To get started with a Brazil Flipper Zerotoulasbleepingcomputer if you don’t know what a flipper zero is the website calls it a multi-tool device for geeks and they say it’s a portable multi-tool for pin testers and Geeks and a toy like body and it can be used for hacking digital stuff such as radio protocols Access Control Systems hardware and more and it has all kinds of different radios and antennas and things built into it that can be used to mess with things like iot sensors and garage doors it has rfids so you can mess with Badges and key fobs and things
like that it has NFC it has Bluetooth it has infrared so you can do things with stuff that works on remote controls like TVs and radios and things like that and it even has gpio pins that you can use to do your own like Hardware expansion on what is already inside it so all that has made this one of the more popular tools in the hacker and tinkerer space so now that we know what a flipper zero is and what it can do let’s get it up
Getting Started
And running so the first thing I need to do is just plug it in to charge it up because right now the battery is dead so it’s probably kind of hard to see on the overhead camera but there’s a little animation of a dolphin that is kind of like the mascot I guess you would say of the device it kind of gives you a little animation cues of what it’s doing at the time but now that we have it plugged in and powered on the next thing we need to do is install an SD card so I have an eight gigabyte micro SD card right here that I’m going to use they say in the documentation that I believe it supports
up to 256 gigs but they say that four gig should be plenty for what you need to do and the micro SD slot is right here on the bottom so I’m going to plug that in and you probably can’t read that very clearly but it just says all data will be saved on SD card and then it says okay so I’m going to click OK and now I want to actually update the firmware before I do anything else with it so now over in the right hand corner you see the view of my phone where I have the Brazil Flipper Zerotoulasbleepingcomputer app installed and opened on my Android phone and the first thing it says to do is to turn on Bluetooth on
The Brazil Flipper Zerotoulasbleepingcomputer so I’m going to go to settings and Bluetooth
Then I’m going to turn Bluetooth on and then once I’ve done that then I’m going to click connect only mobile app and then it should pop up the name of your flipper 0 and there should be an option to connect so I’m going to click connect and then pair and now there’s a six digit pairing code that’s displayed on my screen on The Flipper 0 and then I’m going to enter that code on my phone and now that I’ve paired it now you see that big green button at the top of the app that says update the firmware and I’m going to click that to start the update
and now it’s updating the firmware over Bluetooth from my phone so now that the firmware is updated I actually want to demo and see some of the things this thing can do and the first thing that I want to take a look at is it actually has built-in bad USB support I’ve talked about bad USBS and USB rubber duckies before but they’re kind of a classic tool for pin testers and red teamers and things like that and they let us essentially load a script onto a device
and then when we plug that device into a computer it types out whatever we want it to and the computer thinks that whatever we plugged into it is just a normal keyboard so no kind of antivirus or anything like that will actually block it so I want to demo and see how
Demo
The bad USB in The Flipper 0 works so I’m just going to follow the instructions in the documentation on their website and you probably are not going to be able to read it very easily from the screen on the overhead camera but I will try to do my best to describe what I’m doing I’m just going to the settings and I’m selecting bad USB and then I’m going down to demo windows and now I have plugged The Flipper zero into my PC and I’m going to click run and I see that had opened up notepad and it’s typing out this line that’s printed
using alt numpad input method and then it typed out a little dolphin ASCII art and it says Brazil Flipper Zerotoulasbleepingcomputer a bad USB feature is compatible with USB rubber ducky script format so that’s pretty cool that’s just a little demo showing that the bad USB works all I did was plug in my flipper 0 using a USB cable into one of the USB ports on my PC and then I clicked run and it typed out all this and if you wanted to use your own custom rubber ducky script
it says that it’s actually compatible with the classic rubber ducky scripting language which I’ve talked about before on this channel and once you have your payload created you can upload it using the mobile app over Bluetooth but a different way that would probably be easier since you’re probably going to be editing that payload using some sort of text
Editor or something on your PC
You can also use a tool called Flipper and qflipper is just a desktop application that you can use to interact with your flipper zero over USB and you can update the firmware and things that you can do on the mobile app but you have to plug it in over USB instead of being able to do it over Bluetooth you can see right here is the qflipper application which has like a kind of cool little aesthetic to it and you can see over on the right that is a real-time look at the little animation on my Flipper’s ear right now and right now there are no updates
available for the firmware because I just updated it but we can go to the file manager and we can look at the SD card and go to the bad USB directory and here we see that these are the little payloads that they already have installed they have a demo for Mac OS they have a demo for Windows which is the one we just ran and if we wanted to program our own custom payload or download one from the rubber ducky payload list on GitHub or something like that we could just drag and drop that file into here and that would install
it on our Brazil Flipper Zerotoulasbleepingcomputer and then when we go through that process that I just did where we ran that demo on Windows I would just select that payload from the little menu only flipper 0 before I plugged it in and then clicked run and it would work just the same but bad USB
Infrared
Is is just one of the many things you can do with the flipper zero you can also read infrared signals and then replay them for example if you have anything that uses an infrared remote you can read a signal from the infrared remote and then store that and then replay it for example I have a Roku TV and I’m going to try to store the signal from this Roku TV remote to turn on my TV with my flipper zero and I’m going to use the Q flipper tool so you can see what’s going on on the flipper zero without having to try to use a overhead camera that is really hard to see so to do this I’m going to go to the main menu
and I’m going to scroll down to infrared and I’m going to go down to learn new remote and then I’m going to point this remote to the infrared sensor on the end of The Flipper 0 and I’m going to press the power button and you may have heard that little signal and you see a little green light that might be kind of hard to see but there’s a little green light on
The corner of the screen and it captured
The signal and I’m going to click save and I’m just going to name it TV for now and save new remote created and once that remote is saved I can actually add multiple buttons from the same remote so for example I just saved the power button so now I have the option to turn on and off the TV saved in my flipper zero but I also have a Netflix button down here on the remote so say I want to add the Netflix button so now I just saved that and I can save it and I’m just going to name it Netflix and that has been saved as well so now I have two buttons on my TV remote
that have been saved the first one is just to turn it on and off and the second one is to launch Netflix so now let’s see if it worked so now I’m in my living room with my TV and I’m going to point The Flipper 0 to my TV and select the power button that I saved earlier and that turns on the TV and now I’m going to select the Netflix button that I also saved earlier and when I select that it launches Netflix so these are just a
Conclusion
Couple of the cool things you can do with a Brazil Flipper Zerotoulasbleepingcomputer and this is just kind of scratching the surface there are tons of different radios and antennas and things in this device feel free to look through the documentation that I’ll if you want to check out any other things that it can do and this device can be super helpful if you’re something like a pen tester that does physical pin tests or red team or anything like that anytime you’re doing anything that could involve cloning badges or key cards or trying
to get into any sort of devices that use any kind of Wireless technology like Bluetooth or NFC or infrared or RFID or any of those things this can be super helpful and it also has that bad USB and other types of USB type of attacks that you can use so if you are someone that does that kind of stuff as a pin tester or red team or anything this can kind of replace a lot of the different tools
that you would have used in the past like a bag for full of different rubber duckies with different payloads in it and a badge cloner and things like that that you could use if you’re on a pen test assessment and even if you aren’t someone who does that kind of thing for part of your job it’s also just a fun little toy to have if you like tinkering with stuff and playing with things like Bluetooth and all those kind of Technologies and if you’re someone who has a lot of like remote controlled
things or things like a garage door or a multiple TVs or anything that has a lot of those Wireless Technologies you could use this as something to actually replace a lot of those remotes so you don’t have to keep up with them all at the same time and you can use just one device to save a lot of those signals that you use a lot and just reuse
that one device instead of keeping track of a bunch of different remotes and also I should probably make a disclaimer here that if you do have one of these don’t use it to break the law don’t break into like a safe or try to get access to an office building that you’re not supposed to have access to but if you are a pin tester or a red teamer or someone who has permission to break into things like that this is a great little tool to use for that kind of stuff and feel free to use it to break into any of your own things that you own just as something
Hello there! Quick question that’s completely off topic.
Do you know how to make your site mobile friendly? My
blog looks weird when browsing from my apple iphone.
I’m trying to find a template or plugin that might be able to
correct this problem. If you have any suggestions, please share.
With thanks!
Hi there would you mind sharing which blog platform you’re using?
I’m looking to start my own blog in the near future but I’m having a tough time choosing
between BlogEngine/Wordpress/B2evolution and Drupal.
The reason I ask is because your layout seems different then most blogs and I’m looking for
something unique. P.S My apologies for
being off-topic but I had to ask!
After checking out a handful of the articles on your web page,
I seriously like your way of writing a blog. I saved
it to my bookmark site list and will be checking back in the near future.
Please visit my web site too and let me know how you feel.