Australia | Garage Door Opener

I’m currently in a place I’m renting and the openers are slowly dying from wear. I’d like to have my Flipper be a good backup for opening/closing the garage but I’m having trouble figuring out what the right frequency / modulation settings are.

I’m hoping someone recognizes these models of openers to bypass having to brute force finding the frequency / modulation but will report back if this is still needed.

I think I got a few good RAW samples that I’m attaching below:

Raw_signal_2.sub (5.3 KB)
Raw_signal_5.sub (18.7 KB)
Raw_signal_4.sub (25.8 KB)
Raw_signal_3.sub (28.2 KB)



Do any of the posted captured files work when you do replay them ? I bet not as you stated that you are having trouble figuring out the correct frequency/modulation. If the files do not work when replayed most likely they will be of no use to the flipper team as well. You need working files so that the protocol can be analyzed/parsed if it’s not something already known …

It would help if you could post the markings on the chip that is covered with the transparent lid on the 2nd photo you posted. SDR will help you out. Also you can try the frequency analyzer on flipper but you need to have relevant frequency added to the settings file … So faster and simple method would be to use SDR to figure out the correct frequency and modulation first.

“Sotware Defined Radio”?

Is this another thing built into the Flipper? Or this would be another device that I’d need to use to listen to the frequencies being emitted by the device?

In the meantime, I’ll try to pry some plastic off.

Okay - so definitely lots of information online here when looking for PTX-5 v1.01:

Frequency | 433.92 MHz
Coding Type: Rolling

Given the the code itself is rolling which I take to mean ‘dynamic’ from the Flipper docs, this means that there is a ‘seed’ or maybe ‘fix’ in Sub-ghz lingo that is being used to then derive the key that is sent. This means that I could read and the resubmit the observed key but my flipper wouldn’t be able to determine the next key after hopping, right?

RTL SDR - About RTL-SDR This will help to find out exact frequency, modulation and deviation of your signal. When you find that out you can try to use flipper to exploit your rolling code system by replaying consecutive captures of the original remote and check if a re-sync attack is possible on your system or if rolling code is used at all …