Bought my flipper today after watching a few of your videos. Subscribed as well!
@WillyJL11 ай бұрын
8:46 to be honest, BLE Spam is open source, could've just looked at how the packets are made lol. Or even just ping me, I have no problems explaining how my code works and what it does :D
@uhohretardalert38629 ай бұрын
Wow hey man I’m a huge fan of what you’ve created. I had a questions about creating custom text and images instead of just sending ‘apple pairing devices.’ Could you provide any insight on whether this is possible for iOS devices? Thanks man!
@AlexeyPRG11 ай бұрын
Kinda cool! But I see a few issues: 1. It clearly says "Discover Flipper Zero Devices (Bluetooth must be enabled)". As Bluetooth connection is slow on Flippers, most people disable it. 2. The name of the device can be changed, easily. An even if the address is not changeable one would still not see the device if you disable Bluetooth in settings. 3. BLE spam creates new addresses all the time, as they are not the real one. So, you would be able to see that the attack is ongoing, but zero devices around.
@IAmOrion11 ай бұрын
I'll see if I can find it, but there's a thing where you can "compile" or "bundle" depending on your preferred terminology - a python script, it's environment, required libraries etc into a single EXE for windows or APP for MacOS and I believe something for Linux too. Also have the option to build a UI too!
@k3yomi11 ай бұрын
was thinking about that, I did update the documentation for the packages and such.
@k3yomi11 ай бұрын
In fact, I'll look more into that!
@SCUBAdfq11 ай бұрын
In regards to the kernel access with your phone, how do you look into what access you can get? I was considering buying a $30 Nokia smartphone for Nethunter myself, but I would like full functionality.
@DemocracyManifest-vc5jn7 ай бұрын
Where do I get one of those transparent after market cases?
@RobertBakerDunn2 ай бұрын
which blutooth adapter did you use
@AWOK11 ай бұрын
Such great talent in the community. Love to see new stuff like this. 🙌🏼
@TalkingSasquach11 ай бұрын
Thanks!!!
@LJMOO711 ай бұрын
This is amazing! It would be cool to get this as an actual app on the flipper for more portability. I don't know much about app development so this is just an idea. Again this is an awsome video.
@TalkingSasquach11 ай бұрын
Thats a really cool idea!
@WillyJL11 ай бұрын
Not possible, flipper only has the light BLE stack, it cannot see or discover other nearby devices
@oisin40411 ай бұрын
@@WillyJL Would it be possible with some sort of Bluetooth antenna or adapter in the GPIO?
@WillyJL11 ай бұрын
@@oisin404 if you are up to find a chip that can do that, build a board for it, then understand how it works, and write all the code for it on the board and flipper side, plus figure out how it's gonna show on the tiny flipper screen, sure it's possible. No one will ever do it however.
@samuraidriver4x411 ай бұрын
If you are set on using your onboard bluetooth you might want to consider using a bootable usb stick instead of virtual. Then again there is always the option to get a dedicated machine and go bare metal. Be aware that kali lacks any security features and its not a daily driver OS.
@TalkingSasquach11 ай бұрын
All very good points! One thing to keep in mind is that I have to record everything, so while running a live OS does get around some of the issues with hardware, it does make it a lot more difficult to record.
@samuraidriver4x411 ай бұрын
@@TalkingSasquach don't know what you normally use but for example OBS runs perfectly fine on Kali. But that's indeed a valid argument.
@lukasvolcik510911 ай бұрын
could wall of flippers be run on Flipper itself or more likely ESP32? That would be super cool to detect other flippers with your flipper :D I love that I can at least detect near flipper on windows, I might look into why BLE detection doesn't work.
@zacharyruben185211 ай бұрын
Man, its been a journey learning about all this stuff with you. Thanks for everything. You ever thought about doing some videos with the HackRf One Portapak??
@PLAYINSKILSSRT11 ай бұрын
Right I modded the fuck outta some and ya thats way better than this but I use them together makes the flipper nice
@cameronrich253611 ай бұрын
It can only find them with BT enabled yea?
@k3yomi11 ай бұрын
Correct, however - BLE advertisment spam detection would still work with BT disabled.
@nobodynoone250011 ай бұрын
But does this work for Esp32, or SDR based devices? Flippers are not the most common device used in these attacks anymore.
@k3yomi11 ай бұрын
It's not just for flippers. The BLE based attacks should work and if not, a suspicious advertisement will popup with a total amount of mac addresses contributing to that advertisement. For the esp32 or SDR based devices. I have not tested but I will look into expanding into more technologies in the future. So far, there are 3 main ways of detecting the flipper through BLE. Name, Address, and Identifier. Code def needs some work as its a bit messy.
@tom_henniger5 ай бұрын
can you show us how to install it on the pwnagotchi?
@Omega-uj6qz10 ай бұрын
I’d like to recommend keeping your rgb lights in the background on a solid color, Just to make your transitions just a little more seamless !
@dcriley6511 ай бұрын
Happy 2024! Gonna get me a Flipper this year & take the plunge into my new career.
@russelladuddell4011 ай бұрын
@TalkingSasquatch do you have a store?
@hhunnicutt411111 ай бұрын
I’m new to all of this and I love your content. Do you have any more suggestions on who to follow to become a master at the flipper zero?
@chrome9811 ай бұрын
Will this work on a RasPi? Then I could go incognito mobile.
@TalkingSasquach11 ай бұрын
Yup! it was originally used on a RPI3 i believe
@k3yomi11 ай бұрын
Flipper Zero : Advanced Warfare
@leonbeck666811 ай бұрын
Can you please make a root tutorial for the nothing phone 1 I tried so many times and it didn't work
@andrewhodgkin1111 ай бұрын
What did you use for a Bluetooth adapter?
@ChazBword11 ай бұрын
Happy New Year Squatch!
@chelefrancia11 ай бұрын
Mighty Sasquatch, I just got my Flipper, but I've got a question, and I'm pretty sure you can help me out. One thing that got me pumped about getting my Flipper is the idea that I could duplicate this UHF tag/sticker I have in my car. I've seen some info about needing a YRM100, but it's a bit confusing. Can I pull it off with different software, or do I need some new hardware? Thanks for your videos! 🤟🏻
@berend576611 ай бұрын
Happy newyears dude!!! I would love to see an app of this on my phone to find other flipper users. Be sure to make a video on it if it ever happens and may everyone that reads this have an awesome 2024
@MyTube4Utoo8 ай бұрын
It's sad, but as we all know, some people think that just because they 'can' do something, it's somehow okay for them to do it, screw everyone else. I'm old......old enough to remember the Tylenol "situation" in 1982 in the Chicago area. Whether someone just hated people, somehow thought it would be entertaining or whatever, it cost seven people their lives, including a 12-year-old girl. It's now unbelievable that we could have gone until 1982 with really no security methods in place, before something like that happened.
@Dyenosaur0011 ай бұрын
I feel like the wall of flippers wouldn't be hard to counter. There are some signal jammer files for the flipper that have made rounds, but are federally illegal 👀
@jsmith8515111 ай бұрын
One flipper to jam and another to... Spam?
@k3yomi11 ай бұрын
yeah, can't really do much about that besides hope it doesn't happen. If someone is truly wanting to counter it, they would just turn off their bluetooth lol
@CyclingMikey11 ай бұрын
Ha! I'm one of those diabetics running Loop (google loop docs) and potentially vulnerable to BLE spam.
@daviddavidson235711 ай бұрын
To be fair, I'm surprised apple products don't just crash at random without help. Also android medical devices; that worries me. I'd expect a completely ground up custom OS, not some slightly modified Linux distro for mobile devices.
@Sprinkles-r5y11 ай бұрын
Scary thought hey?! I can see reasons why they could be android based but really as a consumer hate the idea. I don’t mean to minimise anyone’s reliance on medical aids but I’m hoping it was more along the hearing aids lines of device than others that could be much more detrimental.
@number1yinyangiifan11 ай бұрын
imagine dying by a flipper
@MeGaLilCe5ar11 ай бұрын
This
@liverenders9 ай бұрын
Unfortunately not.... As an IT for 7 years, most medical systems and devices operate on Linux, android, or worse.... Windows...often XP... Im not exaggerating. It's chilling.
@Alasdair-Morrison11 ай бұрын
God creates the Flipper Zero on one hand then tries to take it away on the other by taking away some of the fun it was deigned for....Must get me one.......
@LuxGamer1611 ай бұрын
with great power come great responsibility. dont be skid!
@bubblegumcombo284911 ай бұрын
"If I wasn't able to fix [my insulin]"... congrats on restarting your device lol
@daveduke878311 ай бұрын
Apple patched the Bt attack weeks ago
@DEXV011 ай бұрын
Nice video sas keep ip the great work!
@Fallen0123329 ай бұрын
Shouldn’t this be easy enough to actually run on the Flipper itself?
@benjaminbraun28211 ай бұрын
found this channel last night after I was thinking about buying a flipper and have been absolutely ripping through all of your content. Very well made and very informative! loving it
@InfoSecREDD11 ай бұрын
I didn't know you totally switched methods when I told you about the kernels. 😂
@TalkingSasquach11 ай бұрын
The was no custom kernel for the TCL and i didnt want to wipe my Nothin!l ol
@Jpython2-oz1zj10 ай бұрын
How do we protect against this?
@DirtyPlumbus11 ай бұрын
Lol. I was just warning a new Flipper owner about this yesterday. Now I can send him your video.
@sideshow441711 ай бұрын
TikTok hand gestures aplenty.
@brightlight352011 ай бұрын
sasquatch is a hand talker apparently. maybe they are part italian
@Zardoz6611 ай бұрын
good info sas!
@SPUTNIK69969 ай бұрын
This on the steam deck would be epic
@MrGhost964011 ай бұрын
Minus a pine phone pro I've tried multiple phones I've set on one plus 7 pro 256 gb
@gcmotive10 ай бұрын
I can't find the video you make from BLE spam MAIN. Because the xtreme firmware works ble spam but not for far away.. that video was way better. When you have time can you share the link.. thanks for everything. Happy valentines day. God bless you. 👍
@UrRealestCritic11 ай бұрын
This is why you only do this attack when is necessary
@DirtyPlumbus11 ай бұрын
Who else is throwing this on their Uconsole? 👍
@ncc74656m11 ай бұрын
This might finally get me to get off my ass and set up Kali on the spare device I got from work (I keep giving away computers I get to take care of my people). Be kind of interesting to see if I can "meet" other Flippers on the way to work.
@andrewd491611 ай бұрын
im a noob dev but studying cyber at uni (already doing C and R programming). done a bit of python so im willing to give it a go
@seannewcomb759411 ай бұрын
Good video, kinda wish we could have gotten to the 6:00 minute mark quicker though.
@LuxGamer1611 ай бұрын
attention-span of a 5 year old
@MikeHawke41011 ай бұрын
NGL I've been using Unleashed and I was at a NYE party with a friend and did the "Bex Toy" ble and she started convulsing and I knew it turned her toy on remotely it was hilarious. 😂😂
@OneAndOnlyZekePolaris11 ай бұрын
I can't use my kali anymore RIP...
@aimoannos827711 ай бұрын
Good shiat man! Also you must the first one ever to ls with dir in linux (5:20) x)
@kas.x_x11 ай бұрын
damn, am i stupid or is that useless af? i mean cool u know the name of my flipper congrats for that but if im hiding it in my pocket how do u know that i am the owner of this flipper, if there r like 20 other people in that room? i personally dont use the ble spam btw it was just an example
@k3yomi11 ай бұрын
Someone can use a directional antenna and triangulate someone based off their Received signal strength indication. This data alone (with no fancy antennas) would be quite difficult to triangulate someone. However, with the right tools you could attempt. Bluetooth itself is hard to track but with the right tuning and tools. You would be able to accomplish it eventually. I did add other ways of detection a flipper which includes the Flipper name, Flipper Address, and the id corresponding to the flipper type (White, Transparent, or Black). Additionally, this project isn't really used as a mitigation tool but more of a fun project to mess around with. BLE Exploration is quite fun and once you start to learn it, it's hard to go back lol.
@kas.x_x11 ай бұрын
@@k3yomi damn okay but if someone, with a hidden flipper, makes the apple crash and there is one person with like 30 antennas, i would be scared that those people think that the antenna guy made the phones crash and not any other dude with a hidden flipper u know.. but anyways i highly respect that work keep going!
@k3yomi11 ай бұрын
We slap a sign on the chest with the text "Flipper police" lmao All seriousness though, the phone crashsploit for iOS was patched a few weeks ago.
@RetroCudi11 ай бұрын
Eventually average Joe flipper users will be seen by using an app on iOS or Android. Game Over after that. It will ping your device as if it is an apple Air Tag. Like games there’s glitches and the developers see things get out of hand if they can’t patch it well they can deflect it. Use your flipper responsibly.
@gomezleonardo6011 ай бұрын
Meanwhile Me in Guangzhou selling flippers to Americans
@feder-wg5kb11 ай бұрын
Make this an flipper application
@mikeielOFFICAL11 ай бұрын
you should make your own Linux phone its actually really easy and so much better than having android or ios
@PLAYINSKILSSRT11 ай бұрын
The newest update was garbage it downgraded my flipper and then my pc with all my files went into bootlocker mode fuck me right 😅
@k3yomi11 ай бұрын
Newest update of OFW? If so you slightly gave me a panic attack thinking it was my script if thats the case hahaha
@s.i.r.g336611 ай бұрын
Yay
@mrcrazyadd211 ай бұрын
If you have wireless enabled at DefCon, that's on you 😂
@LuxGamer1611 ай бұрын
what about ppl using medical devices?
@kauht11 ай бұрын
I don't think this dude knows what skid means lmfao
@LuxGamer1611 ай бұрын
oh, do tell!
@ricosuaveyatusabe917911 ай бұрын
Yeahhh
@nothanks66610 ай бұрын
I challenge you to do a video without moving your hands.
@TalkingSasquach10 ай бұрын
That's gonna be a no for me dogg
@mister649711 ай бұрын
sup
@Dtr14611 ай бұрын
lol you dont even need a flipper anymore for ble spam. a random anroid phone can do this.
@k3yomi11 ай бұрын
Hence suspicious advertisement implemented. It does state once a ble method is found above: "These packets may not be related to the Flipper Zero."
@BRAINROTcomps11 ай бұрын
Hold up, so someone almost sent a furry to the hospital with a flipper zero? pfft hahahahaha
@bru68111 ай бұрын
Not funny. They could have died
@BRAINROTcomps11 ай бұрын
@bru681 lmao, a fate too kind for furries.
@bru68111 ай бұрын
@@BRAINROTcomps furries are people too yk. Plus What have furries done to you
@BRAINROTcomps11 ай бұрын
@@bru681 nah furries are like one step up from p3d0s in the circles of degen hell
@IKER1000sYT11 ай бұрын
@@bru681your pfp is worrying
@Bub.tv2111 ай бұрын
(:})-|--[
@k3yomi11 ай бұрын
Wall of Flippers is not fancy in terms of detection and also isn't necessary up to my programming standards. However, I'm always looking for improvements and criticism. :3
@Bub.tv2111 ай бұрын
Yeah I'm not a fan of c I like lua more@@k3yomi
@AI4IABETA11 ай бұрын
Lololol
@iyeetsecurity9227 ай бұрын
Lol silly furries.
@paigedoesnotexist11 ай бұрын
Spammnig phones can be a little funny until they use it as a medical device. Whoever attacked at the convention should be ashamed of themself.
@theactualparadox11 ай бұрын
Devices like the flipper should really require some sort of license or a way to easily track anything they do back to them EDIT: I wrote this before starting the video, this is amazing!