lilygo t-embed cc1101 rf problem #587
Comments
|
After a few attempts I noticed that if I enter the frequency by hand 8xx the spectrum works fine, but when I'm on scan/copy the signal is not captured and the frequency moves to 433.xx and therefore it is not able to capture the raw signal because the frequencies are not aligned. on scan/copy if I configure the frequency manually (which it should do I think when the signal is taken on 'all range' automatically) the raw signal is not captured but the spectrum works because the frequency entered manually is obviously right. I hope it helps. |
|
Raw data isn't working as expected.. I'm working on it right now.. I hope to send the new version of the lib and beta today |
|
Thanks for the answer, I also add that in scan/copy the raw signal is captured with the wrong frequency at 433.xx and the spectrum does not work accordingly. It should instead take the right frequency directly which for me is at 868.xx, but now only the spectrum works if I enter the right frequency by hand and the raw signal is not taken. I hope I have explained myself better. Thank you very much and happy holidays! |
|
I deployed a new update to the RAW read and replay here e95aab7 with this lib change: bmorcelli/rc-switch@8023132 Can you test it for us? it is already on Beta |
|
on beta in 2 minutes.. lol |
|
Yep :) |
|
Here are some updates, now if I enter my frequency in scan/copy>range>choose-fxd/868.xx the raw signal is taken correctly and the spectrum works too. What still doesn't work is that if I scan/copy>range>all-ranges and send the rf signal from the same remote control I get the frequency 433.89 for no reason and without signal (the absence of signal for me is right because my frequency is 868.xx). It happens even if I choose a range between 779-928 I don't get any raw signal (instead this should be included for me). |
|
Hmmmm.... I will look into this frequency detection tomorrow then.. thank you! |
|
@bmorcelli I just flashed the latest beta from webflasher on my t-embed cc1101 and it says BRUCE e95aab7. I am not able to capture any frequency. I have checked with my car's keyfob but that may be issue of FSK modulation which is not supported yet. I will check with any other keyfob soon. I am able to transmit correctly using flipper zero .sub files. I received this T-Embed CC1101 a few days ago and since than not able to capture frequency (same was the case on older version. In Config menu, there is option PIN 43 and PIN 44 for RF TX PIN and RF RX PIN. Which PIN to select in these areas? I have RF module selected as CC1101 on SPI. Wrote all this in this particular issue because i thought this is relevant discussion. Apologies if i should have opened a new issue and thanks for your lovely work. |
|
I add that this morning I tested the replay of the raw signal but without success :'( |
|
Car key fobs usually are read in RAW data, and use something called Rolling code for protection against this kind of replay attack... To say that replay doesn't work you'll need a SDR or other device reading the signal |
I will look into this soon.. for some reason frequency detection is having some problem
@0x786d As long as you have CC1101 selected, the RF TX and RF RX pins are irrelevant. |
I guess if the key fob signal hasn't reached to the car and saved as custom subghz, it will work for one time. I used to do same with my car using RTL-SDR and a raspberry pi. If car gets locked/unlocked, that rolling code is used and won't work again. Btw, my T-embed is not reading any RF signal at all. I can't see anything on spectrum and scan/copy function also doesn't respond to any rf transmission. |
|
Doing the replay after capturing the signal, shouldn't I have an 'unused' code and therefore working even if the rolling code is present? Or am I missing something about the operation? Unfortunately I am not successful :( |
|
I fixed an issue where decoded codes weren't being saved well. And the Scan issue, @hunt3rbb666NotFound may hed been fixed here d04f804 I think it needed some extra time when changing Antenna HW setting (debounce and noise reading) |
|
If someone has a HackRF or some SDR, can you check one thing for me? I believe the signal is being saved "inverted"... Like high times and Low times swapped... If this is the problem, I might need to add one dummy time at the beginning to invert it.. If someone can send a snapshot of both original signal and replayed signal, where we can see the first 10 square waves, maybe it can help me debugging this issue |
|
I tested but without success. For me, I turn on the rf > device > config > rf module > cc1101 > scan/copy > range > all-ranges sending signal from my remote control and on the display it appears "Freq: 433.89 Mhz" and that's it. If I move from the automatically detected frequency 433.89 and go to RF > Spectrum does not work. If I do it manually and I enter the right frequency of my remote control in rf>config> rf frequency> 868.xx and I go to rf > spectrum it works fine, on scan/copy it works fine the raw signal is captured, but if I do replay unfortunately it doesn't work in the sense that my car doesn't open even if 'sending' appears on the display. So there is an error both in the correct detection of the signal frequency (the only way is to enter the exact one manually) and also in the replay it does not work. I hope to be of help. |
@bmorcelli please see my reply #608 (comment) |
Hi, my lilygo t-embed cc1101 has arrived. I have the same RF problems (version 1.8 and beta receive the raw RF signal but when I replay the machine does not open). If I try to save the raw rf signal the device freezes and I have to reset it. The specter is also immobile. Can you tell me if I need to configure anything in particular? Or a version tested by you on this specific device? Thank you for what you do.
The text was updated successfully, but these errors were encountered: