Tagged: rpitx

SDRA2021 Talks: Electrosense, Neural Network Signal Classification, gr-rpitx, Radio Astronomy and More

The 2021 Software Defined Radio Academy conference was held online this year on June 26/27 and the talks have been recently uploaded to YouTube. There are some interesting talks this year including a presentation on various SDR related topics including Electrosense, gr-rpitx, 21cm radio astronomy with low cost SDR hardware, and using deep learning neural networks for automatic signal identification. Our favorite talks and blurbs are collected below for easy access, and the full set of talks can be found on their YouTube channel.

Dr. Henning Paul: Building a flexible Multi-Antenna-capable SDR using open Source

The availability of Open Source software components enables the ambitious hardware hacker to design their own powerful SDR. This talk is the follow-up to the talk on Scientific SDR and recapitulates the steps towards the current design of a Homebrew SDR based on a Xilinx Zynq SoC using the Linux kernel and other Open Source components. Furthermore, one of its applications, receiving shortwave radio with antenna diversity is presented.

SDRA2021 - 04 - Dr. Henning Paul: Building a flexible Multi-Antenna-capable SDR using open Source

Jean-Michel Friedt: GNURadio compatible gen. purpose SDR emitter using RasPi4 PLL

GNU Radio, the Raspberry Pi single board computer and Digital Video Broadcast Terrestrial receivers make an awesome combination for educational purposes of Software Defined Radio. gr-rpitx aims at complementing these tools with emitting capabilities, combined with the flexibility of GNU Radio.

SDRA2021 - 08 - Jean-Michel Friedt: GNURadio compatible gen. purpose SDR emitter using RasPi4 PLL

Sreeraj Radjendran: Knowledge extraction from wireless spectrum data

In this half-hour talk, the need for large scale wireless spectrum monitoring will be discussed. A short introduction to a large scale wireless spectrum monitoring framework, Electrosense, will be given. Furthermore, how anomaly detection and signal classification can be performed using the collected data will also be discussed. Insights to the major problems with state-of-the-art machine learning models will also be discussed in this context.

SDRA2021 -11- Sreeraj Radjendran: Knowledge extraction from wireless spectrum data

Stefan Scholl, DC9ST: Classification of shortwave radio signals with deep learning

Automatic mode classification of radio signals in the HF band is a valueable tool for band monitoring, operation of rare transmission modes and future applications of cognitive radio. In recent years, machine learning has established as a general and very powerful approach to classification problems. The presentation first provides an introduction to neural networks and deep learning. Then neural nets are applied to the task of radio signal classification. The result is an experimental deep convolutional neural net (CNN), that can distinguish between 18 different transmission modes occurring in the HF band, such as AM, SSB, Morse, RTTY, Olivia, etc.

Additional Links: Stefan Scholl's post on this topic 

SDRA2021 -12- Stefan Scholl, DC9ST: Classification of shortwave radio signals with deep learning

Marcus Leech: Mapping the sky at 21cm: Gnuradio and Radio Astronomy

We show the results of a year-long sky survey at the 21cm hydrogen line, producing an intensity map of the sky covering a declination range from -35 to +75DEG. We discuss the software tools used, Gnu Radio signal flows, and the hardware aspects of the instrument.

SDRA2021 -14- Marcus Leech: Mapping the sky at 21cm: Gnuradio and Radio Astronomy

European GNU Radio Days: Presentation on gr-rpitx

J.-M Friedt has created a block for GNU Radio called gr-rpitx which allows a Raspberry Pi to be used directly as an output RF sink in GNU Radio. If you were unaware, RPiTX is software that allows you to turn your Raspberry Pi into a transmit capable SDR without any additional hardware apart from a wire antenna connected to a GPIO pin. It works by modulating a GPIO pin in a way to generate any arbitrary signal modulation. gr-rpitx allows this software to be used directly within GNU Radio.

In his presentation uploaded early for the upcoming online European GNU Radio Days conference, J.-M Friedt explains how gr-rpitx works, and shows how you can easily connect any flowgraph to the gr-rpitx output sink. His examples demonstrate retransmitting broadcast FM using an RTL-SDR, broadcasting digital signals like DRM, and how gr-rpitx and RTL-SDR could be used as part of a basic scalar network analyzer.

gr-rpitx uses the GPIO4 output of the Raspberry Pi to generate a radiofrequency stream fed by a GNU Radio signal processing flowchart with sample rates up to 400 kS/s.

European GNU Radio Days/SDRA presentation about gr-rpitx (J.-M Friedt)

An Expansion Board with SMA Output for the Raspberry Pi and RPiTX

Thank you to Ihar Yatsevich for writing in and sharing his open source project called "rpitx-coax-pcb" which is an expansion board for the Raspberry Pi that converts the GPIO pin used by RPiTX into a coaxial SMA connector for easily connecting the output to an antenna. He notes that there are two revisions. One includes a filter in the in the GP1212 / GP731 case and the other does not. Filters in this type of enclosure can be found from Minicircuits. Finally he notes that he has not yet fully tested the design, but believes that there will be no problems.

The GitHub contains the EasyEDA design files, schematics and gerbers which you can use to print and build the PCB yourself.

If you are unfamiliar with it, RPiTX is a program for Raspberry Pi single board computers that allows you to transmit almost any type of signal on frequencies between 5 kHz up to 1500 MHz with nothing more than a wire connected to a GPIO pin. However, it is highly recommended that appropriate filtering be used if you are transmitting with an amplifier or longer range antenna as the RPiTX contains harmonics that can cause interference with other devices.

RPiTX Coaxial PCB Expansion Board for the Raspberry Pi

Controlling a Wireless Ceiling Fan with an RTL-SDR and RPiTX on a Raspberry Pi

Over on YouTube River's Educational Channel has uploaded a new video showing how he uses a Raspberry Pi to control a ceiling fan via it's wireless control signal. Back in January we posted about River's first video where he shows him using and RTL-SDR and Universal Radio Hacker (URH) to reverse engineer the control signal.

In this new video River uses the RPiTX software to generate the control signal without requiring any additional transmit hardware. He first explains how RPiTX can generate an arbitrary signal from a square wave and talks a bit about the harmonics this creates. To reduce harmonics he adds a simple low pass filter to the GPIO output.

Next to control the fan he uses the "sendook" program that is included with RPiTX to transmit the binary control string that he reverse engineered in his original video. Finally he creates a simple web server so that he can control his ceiling fans via his phone and integrate it into his smart home.

Abusing Raspberry Pi GPIO pins as a radio transmitter to control my ceiling fan

RPiTX Beta for Raspberry Pi 4 Released

Evariste (F5OEO) has just announced the release of an update to RPiTX which allows it to now be used on a Raspberry Pi 4. If you are unfamiliar with it, RPiTX is a program for Raspberry Pi single board computers that allows you to transmit almost any type of signal on frequencies between 5 KHz up to 1500 MHz with nothing more than a piece of wire connected to a GPIO pin. Evariste also notes that the new version is compatible with the beta 64-bit version of Raspbian.

Some examples of signals you can transmit with RPiTX include a simple carrier, chirp, a spectrum waterfall image, broadcast FM with RDS, SSB, SSTV, Pocsag, Freedv and Opera. You can also use an RTL-SDR to record a signal, and replay the IQ file with RPiTX. However, please remember that transmitting with RPiTX you must ensure that your transmission is legal, and appropriately filtered.

RPiTX Logo

The RadioInstigator: A $150 Signals Intelligence Platform Consisting of a Raspberry Pi, RPiTX, 2.4 GHz Crazyradio and an RTL-SDR

Circle City Con is a yearly conference that focuses on information security talks. At this years conference Josh Conway presented an interesting talk titled "SigInt for the Masses Building and Using a Signals Intelligence Platform for Less than $150". Josh's talk introduces his "RadioInstigator" hardware which is a combination of a Raspberry Pi, CrazyRadio and an RTL-SDR all packaged into a 3D printed enclosure with LCD screen. The idea behind the RadioInstigator is to create a portable and low cost Signals Intelligence (SIGINT) device that can be used to investigate and manipulate the security of radio signals.

The RadioInstigator makes use of the RPiTX software which allows a Raspberry Pi to transmit an arbitrary radio signal from 5 kHz up to 1500 MHz without the use of any additional transmitting hardware - just connect an antenna directly to a GPIO pin. Connected to the Pi is a CrazyRadio, which is a nRF24LU1+ based radio that can be used to receive and transmit 2.4 GHz. And of course there is an RTL-SDR for receiving every other signal. Josh has made the plans for the RadioInstigator fully open source over on GitLab.

In his talk Josh introduces the RadioInstigator, then goes on to discuss other SDR hardware, antenna concepts and software installed on the RadioInstrigator like RPiTX, GNU Radio, Universal Radio Hacker, Salamandra, TempestSDR and more.

[First seen on Hackaday]

Track 3 07 SigInt for the Masses Building and Using a Signals Intelligence Platform for Less than 15

Creating Smart Home Automation Devices with Wireless Power Plugs, an RTL-SDR and RPiTX

Over on his YouTube channel ModernHam has created a video showing him using an RTL-SDR and Raspberry Pi with RPiTX to record and replay the signal generated by the remote of a wireless power plug. A wireless power plug allows you to turn an AC wall outlet on/of remotely via a remote control. Controlling them with a Raspberry Pi can be a simple way to add home automation. One example ModernHam gives is that he hopes to use RPiTX and the wireless power plugs to create a smart coffee pot that will automatically turn on at 7 am, and turn off at 9 am.

In the past we have created a similar tutorial here, but new updates to RPiTX now make this process much easier and more reliable and ModernHam's video shows the new procedure. The new process is simply to look up the FCC frequency of the remote control transmitter, record an IQ file of the transmissions for the ON and OFF buttons, and then use the RPiTX sendiq command to replay the signal. You can then use simple Linux shell scripts to create automation.

Replay Attack with Remote Plugs for Home Automation with the Raspberry PI

Using an RTL-SDR and RPiTX to Unlock a Car with a Replay Attack

Over on YouTube user ModernHam has uploaded a video showing how to perform a replay attack on a car key fob using a Raspberry Pi running RPiTX and an RTL-SDR. A replay attack consists of recording an RF signal, and then simply replaying it again with a transmit capable radio. RPiTX is a program that can turn a Raspberry Pi into a general purpose RF transmitter without the need for any additional hardware.

The process is to record a raw IQ file with the RTL-SDR, and then use RPiTX V2's "sendiq" command to transmit the exact same signal again whenever you want. With this set up he's able to unlock his 2006 Toyota Camry at will with RPiTX.

We note that this sort of simple replay attack will only work on older model cars that do not use rolling code security. Rolling code security works by ensuring that an unlock transmission can only be utilized once, rendering replays ineffective. However, modern rolling code security systems are still susceptible to 'rolljam' style attacks.

In the video below ModernHam goes through the process from the beginning, showing how to install the RTL-SDR drivers and RPiTX. Near the end of the video he shows the replay attack in action.

Unlock Cars with a Raspberry Pi And SDR - Replay attack