Every nerd out there covets something that occasionally appears on the market. I’ve spent more time and money than I should have on my MiSTer, I’ve yearned for a Steam Deck, and I’m now watching restock bots for any Raspberry Pi I can find for under $100 during the Grand Pi Shortage of 2022.
The Flipper Zero, a hacking multi-tool designed to resemble a playful child’s toy and embellished with a friendly dolphin, is one of the few gadgets that have particularly captivated your IT friend’s attention. With its array of sensors, chips, and antennae, the Flipper enables you to playfully tamper with a variety of gadgets, including card readers and security gates.
The business of causing trouble has disadvantages. The device has a certain cachet among the hacking community as a result of the manufacturer having to cope with PayPal withholding payments totaling more than $1.3 million and US Customs withholding device shipments.
What is it?
The Flipper Zero appears to be a toy to the inexperienced eye. It has a little, orange and white plastic case, a monochrome orange 1.4-inch display, and a lively dolphin that looks like a Tamagotchi. Cute! In actuality, though, the Flipper Zero is a multi-tool that can handle most of your hacking requirements. To get an idea of what the Flipper Zero can do, think about a Leatherman or Swiss Army knife that can communicate with electronics. It’s open source and received about $4.6 million in funding from Kickstarter, which comes as no surprise.
Aside from the fashionable Y2K style, its adaptability is what really makes it stand out from other tools. The Flipper has several tools at their disposal, in contrast to some tools, like the Chameleon Mini, which only has a few. Old garage doors, low- and high-frequency RFID, NFC cards, infrared devices, and even Bluetooth can all be communicated with using sub-1GHz technology. You may have seen viral videos of individuals using the flipper to remotely open up Tesla owners’ charging ports in order to somewhat annoy them, but the flipper’s true strength lies in its adaptability. Almost all wireless devices are susceptible to it in some form.
What can it do?
The best course of action is to address each antenna individually. It can communicate with antiquated gadgets like garage doors, restaurant pagers, gates, gas station price signs, and doorbells thanks to the sub-1GHz transmitter. You can read, copy, and imitate older prox cards using the 125kHz antenna. It can read, write, and mimic both low- and high-frequency NFC gadgets like tap cards when used with the NFC module. Additionally, it can quickly learn any IR device thanks to the infrared transceiver. lost the control for your sound bar or air conditioner when moving? The Flipper not only has the ability to learn how to accomplish it, but it’s also likely that someone else has already cracked the code. Want to make a funny effect with your robot dog? Be a nut.
Additionally, by using a USB connection to the Flipper and a variety of Ducky Scripts, some of which are more unpleasant than others, you may use it to launch BadUSB assaults. Some of this may be recognizable to you if you are already familiar with the USB Rubber Ducky. You can use it to store U2F keys for two-factor authentication for a less sinister purpose. You are not constrained to utilize the little screen, either. Additionally, you can use Bluetooth to link your phone to the flipper and use this incredibly useful software to control it. A microSD card slot is also available for storing data.
It’s important to note that the Flipper lacks WiFi right away. A WiFi Devboard or an ESP8266 can be attached to the device for a variety of entertaining projects, including pen-testing, deauth, probes, and more because the device has rapid access to the GPIO pins.
Beyond the device’s fundamental functionality, The Flipper is supported by a large and active community. There are a ton of information available online, and people are constantly coming up with fascinating new ways to use the gadget. It can undoubtedly run a peculiar DOOM version. Tetris, too! Also, Flappy Bird! It may be used to replicate Amiibos and Skylanders! You can use a working pay phone to make calls the old-fashioned way if you manage to find one. There is also nothing prohibiting you from installing your own firmware because the project is open source (and many people do).
How much of a threat is it?
At this point, we enter the area where customs delays goods.
The Flipper Zero is an extremely potent weapon that, in the wrong hands, could be used very maliciously. However, the same could be said of a Raspberry Pi that has been modified into a Pwnagotchi, numerous ESP 8266 boards, or even simply your phone.
Remember that a tool is frequently only as beneficial or hazardous as the person using it. There are resources available to cause chaos, but doing so requires preparation and choice. You have to decide if you want to tamper with gas station price signs, copy keycards, or get someone’s computer to subscribe to your YouTube channel. And with most hacking tools, verifying your own security is usually more useful than attacking others.
While others simply want to play around with wireless signals. Many people I know have Flipper Zeros, but they primarily use them to switch on their air conditioner, for example. The Flipper Zero won’t make a whole army of IT professionals into Watch Dogs heroes on its own, and a sizeable proportion of individuals will merely use it to duplicate the key to their apartment and annoy other, slightly less knowledgeable Tesla owners.
Could I use it myself?
Absolutely. The software is very simple to use, has an intuitive user interface, and daily, users contribute reliable scripts that can be found if you know how to search GitHub. Additionally, if you need assistance with a project, you may join the active and welcoming Discord server as well as a strong forum (unbelievable in this day and age!).
Of course, assuming you can even obtain one. possibly a Raspberry Pi. Anyway, good luck in the near future with that.