Tagged: hackrf

DragonOS: Setting up AISMon with WINE and Virtual Audio Sink for HackRF and RTL-SDR

Over on his YouTube channel Aaron, creator of the DragonOS image (a Linux image with many built-in SDR compatible programs) has uploaded a new video showing how it is possible to run the Windows only AISMon software on Linux, using WINE. WINE is a Windows emulator for Linux which allows users to run some Windows software on Linux.

In the video Aaron shows how to set up WINE on the DragonOS Linux image, how to run AISMon with it, and how to set up the Virtual Audio Cable sink which is required to pass the audio from SDR++ to AISMon. He also shows how he tests his setup using the AIS-Simulator software with a HackRF, and an RTL-SDR for receiving.

DragonOS FocalX Setup AISMon with WINE + Virtual Audio Sink (HackRF, RTLSDR, SDR++, AIS-Simulator)

Using a HackRF and JavaScript Browser App to Perform Rolljam Replay Attacks on a Car

Over on her website, Charlie Gerard has uploaded a page showing how she was able to perform a replay attack on a car's wireless entry system using a HackRF and a JavaScript browser app she wrote.

Previously, Charlie had already written a JavaScript browser app for ADS-B tracking with an RTL-SDR. To achieve this she used the WebUSB API, which allows USB devices to connect to JavaScript apps in a web browser.

Having recently purchased a HackRF she wanted to see if something similar was possible with the HackRF. In her post, Charlie shows and explains the JavaScript code required to connect to the HackRF from a Chrome browser, and how settings like gain, frequency and sample rate can be adjusted. She then shows how to use the Canvas API to visualize the received data. Finally, she shows how to use the File System Web API to record data, and ultimately retransmit the recorded data with the HackRF.

The replay attack itself is based on the rolljam idea. She uses two HackRF's, with one sitting closer to the car's receiver and jamming it, and another recording the car's keyfob. This prevents the car from incrementing the keyfob's rolling code, allowing it to be recorded and used again at a later time.

Charlie has also posted a video of her tests, which we embedded below.

Hacking my friend's car using JavaScript

A Review of the New HackRF PortaPack H4M

The PortaPack H4M by OpenSourceSDRLab is a new design of the HackRF PortaPack which comes with various improvements. The PortaPack H4M adds I2C capable GPIO ports, a USB-C connector, a built-in speaker and microphone, a better screen, a proper on/off button that won't easily activate in a bag, flat design for easier storage, and improved charging speed.

The PortaPack H4M is currently available as a bundle for US$152 from Chinese manufacturer OpenSourceSDRLab. The bundle includes the PortaPack H4M PCB, and a HackRF R10c clone.  This is exceptionally good value, considering that an original HackRF (just the HackRF without PortaPack) sells for US$319. However, just be aware that by purchasing clones you are not supporting GreatScottGadgets, the original developers of the HackRF.

If you were unaware, the HackRF PortaPack is an accessory for the HackRF SDR that enables portable use, with a display, controls, and onboard processing for direct signal demodulation, modulation, decoding, and encoding, all without needing a computer.

Over on YouTube RocketGod has uploaded a video showing some of the PortPack H4M's new features, how to install the Mayhem Firmware, and then showing it in action with it receiving a few signals.

HackRF Portapack H4M - Getting Started Guide

We've also seen another video by sn0ren that also introduces and shows the PortaPack H4M in action.

The new HackRF Portapack H4M

hackrf_sweeper: A Reimplementation of hackrf_sweep as a Library

Information security company Subreption recently wrote in and wanted to share their recently released 'hackrf_sweeper' library. This library is based on the official hackrf_sweep code, which enabled HackRF SDR devices to sweep across a wide frequency range and rapidly build up a wideband spectral plot. They write:

This is a refactoring or reimplementation of hackrf_sweep as a library, providing a carefully chosen API to leverage the HackRF sweeping capabilities in a reusable, low-frustration fashion. The library provides support for user-supplied callbacks to process raw transfer buffers or the already calculated FFT bins, including a bypass mode to allow for entirely off-loading the data processing to the caller. It also implements a rudimentary opaque mutex (locking) state for multi-thread applications.

A demo application is a re-implementation of the original hackrf_sweep tool as a CURVE-encrypted publisher sending msgpack frames to any receivers subscribed to it. A companion demo application is included in the form of a Python program that processes these frames and generates a real-time plot of the RF spectrum, the last peak detections and the absolute peaks -maximum observed-.

Past projects attempting to provide similar capabilities include hackrf-spectrum-analyzer (https://github.com/pavsa/hackrf-spectrum-analyzer). hackrf_sweeper provides continuous sweeping support instead of one-shot sweeps, besides the aforementioned improvements.

The team also notes that they are soon planning on releasing a GNU Radio block that leverages the library.

Example output from hackrf_sweeper
Example output from hackrf_sweeper

HackRF and Portapack Featured in Recent Linus Tech Tips Video

Over on YouTube the Linus Tech Tips channel has recently released a video about the HackRF titled "It’s TOO Easy to Accidentally Do Illegal Stuff with This". Linus Tech Tips is an extremely popular computer technology YouTube channel. The HackRF is a popular transmit capable software defined radio that was released about 10 years ago. The portapack is an add-on for the HackRF that allows the HackRF to be used as a handheld device, and when combined with the Mayhem firmware, it enables easy access to some controversial tools that could get a user into a lot of legal trouble very fast.

In the video Linus, whose team is based in Canada, mentions that they decided to purchase the HackRF and similar devices because of the Canadian government's plan to ban various RF tools, including the Flipper Zero and HackRF.

Linus then discusses and demonstrates "van eck phreaking" with TempestSDR, showing how he can use the HackRF to recover the video from a PC monitor wirelessly. He then goes on to demonstrate how the Portapack can be used to jam a wireless GoPro camera transmitting over WiFi. 

Finally, Linus discusses the legality and morality of such devices being available on the market.

It’s TOO Easy to Accidentally Do Illegal Stuff with This

SignalsEverywhere: Using HackTV to Transmit Analog Television with a HackRF

Over on her YouTube channel SignalsEverywhere, Sarah has uploaded a new video showing how to use a program called 'hacktv-gui' to transmit analog TV signals using a HackRF software defined radio. Analog TV standards such as PAL and NTSC have been phased out in most of the world in favor of digital TV standards instead. However, transmitting these yourself can be a fun experiment that may help breathe life into old television sets.

In the video Sarah explains how to use the hacktv-gui and hacktv software, and how to create a video transmission. She mentions how hacktv also supports the use of a FL2K device, which is a cheap VGA adapter that can be used to transmit signals.

HackTV | Analog Television Transmission with a HackRF SDR

Antennas Explained: Finding the Best Antenna for HackRF, RTL-SDR and Other Receivers

Over on YouTube sn0ren has uploaded a well produced video to help beginners to the radio hobby understand antennas. The video explains how antennas work in theory, and how to choose the best antenna for your SDR and application through calculations and use of a Nano VNA.

There is an essential gadget that you will want to get, to get the best antenna performance. But first we need to cover a bit of antenna theory, before we can answer the question of what antenna that is the best one for your HackRF Portapack, or Flipper Zero SubGHZ module, or Meshtastic, Quansheng UV-K5, RTLSDR or other radio devices. This video is covering the bare minimum basics of antenna theory for beginners into the radio hobby.

The best antenna for HackRF Portapack (and Flipper Zero, Meshtastic, Quansheng, RTLSDR, etc.)

Flipper Zero Starts a Petition To Fight Canada Ban

Back in early February we reported about how the Canadian government is making plans to completely ban the Flipper Zero, and popular pentesting tool. The wording from Dominic LeBlanc, Canada's Minister of Public Safety, also implies that software defined radio devices could also be banned.

The reason for the ban is because the Canadian government claims that Flipper Zero and 'consumer hacking devices' are commonly being used as tools for high tech vehicle theft. However, as mentioned in the previous post, this has been debunked.

The team behind Flipper Zero have recently started a petition on change.org to stop the ban. At the time of this post the petition has already reached over 8,000 signature. The team have also penned a comprehensive "Response to the Canadian government" blog post, explaining why the ban makes no sense. In the post they debunk the myth of Flipper Zero being used for car theft, and show the real way high tech car theft is being done.