The Flipper Zero device, commonly known as hacker tamagotchi, has been the protagonist of several cybersecurity controversies in recent years. Its developers assure that it is not a dangerous product per se, but there are so many vulnerable devices that it is scary how many harmful practices can be done with it. Recently, researchers have discovered that it can be used to open typical hotel safes.
Initially, Flipper Zero was presented as a multi-purpose tool for ethical hackers and security enthusiasts. With it, users could interact with various electronic systems in order to learn how the devices worked from the inside. Although the initial intentions were good, the ‘tamagotchi’ was soon corrupted by fraudulent uses. Now, a recent hack calls into question the protection provided by some safes.
Most hotel rooms today have safes for guests to keep their most valuable belongings in a safe place. This usually gives us enough peace of mind to leave the room and go sightseeing around the town to which we have traveled. Even if workers break in or an intruder sneaks in, money, jewelry and other high-value items should be safe. With the new use they are giving of Flipper Zero, that security guarantee no longer exists.
The culprit: an exploit capable of changing the code
Experts concerned about the misuse of Flipper Zero have warned of a new exploit, Sentry Safe FAP by Etienne Sellan, also known as Hackd4ddy. With it integrated into the hacker-friendly Tamagotchi, criminals who manage to get into hotel rooms could open some of the safes in the accommodations.
Flipper zero open the all of hotel doors
byu/inmystyle inhacking
Specifically, the exploit is capable of changing the code of the safes and, in this way, gaining access to their interior. Not all models are vulnerable, but those that use electronic keypads are, such as those from the Sentry and Master Lock brands.
Cybersecurity professionals warn that users do not need to have extensive computer knowledge to take advantage of this bad practice. Even with the factory firmware that comes with Flipper Zero, Hackd4ddy can be installed and the process to open a safe is very simple.
It is enough to use two cables. One is used to connect the ground pin of the hacker tamagotchi to the ground wire of the digital keyboard. The other plugs the C1 pin of the Flipper Zero into the green wire of the aforementioned keyboard. In this way, the exploit is able to manipulate the communication between the electronic keypad and the safe and, thus, the device reproduces a sequence of commands to fool the security system and open the safe.
There are people who might not care: in principle, no criminal should have access to our accommodation. Therefore, the door would protect us from using Flipper Zero on the safe. However, there are people who have tried to open hotel room doors with the device and succeeded. If someone uses the famous Tamagotchi hack to access your safe, they have most likely also learned to break into other rooms in the hotel industry.
