably gonna be cheaper and arrive faster then the flipper
@@xfy123 Does it have a cute dolphin tho? Thought so; check mate 😎😎😎
@@xfy123 we love the cute ui and mascot
What’s funny is that these were made to test flaws in production (this the price) but just because a really fun hacking keychain
As a near novice to Cyber security and coding I just got one to get into things. It's definitely a must have for beginners. I'm shocked at just how easily today's IOT consumer products can be manipulated and hacked.
This is like watching a scripted version of a WAN Show segments. I like it. Thanks for sharing the information outside of the marathon that the WAN show is becoming!
I didn't think they woul break the five hour run time....wonder how long until six hours...
@@cathevans9859 I've watched the first two hours so far. Hopefully we get some good weather and I can watch the rest while taking walks.
This thing is great to travel with. Many hotels block being able to switch inputs on the tv. This is the easiest universal remote to restore functionality.
the thing is, some places in the US have laws that require that the gas pumps honor the prices on the signs if they are lower than that at the pump. My state has such laws. So if someone changed the prices on the sign to be 1.999 per gallon, the gas station would be screwed and have to honor that until they can get the sign fixed... yeah, that would only take a little bit since someone would complain that the pump is saying 4.00 per gallon but still it would be a headache for them at the very least.
Also, with tap to pay Credit Cards, i have yet to be anywhere that when i tap to pay, they require any additional info like the CVV or Zipcode so it would seem if they can clone the NFC of a credit card they can just go on a spending spree at most places.
Funny thing is I've seen videos of people hooking them up two laptops and changing streetlights and way more than what you've covered. But yes by itself very limited but with other tools attached much more potent
It capitalizes on the "security through obscurity" loophole. As you pointed out, NFC payments are actually more secure than most other methods. I need to get one, it should make it easy to figure out the bluetooth communication command/response for some BMS models that I use. I wish I could find some Raspberry Pi zero 2 w to buy for less than 8 times list price. Sigh.
it doesnt actually have bluetooth hacking capability yet
While NFC payments are more secure, it's only a matter of time. Scammers go where ever the suckers are, and if there are a ton of suckers using NFC payment, they'll start to hack these systems to get at your money. It's true for everything. Windows 11 was only secure at launch because it was a new system. Linux is only secure because it's not accepted everywhere yet.
Love seeing the Flipper Zero community represented so hard!! Lets GOOOOO!!!!! We all put our hearts into making mods and content and seeing Linus talk about it is absolutely fantastic!
this is not good its getting to much attention and soon will banned everywhere
Flipper Zero community checking in ❤
now i want one
@@theproblem9938 This video reminded me to check if they were back in stock again for where I live and immediately ordered and paid for one now.
Had my eyes on it for some time and it was always out of stock..
its absolutely amazing to see
Hi this is the first video I’ve seen in a while from this channel and it’s still as good as it was in December
Well now we know that the Canadian Government isn't subscribed to LTT
Got one a few months ago, have it and love it ☺️ have tried the garage doors and rfids, but mostly just use it as a universal remote for my TV's and sound systems
I remember reading about people using hidden antennas to clone RFID cards in the early 2000's using (if I remember correctly) Nokia 9000's.
And car remote keys were being cloned that far back too.
These vulnerabilities have been well reported for decades.
yeah this isnt new tech its just the first device to do it all
This device is just reminder u should always hardened your wireless communication, IRC u can read NFC from phones but they timeout, also modern keyless entry are using rolling codes and work bi directionally (bmw with display)
@@mateuszzimon8216 The keyless entry to my building and car park are not rolling codes.
I've had stuff nicked as a result.
If only there was a way to get my landlord to do something about it, but they don't care. The illusion of security is more than enough for them.
This is why my garage door has a deadbolt that goes into a concrete floor and the opener motor is plugged into a switched outlet that can be controlled from inside the house.
The production and delivery times on this has been so long that I had the time to become an engineer and learn how to build them myself while I waited. literally.
Can you give more info on this
Very good informative video! The only error I noticed was that passports use LF chips. They also use the HF chips, because that frequency is way better at transfering encrypted data.
I carry one in my purse, it’s kept me from being locked out of my data center and building when I lost my keys, it’s a hand use especially with the IR brute forcer for getting sounds to STFU if I’m overwhelmed IRL (I was an OG backer in 2020, and I do use this for other shit too, but for day to day it comes in handy quite a bit, and a fun party trick too lol)
Might as well have no keys if it’s that easy to break in
@@maxluthor6800 check out the lockpickinglawers. There are many physical locks that can easily be defeated. Should we start remove door locks as well?
@@maxluthor6800 they prob copied their cards not brut forced the lock
@@billy5688 This, yes. Cloned the LF RFID fob. I tested all my facilities and couldn't break in via brute force.
This video was such a good sales pitch that I binge bought it right after it (and I can’t wait for it to arrive).
did you get yours yet? ordered mine on the same day and it still hasn't shipped :
@@VelocityFTW Mine hasn't shipped either. :(
I guess they have quite bit of orders?
@@xremming I'd imagine so, mine just got prepared today, still not shipped. I'm not sure what could take so long lol. They're not repacked, they just print labels and ship
The Flipper Zero can copy and reproduce the tap-to-pay code of, at least, Master Card physical credit cards and even transfer it to a blank card (and that blank card becomes a copy of your card). This has happened to me in Summer 2022 before I started using a proper protected card case while moving around a large event where lots of people were close to each other.
About 2 hours after the event, someone was using my credit card tap-to-pay function in gas stations across the town to buy lottery, cigarettes and fuel. About 2-3 hours later, I got a call from the Master Card division of my Bank to confirm if I did the purchase or not and got my Master Card replaced. Then I sent the transactions information to the gas station chain with dates/hours, value on the sales and the gas station number so that they can track back the criminal.
It only took 2 weeks for the police to track 2 criminals back as some of the gas station had proper working camera that could read their license plate. They were using a flipper zero and a peculiar cell app to simulate PayPass (the tap-to-pay technology around my area) with a fake tap-to-pay request signal. I'll skip over how they were able to fake the tap-to-pay request request, but it's a process except that it's a process that doesn't requires anything complicated (everything can already be found online) and can be done by anyone.
I'm not blaming the device for this event as I could have protected myself with a proper card case, but it's still a shocking experience when you get a call from a bank that someone has used your CC to buy over 800$ of stuff before the card got blocked due to the red alert on unusual purchases done.
Yeah they knew what they were doing. Most people who got this device only got it because of how it was marketed. Most people would never be able to figure that out without lots of dedicated research, and most people I know who have this device definitely have no clue what any of this stuff really is when it comes to understanding all of its functions. There are people who do study it, but I am going to guess most people in the world would not know where to begin when learning how to successfully do it.
In my country, the use of chips for elevators and doors has just started out, and car keys don't have anything as developped as the ones linus spoke of. It's like something not very developped security-wise over here. Now imagine if I bought one of these...I could literally go anywhere I want and open most cars haha. I am glad it costs 170$, this way thieves will never bother buying it.
I got my Flipper Zero from the KickStarter, its a cool little gadget. I'm a bit shocked to learn that shipping on them was stopped, I honestly didn't think that would happen. Great video Linus, I definitely learned a couple things from watching.
If you read what was on screen, they were stopped because certain models were doing stuff in certain frequencies that different countries have differently allocated, and it requires a license to use those frequencies. It's all about RF spectrum control, not anything to do with what the Flipper was doing with that spectrum.
I am surprised it took so long for LTT to put their take on the Flipper. All these features in one way or another has been a LTT Tech tip that can be boiled down to " Change the factory settings when you get it out of the box". There are a few manufacturers of devices that LTT has pointed out that don't let end users change these settings ( and the well deserved roasting of the manufacturers ). RFID is also in your debit/bank/credit cards for tap payments, also covered by one of LTTs sponsors.... ( insert LTT Link here )...
I'm thinking it took them this long to get one
They tend to wait a while on security related news and reviews. They have a pretty big audience. If you've never seen twitch chat during WAN show go check it out. You will understand.
as someone with an NFC implant the flipper zero does the same thing that my phone does when i write to it. had a science professor freak out that nfc is ruined security wise because of it
Well... a student at a Moab Utah high school disrupted class teacher devices, students classmates phones,etc till police figure out he was using a Flipper Zero... student was expelled from school and got misdemeanor charges. Although I agree the issue is on the user ill intend more than the device, I dont think is a good idea to put this much power, in the hands of people who may understand the technology side of the device and its protocols without understanding the illegal and unethical applications of it. That is irresponsibility on the part of the Flipper Zero manufacturer who even made it look like a toy when it really is not.
I love how limited yet limitless the flipper is… also, its just so damn cute.
just like a Swiss knife. utterly limited in feature, yet utterly limitless in usefulness
@@aoyuki1409
spending 200 bucks for kiddy toy tricks, so useful!
When I got my flipper last autumn I immediately made a copy of my badge at work. It has been useful the few days I've forgotten it at home and you still also need to know the pin to get in anyway.
What your supposed to do when you forget your badge just take the day off
So you'll remember to bring the flipper but forget the badge??
I just ask for a temporary day badge at the lobby entrance.
No shipments (currently) have been seized by CBP because it’s not an illegal item.
I can’t speak for the past, currently none of these are prohibited to buy nor ship.
There’s a company out of Los Angeles that actually sells them from the Flipper website
I bought a bag of NFC tags to attach to my storage boxes and bags. I plan on creating a simple database on my phone so I no longer have to rummage through things to find that one item. Links to photo of the container and in some cases to the items held within the storage.
You guys should cover more of this type of tech! I guess with labs, covering this type of tech will become easier
Honestly, I’m glad this exists and was so widely accessible for awhile. It simply brings awareness of how insecure the wireless tech all around us truly is (and always has been).
Great video.
Huh stealing credit card information is a crime.
@@willcail Yes. Yes it is.
And now you know just how easy it is to accomplish. So hopefully 2 things will happen:
1. People will understand the importance of an RFID blocker for their cards (as Linus suggested in the LTTStore plug), and
2. Companies that create “tap to pay” and other wireless transmissions (including all IoT device manufacturers) will actually put some encryption and/or other security on all that wireless data they’re blindly blasting out to all devices that happen to be listening.
@@RideTheTeacups Most banks and cards people are using are encrypted and getting the CVV is mostly impossible with a Flipper Zero unless you bruteforce it yourself but by the time you do that, its already been noticed by the bank. Most of this is not new and will hardly be "fixed". The only thing it does is bring RFID blockers to light but all Amazon wallets have it lmfao.
@@doctorblackhole6982 Yeah dude, you’re totally right. You’ve completely changed my mind.
Screw security awareness. Change nothing.
@@RideTheTeacups i hate security awareness, idk why everyone who is into hacking wants everyone to know how to protect themselves. if u work for cybersecurity wouldnt that just mean less jobs for u. i like the idea of natural selection. make the people less independent and you will have more power. its like when people try and get rich by teaching others how to be rich, u should be taking not giving
I used this to turn down annoying tv in restaurants if its too loud. And turn on the AC when the restaurant is too cheap to turn it on when its 39c outside.
i think even if other devices could do the same thing. Having all of it bundled together in this toy makes it the deal