Tagged: hackrf

A SDR Digital Voice Hotspot with GNU Radio, MMDVM and QRadioLink

Thank you to Adrian (YO8RZZ) for writing in and sharing with us his article explaining how to use an SDR to set up a digital voice hotspot for digital voice modes supported by MMDVM such as D-Star, DMR, System Fusion, P25 and NXDN. Adrian notes that this is possible with any full duplex SDR such as the LimeSDR or PlutoSDR, or with a combination of simplex devices, such as a HackRF for transmitting combined with an RTL-SDR for receiving.

MMDVM is firmware that normally runs on an ARM microcontroller board such as the Arduino Due, and is designed to be interfaced with hardware radios via the microcontrollers built in ADC and DAC hardware.

In order to use an SDR instead of physical hardware radios, Adrian's article describes how a fork of MMDVM called MMDVM-SDR is used in his system as this allows the code to run on a normal Linux computer with an SDR. GNU Radio running on Adrian's own QRadioLink software is then used to create software ADC/DAC interfaces for the SDR and MMDVM-SDR to interface with, as well as providing a user interface.

QRadioLink used as the UI for MMDVM-SDR and GNU Radio

BSides Talk: Hacking RF Breaking what we can’t see

Over on YouTube the BSides Halifax channel has uploaded a recent talk given by Security Engineer Grant Colgan titled "Hacking RF Breaking what we can't see". In the talk Grant first shows the various bits of wireless devices that he tests, as well as the receiver equipment that he uses which includes a HackRF and RTL-SDR dongles. He goes on to show various live demos.

An often overlooked aspect of security is what happens when information is moving magically from one device to another with no wires. We know this as (usually) Wifi or Bluetooth and any attacks are usually based on these technologies. However when you widen the scope to RF wireless communication, A lot more tools become available. In this talk I will be talking about the attack and doing live demos.

Dump1090 with HackRF Windows Support

Thank you to Egor for writing in a sharing his work on modifying dump1090 in order to support the HackRF on Windows. dump1090 is software that is often used with RTL-SDR dongles for decoding ADS-B data for aircraft tracking. He writes:

Some time ago I was looking for dump1090 version with HackRF support that could work on Windows. But I have not found such version.
 
So I forked Malcolm Robb's version of dump1090 that could be built on Windows around 7 years ago. :) I've updated it and have added HackRF support from Ilker Temir's fork.
Now my version is available here https://github.com/esuldin/dump1090. The main difference from the others that it supports HackRF One device on Windows.

Tech Minds: Remote SDR V2 with Orange Pi and Transmit Capable

In his latest YouTube video Tech Minds explains and demonstrates Remote SDR V2, which is software that allows you to easily remotely access either a PlutoSDR, HackRF or RTL-SDR software defined radio. It is designed to be used with the amateur radio QO-100 satellite, but version 2.0 now include multiple demodulation modes, NBFM/SSB transmission capability, CTCSS and DTMF encoders, modulation compression and a programmable frequency shift for relays.

In his video Tech Minds shows how to install Remote SDR V2 onto an Orange Pi via the SD card image, how to access the web interface, and how to access and use the connected SDR.

Remote SDR V2 with Orange Pi and Transmit Capable

We note that the code is designed to be run on Orange Pi boards, which are low cost single board computers similar to Raspberry Pi's. However over on Twitter @devnulling has indicated that his own fork of the code should run on x86 systems. Aaron @cemaxecuter is also working on including it into a DragonOS release.

The image below demonstrates a typical Remote SDR V2 transceiver setup with two HackRFs.

A full QO-100 Transceiver Setup with Remote SDR V2 and two HackRF's.

Transmitting ggwave Sound Encoded Messages with a HackRF SDR

Thanks to Rado for submitting his news about the release of his project called "ggwave-fm" which allows transmitting of ggwave encoded messages with an SDR. The idea behind the original ggwave is to allow data transfer between devices using audio tones. This is useful for things like serverless one to many data broadcasts, device pairing, IoT devices and audio QR codes. Many products such as wireless security cameras already uses a similar audio data transfer system for automatically sending WiFi login data from a smartphone to the camera. Rado writes:

Ggwave is an open-source library that allows you to communicate small amounts of data between air-gapped devices using sound. You can find some technical details and a lot of examples on the project page: https://github.com/ggerganov/ggwave.

I thought it'd be cool to somehow extend the range of transmission for ggwave and this is how ggwave-fm was born. It modulates ggwave encoded messages with NBFM, interpolates the signal and produces a complex sampled IQ file which is ready for transmission with an SDR. 

In the video shown below Rado demonstrates ggwave-fm working with a HackRF and uses a Baofeng FM radio as the receiver, with the "Waver" mobile app for decoding. He notes that the demo script (demo.sh) used in the video is availalbe in the Git repository.

Transmit ggwave messages with HackRF

Decoding NRSC5 HD Radio with GNU Radio and a HackRF

Thank you to "LikWidChz" for submitting his tutorial on receiving and decoding multiple NRSC5 (HD Radio) channels with the help of GNU Radio, a HackRF and the NRSC5 decoder. He writes:

I wanted a way to utilize GnuRadio for working with HD radio. There are no decoder blocks from within GnuRadio to perform this decoding without an external application. This write up is how I was able to split up some signal and supply NRSC5 what it requires to perform the decode.

My goal was to capture some slice of spectrum and "channelize it" so I can perform multiple HD radio decodes at once.

In this linked zip file we have uploaded his GRC file, and his tutorial PDF, which fully explains each GNU Radio block used, and how to use the NRCS5 decoder along with the flowgraph. He also notes that if anyone wants to get in touch with him he is idling on IRC in #gnuradio and ##rtlsdr on freenode under the nickname "LikWidChz".

Channelizing NRSC5 in GNU Radio

Vector Measurements with an RTL-SDR and HackRF Based System

Over the course of 2020 Tomaž Šolc from Avian's Blog has been slowly working on an RTL-SDR based vector network analyzer system. The system currently consists of an ERASync Micro signal generator, a custom time multiplexing board, an RF bridge, an RTL-SDR with E4000 tuner and some custom software.

A vector network analyzer allows the measurement of antenna or coax parameters such as SWR, impedance, phase and loss. It can also be used to characterize and tune filters. In his last post Tomaž copmares his RTL-SDR based system with a NanoVNA-H and shows similar results, confirming that the system is working.

Recently he's also swapped out the RTL-SDR for a HackRF which allows him to make measurements up to 6 GHz. Although he notes that the dynamic range quickly degrades after 3.5 GHz presumably due to connector and phase noise issues.

The entire post chain is a good read to see how he ended up designing the system, and we link to each post below for easier reading:

Homemade Vector Network Analyzer with ERASynth Micro, HackRF, RF Bridge, Custom Time Multiplexor

Receiving Video Directly from a SpaceX Falcon 9 Rocket + Scott Manley Video

Last week we posted about how several users on Reddit & Twitter worked together to receive and decode text telemetry from the SpaceX Falcon 9 rocket launch using a HackRF, 1.2m dish with custom 2232.2 MHz feed and GNU Radio. In that thread it was hinted that the text telemetry was only a small portion of data contained in the entire signal. It turns out that the remaining data is the SpaceX engineering video feed which is often shown in the official live coverage streams.

Over on Reddit user /u/TRGFelix writes how he was able to receive and decode the video with his own low cost setup involving an Airspy Mini SDR, TV MMDS downconverter and the ubiquitous low cost WiFi grid dish that we've often used for GOES satellite reception and for Hydrogen Line radio astronomy. The software used was the SatDump decoder created by /u/Aang253 which builds on the research done by @r2x0t:

So today at 10:21UTC i got my own recording of Falcon9 video feed downlink on S band 2272.5MHz and with u/Aang253's software SatDump i could easily decode it from the recording straight down to mxf, avi or mp4 video file! Even with very simple recieving setup!

Setup used for receiving was simple wifi grid mesh dish antenna (100x60cm) on a tripod with old MMDS TV downconvertor and Airspy MINI. here is a photo of the setup few minutes before launch But of course its doable without convertor with SDR such as HackRF , two SPF5189Z LNAs and same antenna or even TV dish with DIY S band feed!

Software used for recording was great performing opensource SDR++ by u/xX_WhatsTheGeek_Xx link here https://github.com/AlexandreRouma/SDRPlusPlusS oftware used for decoding was u/Aang253's Satdump software which i will link later as it still needs readme written and confirm it runs without bugs! UPDATE - LINK: https://github.com/altillimity/SatDump

Original MXF video together with CADU file and I/Q file recording 6MSPS int16 here. https://files.altillimity.com/Falcon%209%20OK9UWU/

TRGFelix is also on Twitter as @OK9UWU and he has posted images of his setup, and part of the video he decoded. TRGFelix notes that he is working on a tutorial which we are very eager to see!

It's extremely interesting that we can see views of the liquid oxygen floating around inside the stage two tank which is not shown during the official live streams.

As a bonus, this story was also covered by the very popular space YouTuber Scott Manley who has put out a great video popularizing the discovery and touching on a few interesting points such as how SpaceX may be legally required to encrypt these videos in the future (but hopefully not!).

How Amateur Radio Fans Decoded SpaceX's Telemetry & Engineering Video