Brute forcing princeton 24 bits
433mhz is it possible ? And how ? 🤔

since the subghz menu now supports external cc1101 boards (and quite well thanks) respectfully id ask that this application does as well for hse and testing with external resonant antennas on a given frequency

thanks

v3.9.5 (2023-12-19)

Full Changelog

Implemented enhancements:

• Update codeql.yml and disable on push events #57 (derskythe)
• Modify GitHub workflow to generate releases #53 (derskythe)
• Why it say Preload failed API version mismatch? Pls help! I'm using latest release here. #21

Fixed bugs:

• fix: Improve formatting of subbrute_protocol_calc_max_value declaration #58 (derskythe)
• fix: invalid calls #45 (derskythe)
• fix: matrix building #44 (derskythe)
• fix: animation in attack mode #43 (derskythe)
• Chamberlain 8 bit code drops bit 3 #2

Merged pull requests:

• Merge pull request #51 from DarkFlippers/master #59] (derskythe)
• docs: Add extensive documentation in code comments #56 (derskythe)
• Sync #51 (derskythe)
• Add workflow to automatically close stale issues and PRs #54 (derskythe)
• CI/CD fixes #52 (derskythe)
• Update CHANGELOG.md #48 (derskythe)
• Feat/ci changelog #46 (derskythe)
• Minor fixes #40 (gid9798)
• Update docs #39 (derskythe)
• Feat/save settings #38 (derskythe)
• Feat/codeql #37 (derskythe)
• Create codeql.yml #36 (derskythe)
• Sync from master #35 (derskythe)
• Sync #27 (derskythe)
• Sync branch #24 (derskythe)
• Sync working tree #11 (derskythe)

Closed issues:

• setting file #42
• Not able to change the number of repetitions per code sent #7

I'm at my wit's end. Attempting to build this application with fbt fails due to the nonexistence of subghz_bruteforcer_icons.h.

In helpers/gui_top_button.c: #include <subghz_bruteforcer_icons.h>

In subbrute_i.h: #include <subghz_bruteforcer_icons.h>

I cannot find this file anywhere - I have searched through all Flipper Zero firmware, possibly relevant GitHub repositories, and anywhere else on the Internet I could crawl through. Where on earth is this file?

An 8 bit code should have 8 bits encoded in the message. However the 8 bit chamberlain code has only 7 bits encoded. Bit 3 is dropped.

When recording a message for 0/255, it is exactly the same as 4/255.

What's more, 9bit and 7bit encoded messages have 11 symbols each. But the 8 bit encoded messages have only 10 symbols.

I believe the correct encoding is as such:

Symbols:
0  -  0111
1  -  0011
S  -  0001

9bit: S D8 D7 D6 D5 D4 D3 D2 D1 D0 S

Probably either of those:
8bit: S D7 D6 D5 D4 D3 D2  S D1 D0 S
8bit: S D7 D6 D5 D4 D3 D2 D1  S D0 S

7bit: S D6 D5 D4 D3 D2 D1  S  S D0 S

However currently the encoding is as such

9bit: S D8 D7 D6 D5 D4 D3 D2 D1 D0 S
8bit:    S D7 D6 D5 D4 D3  S D1 D0 S, D2 dropped from output
7bit: S D6 D5 D4 D3 D2 D1  S  S D0 S

Is it possible to do this for 64 bit?

Hi Flippers,
I'm getting a NULL pointer exception when I try to save a key from BF from an existing dump. Please check the video. In this case I'm using NICE 12 433 as a starting dump file:

Filetype: Flipper SubGhz Key File
Version: 1
Frequency: 433920000
Preset: FuriHalSubGhzPresetOok650Async
Protocol: Nice FLO
Bit: 12
Key: 00 00 00 00 00 00 0A 6F

FW: unlshd-066e
APP: v3.9.X subghz_bruteforcer.fap.zip

Hi,
congrats for the great work.
Just tried the bruteforce 3.6 version on my garage door
I copied the remote normally it's using static code. it shows holtek 12 AM 433 code 0x556.
Then tried your bruteforce app on unleashed latest version and chosed holtek 12 am 433 ran all the sequence and the door didnt open .

Add 318 MHz to 9-bit (Chamberlain and/or Linear -- I think either would work). In the USA, most of the 9-bit gate/garage opener/remotes use 318 MHz.

Thanks.

Hi, as user I want to change the number or times every code is sent. How can I change the 3x times it is repeated?
Would be possible to add the command list to the MD of this repo?

I am trying to add support for a new protocol used by my garage gate.
Flipper identifies the code as: Phoenix_V2 52bit 433.92AM
I dont know anything about the protocol other than that.
I am duplicating an existing SubBruteProtocol struct and updating the different files but I dont understand the meaning of "te" and of "repeat" fields in the struct.

Hello. From the last version, the subghz-brutforcer.setting file is saved in the root without the dot in front, so it is visible. It would be better to hide it and move it in the .config directory ins't it?
Thank u for the huge and continue work!!

Would it be doable?
868,3/433.92 MHz
Different remotes:
HS 1
HS 4
HSM 4
HSE 2
HSP 4
HSD2

Hello,

Is it possible to add support for PMA7105?

Links:

• https://www.digikey.com/en/products/detail/rochester-electronics-llc/PMA7105/12127669
• https://eu.mouser.com/datasheet/2/196/PMA71xx_PMA51xx_Function_Library_Guide_V1_5-2322507.pdf

I have the key and I can provide with saved dumps.

Thanks!

Hello, in France the "Doitrand" brand is very present, would it be possible to add this protocol to the application? :)
Also could you add restaurant pager bruteforce as well ?