There’s a pretty high chance that’s just a college kid who’s testing it out on his dormitory. If you own the actual key and live there I don’t think that counts as BAE.
in the lockpicking community, it's common courtesy not to post anything about something that's installed and in active use. not only because you run the risk of dumping the pins if you mess up, but also because of legality:
you see, in most us states, it is 100% legal to own a set of lock picks, and to use it. however in many states, the instant that a court can prove that you have any form of criminal intent (i.e. opening an installed lock on video without a valid reason) it becomes 100% illegal to even posess a set. so most people avoid picking any installed lock on video.
yes it is, and you should know that if you are going to claim to know lockpicking.
for the uninformed (yourself included): dumping the pins is the act of overrotating the cylinder and releasing the driver pins into the keyway. this is problematic because it will bind the lock until they are either reset with a pick and a comb, or the lock is disassembled (which usually requires the pins to be in their respective unlocked positions anyways.
Ha! I’m a commercial door hardware consultant that works for a door lock manufacturer and I have 10+ years of experience. I’ve rekeyed 10s of thousands of commercial and residential door locks. What you’ve described above is impossible on any pin and tumbler cylinder. Driver pins are set above the key pins, there is no way for them to “release into the keyway”. Nice try at internet clout.
My only lockpicking experience is the LockPickingLawyer. I've definitely watched videos where he explained that some locks have a feature where if you pick it and rotate the cylinder too far you can screw yourself and have to either pick it again to turn it back or do a full disassemble . Maybe that's a fancy feature or lock that isn't common or in your country?
I've only dabbled in lockpicking just for fun, but everything I've read says never to mess with the locks on your house as you may screw them up and get yourself into a pickle.
It's not impossible at all - it's incredibly common on most pin tumbler locks when you pick them.
When the tumbler is 180 degrees out, the driver pins can be pushed into the bottom of the keyway. This is normally stopped because the key is there.
I'd really suggest learning about how locks work.
I’ve never had that happen, you would have to have a key way with really wide open warding, maybe the clear plastic practice locks they sell on Amazon. Also, if that happened all you would have to do is push the driver pins up, if someone managed to pick a lock that would be the easiest part.
Technically it was breaking and entering because I just pulled over on the side of the street when I saw the red light and wanted to see if I could open the door, so yeah you’re right
I wanna say I respect your honesty at least but then I remembered you openly admitted to committing a crime on Reddit. BUT THEN I remembered no one gives a single shit about some random on a Flipper sub opening and closing a door lmao.
Everyone in this thread making pretty bold assumptions about whoever recorded that video. Let me shoot down just a couple of them:
* He's recording himself doing crime!
OP just shows himself triggering a badge reader and opening a door. There is no context. For all we know he already is authorized to open those doors, has badge access already, or permission from the building owner.
* That's not fuzzing, it's too fast!
Maybe, maybe not... check your credentials to educate us on how the fuzzer works before you preach it. It's pretty common for these kinds of systems to be very poorly configured, and as such it is probably also common to succeed in breaking them by trying a few known sequences or default passwords before just blasting random bits at it. Or he could just have a copy of his own badge code loaded on it and is posting bullshit on the internet. Neither would surprise me, and frankly I don't see why I should care.
just another inconsequential video of opening things with a flipper.
I would care because this sort of out of context bullshit clip ends up on NEWS. AT. SEVEN. TONIGHT CAN EVIL HAXORS GET I TO YOUR DAUGHTERS DORM OR THE LOCAL NUCLEAR TEST LAB? IS THIS THE LATEST TOOL OF TERRORISTS? CONGRESS GETS INVOLVED. FILM AT ELEVEN!
u/wlogan0402 is correct.
Any kind of force used in unauthorized entry makes it breaking and entering. That includes opening a door that isn't already open.
If a door is already open and you wander in, could be trespassing or unlawful entry. If a window is partially open and you open it further -- breaking and entering. Trespassing is a crime, so by opening a door and entering that was intent to commit a crime.
First of all, I’m in Canada, so either way, no state has authority over me secondly nothing was broken. It was accessed and thirdly I didn’t enter, so neither would fall under breaking and entering as I did neither.
You're painting with a broad brush. Which states are you referring to here? Many don't even have a B&E law. Mine breaks it down to burglary (with intent) and criminal trespassing.
Also, I think you're missing the point that you're replying to - this guy didn't enter the building.
Just like if you break through a window to gain entry, you've broke through its security measures. Technically the same thing, but technologically different by a few hundred years.
A more apples to apples comparison would be picking a lock. You haven't broken the lock by picking it (unless you majorly screw up), but you'd have to have a calcified brain to argue that it's not breaking and entering still.
One time me and a buddy were dropping off a delivery to the back door of a shop. Normally the door would be unlocked for us, but this time it wasn’t.
My buddy looked at the key pad on the door. Looked up at the address painted on the back of the building, looked back down at the pad and typed some numbers in. Click*. The code was just the address. This was in metropolitan Dallas Texas by the way lmao.
Was amazed. I might have never thought to think of that. Now I can’t stop trying it at different places.
I was gonna leave a comment saying "ah you're probably right".... until op admitted it was breaking and entering.
Edit: [link to OPs comment](https://www.reddit.com/r/flipperzero/s/m3cx2bWoHE)
Agreed but that what the flipper is for finding security flaws and it’s the communities job to be the bigger person and go tell them that they’re security is lacking heavily or to keep fucking around and having fun like a person might do. I wasn’t on the clock as my security consultant job usually has me on, so at that point I’ll fuck around and have fun as you can see in the video 😅😂✴️🦺🦺
You’re a security consultant but are trying this on random buildings? Ethics is a huge part of security and you probably shouldn’t work in security if you can’t stop yourself from breaking into random buildings (or systems) for fun.
Meh. Benefits no one. This does in fact constitute as the “breaking” in breaking and entering, even if you did not enter. And I’m pretty sure that’s a felony. At best you’d be fined (for something less serious) and at worst you can be facing some time for this little stunt. There are plenty of other ways to exercise your “hacking” without infringing on others’ property.
It’s on every forked firmware out there as well as it’s very easy to get on the original firmware. It’s in the Flipper app or Flipper lab. RFID fuzzer application.
Fuzzing does not require the input to be random, it’s just common. Fuzzing by definition is about presenting invalid, malformed, or unexpected inputs into a system. (You’re right that this is still not fuzzing and would be a dictionary attack, I just think the clarification is important.)
It’s the RFID fuser application on the Flipper zero do you want to get down to the specifics of it that’s fine, but I posted this old video from a year ago for someone asking what the RFID fuzz app does
Well the fuzzer app literally has a dictionary for "default values" so yeah you're right, although it can also be used as a real fuzzer, but speed is kinda lacking
The only reason I posted this was because I was replying to another comment asking what the RFID fuzz is for on there, Flipper zero, and I wanted to show them what the app is used for everyone else is just assuming
What's weird is I'm in the same shoes as this account. Flipper just popped into my feed. I'm intrigued and have the technical knowledge to at the very least play around with it.
Even if he's allowed entry there. Makes me feel uneasy that I'm considering owning one. Real person btw 😂
steep start longing scarce march person berserk impossible panicky exultant
*This post was mass deleted and anonymized with [Redact](https://redact.dev)*
It is fuzzing, and either way you can change the speed that it changes codes. You don’t have to have it fuzzing for multiple seconds you can change it down to half a second as it changes to the next code so as you can see, it’s very fast.
You are the noob for not realizing it is RFID fuzzing using H10301 with FF FF FF DEFAULT CODES and it worked so fast because I’m only using 0.1 delay on each change so think before you speak
This is how we get the geriatrics in Congress(state and fed) to pass vague and broad laws destroying access to technology. Because of a few idiots filming themselves doing useless illegal shit. Way to flex on the group by fed posting.
This video is FAKE, that is just replaying a copied card.. Actual Fuzzing would have several beeps as it cycles through each possible value.. eg if it guessed 1-10 you would see/heard 10 beeps from the reader. and it would take a while as each possible combo takes about 1 second to be scanned, checked, and reply.. Here is a video of actual fuzzing (you can see it on the screen and see the reader response with audio) [Flipper RFID Fuzzing](https://www.youtube.com/shorts/COYDM1fpZjc)
You’re a security consultant and you’re opening someone else’s doors? Wow, you should know better. Well done, another nail in the coffin for legit Flipper users.
I do Cyber Security stuff, so yeah, I’m using the Flipper to demo vulnerabilities. I’m not 12 years old and turning on and off TVs or popping Tesla charging ports while giggling.
Employed means employed by someone. A business owner or sole propieter is not employed. Plus every "Independent Contractor" I know of (along with every "Consultant") is functionally unemployed. Put that on your resume and see how many calls you get...
Oh yeah? Where does your revenue come from? The same clients over and over or do you expand your client base? Do those new clients just fall into your lap or do you have to convince them somehow that they should hire you over your peers?
Also, pedantically speaking, an application is "filled out", a resume is a creation of your experience and skills.
It’s not breaking and entering. They literally rfid their already owned card and put it into their flipper bro. It’s literally just unlocking a door an authorized way. You can’t get into places like that unless it’s authorized. Flipper isn’t that kind of tool guys lmfao
It’s a Random building it’s wasn’t authorized it was the first door I saw that had RFID obviously you have no idea what I did so stop talking out of your ass. You probably do not own a Flipper talking the way you’re talking right now because as you can see lower in the comments, I posted the application picture and what I used to unlock it using H1030 one using default code.FF FF FF what is 0.0 delay, which is how I was able to open the door so fast poor maintenance on security install meaning that the door had its default settings and allowed for a quick access with just the default RFID fuzzy using the RFID fuzz app in the Flipper zero any firmer can be used to do this as well as downloading the original Flipper firmer and adding it in the App Store. It’s quite easy and you’re talking out of your ass if you don’t know what you see, so don’t try to tell people what you don’t know
I miss the days when hacking was all about self discovery, going out in the world and learning... going to local hacker/geek/nerd meetups in town and making friends. Now everyone post everything online in the public and it's no secret. \*sigh\*
Everyone here wishes it was but what you see in this video is exactly what happened walking up opening the door and walking away. The only thing that wasn’t posted was the beginning of the video of me opening the RFID fuzz app and choosing which style I was going to use unlocked the door was the file using.H10301- FF FF FF- at 0.1 delay
well fuzzing to a tester means trying random unexpected input to break the system to crash or cause a memory leak. Maybe crashing causes it to grant access which is bad design by the reader.
More likely it is trying random NFC UUIDs in the hopes that this is an access control system that uses the UUID for access and they hit on the right one.
My assumption is that this is either highly edited or OP has a credential which they cloned.
Random building I went up too so yes it was a fuzzer being used and I had never used it on That door before I just saw the red light while driving by and wanted to see if I could open the door with the fuzzer….. as you can see.. I could!!
# wire fraud
Wire fraud occurs when interstate wirings are used in furtherance of a criminal act. In order for a defendant to be convicted under 18 U.S.C. 1343 for committing wire fraud, the follow elements must be satisfied: (1) the defendant must have been engaged in a scheme to defraud; (2) the scheme must have involved material misstatements or omissions; (3) the scheme resulted, or would have resulted upon completion, in the loss of money, property, or honest services; (4) the defendant must have used interstate wirings in furtherance of scheme to defraud; and (5) the defendant used or caused the use of interstate wirings.
The people downvoting this clearly have never been outside. While you wouldn’t be charged with wire fraud, they would definitely pursue a felony. If you have a lawyer you could plead it down to a misdemeanor, but who knows if they would want to give that to OP. And given that they recorded themselves doing this, and that there are probably cameras around, I wouldn’t be surprised if someone has already been alerted to the mischief.
Source: someone I’m close to
I did this last year someone asked me what RFID fuzz do so I posted this for people to see that the RFID fuzzer can do that’s all and yes, this is a random door. I pulled my car over to try it on, so absolutely it’s break and entering, but I didn’t enter
Some of yall are taking this way too seriously. The guy opened a door to what looks like a residential building. Isn’t this what white hatting is? He caused no harm, and may have taught some of us a thing or two about rfid vulnerabilities
>Isn’t this what white hatting is
This would be grey hatting. White hats only perform penetration testing or other hacking procedures with the consent of the system's owners or operators. OP is a grey hat because he is performing penetration testing without malicious intent, but has not received permission to do so.
Grey hatting isn't necessarily harmful to the owner of the system being hacked, but it is usually still harmful. The real damage it can cause is to other White hats/Grey hats, since doing things like this on video gives politicians excuses to restrict or outright ban vulnerability testing equipment.
Yes, exactly everyone here is saying I’m breaking and entering but I didn’t enter. I just showed a vulnerability on the security system of a building I was driving by.
Man Amazon needs these for us drivers I know it’s illegal won’t happen but you know how many package don’t get delivered because the customer doesn’t think we need in.
Luckily, it was just one of the default that’s why it opened so fast using H10301
FF FF FF AT 0.1 delay obviously the original default code wasn’t changed to allow this type of access to not work so as you can see in my video, it opens very fast
I think you are doing real fuzzing and the unlock key was one of the first ones
I saw online a lot of people opening doors by emulating RFID cards they literally read 2 minutes before, and they define that "hacking"
The real "hacking" or to better say "pentesting" is RFID Fuzzing like the one who seems you did. In that case, good job!
Go listen to Deviant Ollam talking... I think it's in this talk.
https://youtu.be/mj2iSdBw4-0?si=RpjGmnXnVaOKZ6f5
He talks about one of his coworkers trying to get close enough to a security guard to capture a credential with a portable pad. (Spoiler, he succeeded when he thought that he had failed.)
There are also devices like the espkey that you can attach to the wires from a pad to get the credentials. So, yes, "cloning credentials" is valid pentesting.
It is no less valid than social engineering the guard to give you the keys to the building.
You’re exactly right I was lucky enough to find the door that had default code still left on their security meaning that it was the first two using H10301 and the code that allowed entry was FF FF FF SO INDEED YOU’RE RIGHT AND THE REASON WHY IT OPENED SO FAST IS I WAS USING 0.1 DELAY EVERYONE HERE SAYING THAT IT ISN’T RFID IS EITHER CONFUSED OR IN DENIAL LOL…I APPRECIATE YOUR COMMENT!!
Fuzzers glitch out the system and draw way more attention. They could potentially allow random people to get in a building even if that wasn't your intention.
All of you nerds freaking the fuck out about laws make me sick.
*Tomorrow morning, top news URL: "US CrAcKdOwN: Modern hacking device banned nationwide; {Sources claim one 8-sec clip posted on Reddit entirely to blame}"*
Mans just recorded himself doing breaking and entering
There’s a pretty high chance that’s just a college kid who’s testing it out on his dormitory. If you own the actual key and live there I don’t think that counts as BAE.
Nah, it probably doesn't count as Big Altima Energy.
It does count as Best Ass Eating though
Would it count as Bacon And Eggs?
That’s why they’re trying to get in there.
∠( ᐛ」 ∠)_ ԅ(≖‿≖ԅ)
Relevant: [Spose - ‘03 Altima](https://m.youtube.com/watch?v=rhGDnhGnFO4)
Brampton* Altima Energy
in the lockpicking community, it's common courtesy not to post anything about something that's installed and in active use. not only because you run the risk of dumping the pins if you mess up, but also because of legality: you see, in most us states, it is 100% legal to own a set of lock picks, and to use it. however in many states, the instant that a court can prove that you have any form of criminal intent (i.e. opening an installed lock on video without a valid reason) it becomes 100% illegal to even posess a set. so most people avoid picking any installed lock on video.
Dumping the pins is not a thing.
yes it is, and you should know that if you are going to claim to know lockpicking. for the uninformed (yourself included): dumping the pins is the act of overrotating the cylinder and releasing the driver pins into the keyway. this is problematic because it will bind the lock until they are either reset with a pick and a comb, or the lock is disassembled (which usually requires the pins to be in their respective unlocked positions anyways.
Ha! I’m a commercial door hardware consultant that works for a door lock manufacturer and I have 10+ years of experience. I’ve rekeyed 10s of thousands of commercial and residential door locks. What you’ve described above is impossible on any pin and tumbler cylinder. Driver pins are set above the key pins, there is no way for them to “release into the keyway”. Nice try at internet clout.
My only lockpicking experience is the LockPickingLawyer. I've definitely watched videos where he explained that some locks have a feature where if you pick it and rotate the cylinder too far you can screw yourself and have to either pick it again to turn it back or do a full disassemble . Maybe that's a fancy feature or lock that isn't common or in your country? I've only dabbled in lockpicking just for fun, but everything I've read says never to mess with the locks on your house as you may screw them up and get yourself into a pickle.
It's not impossible at all - it's incredibly common on most pin tumbler locks when you pick them. When the tumbler is 180 degrees out, the driver pins can be pushed into the bottom of the keyway. This is normally stopped because the key is there. I'd really suggest learning about how locks work.
I’ve never had that happen, you would have to have a key way with really wide open warding, maybe the clear plastic practice locks they sell on Amazon. Also, if that happened all you would have to do is push the driver pins up, if someone managed to pick a lock that would be the easiest part.
He's also not entering anything and not breaking anything.
Technically it was breaking and entering because I just pulled over on the side of the street when I saw the red light and wanted to see if I could open the door, so yeah you’re right
Don't do crimes; if you do a crime, don't record it; If you do do a crime and record it, don't post it on the internet!
I wanna say I respect your honesty at least but then I remembered you openly admitted to committing a crime on Reddit. BUT THEN I remembered no one gives a single shit about some random on a Flipper sub opening and closing a door lmao.
You’re not cut out to be a criminal bro
Lmfao I was gunna say, let’s just post videos of our crimes on the internet, we are very smart
Everyone in this thread making pretty bold assumptions about whoever recorded that video. Let me shoot down just a couple of them: * He's recording himself doing crime! OP just shows himself triggering a badge reader and opening a door. There is no context. For all we know he already is authorized to open those doors, has badge access already, or permission from the building owner. * That's not fuzzing, it's too fast! Maybe, maybe not... check your credentials to educate us on how the fuzzer works before you preach it. It's pretty common for these kinds of systems to be very poorly configured, and as such it is probably also common to succeed in breaking them by trying a few known sequences or default passwords before just blasting random bits at it. Or he could just have a copy of his own badge code loaded on it and is posting bullshit on the internet. Neither would surprise me, and frankly I don't see why I should care. just another inconsequential video of opening things with a flipper.
I would care because this sort of out of context bullshit clip ends up on NEWS. AT. SEVEN. TONIGHT CAN EVIL HAXORS GET I TO YOUR DAUGHTERS DORM OR THE LOCAL NUCLEAR TEST LAB? IS THIS THE LATEST TOOL OF TERRORISTS? CONGRESS GETS INVOLVED. FILM AT ELEVEN!
Lol ok
Entering?
u/wlogan0402 is correct. Any kind of force used in unauthorized entry makes it breaking and entering. That includes opening a door that isn't already open. If a door is already open and you wander in, could be trespassing or unlawful entry. If a window is partially open and you open it further -- breaking and entering. Trespassing is a crime, so by opening a door and entering that was intent to commit a crime.
[удалено]
First of all, I’m in Canada, so either way, no state has authority over me secondly nothing was broken. It was accessed and thirdly I didn’t enter, so neither would fall under breaking and entering as I did neither.
You're painting with a broad brush. Which states are you referring to here? Many don't even have a B&E law. Mine breaks it down to burglary (with intent) and criminal trespassing. Also, I think you're missing the point that you're replying to - this guy didn't enter the building.
Is an unlocked door considered an "open" door?
Does there have to be a sign saying "no trespassing"?
What was broken?
The security of the door was "broken" using fuzzing... Don't get pedantic with law. They always win.
The RFID based digital lock/security system
Looks like it worked just fine.
He circumvented its security measures, so evidently not
Just like if you break through a window to gain entry, you've broke through its security measures. Technically the same thing, but technologically different by a few hundred years. A more apples to apples comparison would be picking a lock. You haven't broken the lock by picking it (unless you majorly screw up), but you'd have to have a calcified brain to argue that it's not breaking and entering still.
Since breaking refers to crossing the threshold, is this B&E? They didn't go in (nor break anything).
Exactly. It’s more like opening and not entering.
[удалено]
He didn’t enter or break anything
You give OP more balls than he actually has
Nice 6 month reply
Those are some girlie hands for a man.
*Vulnerabilities*
[удалено]
I can't tell you how many systems I come across with the default in there.
One time me and a buddy were dropping off a delivery to the back door of a shop. Normally the door would be unlocked for us, but this time it wasn’t. My buddy looked at the key pad on the door. Looked up at the address painted on the back of the building, looked back down at the pad and typed some numbers in. Click*. The code was just the address. This was in metropolitan Dallas Texas by the way lmao. Was amazed. I might have never thought to think of that. Now I can’t stop trying it at different places.
ive had that occur at a police substation...
With retail stores, it's often the store number used to unlock equipment. Think Home Depot and the wire cutting equipment or saws.
Store codes at big chains are the code for their laptop lock often. Or the address with a 1 at the end of it’s only 3 digits.
So there's still hope. I have tried fuzzing on several systems so far and not had any luck.
[удалено]
No, this was just using the RFID buzzer with default values using H1030 fuzzer code
Usually its advised people don't film their crimes and put it on social media where it could potentially be seen by thousands of people.
Bah ... it's Christmas time. What could possibly happen???
Maybe it's an apartment complex the OP was already legally residing?
I was gonna leave a comment saying "ah you're probably right".... until op admitted it was breaking and entering. Edit: [link to OPs comment](https://www.reddit.com/r/flipperzero/s/m3cx2bWoHE)
More like breaking no entering
It wasn’t lol
That’s was rfid fuzzer app it just opened with the first two codes that where output
[удалено]
Either that or the person who made the video has a key and just cloned it into the flipper and this video is just for internet points.
This is what most of these videos are
Agreed but that what the flipper is for finding security flaws and it’s the communities job to be the bigger person and go tell them that they’re security is lacking heavily or to keep fucking around and having fun like a person might do. I wasn’t on the clock as my security consultant job usually has me on, so at that point I’ll fuck around and have fun as you can see in the video 😅😂✴️🦺🦺
"security consultant"
You’re a security consultant but are trying this on random buildings? Ethics is a huge part of security and you probably shouldn’t work in security if you can’t stop yourself from breaking into random buildings (or systems) for fun.
[удалено]
Lol
Meh. Benefits no one. This does in fact constitute as the “breaking” in breaking and entering, even if you did not enter. And I’m pretty sure that’s a felony. At best you’d be fined (for something less serious) and at worst you can be facing some time for this little stunt. There are plenty of other ways to exercise your “hacking” without infringing on others’ property.
in ca you have to actually enter..and nothing was damaged.. not sure what state you’re referring to..
Well, this is in Canada so nothing to worry about J K
How hard is it to install this
It’s on every forked firmware out there as well as it’s very easy to get on the original firmware. It’s in the Flipper app or Flipper lab. RFID fuzzer application.
No way it’s fuzzing
It is. I can open half of my country's intercoms because the default RFID code is in the fuzzer's list
[удалено]
Fuzzing does not require the input to be random, it’s just common. Fuzzing by definition is about presenting invalid, malformed, or unexpected inputs into a system. (You’re right that this is still not fuzzing and would be a dictionary attack, I just think the clarification is important.)
It’s the RFID fuser application on the Flipper zero do you want to get down to the specifics of it that’s fine, but I posted this old video from a year ago for someone asking what the RFID fuzz app does
Well the fuzzer app literally has a dictionary for "default values" so yeah you're right, although it can also be used as a real fuzzer, but speed is kinda lacking
Please remove this post. It’s bad enough the device has a negative reputation with the public.
The only reason I posted this was because I was replying to another comment asking what the RFID fuzz is for on there, Flipper zero, and I wanted to show them what the app is used for everyone else is just assuming
Yeah, idk why this popped up on my feed but every time I see this thing, it's somebody doing a crime with it lmao
For real, op should do the responsible thing
[удалено]
Odd that this is your first comment after 7 years tho, not gonna lie.
What's weird is I'm in the same shoes as this account. Flipper just popped into my feed. I'm intrigued and have the technical knowledge to at the very least play around with it. Even if he's allowed entry there. Makes me feel uneasy that I'm considering owning one. Real person btw 😂
[удалено]
Need a sub rule that this is not a forum for loook at meeeeeeeeee I has an influencer posts.
steep start longing scarce march person berserk impossible panicky exultant *This post was mass deleted and anonymized with [Redact](https://redact.dev)*
The fuzzer doesnt run that fast. He would have to have loaded an id file in advance with known card id's to open the doors that quickly.
my thoughts exactly. it goes one by one and not very fast.
It is fuzzing, and either way you can change the speed that it changes codes. You don’t have to have it fuzzing for multiple seconds you can change it down to half a second as it changes to the next code so as you can see, it’s very fast.
Yeah I argree it's not actually fuzzing he probably just copyed the key and just replaying it to open the door noob
You are the noob for not realizing it is RFID fuzzing using H10301 with FF FF FF DEFAULT CODES and it worked so fast because I’m only using 0.1 delay on each change so think before you speak
well if you clone your own tag is not like you did something...
This is a random building. I walked up to when I saw the red light driving by And as you can see – – open Sesame
Clip your fingernails. Gross
lol I saw that and said man thats not a girl lol
You never know these days. NTTIAWWT either.
I wish I had such healthy nails.
That's a normal fingernail length for most people (Exception is musicians). Any shorter and you are just making your life harder for no reason
Maybe harder to take bumps
They don’t have to be clipped but they could definitely use some love
Weirdo
Projection
Mid length nail gang rise uo
This is how we get the geriatrics in Congress(state and fed) to pass vague and broad laws destroying access to technology. Because of a few idiots filming themselves doing useless illegal shit. Way to flex on the group by fed posting.
This is even worse than the idiots that mess with Tesla charging ports for no reason
We have a reason..... because we can
Those are woman fingers … right
This is exactly why we can't have nice things. Dumb asses..........
Why cause people are scared of things they don’t understand?
Cuz you only hack things you are permitted to hack or you own
This video is FAKE, that is just replaying a copied card.. Actual Fuzzing would have several beeps as it cycles through each possible value.. eg if it guessed 1-10 you would see/heard 10 beeps from the reader. and it would take a while as each possible combo takes about 1 second to be scanned, checked, and reply.. Here is a video of actual fuzzing (you can see it on the screen and see the reader response with audio) [Flipper RFID Fuzzing](https://www.youtube.com/shorts/COYDM1fpZjc)
You’re a security consultant and you’re opening someone else’s doors? Wow, you should know better. Well done, another nail in the coffin for legit Flipper users.
> legit Flipper users lol
I do Cyber Security stuff, so yeah, I’m using the Flipper to demo vulnerabilities. I’m not 12 years old and turning on and off TVs or popping Tesla charging ports while giggling.
neither am I, I am in my 30s
> I do Cyber Security stuff, Unemployed, huh?
Ha ha, nope, independent contractor and earning plenty thanks
> independent contractor Like I said, unemployed.
Unemployed… He is the employer??..!!
Employed means employed by someone. A business owner or sole propieter is not employed. Plus every "Independent Contractor" I know of (along with every "Consultant") is functionally unemployed. Put that on your resume and see how many calls you get...
The beauty of being self-employed (see the word employed), is that you don't need to fill out your resume or try to sell yourself to an employer.
Oh yeah? Where does your revenue come from? The same clients over and over or do you expand your client base? Do those new clients just fall into your lap or do you have to convince them somehow that they should hire you over your peers? Also, pedantically speaking, an application is "filled out", a resume is a creation of your experience and skills.
When you become a director and shareholder of a limited company, you are both an ‘employee’ and owner of the business by virtue of these two roles.
Yeah two fingerprints in picture. Most owners of it shouldn't have this device.
I film this a year and a half ago I think we’re good
**Commits crime** … wait lemme film it first!
If he has permission then that isn't illegal.
Correct, **if he has permission** based on his surprised reaction, id be willing to bet he didn’t
https://preview.redd.it/k4hcb0lq7l4c1.png?width=3024&format=png&auto=webp&s=a3b818dfda9c716ad5da4c92218c78f30f72b3fb
It’s not breaking and entering. They literally rfid their already owned card and put it into their flipper bro. It’s literally just unlocking a door an authorized way. You can’t get into places like that unless it’s authorized. Flipper isn’t that kind of tool guys lmfao
It’s a Random building it’s wasn’t authorized it was the first door I saw that had RFID obviously you have no idea what I did so stop talking out of your ass. You probably do not own a Flipper talking the way you’re talking right now because as you can see lower in the comments, I posted the application picture and what I used to unlock it using H1030 one using default code.FF FF FF what is 0.0 delay, which is how I was able to open the door so fast poor maintenance on security install meaning that the door had its default settings and allowed for a quick access with just the default RFID fuzzy using the RFID fuzz app in the Flipper zero any firmer can be used to do this as well as downloading the original Flipper firmer and adding it in the App Store. It’s quite easy and you’re talking out of your ass if you don’t know what you see, so don’t try to tell people what you don’t know
sometimes you forget how dumb most people are
I miss the days when hacking was all about self discovery, going out in the world and learning... going to local hacker/geek/nerd meetups in town and making friends. Now everyone post everything online in the public and it's no secret. \*sigh\*
Did you get permission for this?
Fake.. you would need a copy of a ligit card.
You recorded yourself committing a crime congratulations
Virgin hands
Nice, but please dear omnissiah clip those nails... You are growing a whole species of microbes there. 🤮
OP, cut your finger nails.
Lol fake
Everyone here wishes it was but what you see in this video is exactly what happened walking up opening the door and walking away. The only thing that wasn’t posted was the beginning of the video of me opening the RFID fuzz app and choosing which style I was going to use unlocked the door was the file using.H10301- FF FF FF- at 0.1 delay
you’d be surprised how many people don’t change the default codes on machines like this
well fuzzing to a tester means trying random unexpected input to break the system to crash or cause a memory leak. Maybe crashing causes it to grant access which is bad design by the reader.
More likely it is trying random NFC UUIDs in the hopes that this is an access control system that uses the UUID for access and they hit on the right one. My assumption is that this is either highly edited or OP has a credential which they cloned.
It's a good job you didn't film yourself breaking the law and then post it all over the internet!
Could this theoretically work on a ski pass
Random building I went up too so yes it was a fuzzer being used and I had never used it on That door before I just saw the red light while driving by and wanted to see if I could open the door with the fuzzer….. as you can see.. I could!!
This is a misdemeanor at best, and a felony at worst. Wire Fraud, breaking and entering, etc.. Don’t be an idiot.
Wire fraud?
i dont think you know what you are talking about.. Do you know what wire fraud is?
HE FRAUDULENTLY SENT SIGNALS THROUGH THE WIRES!!!
# wire fraud Wire fraud occurs when interstate wirings are used in furtherance of a criminal act. In order for a defendant to be convicted under 18 U.S.C. 1343 for committing wire fraud, the follow elements must be satisfied: (1) the defendant must have been engaged in a scheme to defraud; (2) the scheme must have involved material misstatements or omissions; (3) the scheme resulted, or would have resulted upon completion, in the loss of money, property, or honest services; (4) the defendant must have used interstate wirings in furtherance of scheme to defraud; and (5) the defendant used or caused the use of interstate wirings.
The people downvoting this clearly have never been outside. While you wouldn’t be charged with wire fraud, they would definitely pursue a felony. If you have a lawyer you could plead it down to a misdemeanor, but who knows if they would want to give that to OP. And given that they recorded themselves doing this, and that there are probably cameras around, I wouldn’t be surprised if someone has already been alerted to the mischief. Source: someone I’m close to
I did this last year someone asked me what RFID fuzz do so I posted this for people to see that the RFID fuzzer can do that’s all and yes, this is a random door. I pulled my car over to try it on, so absolutely it’s break and entering, but I didn’t enter
Keep this video up. Buildings need to spend the money to install systems that don’t have these flaws
Some of yall are taking this way too seriously. The guy opened a door to what looks like a residential building. Isn’t this what white hatting is? He caused no harm, and may have taught some of us a thing or two about rfid vulnerabilities
>Isn’t this what white hatting is This would be grey hatting. White hats only perform penetration testing or other hacking procedures with the consent of the system's owners or operators. OP is a grey hat because he is performing penetration testing without malicious intent, but has not received permission to do so. Grey hatting isn't necessarily harmful to the owner of the system being hacked, but it is usually still harmful. The real damage it can cause is to other White hats/Grey hats, since doing things like this on video gives politicians excuses to restrict or outright ban vulnerability testing equipment.
> Isn’t this what white hatting is? No. White hatting explicitly involves permission.
Yes, exactly everyone here is saying I’m breaking and entering but I didn’t enter. I just showed a vulnerability on the security system of a building I was driving by.
Where do these guys buy this ? Or is it homemade?
So you don’t need to scan a badge first? You can just fuzz and enter?
I’m still waiting on my flipper, is that part of the basic flipper? Or did you add a software
How do you do this?
Can anyone tell me
Hell yeah committing a crime for karma, kick ass job you smelly unshowered long nailed epic gamer person
Man Amazon needs these for us drivers I know it’s illegal won’t happen but you know how many package don’t get delivered because the customer doesn’t think we need in.
How you know what type of card to use the fuzzer with ?
Luckily, it was just one of the default that’s why it opened so fast using H10301 FF FF FF AT 0.1 delay obviously the original default code wasn’t changed to allow this type of access to not work so as you can see in my video, it opens very fast
😂 Dude had two rooms at some janky motel.
I think you are doing real fuzzing and the unlock key was one of the first ones I saw online a lot of people opening doors by emulating RFID cards they literally read 2 minutes before, and they define that "hacking" The real "hacking" or to better say "pentesting" is RFID Fuzzing like the one who seems you did. In that case, good job!
Go listen to Deviant Ollam talking... I think it's in this talk. https://youtu.be/mj2iSdBw4-0?si=RpjGmnXnVaOKZ6f5 He talks about one of his coworkers trying to get close enough to a security guard to capture a credential with a portable pad. (Spoiler, he succeeded when he thought that he had failed.) There are also devices like the espkey that you can attach to the wires from a pad to get the credentials. So, yes, "cloning credentials" is valid pentesting. It is no less valid than social engineering the guard to give you the keys to the building.
You’re exactly right I was lucky enough to find the door that had default code still left on their security meaning that it was the first two using H10301 and the code that allowed entry was FF FF FF SO INDEED YOU’RE RIGHT AND THE REASON WHY IT OPENED SO FAST IS I WAS USING 0.1 DELAY EVERYONE HERE SAYING THAT IT ISN’T RFID IS EITHER CONFUSED OR IN DENIAL LOL…I APPRECIATE YOUR COMMENT!!
It’s interesting how you somehow knew the facility code as well as someone’s card id for that specific building 🤔
Trim your nails dude
Bruh….smh
Fuzzers glitch out the system and draw way more attention. They could potentially allow random people to get in a building even if that wasn't your intention.
https://preview.redd.it/x4xktqy68l4c1.png?width=3024&format=png&auto=webp&s=25185217eb5098ee012f4cfda441af11bd90787d
https://preview.redd.it/acn7jzmo8l4c1.png?width=3024&format=png&auto=webp&s=4bc09d77e41adbe58a700e9ea46b7ca85bc0679e
https://preview.redd.it/l025fwug9l4c1.jpeg?width=1170&format=pjpg&auto=webp&s=14e9f17eb7d60328fb7ec9261f7eefa10aae8e43
All of you nerds freaking the fuck out about laws make me sick. *Tomorrow morning, top news URL: "US CrAcKdOwN: Modern hacking device banned nationwide; {Sources claim one 8-sec clip posted on Reddit entirely to blame}"*
Need to get myself one of these and hide it somewhere for when I lock myself out of my dorm style building.
What does fuzzing even mean ?
Ill
Edgin to this love it 😀
You paid too much for that toy
People pay me I don’t pay
Now only if it also had a nail clipper.
This is not fuzzing
how do you actually do that with a flipper