Universal Radio Hacker - Replay Attack With HackRF 

have you experience in SS7 ?

@@cosmictrip4365 Yes

@@Richardincancale im trying to set this up but some info is missing. Do you know where to find MSC? And all that stuff? Cant find it. Im in continuos searching.

@@cosmictrip4365 Check out ‘Nick vs Networking’ and also the open source Osmocom stacks and their documentation. Have fun!

@@Richardincancale awesome bro of course that I'll take a look ASAP Im just waiting for my hackrf to test. 👌😃

Yup, I have a video on this topic too :)

@@TechMindsOfficial I'll check it out, Thanks for the video's & reviews.

@@TechMindsOfficial yes please i wanna do this

better still, write a script that parses weather data from floria and re-transmit that to the legit weather station :D one confused weater station owner :D

@@alzeNL Ha ha 😂

Lots to learn :)

ROFL!!! in korea you see that alot each table has its own waitress bell, not seen them so much in the UK (even in New Malden) but that would be hilarious

Don’t worry, there’s still loads of features I don’t know about :) Thanks for watching 🙏

Great stuff! I still need to purchase a portapak! Definitely on my list of videos once I get one

You’re welcome 😊

Thanks!

No , rtl-sdr is rcv only

@@tahaarslan5252what is worse than assumptions are baseless accusations. I am not being shady. If you care to know, it’s my own medical device which I did a legitimate security research on for my Masters degree. I have completed the project last year but thanks for your very helpful reply MrTaha... Now you go back to stealing the cars and stop calling people thieves for asking technical questions. Cars are not the only devices that use that range. Go and look up the MICS range. Educate yourself mate don’t be a fool.

@@TheRealAbdulIssa sorry mate

@@tahaarslan5252 No problems. Thanks for apologising

I’m thinking about trying this with my car key fob! Will report back with whether it worked or not :)

@@TechMindsOfficial Just realized that this was uploaded yesterday. I thought it was a really old video. Whoops!

@@TechMindsOfficial for car keyfobs you generally need to do a rolljam attack, which you could accomplish with your hackRF and an rtlsdr. Or you can use a couple of YardStick Ones. Woody gave a great talk at defcon this year about a more sophisticated keyfob attack against Ford cars though, it was really interesting. His talk also demo'd URH.

@@TechMindsOfficial OMG really, well that will lower the price of those german cars aha, i've never trusted any near field stuff!!!

@@TechMindsOfficial yes please and make a video about that.

Thanks

Do you mean something like a transmitting bug detector?

I highly recommend seeing a psychologist who can get you the help you need

My thoughts exactly 😅

If you know the devices model number then you should be able to google technical specs and hopefully they will publish the frequencies used.

@@TechMindsOfficial Ok cool thanks so much!😎

You’re welcome :)

@@TechMindsOfficial One more question sorry!! What can I use instead of a hack rf one

You can actually use a raspberry pi and a cheap SDR dongle. I have a video on this, doing a replay attack with a raspberry pi zero. Pi can also transmit :)

Check out my amazon store links in the description, under SDRs you should find one :)

It is $340 on greatscottgadgets

Or get an evil crow rf for $50z

Yep, sure can, watch this video: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-3NWn5cQM7q4.html

Sorted it

That’s pretty cool!

@@TechMindsOfficial Here are our measurements in many places in Germany: www.totalitaer.de/Radar/Messungen/ortemessungen.htm

we can only hope

Did you try typing pip3 instead of pip?

basically you want to intercept it yes ? of course then, with a bit of programming.

Quite possibly, but highly doubtful

if you managed to spoof a mast and set the security to basic, then you could read it - not saying its impossible, but it requires a fair bit of know how and work.

Give it to me for £1 and free shipping

Cars usually use a code which changes every time you click it, so that they're not vulnerable to this type of attack. Garage door openers used to be replayable, but for many years (maybe even decades now) have gone to a rotating code as well.

they have rolling codes.

Because most vehicles that come with the wireless unlock and start features use a rolling code system. 3rd party DIY remote kits may or may not use this though.

Yes

this is what police scanners are for.

@@Elfnetdesigns No Police scanners do not Decrypt Encrypted P25 transmissions No Radio in the world will!!

@@hgfhghghgfhfghgfhghg538 Fair enough on the scanner part, however an actual radio like say the Motorola APX 8000 I own and use every day will. Working in communications for the state and having access to flashport equipment and certain bits of info not avalible to the civilian public via radioreferance.com or whatever hobbyist ham radio website people use to get their outdated information has it's benifits. So saying no radio in the world can do it is not accurate at all..

@@Elfnetdesigns No Radio Will Without an encryption key and even of you manage to get a encryption key say from another radio the network will reject both and stun your radio dead. S unfortunately at the moment it's a Pretty secure system that has yet to be be broken. Here in Australia they also roll out new keys every few weeks as well making it even harder

@@hgfhghghgfhfghgfhghg538 I know how it all works lol I helped design and maintain the p25-2 system here.. I also have the means to roll out new keys whenever we feel the system may have been comprimised. My radio works because it's a technicians level radios, it gets a new key pretty high up in the priority stack because it's necessary for me to do my job and so on.. but you know how it all is, give it time.. Like everything else it will be cracked by some youtuber and plastered all over DefCon in Las Vegas for all the hackers and criminals of the IT and Comms world to get at I'm sure. Those people do not realise that their 15 minutes of psudofame put our law enforcement and first responders at risk. Our only hope is to stay ahead of the exploits and have new more secure systems roll out. I suspect the true bulletproof system will come once quantum computing becomes as normal as hope PC's and smartphones.. but that is years away..

Totally agree Jim, these heathens that say OSX must be hung drawn and quartered lol. Considering I’m an iOS developer and an Apple fanboy, I should know better 😂 cheers 🍻

apple sucks anyway, doesn't even matter

Jim Gardner is it OS X

I’ve always said os ex

Good luck stealing a car when you can't disengage the steering lock, let alone even start the car with this thing.

Yeah but you need the key fob to receive and capture the signal to be able to replay the signal... You can't just click a button and it works.. And the job needs to be a foot or less away from the hackrf.. So pretty much impossible unless your up someone's ass when they go to unlock there vehicle..

magic