Category: HackRF

Building a ‘WiFi Camera’ with a HackRF and Helical Antenna on a Motorized Pan-Tilt Mount

Recently, "The Thought Emporium" YouTube channel uploaded a video showing how they have created a 'WiFi Camera' using a HackRF and helical antenna mounted on a motorized Pan-Tilt mount.

The Thought Emporium has actually already done this experiment back in 2018, as seen in a previous post; however, in the latest video, they iterate on the design, releasing a new open-source 3D printable version.

The idea behind the 'WiFI camera' is to point the directional helical antenna in different directions using the motorized mount and measure the WiFi signal power using the HackRF at each spot it points towards. Each measurement results in a heatmap pixel, and once enough pixels have been collected, an image is formed.

This Camera Can SEE WiFi

DragonOS: Setting up AISMon with WINE and Virtual Audio Sink for HackRF and RTL-SDR

Over on his YouTube channel Aaron, creator of the DragonOS image (a Linux image with many built-in SDR compatible programs) has uploaded a new video showing how it is possible to run the Windows only AISMon software on Linux, using WINE. WINE is a Windows emulator for Linux which allows users to run some Windows software on Linux.

In the video Aaron shows how to set up WINE on the DragonOS Linux image, how to run AISMon with it, and how to set up the Virtual Audio Cable sink which is required to pass the audio from SDR++ to AISMon. He also shows how he tests his setup using the AIS-Simulator software with a HackRF, and an RTL-SDR for receiving.

DragonOS FocalX Setup AISMon with WINE + Virtual Audio Sink (HackRF, RTLSDR, SDR++, AIS-Simulator)

Using a HackRF and JavaScript Browser App to Perform Rolljam Replay Attacks on a Car

Over on her website, Charlie Gerard has uploaded a page showing how she was able to perform a replay attack on a car's wireless entry system using a HackRF and a JavaScript browser app she wrote.

Previously, Charlie had already written a JavaScript browser app for ADS-B tracking with an RTL-SDR. To achieve this she used the WebUSB API, which allows USB devices to connect to JavaScript apps in a web browser.

Having recently purchased a HackRF she wanted to see if something similar was possible with the HackRF. In her post, Charlie shows and explains the JavaScript code required to connect to the HackRF from a Chrome browser, and how settings like gain, frequency and sample rate can be adjusted. She then shows how to use the Canvas API to visualize the received data. Finally, she shows how to use the File System Web API to record data, and ultimately retransmit the recorded data with the HackRF.

The replay attack itself is based on the rolljam idea. She uses two HackRF's, with one sitting closer to the car's receiver and jamming it, and another recording the car's keyfob. This prevents the car from incrementing the keyfob's rolling code, allowing it to be recorded and used again at a later time.

Charlie has also posted a video of her tests, which we embedded below.

Hacking my friend's car using JavaScript

Guglielmo FM and DAB Receiver Software Updated to Version 0.6

Thank you to Marco, Guglielmo's programmer, for letting us know that his software has recently been updated to Version 0.6.

Guglielmo is Linux, Windows (and, in this recent update, x86 MacOS) based RTL-SDR FM and DAB tuner software that supports SDRs, including the RTL-SDR, Airspy, SDRplay, HackRF, and LimeSDR. It is designed to be easy to use for media users rather than hobbyist technical users.

Version 0.6 fixes bugs and adds the following features:

  • Software automatic gain control
  • Support for multiple devices for RTL-SDR and SDRplay
  • Support for RTL-SDR V4
  • New RTL-SDR and SDRPlay device drivers
  • New Portaudio sound driver
Guglielmo: Screenshot of the DAB Interface

A Review of the New HackRF PortaPack H4M

The PortaPack H4M by OpenSourceSDRLab is a new design of the HackRF PortaPack which comes with various improvements. The PortaPack H4M adds I2C capable GPIO ports, a USB-C connector, a built-in speaker and microphone, a better screen, a proper on/off button that won't easily activate in a bag, flat design for easier storage, and improved charging speed.

The PortaPack H4M is currently available as a bundle for US$152 from Chinese manufacturer OpenSourceSDRLab. The bundle includes the PortaPack H4M PCB, and a HackRF R10c clone.  This is exceptionally good value, considering that an original HackRF (just the HackRF without PortaPack) sells for US$319. However, just be aware that by purchasing clones you are not supporting GreatScottGadgets, the original developers of the HackRF.

If you were unaware, the HackRF PortaPack is an accessory for the HackRF SDR that enables portable use, with a display, controls, and onboard processing for direct signal demodulation, modulation, decoding, and encoding, all without needing a computer.

Over on YouTube RocketGod has uploaded a video showing some of the PortPack H4M's new features, how to install the Mayhem Firmware, and then showing it in action with it receiving a few signals.

HackRF Portapack H4M - Getting Started Guide

We've also seen another video by sn0ren that also introduces and shows the PortaPack H4M in action.

The new HackRF Portapack H4M

hackrf_sweeper: A Reimplementation of hackrf_sweep as a Library

Information security company Subreption recently wrote in and wanted to share their recently released 'hackrf_sweeper' library. This library is based on the official hackrf_sweep code, which enabled HackRF SDR devices to sweep across a wide frequency range and rapidly build up a wideband spectral plot. They write:

This is a refactoring or reimplementation of hackrf_sweep as a library, providing a carefully chosen API to leverage the HackRF sweeping capabilities in a reusable, low-frustration fashion. The library provides support for user-supplied callbacks to process raw transfer buffers or the already calculated FFT bins, including a bypass mode to allow for entirely off-loading the data processing to the caller. It also implements a rudimentary opaque mutex (locking) state for multi-thread applications.

A demo application is a re-implementation of the original hackrf_sweep tool as a CURVE-encrypted publisher sending msgpack frames to any receivers subscribed to it. A companion demo application is included in the form of a Python program that processes these frames and generates a real-time plot of the RF spectrum, the last peak detections and the absolute peaks -maximum observed-.

Past projects attempting to provide similar capabilities include hackrf-spectrum-analyzer (https://github.com/pavsa/hackrf-spectrum-analyzer). hackrf_sweeper provides continuous sweeping support instead of one-shot sweeps, besides the aforementioned improvements.

The team also notes that they are soon planning on releasing a GNU Radio block that leverages the library.

Example output from hackrf_sweeper
Example output from hackrf_sweeper

HackRF and Portapack Featured in Recent Linus Tech Tips Video

Over on YouTube the Linus Tech Tips channel has recently released a video about the HackRF titled "It’s TOO Easy to Accidentally Do Illegal Stuff with This". Linus Tech Tips is an extremely popular computer technology YouTube channel. The HackRF is a popular transmit capable software defined radio that was released about 10 years ago. The portapack is an add-on for the HackRF that allows the HackRF to be used as a handheld device, and when combined with the Mayhem firmware, it enables easy access to some controversial tools that could get a user into a lot of legal trouble very fast.

In the video Linus, whose team is based in Canada, mentions that they decided to purchase the HackRF and similar devices because of the Canadian government's plan to ban various RF tools, including the Flipper Zero and HackRF.

Linus then discusses and demonstrates "van eck phreaking" with TempestSDR, showing how he can use the HackRF to recover the video from a PC monitor wirelessly. He then goes on to demonstrate how the Portapack can be used to jam a wireless GoPro camera transmitting over WiFi. 

Finally, Linus discusses the legality and morality of such devices being available on the market.

It’s TOO Easy to Accidentally Do Illegal Stuff with This

SignalsEverywhere: Using HackTV to Transmit Analog Television with a HackRF

Over on her YouTube channel SignalsEverywhere, Sarah has uploaded a new video showing how to use a program called 'hacktv-gui' to transmit analog TV signals using a HackRF software defined radio. Analog TV standards such as PAL and NTSC have been phased out in most of the world in favor of digital TV standards instead. However, transmitting these yourself can be a fun experiment that may help breathe life into old television sets.

In the video Sarah explains how to use the hacktv-gui and hacktv software, and how to create a video transmission. She mentions how hacktv also supports the use of a FL2K device, which is a cheap VGA adapter that can be used to transmit signals.

HackTV | Analog Television Transmission with a HackRF SDR