Low-frequency proximity cards are widely used in access control systems around the world. It's pretty dumb, keeps only a short few-byte ID, and has no authentication mechanism, allowing it to be easily read, cloned, and emulated by anyone. A 125 kHz antenna is located on the bottom of Flipper's body — it can read the EM-4100 and HID Prox cards, save them to the memory and emulate any of the saved cards by choosing one from the menu.
You can also emulate the card by entering its IDmanually, so you can easily send it to your friend in a text format. Thus, Flipper owners can exchange card dumps with each other remotely without ever touching a physical card.
I'll defer to Brian and others in this area for technical comment. Clearly, though, its a highly produced video and campaign with millions in funding to show for it.
Expected ship date is February 2021, though, Kickstarter projects are often late.
Seems cool. But one question is WHY!!!. Just because you can doesn't mean you should. I get so sick and tired of lazy ass hackers who just want to hide in the shadows and make everyone else's lives miserable. GET A JOB!!
I think you're being a little short-sighted. As Brian says below, this isn't revolutionary, just repackaging things that are already in existence. These are tools the bad guys already have access to. Meanwhile, good guys need to stop hiding their heads in the sand and get their security systems fixed. All this product does is raise awareness. Also great for red team pen testers.
For the record, this kind of thing has been done before, by reputable companies/organizations. Check out these websites:
I am full aware this has all been done before. To me it's just aggravating to how people want to mainstream devices like this and make it simple for the average Joe to use. All they are trying to do is wrap up a bunch of junk into a small little box.
anything new, just combining some common things together (SDRs, rubber ducky, IR, etc).
Is what's new the claim to make it easier? I don't track this area so I don't know but that's the gist of what I got from the video is that, while you good do these things before this is hacking for dummies.
Yes, the integrated and presumed ease of bringing all these things into one device is somewhat novel. This just looked like the kind of project that ships with some funky hardware and incomplete open-source software where they ultimately expect the buyer to do the last 20% of the work (which is way more than 20%...). Little things like hardware drivers and solid libraries to interface everything can make or break a device like this.
The board layout and packaging is really fairly easy in the grand scheme of things. But I personally think that trying to jam all the claimed functions into something where the UI is a small screen and a cursor keypad can be more challenging than it seems.
Maybe I'm just skeptical, but I do not see this thing being as cool in real life as they make it seem.
Let me be clear why I would want something like this. Talking about how insecure someone’s access control is one thing. Doing it in front of them is another. I have a card duplicator I got off eBay. I’ve showed a lot of prospective clients how easy it is to copy their cards. This helps to up sell them a better system and helps the understand that cheaper is often less secure.