PortaPack HackRF One Training Workshop | SDR Training with Portapack H2+ Mayhem Firmware HackRF One

PortaPack HackRF One Training Workshop

HackRF One is an SDR peripheral capable of transmission or reception of radio signals from 1 MHz to 6 GHz.

The term SDR stands for “Software Defined Radio” and it is used to aggregate radio communication systems that implement in software instead of hardware the components in charge of modulating and demodulating radio signals.

The idea is to have a device that is able to receive and transmit different radio protocols just by configuring its software.

The HackRF One’s popularity stems from several of its benefits, such as:

• Its ability to receive and transmit radio in the 1Mhz to 6GHz range
• Compatibility with Open-Source software such as GNU-Radio
• Having a notable community
• Well written documentation
• Low price

HackRF One is designed to enable test and development of modern and next generation radio technologies. HackRF One is an open source hardware platform that can be used as a USB peripheral or programmed for stand-alone operation.

The HackRF One PortaPack has both military and public applications, everything from reverse engineering signals and spectrum analyzer to jamming (used by the DoD as a tool of electronic warfare).

The majority of wireless systems in the digital age could easily be transceived by PortaPack HackRF One. That’s because this SDR device can interact with a number of technologies including smartphones, GPS, IT infrastructures, Wi-Fi, Bluetooth and even broadcasting stations.

The overall concept behind PortaPack HackRF is to bring an open source peripheral that can assist modern day engineers and researchers for improving next generation communication systems.

The HackRF One also has a wide range of operating frequency, which allows this device to be used with RF-emitting devices that can go from key fobs (which usually operate in the 300-450Mhz freq. range) to much more impressive things like monitoring SpaceX rocket launches.

The PortaPack is an add-on, which attaches to the HackRF and adds a touch-screen LCD, user controls, headphone jack, high-accuracy clock reference, real-time clock, micro SD card slot, and custom aluminum case.

When users attach a USB battery, they’re ready to explore radio spectrum from just about anywhere.  The PortaPack makes capture and replay of wireless signals like those from ISM band remote controls very easy.

Besides legitimate uses, cyber criminals are known to use the PortaPack HackRF One to perform a wide variety of attacks such as “Jamming attacks” where the attacker emits noise to block the reception of a signal, “Replay attacks” where a signal is recorded and replayed without the original source device, “GPS spoofing” or even “Side channel attacks” that allow an attacker to remotely monitor what is being displayed on a monitor of a victim.

Cybersecurity professionals believe that understanding how cyber criminals use PortaPack HackRF One can help organizations adjust system vulnerabilities to reduce hacking risks.

PortaPack HackRF One Training Workshop, SDR Training with Portapack H2+ Mayhem Firmware HackRF One

PortaPack HackRF One Training Workshop, SDR Training with Portapack H2+ Mayhem Firmware is a 4-day hands-on course. Participants will receive their own assembled HackRF One+Portapack H2+ with Meyhem, Telescopic Antenna, and Data Cable. Long range antennas are available upon request.

Software defined radio (SDR) is a wireless communication device in which the transmitter and receiver modulation/demodulation occurs in software.

What this means is that the functionality is modified or changed by software alone, eliminating the need to make any physical changes to the hardware. Further, it does not require the use of capacitors and resistors, as the software-based filtering algorithms can be utilized to select specific frequencies.

SDR is the application of Digital Signal Processing to radio waveforms. It is similar to the software-based digital audio techniques that became popular a couple of decades ago. Just as a sound card in a computer digitizes audio waveforms, a software radio peripheral digitizes radio waveforms.

In other words, SDR is like a very fast sound card with the speaker and microphone replaced by an antenna.

PortaPack HackRF is a wide band software defined radio (SDR) half-duplex transceiver capable of receiving and transmitting (although not at the same time) on a frequency range of 1Mhz to 6Ghz with output power of 30 mW to 1 mW depending on the band.

HackRF is designed primarily for use with a USB-attached host computer, but it can also be used for stand-alone applications.

It’s also portable. You don’t have to carry an external power supply with you when taking PortaPack HackRF on the road because it is powered by USB. It is small enough to fit easily into a typical laptop bag.

With both military and public applications, the majority of wireless systems in the digital age could easily be transcieved by PortaPack HackRF One. That’s because this SDR device can interact with a number of technologies including smartphones, GPS, IT infrastructures, Wi-Fi, Bluetooth and even broadcasting stations.

The overall concept behind PortaPack HackRF is to bring an open source peripheral that can assist modern day engineers and researchers for improving next generation communication systems.

Participants will learn about:

• Software Defined Radio and Digital Signal Processing
• Theory and practice with hands-on SDR implementations using PortaPack HackRF One
• Necessary SDR signal processing building blocks, SDR application development using
• How to use PortaPack HackRF One and GNU Radio
• How to use and apply PortaPack HackRF One and GNU Radio Companion (GRC)
• RF Vulnerabilities and Hacking with PortaPack HackRF One

Who Should Attend
This advanced SDR course is designed for engineers, scientists, analysts and project managers who are interested in gaining hands-on SDR knowledge using GNU radio and PortaPack HackRF One.

Course Agenda

Principles of Signal Processing and Applied RF

• Overview of SDR
• Overview of GNU Radio
• Overview of PortaPack HackRF One

Overview of PortaPack – The Basics components

• Antenna (the connector is a female SMA, so the antenna needs to be male SMA, and not RPSMA)
• Encoder thumb wheel (on the H1 has a different layout, but the same functionality), notice that pushing the wheel down has the same effect as pressing the center push button
• Directional pushbuttons and Enter/ON/OFF in the center
• CLK IN
• CLK OUT
• Micro usb port and next to it, charging led indicator (in the H2, this might flicker while charging but will mostly turn off when the battery is full)
• Headset/Microphone (standard smartphone 4 segment 3.5mm connector)
• Receive and transmit leds (indicates the current operation, since the HackRF is half-duplex, only one of this will be lit at every moment)
• Other status leds (1.8V: rail status, RF: internal power supply, USB: connection to host is active) Note: In normal operation, 3.3V, 1.8V, RF lights will be ON.’
• DFU mode button (check the firmware update procedure for details)
• 3V rail status led
• Reset button

PortaPack HackRF One Antenna Choices

• Telescopic
  • ANT500
  • ANT700
  • Generic Telescopic H2 (12 cm)
  • Generic Telescopic H1
• Fixed
  • Magnetic fixed
  • GPS: 1575.42 MHz
  • Baofeng
  • Other Long Range Antennas

Lab 1: Antenna Considerations

• How do we determine antenna gain?
• Adding do add your own antenna?
• How do I calculate the link budget with antenna?

PortaPack Internals

• MicroSD card slot (insert the card with the contacts looking to the same direction as the screen)
• GPS module option (has not been implemented)
• Memory backup coin cell (compatible with CR1225 or CR1220 in the H2, and with the CR2032 or CR2025 in the H1)
• Speaker connector (yellow and red go to the speaker coil, black is ground and can be left disconnected)
• Battery connector
• TCXO clock (it might be populated with SMD components like in the upper image, unpopulated or populated with a shielded module)
• Headset/Microphone jack (In case of the H2 the internal speaker switches automatically when the headset is plugged)
• USB charging circuitry (only the units with battery; this is a standard power bank chipset)
• Audio amp circuitry
• Powering the PortaPack HackRF One

Overview of Portapack HackRF One Applications

• Receivers
• Transmitters

Overview of PortaPack HackRF One Receiver Functions

• Automatic dependent surveillance–broadcast (ADS-B)
• Automatic Identification System (AIS) for Tracking Boats
• AFSK
• APRS
• BTLE (Bluetooth)
• Decoder for NRF24L01 (By Nordic Semiconductor from Norway)
• Audio Receiver AM, NFM, WFM
• SPEC (spectrum Secondary Items)
• Analog TV
• Encoder receiver transmitter (ERT) Meter
• POCSAG Protocol
• Radiosonde: Radio Types + Values Implemented
• Pressure Monitoring System (TPMS) Cars

Overview of PortaPack HackRF One Transmitter Functions

• ADS-B(S)
• APRS
• BHT Xy/EP
• GPS Sim
• Jammer
• Key Fob
• LGE Tool
• Morse
• Burger Pager
• POCSAG
• SSTV
• TEDI/LCR
• TouchTunes
• RDS
• OOK
• Soundboard

Course Hardware and Software

• HackRF One hardware (included as part of the class)
• HackRF One+PortaPack H1/H2 with Mayhem firmware (included)
• Hand-held Radar Detector
• Wi-Fi and Bluetooth IoT board (included)
• Optional Laptop (with additional fees)
• GNU Radio installed software and libraries (included)
• Installed Linux distribution with full support for HackRF and GNU Radio
  Installed GNU Radio Library and GNU Radio Companion (GRC) tool

Labs

• SDR with GNU Radio basic lab
• SDR Hacking with HackRF lab
• Hacking with PortaPack HackRF One
• GNU Radio Companion (GRC) lab
• Fingerprint on RF spectrum lab
• IoT Hacking
• Car Key Fob Attack

HackRF One Training