Hack all the things with the Flipper Zero. Unboxing, Updating, and Playing

Hack all the things with the Flipper Zero. Unboxing, Updating and Playing

Hello world and welcome to Haxez. Recently, I was lucky enough to have my Flipper Zero delivered. If you don’t know what the Flipper Zero is then you should absolutely check it out. In their own words, it is a Swiss army knife for hackers. It has many different features including a cute dolphin Tamagotchi.

Unboxing the Flipper Zero

The Flipper Zero comes in a neat cardboard box with some cool graphics. The box was sealed with tape which was easily dispatched with a knife. Opening the box, you are presented with the instruction manual document. Underneath the manual is a foam housing protecting a USB C cable. Then, underneath the foam USB C holder is the glorious Flipper Zero. Not much more to say about it than that.

Unboxing the Flipper Zero

Updating The Flipper Zero

Updating the device was relatively simple. In fact, all I had to do was visit the software URL and download the installed. Once the software was installed, I connected the device to my laptop and it instantly recognized it. As can be seen from the image below, the interface is great and it has an obvious Update button. In summary, the update process took about 10 minutes with most of that time taken up by writing the firmware to the device.

Updating The Flipper Zero
Updating The Flipper Zero

NFC Hacking

The device has the ability to clone and simulate NFC or near-field communication signals. Instantly, I decided to check this out by cloning the fob I used to enter my flat. Overall, the process was straightforward and worked like a charm. In short, you select NFC from the menu and then select read. Then, save the NFC signal to the device and use the simulate option to send the signal. Suddenly, the door unlocked and I was into my building.

NFC Hacking
NFC Hacking

BadUSB

The device also has a built-in BadUSB. To explain, a BadUSB is a device that can emulate keyboard input. Darren Kitchen from Hak5 brought this weakness of trusted devices to the attention of the hacker community when they released the USB Rubber Ducky. Since then, it has been a viable attack vector to quickly execute commands on a host that you have physical access to. It was really intuitive to use, just plug in the device and select the payload from the menu and it executes it.

BadUSB
BadUSB

Infrared

I used to have an infrared light on my mobile phone and I thought it was the coolest thing ever. Being able to change channels on anyone’s TV gave me a silly sense of power. Since then, I have upgraded and lost that functionality. However, that power has now been restored with the Flipper Zero. After applying the update you get access to a universal remote control which you can use to control the universe… wait I mean TV’s and other infrared devices.

Infrared
Infrared

Conclusions

I love this device and can’t wait to test out more of its functionality. I definitely need to get the Wifi development breakout board to do some Wifi shenanigans but so far I’ve had a lot of fun with it. Unfortunately, I couldn’t get it to work with my car’s central locking. While the device reads the signal fine, sending it to the car does nothing. I suspect this has something to do with the rolling key security mechanism built into car keys but I digress. Anyway, this was a quick review of the Flipper Zero, so far so awesome. I can’t wait to experiment with the massive amount of features. I have barely scrapped the surface.

%d bloggers like this: