Hackrf Test Apk
Muriel Trettin
After confirming basic functionality, we executed a sweep to test the maximumoutput power across the entire 6 GHz frequency range. We did this by scriptinga sequence of hackrf_transfer transmit commands while the device wasconnected to a spectrum analyzer. The results were troubling.
The clone clearly suffered from performance problems above 1 GHz, generallygetting worse at higher frequencies. At 6 GHz, this culminated in a whopping22 dB of loss compared to the GSG HackRF One. (That means that the GSG deviceproduced more than 150 times the output power of the clone.)
It is important to realize that we tested just one sample clone, so ourresults may not be representative of the average performance of this model.On the other hand, although these results are compared to a single GreatScott Gadgets HackRF One, we know that every GSG HackRF One is factory-testedto ensure that it meets our performance standards.
Next we tested the receive performance by usingQSpectrumAnalyzer with thehackrf_sweep backend. We set the gain to 40 in QSpectrumAnalyzer whichresults in moderate values for the two internal RX gain stages but leaves theRF amplifier off. We connected the device to a signal generator producing a-30 dBm signal, slowly swept across the 6 GHz frequency range.
The receive results were even worse than the transmit results. While thetransmit test indicated performance problems above 1 GHz, the receive testrevealed problems across the entire frequency range. Above 5 GHz the receivedsignal was buried in the noise floor, completely undetectable above 5.6 GHz byQSpectrumAnalyzer with these settings. Note that the RF amplifier was disabledin the receive test but had been enabled in the transmit test.
At this point we ran the clone through our factory test procedure which, inagreement with the previous results, indicated multiple failures at both highand low frequencies. This unit would not have passed our quality control.
A repeat of the transmit test allowed us to see how the protection circuitaffected signal power at various frequencies. As we suspected, a significantportion of the loss at higher frequencies was eliminated by removing theprotection circuit. However, the average performance below 5 GHz was littlechanged, suggesting the presence of additional design or manufacturing flaws.
We are interested in increasing the robustness of the HackRF front end, but anychanges we make would need to maintain acceptable RF performance. Perhaps someperformance loss in exchange for protection could be acceptable if theprotection were proven by test results. We have not seen anytest results for the effectiveness of the protection circuit on this HackRF clone,but it is clear from our tests that its effect on RF performance is not acceptable.
HackRF One has anRX input rating of -5dBm.To the best of our knowledge, it is not possible to damage the front end withoutexceeding this level. We areworking onidentifying reproducible scenarios that can cause damage to the RF front end sothat we can set up reliable and repeatable tests for front end protection. This willenable us to test changes that might increase the RX input rating and reduce thechance of damage in the field.
To install it, take a look at this photo from the gps-sdr-sim repository. It clearly shows where the TCXO gets installed in the HackRF. Just take the HackRF out of its case and insert the TCXO as shown. To test it, clone the HackRF tools repository and build them. Plug in the HackRF and execute the command:
I am performing some research on IoT test tools and came across the HackRF One which can transmit and receive from 1 MHz to 6 GHz. I therefore think that it can analyze many protocols, but I cannot find a list of them anywhere. Can it for example analyze (and exploit) Zigbee, Z-Wave, LoRaWAN, RFID and NFC? Why is there no list, because there are too many protocols? Is the HackRF a more general sniffer then?
I also came across some specific protocol sniffers, like the Suphacap Z-Wave Sniffer and the Proxmark and so on. What are the advantages of these over the HackRF? Is the best option to start with a HackRF and then when necessary buy specific sniffers according to the needs of the current pentest?
From sniffing POV, HackRF One as well as many other SDRs give you radio wave processing capabilities. This means that you can tune to a wide band of frequencies and capture the signal. What you do with it then is generally beyond the SDR's scope.
You can always try to process the signal yourself (e.g. with GnuRadio) and write a decoder the data packets for the corresponding protocol (or use Wireshark if the decoder is already available). With the popularity of HackRF One there are often solutions available to work from, e.g. this Z-Wave tool claims to support it by default.
I have no hands-on experience with protocol-specific sniffers (sb. correct me), but I would expect them to provide the promised feature with little effort, while locking you from easily doing anything unsupported (e.g. capturing new/tweaked version of the protocol or tuning to different frequency than usual).
Traditional radios work by having electronic circuitry that tunes in only the frequency of interest. The hardware of the radio uses filters and other technologies to modify the signal so that only the desired wave is output. Circuits take care of splitting left and right stereo signals, filtering out side bands, receiving AM or FM, etc.; they ultimately output an analog signal that usually goes to a speaker. This makes a dedicated radio very good at receiving exactly the kind of signal it was designed for, but nothing else.
There is a third kind of radio out there: a software controlled radio. These are based on a chip that tunes its radio to a specified frequency chosen by parameters that are passed in. These parameters not only select radio modes such as frequency, AM, FM, etc., but also are designed to interpret the RF signal and directly output the received data. These chips are designed for cheap consumer remotes, and usually include both a receiver and transmitter for installing the same chips in the appliance and its remote control, using the same parameters. These are very inexpensive radios.
As with anything, there are a lot of choices. A HackRF One contains both an SDR transmitter and an SDR receiver, while a typical RTL-SDR is a receiver only. A HackRF One also costs about ten times as much as a good quality RTL-SDR dongle. So if you simply want to study received transmissions, the RTL-SDR is a much more economical choice, and is usually a good starting point.
The kind of radio people buy next depends on their needs. People often want to transmit next, but are unaware of the very strict rules on radio transmissions. You really have to know what you are doing; an amateur radio license may even be required.
HackRF software includes HackRF Tools and libhackrf. HackRF Tools are the commandline utilities that let you interact with your HackRF. libhackrf is a low level library that enables software on your computer to operate with HackRF.
Unless developing or testing new features for HackRF, we highly recommend that most users use build systems or package managers provided for their operating system. Our suggested operating system for use with HackRF is Ubuntu.
Note for Windows build: You shall always execute hackrf-tools from Windows command shell and not from Cygwin or MinGW shell because on Cygwin/MinGW Ctrl+C is not managed correctly and especially for hackrf_transfer the Ctrl+C (abort) will not stop correctly and will corrupt the file.
The install will take hours to complete, so you can open a beer. Maybe two. Hopefully the whole process should complete without incident (I tried on different Macs and so did a few friends and we never had a problem). Once finished, run hackrf_info:
In reality, the minimum frequency that you can select (30 MHz) is erroneous. In facts, the HackRF has been reported to be working quite well all the way down to 1 MHz. In order to achieve that, you might patch line 333 of osmocom_fft
GNU Radio is the most prominet Open Source SDR framework, an extremely powerful tool that allows you to create any sort of modulators, demodulators and (with the help of your handy HackRF One) also to transmit and receive basically anywhere you want. The possibilities are endless. Is GNU Radio difficult? Very. Is it a good opportunity to lean more? Extremely. As an example, I adapted a generic USB transmitter written by Alex OZ9OEC for the UHD (another SDR device) to work with the HackRF. Here is a screenshot of gnuradio-companion once my modified grc file has been loaded:
A buddy and I were trying to break cars with a HackRF for a school project once, so it is my SDR of choice. Probably most capable for the money I've seen in years, so makes sense to me to put in the time for this dev. If only we could 3d print and coat item to fab our own antennas! Don't forget, it can transmit too (but not full duplex unfortunately)
Better late then never. I've written a simple .net framework assembly which allows to use hackrf in LabVIEWx64. I also made an example project in LabVIEW 2019 x64 with WFM receiver and POCSAG transmitter (also saved it in 2014 format just in case). Source code of .net assembly is in repository. Maybe it would help someone.
Thank you. Yes, it uses libhackrf compiled as hackrf.dll since it's the only known way to communicate with hackrf transceivers. Technically it is possible to do it with ni visa but I thought it would be overkill.
HackRF One is a Software-Defined Radio that enables fast and accurate transmission of radio signals. With excellent range and capability, it can receive and transmit signals from 1 MHz to 6 GHz. The HackRF One is an open-source platform that works as a USB peripheral. It can be programmed and managed as stand-alone device and system.
HackRF One acts like a sound card of computer. It processes Digital Signals to Radio waveforms allowing integration of large-scale communication networks. It is designed to test, develop, improvise and modify the contemporary Radio Frequency systems.
c80f0f1006