Hackrf Portapack H2 Firmware

0 views
Skip to first unread message

Manuela

unread,
Aug 3, 2024, 3:22:23 PM8/3/24
to mobfanover

Enter MAYHEM, an evolved fork of the original PortaPack firmware that the developers claim is the most up-to-date and feature packed version available. Without ever plugging into a computer, this firmware allows you to receive, decode, and re-transmit a dizzying number of wireless protocols. From firing off the seating pagers at a local restaurant to creating a fleet of phantom aircraft with spoofed ADS-B transponders, MAYHEM certainly seems like it lives up to the name.

There are many ways that promoting mayhem in a horrifically oppressive regime is not responsible use. For example, where it would have a disproportionate negative impact on people who are not part of the regime.

So far the only reported legitimate uses in these comments are consistent with behaviour that the relevant regime would likely approve of (see comment on testing fire service pagers). So not really a good match for the name MAYHEM.

I agree its encourages the malitious potential but that potential/inspiration is why everyone wants to code like this and the message he sais only provvokes the ambitions into the possiblilites in the readers imagination to get a clear idea of not what your supposed to do but what you can do and anyone smart enough to wantt to learn coding and this already knows and or have decided how diverseley useful electronics are and have already chosen what they want to do weather it be prottecting servers encrypting building programmed phisical useful interesting funny and or cool or people have already decided to be a nuissance but nowone smart enough to want to learn electronics or the possiblilities of it already know that there are bad possiblilities this isnt kidergarten forced perspective snd and ideology brainwashing

I use this product to help find exploits against vehicle security systems and then I form the manufacturers. Less then 10% of what I find do I share because I find so many rolling code vulnerabilities with this tool. We do try to inform manufacturers though. I also teach people how to use this tool to under stand RF and how to make safer products. What do you do to make the world a better place other than judge people. This is a great tool they share for free.

TBH, any scenario with less extreme storylines involving RF attacks could be used. i.e. Bank Heist in which you have to perform or defend against attacks on your get away vehicle to defeat the scenario.

In an alternate, simplified reality with Boolean ethics, the other things you mentioned may not have ethical uses, but in this reality they do. Fighting back against an oppressive and murderous regime is one obvious use.

Lots of legitimate uses. A field engineer needs to transmit a specific signal on command. Load up that signal, go to the site, press the send, tada you have a test signal 100 miles away from an outlet.

Key fobs and garage door openers fail. Maybe you can get a signal 1 out of 50 times, and the retail key fob learning ones need things more reliably, well this will record the one time the old fob worked, and this will transmit reliably.

I am seriously tempted to get it and mostly use it as a garage door remote. Since it is a SDR, I could also use it in the car to just listen to various frequencies. Depending on my mood, I could listen to AM, FM, Ham Radio, Air traffic when by the airport, etc.

Read the original linked article, it includes a list of ethical uses: capturing RF autonomously to study it later, check the resistance of your wireless home appliances to replay attacks or conducting security testing on devices where you have permission to transmit.

I use this to break in to my own cars. I love the idea that by a codes and scripts you can get into things by using the back door. I love my hacker one portapack., I want to thank great scotts and the maker of mayhem yous are awesome

I go a PortaPack for my Hack RF One simply because it lets me see the invisible spectrum that surrounds us all. I have no specific use and certainly no malicious one. My PortaPack came with Mayhem pre-installed.

You can find the firmware binary (hackrf_one_usb.bin) in the firmware-bin directory of the latest release package or you can compile your own from the source. For Jawbreaker, use hackrf_jawbreaker_usb.bin. If you compile from source, the file will be called hackrf_usb.bin.

If the firmware installed in SPI flash has been damaged or if you are programming a home-made HackRF for the first time, you will not be able to immediately use the hackrf_spiflash program as listed in the above procedure. Follow these steps instead:

Type dfu-util --device 1fc9:000c --alt 0 --download hackrf_one_usb.dfu to load firmware from a release package into RAM. If you have a Jawbreaker, use hackrf_jawbreaker_usb.dfu instead. Alternatively, use make -e BOARD=HACKRF_ONE RUN_FROM=RAM program to load the firmware into RAM and start it.

The LPC4330 microcontroller on HackRF is capable of booting from several different code sources. By default, HackRF boots from SPI flash memory (SPIFI). It can also boot HackRF in DFU (USB) boot mode. In DFU boot mode, HackRF will enumerate over USB, wait for code to be delivered using the DFU (Device Firmware Update) standard over USB, and then execute that code from RAM. The SPIFI is normally unused and unaltered in DFU mode.

To start up HackRF One in DFU mode, hold down the DFU button while powering it on or while pressing and releasing the RESET button. Release the DFU button after the 3V3 LED illuminates. The 1V8 LED should remain off. At this point HackRF One is ready to receive firmware over USB.

After a few seconds, three LEDs should start blinking. This indicates that the CPLD has been programmed successfully. Reset the HackRF device by pressing the RESET button or by unplugging it and plugging it back in.

Over the next several days, thousands of hackers will gather at the Chaos CommunicationCamp in Germany. An electronic badge for the event is being prepared, andit is based on my design for HackRF One!

At DEF CON over the weekend, I wasfortunate to be able to meet up with Ray, one of the members of the Munich CCC group responsible for the rad1o badge. Ray was wearing oneof the prototype units, so I was able to take a close look.

The design is a variation of HackRF One. It includesa small LCD and an audio interface, so it is a bit like having a HackRF Oneplus a PortaPackH1 on a single board. A slim, rechargeable LiPo battery is mounted on theback. The visual design of the PCB looks like a traditional AM/FM radioreceiver complete with an antenna (which is not the actual RF antenna) and adial (which is not really a dial).

There are some design modifications, especially in the RF section, thatseemed strange to me at first. The reason for many of these changes is thatthe rad1o team was able to get certain chip vendors to agree to sponsor thebadge by donating parts. By redesigning around donated components they wereable to reduce the cost to a small fraction of the cost of manufacturing HackRFOne, making it possible to build the rad1o badge for several thousandcampers.

The firmware for rad1o is derived from HackRF One firmware but is in a separate repository. Because of the LCDand other differences between the two hardware designs, they are notfirmware-compatible. When using rad1o as a USB peripheral, it is fullysupported by existing software that supports HackRF One. Future rad1o firmwarewill use a USB product ID of 0xCC15 assigned from the Openmoko pool, but theshipping firmware will borrow HackRF One's product ID. This will ensure thatany existing software for HackRF One will work with rad1o during camp. The newproduct ID (0xCC15) is already supported in libhackrf release 2015.07.2, so itshould be easy for people to update to it in the near future.

If you are new to Software Defined Radio and are looking forward to usingthe badge as a way to get started with SDR, I recommend starting with my video series. You might want to download the videos beforeleaving for camp. Also take a look at GettingStarted with HackRF and GNU Radio and the recommended software forrad1o. If you plan to do firmware or hardware hacking, be sure to clonethe rad1o repositories. For examples ofDigital Signal Processing (DSP) on the LPC43xx, I suggest studying JaredBoone's firmware forPortaPack H1. Also check out the videoof Jared's Software-Defined Radio SignalProcessing with a $5 Microcontroller at BSidesLV 2015.As an open source hardware developer, it is extremely satisfying to seefolks start with my design and do something amazing like the rad1o badge. I'mexcited to be attending camp for my first time ever, and I can't wait to seethe projects people will come up with!

c80f0f1006
Reply all
Reply to author
Forward
0 new messages