[HN Gopher] Fissure: The RF and Reverse Engineering Framework fo...
___________________________________________________________________
Fissure: The RF and Reverse Engineering Framework for Everyone
Author : 04rob
Score : 149 points
Date : 2022-08-28 14:43 UTC (8 hours ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| 04rob wrote:
| Video overview: https://www.youtube.com/watch?v=AGHbxXXmnms
| tjfl wrote:
| The demo starts [here](https://youtu.be/AGHbxXXmnms?t=1208).
| DethNinja wrote:
| Is there any list of supported hardware?
| thatBilly wrote:
| USRP X310, USRP B210, HackRF, RTL2832U, 802.11x Adapter, USRP
| B205mini, LineSDR and bladeRF
| jjeaff wrote:
| This is really cool. And it has such a great readme with
| screenshots and everything.
|
| One thing I can't figure out from a cursory reading is what type
| of RF hardware would be needed to use this?
|
| I was just thinking about finding some software like this is
| because I have lost one of the keyless entry key fobs for our car
| and I was thinking if I could record and replay the signal from
| the car, I might be able to narrow down the fob location.
|
| I suspect it is in the house somewhere. But we have a 1 year old
| who loves to pick things up and insert them into any slot or box
| he can find.
| H8crilA wrote:
| Basic receive-only SDR is for example the famous RTL-SDR, which
| you can get for ~$50 with a dipole antenna. It's a USB dongle,
| and it will get you to surprisingly many interesting places
| despite the low price tag.
|
| In order to transmit you need some slightly better hardware,
| such as the HackRF. Replaying a signal with a HackRF is really
| easy. Note that technically you're not allowed to transmit
| without a license, whereas reception is generally lawful, with
| very few exceptions (looking at your legal scar tissue, UK).
| The author of HackRF published a nice, though not yet
| completed, tutorial series on YouTube.
|
| There's a lot of activity in the spectrum, if you like to
| tinker with things then definitely get an SDR, some of the best
| entertainment value per dollar for a hacker :)
| 5436436347 wrote:
| How new is this project? It was really surprising to see
| something published in 2022 that still attempts to offer Python2
| support, and all the baggage that will carry.
| yomkippur wrote:
| ELI5? what can a user do potentially with this framework? detect
| drones?
|
| edit: wow i just saw the lecture video and this seems like a tool
| that lets you detect/analyze radio frequencies emitted from
| almost any device (?) and lets you emulate the packets (?) or
| wave patterns to manipulate the data it sends out?
|
| this seems like a really powerful tool. I wonder if you can open
| car doors with this. Also wouldn't this mean that this tool could
| become illegal as a result?
| galangalalgol wrote:
| Is software that can open car doors illegal? Why?
|
| Also, opening car doors isn't as simple as repeating a signal
| you captured(in general)
|
| That said, capturing the car's question when you press the
| button on the door, amplifying it in the direction of the
| nearby fob, and then capturing and amplifying the fob's
| response would work for some systems.
| yomkippur wrote:
| It's sad that I have to even spell out for you the
| consequences of people being able to open any car's doors and
| how the law and security apparatus will react to such news.
| galangalalgol wrote:
| I should have clarified. If one of the many things this
| framework gets used for is building systems for car theives
| that shouldn't make an entire framework illegal. I
| understand a software product whose overwhelmingly
| predominant use is to break the law will have trouble in
| many jurisdictions. But using the framework as a white hat
| to find vulnerabilities with a POC should always be legal.
| (or grey, grey is kind of the new white given how
| unresponsive people are to fixing things)
| larusso wrote:
| > Also, opening car doors isn't as simple as repeating a
| signal you captured(in general)
|
| There are a lot of reports (I'm from Germany) from car brands
| selling cars in 2022 which can be opened easily by
| repeating/relaying the keyfob signal. Newer systems which
| also check the signal delay mitigate this. [1] the German
| ADAC (German Automobile Club) did a test with 500 cars. I was
| happy to learn that my new car is save from the simple repeat
| attack. [1] https://www.adac.de/rund-ums-
| fahrzeug/ausstattung-technik-zu...
| galangalalgol wrote:
| Older systems that don't let the car interrogate the fob
| mitigate it as well as long as you have mutiple encryption
| keys. Looking at you vw.
| H8crilA wrote:
| I am to lazy to dig it up and link the PDF, but there was a
| whitepaper about the Volkswagen keyfobs. In terms of
| modulation it's unsurprisingly simple, on-off keying,
| nothing wrong with that. In terms of data transmitted they
| have several encrypted protocols/versions, but they all
| suffer from the same implementation problem: there is only
| one encryption key used for the entire global fleet of
| cars. Imagine making something as brutally broken as that
| :D
| H8crilA wrote:
| Your "edit:" portion just describes an SDR, a software-defined
| radio. They're pretty common these days actually.
|
| This tool is an advanced front-end for such hardware, kinda
| like Wireshark is an advanced front-end for a networking
| controller. It does look pretty cool.
| drmpeg wrote:
| I see they've included my high resolution spectrum painter (which
| I also call "Stupid OFDM Tricks" in homage to Letterman).
|
| https://www.youtube.com/watch?v=saac0ZtTeX4
|
| https://github.com/drmpeg/gr-paint
___________________________________________________________________
(page generated 2022-08-28 23:00 UTC)