Listening in to a DECT Digital Cordless Phone with a HackRF

Over on YouTube SignalsEverywhere (aka Corrosive) has uploaded a new video where he shows a demonstration of him listening in to a DECT digital cordless phone with his HackRF. 

DECT is an acronym for 'Digital Enhanced Cordless Telecommunications', and is the wireless standard used by modern digital cordless phones as well as some digital baby monitors. In most countries DECT communications take place at 1880 - 1900 MHz, and in the USA at 1920 - 1930 MHz. Some modern cordless phones now use encryption on their DECT signal, but many older models do not, and most baby monitors do not either. However, DECT encryption is known to be weak, and can be broken with some effort.

In his video Corrosive uses gr-dect2, a GNU Radio based program that can decode unencrypted DECT signals. In the video he shows it decoding a DECT call from his cordless phone in real time.

DECT 6.0 Phone Decoded With HackRF SDR | Demonstration

Tweet42
Share160
Reddit
Vote
Email
202 Shares

Related posts:

  1. Exposing Cordless Phone Security with a HackRF
  2. re-DECTed: An RTL-SDR DECT Decoder
  3. Retrieving Dialed Phone Numbers from Intercepted Phone Calls
  4. Video Tutorials: Setting up an RTL-SDR and HackRF with SDR-Console V3, Using the HackRF to find your Cellphone Signal and more
  5. Running a 1G Mobile Phone Network with a HackRF
Subscribe
Notify of
guest

10 Comments
Inline Feedbacks
View all comments
Martin
#122969

Hello,
I have the same issue as dario,

self.console_0 = Template error: #set $win = ‘self.%s’%$id
^
SyntaxError: invalid syntax..

Any hints?

0
Reply
nancyboy
#121830

yeah do not rely on dect encryption people

0
Reply
OKCarl
#121821

Any way to get this program working as a plugin on SDR#?

0
Reply
Bendail Vam
#121761

LOL awesome…just an FYI, the Ruski’s use these models of phone connected to SIP boxes ALL throughout their embassies…i don’t know if Putins thugs knocked off a ship with a 100k of them onboard or what…but LOL wouldn’t that be fun listening to sergeant general Klishkevski or ….. call in for a hooker…..

0
Reply
dario
#121747

Hello …I ave this problem to run dect2_Hackrf.grc

self.console_0 = Template error: #set $win = ‘self.%s’%$id
^
SyntaxError: invalid syntax

0
Reply
Zy0d0x
#126111

I found upgrading gnuradio resolved that issue. https://dmyt.ru/forum/viewtopic.php?f=64&t=1444

0
Reply
Anonymous
#138938

I experienced this problem as well. If you are using Ubuntu 18.04, it has issues with Python 2.7 .grc files, and if you installed GNURadio using apt on 18.04 you’ll get this issue. I had to use gnuradio (installed via apt) on Ubuntu 16.04 to not get this error.

0
Reply
2WR3505
#121701

its not actually realtime, there is a delay as the cpu has to run thru and decode the dect audio transmission and push it thru the soundcard

you can hear the 0.5-1 second delay

0
Reply
Corrosive
#121721

Technically that is correct. However, many DECT implementations I’ve seen generally record the audio and you have to play it back later.

I suppose near-real-time would’ve been a bit more on the nose but in this case I was just trying to convey the fact that you can listen during the call rather than playing back a recording after the fact.

0
Reply
LMB
#227099

This is not what “realtime” means.

0
Reply