We’ve been interested in the Universal Software Radio Peripheral (USRP) SDR and the associated open source GNU Radio software for some time, but the $1500+ cost has kept the project on the back burner. Nevertheless, we always like a good story about RF hacking with the USRP.
Corey and Max saw a wireless USB Proximity Lock in use in their office and wondered how difficult it would be to hack it open using the USRP. The principle behind these locks is simple: when the associated fob is within range, the USB attached dongle sends a message to the PC locking software which then permits access to the PC (and also frees you from the “dolphin” lockscreen.)
In this tutorial they describe the steps they took to using a USRP to conduct a record and replay attack on the fob-dongle wireless link. While you may think it’s overkill to use this type of expensive RF equipment to hack a $20 lock, the point is to demonstrate the steps involved in coding in GNU Radio to use the USRP to analyze and attack wireless protocols.