DC612 Talk Companion
This is a companion post to list all the links and some further information that I found to be helpful.
The main focus of the talk was to go over briefly some rtl-sdr basics. Then move into using gqrx to locate FLEX and POCSAG signals. Once located, discuss the method I found useful to decoding these signals. In the interest of keeping the talk down to about an hour with slides and demos, I’ve included links here.
When I think of how information is normally presented, it’s in a condensed format to get a reader or student from where they are at the time to a certain level of understanding with a means to demonstrate their learning. What is missing? The hours of reading and testing that occurs to gather the information. With these links, I’m aiming to provide an opportunity to those looking to read what I’ve read. Watch videos that I’ve watched to continue their own interest in learning further.
Disclaimer:
This information is for educational purposes only. Be responsible when hacking. If you are transmitting, I highly advise you obtain an amateur radio license to help further your understanding of how your transmissions can impact other legal signals.
What generated the interest in doing this talk:
The DEFCON wireless village experience from DEFCON 26: https://wirelessvillage.ninja/
Building a Small and Flexible Wireless Exfiltration Box with SDR: https://www.blackhillsinfosec.com/webcast-building-a-small-and-flexible-wireless-exfiltration-box-with-sdr/
Vapor Trail — Data Exfiltration via Faraday’s Law & Ponies: Larry Pesce and Galen Alderson https://youtu.be/MM8WVZkhuy4
Legal:
I’m not a lawyer but this is interesting: FCC — Interception and Divulgence of Radio Communications: https://www.fcc.gov/consumers/guides/interception-and-divulgence-radio-communications
Signals:
What is this signal I’ve found: https://www.sigidwiki.com/wiki/Signal_Identification_Guide
First video in a 4 part series for rtl-sdr interesting signals: Unallocated Space Signal Analysis Week 1: https://www.youtube.com/watch?v=CH3QPV6UhJw
Further interesting posts regarding FLEX and POCSAG: https://www.rtl-sdr.com/tag/flex-a/ & https://www.rtl-sdr.com/tag/pocsag/
Decoding FLEX and POCSAG: https://www.bastibl.net/pocsag/ (command using sox and multimon-ng here)
Using a raspberry pi (because cheap allows funds for future projects): https://www.raspberrypi.org/forums/viewtopic.php?f=41&t=45142&p=357671
GQRX:
Practical tricks and tips for gqrx: http://gqrx.dk/doc/practical-tricks-and-tips#more-229
Replicating your own POCSAG signals:
Using gr-mixalot and a HackRF: https://www.sans.org/cyber-security-summit/archives/file/summit-archive-1492176193.pdf & https://github.com/unsynchronized/gr-mixalot
Using a raspberry pi: https://github.com/F5OEO/rpitx
