Dive into RFID Fuzzing with Flipper Zero, the RFID fuzzer app.

Поделиться
HTML-код
  • Опубликовано: 28 дек 2024

Комментарии • 77

  • @drskizz
    @drskizz 11 месяцев назад +31

    It was nice finding a flipper video that had useful information and wasn't a parlor trick. Threw down a like and subscribe.

    • @godjhaka7376
      @godjhaka7376 10 месяцев назад

      Lol don't like the fake social media posts to sell flippers? Go take a cyber security class and get certified, way more to learn about technology if that's your thing.

    • @PenumbraPremier
      @PenumbraPremier 4 месяца назад +1

      I feel you on that, so many videos that claim to provide information and then they end up not explaining anything, just "Hey look at this, now watch *poof* there goes 10 minutes of your life."

    • @drskizz
      @drskizz 4 месяца назад +1

      @@PenumbraPremier Or it's fake for likes and clout.

    • @PenumbraPremier
      @PenumbraPremier 4 месяца назад

      @@drskizz That too

  • @PenAce
    @PenAce Год назад +15

    Nice. This will be the next topic for the Ace!

    • @Lab401
      @Lab401  Год назад +3

      can't wait to watch that :)

    • @GuidoZ
      @GuidoZ Год назад +3

      That reminds me, I need to invite you somewhere. 😁

  • @asimpletune
    @asimpletune 11 месяцев назад +21

    It's crazy that the fuzzer put the SUT in a bad state like that. It's almost like the manufacturers don't even test their own systems before releasing them.

    • @mr.s1961
      @mr.s1961 6 месяцев назад +1

      @asimpletune I know this will come as a huge surprise (and possible disappointment) to you, but I've been in the IT industry (specifically hacking) since the 90's, having had a Windows 2.0 (DOS-based) computer still: Many if not most manufacturers don't test their own systems before releasing them thanks to things like capitalism where money is more important than testing. They'll do the least amount possible to pass whatever needs passing (like minimum security standards, etc). Also, many people who sell and install the systems (RFID in this case) are to blame. The customer does not do the research before purchasing and relies on the salesman, and the salesman only goes with the option that gives them the highest return/profit (again, capitalism). So in the case of RFID systems, that usually means LF, all security off or at the minimum, etc. Your welcome.

  • @GuidoZ
    @GuidoZ Год назад +47

    Wonderful! Informative and explained the steps well. Looking forward to more.

    • @Lab401
      @Lab401  Год назад +3

      Mr Uberguidoz is in the house :) thx for your kind words :) hopefully we can partner on something soon :D

    • @Thadopeera
      @Thadopeera Год назад +3

      Thank you both for all you do for the flipper community 💯🦾

    • @bign1667
      @bign1667 Год назад +4

      GuidoZ the legend 🙌 is here

  • @Mikey_xx_
    @Mikey_xx_ Год назад +7

    I'm glad I came across this. Well presented. Adding a sub and going through your old vids. Thanks!

    • @Lab401
      @Lab401  Год назад

      Thanks and welcome

  • @aledmonds5448
    @aledmonds5448 Год назад +10

    Man I was messing with my flipper I was like wtf is this for . Now I know. Thanks bro!

    • @golfinglife610
      @golfinglife610 Год назад +3

      Lol hey I just got mine 4 days ago and said that exact thing haha. But I'm figuring it out and there bad ass.

    • @godjhaka7376
      @godjhaka7376 10 месяцев назад +2

      Flipper is cool, but we had cooler gadgets in the 90s for hacking. My rooted phone with CFW does way more than a flipper device.

    • @bandino1990
      @bandino1990 6 месяцев назад

      @@godjhaka7376cap!

    • @bskarpa
      @bskarpa 5 месяцев назад

      I just got mine a few days ago and this little device is scary as a Cybersecurity Analyst lol. I showed my ex what it could do the other day and sole her credit card information and then showed her. We’re on good therms and actually is now a good friend to me so of course i deleted it There’s so much more this little device is capable of especially with additional GPIO boards.

    • @bskarpa
      @bskarpa 5 месяцев назад

      @@golfinglife610just got mine a few days ago.

  • @mtb_aidan4727
    @mtb_aidan4727 Год назад +7

    How do I get the app as it is not on the app store for me

  • @tedjones8472
    @tedjones8472 9 месяцев назад

    i have a machine in work, that uses RFID tags to grand access to various levels within the system. unfortunately, the mid level tag has been lost a while back and we now need access to modify a setting for a part that is produced. can i use the fuzzing method, to find the code to access the mid level and then write it to a new tag?

    • @knifedance2402
      @knifedance2402 8 месяцев назад

      Technically yes. If you use the Flipper to identify the reader, and then fuzz it, it’ll tell you which code it happened upon first which gave a positive response. Of course, that might only give you a higher access level code than the one you need, so you’d have to disable those codes first.
      -
      Once you had the mid-level code, you can save it, name it, and write it or emulate it if so desired. You can do the same for NFC tags/cards.

  • @FFO-b5p
    @FFO-b5p 23 дня назад

    I'm Cambodian. Can i buy it ?

  • @AlexAlfarii
    @AlexAlfarii 8 месяцев назад

    Very good video, what do you think of the security in rfid hotels with flip zero you have some good configuration

  • @Jullinwar
    @Jullinwar 2 месяца назад

    How to know if its ef4500 or what it was

  • @corentinmeyer8446
    @corentinmeyer8446 Год назад +6

    Merci beaucoup !

  • @nullpwn
    @nullpwn 15 дней назад

    nice and well explained

  • @servantofthetruth8203
    @servantofthetruth8203 Год назад

    Is the video out yet for this app?

  • @bnk28zfp
    @bnk28zfp Год назад +3

    thank you for hard work!!!!

    • @Lab401
      @Lab401  Год назад

      Your support is duly noted and greatly valued. Thank you.

  • @beststorytime4325
    @beststorytime4325 3 месяца назад

    When I find the vulnerability, how do I keep it or create a file for it? I used this on my friend's gate, but I have to wait until it reaches the file. How can I make the rfid file from the attack?

  • @Gibonz
    @Gibonz 4 месяца назад

    Hi friend, love the vid, and thanks!
    One question, can the Flipper Zero sniff a T5577 reader and obtain access codes? (without having an original real access fob)

  • @RubbinRobbin
    @RubbinRobbin 9 месяцев назад

    Can you do this for train stalls and gates? If so, HOW!

    • @mr.s1961
      @mr.s1961 6 месяцев назад

      By reading the documentation and applying what's in your head: your brain to analyze, process, and exfiltrate the data and get to the answer.

  • @N0B0DY_SP3C14L
    @N0B0DY_SP3C14L 6 месяцев назад +1

    Very cool. Very informative. Bien ouej, mec!

  • @jgadget405
    @jgadget405 Год назад +1

    I am not finding the app on the app store. is there a specific name to search?

  • @davetindell4110
    @davetindell4110 Год назад +1

    Where can we download the app?!

  • @rahyym21
    @rahyym21 4 месяца назад

    Anyone knows how to emulate NFC B?

  • @502deth
    @502deth Год назад

    do you ship to the US?

  • @scriptles
    @scriptles Год назад +3

    Hey how would I go about just emitting 125 khz rfid h10301 tags?
    I ask because at my work we use those badges and our gats only have the readers on the "outside" of them. When we go to leave we have a weight sensor that detects if a "car" is there. I ride a moped.. ti trip the sensor I had to slam my brakes to get extra umph in weight to trip it.. problem is yesterday my moped slid out from under me and I hurt myself just trying to leave the property.. The tag reader is on the outside where I cant quite reach it.. if I could reach it I could badge out, the in gate. I would LOVE to be able to take my $2,000 vehicle with me when I leave work and you know not abandon it there and have to pay my whole days wages on an uber..
    Anyone got any suggestions, I would love to know what people can think of. I am more software dev then hardware dev and do not fully understand how antennas work since some will be designed for certain ranges and getting my mind to wrap around how that makes sense is difficult. Can I add an antenna to flipper zero? Do I need a more powerful transmitter? What direction could someone point me in for more information to help solve my problem? It's a 3+ hour walk to get home if I cant use my moped and zero out my income if I have to uber. Certainly working 48+ hours a week should not net me a deficit just to work. So what kind of thoughts do you all have to resolve this issue of mine? I am quite pissed off at my employer over this unsafe gate. Heaven forbid the building (which has over a million pounds of paper) catches fire. Because I will burn alive.

    • @martingrahan1437
      @martingrahan1437 Год назад +2

      Cool story bro!

    • @MattMaxwell
      @MattMaxwell Год назад +1

      Have you considered a stick that you can use to reach the card reader? Put your card on a stick, poke it in front of the external card reader.
      Also, those vehicle readers on the ground are not weight sensors, they're metal detectors. Your moped doesn't have enough metal to set them off.

    • @scriptles
      @scriptles Год назад

      @@MattMaxwell interesting. So I discovered at the corner of the sensor it does seem to trip it.
      Also yeah I thought about a telescopic pole but that would require me to throw it thru the fence as the gate is a fence that slide open. Otherwise it would break or cause problems.
      I think I did see somewhere where some fire rescue use ladders to slide under gate fences to open them now that you mention that.
      Do you know if it’s measured by square foot or mass? Like if I had a few bars of metal be a thin sheet?

    • @odorcide
      @odorcide 11 месяцев назад

      Get you a large magnet and that can trip the in ground loop or some people have had luck shutting of their bike and starting it over one of the in ground lines. Something about the EMF will help it to register.

    • @scriptles
      @scriptles 11 месяцев назад

      @@odorcide Thanks. I don't have to worry about it anymore. Moped broke down completely now and I have been catching rides with coworkers except today on the way home I had to walk. Its a 3 hour walk home so I walked about an hour then ubered the rest of the way for $20 which was still a huge cost. At the same time I think I am just going to provoke my employer to fire me so I can get unemployment after what happened today.
      Coworker brings in mcdonalds again... I say hey wheres my mcdonalds.. again like I usually do because I cant get my own I have no car or working moped.
      Boss then decides to unload upon me about how its offensive for me to "want mcdonalds too". I even said how rude, you didnt bring any for the rest of the class. Boss then goes on to say her body her choice or some shit and im like dumbfounded because what is she trying to imply? That mcdonalds makes you fat or something because body shaming people is a really bad thing.
      Like what the hell is wrong with my boss? Not everyone who goes to mcdonalds even eats the food. Some people buy it for other people or their kids or who ever else like its really really really common at other jobs for a worker to say hey you are passing starbucks or mcdonalds bring me something on the way in and ill pay you when you get here.. its nothing to do with a persons body plus trying to imply negative things towards people going to mcdonalds..
      I should have given some background.. my boss is a "she/her" pronoun person that really needs a reality check to see how many people she is offending playing games.
      So I am literally at the point fine if you want to go throwing insults like that and violating company policy and quite honestly possible EEOC violations then fine ill get verbal back and let them just fire me. Then I wont have to loss money when ever we dont have a full day or walk home with blood soaked socks for walking 10+ miles up hill and down hill in actual freezing cold.
      Sorry about the rant.. This employer actually actively discriminates against people. I am by far one of the most trained and fastest people in my department. I can even do OTHER departments better then my own boss.. we had a typing test and I type much faster and more accurately then her. Which is a required skill for one of the other departments. I was able to improve the thruput of work by 300% because they are literal idiots with computers.. I mean brain dead idiots.. They cant comprehend basic anything about them even though the job is based around it.. I have been here 14 months and I get paid the same as a new hire does and will NEVER get a raise because I turned down a full time hired in job offer for them because it offered $0/hr more and switched from weekly pay to biweekly. Which wouldn't help me at all.
      Honestly I am disgusted with this employer and their ignorance. They think H10301 tags are "secure". They are absolutely not. Hell I even pointed out the construction they had done recently after I started was done improperly and that a door jam did not engage the "dead latch" meaning it could be "latch slipped" and its supose to be a secure room we do government contracts and all that.. and they had 0 interest of making the company come back out and do it right or getting anyone to even fix it. Literally a piece of trash I grabbed out a trash can got me into the door faster then even using my badge because with my badge you gotta wait for a *click* where as latch slipping you don't.
      Sorry for the long rant.. This place is really pissing me off. Why are their pratically no reasonable employers left these days? Like the last employer I knew that had any rational reasonableness the owner ended up dead in a car accident.. devistated me to hear the news... and its been clown employers ever since. Again sorry for the rant I think I a am going to call off work tomorrow and try and calm down before I do something stupid I may regrret.

  • @Global_News_UK
    @Global_News_UK Год назад +3

    thanks 🤫

  • @En30MinsSecurity
    @En30MinsSecurity Год назад +1

    Amazing

  • @OneAndOnlyZekePolaris
    @OneAndOnlyZekePolaris Год назад

    Do I still install it from the app store when I have CFW RM?

  • @AerialAutist44
    @AerialAutist44 11 месяцев назад

    The only thing I've not had any success with yet.

  • @thedesolateone8260
    @thedesolateone8260 Год назад +1

    😎 🆒️

  • @prototype-mk4758
    @prototype-mk4758 10 месяцев назад +1

    u look like a guy from work called bogdan

  • @Gpepito
    @Gpepito 3 месяца назад

    Tu sais parler FR fait des video FR aussi frero

  • @keithmeyer9450
    @keithmeyer9450 Год назад

    i have an iphone so i cant even use it

    • @sethking6361
      @sethking6361 Год назад +3

      if you have $200 to buy a flipper, you can put $100 on a cheap android to use as a tool

    • @keithmeyer9450
      @keithmeyer9450 Год назад

      i might do that, thx@@sethking6361

    • @godjhaka7376
      @godjhaka7376 10 месяцев назад +3

      Apple is closed source and they own the phone not you lol.

    • @mikewhocares3827
      @mikewhocares3827 9 месяцев назад

      You could use an android VM on a computer too..... I believe you can use some online tools when the browner supports serial access

    • @knifedance2402
      @knifedance2402 8 месяцев назад

      @@godjhaka7376Jailbroken iPhone can do it.

  • @RcNerd
    @RcNerd Год назад

    Get caught with one get arrested for burglary 😂😂😂

    • @ClickClack_Bam
      @ClickClack_Bam Год назад

      NOBODY even knows WTF these are.
      Even if they did, it's not necessarily a burglary tool any more than a screwdriver is. It's what you do with it that makes our legal/illegal.
      You can lock the screen with Xtreme firmware. (Not sure about stock configuration.)
      So good luck getting me to open it to show you what's inside 😁👍

    • @mattlewis-he8lh
      @mattlewis-he8lh 8 месяцев назад +2

      Where do you live at that having one of these would qet you arrested? They are completely legal to own and use

    • @mr.s1961
      @mr.s1961 6 месяцев назад +1

      @@mattlewis-he8lh I think @RcNerd is like most NPCs meaning he leaves baseless miseducated and untrue comments because he doesn't have the ability to google or research before commenting (or speaking irl). See the emojis? That means he's probably also a kid, so his brain hasn't fully developed.