Fresh, hot, brand new Flipper Zero in the mail; experimented with all the typical stuff, and are now looking for “those” juicy jamming files you only heard about but never really found yourself? They’re not a myth — they’re real!
Jamming radio frequencies works by finding out the frequency at which two or more devices are communicating, and then constantly generating signals at that frequency to introduce interference in the form of noise. So, jamming essentially disrupts communication between two or more devices by increasing noise to decrease the signal-noise ratio.
See it in action here:
Stuff You Should Know:
• This is 100% illegal in pretty much most parts of the world, and you should only be experimenting with devices you own or have explicit permission to be using. The jamming files have even been removed from some custom firmwares due to the potential misuse
• This will not work on the stock Flipper Zero firmware since it comes with certain regional and frequency restrictions. You would need to install a custom firmware that unlocks these restrictions on the Flipper Zero
• The Flipper Zero does not transmit at high ranges (distance from the target). You would have to place the Flipper Zero quite close to the receiving device for the most effectiveness
• Extensive, continuous transmission of signals (which jamming would consist of) from the Flipper Zero may cause it to heat up or the transmitter getting damaged. Try not to keep the Flipper Zero transmitting for more than a few minutes at a time to be safe
Step 1: Install Custom Firmware
The stock Flipper Zero firmware has certain regional and frequency restrictions. You would need to install a custom firmware that unlocks these restrictions on the Flipper Zero. The most prevalent ones are:
- DarkFlippers’ Unleashed firmware (basic, just removes restrictions)
- RogueMaster’s custom firmware(based on Unleashed, but with added tools and resources)
- ClaraCrazy’s Xtreme firmware (next-level features, control, and customization with highly-optimized code) [Recommended]
Step 2: Get the Jamming Files
Head over to my GitHub repository, where I have collected all sub-GHz jamming files I could find.
Download all the “.sub” files.
Step 3: Add the Jamming Files to the Flipper Zero
Once all jamming files have been downloaded, connect your Flipper Zero to your machine. This can be done one of two ways:
A. Via a USB cable and using the qFlipper application to interact with the connected Flipper Zero
B. Via simply accessing the Flipper Zero’s micro-SD card using a card-reader
Navigate to the /subghz/
directory in your Flipper Zero, and (optional) create a new directory named “Jamming” here. The directory structure should now look like /subghz/Jamming
.
Lastly, copy all the downloaded jamming files into this /subghz/Jamming/
directory. You may now disconnect the Flipper Zero or micro-SD card from your machine.
Step 4: Usage
Open the “Sub-GHz” application on your Flipper Zero.
Next, navigate to “Saved”, where all saved sub-GHz files (.sub) are stored.
Then, navigate to the “Jamming” directory you had created (if you had created it).
Here, you will see all the added jamming files, each for a different frequency.
Select a frequency you would be jamming, and then send this signal.
This will keep running for about 30 seconds. Any receivers within the jamming range of the Flipper Zero (pretty darn close) that operate on the frequency being jammed should now not be effective to the genuine transmitter (legitimate remote, etc.).
Disclaimer: This exists for the purposes of education, research, and experimentation with devices you yourself own. We neither endorse nor shall be held responsible for any potentially unethical or malicious activity from your usage of this.
While it’s fun to “toy” with this using a flipper, given how weak the internal cc1101 is you can’t actually jam anything but what’s only a few feet away from the flipper.
While you can buy an add-on module I won’t mention that can get you over 100+ meters of jamming capability to your flipper, a better solution is just use a better device. One that can jam say, 1mhz or lower all the way to 6+ GHZ so you can jam 2.4 and 5 GHZ wifi as well. This is outside the scope of this document. Hopefully people are able to do independent research, maybe take up electrical engineering and get a degree, or take some real electronics/RFID/cybersecurity courses.
LikeLike
Next level would be porting reactive jamming as indicated on https://github.com/AsFaBw/erica
LikeLike
Love how you followup and answer questions. Good for you. And I’m now off to play tricks on my friends 🙂
LikeLike
Why doesn’t it work with my brother Audi A3? With my Opel Corsa 2015 works fine…
LikeLike
Did you check if the A3 has rolling code
LikeLike
how you can change freqeuncy in jammer file? i need a 169.650 mhz jammer file
LikeLike
You cannot change the frequency by simply changing some of the header elements. The entire raw data would need to be changed.
LikeLike
sorry guys the question i have is on the other possible issue for my gaming store which i own here
the frequenzy has to be set in advance for sllot machine?
if so which frequenzy work best?
LikeLike
Would this work for longer with less risk of damaging the transmitter with a subghz addon board with antenna? I bought a 4.33hz c1101 board with antenna for flipper zero, if I changed radio settings to external and used this would it work more effectively and longer without potentially harming the flipper?
LikeLike
Correct. Because the external module would be doing all the work instead of the one in the FZ.
LikeLike
bonjour et merci bcp, je n’y comprends plus rien ca ne fonctionne pas avec ma clef de voiture qui fonctionne sur du 433 mhz mais par contre avec ma telecommande a led infrarouge oui ca brouille bien le signal je ne parviens pu a eteindre ni allumer mes led lorsque je place le fliiper entre les deux, avez vous des fichiers basé sur le 2.4 ghz afin de brouiller la wifi ??
Pour info ajouter un module CC1101 pour emplifier le subGhz ca devrait brouiller à plus longue portée !
LikeLike
The Flipper Zero’s hardware is limited to only frequencies below 1GHz, so 2.4GHz won’t be a possibility. This is why it is called ″sub-GHz″. To play with 2.4GHz and higher frequencies, you would have to get your hands on something like the HackRF One.
Regarding your IR/RF interference issue, that’s not directly possible, but technically a possibility due to EMI.
LikeLike
While HackRF is another good tool for newbies just starting out, a better solution would be the best, a LimeSDR (or adalm-pluto if you don’t want the best but still much better than HackRF). Problems with HackRF is it’s half-duplex and only 1 receive and 1 transmit. LimeSDR is full duplex (send and receive at same time) with 2x rx/tx so you can actually jam and collect signals at the same time unlike flipper or HackRF.
LikeLiked by 1 person
I’m having issues just adding it to the flipper zero. I’ve tried a couple times and even followed your instructions but when I go to emulate the file, it just says “cannot parse file”. I’ve never had this issue so do you have any ideas?
LikeLike
I added the files directly to my SD card from my laptop. Havent had any problems at all.
LikeLike
are you able to black Wifi
LikeLike
You have to specifically retrieve the files exactly as mentioned in step #2 (Raw file > right-click > save link as), otherwise you get the parsing error.
LikeLike
Is it possible to combine All .sub files for every Frequency and make only 1 .sub files that can jam ALL frequency at same time ?
LikeLike
A sub-GHz playlist replays all the .sub files’ signals sequentially, not simultaneously. This means the next .sub file’s signal is only transmitted after the current .sub file’s signal transmit is complete.
LikeLike
You’re asking too much of the limited hardware of the flipper. Remember, a flipper isn’t advanced nor a professional tool… the thing you ask for is suited for professional devices which can do that. That requires full duplex and multiple transmit streams, whereas flipper is half duplex (can only send or receive not both at once) and only 1 transmit port.
LikeLiked by 1 person
Hello, I strictly followed the indicated steps. I tried the jammer on two different European cars. BMW 2016 and Mercedes E-Class 2015. It doesn’t work on any of them.
LikeLike
Recognize where your vehicle’s RF receiver is (this is usually where the “anti-theft” blinking red light on the dashboard is), and then place the jamming Flipper Zero directly on top of it (from the outside, of course, over the windshield). That should work!
LikeLike
I tried near the key fob, I tried stick it to the RF receiver over the windshield, I also tried inside the car, I changed the modulation from AM270 to HND_2. Absolutely nothing happens. It is very possible that the jam files are for US cars.
LikeLike
Why and how would you change the modulation on a saved sub-GHz signal (the jamming files)?
Have you verified you’re using the correct jamming frequency? You can do this in the Frequency Analyzer sub-application by increasing the RSSI a bit, then holding your keyfob right up to the transceiver on the Flipper Zero and pressing the unlock key. Once you see the same frequency register 3-4 times, you can be sure of the frequency and then use the same one from the jamming files.
LikeLike