Reverse Engineering RF Remote

Get help identifying an unknown signal.
Post Reply
Posts: 1
Joined: Sun Apr 12, 2015 6:24 pm

Reverse Engineering RF Remote

Post by art » Sun Apr 12, 2015 6:44 pm

As part of a larger project, I would like to be able to replay signals of this remote. It's a remote for a consumer device I own (controls temperature), operating at 433MHz and I'm guessing (based on the remote wiring diagram) it's using ASK modulation.

I've bought an RTL-SDR dongle and recorded the remote signal using SDRSharp (see Audacity screenshots). Each button press (increase/decrease temperature) produces 6 packets that are exactly the same.

From reading a few blogs it seems that the common assumption is that each fat/thin pulse corresponds to 0/1. Is that a reasonable assumption? Do I need to replay all 6 packets and does the interval between the packets matter? Any sense in how accurate my timing (ie baud rate) needs to be?

Also, what is the simplest (in terms of time of getting it done for an RF newbie) of replaying the signal using a windows pc? From my reading a lot of people use the rfcat dongle but I rather not go thru installing a linux partition just for that.


Site Admin
Posts: 2478
Joined: Mon Nov 19, 2012 11:54 pm

Re: Reverse Engineering RF Remote

Post by rtlsdrblog » Tue Apr 14, 2015 4:30 am

I think your assumptions are correct. If you go through our post history searching for reverse engineering you should find some similar projects that might give you ideas

For replaying the signal, something like rfcat would probably be the easiest, unless you have electronics knowledge and can build and program a circuit with a microcontroller and 433 MHz transmitter. Either that or you could spend a little more and get a HackRF and simply copy and replay the signal using that.

Post Reply