Experimentation with subghz modules, mainly on 433.92MHz. The project, like previous TV-B-Gone implementation, contains menu script, that you can use to choose between options, they are linked to python scripts with different purposes. And like the previous project, everything is public, you can do whatever you want, I don't really care. Maybe you could use this with more modules and even switch between frequencies, if you modify the script, but I only have this module and better solution would be just to buy CC1101 chip.
The script requires pigpio library to work, you can install it by running:
wget https://github.com/joan2937/pigpio/archive/master.zip
unzip master.zip
cd pigpio-master
make
sudo make install
For plotting, you will need to install matplotlib. On Debian, you can do it via apt:
sudo apt-get install python3-matplotlib
Firstly, you need to clone my repository and navigate to it:
git clone https://github.com/bababooex/raspberrypi-subghz-ASK.git
cd ./raspberrypi-subghz-ASK/Code_file
To use the main script, make it executable with chmod and then simply run it with bash.
sudo chmod +x menu.sh
./menu.sh
It will enable pigpiod and throw you to menu, where you can choose some options, like jamming, record/replay etc.
You can use simple ASK TX module, like fs1000a or something similar, I used some random ASK transmitter with two SMD RF transistors labeled "2D". I wanted the frequency to be very precise, so I used SAW resonator with label 433.92 meaning 433.92MHz and replaced the previous one. I connected this module data input to GPIO_13 and 5V supply.
Image of simple transmitter
Like for transmitting, there are also cheap modules for reception of ASK modulation, like XY-MK-5V. I used different type with PT4317 superheterodyne receiver chip, that could theoretically work also on 315MHz, but I would need to replace SAW resonator. I connected this module data output to GPIO_25 and 3.3V supply.
Image of simple receiver
Because a lot of .sub files in subghz database contain RAW data, you can send them using external ASK module, I also added most used protocols support. Many are hard to implement and they arent worth to spend time on. Here is test file for Holtek_HT12X:
Filetype: Flipper SubGhz Key File
Version: 1
Frequency: 305000000
Preset: FuriHalSubGhzPresetOok650Async
Protocol: Holtek_HT12X
Bit: 12
Key: 00 00 00 00 00 00 07 CF
TE: 348
Encoded version looks like this:
You can see TE override, because short lenght is 348 uS. Total bit lenght is 13 bits, thus key + header in this instance.
So I tested my script with flipper zero itself, I tried it with Princeton protocol and it seems to work really well, so it is nice to be able to test my recently bought flipper zero for protocol detection and analysis. Here is what I tested:
Filetype: Flipper SubGhz Key File
Version: 1
Frequency: 433920000
Preset: FuriHalSubGhzPresetOok650Async
Protocol: Princeton
Bit: 24
Key: 00 00 00 00 00 52 81 1C
TE: 154
And what I got with flipper:
Not sure about the small TE mismatch, but that doesnt really affect function very much. However, when cloning signal of some protocol and replaying back, it doesnt get decoded with flipper and flipper saves it as BinRAW. But it will probably work on the device itself, but I dont have anything, like doorbell, to test it yet.
- https://github.com/Zero-Sploit/FlipperZero-Subghz-DB - Flipper zero subghz database
- https://github.com/jamisonderek/flipper-zero-tutorials/wiki/Sub-GHz - Flipper zero subghz explanation and protocol definitions
- https://github.com/merlinepedra25/flipperzero-bruteforce - Flipper zero bruteforce files
- https://github.com/SHUR1K-N/Flipper-Zero-Sub-GHz-Jamming-Files - Flipper zero jammer files
- https://github.com/Robbbbbbbbb/tesla-chargeport/tree/main/Flipper%20Zero - Tesla chargeport Flipper zero files
- https://abyz.me.uk/rpi/pigpio/index.html - pigpio library website
- https://github.com/breisa/433mhz - inspiration for signal cloning
- Maybe add more protocols
- Decoding in the future...