Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/jopohl/urh
Universal Radio Hacker: Investigate Wireless Protocols Like A Boss
https://github.com/jopohl/urh
airspy bladerf hacking hackrf iot limesdr python qt radio rtl-sdr sdr sdrplay security usrp wireless
Last synced: 3 days ago
JSON representation
Universal Radio Hacker: Investigate Wireless Protocols Like A Boss
- Host: GitHub
- URL: https://github.com/jopohl/urh
- Owner: jopohl
- License: gpl-3.0
- Created: 2016-04-01T19:43:07.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2024-11-12T07:11:18.000Z (about 1 month ago)
- Last Synced: 2024-12-02T12:04:36.201Z (10 days ago)
- Topics: airspy, bladerf, hacking, hackrf, iot, limesdr, python, qt, radio, rtl-sdr, sdr, sdrplay, security, usrp, wireless
- Language: Python
- Homepage:
- Size: 53.3 MB
- Stars: 11,024
- Watchers: 423
- Forks: 879
- Open Issues: 46
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
- awesome-python-applications - Repo
- awesome-gnuradio - urh - Analysis PHY layer (Other SDR Software)
- awesome-starz - jopohl/urh - Universal Radio Hacker: Investigate Wireless Protocols Like A Boss (Python)
- awesome-python-applications - Repo
- awesome-discoveries - Universal Radio Hacker - a software for investigating unknown wireless protocols _(`Python`)_ (Networking)
- awesome-hacking-lists - jopohl/urh - Universal Radio Hacker: Investigate Wireless Protocols Like A Boss (Python)
- awesome-rainmana - jopohl/urh - Universal Radio Hacker: Investigate Wireless Protocols Like A Boss (Python)
- Awesome-CTS - URH
README
![URH image](https://raw.githubusercontent.com/jopohl/urh/master/data/icons/banner.png)
[![CI](https://github.com/jopohl/urh/actions/workflows/ci.yml/badge.svg)](https://github.com/jopohl/urh/actions/workflows/ci.yml)
[![Code style: black](https://img.shields.io/badge/code%20style-black-black)](https://github.com/psf/black)
[![PyPI version](https://badge.fury.io/py/urh.svg)](https://badge.fury.io/py/urh)
[![Packaging status](https://repology.org/badge/tiny-repos/urh.svg)](https://repology.org/project/urh/versions)
[![Blackhat Arsenal 2017](https://rawgit.com/toolswatch/badges/master/arsenal/usa/2017.svg)](http://www.toolswatch.org/2017/06/the-black-hat-arsenal-usa-2017-phenomenal-line-up-announced/)
[![Blackhat Arsenal 2018](https://rawgit.com/toolswatch/badges/master/arsenal/europe/2018.svg)](http://www.toolswatch.org/2018/09/black-hat-arsenal-europe-2018-lineup-announced/)The Universal Radio Hacker (URH) is a complete suite for wireless protocol investigation with native support for [many](https://github.com/jopohl/urh/wiki/Supported-devices) common __Software Defined Radios__.
URH allows __easy demodulation__ of signals combined with an [automatic](https://dl.acm.org/doi/10.1145/3375894.3375896) detection of modulation parameters making it a breeze to identify the bits and bytes that fly over the air.
As data often gets _encoded_ before transmission, URH offers __customizable decodings__ to crack even sophisticated encodings like CC1101 data whitening.
When it comes to __protocol reverse-engineering__, URH is helpful in two ways. You can either manually assign protocol fields and message types or let URH __automatically infer protocol fields__ with a [rule-based intelligence](https://www.usenix.org/conference/woot19/presentation/pohl).
Finally, URH entails a __fuzzing component__ aimed at stateless protocols and a __simulation environment__ for stateful attacks.### Getting started
In order to get started
- view the [installation instructions](#Installation) on this page,
- download the [official userguide (PDF)](https://github.com/jopohl/urh/releases/download/v2.0.0/userguide.pdf),
- watch the [demonstration videos (YouTube)](https://www.youtube.com/watch?v=kuubkTDAxwA&index=1&list=PLlKjreY6G-1EKKBs9sucMdk8PwzcFuIPB),
- check out the [wiki](https://github.com/jopohl/urh/wiki) for more information such as supported devices or
- read some [articles about URH](#Articles) for inspiration.If you like URH, please :star: this repository and [join our Slack channel](https://join.slack.com/t/stralsundsecurity/shared_invite/enQtMjEwOTIxNzMzODc3LTk3NmE4MGVjYjEyYTMzYTdmN2RlNzUzYzg0NTNjNTQ2ODBkMzI3MDZlOWY3MjE4YjBkNTM4ZjJlNTJlZmJhNDg). We appreciate your support!
### Citing URH
We encourage researchers working with URH to cite [this](https://www.usenix.org/conference/woot18/presentation/pohl) WOOT'18 paper or directly use the following BibTeX entry.
URH BibTeX entry for your research paper
```bibtex
@inproceedings {220562,
author = {Johannes Pohl and Andreas Noack},
title = {Universal Radio Hacker: A Suite for Analyzing and Attacking Stateful Wireless Protocols},
booktitle = {12th {USENIX} Workshop on Offensive Technologies ({WOOT} 18)},
year = {2018},
address = {Baltimore, MD},
url = {https://www.usenix.org/conference/woot18/presentation/pohl},
publisher = {{USENIX} Association},
}
```
## Installation
URH runs on Windows, Linux and macOS. See below for OS specific installation instructions.### Windows
On Windows, URH can be installed with its [Installer](https://github.com/jopohl/urh/releases). No further dependencies are required.
If you get an error about missing ```api-ms-win-crt-runtime-l1-1-0.dll```, run Windows Update or directly install [KB2999226](https://support.microsoft.com/en-us/help/2999226/update-for-universal-c-runtime-in-windows).### Linux
#### Installation with pipx
URH is available on [PyPi](https://pypi.org/project/urh/) so you can install it, for example, with [pipx](https://pypa.github.io/pipx/):
```bash
pipx install urh
```
This is the recommended way to install URH on Linux because it comes with __all native extensions__ precompiled.In order to access your SDR as non-root user, install the according __udev rules__. You can find them [in the wiki](https://github.com/jopohl/urh/wiki/SDR-udev-rules).
#### Install via Package Manager
URH is included in the repositories of many linux distributions such as __Arch Linux__, __Gentoo__, __Fedora__, __openSUSE__ or __NixOS__. There is also a package for __FreeBSD__. If available, simply use your package manager to install URH.__Note__: For native support, you must install the according ```-dev``` package(s) of your SDR(s) such as ```hackrf-dev``` __before__ installing URH.
#### Docker Images
The official URH docker image is available [here](https://hub.docker.com/r/jopohl/urh/). It has all native backends included and ready to operate.### macOS
#### Using DMGIt is recommended to use __at least macOS 12__ when using the DMG available [here](https://github.com/jopohl/urh/releases).
#### With brew
URH is available as a [homebrew formula](https://formulae.brew.sh/formula/urh) so you can install it with
```commandline
brew install urh
```### Running from source (OS-agnostic)
#### Without installationTo execute the Universal Radio Hacker without installation, just run:
```commandline
git clone https://github.com/jopohl/urh/
cd urh/src/urh
./main.py
```Note, before first usage the C++ extensions will be built.
#### Installing from source
To install URH from source you need to have ```python-setuptools``` installed. You can get them with ```python3 -m pip install setuptools```.
Once the setuptools are installed execute:
```commandline
git clone https://github.com/jopohl/urh/
cd urh
python setup.py install
```And start the application by typing ```urh``` in a terminal.
## Articles
### Hacking stuff with URH
* [Hacking Burger Pagers](https://www.rtl-sdr.com/using-a-hackrf-to-reverse-engineer-and-control-restaurant-pagers/)
* [Reverse-engineer and Clone a Remote Control](https://www.rtl-sdr.com/video-tutorial-using-universal-radio-hacker-an-rtl-sdr-and-a-microcontroller-to-clone-433-mhz-remotes/)
* [Reverse-engineering Weather Station RF Signals](https://www.rtl-sdr.com/tag/universal-radio-hacker/)
* [Reverse-engineering Wireless Blinds](https://www.rtl-sdr.com/reverse-engineering-wireless-blinds-with-an-rtl-sdr-and-controlling-them-with-amazon-alexa/)
* [Attacking Logitech Wireless Presenters (German Article)](https://www.heise.de/security/meldung/Wireless-Presenter-von-Logitech-und-Inateck-anfaellig-fuer-Angriffe-ueber-Funk-4439795.html)
* [Attacking Wireless Keyboards](https://threatpost.com/fujitsu-wireless-keyboard-unpatched-flaws/149477/)
* [Reverse-engineering a 433MHz Remote-controlled Power Socket for use with Arduino](http://www.ignorantofthings.com/2018/11/reverse-engineering-433mhz-remote.html)### General presentations and tutorials on URH
* [Hackaday Article](https://hackaday.com/2017/02/23/universal-radio-hacker/)
* [RTL-SDR.com Article](https://www.rtl-sdr.com/reverse-engineering-signals-universal-radio-hacker-software/)
* [Short Tutorial on URH with LimeSDR Mini](https://www.crowdsupply.com/lime-micro/limesdr-mini/updates/investigating-wireless-protocols-with-universal-radio-hacker)
* [Brute-forcing a RF Device: a Step-by-step Guide](https://pandwarf.com/news/brute-forcing-a-new-device-a-step-by-step-guide/)
* [Hacking wireless sockets like a NOOB](https://olof-astrand.medium.com/hacking-wireless-sockets-like-a-noob-b57d4b4812d5)## External decodings
See [wiki](https://github.com/jopohl/urh/wiki/External-decodings) for a list of external decodings provided by our community! Thanks for that!## Screenshots
### Get the data out of raw signals
![Interpretation phase](http://i.imgur.com/Wy17Zv3.png)### Keep an overview even on complex protocols
![Analysis phase](http://i.imgur.com/ubAL3pE.png)### Record and send signals
![Record](http://i.imgur.com/BfQpg23.png)