If you have a HackRF and the Portapack backpack this is how you can use the Capture and Replay feature in the Havoc firmware. I have a HamptonBay ceiling fan that has a RF remote, to get the frequency it transmits on you can look up the FCC ID on the FCC’s website, in this case it is FCC ID L3HMAY97FANHD and it transmits on 303.950Mhz.
Lets start out by selecting capture on the main menu.
Once in the Capture feature you can tune to 303.950. Now hit the power button on your remote and you should see something like the screenshot to the left. Now play with the amp and gain settings while pressing the remotes buttons. Once you are satisfied with the signal highlight the red R icon. Next press the remote button a few times to get the timing of button press to showing up on screen correct. When ready click the record icon and hit button on remote and stop recording. This will save a .C16 file on the SD card so try not to record a bunch of blank space
Download the ceiling fan’s remote’s captures if you don’t have one of your own and would like to follow along. You will need to put these files on the Portapacks SD card. I put mine in a folder called SAMPLES
Now go back to the main menu and select Replay. Once in Replay click open file and select the sample you just captured or the samples we provided. This should load the sample file and the set the correct frequency. Set your LNA and AMP settings and click the play button. You should now see the sample being played and your light or whatever should turn on or off. The loop checkbox will continuously play the sample.
Well that’s pretty much it, you can mess with all sorts of devices using this method like light bulb’s, garage door openers, home alarm systems, pretty much anything that is controlled by RF.