VIDEO
HIGHLIGHT
Log InSign up
Hacker Shows the Most Insane Gadgets in His EDC
SummaryTranscriptChat

Hacker Shows the Most Insane Gadgets in His EDC

Understanding Roll Jam Attacks and Key Fob Vulnerabilities

Introduction to Roll Jam Attack

  • The discussion begins with Ryan's return after three years, focusing on a new method of car theft involving a roll jam attack.
  • A roll jam attack involves using a jammer near the vehicle to prevent the key fob from communicating with the car, effectively blocking its signals.

Mechanics of the Roll Jam Attack

  • The attacker uses a device to capture the signal from the key fob while it is being jammed, allowing them to record a valid code that the car has not yet seen.
  • This method allows for complete duplication of the key fob’s functionalities, including lock, unlock, and auto-start features.

Implications and Risks

  • Criminals can purchase this technology on the dark web for around $500, enabling them to easily steal cars by capturing key fob signals in parking lots.
  • The danger lies in how easily someone can gain access to an entire key fob just by clicking any button once.

Preventative Measures

  • To mitigate risks, users are advised to physically use their keys or ensure they are close enough to their vehicles when using proximity-based key fobs.
  • Clicking any button on your key fob could expose you to having your entire system compromised.

Vulnerable Vehicle Models

  • Numerous brands are affected by this vulnerability including Ford, Chevy, Kia, Hyundai, Subaru, Fiat among others; millions of vehicles may be at risk.
  • Specific models up until certain years (e.g., Ford Transit up to 2018 or possibly 2022) are particularly susceptible.

Limitations of Current Technology

  • While discussing potential limitations of devices like flippers used in these attacks, it's noted that they cannot trick vehicles into starting without a physical key present.

Gadgets and Their Capabilities

Overview of Newer Gadgets

  • The speaker introduces a newer gadget, an upgraded version of the Hack RF, which allows for various functionalities including controlling airplanes.
  • This device can receive signals from airplanes, boats, Bluetooth devices, and sub-gigahertz signals. It also captures weather transmissions.

Tire Pressure Monitoring

  • The gadget can display tire pressure readings from vehicles while driving around, highlighting potential security risks.
  • Some cars may be tricked into thinking they have a flat tire by transmitting false tire pressure data, posing dangers to drivers.

Additional Features

  • The device includes features like satellite communication and fox hunting (locating other radio users), all accessible via a touchscreen interface.
  • A unique feature allows users to control music at bars through touch tunes, enabling them to change songs or adjust volume remotely.

Chaos Mode and Practical Applications

  • The gadget has a "CVS spam" function that activates assistance bells in stores simultaneously, creating chaos for employees who must reset systems when they don't have certain departments.
  • This feature is humorous but highlights the challenges faced by store staff when dealing with unexpected alerts.

Manipulating Gas Station Signs

Changing Prices Remotely

  • The speaker discusses their contribution to changing gas station sign prices using radio frequencies as demonstrated in a TikTok video.
  • By sending specific radio signals, they were able to alter displayed gas prices dramatically.

Ponagotchi: A Wi-Fi Network Device

Introduction to Ponagotchi

  • The speaker revisits the Ponagotchi device that gained significant attention online due to its unique functionality related to Wi-Fi networks.

Functionality Explained

  • Similar to Tamagotchis from childhood, this device seeks out Wi-Fi networks and captures passwords (handshakes), using them as "food" for its operation.

Learning Behavior of Ponagotchi

  • As it collects more handshakes, the Ponagotchi becomes smarter and more efficient at capturing networks while displaying emotions based on its success.

Understanding Wi-Fi Security Vulnerabilities

The Handshake Process and Its Implications

  • The handshake between a device and a router can be captured, which may later be used to crack passwords.
  • Cellular devices like Verizon's network do not capture Wi-Fi handshakes; however, portable devices can capture any available Wi-Fi networks.

Hardware Hacking and Device Vulnerabilities

  • Affordable hardware components (e.g., Raspberry Pi Zero) can be combined with custom firmware to create hacking tools like "ponagotchis."
  • A deauthentication (deoff) detector can alert users of handshake attempts but cannot prevent them, especially on older devices.

The Dilemma of Protection

  • Users are often unaware of the risks until they experience an incident; education is crucial for awareness.
  • Running illegal jammers could theoretically protect against attacks but would also disable internet access, creating a catch-22 situation.

The Hacker's Nightlight: A Case Study in Smart Home Security

Introduction to the Hacker's Nightlight

  • A seemingly ordinary smart bulb has been modified for hacking purposes, demonstrating how everyday items can pose security threats.
  • Previous discussions highlighted vulnerabilities in smart home devices that connect to external servers without user knowledge.

Exploiting Smart Devices

  • Hacked smart bulbs can gain unauthorized access to local Wi-Fi networks upon activation.
  • An example was provided where a hacked light bulb captured data from a nearby wireless camera without needing its password.

Demonstrating the Risks

  • The hacker nightlight creates its own network when powered on, allowing it to interact with other devices undetected.
  • Through this device, one could conduct various attacks such as denial-of-service or traffic interception simply by being within range of target networks.

Conclusion on Awareness and Preparedness

  • While these hacked devices are not mass-produced yet, their existence highlights significant security concerns that most people remain oblivious to.

Detecting Malicious Devices: Challenges and Insights

The Difficulty of Detection

  • Detecting malicious devices in various environments, such as offices or cars, is challenging. Methods like using a bug finder with an EMF detector can help but often rely on educated guesses.
  • Smart devices, including bulbs and outlets, are designed to emit electromagnetic fields and Wi-Fi signals, complicating the identification of potentially harmful devices.
  • There are no foolproof solutions for distinguishing between benign and malicious signals from smart devices, highlighting the complexity of cybersecurity in everyday technology.

Favorite Gadgets

  • When asked about favorite gadgets, the speaker expresses a preference for their laptop due to its versatility and endless capabilities.
  • The conversation emphasizes the importance of sharing insights from discussions like these to raise awareness about technology's impact on security.
Video description

In this video, ethical hacker Ryan Montgomery returns to break down the most dangerous and innovative EDC gadgets he carries every day. From hacking a van in seconds using a cloned keyfob to exposing smart-home devices secretly running malicious firmware, Ryan reveals how criminals are exploiting vulnerabilities most people don’t even know exist. He demonstrates dark-web tools, upgraded Flipper Zero firmware, tire-pressure spoofing attacks, WiFi-cracking devices, hacked smart bulbs, and the real-world threats behind modern cybersecurity. Support the Shawn Ryan Show for $5 and get the chance to watch the shows AD FREE, with the exception of Shawn's personal reads, before they release!! Sign up here: https://www.patreon.com/VigilanceElite Please leave us a review on Apple/Spotify Podcasts: Apple - https://podcasts.apple.com/us/podcast/shawn-ryan-show/id1492492083 Spotify - https://open.spotify.com/show/5eodRZd3qR9VT1ip1wI7xQ?si=59f9d106e56a4509 #PODCAST #GADGETS #TECH #HACK #HACKER #TECHNOLOGY #ENGINEERING #CYBERSECURITY Vigilance Elite/Shawn Ryan Links: Website - https://www.vigilanceelite.com Patreon - https://www.patreon.com/VigilanceElite TikTok - https://www.tiktok.com/@shawnryanshow Instagram - https://www.instagram.com/shawnryan762 Ryan Montgomery Social Links: Website - https://ryanmontgomery.me X - https://x.com/0dayCTF IG - https://www.instagram.com/0day/ YT - https://www.youtube.com/@0dayCTF Pentester - https://pentester.com Sentinel Foundation - https://www.instagram.com/sentinelfoundation