I decided to take a look and gather some parts to start investigate.
In the picture:
- Receivers/Transmitters for 315/433 Mhz. My friend research showed up that those are the RF frequencies that the switches uses.
- Raspberry Pi for telling the transmitter what data to send and analysing the data from the receiver.
- Some wires to connect everything together.
Connecting and starting analyzing the data from the receiver.
I used this cool project called Panalyzer for the Raspberry Pi. Its basically making the Raspberry Pi a logic analyzer capable of sniffing what is going on the GPIO that the receivers are connected to. Also I got some crappy oscilloscope which good for nothing I guess but I use it too to analyze the signal from the RF receiver.
When I just receiving RF signal I get a lot of noise. Noise looks like a lot of 1 and 0 which doesn't have any meaning to me. When I get my RF remote close to my receiver antenna and press a button, that is when I see some action.
The Panalyzer output. (the first wave is about 250 microsecond).
The oscilloscope output:
Its looking pretty simple. 13 bits in only two different kind of timing. the one is 250us and the other is 500us or maybe 750us.
My goal now is to gather as much remotes as possible and start analysing their protocol in order to see if brute-force is possible. So, wait for part II to see actual ground work :)
No comments:
Post a Comment