0
OSHUG #15Hacking Commodity Wireless           Paul Tanner          @paul_tanner    slideshare.net/paul_tanner
Background     ●   Why make what you         can buy?     ●   Proprietary tech but         with benefits     ●   Very limi...
Approach    ●   Observe the protocol    ●   Increase the doc    ●   Deduce the protocol    ●   Code and test        ●   Tr...
Nah! El-cheapo version           ●   Some of these               devices use 433Mhz               signalling           ●  ...
RF-to-audio etc        ●   Ard. shield makes for            convenient mounting        ●   Receiver has digital           ...
Some ResultsSomewhat inconsistent snapshots but you get the idea
Get Measurements        ●   Simple program can            capture pulse widths        ●   Inevitably theres            noi...
Magic happens here         ●   Look for clues e.g             Blogs etc         ●   Expect e.g.             Manchester enc...
Conclusion     ●   It can be done     ●   Most successful with         output devices     ●   Very hard with         devic...
Upcoming SlideShare
Loading in...5
×

Wireless hacking 20120126

338

Published on

Talk about how to connect proprietary devices to your network understanding protocols with low-cost tools.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
338
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Wireless hacking 20120126"

  1. 1. OSHUG #15Hacking Commodity Wireless Paul Tanner @paul_tanner slideshare.net/paul_tanner
  2. 2. Background ● Why make what you can buy? ● Proprietary tech but with benefits ● Very limited doc ● Not easy without sophisticated tools ● Lets mess around
  3. 3. Approach ● Observe the protocol ● Increase the doc ● Deduce the protocol ● Code and test ● Transmitter (easy) ● Receiver (hard) ● Iterate (potentially for ever :)
  4. 4. Nah! El-cheapo version ● Some of these devices use 433Mhz signalling ● In which case use audio recording ● PC or Mac + software e.g. Audacity ● Otherwise start saving up
  5. 5. RF-to-audio etc ● Ard. shield makes for convenient mounting ● Receiver has digital output and no embedded protocol ● Transmitter likewise ● Alternatives available ● Could add switches to power down when not in use.
  6. 6. Some ResultsSomewhat inconsistent snapshots but you get the idea
  7. 7. Get Measurements ● Simple program can capture pulse widths ● Inevitably theres noise – shield? ● Triggering needed for infrequent transmissions ● Then add decoder
  8. 8. Magic happens here ● Look for clues e.g Blogs etc ● Expect e.g. Manchester encoding ● Expect redundancy, e.g. checksums ● Hope for inspiration ● Test and iterate
  9. 9. Conclusion ● It can be done ● Most successful with output devices ● Very hard with devices that send infrequently ● Online help limited but does exist
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×