I demonstrate how to attack iPhones using a Flipper Zero and the xtreme firmware. There is an issue in iOS 17 that allows a Flipper to crash an iPhone. You probably want to disable bluetooth on your phone unless you are using it. Bluetooth can be nice, but can also cause issues. Disclaimer: Only attack networks and devices that you own or have permission to attack. I have purchased own all the equipment in this video and I gave myself permission to attack my own devices. // Flipper Zero Discount // Get a 5% discount using my affiliate link : lab401.com/r?id=42cm8b and/or use code DAVIDBOMBAL WiFi Dev Board: lab401.com/products/flipper-zero-wifi-devboard Xtreme Firmware: github.com/Flipper-XFW/Xtreme-Firmware // David's SOCIAL // Discord: discord.gg/davidbombal Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal // MENU // 00:00 What this can do! 00:23 Flipper Zero 00:44 Demonstration 00:50 Lockup Crash 02:02 Random Action 02:35 Phone crash 02:49 Random Pair 03:10 Solution 03:40 Flipper Zero Xtreme 04:25 Download and install Flipper Zero Xtreme 05:16 Demo after a new install 05:43 Apple iOS vs. Xtreme 06:24 Outro Detailed timestamps: 00:00:00 - Introduction to using FlipperZero with iPhone iOS 17.03. 00:00:23 - Demonstrating FlipperZero with dev version of Xtreme software. 00:00:35 - How to upgrade firmware of FlipperZero for the Xtreme version. 00:00:45 - Demonstration of Bluetooth options on FlipperZero. 00:01:03 - Effects of the attack on iPhones. 00:01:36 - Reasoning why certain iPhones are unaffected. 00:01:55 - Recommendation to disable Bluetooth for security. 00:02:26 - Differences between random spamming vs. crashing. 00:04:29 - How to set up FlipperZero with the Xtreme firmware. 00:06:03 - Closing remarks: Apple's potential fixes, disabling Bluetooth, and video outro. flipper zero flipper flipperzero iphone bluetooth iphone 15 wifi hack hacking Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only.
The funny thing is, before I knew the reasons why I should turn off my Bluetooth. I always had it off because I knew that if you're not using it and it's on. It's going to make the phone get flat faster. Just about 4/6 months ago, I learnt it could actually be a security issue. This just adds to the pot.
Wow this is pretty neat for the Flipper but would also be a massive bummer if it something like this were to be deployed in a large, crowded environment. I've been an advocate against leaving bluetooth and wifi enabled when traveling with one's devices. You just never really know what you could be opening yourself up to. Thanks for the quick video!
Happened to me in public transport. I knew immediately what was happening but could not stop it anymore. Pretty annoying when you're using wireless headphones and any kid can crash your phone anytime they want.
Do you have to completely disabled BT to prevent this attack, or does disabling new connections via Control Center suffice? Also, have you tried this against Apple Watch?
i keep Bluetooth off by default unless i need it for a little while and i only connect with hidden ID/name on both device and my phone and i manually put in the ID /name
This might seem like a minor hack but it's one of the the best possible hack in some situations. For example on a physical penetration test (access to a building) there's a potential to block a security guard from raising an alarm via phone - sounds obscure but something similar has been successfully used by a colleague of mine. This could be used to disrupt a pitch meeting where an iPhone is used with Google Slides - providing an advantage to an competing pitch. This also could even be used to reduce the number of people recording an unrest event with their phone, such as looting a store, making an arrest less likely. Knowledge of a wide range of exploits is essential for any hacker, it's not like the movies where someone tickles a keyboard and re-tasks a military satellite to find their dog. Hacking is often combining a wide set of minor capabilities to achieve a larger goal.
I guess if I wanted to be ad spooky ad possible (it's Friday the 13th) I could use this to disable an iPhone before I pull out my machete and attack, to enforce horror movie conventions
Many exploits starts from crashing, sometimes only then you get acces to some normally secured data. Wait a little, soon someone fgure it out how to use it in bad way. Or maybe ist already some 0day.
Once the iPhone got crashed by flipper zero does the crash effects or creates any problems with my iPhone in the future?? Cuz I just bought my new iPhone last week and got crashed my phone by one of my friends. Really pissed off rn..
Hi there! I think I’ve been spammed on a flight. A week ago, I was enjoying my TV series (in airplane mode), and suddenly, a message about ‘Apple TV detection’ started to appear. After a few seconds, my phone crashed, and the two guys sitting next to me experienced the same problem simultaneously. I thought it was malware, so I turned off Bluetooth for a couple of minutes (as said I was in airplane mode, so the only connection activated was the Bluetooth...). Then, I activated it again to use the AirPods. After two more reboots, the spammer stopped attacking me. Once I came home, I searched for similar experiences on Google but without success. I initially thought it was just a bug or something, but after watching your video, I’m scared again. Is it possible that someone stole my data or passwords? So far, I haven’t noticed any suspicious access to my accounts. Should I stop worrying? Thanks
ปีที่แล้ว +1
Also happened to me in a similar way. From what I know, this just crashes the system and nothing else, similar to DDoS attack on a server.
David what are your thoughts on the Cyper Pro? It's a Game Boy like Flipper Zero hacking device. I believe it also has more capabilities then the Flipper Zero.
@@funkymonk2254 I did some checking on the project before commenting. I'm not saying there's not a chance it could be but from what I've seen it's an honest company or people building what seems to be an interesting project like the Flipper Zero. You can always take a look at the project since it's open-source and open-hardware.
I possess two iPhones, both running on the identical OS version 17.0.3. When I attempt to disable Bluetooth using the dropdown menu, the Flipper Zero is still able to successfully crash the iPhone. It's become apparent that Bluetooth must be deactivated through the device's settings menu. Until today, I had mistakenly believed that using the dropdown menu to turn off Bluetooth would suffice, but it appears that it does not.
can i use flipper zero to unlock my iphone? i know my password, i just cant type it in because the screen is blocked by switch control. you know how when you connect usb-c, or connect any external device to the iphone you need to unlock inorder to use that external device? can the flipper zero be used to just help me enter the password?
@david is there any way to order a flipper zero here in india? when i try to order one from the official website it says india is restricted. kindly help on this
So if turn Bluetooth of then i can't hear my earphones so turning off is wack lol lol 😊and getting attacked is worse than wack. Lol lol so we have to build a wall where we can't get attacked.
hy can any one help please for using fluxion only tplinkAC600-High Gain adapter is sufficent or i need a another one if i need second one can i use two tplink AC600-High Gain adapter in wifi pentesting for mitm and rogue point
Unleashed’s bad Bluetooth feature is crazy! Bad USB but over BT. Payload is run as soon as they connect. Been playing with it for a few days. Surprising how many people attempt to connect to a ‘Wireless Bluetooth Speaker”, as I named it. Scary times!
YOU ARE SO FAR BEHIND THE CURVE That is many updates ago. There are only 8 choices as of 10/21, and those are not only for apple, android, Samsung, Windows...aand now with swiftpairing you can send forced messages, and the best part of this is they will NEVER fix it. It's intended to be a way to target nearby shoppers with BLE spam messages.
This is awesome information for Apple to see to patch, nice demonstration. But literally just not practical, the victim would have to be on Bluetooth. Smart people leave them off until they’re ready to use such frequencies. Unless you live together pointless.
You aren’t the norm. You need Bluetooth on for AirPods, Apple Watch, insulin pumps, hearing aids etc. probably less than 2% of people turn Bluetooth off.
@@Ecto1A yeah Apple Watches also have a higher priced version for cellular options. You must not be normal yourself? Hello 👋 I And yeah I’m intelligent I use wired type-c earbuds. Wireless is for dummies gummy’s. 🤣
@dontfkwithme69 basically they took a legitimate advertising packet and randomized the last three numbers so what ends up happening is that iphones are designed to accept ble pairing requests as part of that seamless experience. So when they get hit by this, it causes the processor to max out which causes it to bypass a sensor leading to the kernel going into a panic and forcing it to eventually lock up and restart.
It was properly disclosed to Apple within 10 minutes of my initial discovery. It isn’t patched yet but apple is aware of the issue and working on a fix
Whitout root thats rather impossible. Technicaly You can allias folder on sd as termux data folder. I used to do so on old Androids with limited internal memory. You could even use sd as internal mem.
I demonstrate how to attack iPhones using a Flipper Zero and the xtreme firmware. There is an issue in iOS 17 that allows a Flipper to crash an iPhone. You probably want to disable bluetooth on your phone unless you are using it. Bluetooth can be nice, but can also cause issues.
Disclaimer: Only attack networks and devices that you own or have permission to attack. I have purchased own all the equipment in this video and I gave myself permission to attack my own devices.
// Flipper Zero Discount //
Get a 5% discount using my affiliate link : lab401.com/r?id=42cm8b
and/or use code DAVIDBOMBAL
WiFi Dev Board: lab401.com/products/flipper-zero-wifi-devboard
Xtreme Firmware: github.com/Flipper-XFW/Xtreme-Firmware
// David's SOCIAL //
Discord: discord.gg/davidbombal
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
// MENU //
00:00 What this can do!
00:23 Flipper Zero
00:44 Demonstration
00:50 Lockup Crash
02:02 Random Action
02:35 Phone crash
02:49 Random Pair
03:10 Solution
03:40 Flipper Zero Xtreme
04:25 Download and install Flipper Zero Xtreme
05:16 Demo after a new install
05:43 Apple iOS vs. Xtreme
06:24 Outro
Detailed timestamps:
00:00:00 - Introduction to using FlipperZero with iPhone iOS 17.03.
00:00:23 - Demonstrating FlipperZero with dev version of Xtreme software.
00:00:35 - How to upgrade firmware of FlipperZero for the Xtreme version.
00:00:45 - Demonstration of Bluetooth options on FlipperZero.
00:01:03 - Effects of the attack on iPhones.
00:01:36 - Reasoning why certain iPhones are unaffected.
00:01:55 - Recommendation to disable Bluetooth for security.
00:02:26 - Differences between random spamming vs. crashing.
00:04:29 - How to set up FlipperZero with the Xtreme firmware.
00:06:03 - Closing remarks: Apple's potential fixes, disabling Bluetooth, and video outro.
flipper zero
flipper
flipperzero
iphone
bluetooth
iphone 15
wifi
hack
hacking
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Disclaimer: This video is for educational purposes only.
Can you also give away a flipper zero to first view
Gave yourself permission to hack your own phone 😂
Can a flipper hack a slot machine, if yes can you do that type of a video @davidbombal
What could a malicious attacker do further by crashing an iPhone?
Can i use cc1101 as antena for fliper to extend range and is it good
The funny thing is, before I knew the reasons why I should turn off my Bluetooth. I always had it off because I knew that if you're not using it and it's on. It's going to make the phone get flat faster. Just about 4/6 months ago, I learnt it could actually be a security issue. This just adds to the pot.
Agreed. Best to turn it off unless needed.
I love flipper related content!😎
agree with you!
This would be a great covert productivity aid at the workplace.
Now what would be nice is a version of this that crashes bluetooth speakers so we can deal with people blasting their annoying music in public
💯
I was waiting this video for months 😅
I hope you enjoy the video!
@@davidbombal it was very clear and knowledgeable
wow this awesome tutorial, really enjoy this demonstrate how to attack iPhones, great video sir!
Wow this is pretty neat for the Flipper but would also be a massive bummer if it something like this were to be deployed in a large, crowded environment. I've been an advocate against leaving bluetooth and wifi enabled when traveling with one's devices. You just never really know what you could be opening yourself up to. Thanks for the quick video!
Yes! I disable WiFi and Bluetooth all the time except if needed - especially BT because it has always been a security nightmare.
Imagine Apple store
Happened to me in public transport. I knew immediately what was happening but could not stop it anymore. Pretty annoying when you're using wireless headphones and any kid can crash your phone anytime they want.
Great ideas
I want to join but mode of payment is not favoring me
Mobile money atleast
Love your content Sir 😍😍🥰
Thank you!
Do you have to completely disabled BT to prevent this attack, or does disabling new connections via Control Center suffice? Also, have you tried this against Apple Watch?
control center doesn’t actually disable, you must go into your settings and disable completely
This is awesome, and equally hilarious.
i keep Bluetooth off by default unless i need it for a little while and i only connect with hidden ID/name on both device and my phone and i manually put in the ID /name
I enjoyed the video but i am wondering what the purpose of crashing an iPhone for nothing in return!!!!
This might seem like a minor hack but it's one of the the best possible hack in some situations.
For example on a physical penetration test (access to a building) there's a potential to block a security guard from raising an alarm via phone - sounds obscure but something similar has been successfully used by a colleague of mine.
This could be used to disrupt a pitch meeting where an iPhone is used with Google Slides - providing an advantage to an competing pitch.
This also could even be used to reduce the number of people recording an unrest event with their phone, such as looting a store, making an arrest less likely.
Knowledge of a wide range of exploits is essential for any hacker, it's not like the movies where someone tickles a keyboard and re-tasks a military satellite to find their dog. Hacking is often combining a wide set of minor capabilities to achieve a larger goal.
This could go in two ways, subrtag and fun. Imagine doing this at the bank.
Or when one of your friends addicted to his phone.
I guess if I wanted to be ad spooky ad possible (it's Friday the 13th) I could use this to disable an iPhone before I pull out my machete and attack, to enforce horror movie conventions
@@MagnificentMelkior Yes of course, Friday the 13th has another 100 use cases! 🤣
Many exploits starts from crashing, sometimes only then you get acces to some normally secured data. Wait a little, soon someone fgure it out how to use it in bad way. Or maybe ist already some 0day.
Thanks for the vid David! Have you thought about making a video on C2 threat emulation frameworks?
So what happens if you click “Pair” or “Connect” on one of those random actions?
Interesting, thank you.
Imagine the chaos in a night club 😂
Apple Store😂
Wow.
Hopefully this video will push Apple into fixing this.
and it's a reminder to backup my iPhone
It’s been fixed….
This is brilliant
Once the iPhone got crashed by flipper zero does the crash effects or creates any problems with my iPhone in the future?? Cuz I just bought my new iPhone last week and got crashed my phone by one of my friends. Really pissed off rn..
Its ok
I can’t find the channel for the developer firmware in their discord
I cant either
@@CyberGr3y just re-compile the latest version of xtreme
Hi there! I think I’ve been spammed on a flight. A week ago, I was enjoying my TV series (in airplane mode), and suddenly, a message about ‘Apple TV detection’ started to appear. After a few seconds, my phone crashed, and the two guys sitting next to me experienced the same problem simultaneously. I thought it was malware, so I turned off Bluetooth for a couple of minutes (as said I was in airplane mode, so the only connection activated was the Bluetooth...). Then, I activated it again to use the AirPods. After two more reboots, the spammer stopped attacking me.
Once I came home, I searched for similar experiences on Google but without success. I initially thought it was just a bug or something, but after watching your video, I’m scared again. Is it possible that someone stole my data or passwords? So far, I haven’t noticed any suspicious access to my accounts. Should I stop worrying?
Thanks
Also happened to me in a similar way. From what I know, this just crashes the system and nothing else, similar to DDoS attack on a server.
So I have android, but what if your bluetooth is connected to a smart watch? It can still connect to multiple devices
You can prevent this in the Dev settings on android
Yup, everything tech companies do to you makes you vulnerable intentionally. It's so the govt can backdoor you easily.
thank you
You're welcome!
how do i get onto the discord
Excellent!
Glad you liked it!
What happend If I connect to flipper zero? I mean, does it save my user/psswrd?? Thank for your time, to showing it to us
David what are your thoughts on the Cyper Pro? It's a Game Boy like Flipper Zero hacking device. I believe it also has more capabilities then the Flipper Zero.
Hmm I am leaning towards it being a scam.
@@funkymonk2254 I did some checking on the project before commenting. I'm not saying there's not a chance it could be but from what I've seen it's an honest company or people building what seems to be an interesting project like the Flipper Zero. You can always take a look at the project since it's open-source and open-hardware.
So the unleash software cannot do what extreme does with the Bluetooth iPhone crash?
Just wait until our next company sales meeting... Bam B@#$&*+
I possess two iPhones, both running on the identical OS version 17.0.3. When I attempt to disable Bluetooth using the dropdown menu, the Flipper Zero is still able to successfully crash the iPhone. It's become apparent that Bluetooth must be deactivated through the device's settings menu. Until today, I had mistakenly believed that using the dropdown menu to turn off Bluetooth would suffice, but it appears that it does not.
What iPhone is it?
This only affects the Iphone 17@@cartersmith8662
@@cartersmith8662 iPhone 13 Pro max and 11 Pro
can i use flipper zero to unlock my iphone? i know my password, i just cant type it in because the screen is blocked by switch control. you know how when you connect usb-c, or connect any external device to the iphone you need to unlock inorder to use that external device? can the flipper zero be used to just help me enter the password?
@david is there any way to order a flipper zero here in india? when i try to order one from the official website it says india is restricted. kindly help on this
India is restricted because all scammers and hackers are from India
When i want to use apple watch must be turn on bluetooth to connect it. How can we do ?
So your saying I can crash people's iPhones and make them realize they wasted $1500 and realize there at risk for having one
If you have the unleash update, can you just update over without messing up anything?
What would be the actual use case of this device in a pentest?
There is so many
Hmm, stopping people from making financial transactions from your phone they stole from you.😊
Thanks
You're welcome!
But if you click "stop" the attack will stop and the phone will be completely OK, right?
I am part of the discord and don't see an option for the dev version ?
Can I do something similar on laptop with Bluetooth running for example Kali Linux?
or move to another location since this Bluetooth range is not that far.
This is scary!
Can you still do this with an even cheaper pico W or ESP32?
So if turn Bluetooth of then i can't hear my earphones so turning off is wack lol lol 😊and getting attacked is worse than wack. Lol lol so we have to build a wall where we can't get attacked.
Trumper.
hy can any one help please
for using fluxion only tplinkAC600-High Gain adapter is sufficent or i need a another one if i need second one can i use two tplink AC600-High Gain adapter in wifi pentesting for mitm and rogue point
Worth it
goodbye to wearable then, no more sync but at least its safer
Hi @David Bombal, I cannot find the developer build on discord to save my life. Are there any other ways I can download the dev firmware?
if you cannot download the dev firmware what you can also do is re-compile the latest version of xtreme and you'll have the BLE spam functionality
Is there a more affordable alternative device that has functions similar to Flipper Zero?
Yea just buy it it's not that expensive for the endless things you can do if course following the law and not doing bad things.
you could make similiar with rasberry pi but wouldnt be worth the trouble when you can just buy the flipper
I was just attacked by this in the subway.
Also on unleashed
A video to show the difference between (unleashed) firmwares of flipper ?!? 😃😃
Great suggestion :)
Unleashed’s bad Bluetooth feature is crazy! Bad USB but over BT. Payload is run as soon as they connect. Been playing with it for a few days. Surprising how many people attempt to connect to a ‘Wireless Bluetooth Speaker”, as I named it. Scary times!
@@DoubleVisionSoundSystem Xtreme has Bad BT as well
ergh... actually each one has its own advantages and drawbacks @@jkeating38
Can this be done on Samsung also?
i just got new version of iOS 17.1 and problem still persists :)
For those that have a flipper, anyone taken a black sharpie to it yet?
It happened to me today
Where I can buy a Flipper Zero?
@jvop2966😂
I ask ex owner Code viewer that his app don't work, long time ago, Russian said ask Google.
how to repair fix error sd card with using Linux ( Nethunter ) ?👍
How do I get it in India?
Blue tooth can be "tricked" on.
They don’t want to disable BT by default is because they need it for their tags and other surveillance.
They also took away the 3.5mm headphones port & pushed for switching to Bluetooth headphones over wired ones
I reset my every phone 100 times.
❤❤❤
What happens if you connect to the flipper zero? This happened to me and a friend pressed the connect button.
YOU ARE SO FAR BEHIND THE CURVE That is many updates ago. There are only 8 choices as of 10/21, and those are not only for apple, android, Samsung, Windows...aand now with swiftpairing you can send forced messages, and the best part of this is they will NEVER fix it. It's intended to be a way to target nearby shoppers with BLE spam messages.
You need to be very near for the attack so not that big of a threat imo.
That’s what I was thinking
The iphone crash works from 30 meters away... So does the android one
Also include android phones for us who don't use iphone
This is awesome information for Apple to see to patch, nice demonstration. But literally just not practical, the victim would have to be on Bluetooth. Smart people leave them off until they’re ready to use such frequencies. Unless you live together pointless.
You aren’t the norm. You need Bluetooth on for AirPods, Apple Watch, insulin pumps, hearing aids etc. probably less than 2% of people turn Bluetooth off.
@@Ecto1A yeah Apple Watches also have a higher priced version for cellular options. You must not be normal yourself? Hello 👋 I
And yeah I’m intelligent I use wired type-c earbuds. Wireless is for dummies gummy’s. 🤣
@@Ecto1A remember the shadows are always watching you tread lightly.
Do you mind explaining the backend mechanics, please? Like, what code was used, how it works etc etc
Check out the amazing minds behind this: ECTO-1A and Willy-JL
github.com/ECTO-1A/AppleJuice
github.com/Willy-JL/Willy-JL
@davidbombal - Ty!!😂
@dontfkwithme69 basically they took a legitimate advertising packet and randomized the last three numbers so what ends up happening is that iphones are designed to accept ble pairing requests as part of that seamless experience. So when they get hit by this, it causes the processor to max out which causes it to bypass a sensor leading to the kernel going into a panic and forcing it to eventually lock up and restart.
@@jkeating38But I need ads to live!
So youre basically DDoSing the OS
Backup your iPhone guys.
Sir please make a path video beginner to advance
Watch this: th-cam.com/video/NXpeXn0SKPU/w-d-xo.html
@davidbombal - Ty!!😂
Hello David, I want you to start ethical hacking tutorials for us it's better for us
Apple will fix this bug in the next update.
Agreed. However, the spamming option has been around for a while now and it's still not fixed :(
Well, they can't fix it whitout removing some advertaised functionality of their new Os. They will definitly try.
No help with him.
Omg you repeat the same information like 15 times in a row
there is an easier solution, do not use crap phones.
Please reply. ..... Is it possible to crack lock of android mobile without deleting the data in it ...or can we just retrieve the data in from it ..🧐
I'm the most annoying guy on my block.
Only iphone can triggerd pop up , not for android
This exploit is specifically just for iOS but we are also working on the exact same thing for android
Old dude got flipper zero and now feels like a hacker... 🤣🤣🤣🤣
Bluetooth spamming.
But this bug is patched by apple I hope you reported and demonstrate with poc
The latest version of software available from Apple is 17.03 (I just checked). And that is the version I am demonstrating.
its still 0day
@@davidbombalcan you explain about session hijacking in furthermore videos please
It was properly disclosed to Apple within 10 minutes of my initial discovery. It isn’t patched yet but apple is aware of the issue and working on a fix
dont have access to this sub channel can we have the file instead ?
Could u make video about "how to change storage termux to SDCard" coz my phone is low storage and I want change. Thank u
Whitout root thats rather impossible. Technicaly You can allias folder on sd as termux data folder. I used to do so on old Androids with limited internal memory. You could even use sd as internal mem.
thank u
@@przemysawk2685
4th✋🏻
Thank you for your support!
Day 5 For Asking A Flipper Zero 💀
For those who say iphones cant be hacked🤣🤣🤣🤣
Can you give link to this Flipper-Xtreme discord server?
Awesome video @davidbombal ^this
ohh man. All them nozzy gfs gonna go wild when they cannot access the devices.
Thanks
You're welcome!