YouTube Talk: Investigating RF Controls with RTL-SDR

During the SANS Pen Test HackFest which was held back in 2017, speaker Katie Knowles who is a security consultant at MWR Infosecurity did a very informative talk on how an RTL-SDR can be used to investigate RF signals. The video has recently been uploaded to YouTube and is shown below. In the talk she goes over how to reverse engineer and understand simple RF protocols, like those used by common RF remote controls found in the home. She then goes on to talk about the basics of software like GNU Radio and rtl_433. The talk blurb reads:

Cranes, trains, theme park rides, sirens, and …ceiling fans? Modern RF protocols have made secure wireless communications easier to implement, but there’s still a horde of simpler RF control systems in the wireless world around us.

Lucky for us, the onset of affordable Software Defined Radios (SDRs) means that exploring these devices is easier than ever! In this talk, Katie examines capturing and understanding basic RF control signals from a common household controller with the affordable RTL-SDR so you can start your own investigations.

With a little knowledge of these protocols we can better explain what makes them risky to the environments we assess, practice thinking in the offensive mindset, and have some fun examining the signals around us.

Slides available here.

Signal Safari: Investigating RF Controls with RTL-SDR – SANS Pen Test HackFest 2017

Notify of

1 Comment
Inline Feedbacks
View all comments

Very nice intro to listening to the ubiquitous signals inhabiting the airwaves. Wireless doorbells, temperature monitors, wireless switches commonly found around the house, all doing their job day in and day out. Just watching a slice of the ISM bands with an antenna and an SDR-dongle will show many intermittent signals emanated by these devices. Interesting how they have improved the quality of life. All due to radio transmitters and receivers.

Bravo, Katie Knowles, excellent presentation.