Monday, 26 May 2014

Messing with 433MHz equipment

We all know and love wireless devices. For example wireless doorbells. They seem so cool yet mysterious. How do they work?

Wireless doorbells:

They come with a receiver and the transmitter that you stick near your front door. Simple! They are wireless, so they use ISM bands. Most commonly the 433 MHz range. So when you press your door bell button the bell rings. The transmitter sends data out and the doorbell responds via sound – Simple!


This is the first time when I used GNU Radio. I knew that these doorbells probably send data out with AM/OOK modulation. That was confirmed later on.

I made a quick GNURadio program to decode and record necessary signals.

I connected the rtl-sdr, pressed execute and started smashing the doorbell button. And what do you know, it works.

This was the output.


You can clearly see the repeating patterns.

Later on I created a different flow graph so could record these signals.



And then viewing them with Audacity.


I used Audacity because it works better when trying to measure timings.


Now comes the hard part. How to I send data out? These send and receive dongles for Arduino cost under 5 euros on EBay. But I wanted to build my own transmitter. No need for something powerful, it needs to work.

I found this schematic:


When collecting parts if found a wireless motion detector.


You know these things typically in buildings. Only mine was wireless. And what do you know it sends data out at 433 MHz so I popped the cover off and seemed to hit jackpot. The transmitting unit is right there no need to build my own. The transmitter has a name – Jablotron TX-3. Quick search led to results:


Whipped out my multimeter and quickly found the pinout. Nothing special data, power and ground. Sometimes Mr. Murphy sleeps or something.

I strapped it to my Arduino Nano and started creating a code that transmits right doorbell data.

Easier said than done in my case. I found like libraries dedicating to 433 transmitting but they did now work in my case because I wasn’t able to change timings or anything. So I started poking more and more. I put together some code from multiple places. So couple of hours later I was ready to test this out. This is my first Arduino project.

With Audacity I was able to measure timings. So I used all the gathered data and started writing it into a code. Uploaded it to my Arduino and the doorbell started ringing! Magic

Code source: HERE.

I also tried mimicking weather sensor data. Recorded the transmission. Analyzed it and then played it back. And Bob’s your uncle!

This applies to large amount of devices.


And here is a video:
Sorry for the shaky footage did not plan to upload this.