Flipper Zero Chat App - RF Signal Analysis via SDR

preview_player
Показать описание
Learning some RF reverse engineering. Trying things out on the Flipper Zero subghz chat application.

IoT Hackers Hangout Community Discord Invite:

🛠️ Stuff I Use 🛠️

🪛 Tools:

🫠 Soldering & Hot Air Rework Tools:

🔬 Microscope Setup:

About Me:
My name is Matt Brown and I'm an Hardware Security Researcher and Bug Bounty Hunter. This channel is a place where I share my knowledge and experience finding vulnerabilities in IoT systems.

- Soli Deo Gloria

💻 Social:

#hacking #iot #cybersecurity
  1. Matt Brown
Рекомендации по теме
Flipper Zero Chat 0:24:22

Flipper Zero Chat App - RF Signal Analysis via SDR

Chat with your 0:00:11

Chat with your #flipperzero using Enhanced SubGhz Application #tutorial 🐬💬

Flipper Zero : 0:07:34

Flipper Zero : Off-Grid SubGhz Chatting

Flipper-Zero: Use ChatGPT 0:14:08

Flipper-Zero: Use ChatGPT to create Flipper Zero programs!

Using Beep x 0:00:10

Using Beep x Flipper Zero chat application over Command Line Interface #tutorial 🐬💬

Should you buy 0:00:41

Should you buy a flipper zero

Flipper Zero Demo: 0:13:03

Flipper Zero Demo: WiFi Marauder, Wireshark and Hashcat!

ChatGPT creates Flipper 0:00:21

ChatGPT creates Flipper Zero apps: BadUSB, Sub-GHz, GPIO and more! #chatgpt #flipperzero #hacker

Flipper Zero : 0:05:27

Flipper Zero : Sub-GHz Chat Messaging Application using lab.flipper.net

It’s Been a 0:26:31

It’s Been a Good Run, Phone Providers.

Cli SubGHz chat 0:00:10

Cli SubGHz chat on flipper zero

Flipper zero SubGHz 0:01:35

Flipper zero SubGHz Chat

#pentestipsTop 10 Most 0:00:43

#pentestipsTop 10 Most Asked Questions about Flipper Zero. Part 2

🔶 Flipper Zero 0:01:00

🔶 Flipper Zero Sub GHz Chat #shorts

Flipper Zero POCSAG 0:03:05

Flipper Zero POCSAG messaging with CC1101 Sub-GHz module.

Flipper Zero’s most 0:08:02

Flipper Zero’s most dangerous feature

Get this External 0:03:21

Get this External Sub Gz Antenna for the FlipperZero

Your Credit Card 0:06:02

Your Credit Card is at Risk because of this hacking device!

Beepberry! Tiny Pi-based 0:00:48

Beepberry! Tiny Pi-based Blackberry cyberdeck #shorts

Flipper Zero : 0:13:04

Flipper Zero : Setting-up a Sub Ghz Chatting Node

Dive into RFID 0:08:23

Dive into RFID Fuzzing with Flipper Zero, the RFID fuzzer app.

M5Stack Cardputer good 0:01:46

M5Stack Cardputer good as Flipper Zero ?

#pentestipsTop 10 Most 0:00:36

#pentestipsTop 10 Most Asked Questions about Flipper Zero. Part1

Flipper Zero Bad 0:03:14

Flipper Zero Bad USB Hacking with ChatGPT (OpenAI) // Ducky Script

Комментарии
Автор

Glad you enjoyed the training and you are continuing hacking around RF! ❤😊

Penthertz
Автор

You should get Jeff Geerling's dad on here to explain all this crazy RF stuff

BLiNKx
Автор

Thanks for your channel. There's really no one else doing hardware hacking tutorials at this level that I can find. I'm always learning from you. Keep it up and if you ever do a patreon or something, let me know. BTW I can't seem to get into your discord server. W

joeydard
Автор

great video. i love sdr hacking and reverse engineering. maybe combine them to reverse a car key or something? would be cool

therdninja
Автор

Keep up the good work. Thanks for another interesting video. I used Arduino w/ an ESP8266 to be able to remotely control a projector w/ IR as well as a remote controlled (315MHz) outlet. It would be interesting to dissect some remotes and get the actual data.

ianeberly
Автор

If I know you by watching all your videos so far you will resolve the myth by extracting the flipper zeros firmware and modify in the way that URH can transmit as is and there we go :)
Joke a side, I always verify my regenenrated signal with another very cheap receive only SDR such as good old RTL-SDR dongle.
It feels like when you de-noise the signal clicking the button couple of times you may be loosing some part of the preamble of the signal.

Keep up the good work!

deniz-akkaya-x
Автор

it looks like it does just transmit and receive plain ascii just modulated. definitely don't repeat it infinitely, the demodulator will think it is junk. The first bit could be a missinterpretation, you never know.

I have studied modulations, but only from electrical stand point, so I have no idea

matejkohout
Автор

Great Video. You have tried to send some message like and look if you can find a checksum/CRC.
Or maybe the message is prefixed with a length oder something like that. just Throwing out some ideas that have right know. But sadly i cannot test them because i dont have a sdr

Kurainu
Автор

With my very tiny amount of knowledge on this (which is undoubtedly less than yours :)), the only thing I can think of is maybe a stop bit like 8N1 in serial communications.

LordMortus
Автор

Not trying to be a smarty pants but what is this exercise good for aside from a thought experiment? Is there any practical application?

ergonomiczero
Автор

lots of good stuff, but I frankly have to cringe a lot watching your videos. You need someone to ping these things realtime against. The playback is slow, you can see progress of it - hence why the it replays every so often. Nothing to do with the antennae polarity !

gryzman
Автор

I'm not 100% sure what chip is used in flipper zero (CC1101 I think?), but it's very possible that it has built-in hardware CRC check and it maybe that URH doesn't send that checksum. I did have similar problem back in 2018 when I started playing with CC1101 and URH but I ended giving up on it back then.

MrTalon
Автор

Is your problem possibly because you're repeating the signal infinitely with no buffer at the beginning and end of the message? How does the device distinguish the trailing bits from the beginning of the next signal without any delay or padding? Have you tried re-capturing the radio you're transmitting and analysing how that may be getting interpreted? Might need a second SDR to test that.

AlienJake
Автор

i dont know about rf modulation, but can there be any crc in the data being transmitted? incorrect crc will lead to false data but there should be something received on the other side. weird

rahulkushwaha
Автор

Hope you'll make some more videos on SDR as you explore further, this was excellent as always!

shaneomacmcgee
Автор

The Generated Signal looks very overpowerd maybe reduce the Gain and then it works ?

BrAiNeeBug
Автор

I played around with esp32 microcontrollers and 433 mhz rx and TX modules and was able to detect and replay the doorbell at the office. Good for some pranks. I'm going to have to look up those tools you are using.

bertblankenstein
Автор

What I would do is write out the generated signal to a file and do the same process as your original capture and see if you get the same thing out (or you can even look at the waveform and see if they seem to match).

JohnHollowell
Автор

Nice video! I wish there were more videos where people have problems (and asked for viewers' help).

a
Автор

Have you got your udev rules setup? Linux does not know what to do with SDR hardware by default.

Also the 1/4 at the end is probably actually a checksum

Stner