Operation

FISSURE is meant for people of all skill levels. Students or beginners can navigate through lessons and tutorials on how to interact with various wireless technologies. The User Dashboard offers friendly visual aids that demonstrate the RF device assessment process from start to finish. Beginners can also evade the hurdle that is traditionally associated with installing open-source tools - as the installer consists of a list of checkboxes for installing programs and dependencies. Meanwhile developers, educators, and researchers can use the framework for their daily tasks or to expose their cutting-edge solutions to a wider audience. Future development will draw heavily from feedback and interaction with the open-source community.

Start-Up Procedures

  1. Open a terminal and enter fissure

  2. Attach hardware and assign to components using the sensor node buttons (see below)

  3. Launch a local sensor node or connect to a remote sensor node

  4. Click the “Start” button to kick off automation and access remaining tabs

  5. Click the “Start” buttons for individual components such as TSI or PD to start specific operations

Sensor Node Buttons

The sensor node buttons at the top of the Dashboard are used for configuring one local sensor or multiple remote sensor nodes. To start, click the “New Sensor Node” button to view the sensor node configuration window. Following configuration, the sensor node button will display the nickname of the sensor node. Repeat the same steps to connect up to five sensor nodes. Use the sensor node configuration window to delete a sensor node. Right-click a sensor node button to select an active sensor node. Selection is necessary to dictate where messages originating from the Dashboard will go to, to display the available hardware options throughout the Dashboard, and to update the information in statusbar at the bottom of the Dashboard.

../_images/hardware_buttons.png

Sensor Node Configuration Window

The Sensor Node Configuration window is opened after clicking on a sensor node button. The window will display the settings of an existing sensor node or allow the user to configure a new sensor node. The “Sensor Node Topology” section provides the option to choose local or remote as well as enter nicknames, locations, and notes for a sensor node. A local sensor node will run sensor_node.py on the same computer as the Dashboard. The remote option requires the IP address, DEALER port, and PUB port of the remote sensor node in order to connect. The “Ping” button will ping the IP address in the terminal to determine if the sensor node address is reachable. The connect button will establish the HIPRFISR connections to the remote sensor node. If the “Recall Settings on Connect” checkbox is checked, the saved settings from the sensor node configuration file will populate items in the Sensor Node Configuration window. The fields and tables in the window are used by the Dashboard to pull information for a sensor node and keep track of network connections.

../_images/hardware_configuration_local.png

The “Mass Hardware Scan” window allows the user to select multiple radio types that are assumed to be connected to the sensor node computer. The “Autoscan” button will perform localized hardware scans for each type selected and return the results in the “Scan Results” section. Table rows that do not contain hardware details indicate scans that were unsuccessful. The “Manual Entry” button will forgo the localized scan and add a new row to the “Scan Results” table. Once a row is created, the user can manually type in hardware details or use the “Probe” or “Guess” buttons to help populate relevant columns in the table.

Each row in the “Scan Results” table can be added to the “Default Hardware Assignments” table. This table is what is used to save the sensor node hardware information and limit what can be accessed in each tab/component in FISSURE. Individual hardware selection for any FISSURE operation is done using comboboxes throughout the Dashboard.

The “Import” and “Export” buttons will translate the sensor node configuration information to/from a YAML file. The “Apply” will save the sensor node information. The “Delete” button will disconnect and remove a sensor node that has already been saved. Be sure to disconnect from a sensor node that has not had its settings saved with the “Apply” button prior to clicking the “Cancel” button.

Automation Tab

  1. Select Automation Mode

Manual

User confirms all phases and can edit parameters

Discovery (Disabled)

Mostly automated, system chooses which signals to target and process

Target (Disabled)

User-defined specifications, only pursue targets fitting certain criteria

  1. Select target protocol

  2. Configure SOI auto-select criteria (optional)

  3. Lock search band (optional)

  4. Check RF hardware connections

  5. Click Start

Custom (Disabled)

  1. User creates any combination of settings

TSI Tab

Detector/Sweep

  1. Click Start

  2. Add search bands to table

  3. Adjust Advanced Settings

  4. Click Update TSI Configuration

  5. Blacklist frequency ranges

  6. View detected signals

  7. Search signals by frequency in library

Conditioner (Future)

Tune, filter, separate, record, isolate

Feature Extractor (Future)

Select AI/ML technique, acquire feature set

Classifier (Future)

Choose AI/ML models, classify protocols/emitters, compare results

PD Tab

Status

  1. Start Protocol Discovery (PD)

Demodulation

  1. Search library for flow graphs

  2. Start demodulation flow graph

Bit Slicing

  1. Search for preambles

  2. Slice buffer by preamble

  3. Determine field delineations

Data Viewer

  1. Enter binary or hex data, perform binary operations

  2. Fill Protocol Matching table, apply against protocols in library

  3. Manually send hex data to PD buffer for analysis

Dissectors

  1. Create Lua sissectors for new packet types

  2. Follow lesson on Lua dissectors

  3. Click Update Wireshark to copy all FISSURE dissectors to Wireshark folder

Sniffer

  1. Start demodulation flow graph with sniffer sink

  2. Launch sniffer flow graph created for packet type

  3. Manually send data to sniffer port

CRC Calculator

  1. Enter hex, select configuration, calculate CRC

  2. Enter two messages with known CRCs, find polynomial

Attack Tab

Single-Stage

  1. Select protocol, modulation type, hardware combination

  2. Double-click attack in tree widget

  3. Configure attack variables

  4. Start Attack

  5. Apply changes while running flow graphs

Multi-Stage

  1. Double-click attack in tree widget or click Add button

  2. Adjust durations and reorder attacks

  3. Click Generate

  4. Adjust variables, Save, Load, select Repeat

  5. Click Start

Fuzzing (Fields)

  1. Choose fuzzing Fields attack (if available)

  2. Choose protocol subcategory

  3. Check fields, select type, enter limits

  4. Start Attack

Fuzzing (Variables)

  1. Choose fuzzing Variables attack

  2. Load flow graph

  3. Select variable

  4. Start Attack

History

  1. View attack history, delete rows

Packet Crafter

Packet Editor

  1. Select protocol and packet type

  2. Edit field values

  3. Calculate CRC (when applicable)

  4. Assemble message

  5. Construct packet sequence

  6. Save sequence to file

Scapy

  1. Put wireless interface in monitor mode

  2. Select 802.11x and packet type

  3. Edit field values

  4. Click Load Data

  5. Click Refresh, enter interval, choose interface

  6. Click Start

IQ Data Tab

Record

  1. Assign device to IQ hardware button

  2. Adjust settings in reference to applicable GNU Radio sinks

  3. Record signals to IQ file(s)

Playback

  1. Configure settings or copy Record settings

  2. Click Play

Inspection

  1. Double-click flow graph or click Load, Start

  2. Adjust variables in GUI

Crop

  1. Double-click IQ file in Viewer

  2. Enter name for cropped IQ file

  3. Adjust Start/End samples in Viewer

  4. Click Crop

Convert

  1. Choose input file, name output file

  2. Select file types

  3. Click Convert

Append

  1. Choose/enter file 1, file 2, output file

  2. Check Null to append samples to the front or end

  3. Click Append

Transfer

  1. Copy folders or files to new locations

Timeslot

Makes copies of a message at regular intervals

  1. Choose input file with zeros before and after signal

  2. Adjust sample rate, period, and number of copies

  3. Click Pad Data

Overlap

  1. Plot data, store data, shift data, add data together

Resample

  1. Select input file, specify output file, choose rates, resample

OFDM

Experimental

Normalize

  1. Select input file, speciy output file, choose min/max, normalize

Viewer

  1. Choose data folder

  2. Double-click/Load File to read data

  3. Plot All, plot range, click End to detect last sample

  4. Use toolbar to zoom, pan, save

  5. Click Cursor, select two points on plot, Get Range

  6. Use functions and analysis buttons

  7. Click gear icon to adjust options

Archive Tab

Download

  1. Select row in Online Archive table

  2. Click Download

  3. Plot or delete

Replay

  1. Double-click downloaded file or press Add button

  2. Build and configure playlist

  3. Check Repeat, click Start

Sensor Nodes Tab

The Dashboard Sensor Nodes tab contains operations for the active sensor node (right-click). These operations include building autorun playlists and file navigation for computers running the sensor nodes.

Autorun

../_images/autorun1.png

Description

The Autorun tab is used to build, view, transfer, and initiate autorun playlists on the actively selected sensor node. The autorun feature consists of executing a playlist comprised of single-stage and multi-stage attack scripts. Each item is run simultaneously in their own thread to take advantage of more than one radio peripheral connected to the sensor node at a time. The sensor node has the option to run these playlists without interaction from the FISSURE Dashboard if the “autorun” field is set in the sensor node configuration default.yaml file.

Adding, Removing, Viewing Items

Playlist items can be added through the Single-Stage and Multi-Stage attack tabs. For Single-Stage attacks, load the attack by double-clicking the Attack Template and fill out the variable values for the attack. Click the “Add to Autorun” button to copy the attack details over to the playlist table. For Multi-Stage attacks, add the attacks and click “Generate” as normal. Click the “Add to Autorun” button to copy the multi-stage attack details over to the playlist table.

To remove a playlist item, select a row and click the “Remove” button. To view a playlist item as a single-stage or multi-stage attack, click the “View” button. Attack details cannot be edited in the playlist table.

Configuration

Playlists can have a delayed start time and date. Clicking the “Delay Start” checkbox will enable the feature. The playlist will execute immediately if unchecked. Each playlist item can have its own delayed start time if the “Delay” checkbox is checked. The value is ignored if unchecked. The timeout option for an item is used to stop the thread after so many seconds. Playlist items can finish before the timeout value depending on the nature of the script. Item threads will not repeat themselves unless the repeat option is set. A negative timeout value will cause an item to run indefinitely. The “Start” button will execute the contents of the table. Clicking the “Stop” button will end the playlist on the sensor node.

Import & Export

The “Export” and “Import” buttons are used to save and load playlists. The export feature allows the user to save a playlist to a YAML file. This file can copied directly to a sensor node to replace the /Autorun_Playlists/default.yaml file used for the autorun feature. The import feature will populate the playlist table from an exported YAML file. The “Existing Playlists” combobox is used to recall local playlists saved on the Dashboard computer in the /Sensor Nodes/Autorun_Playlists/ folder.

Overwriting Default Playlist

The “Overwrite Default Playlist” button will transfer the contents of the table and overwrite the /Autorun_Playlists/default.yaml file located on the sensor node.

File Navigation

../_images/file_navigation1.png

Sensor Node

The “Sensor Node” frame displays file information inside folders on the the actively selected sensor node. The user can delete files or folders and download them to the Dashboard computer. Folders are compressed into a .zip file prior to the transfer.

Local

The “Local” frame is used to select where downloaded files will saved. The folder used for downloading is the value in the combobox and not a folder selected in the tree. Selected files in the tree can be deleted and unzipped. Certain file extensions such as .txt can be opened using the view button. Custom viewing capabilities will be added for more file extensions to do operations like signal plotting. Small files can be transferred over the network and saved to the currently selected sensor node folder in the combobox. Large files are not supported at this time.

Library Tab

Browse

  1. Choose FISSURE YAML file

  2. Look at the contents

Search Library

  1. Enter information for signals of interest (SOIs)

  2. Enter data values for messages in library

  3. Choose the checkboxes to use during search

  4. Search Library

Remove

  1. Select Protocol

  2. Choose types to remove from library

  3. Click associated Remove button

Add

  1. Create new protocol

  2. Add modulation type, packet type, signal of interest, statistics, demodulation flow graph, and attacks to existing protocol

Log Tab

System Log

  1. Filter messages to view from log, click Refresh

Session Notes

  1. Make notes and save attack history, system log, and session notes

Status Bar

Triggers

Configuration

Triggers are scripts that loop indefinitely until a condition is statisfied and are used to delay the start of transmission of electromagnetic effects for single-stage attacks, multi-stage attacks, archive replay, and autorun playlists. In each of those tabs a “Triggers” section can be found as shown below for the Single-Stage attack tab.

../_images/trigger2.png

Clicking the “Edit” button will open the following dialog for selecting and configuring triggers.

../_images/trigger1.png

Choose the category and trigger from the comboboxes. Enter values into the user interface widgets specific to the trigger. Click “Add” to select a trigger. Multiple triggers can be selected and will be run simultaneously. Once the first trigger is complete, the remaining triggers will end and the subsequent action will be executed. Select a trigger from the table and click “Remove” to delete it. Click “OK” to save the triggers.

Trigger List

The following is a list of triggers integrated into FISSURE. To create new triggers refer to Creating Triggers.

Category

Trigger Name

Script Name

Hardware/Requirements

Description

Acoustic

Sound Threshold

sound_threshold.py

Microphone

Activates once a custom audio threshold is reached on the active computer microphone

Environmental

Sunrise/Sunset

sunrise_sunset.py

Internet Connection

Checks for sunrise and sunset time using “%S” and “%s” returns from wttr.in

Environmental

Temperature

temperature.py

Internet Connection

Compares the temperature in a location to a value using wttr.in

Environmental

Weather

weather.py

Internet Connection

Checks for rain, snow/sleet, clear, cloudy/fog in a city using keywords found in the “%C” returns from wttr.in

Environmental

Wind

wind.py

Internet Connection

Checks for wind speeds above a threshold using “%w” returns from wttr.in

Filesystem

File Modified

file_modified.py

None

Waits for a file to be modified

Filesystem

Folder Modified

folder_modified.py

None

Waits for a folder to change the number of files it contains

Networking

Webserver Curl

webserver_curl.py

Network Connection

Creates a local webserver that listens for a curl http://<ip_address>:<port> command to exit

RF

Cellular Tower

cellular_tower.py

RTL2832U

Continuously runs “CellSearch” at a specific frequency to find a matching PCI/cell ID for a site

RF

Detect SSID

detect_ssid.py

WLAN Interface (Managed Mode)

Looks for a matching SSID name using iwlist for a provided interface

RF

GPS Line

gps_line.py

GPS Receiver

Checks if current GPS coordinates have crossed either a latitude or longitude threshold (N-S/E-W line)

RF

GPS Point

gps_point.py

GPS Receiver

Checks current GPS coordinates until they are a specified distance from a point

RF

Plane Spotting

plane_spotting.py

RTL2832U

Looks for an ICAO in dump1090 stdout from an RTL dongle

RF

Power Threshold

power_threshold.py

USRP B2x0

Looks for a signal above a power threshold at a specified frequency. Reuses the TSI fixed detector flow graphs without the GUI.

RF

RDS Keyword

rds_keyword.py

USRP B2x0

Looks for a keyword in the RDS printed from gr-rds for a radio station

RF

X10 Demod

x10_demod.py

USRP B2x0

Demodulates X10 signals for a USRP B210 and checks the flow graph stdout for matching text

Time

Sensor Node Time

sensor_node_time.py

None

Waits for date/time to elapse

Time

Timer

timer.py

None

Waits for N seconds after trigger script start

Visual

Motion Detector

motion_detector.py

Camera

Checks for motion using the default camera

Attack List

The following is a list of attacks in the FISSURE library and displayed in the Attack tab. Attacks are hardware dependent and may not be present for all hardware types. The developers welcome new scripts/flow graphs for converting existing attacks to the missing hardware types.

Attack Name

Description

802.11x - ARP Poisoning

Generates Scapy ARP messages that continuously cycle through the last octet of the source IP address.

802.11x - Beacon Flood

Generates Scapy beacons with unqiue MAC addresses that increase sequentially.

802.11x - Beacon Frame

Generates the same Scapy beacon continuously.

802.11x - CTS Frame

Generates Scapy CTS frames.

802.11x - DIR-815 Exploit

While in monitor mode, injects a command via SSDP to a vulnerable UPnP device. Same as “UDP to AP QoS” in Packet Crafter.

802.11x - Deauthentication Frame

Generates Scapy deauthentication frames with reason=7.

802.11x - ICMP

Generates a Scapy ICMP packet and transmits it periodically.

802.11x - LAND

Transmits a Scapy TCP SYN spoofed packet where the source and destination IPs and ports are identical. This can cause the target to repeatedly send replies to itself and possibly lead to a crash. (Local Area Network Denial)

802.11x - Probe Request Frame

Transmits a Scapy probe request on repeat.

802.11x - Relay

Relays Wifi signals from one frequency to another.

802.11x - SYN Flood

Transmits Scapy TCP SYN messages with random source IP addresses to consume resources on the target.

802.11x - Smurf

Transmits Scapy ICMP request messages to all network hosts to make their responses overwhelm the target server.

802.11x - TP-Link Archer A7 Exploit

While joined to the network, executes a command placed in a file on the device using a UDP exploit. Use quotes with spaces. Single-use, requires reboot.

802.11x - TP-Link Archer A7 Reboot

While joined to the network, executes a reboot command on the device using a single UDP message.

802.11x - UDP Hole Punch Server

Responds to UDP messages containing the magic string. Observe the responses in Wireshark to map IP addresses and ports. See wifi_tx UDP Mapper.

802.11x - UDP Replay PCAP

Replays the UDP from a .pcap file with udpreplay while connected to a network.

802.11x - wifi_tx ARP Poisoning

Generates ARP messages that continuously cycle through the last octet of the source IP address. Messages are placed in UDP data and sent to a wifi_tx.py UDP port.

802.11x - wifi_tx Beacon

Generates Beacon frames with a custom SSID and MAC address. Beacon data is sent to the wifi_tx.py UDP port which needs to be connected to the mac_in of the WiFi PHY Hier block.

802.11x - wifi_tx ICMP

Generates ICMP messages. Messages are placed in UDP data and sent to a wifi_tx.py UDP port.

802.11x - wifi_tx LAND

Transmits a TCP SYN spoofed packet where the source and destination IPs and ports are identical. This can cause the target to repeatedly send replies to itself and possibly lead to a crash. Messages are placed in UDP data and sent to a wifi_tx.py UDP port.

802.11x - wifi_tx SYN Flood

Generates TCP SYN messages with random source IP addresses to consume resources on the target. Messages are placed in UDP data and sent to a wifi_tx.py UDP port.

802.11x - wifi_tx Smurf

Transmits Scapy ICMP request messages to all network hosts to make their responses overwhelm the target server.

802.11x - wifi_tx UDP ARP Poisoning

Generates UDP messages with different source addresses to fill up the target ARP table. Messages are placed in UDP data and sent to a wifi_tx.py UDP port.

802.11x - wifi_tx UDP Crafter

Generates UDP messages. Messages are placed in UDP data and sent to a wifi_tx.py UDP port.

802.11x - wifi_tx UDP Crafter QoS

Generates UDP messages. Messages are placed in UDP data and sent to a wifi_tx.py UDP port.

802.11x - wifi_tx UDP File

Reads in bytes of data and puts it in a UDP payload. Messages are placed in UDP data and sent to a wifi_tx.py UDP port.

802.11x - wifi_tx UDP Mapper

Transmits LLC/SNAP/IP/UDP data to wifi_tx with the server as the source to map a network for IP addresses and ports.

802.11x - wifi_tx UDP PCAP

Reads in a .pcap file, not .pcapng, and transmits UDP data line by line to a wifi_tx port with altered UDP addresses.

Bluetooth Classic - btrx

Executes the btrx command for monitoring Bluetooth at a specified frequency and sample rate.

Bluetooth Low Energy - ble_dump

Runs ble_dump.py and creates a pipe to Wireshark for dumping BLE packets.

Bluetooth Low Energy - btrx

Executes the btrx command for monitoring Bluetooth at a specified frequency, gain, and sample rate.

Clapper Plus - Transmit

Generates a signal that is similar to one of two buttons on a Clapper Plus remote control.

DECT - Audio Sink

Plays DECT audio using gr-dect2 blocks.

DECT - CW

Jams DECT with a CW signal.

DECT - File Sink

Records a DECT payload to a file.

DECT - File Sink IQ

Records DECT IQ signals captured through a power squelch to a file.

DECT - From File

Modulates a previously-recorded DECT packet.

DECT - Gaussian

Jams DECT with a Gaussian noise source.

DECT - Simple Replay

Relays a DECT signal to another frequency.

DECT - Wireshark

Captures DECT signals and pipes the messages to Wireshark.

DSRC - From File

Sends raw binary data to wifi_tx UDP port.

DSRC - wifi_tx Generator

Generates DSRC messages using a coordinate file and a key file. Messages are sent to a wifi_tx UDP port.

Ethernet - DIR-815 Exploit

While in monitor mode, injects a command via SSDP to a vulnerable UPnP device. Same as “UDP to AP QoS” in Packet Crafter.

Ethernet - MAC Flooding

Floods the local network with random MAC addresses causing some switches to fail and potentially facilitate hub style sniffing.

Ethernet - TP-Link Archer A7 Exploit

While joined to the network, executes a command placed in a file on the device using a UDP exploit. Use quotes with spaces. Single-use, requires reboot.

FM Radio - Audio Sink

Plays FM radio audio.

FM Radio - CW

Jams FM radio stations with a CW signal.

FM Radio - File Sink

Records a set amount of FM data to a file while playing the audio.

FM Radio - From File

Transmits FM data from a file on a loop.

FM Radio - From Wav File

Converts a .wav file to an FM signal.

FM Radio - Gaussian

Jams FM with a Gaussian noise source.

FM Radio - Simple Replay

Relays filtered FM signals to another frequency.

Garage Door - Cycle

Cycles through DIP switch combinations sequentially.

Garage Door - Transmit

Simulates a remote control button press for one DIP switch value.

General - IQ Playback Repeat

Replays an IQ file on repeat.

General - IQ Playback Single

Replays an IQ file once.

General - IQ Record

Records an IQ file for a specified number of samples.

General - IQ Record Squelch

Records an IQ file for a specified number of samples following a power squelch.

General - Instantaneous Frequency

Test attack for flow graphs with GUIs.

General - OOK Transmit

Generates custom on-off keying signals with repeating bursts at regular intervals.

General - Sleep

Sleeps for a duration.

HD Radio - Naughty String Injection

Inject naughty strings into the artist or song title in HD Radio from a JSON file. Specify ‘title’ or ‘artist’ to direct the injection process.

Mode S - Dump1090 Interactive

Runs dump1090 in interactive mode. Go to: http://127.0.0.1:8081

Mode S - Dump1090 Raw File

Executes the “./dump1090 –raw > ascii_file.txt” command to save ASCII data (*8dc051daf82300020049b8c711c4) to a file.

Mode S - Dump1090 Raw Network

Executes the “./dump1090 –raw | nc 127.0.0.1 55555” command to transfer ASCII data (*8dc051daf82300020049b8c711c4) over a network.

Mode S - Fields

Flow graph for fuzzing fields in Mode S messages at a regular interval.

Mode S - From File

Transmits ADSB binary data supplied from a file.

Mode S - dump978 uat2text

Executes the “rtl_sdr -d 0 -f 978000000 -s 2083334 -g 48 - | ./dump978 | ./uat2text” command to decode 978 MHz UAT messages into a readable format.

Mode S - gr-adsb Brief

Prints formatted decoded ADSB data (gr-adsb) originating from an SDR (2 MS/s) to stdout with the brief option selected.

Mode S - gr-adsb To Webserver

Forwards formatted decoded ADSB data (gr-adsb) originating from an SDR (2 MS/s) to a webserver (tcp://127.0.0.1:5001) over ZMQ.

Mode S - gr-adsb Verbose

Prints formatted decoded ADSB data (gr-adsb) originating from an SDR (2 MS/s) to stdout with the verbose option selected.

Mode S - gr-adsb Webserver

Forwards formatted decoded ADSB data (gr-adsb) originating from an IQ file to a webserver (tcp://127.0.0.1:5001) over ZMQ.

Morse Code - File

Generates Morse Code for one user-provided message and writes the IQ samples to file. The audio will stop when the message is complete.

Morse Code - Transmit

Generates Morse Code for one user-provided message and transmits the signal. The audio will stop when the message done transmitting.

RDS - Fields

Flow graph for fuzzing fields in RDS messages at a regular interval.

RDS - File Source

Replays RDS data on repeat supplied from a file. No audio is added.

SimpliciTI - Access Point DoS

Replays data that will create a denial of service at the access point.

SimpliciTI - Add Node

Replays data from an add node message.

SimpliciTI - CW

Jams SimpliciTI with a CW signal.

SimpliciTI - Fields

Flow graph for fuzzing SimpliciTI message fields at a regular interval.

SimpliciTI - From File

Replays message data supplied from a file.

SimpliciTI - Gaussian

Jams SimpliciTI with a Gaussian noise source.

SimpliciTI - Unlink Node

Replays an unlink node message supplied from a file.

TPMS - Receive

Decodes TPMS signals (only one format) and prints the output.

TPMS - Transmit

Transmits TPMS signals periodically.

X10 - Decode

Decodes X10 signals and prints the output.

X10 - Fields

Flow graph for fuzzing X10 message fields at a regular interval.

X10 - Off

Transmits an off message for a RadioShack Plug’n power outlet switch.

X10 - On

Transmits an on message for a RadioShack Plug’n power outlet switch.

ZWAVE - Color List

Cycles through a list of colors built into the message_generator_pdu block. Tested against a Monoprice Z-Wave Plus RGB Smart Bulb.

ZWAVE - Off

Transmits an off message for a Monoprice Z-Wave Plus RGB Smart Bulb.

ZWAVE - On

Transmits an on message for a Monoprice Z-Wave Plus RGB Smart Bulb.

ZWAVE - Random Colors

Randomly generates a new RGB value for each message. Tested against a Monoprice Z-Wave Plus RGB Smart Bulb.

ZWAVE - Receive

Decodes Z-Wave messages and prints the output. Tested against a Monoprice Z-Wave Plus RGB Smart Bulb.

ZWAVE - Transmit

Transmits a Z-Wave message (default is a red light). Tested against a Monoprice Z-Wave Plus RGB Smart Bulb.