Download to read offline
![3x - 32 BIT PACKAGE
[S][26 BIT ADD][G][C]](https://image.slidesharecdn.com/hackingyourhomehandout-150622184021-lva1-app6891/85/Hacking-your-home-48-320.jpg)
Uploaded byKarl-Henrik Nilsson
Hacking your home
This document outlines a presentation about hacking your home by controlling devices remotely through wireless communication protocols. It discusses using an Arduino board connected to wireless transmitter and receiver modules to send and receive signals that control devices like lights and appliances. Code examples and diagrams show how to set up the hardware and software to create a basic home automation system that can toggle devices on and off remotely. Contact information is provided for the presenter for anyone interested in learning more.
Hacking your home
- 1.
- 4. Karl-Henrik Nilsson Coder, Architect and Hardwarehacker E-mail : KH@mean.se Twitter : @KHNilsson
- 5. 0 0.5 1 1.5 2 2.5 0:00 1:00 2:003:00 4:00 5:00 6:00 7:00 8:00 9:00 10:00 11:00 12:00 13:00 14:00 15:00 16:00 17:00 18:00 19:00 20:00 21:00 22:00 23:00 Reason #1
- 10. It’s a lot offun!
- 14. There is an appfor that
- 15.
- 16.
- 17.
- 19. Please note thatthe man on stage uses metaphors* *A blatant lie that helps people understand without being even remotely accurate
- 20. How do they communicate? Andhow can we eavesdrop?
- 21.
- 22. 0 1 01 1 0 0 1 0
- 24.
- 26.
- 30.
- 38.
- 39.
- 40.
- 41.
- 42.
- 43.
- 44. There are 10 typesof people in the world
- 45.
- 46.
- 47.
- 48. 3x - 32BIT PACKAGE [S][26 BIT ADD][G][C]
- 51.
- 52.
- 54.
- 55.
- 56. The things Iused in the demonstration were Jula ansluta ”remote power switch” RF433 Mhz transmitter/Reciever Arduino Uno Rev3 External USB soundcard Most of this are sold much cheaper in China and other countries from companies such as AliExpress. RF433 Mhz transmitter/Reciever – ($4.27 for 5 pairs) Arduino UNO R3 (Not genuine but compatible) ($3.04)
- 57.
- 58. The code forthe arduino can be found here
Editor's Notes
- #36 This is the diagram for how to connect the listening device to the audio card. Please ping me on twitter if you need more information about how to do this. You can buy the receiver in many places but I believe I bought mine from (https://www.sparkfun.com/products/10532). Remember to look at the datasheet to make sure you version is just like the schematics provided. The image may be a little hard to see but the green wire connects to the 10K resistor and ground. The red wire connects to signal out via a 39K ohm resistor. Blue connects to ground.
- #37 You do not need to have an external sound-card but your sound-card must have an input marked “LINE IN”, using a microphone input will not work due to filtering and signal levels.
- #38 There are many software that will turn your computer into an oscilloscope with similar connections such as this but for our experiment we will just use audacity
- #40 You can download Audacity from http://sourceforge.net/projects/audacity/
- #43 You will probably encounter static when you are doing this if you are not in a very far off location, this is nothing to be worried about and is normal.
- #44 Zooming in on the static will show you random spikes and “triangular” waves.
- #45 Pressing the button will most likely give you these types of “bursts” that can then be zoomed in on to show the actual square wave that contains the data
- #47 Zooming in on the bursts will show you segments of these square shaped waves, this is the “golden ticket” and indicates FSK data.
- #49 This formula (11 in this case is the number of samples) gives you the value in seconds to get the number in µS use the formula ((1 / 44100) * 11) * 1000000
- #50 This are the actual significant data encoding spaces for the “JULA Ansluta” protocol. Note that it is quite easy to see that a pulse and a different spacing is the encoding for the data in this case however this may vary between different systems. What we will be looking for in most reverse engineering endeavours is the spacing (Frequency) difference between these recurring patterns
- #55 You can use Audacity to tell you the exact amount of samples in your given selection using the tool in the applications bottom left corner
- #63 For Nexa a binary 1 is encoded as 11 (or so I recall) and a 0 as 00 this means that 10 and 01 is incorrect data and serves as a simple way of fault checking the data. In my particular protocol the Jula Ansluta they are reverse encoded so a 0 becomes 01 and a 1 becomes 10 making 0111 01101010
- #66 So as we can see each push of a button gives us 3 bursts of a 32 BIT package with a Start BIT a 26 Bit Address, a Group Bit and a Command Bit.
- #74 The ”Jula Ansluta” series is a brand made version that works very similar to most other cheap brands. If you can’t get your hands on one do give me a shout and I’ll be glad to help you out!.