YouTube Tutorial: Building a Passive IMSI Catcher with an RTL-SDR
Thank you to M Khanfar for submitting his YouTube tutorial on how to build a passive IMSI catcher with an RTL-SDR. He writes: In this video im processes of easy step by step building a passive IMSI...
View ArticleClik here to view.
Performing a Side Channel TEMPEST Attack on a PC
TEMPEST refers to a technique that is used to eavesdrop on electronic equipment via their unintentional radio emissions (as well as via sounds and vibrations). All electronics emit some sort of...
View ArticleRunning rtl_tcp over the TOR Network
Over on his DragonOS YouTube tutorial channel Aaron has uploaded a video showing how it is possible to run rtl_tcp over the TOR network. TOR is an "anonymity network" which routes your internet traffic...
View ArticleClik here to view.
GNU Radio TEMPEST Implementation Now Available
TEMPEST refers to a technique that is used to eavesdrop on electronic equipment via their unintentional radio emissions (as well as via sounds and vibrations). All electronics emit some sort of...
View ArticleClik here to view.
Derpcon 2020 Talk: Breaking into the World of Software Defined Radio
Derpcon is a COVID-19 inspired information security conference that was held virtually between April 30 - May 1 2020. Recently the talks have been uploaded to their YouTube channel. One interesting SDR...
View ArticleHak5: Turning a Key Croc into an RTL-SDR Server
The Hak5 Key Croc is a pentesting tool designed for emulating USB devices such as keyboards. It is commonly used by pentesters for keylogging and keystroke injection. It has some advanced features like...
View ArticleTech Minds: Eavesdropping on Video Monitors with TempestSDR
Over on his latest video Tech Minds' explores the use of TempestSDR to eavesdrop on video monitors with his Airspy Mini. TempestSDR is a program that we've posted about several times in the past. With...
View ArticleClik here to view.
Australian Teenager Exposes COVID-19 Patient Data via POCSAG Pager Network
A 15 year old Australian teenager has been accused of leaking sensitive COVID-19 patient data such as the phone numbers and addresses of people in quarantine, and conversations between health officials...
View ArticleClik here to view.
Flipper Zero Crowdfunding: An Open Source RF Pen Testing Tool For Hackers
Flipper Zero isn't an SDR, but it is an interesting RF capable pentesting tool that is currently being crowdfunded, and we think it deserves a post. Based on a TI CC1101 transceiver chip, the Flipper...
View ArticleDefcon 2020 Online Talks: Satellite Eavesdropping & Detecting Fake 4G Base...
DEFCON 2020 was held online this year in and the talks were released a few days ago on their website and on YouTube. If you weren't already aware Defcon is a major yearly conference all about...
View ArticleDragonOS: Installing Crocodile Hunter For Detecting Fake 4G Cell Sites
A few days ago we posted about two SDR related DEFCON talks which were recently released. One of the talks was about detecting fake 4G base stations with a bladeRF SDR and a tool they created called...
View ArticleClik here to view.
Eavesdropping on LTE Calls with a USRP Software Defined Radio
Ars Technica recently ran a story about how University researchers have been able to eavesdrop on LTE mobile phone calls using a USRP B210 software defined radio which runs the Airscope software. The...
View ArticleBSides Talk: It’s 2020, so why am I still able to read your pager traffic?
At the BSides OK 2020 virtual conference Cameron Mac Millan recently presented a talk titled "It’s 2020, so why am I still able to read your pager traffic?". On this blog we have posted numerous times...
View ArticleClik here to view.
Reporters use ADS-B Data to Uncover the Role US Private Contractors Play in...
The Organized Crime and Corruption Reporting Project (OCCRP) have recently run a story about how they have used ADS-B aircraft data to uncover the role that US civilian aircraft contractors are playing...
View ArticleClik here to view.
DEFCON 2020 Aerospace Village SDR Talks
A few weeks ago we posted about the recently uploaded talks listed on the Defcon YouTube channel. However, there is a second YouTube channel dedicated to talks presented as part of the Defcon Aerospace...
View ArticleUnlocking a Car with an RTL-SDR and Yardstick One
Over on his YouTube channel Kalle Hallden has uploaded a video demonstrating how to perform a replay and "rolljam" attack on a wireless car key with an RTL-SDR and Yardstick One. His first experiment...
View ArticleClik here to view.
RF Fingerprinting ADS-B Signals for Security
At this years ICNP 2020 IEEE conference a paper titled "Real-World ADS-B signal recognition based on Radio Frequency Fingerprinting" (pdf file) was presented by researchers from the University of...
View ArticleEtherify: Transmitting Morse Code via Raspberry Pi Ethernet RF Leakage
Over on his blog SQ5BPF has been documenting a TEMPEST experiment where he's been able to transmit data via RF being leaked from a Raspberry Pi's Ethernet connection. The idea was born when he found...
View ArticleClik here to view.
Etherify: Pi 4 Exhibits Very Strong Ethernet RF Leakage
Not too long ago we posted about Jacek Lipkowski (SQ5BPF)'s project called "Etherify" which seeks to use unintentional RF radiation from Ethernet hardware/cables to transmit arbitrary signals such as...
View ArticleClik here to view.
Testing the Mayhem Firmware on a HackRF Portapack
The Portapack is an add on for the popular HackRF SDR which allows the HackRF to be used portably without a PC. Recently the cost of this hardware duo has come down to below US$150 due to low cost...
View Article