Flipper Zero - Hacking made too easy?
Hey-
Just a few days ago, I got my hands on a Flipper Zero device. I had no idea what the device was at first (or what it was capable of), so I turned to Google for information. It didn't take me long to get sucked down the rabbit hole of what people have done with these devices (The interesting, the odd, and the (let's face it--) illegal). Here's my summary of the device after 3 days with it.
Sub-GHz
The Flipper Zero comes included with a Sub-GHz module, making it good for interacting with devices that use Sub-GHz frequencies. Examples include: Gates, garage doors, wireless doorbells, etc. It is comforting to know that Flipper's firmware has safeguards to prevent the device from transmitting on restricted frequencies, but it can be bypassed using custom firmware, like the Flipper Unleashed firmware, which removes most firmware restrictions, but is not intended for illegal activity.
This software is for experimental purposes only and is not meant for any illegal activity/purposes.
DarkFlippers/unleashed-firmware on GitHub
We do not condone illegal activity and strongly encourage keeping transmissions to legal/valid uses allowed by law.
Also, this software is made without any support from Flipper Devices and is in no way related to the official devs.
NFC
The Flipper Zero allows for communication with NFC devices, such as Nintendo Amiibo. I was really impressed with using the Amiibo functionality with my Wii U. It is capable of reading and writing to the NFC data using the Wii U Amiibo software included in the Settings application. There is also a Flipper Amiibo repository on GitHub, with NFC data for a lot of Amiibos. (What's the plural form of Amiibo?) I got a good laugh at a Youtube Short of someone walking into a store and digitally stealing amiibo data with the caption "How is this legal"! This functionality really makes me wonder if it is possible to have a digital amiibo collection, but it would be kind of defeating the purpose, given how fun it is to collect them (If you can afford it!)
Pet Dolphin
I won't deny it. This really caught me off guard, having a virtual pet dolphin inside of a hacking tool. It is a really fun function to have, though! The "Pet Home" animations are really fun, with good animations using the monochrome display. The pet also levels up, and you get XP by using the device (list)
RFID
This function is very useful, especially when dealing with lost pets. Most pets have RFID tags somewhere in their necks; so it is good to have handy. Somewhere around 20% of credit cards use RFID too. Even though it takes more than that to steal your card, I wouldn't advise you to be handing out your credit card's RFID to people (Why the heck would you even do that?!?)
Bad USB
This function is hands-down one of my favorite functions. You can use the Flipper Zero to execute USB Rubber Ducky scripts on the connected PC. This function is pretty simple. You plug in Flipper Zero into a PC (or anything that allows a keyboard), the Flipper tells the PC, "Hey, guess what! I'm TOTALLY a keyboard that is DEFINITELY controlled by a VERY FAST TYPING HUMAN BRING, OK? Now, YOU'RE GONNA DO WHAT I SAY, EVEN IF I TYPE LIKE A ROBOT I MEAN HUMAN BEING, THANKS, BYE", or in other words, tells the computer that it's a HID keyboard device and then it runs a script, that can do anything that your keyboard can. The Flipper uses a language called DuckyScript, and it used for a USB Rubber Ducky. It is a simple "language" and is easy to learn. Here's an example. (Feel free to steal it, only took 5 minutes!)
REM --> REM statements are comments and are ignored.
REM --> This script writes some stuff in a Notepad window.
REM --> (Windows only!)
REM --> Wait 1 second to make sure all is ready
DELAY 1000
REM --> Open Windows run menu and open Notepad
GUI r
DELAY 250
STRING "%SYSTEMROOT%\System32\notepad.exe"
DELAY 100
ENTER
DELAY 250
REM --> Type some stuff in Notepad!
REM --> Just "You just got hacked" in ascii art
STRING _ _
ENTER
STRING (_) | |
ENTER
STRING _ _ ___ _ _ _ _ _ ___| |_
ENTER
STRING | | | |/ _ \| | | | | | | | / __| __|
ENTER
STRING | |_| | (_) | |_| | | | |_| \__ \ |_
ENTER
STRING \__, |\___/ \__,_| | |\__,_|___/\__|
ENTER
STRING __/ | _/ |
ENTER
STRING |___/ |__/
ENTER
STRING _ _ _ _ _
ENTER
STRING | | | | | | | | |
ENTER
STRING __ _ ___ | |_ | |__ __ _ ___| | _____ __| | |
ENTER
STRING / _` |/ _ \| __| | '_ \ / _` |/ __| |/ / _ \/ _` | |
ENTER
STRING | (_| | (_) | |_ | | | | (_| | (__| < __/ (_| |_|
ENTER
STRING \__, |\___/ \__| |_| |_|\__,_|\___|_|\_\___|\__,_(_)
ENTER
STRING __/ |
ENTER
STRING |___/
ENTER
REM --> Shameless self-promo alert!
ENTER
REPEAT 5
STRING https://alphagame.dev/Conclusion
Sadly, I can't cover everything that the Flipper Zero can offer, but fear not! Please go on Google and get sucked down the Flipper Zero rabbit hole! It's very fun, trust me. I think that it's worth noting that you don't need a Flipper Zero to do all these things (except the pet dolphin, it's awesome!), but it puts all of them together in a small device that can fit into your pocket. In October of 2022, U.S. Customs seized a package containing 15,000 Flipper devices. It is also not allowed in Brazil, due to crime, sadly. It's a great device with a lot of personality, and I highly recommend it. It's about USD $169 at their official store. Currently, this is the only place to get one, as it is not on Amazon.
Cheers,
- Damien B.
Sources
- Flipper Zero (Wikipedia)
- Flipper Docs
- Flipper Zero Unleashed Firmware
- Flipper Amiibo
- Flipper device seizure
Website copyright © Damien Boisvert (AlphaGameDeveloper) 2024. Some rights reserved.
Site last updated: 2024-07-23 16:55:17 +0000