CatSniffer is an innovative, multi-protocol, multi-band circuit board for sniffing, communicating, and attacking IoT (Internet of Things) devices. It was designed as a highly portable USB stick that integrates TI CC1352, Semtech SX1262, and Microchip SAMD21E17 (V1.x and V2.x)/RP2040 (V3.x).
This board is a swiss army knife for IoT security researchers, developers, and enthusiasts. The board can be used with different types of software including third-party sniffers such as SmartRF Packet Sniffer, Sniffle, zigbee2mqtt, Z-Stack-firmware, Ubiqua Protocol Analyzer, our custom firmware, or you can even write your own software for your specific needs.
CatSniffer can operate in 3 different frequencies:
- LoRa
- Sub 1 GHz
- 2.4 GHz
This work was inspired by our friend’s work Michael Ossmann as a tribute to his outstanding job in Greatscott Gadgets, making devices like the YardStick, GreatFET, HackRF, and Ubertooth.
Protocols
Catsniffer 1.x and 2.x
- Thread
- Zigbee
- Bluetooth 5 Low Energy (BLE)
- IEEE 802.15.4g
- 6LoWPAN (IPv6 over Low power Wireless Personal Area Networks)
- Sub 1Ghz and patented systems
- LoRa/LoRaWAN
Catsniffer 3.x
- Thread
- Zigbee
- Bluetooth 5 Low Energy (BLE)
- IEEE 802.15.4g
- 6LoWPAN (IPv6 over Low power Wireless Personal Area Networks)
- Sub 1Ghz and patented systems
- LoRa/LoRaWAN
- Wi-SUN
- Amazon Sidewalk
- mioty®
Antena Support
- Catsniffer 1.x and 2.x: 868/915 MHz up to 14 dBm, 2.4 GHz up to 20 dBm
- Catsniffer 3.x: 433 MHz up to 13 dBm, 2.4 GHz up to 10 dBm
Features
- “The SimpleLink™ CC1352P1F3RGZ device is a multiprotocol and multi-band Sub-1 GHz and 2.4-GHz wireless microcontroller (MCU) supporting Thread, Zigbee®, Bluetooth® 5.2 Low Energy, IEEE 802.15.4g, IPv6-enabled smart objects (6LoWPAN), MIOTY®, Wi-SUN®, proprietary systems”.
- CatSniffer uses Microchip SAMD21E17 (V2 or previous) and RP2040 (V3 or later) as a USB-UART bridge to communicate with the CC1352 chip; it’s not necessary for a manual driver installation (exceptions could exist).
- Compatible OS: Windows and Linux.
- Auto program through the bootloader from TI CC (as long as it’s not disabled in the code). No need for an external programmer, and it can be debugged with cJTAG through the default pin.
- Antenna SMA port for an Antenna of your choice.
- LEDs of general-purpose.
- Reset button for RP2040, SAMD21 & CC1352, Boot of CC1352, and one more for general purpose.
Compatible Software
- TI PACKET-SNIFFER-2 v1.8
- Flash Programmer 2 and Uniflash from TI
- zigbee2mqtt
- Z-Stack-firmware
- Sniffle 1.6
- Ubiqua Protocol Analyzer
Pre-requisites for building firmware
- CCS version: The packet sniffer firmware has been tested with CCS 10.2
- SimpleLink CC13x2 and CC26x2 SDK
- Python 3
Note
This kit is designed to allow Product developers to evaluate electronic components, circuit, or software associated with the kit to determine whether to incorporate such items in a finished product and Software developers to write software applications for use with the end product. This kit is a developer product and when assembled may not be resold or otherwise marketed unless all required FCC (or any other local authority) equipment authorizations are first obtained. Operation is subject to the condition that this product not cause harmful interference to licensed radio stations and that this product accept harmful interference.
Paulino Calderon
Muy util