The Universal Radio Hacker (URH) is a complete suite for wireless protocol investigation with native support for many common Software Defined Radios. URH allows easy demodulation of signals combined with an automatic detection of modulation parameters making it a breeze to identify the bits and bytes that fly over the air. As data often gets encoded before transmission, URH offers customizable decodings to crack even sophisticated encodings like CC1101 data whitening. When it comes to protocol reverse-engineering, URH is helpful in two ways. You can either manually assign protocol fields and message types or let URH automatically infer protocol fields with a rule-based intelligence. Finally, URH entails a fuzzing component aimed at stateless protocols and a simulation environment for stateful attacks.
In order to get started
- view the installation instructions on this page,
- download the official userguide (PDF),
- watch the demonstration videos (YouTube),
- check out the wiki for more information such as supported devices or
- read some articles about URH for inspiration.
If you like URH, please โญ this repository and join our Slack channel. We appreciate your support!
We encourage researchers working with URH to cite this WOOT'18 paper or directly use the following BibTeX entry.
URH BibTeX entry for your research paper
@inproceedings {220562,
author = {Johannes Pohl and Andreas Noack},
title = {Universal Radio Hacker: A Suite for Analyzing and Attacking Stateful Wireless Protocols},
booktitle = {12th {USENIX} Workshop on Offensive Technologies ({WOOT} 18)},
year = {2018},
address = {Baltimore, MD},
url = {https://www.usenix.org/conference/woot18/presentation/pohl},
publisher = {{USENIX} Association},
}URH runs on Windows, Linux and macOS. See below for OS specific installation instructions.
On Windows, URH can be installed with its Installer. No further dependencies are required.
If you get an error about missing api-ms-win-crt-runtime-l1-1-0.dll, run Windows Update or directly install KB2999226.
URH is available on PyPi so you can install it, for example, with pipx:
pipx install urhThis is the recommended way to install URH on Linux because it comes with all native extensions precompiled.
In order to access your SDR as non-root user, install the according udev rules. You can find them in the wiki.
URH is included in the repositories of many linux distributions such as Arch Linux, Gentoo, Fedora, openSUSE or NixOS. There is also a package for FreeBSD. If available, simply use your package manager to install URH.
Note: For native support, you must install the according -dev package(s) of your SDR(s) such as hackrf-dev before installing URH.
The official URH docker image is available here. It has all native backends included and ready to operate.
It is recommended to use at least macOS 12 when using the DMG available here.
URH is available as a homebrew formula so you can install it with
brew install urh
To execute the Universal Radio Hacker without installation, just run:
git clone https://github.com/jopohl/urh/
cd urh/src/urh
./main.py
Note, before first usage the C++ extensions will be built.
To install URH from source you need to have python-setuptools installed. You can get them with python3 -m pip install setuptools.
Once the setuptools are installed execute:
git clone https://github.com/jopohl/urh/
cd urh
python setup.py install
And start the application by typing urh in a terminal.
- Hacking Burger Pagers
- Reverse-engineer and Clone a Remote Control
- Reverse-engineering Weather Station RF Signals
- Reverse-engineering Wireless Blinds
- Attacking Logitech Wireless Presenters (German Article)
- Attacking Wireless Keyboards
- Reverse-engineering a 433MHz Remote-controlled Power Socket for use with Arduino
- Hackaday Article
- RTL-SDR.com Article
- Short Tutorial on URH with LimeSDR Mini
- Brute-forcing a RF Device: a Step-by-step Guide
- Hacking wireless sockets like a NOOB
See wiki for a list of external decodings provided by our community! Thanks for that!
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent