Flipper Zero reads your NFC security key

Flipper Zero reads your NFC security key.

Adrian Kingsley Hughes/ZDNET

I love my Flipper Zero, but what I hate is all the fake stuff people looking for attention upload to TikTok. No, the Flipper Zero can’t change gas station signs, it can’t clone credit and debit cards, and it can’t (usually, anyway) turn off the displays at your favorite burger joint.

But that doesn’t mean the Flipper Zero can’t do some cool and useful things, too.

Also: Flipper Zero can be used to disable iPhones running iOS 17, but there is a way to thwart the attack

Over the past few months, I’ve been using the hardware kit included with the Flipper Zero. What’s built into this little toy-like gadget?

There is a sub-GHz wireless antenna that can pick up and transmit wireless codes to operate wireless devices and access control systems, such as garage door remotes, boom barriers, IoT sensors, and even remote keyless systems.

RFID support allows a number of different RFID tags to be read, stored and emulated.

also: Do RFID blocking cards actually work? My Flipper Zero has revealed the truth

It can also read, write, store and emulate NFC tags.

On the front is a single-wire connector that can read and emulate iButton dial keys (also known as DS1990A, CYFRAL, Touch Memory, or Dallas key).

There is also a built-in infrared transceiver that can pick up and send infrared codes to control things like televisions.

Finally, at the top are GPIO connectors that allow the Flipper Zero to connect to other real-world gadgets.

also: How to unlock the true power of Flipper Zero

That’s a lot of features crammed into a small $169 device.

But every week, I hear from buyers who are frustrated and disappointed that their Flipper Zero won’t do the things it looks like it can do based on fake videos on social media.

Here are some things I’ve been doing with my Flipper Zero over the past few weeks.

Flipper Zero reads the Apple Pay NFC signal from your Apple Watch Ultra

ZDNET recommends

Flipper Zero

Flipper Zero is a versatile portable tool for pen testers and geeks in a toy-like shell.

View in the Flipper Zero store

NB: I run third-party software on my Flipper Zero, which gives me access to a bunch of additional features. But don’t worry, downloading third-party software does not void your warranty and you can easily revert to the stock software at any time using the Flipper Zero app on your desktop, laptop or mobile device.

The sub-GHz wireless antenna can pick up signals from a car key fob (and can record them, although turning them back on in modern cars won’t unlock them due to a feature called “rolling codes” that changes the code with each use).

also: The Best Security Keys You Can Buy (And How They Work)

This is an easy way to test if the key is working and the battery is good.

NFC is everywhere these days, and the Flipper Zero lets you work with this wireless protocol. They’re embedded in plastic cards and chains, and are used for all sorts of things, from opening hotel room doors to controlling barriers.

NFC can be read by Flipper Zero. Many NFC cards can also be copied and cloned (this depends on the security used for the card, and I can’t give you any hard and fast rules on which NFC devices can be cloned).

also: The Best VPN Services (And How to Choose the Right One for You)

Note that while the Flipper Zero can read NFC cards and fobs, it can’t decrypt the card’s encrypted security code, also known as CSC, CVV, CVC, CAV, and a host of other three-letter abbreviations.

Flipper Zero cannot decrypt the card's encrypted security code, so it cannot clone bank cards

Flipper Zero cannot decrypt the card’s encrypted security code, so it cannot clone bank cards.

Adrian Kingsley Hughes/ZDNET

Besides NFC, the Flipper Zero can read and clone RFID, including hotel cards (as pictured above).

also: How RFID tags can make in-person clothing shopping less frustrating

RFID cards and tags can be locked to prevent them from being overwritten, but Flipper Zero can bypass many of these mechanisms. Here, the card is offered to unlock if I present it to a valid reader, allowing me to clone the card and unlock the door using both the card and Flipper Zero.

I have used this to clone access cards and fobs for all types of buildings, and many times the employees – and sometimes the building owners – were not even aware of the fact that this trick was possible.

The Flipper Zero can open some RFID cards and tags

Flipper Zero can open some RFID cards and tags.

Adrian Kingsley Hughes/ZDNET

Yes, Flipper Zero can bypass the security found in some Sentry Safe electronic safes using an output from the GPIO.

This is definitely not something you want to do if it’s not safe for you or you don’t have permission, but it shows just how unsafe the “free” lockers found at hotels, spas, and Airbnbs actually are.

The Flipper Zero has a built-in infrared module, which in turn can be programmed to power a wide range of devices, from TVs to AC units. Any consumer device that has an infrared remote control interface can be controlled with the Flipper Zero.

Another great use of this function is to test whether the infrared remotes are working or not. Point the remote at the Flipper Zero in “IR Read” mode and it will detect the signals.

Testing the disassembled infrared remote control

Testing the disassembled infrared remote control.

Adrian Kingsley Hughes/ZDNET

The Flipper Zero can act as a BadUSB device, meaning that when plugged into a port it is seen as a human interface device (HID), like a keyboard.

also: Best VPN Services for iPhone and iPad (Yes, You Need to Use One)

A BadUSB device can change system settings, open backdoors, retrieve data, initiate reverse processes, or do anything that can be accomplished with physical access. These tasks are completed using a set of commands written in the Elastic Ducky programming language, also known as DuckyScript.

Flipper Zero opens the browser and navigates to a web page without user input.

Adrian Kingsley Hughes/ZDNET

Flipper Zero can use GPIO to output electrical signals and act as a signal generator. I last used this to simulate a car’s ABS module to make sure all the wiring and computers in the car were working.

GPIO pin

Adrian Kingsley Hughes/ZDNET

Now, I don’t advise you to do this unless your “victims” give you permission, because it can annoy people and is very likely illegal in most places, but the ease with which Flipper Zero can crash or execute an iPhone is a denial of service (DoS) attack ) on Android devices is scary.

With just a few clicks, Flipper Zero can flood devices within a 30-foot radius with pop-ups, making them nearly impossible to use. So far, the only defense against this technology is to turn off Bluetooth.

Leave a Reply

Your email address will not be published. Required fields are marked *