Citation
I recently had a strong interest in software-defined radio technology (SDR), and I was interested in one of the popular SDR platforms (HACKRF), which received a range of frequencies between 1MHz ~6ghz (wider). There is also a need to mention an interesting and useful attack method, that is, to re-send the attack, of course, it can be understood to record a simple signal, and then broadcast it. I will use my computer to attack and unlock the Jeep Patriot (2006) car. Patriot is a Jeep brand under the road performance of a city-type SUV, but also a Jeep brand has always been the cross-country nature, in the Chrysler Booth ready to participate in the Patriot Car tail nameplate on the Chinese name for "free guests."
First I need to record the car "lock/unlock" signal, of course, here need to use the car keys. For more information, refer to Flowchart (gnuradio-companion)
Things to note after contacting the flowchart
1. Frequency 315 MHz (frequency of wireless key access)
2. It can record 2 million copies per second (after importing the Audacity software)
3. Saved file Form-radio_signal.dat
4. Show it in "Waterfall Chart" form
5. Here is the waterfall diagram, which is the first "unlock" signal, followed by the opposite signal.
Now I can simply replay these signals, in order to analyze these signals in more detail, I have tried to use audacity clip these signals, Audacity is a free audio processing software, while it can edit the wireless signal, but the author said here will not reveal too much, but can refer to this: click My
This is the lock/unlock signal seen in the Audacity software.
So here, you can clearly see 2 different signals: First unlock, then lock. And here I can also choose the input/output signal through different files.
So I got two files of raw signal data.
It is important to note that this time clip down the signal and save it as a file, the size is 10Mb. Finally make a flowchart, you can refer to the following
To better execute the script, I just modified the gnuradio-companion output of a script (top_block.py) and put its modified script (jeep_unlock.py) into a file (jeep_ Unlock.raw), and Other (lock_jeep.py) scripts are also placed in their files.
Demo Video
* Reference source : Calebmadrigal
Use Hackrf+gnu Radio to hack Jeep key signal