Tagged: doorbell

Wireless Door Bell 433 MHz ASK Signal Analysis with a HackRF

Paul Rascagneres, an RF experimenter has recently uploaded a document detailing his efforts at reverse engineering a wireless doorbell (pdf file) with a 433 MHz Amplitude Shift Keyed (ASK) signal with his HackRF software defined radio. The HackRF is a SDR similar to the RTL-SDR, but with a wider available bandwidth and transmit capabilities.

To reverse engineer the doorbell, Paul used GNU Radio with the Complex to Mag decoder block to receive and demodulate the ASK signal. Once demodulated he was able to visually see the binary modulated waveform, and manually obtain the serial bit stream. From there he went on to create a GNU Radio program that can automatically obtain the binary strings from the ASK waveform.

In order to replay the signal, Paul found that the simplest way was to use the hackrf_transfer program, which simply records a signal, and then replays it via the HackRF transmitter on demand. With this method Paul was able to ring his doorbell via the HackRF.

Paul also confirmed his SDR results with an Arduino and 433 MHz transceiver. He then took it a step further and used the Arduino to create a system that could automatically receive and replay signals at 433 MHz and 315 MHz.

Decoding an ASK modulated bitstream.
Decoding an ASK modulated bitstream.

Digital Ding Dong Ditch – Hacking wireless doorbells with Arduino and RTL-SDR

Over on YouTube user Samy Kamkar has uploaded a video showing how he was able to use an RTL-SDR to copy his friends wireless doorbell signal and prank him by replaying it using an Arduino and 433 MHz transmitter. His video goes through the entire reverse engineering process he used from recording the wireless doorbell signal with the RTL-SDR, to analyzing and understanding the signal and finally to programming the Arduino with the code to replicate the doorbell signal. If you don’t like video explanations, Samy has also done a write up of the same material on his website. 

Digital Ding Dong Ditch Prank – hacking wireless doorbells w/Arduino and RTL-SDR