Cyber Security and The Flipper Zero

 Social Engineering is a big part of this kind of pen test and it can work quite well (phishing emails are another good example of social engineering), but it can't do everything. At the end of part one, our fictional pen tester gained access to a building using social engineering and the card scanner function, but if you walk up to the front desk and say, "May I have some sensitive files, pretty please?" you'll get thrown out.  When it comes to grabbing data, the BadUSB function is your best bet. For that, you need to access a computer that both has sensitive files on it AND it logged in. That could be tricky. Now, if tools other than the Flipper were allowed, the second part would be easy. Anybody with just a little know-how and a USB stick can get a computer's password. No, not the Hollywood "I'll look around the room for 30 seconds" method, I mean the "boot drive > access system files > grab password" way. But, if other tools were...

The Flipper is marketed as a pen testers playground, but I have yet to address pen testing at all. Now's the time for that.If you haven't read the previous post about RFID, now would be a good time. If you have read that post, you'll know that the Flipper has no chance of getting into much of anything unless it first clones the real key. That's a problem, since people don't typically hand out their key cards fr you to clone just because you say "pretty please." Or do they? I've said it before and I'll say it again, the one consistent weak link in any system is its users. Here's how it might go down in a pen test. You've already cleared everything with the company, you have all your tools, and now its time to get inside the building. Now, a real pen tester would have the real tools, not a toy multi-tool, but lets assume the Flipper is all you've got. You need to physically hold a card to the back of the Flipper for the few seconds needed...

 In my last post, I wrote about the Filler Zero's WiFi Dev Board add-on and what it could do. Since this is a direct continuation of that post, i recommend you read it first if you haven's already. Now, to business. I've discussed how a Flipper user can take down a WiFi network, and that's extremely powerful, but that's only half on what the Flipper's WiFi module can do. Another function is the Rogue Access Point. Basically, any WiFi network is an access point to the internet. A rogue access point looks and can behave the same as a standard access point, but it's run by a third party. Network service providers can freely read much of your network traffic (barring external security, such as a VPN) so having a potentially malicious third party serving as a middle-man for your network traffic is a big problem.  Now, as I'll likely write more about later, the Flipper has a bunch of interesting functions and modules, but they're essentially toy versions o...

 One feature of the Flipper Zero that was quick to catch my attention isn't a core feature at all -- it's an optional add-on offered by the company. In videos demonstrating this module, users push a few buttons and crash WiFi networks, grab network passwords, and generally make network security look like a joke. So, real or fake? There's abstractness or "well, sort of" about this one. The answer is yes, it is real. So, lets take a look.  On the top of the Flipper is an array of GPIO (General Purpose Input-Output) pins. Users can, if they know what they're doing, complete any number of electronics projects by way of these pins, from blinking LED's to more complex projects. The Flipper website sells a WiFi Dev board that fits into these pin slots. Coming in at $29.00 at the time of writing, this ESP32-S2 board is marketed for WiFi debugging purposes. However, by loading the Flipper with Unleashed or Xtreme (a quick and relatively easy process), this WiFi boa...

Somewhat less popular but still viral videos of the Flipper Zero show a user pushing some orange buttons and every cellphone in the room going haywire. Their users look about, confused by this unforeseen turn of events. Meanwhile, the perpetrator laughs to himself. So, is this real or more wannabe malarkey? Yeah, it's mostly real.  The Flipper comes equipped with a Bluetooth module. This module can do quite a few things, but I haven't done most of them, so I'll only write about what I know. In the case of the above story, the Flipper is sending out Bluetooth pairing requests on all points on the Bluetooth spectrum. The cellphones take these requests at face value and send a notification to the user that a device (usually headphone, earbuds, airpods, etc) is trying to connect. The moment the user dismisses this popup, another takes its place, and then another, and another, until either the Flipper user has had his fun or the unfortunate victims manage to turn of their phones...