search

DarkFlippers / unleashed-firmware

Flipper Zero Unleashed Firmware
https://t.me/flipperzero_unofficial
GNU General Public License v3.0
15.79k stars 1.34k forks source link

Flipper Zero v0.67.3 running Unleashed Firmware allows attackers to cause a Denial of Service via RF Jammer #309

Closed shipcod3 closed 1 year ago

shipcod3 commented 1 year ago

Describe the bug.

My flipper zero v0.67.3 running Unleashed Firmware allows any attackers nearby that performs an RF Jam to also cause my Flipper Zero to reboot.

image

I have attached the PoC video as an attachment.

Reproduction

Steps to reproduce:

  1. Use a RF Jammer or simply EvilCrow RF which has a Jammer.
  2. Setup the Jammer with Frequency 433.92Mhz and then start. 3.In your flipper go to Sub-Ghz > Frequency Analyzer -> then tune it to the frequency of 433.92Mhz (scan mode)
  3. Wait for RAW data and it should reboot after.

Target

No response

Logs

No response

Anything else?

https://user-images.githubusercontent.com/3483615/216756938-710b368e-482f-4b32-9e69-8c5638c30a38.MOV

xMasterX commented 1 year ago

Read description of this commit

https://github.com/DarkFlippers/unleashed-firmware/commit/5853e0bdd9c7ef76ac9ed9bb05b262bf9fc5b374

Detect raw will be removed as soon as Bin Raw will be merged in OFW

xMasterX commented 1 year ago

Also you running super old firmware, update it before creating issue

shipcod3 commented 1 year ago

Understood