Flipper Zero

What is a Flipper Zero?

The Flipper Zero is an open-source, portable multi-tool for security research. It combines numerous radio and communication technologies in one handheld device: Sub-GHz radio (for garage doors, car keys, alarm systems), RFID and NFC (for access cards), infrared (for TVs, air conditioners), Bluetooth, and BadUSB. Although marketed as a learning tool, in the wrong hands it can be used to bypass access systems and clone or replay wireless signals.

Attack Techniques

πŸͺͺ

RFID Card Cloning

The Flipper Zero reads RFID access cards (e.g. office badges) and stores their data. It can then emulate the card and open doors – without the original card.

πŸš—

Sub-GHz Replay Attack

It can record and replay radio signals from garage doors, car keys, or alarm systems. Older systems without rolling-code protection are directly vulnerable.

πŸ“‘

NFC Attacks

NFC cards (contactless credit cards, hotel key cards) can be scanned, analyzed, and partially emulated.

πŸ“Ί

Infrared Chaos

With the built-in IR database, the Flipper Zero can control virtually any device – turn off TVs, adjust air conditioners, disrupt projectors during presentations.

⌨️

BadUSB (Keyboard Emulation)

Just like the Rubber Ducky, the Flipper Zero can act as a keyboard and inject commands when connected to a computer.

πŸ“Ά

Bluetooth Spam

It can send mass fake Bluetooth pairing requests, flooding smartphones with notifications (iOS/Android pairing spam).

Demo: RFID Access Card Cloning

Simulate the three-step clone attack: scan card β†’ create clone β†’ open door. This is exactly how it works in reality.

Flipper Zero Display

🐬
Ready. Press Β«Scan CardΒ» to begin.
1
2
3
βœ“
Access Control
πŸ”’
Door locked

What's safe, what isn't?

Unsafe: Older RFID cards (Mifare Classic, EM4100) – widely used in offices, gyms, and hotels.

Partially safe: NFC credit cards – can be read, but payments require additional data (CVV, PIN).

Safe against replay: Modern car keys with rolling codes and garage doors with AES encryption are protected against simple replay attacks.

Safe: FIDO2/WebAuthn keys, cryptographically secured access systems.

How to protect yourself

1. Use modern RFID cards: Switch to cards with cryptographic authentication (MIFARE DESFire, MIFARE Plus) instead of outdated EM4100 cards.

2. RFID-blocking sleeve: Keep credit cards and access cards in RFID-blocking sleeves to prevent contactless reading.

3. Multi-factor authentication for physical access: Combine card + PIN for physical access control.

4. Don't leave your card unattended: A clone attack only requires a brief moment in close proximity (a few centimeters).

5. Regularly audit your system: Periodically check which cards have access and deactivate those no longer in use.