ESP32 / ESP8266, RFM69, CC1101, nrf24l01 for RF analysis

Homeautomation, ISM, OOK, FSK, RF, Sensors and Websockets

Having an ESP32, ST7735 LCD and RFM69HW inside a NES Controller

June 11, 2017 ESP NES Controller 5

 

The following repositories were used for this project. Please notice that these are still under development. Use at your own risk!

GitHub (C/C++):

 

At some point a was using the Texas Instrument CC1101 RF module with the ESP8266 which gave me some results after using the SmartRF04EB debugging device in combination with the TI smartRF Studio 7. Turns out that this device seems to be quite powerfull, but it was too much of a hassle to catch simple OOK pattern or even send one without preamble. The SmartRF Sniffer does not work with the cheap debugger and other hardware was needed which were 70$ at minimum. Although I know everybody is doing it with their CUL sticks. Maybe someone can tell me how to…

But ESP8266’s SPI works with the CC1101 and nrf24l01.

ESP8266 with a CC1101 and nrf24l01

ESP8266 with a CC1101 and nrf24l01

 

Anyways, I am planning on pulling out the RX/TX and SPI via pin headers so we can connect devices like the CC1101 (433 MHz / 868 MHz / 915 MHz) or nrf24l01 (2.4 GHz) more easily. After I got to know about the RFM69(HW) which is surprisingly small I tested the RFMOOK lib. From there on I knew this was my preferred device. It was possible to receive and save OOK signals from most of my ISM devices and resend them.

 

Prototyping the Sparkfun ESP32 Thing

Using 2mm pin headers for the RFM69

 

Next task was the LCD color display which can be found on ebay (ILI9163C/ST7735) for about 7$. For this you need to use sumotoy’s TFT_ILI9163C Prerelease lib which was originaly ported to the ESP8266 but can also be used for the ESP32. At this point it is not using the ultra fast mode (_ESP8266_SPIFAST) because of some ESP8266 dependencies which can probably be solved easily. But for now this is enough for a simple menu and some colored sensor output.

 

Assembling ST7735 LCD and NES Keypad

 

After hooking up the RFM69 and the LCDisplay to the ESP32 everthing seems to be working both sharing the SPI. Luckily the ESP32 has plenty of GPIOs so you can connect all NES controller buttons to the board without having to use a multiplexer board. I hereby confirm that there must be people with better soldering skills.

 

Assembling alle the parts, Sparkfun ESP32, ST7735 LCD, RFM69HW

Assembling alle the parts, Sparkfun ESP32, ST7735 LCD, RFM69HW

Thinking of some good spot for the battery from an old Samsung Phone

 

Finally I added an IPX antenna to get a good reception. My first ISM 433 MHz pattern recognition test programm was able to receive almost all signals. After some tweeking with the package size, bandwidth and threshold most signals could be recorded and replayed. But it still needs adjustment to get it more versatile on different devices.

 

Testing the ESP32 / RFM69 433 MHz OOK pattern detection

Testing the ESP32 / RFM69 433 MHz OOK pattern detection

 

I plan to improve the saving of the OOK or FSK patterns and make an appropriate UX or menu and make some more persistance in the ESP’s NVS as soon as it will be available for the Arduino core. Someone pushed this on Github.

 

Sending a saved ESP32 / RFM69 433 MHz OOK pattern to turn on a light

Sending a saved ESP32 / RFM69 433 MHz OOK pattern to turn on a light

 

  • Next stop FSK or Encryption
  • And some other Frequencies. In Europe it is mostly 433MHz
  • Broader support for devices (better automatic package/amplitude size detection
  • Fully remote RF analysis/exploits with Websockets over Wifi or SIM800l and Webinterface

 

 

 

5 Responses

  1. […] If you wanted to name a few things that hackers love, you couldn’t go wrong by listing off vintage console controllers, the ESP system-on-chip platform, and pocket tools for signal capture and analysis. Combine all of these, and you get the ESP32Thang. […]

  2. home page says:

    I do trust all of the ideas you’ve presented for your post. They are really convincing and will definitely work. Still, the posts are too quick for newbies. Could you please extend them a little from next time? Thanks for the post.

    • Breadboard says:

      Think you are right. I was trying to find the most important pieces first at the time I was creating those posts. I will consider breaking some of the stuff appart or to give more details next time.

      But still this is a prototype, I need to test that the setup and design is outdoor/user/bug proof.

  3. What’s up,I log on to your blog named “Having an ESP32, ST7735 LCD and RFM69HW inside a NES Controller – ESP32 / ESP8266, RFM69, CC1101, nrf24l01 for RF analysis” on a regular basis.Your story-telling style is witty, keep doing what you’re doing! And you can look our website about powerful love spells.

  4. Arleen04 says:

    I think your blog needs some fresh posts. Writing manually takes a lot of time, but there is tool for this time consuming task, search for: Ssundee advices unlimited content for any blog

Leave a Reply

Your email address will not be published. Required fields are marked *