1. InfoconDB
  2. DEF CON
  3. DEF CON 31 (2023)
  4. Warshopping - further dalliances in phreaking smart shopping cart wheels, RF sniffing and hardware reverse engineering

Warshopping - further dalliances in phreaking smart shopping cart wheels, RF sniffing and hardware reverse engineering

Presented at DEF CON 31 (2023), Aug. 11, 2023, 11 a.m. (45 minutes)

Smart shopping cart wheels are electronic wheels with a mechanical braking mechanism meant to prevent cart removal or shoplifting, as well as electronics to provide other tracking functions. In a past talk, I’ve discussed the ultra-low-frequency communication these systems use and how to sniff and replay them (and even use your phone’s speaker to “phreak” your shopping cart! This talk explores a new type of smart wheel (the Rocateq system), and focuses on a deeper exploration of the hardware and firmware. On top of capturing new sets of ultra-low-frequency control signals, we’ll look at the 2.4 GHz “checkout” signal that it receives from the register and reverse engineer the PCB - soldering on “fly-wires” to look at the chip-to-chip communication with a logic analyzer. We’ll also use a PICKIT programmer to dump the firmware from the main microcontroller for basic analysis using Ghidra. In addition to the talk, the website where you can play the control signals as audio files on your phone will be updated to include the control codes for the Rocateq brand wheels. REFERENCES: - The ARRL handbook for radio communications, 2007. Newington, CT: American Radio Relay League, 2006. Print. - https://www.tmplab.org/2008/06/18/consumer-b-gone/ - http://www.woodmann.com/fravia/nola_wheel.htm -The wonderful people over at /r/rfelectronics - FCC.gov - My previous talk at DEFCON 29 - rocateq.com

Presenters:

  • Joseph Gabay - Hacker
    Joseph is a robotics engineer turned hacker - inspired by curiosity of the small systems in our everyday world, he went from developing products to performing security assessments of them. He specializes in embedded systems, circuit reverse engineering, and mechatronics. His other hobbies include skydiving, multi-medium fabrication, and collecting strange domain names. He is also the founder and Chief Lunatic of the Flat Moon Society, who would like to ask you: isn’t it weird we never see the other side of the moon?

Links:

Similar Presentations: