crash.software
Projects
Pull Requests
Issues
Builds
flipperzero-bruteforce
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY flipperzero-bruteforce Commits b6c5ae92
🤬
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
  • ■ ■ ■ ■ ■ ■
    README.md
    skipped 25 lines
    26 26  sub_files/
    27 27  └── PROTOCOL_NAME
    28 28   ├── SPLIT_FACTOR
    29  - │ ├── 000.sub
    30  - │ ├── 001.sub
     29 + │ ├── <parent_file>_000.sub
     30 + │ ├── <parent_file>_001.sub
    31 31   │ ├── ...
    32  - │ └── NNN.sub
     32 + │ └── <parent_file>_NNN.sub
    33 33   └── debruijn.sub
    34 34  ```
    35 35   
    36  -For each protocol there are 6 sub folders, containing 1, 2, 4, 8, 16 and 32 files, `SPLIT_FACTOR` indicates the number of keys per `.sub` file. This is useful when trying to get a close guess to the key.
     36 +For each protocol there are 6 sub folders, containing 1, 2, 4, 8, 16 and 32 files, `SPLIT_FACTOR` (the directory's name) indicates the number of keys per `.sub` file. `<parent_file>` simply indicates the parent file of the current `.sub` file, for example, inside folder `64` we have `003_006.sub`, its parent file is `128/<parent_file>_003` and its children will be `32/006_<file_id>`. This is useful when trying to get a close guess to the key.
    37 37   
    38 38  For example, let's say you are trying to bruteforce a gate using CAME 12 bit protocol:
    39 39   
    40 40  1. Play the single file (`4096/` folder) to make sure the attack works
    41  -2. Play the two files inside `2048/` folder, to see which half contains the correct key (suppose the second one works, containing keys from 2048 4095)
    42  -3. Play the second two files (`002.sub`, `003.sub`) inside the `1024/` folder to narrow the search
     41 +2. Play the two files inside `2048/` folder, to see which half contains the correct key (suppose the second one works, `000_001.sub` containing keys from 2048 4095)
     42 +3. Play its children (`001_002.sub`, `001_003.sub`) inside the `1024/` folder to narrow the search
    43 43  4. Keep doing this until you reach the last files inside the `128/` folder, these files take less than 10 seconds to send, almost the same as having the actual remote.
    44 44   
    45 45  If you wanted to narrow the search even more you could modify the script to generate your own files containing less keys.
     46 + 
     47 +The `debruijn.sub` files are there just for reference I have not really been able to use them succesfully, they try to simulate a debruijn sequence for the protocol, although this is quite unfeasible because most protocols have some sort of stop bit or pilot bit appended or prepended to the actual key that differs from a normal bit. Also I have not yet found a gate using a bitshift register.
    46 48   
    47 49  ## Currently supported protocols
    48 50   
    skipped 69 lines
Please wait...
Page is in error, reload to recover