A few weeks ago we posted about Reddit member u/OlegKutkov who used his HackRF supercluster to receive Starlink beacons, but details on the HackRF supercluster project itself were a little sparse. Now Oleg has posted a full description about the HackRF supercluster, noting that the 8 HackRF's in the system can provide up to 160 MHz of live monitoring bandwidth.
Oleg shows how each of the boards are connected to the same GPS disciplined 10 MHz clock source, how it uses an RF splitter with LNA and how it requires 8 separate host controllers connected to individual PCIe lines in his computer system to overcome the USB2.0 data bandwidth limits. He also shows the GNU Radio script he's created that combines the 8 sources into one.
Oleg writes how he's using the HackRF supercluster together with a TV Ku-Band LNB and satellite dish for wideband satellite monitoring.
Over on Reddit member u/OlegKutkov has recently posted about his success at receiving Starlink beacons at 11.325 GHz with his HackRF "supercluster". Starlink is an Elon Musk / SpaceX venture that aims to provide fast global satellite internet access for low cost. The venture is advanced enough that in most locations the service is now operational, and there will be Starlink satellites in the local sky at any given time.
Oleg's setup to receive the satellite beacons consists of a small hand tracked satellite dish with LNB feed connected to his HackRF "supercluster". The supercluster is 8 HackRFs connected to the same antenna via a splitter, resulting in 160 MHz of bandwidth. Oleg's blog post from last year appears to contain a bit more information about the start of the supercluster. The 11.325 GHz beacon frequency is out of range for the HackRF which covers up to 6 GHz, so a standard satellite TV LNB is used to downconvert the frequency. The LNB had to first be converted to circular polarization, and is fed via an 'invacom' feedhorn.
Update Notes: Thank you to @dereksgc for pointing out that the HackRF supercluster and modified LNBs aren't actually required to receive Starlink beacons. Derek notes that the Starlink beacons are actually very easy to receive. All you need is an RTL-SDR V3 and a stock "astra" LNB (or the Bullseye LNB) which will convert the 11325 MHz beacon frequency to 1575 MHz which is in the range of the RTL-SDR. The bandwidth of the beacons including doppler shift is also small enough for the RTL-SDR. The beacons are circularly polarized, but strong enough to be received with an unmodified linear LNB and small offset TV dish. So receiving the beacons is possible with modest hardware, provided you have a way to power the LNB. Oleg's setup appears to be gearing up to receive the actual wideband data from Starlink, or some other wideband satellite signals.
In the spectrum waterfall image, the doppler shift of the beacons is clearly visible due to the speed at which the satellites orbit.
More information about his setup is available from his followup Reddit comment and the Twitter links he provides there. You can also visit his Twitter directly at @olegkutkov where he shows more images of his HackRF supercluster and the hardware he' using.
In the past we've posted about how IU2EFA and Jan de Jong were able to track the Starlink satellites via an alternative means involving reception of the European GRAVES space radar being reflected off the satellite body.
Back in July we posted about the release of Viol Tailor's "uSDR" software, which is a lightweight general purpose multimode program for Windows which supports the RTL-SDR, Airspy, BladeRF, HackRF and LimeSDR radios. Recently Viol has updated the software to V1.4.0. The new release brings SDRplay support, and various performance and GUI improvements listed below.
The idea behind the attack is that ethernet cables can act as an antenna, leaking signals at frequencies which can easily be sniffed by a SDR. The specific technique in the paper does not decode normal network traffic, instead it requires that malicious code which modulates a custom signal over the ethernet cable be installed on the PC first. The technique used appears to be similar to what the Etherify software by SQ5BPF uses, which modulates data in morse code by turning the network card on and off.
Receiving a signal modulated by the LanTenna malware
Remote SDR V2 is software that allows you to easily remotely access either a PlutoSDR, HackRF or RTL-SDR software defined radio. It was originally designed to be used with the amateur radio QO-100 satellite, but version 2.0 includes multiple demodulation modes, NBFM/SSB transmission capability, CTCSS and DTMF encoders, modulation compression and a programmable frequency shift for relays.
Thank you to Adrian (YO8RZZ) for writing in and sharing with us his article explaining how to use an SDR to set up a digital voice hotspot for digital voice modes supported by MMDVM such as D-Star, DMR, System Fusion, P25 and NXDN. Adrian notes that this is possible with any full duplex SDR such as the LimeSDR or PlutoSDR, or with a combination of simplex devices, such as a HackRF for transmitting combined with an RTL-SDR for receiving.
MMDVM is firmware that normally runs on an ARM microcontroller board such as the Arduino Due, and is designed to be interfaced with hardware radios via the microcontrollers built in ADC and DAC hardware.
In order to use an SDR instead of physical hardware radios, Adrian's article describes how a fork of MMDVM called MMDVM-SDR is used in his system as this allows the code to run on a normal Linux computer with an SDR. GNU Radio running on Adrian's own QRadioLink software is then used to create software ADC/DAC interfaces for the SDR and MMDVM-SDR to interface with, as well as providing a user interface.
QRadioLink used as the UI for MMDVM-SDR and GNU Radio
Over on YouTube the BSides Halifax channel has uploaded a recent talk given by Security Engineer Grant Colgan titled "Hacking RF Breaking what we can't see". In the talk Grant first shows the various bits of wireless devices that he tests, as well as the receiver equipment that he uses which includes a HackRF and RTL-SDR dongles. He goes on to show various live demos.
An often overlooked aspect of security is what happens when information is moving magically from one device to another with no wires. We know this as (usually) Wifi or Bluetooth and any attacks are usually based on these technologies. However when you widen the scope to RF wireless communication, A lot more tools become available. In this talk I will be talking about the attack and doing live demos.
Thank you to Viol Tailor for submitting news about the release of his general purpose multimode software defined radio receiver program for Windows called "uSDR" or "microSDR". Viol writes that uSDR is designed as a lightweight binary with a simple and compact user interface and highly optimized DSP to minimize CPU, hence the "micro" part of the name.
The software is compatible with RTL-SDR, Airspy, BladeRF, HackRF and LimeSDR radios. It has features including demodulation, base band and pass band recording, playback, and spectrum and waterfall visualizations.
uSDR aka microSDR. A lightweight SDR receiver program from Windows.
