Our great sponsors
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
-
-
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
For IR remotes, there are a few ways to go about it. If you have a remote you want to clone, you can just use the flipper to clone and map buttons to a custom remote. If you don't have the remote and have a common device (like TVs), I would check this repo on Github [0] and see if you can find a compatible IR file. Note, you need a micro SD card in order to move the files onto the flipper, but a small one works fine.
I've had good luck with the basic universal remote when I'm in a pinch. Also, you can create custom IR files, but it can be a pain with encoding. The flipper forums are a good resource too [1].
[0] https://github.com/Lucaslhm/Flipper-IRDB
[1] https://forum.flipper.net/
I got one not too long after the official launch and I've used it a decent amount (granted I am in cybersecurity and have a more real-world use cases then the average person). My favorite use case is the IR remote since phones no longer have IR blasters. It's saved me twice so far in having to buy/find a remote for something.
One thing people don't realize is that the custom firmware [0] that you can run allows you to receive and transmit on a wide range of frequencies under 1Ghz. Lots of things use that range (garage doors, gates, fan remotes, etc.) and are not very secure. I think that this will be a time looked back on where it's possible to interact with those devices without having to buy a custom PCB transmitter or somewhat expensive and complex SDR.
[0] https://github.com/DarkFlippers/unleashed-firmware
I would check out the Proxmark3 Github repo [0]. They have a cheatsheet [1] with the basics on how to get started. I also did a talk about RFID security last year about the basics [2]
To get started, the basics are: low freq (LF) is usually around 125khz and is rarely encrypted (HID Prox is the most common in the US). The data is often encoded in Wiegand format for access control systems (something to keep in mind when reading the raw data).
High freq (HF) (aka NFC) is ~13Mhz and is readable by most Android phones with NFC. Not all tag data can be read however. HF cards support a lot of different options including data storage (normally in a block layout with permissions to read and write depending on keys) and encryption (iCLASS and SEOS being the HID offerings and very common). Some can be cloned (like hotel cards) while others (like SEOS) require a downgrade attack to work correctly (SEOS -> normal SEOS reader -> Weigand data -> older style card like HID Prox).
[0] https://github.com/RfidResearchGroup/proxmark3
[1] https://github.com/RfidResearchGroup/proxmark3/blob/master/d...
[2] https://www.youtube.com/watch?v=zKOAywZqisc
https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu...
>> or somewhat expensive and complex SDR
I don’t think that’s as accurate today as it used to be.
On the hardware side there are tons of options very cheaply available - iirc the flipper uses the c1100 (or a number like that) it’s a popular cheap chip and it’s well documented and interfaces easily with arduino.
More accessibly, lime mini SDRs are cheap but there’s quite a few alternatives too.
On the software side GNU Radio is free with decent tutorials - we’re not talking anything like blender levels of difficulty to adopt even if it is a complex domain.
Although on the more accessible side, urh is incredibly powerful given how easy to use it is https://github.com/jopohl/urh
I used the latter to tap into a 2 channel wireless bbq thermometer via a $10 rtl sdr and that was a breeze, an absolute walk in the park compared to when I reverse engineered the flysky telemetry system.
As someone with a HackRF PortaPack knockoff I got from ebay, I would agree that SDRs are better and cheaper than ever before. However, I think the average person will struggle with using a HackRF for more complex projects. I've used URH before, and while useful, it can be intimidating for beginners.
Also, while I like the RTL-SDR (and the price tag!), you can't transmit with it. While this isn't a deal breaker to everyone, if you'd like to clone a garage door remote, for example, you need to be able to transmit. While you could use something like a raspberry pi and rpix [0], but I think it is more work than it's worth for many. Also, multiple RTL-SDRs are required for higher bandwidth applications like ASTC TV or trunked radios.
With the flipper, I think the main draw for most is the point-click-done nature. Include the Android/iOS app and it makes it easy to configure on the go without a computer. The expandability is one of the main feature that will increase adoption over time compared to the HackRF+PortaPack which, from what I saw in the past, lacked longer-term support and regular updates and new features.
[0] https://github.com/F5OEO/rpitx
For Chamberlain brands [0] there is some research that shows that their rolling code system (Security+ and Security+ 2.0) is quite easy to decode/decrypt [1]. This feature is supported in the flipper firmware, but is restricted (you can't create a custom remote, only clone is supported) without custom firmware. However, I'm sure you could decode a raw capture file if needed in a pinch.
[0] https://chamberlaingroup.com/our-brands
[1] https://github.com/argilo/secplus