Well from a logical standpoint it could be a few things.. If one item stops communicating with another an out of band message is sent stating its down and alerting you to an issue.. A second way could be an IDS monitoring the frequency for disruptions and alerting / triangulating the issue.. Both of these could be solved with some ingenuity and a bit of coding.. I am sure there are other options as well if you think about exactly what your trying to achieve and understand how your devices are communicating
Review and understand the behavior of the hardware you are hacking and you will find your answer.. every hardware will be different.. Comes down to threat modeling and observing something and applying attacks that make sense for what you found.
No clue, sounds like you have something interesting to research.. grab a device with anti jamming and play with it.. see how it interacts with your attacks and what might be needed to disable/bypass it....
If you were testing this in the wild, would it not have been better to survey the frequencies that are being use because you wouldn't necessarily know what model alarm system they use and then go through this process?
Absolutely true.. we are actually doing that for the second part of the blog.. since we will be attacking a real world target and then creating our own keyfobs for it..
No worries.. this was more for a penetration testing perspective... usually you are given 1 or 2 devices for your testing by whatever company hired you.. so you have them on hand to look up FCIDs and play around with everything.. :)
Watch the video on what is being done, and think about that question, then review the docs on the target / thread model its functionality. Its based on how it functions.
You can do this with the HackRF, but you would have to set it all up in GNURadio and figure out what you need with that.... Do some research and give it a try!!! I prefer the Yardstick its more penetration tester friendly for coding..
The best antenna would probably be a specific antenna for the frequency your device is using.. You can buy antennas for that frequency. For example go on amazon and type 315mhz antenna, or 433 mhz antenna. Or use a telescopic antenna which might work best for a range of frequencies. Range is variable, I mean its wireless, so there are lots of factors associated with it.. Are there walls in between your target and your yardstick, what are these walls made of, brick, metal, sheetrock etc. Range will be a case by case bases determined by your environment. All part of the testing process. Have you ever noticed when you move your Wifi router around your house things change.. For example if you put your wireless router in a room behind a brick chimney your house all of a sudden has horrible connection.. The frequency range and the environment will determine what kind of range you get.. Each frequency is also more or less resistant to the environment around it.
You will have to assess the alarm that you are attacking and analyze how that device functions, use that knowledge to attack it accordingly... If it has rolling code then you will need to bypass that by suppressing legitimate codes and re-sending... Everything is device specific to what you are testing.. you will need to analyze the data flow and interactions and test it according to what you are seeing.
the motion sensors attack only works if via wireless with the ecu ?
Good evening, I'm calling from Italy, I'd be interested in buying the complete kit for testing or disabling motion sensors. With best regards.

Is there a way to detect this if you're the owner of a camera that's being hacked using this method?
Well from a logical standpoint it could be a few things.. If one item stops communicating with another an out of band message is sent stating its down and alerting you to an issue.. A second way could be an IDS monitoring the frequency for disruptions and alerting / triangulating the issue.. Both of these could be solved with some ingenuity and a bit of coding.. I am sure there are other options as well if you think about exactly what your trying to achieve and understand how your devices are communicating
Does this just disable motion sensor cameras, or motion sensor lighting too?
Review and understand the behavior of the hardware you are hacking and you will find your answer.. every hardware will be different.. Comes down to threat modeling and observing something and applying attacks that make sense for what you found.
Could this work against anti-jamming devices, don't they constantly send a signal and act like a dead man switch when jammed?
No clue, sounds like you have something interesting to research.. grab a device with anti jamming and play with it.. see how it interacts with your attacks and what might be needed to disable/bypass it....
If you were testing this in the wild, would it not have been better to survey the frequencies that are being use because you wouldn't necessarily know what model alarm system they use and then go through this process?
Absolutely true.. we are actually doing that for the second part of the blog.. since we will be attacking a real world target and then creating our own keyfobs for it..
ConsoleCowboys lol ok. Just me jumping ahead. Looking forward to the next one then 😁
No worries.. this was more for a penetration testing perspective... usually you are given 1 or 2 devices for your testing by whatever company hired you.. so you have them on hand to look up FCIDs and play around with everything.. :)
Thx, for good video. Could this interfere with the wireless camera's motion detection? Will it work for wired cameras too?
Its a wireless attack, so understand how the target works and then apply a relevant attack....
If motion sensors are wired, the it will work?
Watch the video on what is being done, and think about that question, then review the docs on the target / thread model its functionality. Its based on how it functions.
Is there a free programs alternatives of these programs
all of the programs used are free.
@@ConsoleCowboys wow list please
Robin: *I hacked the motion sensors*
Great job....can be used for this test hackrf one?
You can do this with the HackRF, but you would have to set it all up in GNURadio and figure out what you need with that.... Do some research and give it a try!!! I prefer the Yardstick its more penetration tester friendly for coding..
ConsoleCowboys What will be the range?Distance between yardstick and motion sensor....wich wil be best antenna ?Thanks for the replay
The best antenna would probably be a specific antenna for the frequency your device is using.. You can buy antennas for that frequency. For example go on amazon and type 315mhz antenna, or 433 mhz antenna. Or use a telescopic antenna which might work best for a range of frequencies. Range is variable, I mean its wireless, so there are lots of factors associated with it.. Are there walls in between your target and your yardstick, what are these walls made of, brick, metal, sheetrock etc. Range will be a case by case bases determined by your environment. All part of the testing process. Have you ever noticed when you move your Wifi router around your house things change.. For example if you put your wireless router in a room behind a brick chimney your house all of a sudden has horrible connection.. The frequency range and the environment will determine what kind of range you get.. Each frequency is also more or less resistant to the environment around it.
ConsoleCowboys Thanks a lot for the info buddy...you are the best😎😎
Hi Cowboy ,also works with alarms with roling code?
You will have to assess the alarm that you are attacking and analyze how that device functions, use that knowledge to attack it accordingly... If it has rolling code then you will need to bypass that by suppressing legitimate codes and re-sending... Everything is device specific to what you are testing.. you will need to analyze the data flow and interactions and test it according to what you are seeing.
ok thanks a lot, i have to attack it with RFCrack, -j mode :))
@@ConsoleCowboys
Is this Kali Linux?
OSX