Flipper Zero vs Ford F150 (Key Fob Playback Attack)

Поделиться
HTML-код
  • Опубликовано: 4 янв 2025

Комментарии • 174

  • @Deven210
    @Deven210 2 года назад +14

    So those days are in the past unless you’re a 2018 Honda civic with that really bad CVE. I so appreciate your demonstration man! Super cool to see a DOS. Honestly I like the use case at the end about locking your buddy out after he’s been drinking. Honestly not a bad idea!

    • @RobynTapps
      @RobynTapps 2 года назад +1

      You severely overestimate auto manufacturers ability to program a secure system.

    • @Deven210
      @Deven210 2 года назад

      @@RobynTapps oh I grossly underestimate it for sure 😂

    • @timgreen3189
      @timgreen3189 Год назад

      expensive insurance (cost to replace fob) ;)

  • @jakes8444
    @jakes8444 2 года назад +27

    came for the flipper stayed for the tool

  • @sr-xv7eu
    @sr-xv7eu Год назад +6

    I love how you are the only person I've seen that will tell others it will block your key out from working if it's used it before. I did this and now my key won't work

    • @zygote3914
      @zygote3914 Год назад

      rolling code

    • @yungtomb9374
      @yungtomb9374 Год назад

      What kind of car do you have? Some vehicles have a reprogram process you can do to reprogram the key.

  • @MICHIGANLIFEWITHDOGS
    @MICHIGANLIFEWITHDOGS 6 месяцев назад

    You can use this to block someone from entering their Ford, or wait for them to get frustrated, go inside and get the other remote and then copy that as well and wait again a few days to come back do the denial and then play back the previous code from the other remote.

  • @tanielleoconnor8228
    @tanielleoconnor8228 2 года назад

    The digital little lights the ones that you keep poking on to he's going to put the same amount of pressure on your eyeball with or without the eyelid

  • @timteddy7398
    @timteddy7398 Год назад +2

    So Basically save a code that was played before then lock them out there Car making the fob undetectable then play the Replay of the one earlier

  • @j.pocket
    @j.pocket 2 года назад +6

    The soundtrack is perfect.

  • @Fleamang84
    @Fleamang84 11 месяцев назад

    Well explained! I kept being distracted by the awesome Tool song though 😂

  • @samaeltartaro
    @samaeltartaro Год назад

    I came for the Flipper Zero, I stayed because of Tool in the background.

  • @Chupabrah
    @Chupabrah Год назад

    So you copy lock and unlock from both remotes. Won't you DOS both of them? I have a vehicle with two remotes and i'd like to copy signals from both, but I'm scared to DOS them both. I'm a bit confused!

    • @DialZeerowForOperator
      @DialZeerowForOperator  Год назад

      I used the flipper to copy an output of one of the remotes. I played that back causing the computer in the truck to think it was a playback attack and it locked that remote out.
      Far away from the truck being able to pick it up, I copied an output of the working remote.
      When I played back the copy of the good remote that had stepped to a good encryption code from the flipper, it unlocked the door.
      After I got back in I was able to reset the locked out fob by putting it in the ignition, turning it on and off again and to reset it.

  • @TheFlatEarthChannelcom
    @TheFlatEarthChannelcom 2 года назад

    If you bring your car for servicing. They can copy a few signal away from the car and use it at a later date since they know where you live now

  • @caueb
    @caueb 2 года назад +12

    Interesting, I was thinking of buying one to play around. One question, if you cause DoS when someone park the car but did not pressed the key fob yet, the “victim” will not be able to lock the car right?

    • @DialZeerowForOperator
      @DialZeerowForOperator  2 года назад +8

      If the fob is locked out, the physical key will still open the door.

    • @caueb
      @caueb 2 года назад

      Yes, I was just wondering that some people don’t really check if the car actually locked after pressing the fob leaving the car open for the attacker.

    • @alexremy5295
      @alexremy5295 2 года назад +1

      @@octopusdreams why don’t you just use 1 flipper to jam and signal that locks the car?

    • @שלוםוברכה-ז8כ
      @שלוםוברכה-ז8כ 2 года назад +2

      A brick seems cheaper

    • @5905-k8v
      @5905-k8v 2 года назад

      Wil this device work on saving different keys like my mercedes key

  • @tonysolar284
    @tonysolar284 Год назад +1

    Now if you could only add the F0 as a new keyfob to the system.

  • @jmr
    @jmr Год назад +1

    How do you get the blocked fob working again?

    • @DialZeerowForOperator
      @DialZeerowForOperator  Год назад +1

      Just put it in the ignition switch and turn on and off again, pressing door lock and unlock on the remote reset it

    • @jmr
      @jmr Год назад

      @@DialZeerowForOperator Interesting, I've been directing people on how to get their remotes working after they mess them up with their Flipper. I've been writing the information down as I go. I may have collected every method at this point but I'm still researching.

  • @DKsupreme69420
    @DKsupreme69420 Год назад

    Putting the key in the ignition and staring the vehicle seems to reset the fob

  • @ppdripz5064
    @ppdripz5064 2 года назад +6

    What happens to the key that’s on lockdown?

    • @youngrp
      @youngrp 2 года назад +1

      Reprogramming by putting on ignition and make the manufacturer program sequence.

    • @tony_joris
      @tony_joris Год назад

      if is a rolling code control, the car and the control lose synchronization

  • @8bitOG
    @8bitOG 2 года назад

    Can you try recording this video standing directly next to the noisy fan next time? 👀

  • @juggerknot100
    @juggerknot100 Год назад

    how to i buy Flipper Zero

  • @dimitridimitri8740
    @dimitridimitri8740 2 года назад +2

    Thanks for interesting video.
    How much is average or maximum recieving distance from keyfob to hackrf in Urban conditions?
    You also press long the button. In real life, the owner of the car just clicks one time and that's all.
    Does this sdr simply send the same code that recieved or can also modify it?
    For instance if sdr accepted signal "lock", can it send signal "unlock" ?
    How to deal with that

    • @DialZeerowForOperator
      @DialZeerowForOperator  2 года назад

      I was able to reset the denied fob by putting its key into the ignition and turning it on and off again then hitting the lock button a few times. There are some cars and trucks that the fob's id can programmed into the vehicles computer by the vehicle owner.

  • @_Brando_69
    @_Brando_69 Год назад

    One of my fav tool songs. Nice hack

  • @gothops154
    @gothops154 2 года назад +3

    How did you get a Flipper in the US? They don’t ship to the US as far as I’ve checked the last few months

    • @HackedHawk
      @HackedHawk 2 года назад

      They dont but their are mailing services in other countries where you can have a package shipped to them and they forward back to you it takes some time but can be done

    • @HackedHawk
      @HackedHawk 2 года назад

      The other option is if you are close to the border of mexico you can get a p.o. box and have items shipped there. Simply go over the border pick it up and bring it back.

    • @jadenhartford3331
      @jadenhartford3331 2 года назад

      Cap…they was for sale for multiple months bc i ordered mine like a month an a half ago…it was the last batch of flippers in the us bc there last crate got seized from customs which my flipper was on and i just got it this monday actually…u waited to long

    • @jadenhartford3331
      @jadenhartford3331 2 года назад

      resell price on stock x is like $500 so goodluck

    • @wisdomsgift
      @wisdomsgift 2 года назад

      Keep checking their site because they will have new stock soon.

  • @pboperations
    @pboperations 2 года назад

    Great cover on you truck bed. Can you do a video about that?

    • @DialZeerowForOperator
      @DialZeerowForOperator  2 года назад +1

      Diamond Back covers. They're damn awesome. Very tough and more secure than other covers.
      diamondbackcovers.com/pages/compare-covers

  • @Dnephilly
    @Dnephilly 2 года назад +2

    so what ur saying is, if u can get a fob far enough away from the car, read& record the unlock. u could then us that unlock providing u use it before the keyfob u recorded from

  • @olliehayman1909
    @olliehayman1909 2 года назад

    Thanks this is useful information explained clearly.

  • @MrMotoMike
    @MrMotoMike Год назад

    So once the 2nd fab is used successfully, it makes the 1st one work again right? Or did you just piss away an expensive fab for our viewing pleasure lol

    • @DialZeerowForOperator
      @DialZeerowForOperator  Год назад +1

      It can be reset by putting the key into the ignition and turning it on and back off again.

  • @tanielleoconnor8228
    @tanielleoconnor8228 2 года назад

    How did you get the light to work

  • @khayrobs
    @khayrobs 2 года назад

    Damn. I have two of these. I'd like to get mine working for my ford as a backup but I only have the one fob lol

  • @SSJIndy
    @SSJIndy 2 года назад

    What about starting the vehicle though. Is that denied also?

  • @shaneeem6114
    @shaneeem6114 Год назад

    where did you find one at ??

  • @ppdripz5064
    @ppdripz5064 2 года назад

    Can you please reply to me asap. I used this on my car and the keys don’t work. What’s the fix?!?!

  • @tigreonice2339
    @tigreonice2339 2 года назад +2

    How far away can you pick up the signal?

    • @DialZeerowForOperator
      @DialZeerowForOperator  2 года назад +4

      I haven't tried the detection distance. Thanks for the tip. I'll check that. My truck could pick it up from about 20 to 30 or so. Good enough to use for a remote for a gated entry. My interest is to have one fob or device that can do all the little remotes for different things. It has some practical uses.

    • @firetourdr4668
      @firetourdr4668 2 года назад

      @@DialZeerowForOperator where do you get this

  • @byroncudworth6918
    @byroncudworth6918 6 месяцев назад

    Tool, nice 🙂

  • @catholic3dod790
    @catholic3dod790 Год назад

    Is it crime? I am curious.

    • @DialZeerowForOperator
      @DialZeerowForOperator  Год назад

      It's not a crime to hack something you own. It is a crime to hack something someone else owns and you do not have prior consent.

  • @WALL2WALLENTT
    @WALL2WALLENTT 2 года назад +2

    How to reprogram the remote after denial?

    • @youngrp
      @youngrp 2 года назад +1

      By putting on ignition and make the manufacturer program sequence.

    • @youngrp
      @youngrp Год назад +1

      @@tony_joris I don’t know all manufacturers and models, but for Opel/Chevrolet Astra is put the key on ignition, press the “lock” button and turn the key to the first ignition stage. After 10 seconds the door locks “clicks” and you can remove the finger of the “lock” button. The programming has been done!

    • @youngrp
      @youngrp Год назад +1

      @@tony_joris maybe you should take your car to the dealership. Don’t try to fix yourself.

    • @tony_joris
      @tony_joris Год назад

      @@youngrp The manual says that I have to stand next to the car, press the button to open it, and when I open the car with the key, the remote must be reprogrammed, but it still doesn't work, any ideas?

    • @tony_joris
      @tony_joris Год назад

      @@youngrp It's a VW vento. I would like to fix it myself, I blocked it hahaha thanks bro

  • @earnestjames2911
    @earnestjames2911 Год назад

    How did you get one?

  • @tony_joris
    @tony_joris Год назад

    Don't use Flipper Zero in Rolling Code controls. Control and car lose synchronization.

  • @cdrealist9398
    @cdrealist9398 Год назад +1

    Ive heard lots of people are getting locked out of their own car while tinkering with a flipper, its a good learning lesson, you shouldn't be trying to use the same methods of pentesting on everything you can get your hands on. It helps to do some research first, so you at least have an understanding of what you are doing or what might happen. Doing that would have prevented your vehicle getting locked out, or worse consequences if you are messing with another persons property. You can go around pressing buttons using the flipper with malicious intent on others if you like, but you take full responsibility, not the ones who wrote the code or the ones on youtube videos explaining how to do it.

  • @level9inc
    @level9inc 2 года назад

    how do you get the key to go back working after its disabled?? asking for a friend lol

    • @DialZeerowForOperator
      @DialZeerowForOperator  2 года назад +2

      Put the key of the locked out fob in the ignition switch and turn it on to acc and off again. That will reset it.

    • @level9inc
      @level9inc 2 года назад

      @@DialZeerowForOperator this particular fob doesn't have a key. its they key as well.

    • @LakeVermilionDreams
      @LakeVermilionDreams 2 года назад

      @@level9inc Some fobs have a key inside, look for a release button and pull the keychain ring. Some vehicles also program keys in the center console underneath the lining tray. Look in your manual.

    • @tony_joris
      @tony_joris Год назад

      if it is a rolling code control you need special equipment to be able to synchronize it with the car

  • @EnderGameZ.
    @EnderGameZ. 2 года назад

    Does they key ever work again?

  • @sasa-qq9em
    @sasa-qq9em 2 года назад

    hello sir, where can i buy one

    • @DialZeerowForOperator
      @DialZeerowForOperator  2 года назад

      I have no clue without paying crazy money for one now. I got this in one of the 1st shipments. I'm not sure why they went with a sales and shipping carrier that doesn't ship to the US. I know of no bans for it. There are tools available in the US that can do far more nefarious things. A laptop and a Software Defined Radio (HackRF) are of more use.
      I find the Bad USB feature very useful to store login info for several of the online accounts I use. And it is capable of storing and playback of long and complex passwords that would not be quessable or brute forced.

    • @EnderGameZ.
      @EnderGameZ. 2 года назад

      Go too the official website and wait till December 1st

  • @tanielleoconnor8228
    @tanielleoconnor8228 2 года назад

    Code and pointed finger

  • @itsallasimulationman
    @itsallasimulationman 2 года назад

    Tool - Eulogy
    Nice.

  • @tonysolar284
    @tonysolar284 Год назад +1

    You do need permission from yourself to hack your own stuff. So technically, you've gotten permission to hack it.

  • @gustavozamorajr2186
    @gustavozamorajr2186 2 года назад

    So I got one cars key fob to start working... lmao.. hopefully it resets. If not I'm paying for a reprogram.

  • @ryanpotter2327
    @ryanpotter2327 2 года назад +1

    video cuts out unless it's a HNd1 protocol, . and some hyundais. lol

  • @EndLess1UP
    @EndLess1UP 2 года назад

    I just want your opinion on the thing. I love this little device, but I've always thought to myself who's gathering all this information because every time you put in new information from a new device, somebody's gathering that and collecting it. Who? I might be wrong and maybe I'm just dumb and paranoid it's possible lol 🤣

  • @tanielleoconnor8228
    @tanielleoconnor8228 2 года назад

    Go Forest go Forest go

  • @max_tube
    @max_tube 2 года назад +2

    F150 has same key as my Fiesta? 😂

  • @lateralus8973
    @lateralus8973 2 года назад

    Tool, nice.

  • @sagerdood
    @sagerdood Год назад

    You're not really hacking anything... get a hackrf for some real fun. Jamming a car signal with someone trying to lock there door would be the course of action to break in a car... its incredibly easy to do.

  • @mastermax8396
    @mastermax8396 2 года назад

    It is possible because of the random factor lack, Key should chat with car picking integers from timetables randomly. This is only manufactor failure, which indicate how unsafe nowadays the cars are.

  • @charleshines8523
    @charleshines8523 2 года назад

    Now that you denied service with that remote, do you have to take it to the dealer and pay them to undo it? On a lot of modern vehicles that might be the only way to get them working again. If someone did that to my vehicle and I had to take it to a dealer, I would want to sue them for the cost of the service to restore it and maybe some small related expenses such as towing or if I lived far from a dealer I would want reimbursed for the fuel used to get there. Maybe even a bit for my trouble and inconvenience also!! Thankfully these things are not likely to happen under normal circumstances. What I don't like is keyfobs that are always sending and receiving signals like the ones for keyless entry. It is possible for someone with a device similar to the Flipper to relay the signal. Sure they might have to get close to you but it is still possible. It is how the thieves break in and steal valuables or even the vehicle itself. Ever see stories on the news about peoples' vehicles broken into with no signs of forced entry yet all the cash and valuables are taken and the victims have no idea how it ever happened? They must be using devices like these or similar to do it in some way. There are other devices used to deauthorize devices from WiFi networks and then the cameras don't transmit what they saw and it is as if the thieves were never there. Stories about that have been on the news too. It would be likely that the same thieves are doing both of these things or have an accomplice helping them so they can get out of there more quickly to avoid being seen. The scary thing is they do these things in the middle of the day, if you looked out the window when it happens you would see them. They might be trying to conceal their identity of course, knowing that there are many people who would love to catch them!! The fact is they just walk in calmly as if they live there not worried about being seen and that is one of the scary parts of it!!

    • @DialZeerowForOperator
      @DialZeerowForOperator  2 года назад +3

      I was able to reset the denied fob by putting the physical key in the ignition and turning it on and off again.
      There are instructions out there on how to reset or program a fob for some vehicles.
      The security scheme used on this truck is very outdated now.
      There are methods to get around the security of just about any wireless security system. Even 2 way vehicle and fob security as you mentioned can be compromised.
      Security is an illusion.

  • @tanielleoconnor8228
    @tanielleoconnor8228 2 года назад

    Dont hit the gas spot

  • @chosenBYpicasso
    @chosenBYpicasso 2 года назад

    Couldn't somebody wait in a car next to you with one of these and copy your signal when you unlock your car then follow you wait till you get out and leave then unlock your car?

    • @keithd.2722
      @keithd.2722 2 года назад +3

      No - that's called a "replay" attack and the car is programmed to ignore those signals.

    • @DialZeerowForOperator
      @DialZeerowForOperator  2 года назад +3

      IF you replay a code that has already been used to unlock the door, it won't respond and locks that remote out.

    • @DialZeerowForOperator
      @DialZeerowForOperator  2 года назад +2

      @@octopusdreams I demoed that if you send the same code, it will lock that remote out.
      The only way you will defeat rolling code security is to figure out the algorithm that generates the codes and write FW for the flipper to generate the prorper code sequences. 2 flippers won't help you. The flipper just records. It can't generate anything on its own unless you write FW. 2 Flippers won't help you do anything.
      Watch the research on it by this guy at Defcon 27.
      ruclips.net/video/9gfg8gk3lVw/видео.html

  • @tanielleoconnor8228
    @tanielleoconnor8228 2 года назад

    That is not a fliper zero

  • @tanielleoconnor8228
    @tanielleoconnor8228 2 года назад

    Nice bed

  • @QuadDerrick
    @QuadDerrick 2 года назад

    0:12 "this is my truck so i dont need permission to hack" are you sure ? i bet there are more than 1 law \ contract saying something else..
    cool tho

    • @DialZeerowForOperator
      @DialZeerowForOperator  2 года назад +3

      If it were someone else's truck, yes. Its my property and paid for. I'll hack it all I want.
      This is nothing new. Someone has already done some of this research on their own vehicle as well.

    • @QuadDerrick
      @QuadDerrick 2 года назад

      @@DialZeerowForOperator not saying you can't do it without going to jail.
      just saying, there is for SURE a law that says you can not disclosure methods of breaking security of "the company's" previous property even tho you now do own it.
      this is how many big company's protect they'r "intellectual property" ,, just more security based company's than,, your truck company of course.
      also,, when you bought the truck, i am, almost, sure you signed something that you did not read and understood the FULL effect of containing something about this subject.
      edit note:
      everyone buys products, thinking they own them, rarely it is so. smart phone security world is VERY bothered by this for a good example.

    • @DialZeerowForOperator
      @DialZeerowForOperator  2 года назад

      @@QuadDerrick Ford has already replaced this security scheme some time ago.

    • @DialZeerowForOperator
      @DialZeerowForOperator  2 года назад +1

      @@QuadDerrick my experiment was to see if I could replicate this attack with the Flipper Zero and it does work.
      Here is the original research and presentation from Defcon that I leveraged successfully.
      ruclips.net/video/9gfg8gk3lVw/видео.html

    • @QuadDerrick
      @QuadDerrick 2 года назад

      @@DialZeerowForOperator all very good and well but not relative to my point , really.
      your a defcon speaker ? =) thats cool. Defcon used to be a more .. open show.. i do not enjoy how state have taken over and taken the open'ness ? away..
      guess your still allowed to show some shenanigans tho huh =)

  • @tanielleoconnor8228
    @tanielleoconnor8228 2 года назад

    Are you wanting to who long hard driveway not driveway driveway try try and dry did they are come twice in the spot after the loyal menu in after the math G or D Spot sorry I just see some gray Jay

  • @tanielleoconnor8228
    @tanielleoconnor8228 2 года назад

    Nose allways up foletinfool

  • @nic4850
    @nic4850 2 года назад

    anything for the view.

  • @tanielleoconnor8228
    @tanielleoconnor8228 2 года назад

    Fliper zero zero zero

  • @Nohkral
    @Nohkral 2 года назад

    TOOL

  • @xXxSynthxXx
    @xXxSynthxXx 2 года назад

    Bro you ain't no hacker trust me 😂

  • @MrSys3rror
    @MrSys3rror 2 года назад

    lol please dont call this a ddos attack all you did was confuse the cars computer and by default it cancelled out your key fob.

    • @nottherenotherenotanywhere
      @nottherenotherenotanywhere 2 года назад +4

      This is the literal definition of a denial of service. You’re talking about a ddos or distributed denial of service which specifically references a chain of machines/instances sending network requests (sometimes, there’s other methods leveraged) to trigger a denial of service.

    • @CliffCarmichael
      @CliffCarmichael 2 года назад

      this is a DOS not DDOS. And a DOS is literal DENAIL OF SERVICE. He is DENYING the SERVICE of the key working with the paired vehicle. Hate god damned idiots like you polluting comments with your half knowledge

  • @everythingallin4905
    @everythingallin4905 2 года назад

    Why would you teach people how to steal cars?

  • @humangarbage3386
    @humangarbage3386 2 года назад

    are you willing to sell?

    • @DialZeerowForOperator
      @DialZeerowForOperator  2 года назад +2

      Sure, will sell it for $2500.00 USD.

    • @bobfuckingsmith
      @bobfuckingsmith 2 года назад +5

      Sell you one of mine for 500$ if you really want one brother, I have 7 lol.

    • @staticflea287
      @staticflea287 2 года назад

      @@bobfuckingsmith i'd be interested if you were offering

    • @humangarbage3386
      @humangarbage3386 2 года назад

      @@bobfuckingsmith little high

    • @robise.5886
      @robise.5886 2 года назад

      @@DialZeerowForOperator lmao

  • @liviu8603
    @liviu8603 2 года назад

    U Made me understand why my remote was not working! OMfBrain.😮 So I changed the battery, and just after the second day was working… Thank You! 😊