04/12/2020 at 16:47 •
We've produced a first batch of Flipper prototypes and it is stuck on the China border right now. At the moment we can only wait until all this crisis ends and we can continue.
Here are some photos:
04/12/2020 at 16:47 •
Flipper beta version of 433 sniffer functionality. Simple replay demo. Can't parse remote control protocols yet, just grabs.
04/12/2020 at 16:45 •
There are many updates I want to share with you. We were working hard on new year holidays and came up with some rad changes. Due to all limitations of Raspberry Pi Zero we decided to build our own board from scratch based on NXP i.MX6 ULZ chip.
The main problems of Raspberry:
- Impossible to buy in a batch. There are no suppliers who can sell 1000 or more pieces of rpi0. Retail markets like adafruit/sparkfun have only ~100 pcs. in stock and sell 1 pcs. in one hand.
- Unstable Broadcom WiFi chip. It crashes on heavy load while in monitoring mode
- Lack of interfaces
- Old and power hungry processor, that becomes very hot on load
- No power management, that means no sleep and standby
- and more..
Building completely new single board computer is a big challenge for us, but it gives more freedom in development. We can make Flipper more compact, give it longer battery life and better WiFi chipset.
Display and interface
We finally chose the right display and started to build user interface, menus and icons. LCD is quite old school but I love it, especially for very low power consumption, so we plan to make it Always ON like on old monochrome phones and tamagotchi. No need to press buttons to activate the screen, I miss that on modern devices with color displays.
Here are some demos of how interface looks on the screen:
125khz tag reading/wiring/emulation
We have already working EM4100 reading-writing and emulation! All made in software on STM32L4 GPIO without any dedicated IC's. Now working on HID PROX protocol which has different modulation type.
Some of Sub-1GHz are working too with CC1101, right now it's only simple protocols and jamming, but all this stuff depends on a software.
GIF is too large, so here is MP4 https://zhovner.com/forever/flipper_443mhz_jammer.mp4
Here is an old architecture scheme so you can understand the basic blocks. STM32 is always powered on and controls linux board that wakes up on demand.
Now we are fully focused on developing i.mx6 board and plan to finish the prototype in one month. When we have a complete working board we will start crowdfunding campaign on kickstarter. Thanks for your support.
04/12/2020 at 16:44 •
First case samples of Flipper Zero have arrived. Wanted to run quick demo on LCD screen before new year but messed with soldering and screen didn't start. Have been so tired soldering 0.5mm contacts directly on FPC that I had no strength to redo.
04/12/2020 at 16:42 •
How I got tired of scratchy raw PCBs in my pockets and decided to make an all-in-one device
My name is Pavel Zhovner. I live in Moscow, Russia. It has been my passion since childhood to go deep in all areas of life: technology, nature, people. I specialize in hardware, networking, and security. Flipper is the most ambitious project in my life that I have cherished in my head for many years, and now it is in an active stage of development. It is a Tamagotchi cyber-dolphin with its own personality, who can live in your pocket, and at the same time it's a Swiss army knife for pentesters. I’ve been hatching this idea for many years.
I love to explore everything around and I constantly carry around with me various tools for this. In my backpack, I have a WiFi adapter, NFC reader, SDR, Proxmark3, HydraNFC, Raspberry Pi Zero (there are problems at the airport because of this). All these devices are not so easy to use on the run when you have a cup of coffee in one hand or you ride a bicycle. You need to sit down, put all the stuff out, get a computer - this is not always comfortable to do. I’ve been dreaming of a device that would implement typical attack scenarios, would always be on the alert and at the same time not be a pack of falling apart boards wound with electrical tape.
Recently, after an open implementation of the AirDrop protocol owlink.org and a study from HexWay guys about Apple-Bleee iOS vulnerabilities were published, I began to have fun in a new way for myself: meeting people on the subway, sending them pictures through AirDrop and collecting their phone numbers. Then I wanted to automate this process and made a device from the Raspberry Pi Zero W and batteries. Everything could be fine, but this device was extremely inconvenient to carry, it could not be put in a pocket, because sharp drops of solder tore the fabric of the pants. I tried to print the case on a 3d printer, but I did not like the result.
Hacking the Tamagotchi
A couple of years ago, the original Tamagotchi Friends from Bandai fell into my hands. It turned out that they are still being produced and that the original Tamagotchi is made only by the Japanese company Bandai. In modern versions, there is even an RFID module for exchanging data between other Tamagotchi, and they have a built-in 125khz antenna in the back.
I began to play with Tamagotchi and disassemble it. It turned out that it was enough to solder the t5577 chip directly to the Tamagotchi antenna so that Tamagotchi could open the intercom, while its wireless functions remained operational. I made a video about it on Youtube
Then I already thought that it would be cool to emulate 125 kHz tags directly with Tamagotchi MCU. To do this, you have to access the firmware. Unfortunately, the main Tamagotchi chip is made without a shell and filled with epoxy, so I couldn’t get to it. Then I found a blog of Natasha Natalie Silvanovich from Google who was hacking Tamagotchi, here’s a video of her report.
She made a special board for patching certain models of Tamagotchi TamaTown Tama-Go through hardware decorations, so that people could install their own firmware in Tamagotchi.
I also found a guy mr.Blinky who was engaged in reversing Tamagotchi and all sorts of old-school gaming devices. Bandai makes much cooler versions of Tamagotchi for the domestic Japanese market, they have color screen, real NFC, but the interface is only in Japanese. And Mr. Blinky made a patch to translate interface into English. Other guy Mike Szchys made a Tamagotchi ROM dump.
And I'm also in awe of Arduboy
It’s a portable gaming console with built-in display on a fully open Arduino platform, so anyone can write their own games for it and upload firmware.
Pwnagotchi — Tamagotchi for WiFi Hacking
Then I saw the amazing pwnagotchi project. It’s like Tamagotchi, but as a meal, he eats WPA handshakes and PMKID from Wi-Fi networks, which can then be brute on GPU farms. I liked this project so much that for several days I’ve been walking with my pwnagotchi through the streets and watching how he was enjoying the new prey. But it had all the same problems: you can’t put it in your pocket normally, there are no controls, so any user input is possible only from a smartphone or computer.
First DIY project: Epoxy NFC reader
I often came across the fact that the devices I need do not exist ready-made, so DIY always accompanied me. Often, DIY home-made devices are a bunch of boards wrapped with electrical tape, but I wanted to use not only functional but also beautiful and high-quality devices. My first attempt to make my own devices was when I started to research NFC: Epoxy NFC reader. I needed to carry an NFC pn532 reader, which requires a USB UART adapter to connect. It turned out to two devices connected by breadboard wires, with sticking sharp pins. It could not be simply put in a backpack because it tore the fabric. I had to put these boards in a separate bag. Very annoying. Then I decided to take both boards and fill it all with epoxy.
Funny fact, an article about making this device was declared illegal in Russia. Epoxy reliably fixes all connections and soldering is reliably protected. The device turned out so successful that for several years of constant wearing in a backpack nothing happened to him. I still use it and really love it.
After using pwngotchi I realized that I want a device that will simultaneously deliver joy in the Tamagotchi format, would be aesthetically similar to retro game consoles and will be evil enough to hack everything around.
I tweeted about it and the idea was liked by my product designer friends who make serious electronic stuff. They suggested making a full-fledged device, instead of a homebrewed DIY craft. With real factory production and quality fit parts. Flipper Zero is my attempt to make something cool and massive, and at the same time beautiful. I believe in open source, so the project will be completely open.
First Flipper sketches