lor
LoRaWAN hacking, gateway simulation, packet decoding.
Load with: use lor
Quick example
use lor
result = lora1(\(x) x, \(x) x, 10)
prn(result)Functions
Gateway simulation
lora1(freq_mhz, sf, bw_khz)
Performs the operation. Takes freq_mhz, sf, bw_khz.
lora11(h)
Performs the operation. Takes h.
lora12(h, timeout_ms)
Performs the operation. Takes h, timeout_ms.
lora13(h, data, spreading_factor)
Performs the operation. Takes h, data, spreading_factor.
Packet decoder
llora(raw_bytes)
Performs the operation. Takes raw_bytes.
lora2(mtype)
Performs the operation. Takes mtype.
MIC verification
lora3(packet, nwk_key)
Performs the operation. Takes packet, nwk_key.
Join procedure
lora0(deveui, appeui, appkey, devnonce)
Performs the operation. Takes deveui, appeui, appkey, devnonce.
lolor(deveui, appeui, devnonce, known_plaintext, wordlist)
Performs the operation. Takes deveui, appeui, devnonce, known_plaintext, wordlist.
Session keys derivation
lords(appkey, devnonce, netid)
Performs the operation. Takes appkey, devnonce, netid.
Decryption
lordc(payload, key, fcnt)
Performs the operation. Takes payload, key, fcnt.
Fuzzer
lorfz(h, start_sf, end_sf, data)
Performs the operation. Takes h, start_sf, end_sf, data.
Spreading factor scan
lorsc(h, freq_mhz)
Performs the operation. Takes h, freq_mhz.
Replay attack
lorrp(captured, new_fcnt)
Performs the operation. Takes captured, new_fcnt.
Downlink injection
lorin(target_dev_addr, data, fcnt, key)
Initialises. Takes target_dev_addr, data, fcnt, key.
Spectrum scan
lorsp(start_mhz, end_mhz, step_khz)
Performs the operation. Takes start_mhz, end_mhz, step_khz.
Common frequencies
lora21()
Performs the operation.
loreu()
Performs the operation.
lorus()
Performs the operation.
Gateway enumeration
lordc1(iface)
Performs the operation. Takes iface.
Device tracking
lotrk(eui)
Performs the operation. Takes eui.
Notes
- Logic rules engine - forward chaining, pattern matching.