Category: HackRF

RF Analyzer Android App for the HackRF

Earlier this month we posted about a new port of the HackRF software defined radio Linux library for Android. Now the author of the Android port has created a new app called RF Analyzer. The app is basically a real time spectrum viewer that includes a waterfall display. The app can be downloaded from Github at https://github.com/demantz/RFAnalyzer.

The app currently supports the following features.

  • Browse the spectrum by scrolling horizontally
  • Zoom in and out, both horizontally and vertically
  • Adjust the sample rate and center frequency to match the current view of the screen by double tapping
  • Auto scale the vertical axis
  • Jump directly to a frequency
  • Adjust the gain settings of the HackRF
  • Select a pre-recorded file as source instead of a real HackRF
  • Change the FFT size
  • Setting the frame rate either to a fixed value or to automatic control
  • Activate logging and showing the log file

In the future the author intends to support the RTL-SDR and implement demodulation for basic modes such as AM, FM and SSB.

To use the app you’ll need an USB OTG (on-the-go) cable to connect your Android device to the HackRF.

RF Analyzer Android App for the HackRF
RF Analyzer Android App for the HackRF
RF Analyzer demonstration - Showing a FFT plot by using an Android device and the HackRF

Using the HackRF on Android

Micheal Ossmann’s HackRF Linux library has recently been ported to Android by programmer Dennis Mantz. Dennis has also made a blog post showing how to use the library. In addition he’s uploaded a YouTube video showing off the library using an example app. The app is capable of recording an RF signal and replaying it via the HackRF’s TX capabilities. In the video Dennis shows the example app recording a broadcast FM station and then retransmitting the recording to his car radio.

Using the HackRF on an Android Device

Hak5: Getting Started with the HackRF

On this episode of Hak5, a popular technology YouTube channel, Shannon does a tutorial on how to get started with the HackRF. The HackRF is a recently released software defined radio similar to the RTL-SDR dongle, but with transmit capabilities.

In the video she shows how to set up the HackRF on Pentoo Linux and GNU Radio. She then shows how to use a GNU Radio program that can receive multiple broadcast FM signals simultaneously. The GNU Radio program is one that is based on Micheal Ossmans GNU Radio video tutorials.

Getting Started With The HackRF, Hak5 1707

Analyzing a Car Security Active RFID Token with a HackRF

Some car security systems from around 2001 – 2003 use an embedded RFID tag inside the car key as an added security measure against key copying. Using his HackRF, ChiefTinker was able to analyse and decode the data from an active RFID token used in a car key. He notes that the same analysis could also be performed with an RTL-SDR dongle.

Upon powering the RFID tag with a power supply, ChiefTinker noticed that the tag emitted a short transmission every 5 seconds in the ISM band at 433.920 MHz. On closer inspection he determined that the transmitted data was encoded with a simple AM on-off keying (OOK) scheme. After importing the audio into Audacity and cleaning up the signal a little, he was able to clearly see the OOK square wave showing the transmitted binary data.

Next he analysed the data and compared the binary output against two different RFID keys. From the comparison he was able to determine that the tag simply beacons a unique serial number, which is susceptible to capture and replay attacks. After further processing he was able to convert the transmitted binary serial number into hexadecimal, then ASCII to find the unique serial number being broadcast in decimal.

RFID Car Key Tokens
RFID Car Key Tokens

HackRF TX YouTube Videos

Since the HackRF was shipped to Kickstarter backers there have been a few new short videos uploaded to YouTube showing some transmit experiments that people have done.

Here YouTube user CFSworks uses his HackRF to record and replay a signal that causes the charge port on his Tesla Model S electric car to open.

HackRF vs. Tesla Model S

In this video YouTube user Chief Tinker shows his HackRF being used to ring his house doorbell.

In this video YouTube user alaindecarolis uses his HackRF with hackrf_transfer to record and replay a voice signal from a standard Kenwood mobile radio.

HackRF hackrf_transfer test

Here YouTube user Jiao Xianjun shows the program he created that allows someone to send arbitrary Bluetooth Low Energy (BTLE/BT4.0) packets via a HackRF board.

Bluetooth Low Energy, BTLE/BT4.0 Packet Sender. (Software Defined Radio)

Finally this video shows a little public mischievousness with YouTube user sigmounte using his HackRF to turn off certain street lights via the Urban Light Management system which uses simple radio CCIR tones.

Télécommande urbaine

BeagleBone Black Image File with RTL-SDR + GNU Radio + More

A ready to go Ubuntu 14.04 image file for the BeagleBone Black that contains various SDR related resources for the RTL-SDR and other SDRs like the HackRF has been released by KD0CQ. The BeagleBone Black is a small embedded PC that is powerful enough to run many SDR software programs. The image file is very useful as installing some software like GNU Radio on an embedded PC can be very tedious. Below is a list of software included in the image file.

  • GNURadio 3.7
  • keenerd’s rtlsdr bundle
  • gqrx
  • multimode (having issues compiling, will contact author. Prob compatibility issues with gnuradio 3.7)
  • LTE-Cell-Scanner
  • LTE-Tracker
  • multimon – Pogsac Pager Decoder
  • rtl_flex_noX – Flex Pager Decoder
  • SuperKuh’s Dongle Logger – pyrtlsdr – Fast version
  • rtl_433
  • SDR-J
  • rtl_sdr wide spectrum analyzer
  • DSD 1.7
  • RTLAMR
  • RTL_FM_Python
BeagleBone Black
BeagleBone Black

Micheal Ossmann’s Software Defined Radio Course

Micheal Ossmann, creator of the HackRF is starting an online video course on the topic of software defined radio (SDR). His course will cover GNU Radio and will help you to learn the fundamentals of digital signal processing. The first video has been released and in this video Micheal shows how to set up a broadcast FM receiver in GNU Radio.

To do the exercises in the course you will need a HackRF or other similar SDR radio. Most exercises involving reception only should be compatible with the RTL-SDR with some small modifications relating to things like the changing sample rate.

HackRF Initial Review

The HackRF One is a new software defined radio that has recently been shipped out to Kickstarter funders. It is a transmit and receive capable SDR with 8-Bit ADC, 10 MHz to 6 GHz operating range and up to 20 MHz of bandwidth. It can now be preordered for $299 USD. We just received ours from backing the Kickstarter and here’s a brief review of the product. We didn’t do any quantitative testing and this is just a first impressions review. So far we’ve only tested receive on Windows SDR#.

Unboxing

Inside the box is the HackRF unit in a quality protective plastic casing, a telescopic antenna and a USB cable. We show an RTL-SDR next to the HackRF for size comparison.

HackRF + Telescopic Antenna + USB Cable + Box (RTL-SDR Dongle Shown for Size Comparison)
HackRF + Telescopic Antenna + USB Cable + Box (RTL-SDR Dongle Shown for Size Comparison)
Back of the box
Back of the box

Continue reading