jopohl / urh

Universal Radio Hacker: Investigate Wireless Protocols Like A Boss
GNU General Public License v3.0
11.01k stars 877 forks source link
airspy bladerf hacking hackrf iot limesdr python qt radio rtl-sdr sdr sdrplay security usrp wireless

URH image

CI Code style: black PyPI version Packaging status Blackhat Arsenal 2017 Blackhat Arsenal 2018

The Universal Radio Hacker (URH) is a complete suite for wireless protocol investigation with native support for many common Software Defined Radios. URH allows easy demodulation of signals combined with an automatic detection of modulation parameters making it a breeze to identify the bits and bytes that fly over the air. As data often gets encoded before transmission, URH offers customizable decodings to crack even sophisticated encodings like CC1101 data whitening. When it comes to protocol reverse-engineering, URH is helpful in two ways. You can either manually assign protocol fields and message types or let URH automatically infer protocol fields with a rule-based intelligence. Finally, URH entails a fuzzing component aimed at stateless protocols and a simulation environment for stateful attacks.

Getting started

In order to get started

If you like URH, please :star: this repository and join our Slack channel. We appreciate your support!

Citing URH

We encourage researchers working with URH to cite this WOOT'18 paper or directly use the following BibTeX entry.

URH BibTeX entry for your research paper ```bibtex @inproceedings {220562, author = {Johannes Pohl and Andreas Noack}, title = {Universal Radio Hacker: A Suite for Analyzing and Attacking Stateful Wireless Protocols}, booktitle = {12th {USENIX} Workshop on Offensive Technologies ({WOOT} 18)}, year = {2018}, address = {Baltimore, MD}, url = {https://www.usenix.org/conference/woot18/presentation/pohl}, publisher = {{USENIX} Association}, } ```

Installation

URH runs on Windows, Linux and macOS. See below for OS specific installation instructions.

Windows

On Windows, URH can be installed with its Installer. No further dependencies are required.

If you get an error about missing api-ms-win-crt-runtime-l1-1-0.dll, run Windows Update or directly install KB2999226.

Linux

Installation with pipx

URH is available on PyPi so you can install it, for example, with pipx:

pipx install urh

This is the recommended way to install URH on Linux because it comes with all native extensions precompiled.

In order to access your SDR as non-root user, install the according udev rules. You can find them in the wiki.

Install via Package Manager

URH is included in the repositories of many linux distributions such as Arch Linux, Gentoo, Fedora, openSUSE or NixOS. There is also a package for FreeBSD. If available, simply use your package manager to install URH.

Note: For native support, you must install the according -dev package(s) of your SDR(s) such as hackrf-dev before installing URH.

Docker Images

The official URH docker image is available here. It has all native backends included and ready to operate.

macOS

Using DMG

It is recommended to use at least macOS 12 when using the DMG available here.

With brew

URH is available as a homebrew formula so you can install it with

brew install urh

Running from source (OS-agnostic)

Without installation

To execute the Universal Radio Hacker without installation, just run:

git clone https://github.com/jopohl/urh/
cd urh/src/urh
./main.py

Note, before first usage the C++ extensions will be built.

Installing from source

To install URH from source you need to have python-setuptools installed. You can get them with python3 -m pip install setuptools. Once the setuptools are installed execute:

git clone https://github.com/jopohl/urh/
cd urh
python setup.py install

And start the application by typing urh in a terminal.

Articles

Hacking stuff with URH

General presentations and tutorials on URH

External decodings

See wiki for a list of external decodings provided by our community! Thanks for that!

Screenshots

Get the data out of raw signals

Interpretation phase

Keep an overview even on complex protocols

Analysis phase

Record and send signals

Record