DIY CC1101 tool - RF jammer, replay attack, sniffer - cheap & easy tool for radio pen testing
41,694
Published 2023-06-04
The project page is here : github.com/mcore1976/cc1101-tool and... I am giving this design for free to everyone... Well, it is not Flipper Zero, it is even BETTER ! and still simpler to use than Yard Stick One
The parts you need : (Sparkfun) Arduino Pro Micro 3.3Volts / 8 MHz version, some cheap CC1101 module for Arduino (try to buy version most accurate for the frequency you want to play 433MHz/315MHz/868MHz ). I have included ESP32 and ESP8266 versions as well as Arduino Nano/Mega/Uno version (this one requires TXS0108E TTL logic converter to interwork with CC1101 module)
It can do :
- scanning radio bands for most accurate frequency of the signal : scan minfreq maxfreq
- record & replay of radio frames ( rec & play commands),
- you can compose your own set of frames/signal chunks to be sent (add /show/ addraw/ showraw/ flush commands) ,
- has built-in jammer functions (command jam)
- can sniff packets ( command rx / rxraw )
- can send single frame (command tx)
- can capture/record and replay any RF signal via RAW format (like Flipper Zero can - commands recraw/playraw/showraw)
- can store & restore recorded/composed packets and RAW RF into non-volatile EEPROM memory (commands save/load)
- it has CHAT option so you can connect many of such devices over radio to support simple radio communicator
It also has a possibility to set every single parameter of CC1101 chip with simple human readable commands thanks to use of SmartRC library by Little_S@tan ( github.com/LSatan/SmartRC-CC1101-Driver-Lib )
If you combine it with Universal Radio Hacker tool ( github.com/jopohl/urh ) you can do a lot of things over radio... Even without URH you can do record & replay attacks. The tool can be easily used to perform most of RF attacks to cars and other devices like wireless door openers, door bells and so on. I do not encourage you to do such things but sometimes it is worth to check if the wireless devices that you are using are truly safe, don't you think ?
DISCLAIMER - you use this device at your own risk. I can not be held responsible of your own actions and damages you could do with this device. My video has only educational value and the device should be used responsibly following local law regulations.
I am not showing how to hack in this video, you have to figure it out on your own.
If you like this project please press LIKE button and SUBSCRIBE the channel !
Thank You for your support !
#ALCHNL #ARDUINO #SDR
All Comments (21)
-
i like that you still update the project to this day, i really appreciate you for making everything public for everyone to learnπ
-
Youβre a legend dude, I was always wondering how to apply these cc1101 boards but Iβm not a microcontroller guy and this gives me a reason to get into it and a blueprint to follow.
-
Can't wait to see this. I found your videos after making a little NRF24 WiFi Jammer, your mic jamming project is awesome. VERY eager to see what you do with the CC1101, that was next on my list of fun transceivers to play with :)
-
Very very good! I like CC1101 very much, just have your tutorial, thank you very much!π
-
Amazing content man! I have been trying to do this for months and this really helped me out!
-
It worked with esp32!!:face-blue-smiling::face-blue-smiling: so useful video!Hope you make more!
-
very use full info an innovating tech keep videos like this
-
Your content is best
-
Fantastic video! Would be nice to add a WIFI Access Point mode to the ESP32 board in your github repo.
-
You are an absolute legend my friend ... very humble username but again far from just any engineer ... youve helped me enormously ... do u have a patreon or paypal for ppl to support ur work an vids etx??
-
hi really a great tool well done...if I understand correctly for jamming you have to use the corresponding modulation set for example if I have the right to jam a 2fsk frequency I must select it before launching the Jamm command?
-
Continue to pay attention to you and harvest continuous surprises! Love you<3
-
Awesome β€ππππ
-
Hi I have a question here. How does Flipper Zero manage to support 315mhz, 433mhz and 868mhz using c1101 while the modules available usually only support one of the three frequencies?
-
Loved the video is it possible to do the same with an ESP32 board or it has to be the Arduino Pro Micro?
-
loving this, is there a way that it can be dynamically configured to jam frequency within 50 meters
-
hi would it be possible to adjust the sensitivity when I launch the sniffing...I don't receive anything from the surroundings I think...and I would like to know a little more about the scan function...when I launch it nothing happens is displayed when pressing the remote control THANKS
-
Congratulations on the channel!! Could I use the Pro Mini?
-
Could you use a 5v 16mhz Arduino with a voltage level shifter or is the 8mhz clock necesary for operation?
-
Does the particular CC1101 module that you are using work at 868Mhz ? I don't get why 433 is written on it if is works for almost the whole subGHZ range I think mine is actually faulty, that made my job harder all along I managed to get my garage door code using univerval radio hacker at least, but I can't unlock it with my digispark like you did in an earlier project since it works at 868Mhz
