Mobile SIGINT Hacking On A Civilian’s Budget

Signals Intelligence (SIGINT) refers to performing electronic reconnaissance by eavesdropping on communications, and used to be the kind of thing that was only within the purview of the military or various three letter government agencies. But today, for better or for worse, the individual hacker is able to pull an incredible amount of information out of thin air with low-cost hardware and open source software. Now, thanks to [Josh Conway], all that capability can be harnessed with a slick all-in-one device: the RadioInstigator.

In his talk at the recent 2019 CircleCityCon, [Josh] (who also goes by the handle [CrankyLinuxUser]) presented the RadioInstigator as an affordable way to get into the world of wireless security research beyond the traditional WiFi and Bluetooth. None of the hardware inside the device is new exactly, it’s all stuff the hacking community has had access to for a while now, but this project brings them all together under one 3D printed “roof” as it were. The end result is a surprisingly practical looking device that can be used on the go to explore huge swaths of the RF spectrum at a cost of only around $150 USD.

So what has [Josh] packed into this wireless toybox? It will probably come as little surprise to find out that the star of the show is a Raspberry Pi 3 B+, combined with a touch screen display and portable keyboard so the user can interface with the various security tools installed.

To help the RadioInstigator surf the airwaves there’s an RTL-SDR and a 2.4 Ghz nRF24LU1+ “Crazyradio”, both broken out to external antenna connectors on the outside of the device. There’s even an external SMA connector hooked up to the Pi’s GPIO pin, which can be used for low-power transmissions from 5 KHz up to 1500 MHz with rpitx. Everything is powered by a beefy 10,000 mAh battery pack which should give you plenty of loiter time to perform your investigations.

[Josh] has also written several Bash scripts which will get a trove of radio hacking tools installed on the Pi automatically, either by pulling them in through the official repositories or downloading the source and compiling them. Getting the software environment into a known-good state can be a huge time sink, so even if you don’t build your own version of the RadioInstigator, his scripts are still worth checking out.

You can do some pretty incredible things with nothing more than a Pi and an RTL-SDR, but we can’t help but notice there’s still plenty of room inside the RadioInstigator for more gear. It could be the perfect home for a Mult-RTL setup, or maybe even a VGA adapter for spoofing cell networks.

Continue reading “Mobile SIGINT Hacking On A Civilian’s Budget”

Pluto (SDR) Goes Ethernet

Pluto may no longer be a planet, but it is still a fun software defined radio (SDR) set up from Analog Devices. The inexpensive radio uses a USB connector and looks somewhat like a network connection to your PC. But what if you want to really use it with a network? [SignalsEverywhere] shows you how to do it using a USB network adapter and a USB connection adapter.

Just plugging a USB dongle into the box isn’t sufficient, an extra power supply is required as well as a minor bit of configuration. The IP address will be static so you might want to use an IP that your DHCP server won’t hand out, or reserve the IP on your local network.

Continue reading “Pluto (SDR) Goes Ethernet”

Full Earth Disc Images From GOES-17 Harvested By SDR

We’ve seen lots of hacks about capturing weather images from the satellites whizzing over our heads, but this nicely written how-to from [Eric Sorensen] takes a different approach. Rather than capturing images from polar satellites that pass overhead a few times a day, this article looks at capturing images from GOES-17, a geostationary satellite that looks down on the Pacific Ocean. The fact that it is a geostationary satellite means that it captures the same view all the time, so you can capture awesome time-lapse videos of the weather.  Continue reading “Full Earth Disc Images From GOES-17 Harvested By SDR”

Camera Sees Electromagnetic Interference Using An SDR And Machine Vision

It’s one thing to know that your device is leaking electromagnetic interference (EMI), but if you really want to solve the problem, it might be helpful to know where the emissions are coming from. This heat-mapping EMI probe will answer that question, with style. It uses a webcam to record an EMI probe and the overlay a heat map of the interference on the image itself.

Regular readers will note that the hardware end of [Charles Grassin]’s EMI mapper bears a strong resemblance to the EMC probe made from semi-rigid coax we featured recently. Built as a cheap DIY substitute for an expensive off-the-shelf probe set for electromagnetic testing, the probe was super simple: just a semi-rigid coax jumper with one SMA plug lopped off and the raw end looped back and soldered. Connected to an SDR dongle, the probe proved useful for tracking down noisy circuits.

[Charles]’ project takes that a step further by adding a camera that looks down upon the device under test. OpenCV is used to track the probe, which is moved over the DUT manually with the help of an augmented reality display that helps track coverage, with a Python script recording its position and the RF power measurements. The video below shows the capture process and what the data looks like when reassembled as an overlay on top of the device.

Even if EMC testing isn’t your thing, this one seems like a lot of fun for the curious. [Charles] has kindly made the sources available on GitHub, so this is a great project to just knock out quickly and start mapping.

Continue reading “Camera Sees Electromagnetic Interference Using An SDR And Machine Vision”

A DIY EMC Probe From Semi-Rigid Coax And An SDR

Do you have an EMC probe in your toolkit? Probably not, unless you’re in the business of electromagnetic compatibility testing or getting a product ready for the regulatory compliance process. Usually such probes are used in anechoic chambers and connected to sophisticated gear like spectrum analyzers – expensive stuff. But there are ways to probe the electromagnetic mysteries of your projects on the cheap, as this DIY EMC testing setup proves.

As with many projects, [dimtass]’ build was inspired by a video over on EEVblog, where [Dave] made a simple EMC probe from a length of semi-rigid coax cable. At $10, it’s a cheap solution, but lacking a spectrum analyzer like the one that [Dave] plugged his cheap probe into, [dimtass] went a different way. With the homemade probe plugged into an RTL-SDR dongle and SDR# running on a PC, [dimtass] was able to get a decent approximation of a spectrum analyzer, at least when tested against a 10-MHz oven-controlled crystal oscillator. It’s not the same thing as a dedicated spectrum analyzer – limited bandwidth, higher noise, and not calibrated – but it works well enough, and as [dimtass] points out, infinitely hackable through the SDR# API. The probe even works decently when plugged right into a DSO with the FFT function running.

Again, neither of these setups is a substitute for proper EMC testing, but it’ll probably do for the home gamer. If you want to check out the lengths the pros go through to make sure their products don’t spew signals, check out [Jenny]’s overview of the EMC testing process.


Radio Free Blockchain: Bitcoin From Space

Cryptocurrencies: love them, hate them, or be baffled by them, but don’t think you can escape them. That’s the way it seems these days at least, with news media filled with breathless stories about Bitcoin and the other cryptocurrencies, and everyone from Amazon to content creators on YouTube now accepting the digital currency for payments. And now, almost everyone on the planet is literally bathed in Bitcoin, or at least the distributed ledger that makes it work, thanks to a new network that streams the Bitcoin blockchain over a constellation of geosynchronous satellites.

Continue reading “Radio Free Blockchain: Bitcoin From Space”

Eavesdropping On Cosmonauts With An SDR

Usually when we hear about someone making contact with astronauts in orbit, it’s an intentional contact between a ham on the ground and one of the licensed radio amateurs on the ISS. We don’t often see someone lucky enough to snag a conversation between ground controllers and a spacecraft en route to the ISS like this.

For [Tysonpower], this was all about being in the right place at the right time, as well as having the right equipment and the know-how to use it properly. Soyuz MS-12 launched from Baikonur on March 14 with cosmonaut [Aleksey Ovchinin] and NASA astronauts [Nick Hague] and [Kristina Koch] onboard, destined for the ISS after a six-hour flight. The lucky bit came when [Tysonpower] realized that the rendezvous would happen when the ISS was in a good position relative to his home in Cologne, which prompted him to set up his gear for a listening session. His AirSpy Mini SDR was connected to a home-brew quadrifilar helical (QFH) “eggbeater” antenna on his roof. What’s nice about this antenna is that it’s fixed rather than tracking, making it easy to get on the air with quickly. After digging around the aviation bands at about 121 MHz for a bit, [Tysonpower] managed to capture a few seconds of a conversation between [Ovchinin] and Moscow Flight Control Center. The commander reported his position and speed relative to the ISS a few minutes before docking. The conversation starts at about 1:12 in the video below.

We think it’s just cool that you can listen in on the conversations going on upstairs with a total of less than $50 worth of gear. Actually talking to the hams aboard the ISS is another matter, but not a lot more involved really.

Continue reading “Eavesdropping On Cosmonauts With An SDR”