User Tools

Site Tools

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
mission:log:2014:11:05:hacking-rf-controlled-power-switches-with-hackrf-and-gnuradio [2014/12/06 12:19] chronomission:log:2014:11:05:hacking-rf-controlled-power-switches-with-hackrf-and-gnuradio [2014/12/09 07:13] – [Analysis] chrono
Line 92: Line 92:
 |  111111111111111100000000011101010  |  111111111111111100000000011100110  | |  111111111111111100000000011101010  |  111111111111111100000000011100110  |
  
-The whole process took a little less than an hour, just using GNU Radio and a HackRF (could have been done with an RTL-SDR device as well. The next steps will be covered in Episode II, where we can try to reproduce this pattern with a transmitter we'll build with GNU Radio. This will also serve as a chance to try something I like to call **Full Band IQ Replay Attack**. +The whole process took a little less than an hour, just using GNU Radio and a HackRF (could have been done with an RTL-SDR device as well. The next steps will be covered in Episode II, where we can try to reproduce this pattern with a transmitter we'll build with GNU Radio. This will also serve as a chance to try something I'like to call
 + 
 +**Full Band IQ Replay Attack**. 
  
 Instead of trying to find specific frequencies and modulations in order to build a narrow target transmitter, it should be equally feasible to just "record" a wide target band by capturing 10MSps raw IQ data and try to send this raw IQ data as it was received (replay). This would be a very crude approach requiring almost no knowledge about the specific implementation but could be disastrously fast and effective when applied successfully, in many situations. Instead of trying to find specific frequencies and modulations in order to build a narrow target transmitter, it should be equally feasible to just "record" a wide target band by capturing 10MSps raw IQ data and try to send this raw IQ data as it was received (replay). This would be a very crude approach requiring almost no knowledge about the specific implementation but could be disastrously fast and effective when applied successfully, in many situations.
Line 98: Line 100:
 <WRAP round tip> <WRAP round tip>
 **Related Mission-Logs:**\\ **Related Mission-Logs:**\\
-[[mission:log:2012:05:06:rtlsdr-osmosdr-gnuradio-fm-receiver]]\\ + 
-[[mission:log:2012:08:02:active-wideband-receiver-antenna-for-sdr]]\\ +  * [[mission:log:2012:05:06:rtlsdr-osmosdr-gnuradio-fm-receiver]]\\ 
-[[mission:log:2014:08:08:darc-side-of-munich-hunting-fm-broadcasts-for-bus-and-tram-display-information-on-90-mhz]]+  [[mission:log:2012:08:02:active-wideband-receiver-antenna-for-sdr]]\\ 
 +  [[mission:log:2014:08:08:darc-side-of-munich-hunting-fm-broadcasts-for-bus-and-tram-display-information-on-90-mhz]]
 </WRAP> </WRAP>
  
Trace:

Page Tools