Skip to main content
Topic: protocol sniffing??? (Read 2116 times) previous topic - next topic

protocol sniffing???

Hi all,

I'm a complete newbie in the world of protocol sniffing, so I have a few basic questions. I've got a wireless thermometer that uses a 433 MHz RF link to transmit data from a remote sensor to the base unit. I built a 433 MHz receiver to capture this data, but I don't know how to proceed decoding the protocol to extract the temperature data. I can capture the 'bits' that are transmitted using a scope, so I'm wondering if this would be a good application for the Bus Pirate? Specifically, how does one go about decoding a completely unknown protocol after the data is captured?

Thanks,

John 

Re: protocol sniffing???

Reply #1
I think you can start with the SUMP, which is a logic analyzer with samplerate upto 1Mhz (theoretical datarates of 500Khz prolly less). With the captured data you can see the bits transferred and try to destille a protocol out of it. Make sure the signals are ttl level.

Try to figure out the data that is being send (in case of a temp sensor it is simple I guess, some start sequence, the adc value, checksum and end sequence)

Happy hacking!

http://code.google.com/p/the-bus-pirate ... alyzerMode more about the logic analyzer.

Re: protocol sniffing???

Reply #2
Im pretty sure that the buspirate has a logic analyser mode as well.

if the data speed from the rf receiver isnt to high ( i suspect it wont be) then it might be able to cope with the data.

Check that out and see if it can do what you need.

Re: protocol sniffing???

Reply #3
I think that sounds like a plan. I'd start with the logic analyzer mode to get a peek at the protocol (if the Bus Pirate LA is fast enough). You can attach a screen shot to a post and we can all see if we recognize it. It might be something simple like a UART that you can simply tap into with the Bus Pirate.
Got a question? Please ask in the forum for the fastest answers.