Listening in to a DECT Digital Cordless Phone with a HackRF

Over on YouTube SignalsEverywhere (aka Corrosive) has uploaded a new video where he shows a demonstration of him listening in to a DECT digital cordless phone with his HackRF. 

DECT is an acronym for 'Digital Enhanced Cordless Telecommunications', and is the wireless standard used by modern digital cordless phones as well as some digital baby monitors. In most countries DECT communications take place at 1880 - 1900 MHz, and in the USA at 1920 - 1930 MHz. Some modern cordless phones now use encryption on their DECT signal, but many older models do not, and most baby monitors do not either. However, DECT encryption is known to be weak, and can be broken with some effort.

In his video Corrosive uses gr-dect2, a GNU Radio based program that can decode unencrypted DECT signals. In the video he shows it decoding a DECT call from his cordless phone in real time.

Demonstration Listening to DECT Phone Call with a HackRF SDR

7 comments

  1. Martin

    Hello,
    I have the same issue as dario,

    self.console_0 = Template error: #set $win = ‘self.%s’%$id
    ^
    SyntaxError: invalid syntax..

    Any hints?

  2. Bendail Vam

    LOL awesome…just an FYI, the Ruski’s use these models of phone connected to SIP boxes ALL throughout their embassies…i don’t know if Putins thugs knocked off a ship with a 100k of them onboard or what…but LOL wouldn’t that be fun listening to sergeant general Klishkevski or ….. call in for a hooker…..

  3. dario

    Hello …I ave this problem to run dect2_Hackrf.grc

    self.console_0 = Template error: #set $win = ‘self.%s’%$id
    ^
    SyntaxError: invalid syntax

  4. 2WR3505

    its not actually realtime, there is a delay as the cpu has to run thru and decode the dect audio transmission and push it thru the soundcard

    you can hear the 0.5-1 second delay

    • Corrosive

      Technically that is correct. However, many DECT implementations I’ve seen generally record the audio and you have to play it back later.

      I suppose near-real-time would’ve been a bit more on the nose but in this case I was just trying to convey the fact that you can listen during the call rather than playing back a recording after the fact.

Post a comment

You may use the following HTML:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This site uses Akismet to reduce spam. Learn how your comment data is processed.