Kaiju Support for Flipper Zero, continued…

Attention, Flipper Zero addicts,

we are thrilled to announce the release of a new Kaiju version with almost full Flipper Zero SubGHz support.

Kaiju now supports the following features:

Rolling code data analysis (input)

• Binary input
• Hexadecimal input
• Pulse duration input
• SDR complex IQ file
• Flipper SubGHz RAW File (.sub)
• Flipper SubGHz Key File (.sub)

Generation of rolling codes (output)

• Hexadecimal output
• RfCat Python script for PandwaRF or Yard Stick One
• Pulse durations
• Flipper SubGHz RAW File (.sub)
• Flipper SubGHz Key File (.sub)

The Flipper Zero .sub files are:

• generated using Main Menu -> Sub-GHz -> Read RAW or Main Menu -> Sub-GHz -> Read,
• loaded using Main Menu -> Sub-GHz -> Add Manually.

Here is a step by step on how to proceed.

Flipper -> Kaiju: Export data from FZ into Kaiju

1. From your Flipper Zero, generate a Flipper SubGHz RAW or Key File (.sub)
2. Save the .sub to your local computer
3. Log in to Kaiju
4. Click on Analyse menu ->IQ/Flipper Zero
5. Click on Flipper Zero tab
6. Drag and drop your Flipper SubGHz RAW or Key File (.sub)
   • Flipper SubGHz RAW File: demodulated & un-decoded signal, saved using Flipper Read RAW menu
   • Flipper SubGHz Key File: demodulated & decoded signal, saved using Flipper Read menu.
7. Wait a few seconds until Kaiju finishes the analysis and click on Task results
8. Et voila! Job done!
9. You can now see the decrypted information of the remote corresponding to the input .sub file
   • Brand & model
   • Serial Number, Synchronisation counter
   • Encoder, Cipher
   • Much more…
   • And you can now generate new rolling codes for this remote (see next section).

Kaiju -> Flipper: Export data from Kaiju into FZ

1. In Kaiju History/Gate & Garage/KeeLoq/Custom, choose a previously analyzed remote (it doesn’t matter if the source was FZ .sub file, IQ file, binary data, …)
2. If there are no rolling codes generated for this remote, generate at least 1 rolling code with the Generate button
3. Refresh the page if the rolling codes do not appear (they might be still being generated…)
4. Choose a Rolling Code to export to FZ, and click on the button
5. Select one of the 2 options:
   • Flipper SubGHz RAW File (.sub): RAW file to replay on the FZ. 1 file = 1 rolling code. Can be replayed on any FZ variant (official, Xtreme,  RogueMaster, Unleashed, …)
   • Flipper SubGHz Key File (.sub): Key file, which allows the FZ to generate any rolling code. Can only be replayed on a FZ variant supporting the brand/model of the remote (see **).
6. Save the .sub file and import it into your FZ (using qFlipper app, drag and drop .sub file into FZ sdcard/subghz folder)
7. Load the file using the Main Menu -> Sub-GHz -> Saved -> Emulate
8. Press the Send button to send as many rolling codes as you want!
9. Et roule poupoule et petite tape dans le dos!

I hope you will enjoy this feature as much as we loved developing it!

• For those who don’t have a Flipper Zero yet, I recommend purchasing from Lab401. They have an impressive logistic process.
• For those who didn’t tried Kaiju yet, link below.

A short note on Kaiju’s current limitations:

• *: Only KeeLoq encryption protocol is supported, for both import and export. Other protocols (Nice FloR, Chamberlain, etc.) are not yet supported.
• **: to be more precise, the manufacturer code must be in the keeloq_mfcodes file on the SDcard.