The Coolest Hacker Multi-tool on the Market: The Flipper Zero
I am not affiliated with the Flipper Zero team, but have found substantial positives to using the product.
I believe security professionals will benefit from owning one, so I wrote the below short piece advocating its uses. With wider adoption, there could be an increase in competing products, allowing users greater choice. The Flipper Zero opens a lot of possibilities for unique hardware devices targeted at, and made by, the hacker community.
Introduction
Imagine a device where you hack almost any wireless (Infrared, sub-1 GHz, Bluetooth, RFID cards) and hardware device.
It fits in your hands and it's fun to use. It seems almost science fiction, but it exists! It is the only type of device I have found that does this.
I recently purchased a Flipper Zero device and was fortunate enough to get it quickly, considering difficulties in shipments. I can say - without a doubt and for lack of a better word - this device is the coolest piece of technology I have seen in a decade. It is billed as a "hacker multi-tool" and lives up to its name. The Flipper Zero can work with various wireless technologies and has GPIO pins for hardware exploration.
Physical Device Features
The Flipper Zero is slightly larger than a credit card and can easily fit into a pocket.
It has GPIO pins for testing and expansion boards, a microSD card slot, and charges via USB type-C.
Modules
Sub-1 GHz Transceiver - With the official firmware you cannot transmit, but the team behind the Flipper Zero allows custom firmware. Customization turns the Flipper Zero into a "baby Hack-RF." You can easily do rolling-code attacks and signal analysis in the sub-1 GHz range.
125 kHz RFID Antenna - With this, you can access low-frequency proximity cards, which are used in many access control systems.
Near-Field Communication (NFC) - Read, write, and emulate high-frequency tags. I have used it to read the chip in my credit cards - spooky! As more applications are developed, more functionality will be added.
Bluetooth - I have not used the Bluetooth functionality often, but the Flipper Zero website has the following to offer on the subject: "Flipper Zero has a built-in Bluetooth Low Energy module. As with other Flipper wireless features, we will be providing an open-source library for adding Flipper support to community-made apps. Full BLE support allows Flipper Zero to act as both a host and a peripheral device, allowing you to connect your Flipper to 3rd-party devices and a smartphone simultaneously."
I have used the Bluetooth module to update my Flipper Zero, since the application on Android and IOS is already out.
Infrared Transceiver - Supports transmit and receive. If you remember the old days of the IR blaster prank device, this is similar. Large amounts of codes already exist that can be pre-programmed (more information is provided at the end of the article). Additionally, the Flipper Zero can "learn" the codes and you can attempt to manipulate the device you are working on. I have used this to annoy my wife by turning off the TV!
Hardware Exploitation - Per the website: "Firmware flashing, debugging, and fuzzing. It can be connected to any piece of hardware using GPIO to control it with buttons, run your own code and print debug messages to the LCD display. It can also be used as a regular USB to UART/SPI/I2C/etc adapter."
1-Wire Keys (iButton) - 1-Wire connector to read iButton (a.k.a., DS1990A, Touch Memory or Dallas key) contact keys. This old technology is still widely used around the world. It uses the 1-Wire protocol that does not have any authentication. Flipper Zero can easily read these keys, store IDs to the memory, write IDs to blank keys, and emulate the key itself.
BadUSB - The Flipper Zero supports BadUSB and has a module for it. Many scripts have already been converted for use.
U2F - The Flipper Zero can act as a universal second-factor authentication key. It is currently only supported through USB, but Bluetooth is in the works.
Technical Specifications as per Website
MCU (Microcontroller Unit) Model: STM32WB55RG ARM Cortex-M4 32-bit 64 MHz (application processor) ARM Cortex-M0+ 32 MHz (network processor) Flash: 1024 kB SRAM: 256 kB Display Resolution: 128 x 64 pixels (LCD monochrome) Controller: ST7565R Interface: SPI Diagonal Size: 1.4" Battery LiPo 2000 mAh Seven days approximate working life (I have tested this, it works as advertised.) Sub-1 GHz Module Chip: TI CC1101 TX Power: 0 dBm max Frequency Bands (depends on your region): 315 MHz, 433 MHz, 868 MHz, 915 MHz Note: Unlocked firmware exists, so if you flash the device you can RX/TX on all of these frequencies. If using official, you cannot transmit, and only receive on bands depending on region. Near-Field Communication (NFC) Frequency: 13.56 MHz Supported Cards: ISO-14443A/B NXP MIFARE Classic/Ultralight/DESFire/etc FeliCa NFC Forum Protocols RFID 125 kHz Frequency: 125 kHz Modulation: AM, PSK, FSK Supported Cards: EM-400x, EM-410x, EM-420x, HID Prox, Indala GPIO 3.3 CMOS level Input 5V Tolerant Up to 20 mA per digital pin Bluetooth LE 5.0 TX Power: 0 dBm max RX Sensitivity: -96 dBm Data Rate: 2 Mbps MicroSD Up to 64 GB MicroSDHC Read/Write speed: Up to 5 Mbit/s Buzzer Frequency: 100-2500 Hz Sound Output: 87 dB Type: Coin Vibration Motor Force value: 30 N Speed: 13,500 rpm Infrared TX/RX Range: 800-950 nm TX Power: 300 mW iButton 1-Wire Operate Modes: Reader/Writer/Emulator Supported Protocols: Dallas DS1990A, CYFRAL Control 5-button joystick Back button Reboot - Back + Left buttons for 2 seconds USB 1x USB 2.0 port, type C USB device Charging Physical Size: 100 x 40 x 25 mm Weight: 102 grams Body Materials: PC, ABS, PMMA Operating Temperature: 0 ~ 40 °CReferences
GPIO pin-out can be found here: Flipper Zero GPIO Pin-Out
Official Link: flipperzero.one
Collection of Official and Unofficial Software: github.com/djsime1/awesome-flipperzero
BadUSB Flipper Zero converted scripts: github.com/I-Am-Jakoby/Flipper-Zero-BadUSB
- DarkFlippers Unleashed Firmware Archive
- Flipper Zero - DarkFlippers / Unleashed Firmware & First Impression (YouTube)
- Flipper Zero Unleased Firmware Installation - Dark Flipper (YouTube)
- Flipper Zero Paying for Itself in Parking!!! (Rek5Lab) (YouTube)
- Testing the Flipper Zero at Walgreens with Permission from the Store Manager (YouTube)
- Flipper Zero vs. Dave and Buster's Arcade (YouTube)
- Reddit: r/flipperunleashed Yeah, yeah, I know...