RTL-SDR

130 Articles

The Evil Crow Is Ready To Cause Some RF Mayhem

April 27, 2021 by 34 Comments

There’s no doubt that the RTL-SDR project has made radio hacking more accessible than ever, but there’s only so far you can go with a repurposed TV tuner. Obviously the biggest shortcoming is the fact that you can only listen to signals, and not transmit them. If you’re ready to reach out and touch someone, but don’t necessarily want to spend the money on something like the HackRF, the Evil Crow RF might be your ideal next step.

This Creative Commons licensed board combines two CC1101 radio transceivers and an ESP32 in one handy package. The radios give you access to frequencies between 300 and 928 MHz (with some gaps), and the fact that there are two of them means you can listen on one frequency while transmitting on another; opening up interesting possibilities for relaying signals. With the standard firmware you connect to a web interface running on the ESP32 to configure basic reception and transmission options, but there’s also a more advanced RFQuack firmware that allows you to control the hardware via Python running on the host computer.

Using the Evil Crow RF without a computer.

One particularly nice feature is the series of buttons located down the side of the Evil Crow RF. Since the device is compatible with the Arduino IDE, you can easily modify the firmware to assign various functions or actions to the buttons.

In a demonstration by lead developer [Joel Serna], the physical buttons are used to trigger a replay attack while the device is plugged into a standard USB power bank. There’s a lot of potential there for covert operation, which makes sense, as the device was designed with pentesters in mind.

As an open source project you’re free to spin up your own build of the Evil Crow RF, but those looking for a more turn-key experience can order an assembled board from AliExpress for $27 USD. This approach to hardware manufacturing seems to be getting popular among the open source crowd, with the Open-SmartWatch offering a similar option.

[Thanks to DJ Biohazard for the tip.]

Tightly Packed Raspberry Pi Tricorder Impresses

April 15, 2021 by 22 Comments

We’ll say upfront that we don’t have nearly as much information about this 3D printed Star Trek: The Next Generation tricorder as we’d like. But from the image galleries [Himmelen] has posted we know it’s running on the Raspberry Pi Zero W, has a color LCD in addition to a monochrome OLED, and that it’s absolutely packed with gear.

So far, [Himmelen] has fit an NESDR RTL-SDR dongle, a GPS receiver, an accelerometer, and the battery charging circuitry in the top half of the case. Calling it a tight fit would be something of an understatement, especially when you take into account all the wires snaking around in there. But as mentioned in the Reddit thread about the device, a custom PCB backplane of sorts is in the works so all these modules will have something a little neater to plug into.

There are a lot of fantastic little details in this build that have us very excited to see it cross the finish line. The female USB port that’s been embedded into the top of the device is a nice touch, as it will make it easy to add storage or additional hardware in the field. We also love the keyboard, made up of 30 individual tact switches with 3D printed caps. It’s hard to imagine what actually typing on such an input device would be like, but even if each button just fired off its own program or function, we’d be happy.

Judging by the fact that the LCD shows the Pi sitting at a login prompt in all the images, we’re going to go out on a limb and assume [Himmelen] hasn’t gotten to writing much software for this little gadget yet. Once the hardware is done and it’s time to start pushing pixels though, something like Pygame could be used to make short work of a LCARS-style user interface that would fit the visual style of The Next Generation. In fact, off the top of our heads we can think of a few turn-key projects out there designed for creating Trek UIs, though the relatively limited computational power of the Pi Zero might be a problem.

We’ve seen several projects that tried to turn the iconic tricorder into a functional device. Some have focused on the arguably more recognizable Next Generation style such as this one, and others have targeted the more forgiving brick-shaped unit from Kirk and Spock’s era. The Wand Company is even working on a officially licensed tricorder that will supposedly be as close to we can get to the real thing with modern tech and a $250 USD price tag, though we’d wager COVID has slowed progress down on that one. In any event, whether you build it or buy it, the tricorder seems destined to become reality before too long.

Fan-tastic Misuse Of Raspberry Pi GPIO

April 6, 2021 by 36 Comments

[River] is a big fan of home automation. After moving into a new house, he wanted to assimilate two wirelessly controlled fan lights into his home automation system. The problem was this: although the fans were wireless, their frequency and protocol were incompatible with the home automation system.

Step one was to determine the frequency the fan’s remote used. Although public FCC records will reveal the frequency of operation, [River] thought it would be faster to use an inexpensive USB RTL-SDR with the Spektrum program to sweep the range of likely frequencies, and quickly found the fans speak 304.2 MHz.

Next was to reverse-engineer the protocol. Universal Radio Hacker is a tool designed to make deciphering unknown wireless protocols relatively painless using an RTL-SDR. [River] digitized a button press with it and immediately recognized it as simple on-off keying (OOK). With that knowledge, he digitized the radio commands from all seven buttons and was quickly able to reverse-engineer the entire protocol.

[River] wanted to use a Raspberry Pi to bring the fans into his home automation system, but the Raspberry Pi doesn’t have a 304.2 MHz radio. What it does have is user-programmable GPIO and the rpitx package, which converts a GPIO pin into a basic radio transmitter. Of course, the Pi’s GPIO pin’s aren’t long enough to efficiently transmit at 304.2 MHz, so [River] added a proper antenna, as well as a low-pass filter to clean up the transmitted signal. The rpitx package supports OOK out of the box, so [River] was quickly able get the Pi controlling his fan in no time!

If you’d like to do some more low-cost home automation, check out this approach to using a Raspberry Pi to control some bargain-bin smart plugs.

Monitor SpaceX Rocket Launches With Software-Defined Radio

March 11, 2021 by 15 Comments

The amateur radio community has exploded with activity lately especially in the software-defined radio (SDR) area since it was found that a small inexpensive TV tuner could be wrangled to do what only expensive equipment was able to do before. One common build with these cards is monitoring air traffic, which send data about their flights out in packets over the radio and can easily be received and decoded now. It turns out another type of vehicle, SpaceX’s Falcon 9 spacecraft, reports data via radio as well and with some slightly upgraded hardware it’s possible to “listen in” to these flights in a similar way.

Reddit users [derekcz] and [Xerbot] used a HackRF module to listen in to the Falcon 9’s data transmissions during its latest launch. While the HackRF is a much more expensive piece of equipment compared to the RTL-SDR dongles used to listen in on aircraft, it is much more capable as well, with a range from 1 MHz to 6 GHz. Using this SDR peripheral as well as a 1.2 m repurposed satellite dish, the duo were able to intercept the radio transmissions from the in-flight rocket. From there, they were recorded with GNU Radio, converted into binary data, and then translated into text.

It seems as though the data feed included a number of different elements including time, location information, and other real-time data about the rocket’s flight. It’s a great build that demonstrates the wide appeal of software-defined radio, and if you want to get started it’s pretty easy to grab a much cheaper dongle and use it for all kinds of applications like this. Go check out [Tom Nardi]’s piece on the last seven years of RTL-SDR to get caught up to speed.

Thanks to [Adrian] for the tip!

Decoding NOAA Satellite Images In Python

January 27, 2021 by 10 Comments

You’d be forgiven for thinking that receiving data transmissions from orbiting satellites requires a complex array of hardware and software, because for a long time it did. These days we have the benefit of cheap software defined radios (SDRs) that let our computers easily tune into arbitrary frequencies. But what about the software side of things? As [Dmitrii Eliuseev] shows, decoding the data satellites are beaming down to Earth is probably a lot easier than you might think.

Well, at least in this case. The data [Dmitrii] is after happens to be broadcast from a relatively old fleet of satellites operated by the National Oceanic and Atmospheric Administration (NOAA). These birds (NOAA-15, NOAA-18 and NOAA-19) are somewhat unique in that they fly fairly low and utilize a simple analog signal transmitted at 137 MHz. This makes them especially good targets for hobbyists who are just dipping their toes into the world of satellite reception.

Continue reading “Decoding NOAA Satellite Images In Python”

Remoticon Video: Basics Of RF Emissions Debugging Workshop

January 8, 2021 by 5 Comments

These days we’re surrounded by high-speed electronics and it’s no small feat that they can all play nicely in near proximity to each other. We have RF emissions standards to thank, which ensure new products don’t spew forth errant signals that would interfere with the data signals traveling through the ether. It’s long been the stuff of uber-expensive emissions testing labs, and failure to pass can leave you scratching your head. But as Alex Whittimore shows in this workshop from the 2020 Hackaday Remoticon, you can do a lot of RF emissions debugging with simple and inexpensive tools.

Professionally-made probes in several sizes

Build your own probes from magnet wire

You can get a surprisingly clear picture of what kind of RF might be coming off of a product by probing it on your own workbench. Considering the cost of the labs performing FCC and other certifications, this is a necessary skill for anyone who is designing a product headed to market — and still damn interesting for everyone else. Here you can see two examples of the probes used in the process. Although one is a pack of professional tools and other is a bit of enameled wire (magnet wire), both are essentially the same: a loop of wire on which a magnetic field will induce a very small current. Add a Low-Noise Amplifier (LNA) and you’ll be up and measuring in no-time.

I really enjoyed how Alex started his demo with “The Right WayTM” of doing things — using a proper spectrum analyzer to visualize data from the probes. But the real interesting part is “The Hacker WayTM” which leverages an RTL-SDR dongle and some open-source software to get the same job done. Primarily that means using SDRAngel and QSpectrumAnalyzer which are both included in the DragonOS_LTS which can be run inside of a virtual machine.
Continue reading “Remoticon Video: Basics Of RF Emissions Debugging Workshop”

Real Spectrum Analysis Goes Virtual

November 24, 2020 by 4 Comments

One of the hard things about electronics is that you can’t really see the working parts without some sort of tool. If you work on car engines, fashion swords, or sculpt clay, you can see with your unaided eye what’s going on. Electronic components are just abstract pieces and the real action requires a meter or oscilloscope to understand. Maybe that’s what [José] was thinking of when he built a-radio. This “humble experiment” pipes a scan from a software-defined radio into VR goggles, which can be as simple as a smartphone and some cardboard glasses.

The resulting image shows you what the radio spectrum looks like. Granted, so will a spectrum analyzer, but perhaps the immersion will provide a different kind of insight into radio frequency analysis.

Continue reading “Real Spectrum Analysis Goes Virtual”