[HN Gopher] Fissure: The RF and Reverse Engineering Framework fo... ___________________________________________________________________ Fissure: The RF and Reverse Engineering Framework for Everyone Author : 04rob Score : 149 points Date : 2022-08-28 14:43 UTC (8 hours ago) (HTM) web link (github.com) (TXT) w3m dump (github.com) | 04rob wrote: | Video overview: https://www.youtube.com/watch?v=AGHbxXXmnms | tjfl wrote: | The demo starts [here](https://youtu.be/AGHbxXXmnms?t=1208). | DethNinja wrote: | Is there any list of supported hardware? | thatBilly wrote: | USRP X310, USRP B210, HackRF, RTL2832U, 802.11x Adapter, USRP | B205mini, LineSDR and bladeRF | jjeaff wrote: | This is really cool. And it has such a great readme with | screenshots and everything. | | One thing I can't figure out from a cursory reading is what type | of RF hardware would be needed to use this? | | I was just thinking about finding some software like this is | because I have lost one of the keyless entry key fobs for our car | and I was thinking if I could record and replay the signal from | the car, I might be able to narrow down the fob location. | | I suspect it is in the house somewhere. But we have a 1 year old | who loves to pick things up and insert them into any slot or box | he can find. | H8crilA wrote: | Basic receive-only SDR is for example the famous RTL-SDR, which | you can get for ~$50 with a dipole antenna. It's a USB dongle, | and it will get you to surprisingly many interesting places | despite the low price tag. | | In order to transmit you need some slightly better hardware, | such as the HackRF. Replaying a signal with a HackRF is really | easy. Note that technically you're not allowed to transmit | without a license, whereas reception is generally lawful, with | very few exceptions (looking at your legal scar tissue, UK). | The author of HackRF published a nice, though not yet | completed, tutorial series on YouTube. | | There's a lot of activity in the spectrum, if you like to | tinker with things then definitely get an SDR, some of the best | entertainment value per dollar for a hacker :) | 5436436347 wrote: | How new is this project? It was really surprising to see | something published in 2022 that still attempts to offer Python2 | support, and all the baggage that will carry. | yomkippur wrote: | ELI5? what can a user do potentially with this framework? detect | drones? | | edit: wow i just saw the lecture video and this seems like a tool | that lets you detect/analyze radio frequencies emitted from | almost any device (?) and lets you emulate the packets (?) or | wave patterns to manipulate the data it sends out? | | this seems like a really powerful tool. I wonder if you can open | car doors with this. Also wouldn't this mean that this tool could | become illegal as a result? | galangalalgol wrote: | Is software that can open car doors illegal? Why? | | Also, opening car doors isn't as simple as repeating a signal | you captured(in general) | | That said, capturing the car's question when you press the | button on the door, amplifying it in the direction of the | nearby fob, and then capturing and amplifying the fob's | response would work for some systems. | yomkippur wrote: | It's sad that I have to even spell out for you the | consequences of people being able to open any car's doors and | how the law and security apparatus will react to such news. | galangalalgol wrote: | I should have clarified. If one of the many things this | framework gets used for is building systems for car theives | that shouldn't make an entire framework illegal. I | understand a software product whose overwhelmingly | predominant use is to break the law will have trouble in | many jurisdictions. But using the framework as a white hat | to find vulnerabilities with a POC should always be legal. | (or grey, grey is kind of the new white given how | unresponsive people are to fixing things) | larusso wrote: | > Also, opening car doors isn't as simple as repeating a | signal you captured(in general) | | There are a lot of reports (I'm from Germany) from car brands | selling cars in 2022 which can be opened easily by | repeating/relaying the keyfob signal. Newer systems which | also check the signal delay mitigate this. [1] the German | ADAC (German Automobile Club) did a test with 500 cars. I was | happy to learn that my new car is save from the simple repeat | attack. [1] https://www.adac.de/rund-ums- | fahrzeug/ausstattung-technik-zu... | galangalalgol wrote: | Older systems that don't let the car interrogate the fob | mitigate it as well as long as you have mutiple encryption | keys. Looking at you vw. | H8crilA wrote: | I am to lazy to dig it up and link the PDF, but there was a | whitepaper about the Volkswagen keyfobs. In terms of | modulation it's unsurprisingly simple, on-off keying, | nothing wrong with that. In terms of data transmitted they | have several encrypted protocols/versions, but they all | suffer from the same implementation problem: there is only | one encryption key used for the entire global fleet of | cars. Imagine making something as brutally broken as that | :D | H8crilA wrote: | Your "edit:" portion just describes an SDR, a software-defined | radio. They're pretty common these days actually. | | This tool is an advanced front-end for such hardware, kinda | like Wireshark is an advanced front-end for a networking | controller. It does look pretty cool. | drmpeg wrote: | I see they've included my high resolution spectrum painter (which | I also call "Stupid OFDM Tricks" in homage to Letterman). | | https://www.youtube.com/watch?v=saac0ZtTeX4 | | https://github.com/drmpeg/gr-paint ___________________________________________________________________ (page generated 2022-08-28 23:00 UTC)