Hacking tool exposed by master hacker OccupyTheWeb

Рет қаралды 46,581

Күн бұрын

Another great video with Master Hacker OTW on Flipper Zero, Hacker RF and additional useful tools and methods as part of SW define Radio (Radio Hacking)
If you are interested to watch and learn more on flipper zero, follow @takeapart channel
/ @takeapart
• Flipper Zero Car Key S...
DISCLAIMER - This video is for educational purpose only. Hacking without permission is illegal so I request not to use these capabilities without permission or on devices that are not under your belonging.
Chapters:
0:00 - 0:58 Opening
0:59 - 2:02 OccupyTheWeb
2:03 - 9:26 Flipper Zero solution, use cases, features and limitations
9:27 - 17:00 Radio frequencies - devices and tools
17:01 - 17:46 Hackers-Arise.com SDR classes (Practical course)
17:47 - 18:40 Dragon OS Focal SW and Tools
18:41 - 19:37 Cellular frequencies
19:38 - 22:40 RTL-SDR, FCC ID
22:41 - 25:37 Hacker RF One Breaking encryption
25:38 - 27:00 SS7
27:01 - 27:53 IMSI Catcher (GSM)
27:54 - 35:25 General discussion on SW defined Radios (Hacking), vulnerabilities and cyber hygiene required
OccupyTheWeb Books - Affiliate links:
1. Become a master Hacker - amzn.to/3Eq6vX4
2. NEW BOOK - Network basics for hackers - amzn.to/3YNd1iz
3. Linux Basics for Hackers - amzn.to/3Sdoh5i
Hackers-Arise:
Watch more cyber security fundamental videos
1. How to become a master hacker (With OTW) - • how to become a master...
2. Hacking SCADA systems - • hacking industrial con...
3. SW define radio hacking - • radio hacking with a m...
4. Pegasus spyware - • pegasus the spyware te...
5. Stuxnet - • Explaining cybersecuri...
6. API Hacking - • How Hacking APIs Works...
7. DNS Hacking - • DNS hijacking | Cybers...
8. How to Build a hacking Box - • how to build your hack...
9. NotPetya - • notpetya attack
10. OSINT - Open Intelligence tools - • OSINT framework Explai...

#cybersecurity
#flipperzero
#occupytheweb
#webapplicationsecurity
#yanivhoffman
#burpsuite
#informationtechnology
#hacking
#cyberattacks
#cybersecuritycertification
#informationtechnology
#infosec
#informationtechnology
#cybersecuritynews

Пікірлер: 86

@yanivhoffman 11 ай бұрын

Hi Everyone, another great video with master hacker OccupyTheWeb about Radio hacking. Enjoy!

@skylarmorehead9883 3 ай бұрын

TRRAAASSSSSHHHHHH

@user-ex1uu2jh7x 5 ай бұрын

Hey, it can NOT clone a credit card as was stated in the video. The EMV payment protocol states that the card must sign a cryptogram as part of the transaction verification. This is done inside the chip on the card, and the flipper cannot access this. It can however read the card number, expiry date (but not CCV).

@Alasdair-Morrison 10 ай бұрын

The Flipper Zero may not be able to operate on it's own above 1ghz, but with add on boards could go beyond that?

@nerfherder4284 3 ай бұрын

Best part is the GPIO and expansion boards allowing people to create added hardware, such as the new RP game add-on, or sniffers for other bands.

@sergioguzman8211 5 күн бұрын

The Flipper Zero has a Wi-Fi Developer board that can go beyond that.

@Diddy291 9 ай бұрын

FZ can't replay credit card to terminal. It only can read data . Rest is encrypted. You can read and replay key cards and tags . First and most important is tha it say on box it is only for studying tests not for illegal use.

@nerfherder4284 3 ай бұрын

Codes for key fobs in modern cars use a rotating code. Using your flipper to clone your key fob can result in these codes being out of synch and rendering your fob useless. As people have mentioned it cannot clone a CC, people should not repeat information they have not tested themselves, that is why Amazon banned it: misinformation.

@nightmareapocalypse3471 10 ай бұрын

The flipper can pick up credit card tags but you can't clone a credit card. That's a misconception.

@HackTech_Hacktech 8 ай бұрын

Exactly.. not work with new credit cards

@andrewstewart5804 7 ай бұрын

@@HackTech_Hacktechp

@SirOwlsSkin 6 ай бұрын

9:30 the flipper zero has bluetooth capabilities, which is 2.4 gHz. CFW will empower you to expand the ranges of certain antenna as well.

@skylarmorehead9883 3 ай бұрын

no this is not true

@redpillcommando 10 ай бұрын

Mr. Occupy, I just bought your getting started book. I also just got my flipper zero last month.

@yanivhoffman 10 ай бұрын

Superb! I will forward the message to OTW.

@Supp772 11 ай бұрын

Its good to see OTW with you

@yanivhoffman 11 ай бұрын

Thank you 🙏

@WPGinterceptor460Interceptor 3 ай бұрын

18:45.. not sure where you got the older info but its wrong.. In the 70's and into the 80's we used Radio phones VHF int he 80's 90's we used 800 Mhz for cell phones, then dual band cell phones came out 800 mhz/ 1.8 Ghtz.. 800 Mhz had the long antennas on the brick phones, then the dual band mainly used the 1.8 GHZ thus the small antenna, but if you couldnt get a god 1.8 signal it would switch back to 800 mhz and vice versa..

@yanivhoffman 3 ай бұрын

Thx for the comment. Appreciate it

@funkymonk2254 11 ай бұрын

ThankYou Yaniv and Master OTW.

@yanivhoffman 11 ай бұрын

Thank you 🙏

@daniellowrie 11 ай бұрын

Thanks for the great video, Yaniv! And thank OTW for the great demos/explanations! Now I've got to save up for a Flipper 😅

@sjoervanderploeg4340 11 ай бұрын

It can grab some info from your card yes, but it can not emulate a full EMV card.

@sjoervanderploeg4340 11 ай бұрын

It being "sub-GHz" is not its only downside, it is also limited in modulation types!

@sjoervanderploeg4340 11 ай бұрын

The sole reason for there not being enough radio hackers is simple, regulations. Here in the Netherlands people think it is actually harmful to sent out on the "FM band", because you could knock a radio out or whatever.

@Index-o1234 9 ай бұрын

Thank you for the clarificarion most people assume you can hack or pick up any radio frequency with a flipper and that as you pointed out is just not the case. Makes a nice little universal remote around the home but beyond that I don't know that it would be of much interest beyond that for most.

@crsv7armhl 8 ай бұрын

You are correct. Now if you are actually trying to analyze and create your own signals from scratch its a great tool to learn on. Plus it is portable and has the NFC/RFID piece. I have created quite a few tools for it.

@SirOwlsSkin 6 ай бұрын

I managed to softlock an iPhone today that had bluetooth turned on. It had to be restarted once I ceased the attack. I managed to do this from about 30m away. Not sure why everyone's disappointed that they can't get arrested for credit card fraud, but they could use the RFID fuzzer to get arrested for B&E or theft just as easily.

@s_e_t_z3248 5 ай бұрын

@@SirOwlsSkinSame with BadKB exploits. I made a program that downloads a payload onto any windows PC in like 3ish hours without prior experience with DuckyScript. Its an awesome tool.

@nerfherder4284 3 ай бұрын

It has Bluetooth and a wifi expansion board you can plug into the GPIO

@YTInnovativeSolution 10 ай бұрын

Can it be used as an automotive TPMS device? Such as an Autel tool used to trigger each wheel and read the current tire pressure?

@leolaxes 10 ай бұрын

Not out of the box, depends on how the radio comms are inpmemted between the car and the tires.

@user-mn4kh1pn1d 11 ай бұрын

היי רק רוצה להגיד שהסרטונים שלך .זה רמה אחרת מעל כולם .כיף לראות את זה כל פעם מחדש ולקנות יידע.אשמח מאד אם תעשה סרטון על רמזורים .ועל התקיפה האחרונה שהייתה .❤❤תודה❤❤

@yanivhoffman 11 ай бұрын

תודה רבה ❤️

@marinob7433 11 ай бұрын

This was great as always, Yaniv thank you for your effort and time. And of course mr. OccupyTheWeb! keep educating us.

@yanivhoffman 11 ай бұрын

Thx so much 🙏

@user-he4rp7uj8o 8 ай бұрын

Awesome

@nick_yt23 11 ай бұрын

Smart lock for homes are more critical than cars fobs. Can these toys defeat the encryption of August, Yale, Nuki smart locks? This is the real question .

@scousersharkey5880 8 ай бұрын

It depends if they use a rolling code or not, like car keys mostly use rolling codes apart from Honda apparently. ( I'm not 100% on the Honda thing but that's something that keeps popping up when I look into it.

@fireteamomega2343 2 ай бұрын

Some of them are still susceptible to newer Bluetooth protocol exploits that can circumvent security. As far as a vanilla flipper out of the box no you wouldn't be able to do that.

@DanielYekuel 11 ай бұрын

היי יניב! סרטון טוב כמו תמיד! איך אפשר אולי ליצור איתך קשר?

@yanivhoffman 11 ай бұрын

You can send me DM via LinkedIn

@my-rules 11 ай бұрын

תודה

@scriptles 8 ай бұрын

As for jamming a fob to get it.. imagine you are at work and you just have access to someones keys a second.. u can press a button record it... replay it when you are closer to the car.... you dont even need to jam it always

@SirOwlsSkin 6 ай бұрын

This is dangerous as many remote entries use an evolving seed. The flipper will work to open the car once, and then neither the flipper nor the original remote will work again. I do have a 'tesla playlist' that I'm looking for someone to let me try out, however...

@scriptles 6 ай бұрын

@@SirOwlsSkin So you are sorta wrong about how the codes work. If you use a flipper to replay a code by copying it while its not near a car.. then the flipper will work only once on the car.. then it wont work again.. the keyfob will not work only once until its "back in sync". Essentially you gotta press the button TWICE for it to work its not like oh it will never work again. And this also depends on if the car manufacturers ever get wise enough to just make it stop working but then customer complaints will skyrocket if they ever did that. The codes basically use a counter and each button press increases the counter.. the cars counter increases it expects the next code.. if pressing it in your pocket while yo uare far away did what you said it would people would be having major issues all over with accidental pocket bumps.. but thats not how that works... so its not fair to said what you just said especially when you do not know what you are talking about.

@nerfherder4284 3 ай бұрын

@@scriptlesthe point that it isn't as straightforward as most people think is a good one. Your explanation is more specific but the point is that people should be aware you can have adverse effects while using your flipper if you are not careful. Some electronics used inside the human body have sub GHz communication and can possibly be affected by a flipper.

@fireteamomega2343 2 ай бұрын

@@scriptles It's not that simple it isn't just a counter it's a set of custom registers stored in your win module with wildcard bits for transmit length. These wildcards are used like an analog encryption algorithm. Meaning it becomes harder to read a bunch of data if you don't know the length of bit transfer and what is null and what is being read. The current shared checksum value is exchanged between your key fob register and the win module registers. When this happens the checksum values of the registers are changed in proportion to whatever it's programmed to do. So it's not really even an algorithm that rolls the codes so to speak. Ie. it's just programmed to multiply by five and divide by two for example applying to certain register values. Subsequently if the two don't match up then it won't ever likely resynchronize by simply pressing the key fob. As for your comment about people complaining well there's not many instances where this would occur other than a roll jam replay attack. And before anyone wonders about how it works with a second key fob they operate on a separate register. If you don't believe me go ahead and try it then have fun paying for the dealership to reprogram your ignition and keys.

@keybrent64 3 ай бұрын

I wonder if this is what happened to AT&T cell service going out recently

@joelrggizmo1373 3 ай бұрын

Are you gonna be attending Defcon this year?

@yanivhoffman 3 ай бұрын

Im thinking of it and if I will , will be happy to meet if you are around

@yobb89 4 ай бұрын

i got the flipper, and all my stuff i wanted to hack has encryption, car has rolling keyfob code, the thing has been collecting dust for 6 months

@joelrggizmo1373 3 ай бұрын

Are you running KAIL LINUX ?

@nerfherder4284 3 ай бұрын

It is a good question, most people don't realize that you can change the firmware on the Flipper to something much more useful. I use Extreme.

@Crazy--Clown 2 ай бұрын

Thnx Jeff

@yanivhoffman 2 ай бұрын

😂

@PhillyFixed 8 ай бұрын

Don't forget extended-range low-band 5G operates at 700 MHz (e.g. T-Mobile in the United States).

@yanivhoffman 8 ай бұрын

Correct good feedback

@CROWNSOLUTIONS 10 ай бұрын

Wow this looks the same interview as David bumble , he say the same thing

@yanivhoffman 9 ай бұрын

thx for the feedback. i didnt see that one with David and anyway i always ask my own question. yet i assume there are familiarities as the flipper zero is limited in capabilities and questions might be in some cases same

@Daniel-Tiger 10 ай бұрын

Why do they say sub gig when they could just say UHF?

@yanivhoffman 10 ай бұрын

Good point but we tried to simplify it

@joeschmo5171 3 ай бұрын

Guy Fawkes…really man? 🙄

@0RIPPER0 11 ай бұрын

Nice

@yanivhoffman 11 ай бұрын

Thank you 🙏

@mistereff7077 4 ай бұрын

No it won't open up a car on a regular, there are switching algorithms that change the signal now the signal doesn't change if the fob is not responsive, so maybe you can get one use in specific situations but won't be recognized to start car. Half of what is said here is bs fantasy

@mistereff7077 4 ай бұрын

I responded too soon now it is being addressed in vid about rolling codes

@mistereff7077 4 ай бұрын

I responded too soon now it is being addressed in vid about rolling codes

@mistereff7077 4 ай бұрын

I responded too soon now it is being addressed in vid about rolling codes

@mistereff7077 4 ай бұрын

I responded too soon now it is being addressed in vid about rolling codes

@Asiegrist92 11 ай бұрын

Hi. Key fobs for modern vehicles and many older key fob versions utilize rotating signals that the car references from a generated list, once that signal is used, it is then removed from the list and a new signal is generated. I.... saw the preview clip of the video and figured I'd let you all know, in case you're like me and actually try to hack vehicles (For educational purposes, of course.)

@fmned0112 8 ай бұрын

Gotta capture an unrecieved signal and it will work one time only per instance recorded. Also may desync the key fob etc. If you don't know how to reprogram your remote be careful .

@orion10x10 6 ай бұрын

OTW is such a U.S state department shill (he still has good information on security tools though)

@yanivhoffman 5 ай бұрын

whats on your mind, please share :-)

@skeeter1070 9 ай бұрын

Just started to learn it all I can do is open a tesla now

@yanivhoffman 9 ай бұрын

😂

@peepopalaber 3 ай бұрын

otw is a hack and not a "master" he isnt even a og.

@czaszkagra 11 ай бұрын

I managed to capture keyfob signal (vm Jetta), then after replaying i had to pay 20 euro for reprogramming keyfob.hahahah Its great toy guys.

@DDBAA24 11 ай бұрын

all this thing did ws exploit skillsets people took years to learn and put them on a tomagotchi . With years of self learning you develop discipline when using powerful tools for research. Its honestly insulting and a disappointment all in the quest or the almighty dollar. This is a technical device people are using as a practical joke or criminal activities.