Remote Control Globo LED Light
I recently stumbled upon a LED Light with a remote control using 433MHz. Somewhat like this one.
As I knew from the past, 433MHz devices do not have a lot of security if they have some at all. So I decided to turn it into a Wake-up-Light using a RaspberryPi by replaying signals.
Viewing the spectrum (using a RTL-SDR) proved it to use the same protocol I saw with some Intertechno AC-Plugs (featuring the same security: None). I figured that there might already by a simple software to handle this and found 433Utils. As I needed to get a sender anyway, I also got a receiver.
To install 433Utils (which uses RCSwitch):
cd ~/
git clone git://git.drogon.net/wiringPi
cd wiringPi
./build
cd ~/
git clone –recursive git://github.com/ninjablocks/433Utils.git
cd 433Utils/RPi_utils
make
Now I could just see the commands from the remote with ./RFSniffer (uses WiringPI 2 -> Pin 13). I recorded all Keys:
| Key | Code |
|---|---|
| Aus | xxxxx611 |
| An | xxxxx755 |
| Warm | xxxxx800 |
| Cold | xxxxx608 |
| Dunkler | xxxxx620 |
| Heller | xxxxx572 |
and then tried to replay them using
./codesend xxxxx755 (uses WiringPI 0 -> Pin 11)
Now my Lamp did not respond. But RFSniffer still picked it up. Looking througt the code I had to realize that RCSwitch tries to decode a few variants but RFSniffer does only print the decoded value without further information about the protocol at play. I changed that:
/*
original: https://github.com/ninjablocks/433Utils/blob/master/RPi_utils/RFSniffer.cpp
just chaged the last print
*/
#include "../rc-switch/RCSwitch.h"
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
RCSwitch mySwitch;
int main(int argc, char *argv[]) {
// This pin is not the first pin on the RPi GPIO header!
// Consult https://projects.drogon.net/raspberry-pi/wiringpi/pins/
// for more information.
int PIN = 2;
if(wiringPiSetup() == -1) {
printf("wiringPiSetup failed, exiting...");
return 0;
}
int pulseLength = 0;
if (argv[1] != NULL) pulseLength = atoi(argv[1]);
mySwitch = RCSwitch();
if (pulseLength != 0) mySwitch.setPulseLength(pulseLength);
mySwitch.enableReceive(PIN); // Receiver on interrupt 0 => that is pin #2
while(1) {
if (mySwitch.available()) {
int value = mySwitch.getReceivedValue();
if (value == 0) {
printf("Unknown encoding\n");
} else {
printf("Received %i %i %i len: %i\n", mySwitch.getReceivedValue(),
mySwitch.getReceivedProtocol(),
mySwitch.getReceivedDelay(),
mySwitch.getReceivedBitlength() );
}
fflush(stdout);
mySwitch.resetAvailable();
}
usleep(100);
}
exit(0);
}
Now I was able to see the difference between condesend and my remote. The showed parameters where not exactly stable but good enough.
pi@raspberrypi:~/433Utils/RPi_utils $ ./codesend xxxxx755
sending code[xxxxx755]
Received xxxxx755 1 353 len: 24
Received xxxxx755 1 353 len: 24
pi@raspberrypi:~/433Utils/RPi_utils $
pi@raspberrypi:~/433Utils/RPi_utils $ Received xxxxx755 1 248 len: 24
Received xxxxx611 1 248 len: 24
Received xxxxx611 1 249 len: 24
pi@raspberrypi:~/433Utils/RPi_utils $ ./codesend xxxxx755 1 248
sending code[xxxxx755]
Received xxxxx755 5 555 len: 24
Received xxxxx755 5 556 len: 24
Received xxxxx755 5 557 len: 24
pi@raspberrypi:~/433Utils/RPi_utils $ ./codesend xxxxx611 1 248
sending code[xxxxx611]
Received xxxxx611 5 555 len: 24
Received xxxxx611 5 553 len: 24
Received xxxxx611 1 251 len: 24