YARD Stick One [Great Scott Gadgets]


YARD Stick One [Great Scott Gadgets]

Introduction: What is YARD Stick One?

YARD Stick One is a sub-1 GHz wireless transceiver, created by Mike Ossmann of Great Scott Gadgets, which can be controlled from your computer. It comes with pre-installed RFCat firmware which allows you to control the wireless transceiver from an interactive Python shell or your own program/script. In addition, you can develop your own firmware or upgrade RFCat since it’s open-source and comes with CC Bootloader pre-installed.

CC Bootloader is a simple USB bootloader for the CC1111 microcontroller. It allows the update of the microcontroller firmware over its USB port. It also supports reading and writing to the flash memory of the microcontroller. (Source: GitHub)

The bootloader consists of two components:
– a piece of firmware that is flashed onto the device and
– a python utility for downloading code and manipulating the flash memory.

Yard Stick One features strong RF performance across its operating frequency range. If you’re a security professional, researcher or pentester and interested in RF, you should also check out Ubertooth One and HackRF One.

YARD Stick One: Yet Another Radio Dongle [features, hardware specs, design]

YARD Stick One is capable of transmitting or receiving digital wireless signals at frequencies below 1 GHz.  It’s equipped with SMA connector for external antennas and antenna port, which is compatible with different accessories, including GoodFET-compatible expansion/programming header and GIMME-compatible programming test points.

  • half-duplex transmit and receive
  • operating frequencies [official]: 300-348 MHz, 391-464 MHz, and 782-928 MHz
  • operating frequencies [unofficial] : 281-361 MHz, 378-481 MHz, and 749-962 MHz
  • modulations: ASK, OOK, GFSK, 2-FSK, 4-FSK, MSK
  • data rates up to 500 kbps
  • Full-Speed USB 2.0

Features:

  • SMA connector for external antennas such as ANT500
  • Receive amplifier for improved sensitivity
  • Transmit amplifier for higher output power
  • Strong RF performance across the entire operating frequency range
  • Low pass filter for elimination of harmonics when operating in the 800 and 900 MHz bands
  • Antenna port power control for compatibility with antenna port
  • Accessories designed for HackRF One
  • GoodFET-compatible expansion and programming header
  • GIMME-compatible programming test points
Yard Stick One Bundle + Antenna
Note: YARD Stick One usually ships without an enclosure and antenna, but the recommended one is ANT500.

Hacking Using YARD Stick One Bundle

SDR devices are very powerful and highly used by all people interested in RF hacking, pentesting and cyber security researching. We all know that equipment for this type of pentesting can be expensive. Well, it doesn’t need to be if we give the chance to this small pseudo-sdr device. Here are some reasons why you should try YARD Stick One:

  • You’ll be capable of sniffing RF data only using Yard Stick One and an interactive Python shell.
  • If you were playing with RF devices in the past, combining Yardstick One dongle, a Proxmark RFID and a Raspberry Pi will give you a very powerful toolset for keyfobs cloning. YARD Stick One role in this combination will be the transmission of the unlock code. You can also use it in combination with RTL-SDR device for jamming and replay attacks (keyless entry attacks).
  • It can be used for hacking garage door remote controllers, jamming wireless home alarms in a few seconds, reverse engineering wireless cabinet locks, etc.
  • This pseudo SDR device is very useful when it comes to reverse engineering and digital signal analyzing.
  • It’s super easy to incorporate with your own projects, thanks to RFCat firmware, which is nothing else than another program in Linux written in Python.
  • You can use it capture data from any ASK/OOK/MSK/2-FSK/GFSK modulation in the 300 – 928 MHz band, then analyze and re-transmit (reverse engineer signal) the modified digital signal.
  • Everything related to this device, such as documentation, projects, examples, blogs is available all over the Internet. So, getting started can be really simple, even for the very beginners.

Conclusion

If we compare YARD Stick One with other well-known RF devices, such as HackRF One or RTL-SDR, we can surely say that it’s easier to get started and use, it’s highly affordable/low cost (~ $130), yet it’s still capable of performing jam and replay attacks without problems.