Flipper Zero next level
Vložit
- čas přidán 7. 06. 2024
- The Flipper Zero can capture and replay all kinds of signals. Let's put it to the test :)
Can you use the Flipper Zero to unlock cars? What about bicycle locks? Door bells? Well... let's find out!
// Discount //
Get a 5% discount using my affiliate link : lab401.com/r?id=42cm8b
and/or use code DAVIDBOMBAL
// Menu //
00:00 - Intro
00:25 - Disclaimer
00:33 - In this video
01:08 - Unlocking Cars
02:13 - Rolling Codes and Vehicle types
02:28 - Discussion with Occupy The Web
04:12 - Reading and Sending Key Fobs
06:22 - Doorbell Example
06:54 - Other Vehicle Brands
07:44 - Unlocking Bike Locks
11:44 - Unlocking Doorbells
13:23 - Hacking Alarm Systems
14:30 - Conclusion
16:06 - Outro
// Previous videos //
Flipper Zero Episode 1: • Flipper Zero: Hottest ...
Mr Robot Car Hacking: • Warning! This is how c...
// Great resources //
Awesome Flipper: github.com/djsime1/awesome-fl...
Bad USB: github.com/nocomp/Flipper_Zer...
// CVE-2022-27254 //
NIST: nvd.nist.gov/vuln/detail/CVE-...
Mitre: cve.mitre.org/cgi-bin/cvename...
The Register: www.theregister.com/2022/03/2...
// David's SOCIAL //
Discord: / discord
Twitter: / davidbombal
Instagram: / davidbombal
LinkedIn: / davidbombal
Facebook: / davidbombal.co
TikTok: / davidbombal
CZcams Main Channel: / davidbombal
CZcams Tech Channel: / @davidbombaltech
CZcams Clips Channel: / @davidbombalofficialclips
CZcams Shorts Channel: / @davidbombalshorts
Apple Podcast: davidbombal.wiki/applepodcast
Spotify Podcast: open.spotify.com/show/3f6k6gE...
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
flipper zero
flipper
flipperzero
hack
hacking
car hacking
sub 1 ghz
door bell
car
cars
honda
cve
alarm system
rfid
nfc
bluetooth
infrared
radio
gpio
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Disclaimer: This video is for educational purposes only.
#flipperzero #hack #hacking
Hi David! Been watching your content for a long time, and am studying for my CCNA now. Your hacking content is very interesting, and I'm glad you're still making high quality content for everyone!
Good luck with the CCNA! Cisco is so interesting, fits perfect with the flipper zero
From many flipper zero videos up here on CZcams you make the best ones- and simple to understand.
Thank you :)
I have never been happier that my vehicle is a 1992 without remote locks.
I often feel the same way... better to have analog devices :)
We can just unlock your car with a rock and screwdriver
Would take me less than 60 seconds to make your car gone. Do you really think your oldschool locks are secure at all ?
I open and start my old 93 van with jigglers 🤣
@@thefreedomguyuk he never said he drove a car :).
I ordered mine on 14th of October to germany and its still in transit...
I have a experience in RF and in specifications terms the Flipper is indeed not very impressive.
But what the flipper does great is making these tasks very easy in a small package.
When I do RF stuff i need a computer, a Software Defined Radio and complex software packages that are beyond most of people.
The Flipper Zero will definitely push forward the evolution of security in these fields which was almost stuck for many decades!
What web site di you order it from n how much was it
You act like a portpack doesnt exist? none of flippers RF tools are groundbreaking. It's old tricks in a new toy.
@@NicholasHorvath I'm playing with Ettus B210 since 2014 so I never got into HackRF
You can reprogram n reset anyone manually
David, thanks for the video. It really made me aware of how easy it is to unlock those devices. Far as I know my 2015 Honda Fit uses a passive keyless entry system and is not vulnerable to this type of attack. I rarely ever use my key fob to unlock the doors as it's automatic when I touch the door handle. It makes this type of attack very difficult.
Can you use the Flipper Zero to unlock cars? What about bicycle locks? Door bells? Well... let's find out!
// Discount //
Get a 5% discount using my affiliate link : lab401.com/r?id=42cm8b
and/or use code DAVIDBOMBAL
// Menu //
00:00 - Intro
00:25 - Disclaimer
00:33 - In this video
01:08 - Unlocking Cars
02:13 - Rolling Codes and Vehicle types
02:28 - Discussion with Occupy The Web
04:12 - Reading and Sending Key Fobs
06:22 - Doorbell Example
06:54 - Other Vehicle Brands
07:44 - Unlocking Bike Locks
11:44 - Unlocking Doorbells
13:23 - Hacking Alarm Systems
14:30 - Conclusion
16:06 - Outro
// Previous videos //
Flipper Zero Episode 1: czcams.com/video/VF3xlAm_tdo/video.html
Mr Robot Car Hacking: czcams.com/video/5LvqU3-iINk/video.html
// Great resources //
Awesome Flipper: github.com/djsime1/awesome-flipperzero
Bad USB: github.com/nocomp/Flipper_Zero_Badusb_hack5_payloads
// CVE-2022-27254 //
NIST: nvd.nist.gov/vuln/detail/CVE-2022-27254
Mitre: cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27254
The Register: www.theregister.com/2022/03/25/honda_civic_hack/
// David's SOCIAL //
Discord: discord.gg/davidbombal
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
CZcams Main Channel: czcams.com/users/davidbombal
CZcams Tech Channel: czcams.com/channels/ZTIRrENWr_rjVoA7BcUE_A.html
CZcams Clips Channel: czcams.com/channels/bY5wGxQgIiAeMdNkW5wM6Q.html
CZcams Shorts Channel: czcams.com/channels/EyCubIF0e8MYi1jkgVepKg.html
Apple Podcast: davidbombal.wiki/applepodcast
Spotify Podcast: open.spotify.com/show/3f6k6gERfuriI96efWWLQQ
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Disclaimer: This video is for educational purposes only.
Yes! Please do more videos covering the 'Flipper Zero' and more of it's capabilities. You've got the BEST videos covering this device so far. Also, it would be nice if you did a course or series on RFID and how to manipulate it. I like your style of content and training.
i'm about to go to jail
It hard to purchase it, even for security research purpose.
Stop tricking people in to wasting money on this device that is outdated tech and useless in 2022 it would of been cool in 1980 tell them the truth I can build this device for about £15 it's junk
Is it capable of cracking the keys for a fsk signal NO just cracks Chinese junk . It states it can clone a emv card witch is lies everything I see about the device is a lie don't start lieing to your viewers for money
This is a great series! I hope to get my hands on one one of these days!
Keep making vids about the flipper. I really appreciate them.
This is really interesting and helpful, David
Thank you for spreading your knowledge
Glad you enjoyed it!
This is next level gadget
Thank you sir by giving such a wonderful content even through its night in India I do watch your videos and go to sleep
Thank you very much Vardhan.
Vardhan did you hack the Tesla that sped off when the people were trying to park it?
I wished I'd seen this video sooner. I spent the last few days studying radio waves just to learn how my flipper works.
Time well spent :) Good to know how these things work under the hood.
I look forward to your future tutorials!
I'm sure all these flipper owners will be swarming these videos in the next few days.
Learning that is not a waste of time :)
David you are one of my favorite youtuber. Great contents always. Keep it up.
First video I seen from you and I'm really enjoying your content. Definitely hitting that subscriber button and bell notification. Keep up the good work 💯
I like David's quieter style, I was a little disappointed to see the jump cuts to pop culture & viral clips. All in all, I'm grateful to David teaching me this stuff. Real security advice from a real security guy!
really very informative and without filters...you are a boss David...
Thank you! Glad you enjoyed the video :)
Can't wait for more about flipper zero brother you are really good and informative
Definitely curious about the brute force rfid application and would love to see it pop up! Thank you for your work
Thank you for your video David, I think the Flipper0 for its cost is really powerful 👍
Always appreciate your videos.
Ordered it last week. Looking forward to using it
just got my hands on one, it’s a great powerful little device to learn with
Keep these flipper videos coming! Great stuff. Thank you!
Thanks Jon! Lots more to come!
Couple of things worth mentioning that I've discovered make it even easier. Features that might not have been included 7 months ago when this was recorded.
* When running the frequency analyzer, you can select the frequency as it is detected, in that list that pops up. Doing so, takes you right into the read function. From there you can go to config, and set the raw option, to record, if it's not already. This way you don't manually have to enter the frequency info to record. It's also worth noting you can adjust the RSSI up, so that you can filter out weaker signals. Usually ones further away from your target device.
* If you are recording raw frequency traffic. You can adjust the RSSI up here as well, so it's not detecting the background noise or frequencies of devices further away. By doing so, you not only ensure you are capturing the wireless signal of the device you are testing. But also you can just hit record, and leave it running. It will then ignore those weak background signals, and not record until it sees the traffic on the set frequency, at the strength given. So if you and your neighbor have the same doorbell device. It ensures it captures your device and not theirs. It also stops the recording as the transmission stops. So if you were to try and do a walk by recording of traffic in the wild. You could set it to record, with the raised RSSI filter level, then put it in your pocket. Walk past the target being triggered on that frequency. Then see just that transmission, without having to hit start or stop in the moment. Making for a cleaner signal to replay, and allowing the recording to go unnoticed. Which is kind of cool, and scary at the same time.
To the comment of the bright orange cover. I thought this was an odd design choice as well. However, this device to most folks just looks like an electronic gaming device or something. It doesn't look like your typical black box hacking hardware. So it hides in plain sight, which can be more effective than you realize. Also with the remote stream via bluetooth function. You can run the entire thing from the smartphone app, as it sits in your pocket, bag, what have you. So it really doesn't matter what it looks like. But making it look like a toy (security through obscurity, yet in plain site) is almost an added perk for reducing suspicion.
what whould i have to do i have the unleashed o.54
David gracias por compartir tus conocimientos, se aprecia mucho
You're welcome!
Thanks David you're always the best
Thank you! You are very kind :)
Appreciate your efforts. Need more detailed videos on it
looking forward to more flipper videos! :)
Always informative
Thank you! Glad you think so!
Bought mine today excited to play with it
This episode was great, thanks for listening to your comments 🙏
Nice!!! Thanks David
Thank you Muhammed.
Love it, still waiting on my Flipper to arrive. Could you go over the IR capabilities in addition to the ones you mentioned for upcoming videos? Thanks keep up the great work.
Car manufacturers love things like this. It allows them to say "oops" about their older line of cars, and sell more new cars with the fix. Since it's not necessarily a safety issue, maybe they aren't forced to do a recall or even care.
I've been trying to get one in the United States. Difficult without paying an arm and a leg. Great video as always 👍
Thank you. I believe the shipment has now been released by customs, so hopefully become more available soon.
@David Bombal Thanks for the info! It will be fun to get one and test various things around the house. Fun looking device.
Looking at over $300 Canadian absolutely crazy
Forum reply from Support 7 days ago says "We will re-open sales in the US next month."
@@octopusdreams The only place we found to buy it today was some sketchy sneaker flipper/broker. Probably legit, but he is asking scalper prices, naturally. Reminds me of PS5. I would pay a grand for one today in hand.
Always Great Content 👍
Thank you! Glad you think so!
Thankyou for the videos on theFlipper Zero. I have had mine for a couple of months now from the kickstarter campaign. Are you able to make a video and show or list what git repository is the best to load on to the flipper?
David...any info on if Flipper can still effectively scan trough RF cards stacked 2-3 thick??? Also, is the RF signal ranges a finite set of frequencies or can it be infinite in specific number of ranges (sorry i was too lazy to self learn this just yet)?
Ordered a flipper zero and 3 work collegues are also getting one lols. Want more flipper zero videos thx
You could show the unleashed version of the firmware and the Sub-GHZ brute-forcing. That way you don't really need to record the signal and if it has a rolling code, it would still work
Hi David, thanks for your work,
Wouldn't it better for more clarity in the signal to capture it just with the read fonction when possible ?
Thanks for this video❤
My pleasure 😊
Great video, thanks! Could you make one on using rolling codes with Unleashed firmware?
nice one david
Thank you David
You're welcome Ali!
For the bike lock - I would think that each lock comes with its own unique identifier for the signal; so you would need to have the remote of that specific lock to copy the signal and unlock it. Otherwise all locks with that type can be unlocked with one remote. Crazy nonetheless, makes it more convenient to execute attacks
What’s the range of the flipper for recording signals. On average. I know that there are a lot of things that will affect that.
Hey David nice video
So if you do not use the fob to lock/unlock your car, then you can be sure your can not be hacked by a flipper?
Only use the actual key and disable the fob option would be advisable?
This would be excellent. The remotes that come with the NVR for my camera systems do not have codes listed. That way I could add it to a universal remote.
There’s several brands of universal remotes that I can actually put the codes into, but I cannot copy them . This looks like it would be something worth purchasing.
Thank you for sharing and thank you for not having any music in the background .
I would love to see a compare with the HackRF One + PortaPack. Does the Flipper have added value to that?
I chose to support the Kick Starter project that was created to launch the Flipper Zero and I really love the device. People who suggest that the Flipper isn't a powerful device simply don't understand it. With the ability to add expansion boards to the Flipper the possibilities are endless! This is an extremely powerful device that can be easily carried around and used discreetly. If you are interested in a Flipper but aren't sure if it worth the price tag, let me just reassure you that's it's EASILY worth the price tag. I highly recommend a Flipper.
Can u help me buy one? I’ve not been able to get my hand on one.
Does the device leave a foot print or breadcrumbs?
you have got great videos!!!
Glad you like them!
Defeat rolling code: jam and record first tx, jam and record second tx while tx'ing first. You now have a working tx. Ignition will require another tx, though. Ignition you can use blank SKIM ECM
Is thay with the Flipper zero?
It's like a script kiddie tool but for radio. Making things easy, but also easy to learn from like 1980s cable scrambling (level shifted video sync and switched brightness inversion) when compared with an encrypted mpeg2 stream. I have a nephew who would love one.
The fun people are going to have playing with a flipper while in traffic.... this is just the beginning lol! Makes me like my 1973 truck even more.
Just hopefully some idiot doesn't start a trend of hijacking traffic lights and getting people killed. Idiots always ruin it for the rest of us
They finally started selling these in America. Wife bought me one for my birthday can’t wait!
they have been selling these in the US for over a year.
@@craigdambra9512 Not true. There was a long period when customs was not letting them through. They just recently opened sales up for America again.
Where can i get one or what wabsite
@@jesseestrada934 just Google Flipper Zero and it should pull up the website.
What file format do the raw rf signals get saved as? Are they just wav or mp3 files that can be later modified/ cleaned up in audacity?
great vid!
Very informative video. The part that is missing is range of reception. Can you effectively get close enough to any of these transmitters to capture them in the wild?
impressive!
looks like a pranksters wet dream! the only use I would have for one is to turn the tv over when the Mrs takes ownership of the remote :P
Thanks man, to show me how it works with Flipper Zero
Man I love you're videos
I have a question, how far can you be and still capture the signals?
That is one thing that’s missing from all of these videos, but it’s still a great video. I would love to see some of this done other than with the target device in hand.
Is there any technical difference between the version of the Flipper Zero that is sold in the USA, and the one that is sold in other countries like Spain?
This is fascinating. You could do something with custom built Arduino stuff too, but I got my FZ because I want to learn more about how this tech works, and how to keep my property safe. I didn't pay off my car to have someone break in! They're going to have to cut their hands open through the glass if they want my nintendo switch! Absolutely fascinating. Cool that you can replicate amiibos for the switch as well.
Hi David, where can i find the latest info, on when they may be available in the US market
I would like to see you use the GPIO Sentry Safe plugin.
There's the yardstick one, size of a usb stick. I wonder if you can use that with a phone running termux.
Hey David, what is the software you use to record the flipper video in your CZcams video? As always, thank you!
It’s official FlipperZero app - qFlipper
With the alternative firmware it can decode a vast variety of rolling codes and it works just as easy as with the door bell. I have 3 garages, 2 ramps and some barriers memorised and they all use rolling codes and they work like a charm. Not to mention NFC decoding and emulating. If you think it is not a capable device you don't know how to use it P.S. Oh yeah David amazing content as always. Thank you
That is why this wee piece of kit will be great in a year or two. The modding community will create some impressive firmware I think.
If nothing else, it sparks an interest in some people, who will later go onto cybersecurity ect
@@colinwilson8750 It is great today but I agree it is because of the community but don't forget most of the features are illegal in most countries. And it might be wee but you can compensate if you use it right :)
Thanks David, can you show the Wi-Fi adapter board in the next video? I assume is just for the 2,4 Ghz Band.
How close do u have to be to record the signal tho probs needs to be right next to it ?
I was going to say, you can still use the flipper zero to unlock/lock rolling codes, but you got it 😀
Jam signal, capture first code, and second one when they hit their button again. Then send the first code. Now you have a future code to use.
I have a Honda Civic Type R and I tried to use the flipper zero, but for some reason it has not worked. While now with your good explained video I can give it another try. Before I wasn't really aware of how to handle that thing with Emulation and also not fully sure about the frequency. But the thing I was really wondering about is, if it would also be possible to emulate the key fob of the keyless system to start the car. But I have expected that this has more likely to be something like a passive signal, so I expected this won't gonna work? At the other hand you're telling, in the video, that they have been able to open the doors and remotely start the vehicle. So how is this gonna work?
Can you try bruteforcing the bike locks?
indeed i was thinking you don't need to have the whole Frec, if you have enough time you can try bruteforce these simple devices.
Thanks David, great video :) it would be awesome if you could test the Flipper Zero on youbikey and WIFI networks :)
You would have to be away from the car with the key fob and record the unlock. Then you'd have to use the flipper to unlock the car before the key or else it will not work. Basically, it only works once because of rolling codes. So unless you can defeat the rolling code security it's almost useless.
Very interesting. Does this Flipper thing also go into W-Fi? 2.4Ghz. 5Ghz, and even 6Ghz? I imagine the resolution of the spectrum analysis is very bad but it provides a lot of clues so to speak.
2.4 with an esp for stuff. check the discord for them
Question. Often on corporate campus, or network rooms (smirk), there will be a credit card type tap device. Can the Flipper work to capture those security devices?
Yes it can -NFC
but to capture those signals do you need to obtain the device or be really close to it? if you do then how can i scan at a distance ?
Thanks, David for the awesome content. It would be nice if the device was offered to ship to the US.
it is, They just got a shipment of like 70K in the US
@@coedshowers Is that located on their site because when I initially when to the site that's where it stated that none are being shipped to the US. What site did you find them?
@@coedshowers Is that located on their site because when I initially when to the site that's where it stated that none are being shipped to the US. What site did you find them?
It is just recieved mine 350$$$
Is it possible to implement software such as ‘GNU Radio’ into the flipper whist retrieving Sub-Ghz frequencies or be able to connect it to a device such as a raspberry pi?.
What if you save the signal send from a car key without the signal actually being received by the car at first, would you than be able to open the car with the flipper? Since the code didn't get received yet?
Is it possible to increase the signal distance of the flipper by connecting another device that strenthens signals..
Super
Thank you!
Thanks.
You're welcome!
Amazon started suggesting I buy this and found your video thru a comment posted on ig. Great stuff but odd suggestions 😅
is it possible to brute force locks that would normally use a keycard to unlock, if there is can you show us how?
I have a fleet of Ford Transits. Would this work on them and for multiple vehicles. I'm thinking it would be nice for inventory, and for getting monthly mileage readings without having to take all the key fobs with me. Just wondering. Thanks
From my preliminary youtube research, it appears you can really open up the specifics of this in terms of scanning and sending if you edit the internal code values/limits of the firmware. Still working out how best to do that but it seems worth exploring. ***THE MORE YOU KNOW!***
If this could capture fire engine visual (and in some systems, RF) traffic signal light overrides, that would be a whole different level. To educate them about the flaws in their system and not to use illegally, of course.
(Since the Flipper Zero has both multiple frequency IR TX/RX and RF radios, this should actually be possible. But their system might be designed with challenge/response, not sure.)
Seeing as some lights respond to visual light signals I would not be surprised.
Love you man
Thank you!
@@davidbombal you're actually spending tons of time for making this super quality of video ❤️🔥🔥🔥🔥
If the first unlock signal is blocked and captured and they send another unlock signal that isn’t blocked and reaches the car, will the captured signal still work?
It seems like the flipper zero would be capable of syncing to your own vehicle similar to a new key fob would. It may not be ideal for hacking, but can it do this?
You said in this video that in a previous vid, you demonstrated cloning key fobs, but I don’t see anything about key fobs in your previous Flipper video. Was it deleted or smtn?
What "custom" firmware do you use??
Excellent video, now you have to tell me, where did you get that Wall-E from? It's adorable!
Could you show whats the reach of the signals?
hi david, i have a question, can kali nethunter be run and used without root? if so, how to do it?