Tagged: hackrf

TechMinds: Testing out the SDRBerry Software on a Pi 4 with Touchscreen

Over on the TechMinds YouTube channel, Matt has posted a video demonstrating the SDRBerry software, which can be used with many SDR devices, including the RTL-SDR, on a Raspberry Pi with a touchscreen.

The SDRberry software is designed to be used on a touchscreen. As Matt points out, it has an aesthetically pleasing user interface and is compatible with almost any SDR software via the Soapy interface. Combining an SDR with a Pi 4 touchscreen and SDRberry results in an excellent hand-held SDR system.

In the video, Matt demonstrates the features of SDRberry, showing its RX features as well as some of its TX features, such as speech transmission and FT8, via a built-in WSjtx tab. He then shows the optional web interface, which is still in the early stages of development. Finally, he shows how to install the software and dependencies onto a fresh Raspbian image. 

SDRBERRY - This User Interface Is Just GORGEOUS! AND IT USES SOAPY TOO!

Saveitforparts: Snooping on the SatGus Selfie Satellite

SatGus is a recently launched cubesat owned by CrunchLabs/Mark Rober, an extremely popular science and engineering YouTuber. The satellite is designed to take selfies of CrunchLabs customers' own photos in space, using a screen and a selfie camera mounted on the satellite. It then broadcasts the selfie image back down to a CrunchLabs ground station, where it is eventually emailed to the customer. Customers then claim that they've had their selfie taken in space.

Over on the saveitforparts YouTube channel, Gabe has been attempting to listen in on the SatGus downlink using a HackRF and a motorized satellite dish setup. SatGus transmits telemetry at 400.2 MHz and the payload dump at 2,262.5 MHz. While he is able to receive the signal, Gabe notes that it is encrypted, so not much can be done with it.

Snooping On SatGus Again

Video on the Basics of SDR for Hackers

On YouTube, An0n Ali posted a video providing a good overview of the basics of using a software-defined radio for hacking. The video introduces RTL-SDR and how it can be used to listen to unencrypted communications, the HackRF and how it can be used for replay and jamming attacks, and the Flipper Zero, noting how it is a more beginner-friendly entry into the world of RF security.

HACK RADIO FREQUENCIES! (SDR Basics)

DragonOS: Setting up AISMon with WINE and Virtual Audio Sink for HackRF and RTL-SDR

Over on his YouTube channel Aaron, creator of the DragonOS image (a Linux image with many built-in SDR compatible programs) has uploaded a new video showing how it is possible to run the Windows only AISMon software on Linux, using WINE. WINE is a Windows emulator for Linux which allows users to run some Windows software on Linux.

In the video Aaron shows how to set up WINE on the DragonOS Linux image, how to run AISMon with it, and how to set up the Virtual Audio Cable sink which is required to pass the audio from SDR++ to AISMon. He also shows how he tests his setup using the AIS-Simulator software with a HackRF, and an RTL-SDR for receiving.

DragonOS FocalX Setup AISMon with WINE + Virtual Audio Sink (HackRF, RTLSDR, SDR++, AIS-Simulator)

Using a HackRF and JavaScript Browser App to Perform Rolljam Replay Attacks on a Car

Over on her website, Charlie Gerard has uploaded a page showing how she was able to perform a replay attack on a car's wireless entry system using a HackRF and a JavaScript browser app she wrote.

Previously, Charlie had already written a JavaScript browser app for ADS-B tracking with an RTL-SDR. To achieve this she used the WebUSB API, which allows USB devices to connect to JavaScript apps in a web browser.

Having recently purchased a HackRF she wanted to see if something similar was possible with the HackRF. In her post, Charlie shows and explains the JavaScript code required to connect to the HackRF from a Chrome browser, and how settings like gain, frequency and sample rate can be adjusted. She then shows how to use the Canvas API to visualize the received data. Finally, she shows how to use the File System Web API to record data, and ultimately retransmit the recorded data with the HackRF.

The replay attack itself is based on the rolljam idea. She uses two HackRF's, with one sitting closer to the car's receiver and jamming it, and another recording the car's keyfob. This prevents the car from incrementing the keyfob's rolling code, allowing it to be recorded and used again at a later time.

Charlie has also posted a video of her tests, which we embedded below.

Hacking my friend's car using JavaScript

A Review of the New HackRF PortaPack H4M

The PortaPack H4M by OpenSourceSDRLab is a new design of the HackRF PortaPack which comes with various improvements. The PortaPack H4M adds I2C capable GPIO ports, a USB-C connector, a built-in speaker and microphone, a better screen, a proper on/off button that won't easily activate in a bag, flat design for easier storage, and improved charging speed.

The PortaPack H4M is currently available as a bundle for US$152 from Chinese manufacturer OpenSourceSDRLab. The bundle includes the PortaPack H4M PCB, and a HackRF R10c clone.  This is exceptionally good value, considering that an original HackRF (just the HackRF without PortaPack) sells for US$319. However, just be aware that by purchasing clones you are not supporting GreatScottGadgets, the original developers of the HackRF.

If you were unaware, the HackRF PortaPack is an accessory for the HackRF SDR that enables portable use, with a display, controls, and onboard processing for direct signal demodulation, modulation, decoding, and encoding, all without needing a computer.

Over on YouTube RocketGod has uploaded a video showing some of the PortPack H4M's new features, how to install the Mayhem Firmware, and then showing it in action with it receiving a few signals.

HackRF Portapack H4M - Getting Started Guide

We've also seen another video by sn0ren that also introduces and shows the PortaPack H4M in action.

The new HackRF Portapack H4M

hackrf_sweeper: A Reimplementation of hackrf_sweep as a Library

Information security company Subreption recently wrote in and wanted to share their recently released 'hackrf_sweeper' library. This library is based on the official hackrf_sweep code, which enabled HackRF SDR devices to sweep across a wide frequency range and rapidly build up a wideband spectral plot. They write:

This is a refactoring or reimplementation of hackrf_sweep as a library, providing a carefully chosen API to leverage the HackRF sweeping capabilities in a reusable, low-frustration fashion. The library provides support for user-supplied callbacks to process raw transfer buffers or the already calculated FFT bins, including a bypass mode to allow for entirely off-loading the data processing to the caller. It also implements a rudimentary opaque mutex (locking) state for multi-thread applications.

A demo application is a re-implementation of the original hackrf_sweep tool as a CURVE-encrypted publisher sending msgpack frames to any receivers subscribed to it. A companion demo application is included in the form of a Python program that processes these frames and generates a real-time plot of the RF spectrum, the last peak detections and the absolute peaks -maximum observed-.

Past projects attempting to provide similar capabilities include hackrf-spectrum-analyzer (https://github.com/pavsa/hackrf-spectrum-analyzer). hackrf_sweeper provides continuous sweeping support instead of one-shot sweeps, besides the aforementioned improvements.

The team also notes that they are soon planning on releasing a GNU Radio block that leverages the library.

Example output from hackrf_sweeper
Example output from hackrf_sweeper

HackRF and Portapack Featured in Recent Linus Tech Tips Video

Over on YouTube the Linus Tech Tips channel has recently released a video about the HackRF titled "It’s TOO Easy to Accidentally Do Illegal Stuff with This". Linus Tech Tips is an extremely popular computer technology YouTube channel. The HackRF is a popular transmit capable software defined radio that was released about 10 years ago. The portapack is an add-on for the HackRF that allows the HackRF to be used as a handheld device, and when combined with the Mayhem firmware, it enables easy access to some controversial tools that could get a user into a lot of legal trouble very fast.

In the video Linus, whose team is based in Canada, mentions that they decided to purchase the HackRF and similar devices because of the Canadian government's plan to ban various RF tools, including the Flipper Zero and HackRF.

Linus then discusses and demonstrates "van eck phreaking" with TempestSDR, showing how he can use the HackRF to recover the video from a PC monitor wirelessly. He then goes on to demonstrate how the Portapack can be used to jam a wireless GoPro camera transmitting over WiFi. 

Finally, Linus discusses the legality and morality of such devices being available on the market.

It’s TOO Easy to Accidentally Do Illegal Stuff with This