Blog

FISSURE: The RF Framework for Everyone

Chris Poore, FISSURE Lead

FISSURE, an open-source radio frequency (RF) and reverse engineering framework designed for all skill levels, was officially off the ground in August this year. I’ve been working on RF projects my entire career, constantly jumping around to different technologies with each project. I created FISSURE to consolidate all things RF: software modules, radios, protocols, signal data, scripts, flowgraphs, reference material and third-party tools.

Since its launch, FISSURE has been gaining a lot of traction and I recently presented at DEF CON Demo Labs and GNU Radio Conference (GRCon). It has been great to see the positive feedback from the community and I’m excited to focus on improving the existing software (bugs, cleaning the code, testing more SDRs, etc.) and expanding base capabilities that will round out the framework and allow for task automation and the introduction of machine learning techniques.  

RF HACKING HACK CHAT – Wednesday, October 12

On Wednesday, October 12 at noon PST, I will be dropping in the RF Hacking Hack Chat. Join in to talk about RF reverse engineering in general and FISSURE in particular. Come with your RF hacking and reverse engineering questions and war stories!

More About FISSURE

FISSURE has hooks for signal detection and classification, protocol discovery, attack execution, IQ manipulation, vulnerability analysis, automation and AI/ML. The framework supports the rapid integration of out-of-tree modules, flow graphs, radios, protocols, signal data, scripts, reference material and third-party tools. FISSURE is a workflow enabler that keeps software in one location and allows teams to effortlessly get up to speed while sharing the same proven baseline configuration for specific Linux distributions.

The framework and tools included with FISSURE are designed to detect the presence of RF energy, understand the characteristics of a signal, collect and analyze samples, develop transmit and/or injection techniques and craft custom payloads or messages. GNU Radio flow graphs are included as standalone solutions or manipulated before or during runtime for the purposes of signal detection, demodulation, protocol discovery, live inspection, IQ recording and playback, single-stage attacks, multi-stage attacks, fuzzing and replaying online signal archive playlists.

The friendly Python codebase and user interface allows beginners to quickly learn about popular tools and techniques involving RF and reverse engineering. Educators in cybersecurity and engineering can take advantage of the built-in material or utilize the framework to demonstrate their own real-world applications. Developers and researchers can use FISSURE for their daily tasks or to expose their cutting-edge solutions to a wider audience. As awareness and usage of FISSURE grows in the community, so will the extent of its capabilities and the breadth of the technology it encompasses.

The major components for FISSURE are written in Python/PyQt and communicate over an IP network to a central hub using ZeroMQ. Each component has a direct connection to the hub but can also have an unlimited number of one-to-many connections to broadcast status messages to other components. Any number of custom components can be added to the framework as long as the inputs/outputs are clearly defined in YAML and adhere to a simple message schema that allows for input sanitization and error handling. The highlights for the components are as follows:

  • The Central Hub receives commands from the User Dashboard to distribute to other components, manages automation and editing of the main library – which contains RF protocol information, script and flow graph mappings and observation data.
  • The Target Signal Identification (TSI) component runs four subcomponents: a detector, a signal conditioner, a feature extractor and a classifier. The purpose of the TSI component is to detect signals of interest, isolate and condition signals for detailed analysis, extract signal characteristics for protocol and/or emitter classification and apply user-specified AI/ML classification techniques.
  • The Protocol Discovery component is responsible for identifying and reversing RF protocols to help extract meaningful data from unknown signals. It is designed to: accept signal of interest information, iterate flow graphs to perform recursive demodulation techniques, deduce protocol methods, assign confidence levels, analyze a bitstream, calculate CRC polynomials and create custom Wireshark dissectors.
  • The Flow Graph/Script Executor component runs flow graphs or Python scripts to perform single-stage attacks, multi-stage attacks, fuzzing attacks, IQ recording and playback, live signal inspection/analysis and transmit playlists of signal data constructed with files downloaded from an online archive.
  • The User Dashboard is the means for the operator to configure FISSURE and communicate with and view information from the other components. It offers several other features that do not require their own dedicated component including:
    • A packet crafter for protocols found the FISSURE library. It includes Scapy integration for transmitting different types of 802.11 packets while in monitor mode.
    • Library utilities for browsing; searching; uploading images; adding/removing modulation types, packet types, signals of interest, statistics, demodulation flow graphs, and attacks.
    • Menu items for launching standalone GNU Radio flow graphs.
    • Third-party and online tools as menu items organized by protocol or application.
    • Lessons and tutorials for interacting with various RF protocols.
    • Help pages for operation and development, protocol reference material, calculators and hardware instructions.
    • Buttons for: assigning RF-enabled hardware to individual components (USRP: X3xx, B2xx, B20xmini, USRP2, N2xx; HackRF; RTL2832U; 802.11 Adapters; LimeSDR; bladeRF, bladeRF 2.0 micro; Open Sniffer; PlutoSDR); probing the hardware for diagnostics; and automatically acquiring IP address, daughterboard and serial number information.

See what others are saying about FISSURE:

FISSURE gets its power from the contributions of programmers in the open-source, cybersecurity and engineering communities. If you would like to help contribute towards its success, consider starring the project on GitHub, joining the Discord server and following on Twitter.

Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from - Youtube
Vimeo
Consent to display content from - Vimeo
Google Maps
Consent to display content from - Google
Spotify
Consent to display content from - Spotify
Sound Cloud
Consent to display content from - Sound