Technically: yes

The tricky part is having your key-fob close enough to a transceiver that can then rebroadcast it's signal. Which would no doubt run afoul of broadcast regulations.

Devices like the RTL-SDR work on as receive-only. I'd suggest checking out your local Amateur-Radio club to learn the laws, get a license, and have fun with projects like that.

Key fobs are at 315, an ism band, so 0.5w is fine for everyone. Some are actually at 433, mostly European stuff. Technically not an ism band in the US but if the fcc doesn't go after VW i doubt they will come after you. Unless you are stealing cars with it.

I'll add that there are no SDRs from ettus, lime, or hackrf that put out even .25w without a separate amp. So he won't break the limit by accident.

YardStick One: software-controlled antenna port power (max 50 mA at 3.3 V)

Is this enough to broadcast a signal stronger than my car key? If not, what do I need to do to get a stronger antenna/more power?

So recor and look at your car door signal. See how long the pulse train is for one click. Lets call that time N samples. Have a running sum of the last N samples' absolute value. When you see that sum peak above some threshold, switch to TX and play back those N samples plus some on either end for good measure. Newer cars with UWB wont work like this. They do an exchange and measure distance.

I actually don't want to do the "one click" to unlock. I want to do "is the key near the vehicle".

Ah, that is slightly harder. You have to hear the car's challenge and then have a decent antenna pointed at the fob, repeat the challenge, then quickly switch to rx to hear the response, them replay the response. Even with the antenna pointed at the fob you should be loud enough for the car because it is close.

You can even start the car this way. The car will keep running even out of range of the fob for safety reasons.

PSA: Don't rob from or steal cars. That is wrong. Don't be a bad guy. They might have worked hard for what they have and be really nice people.

what frequency does the car transponder challenge the key and what frequency does the key respond at?

is it a rolling code challenge like unlock/lock?

Also some new ones use ultra wide band. A super short pulse that can tell how far the fob is based on how long it took to respond to the challenge.

Rolling yes, all on same freq. 315 mostly. Some 433

Do you have an email/IRC I can reach you at?

0.055A * 3.3V ~ 0.180w. That is way louder than your key fob.

What would my key fob approximately be around amp/volt/wattage wise?

Are there any places selling amplifiers? It seems to be a closely guarded secret (because unlicensed operators must be protected from themselves, I guess). I found some but they wouldn't have been suitable for any testing I wanted to do with the LimeSDR I have.

> Devices like the RTL-SDR work on as receive-only.

How would I accomplish this with two YardStick Ones (that do transmit)?

Most sdr don't have a ton of power. But probably. An sdr is Overkill though. You just need an amp and some antennas. This is how those attacks that let people open and start your car when your key fob is on your nightstand work.

Yea, some people do this to break into cars

PLEASE PLEASE don't do this unless you are licensed by the car thievery union.

Unions aren't libertarian enough - can one get a freelancer's license? Asking for a friend.....

Edit: /sarcasm. PLEASE don't do this.

Unions 2.0 on a social network near you.

Yeah it's not a collective either. Maybe it's a bureau?

go to alibaba and look for range extenders/RFID repeaters designed for car thieves.

Check out “HackRF.