GiamMa-based researchers SDR R&D IoT

venerdì 7 giugno 2019

Various SDR OS / Distro / LiveOS / Virtual Machine / Bootable Linux image

Various SDR OS / Distro / LiveOS / Virtual Machine / Bootable Linux image

below are some operating systems, virtual machines, file names and related descriptions useful for online research of those who want to manage SDR hardware and radio signals.

GNU Radio Live SDR Environment

ubuntu-14.04.1-desktop-amd64-gnuradio-3.7.6.1.iso
ubuntu-14.04.1-desktop-amd64-gnuradio.iso
ubuntu-14.04.4-desktop-amd64-gnuradio-3.7.9.2.iso
ubuntu-16.04.2-desktop-amd64-gnuradio-3.7.11.iso
ubuntu-14.04.5-desktop-amd64-gnuradio-3.7.10.1.iso

Description: The GNU Radio Live SDR Environment, produced by Corgan Labs, is a bootable Ubuntu Linux DVD or USB drive image, with GNU Radio and third party software pre-installed. It is designed for quick and easy testing and experimentation with GNU Radio without having to make any permanent modifications to a PC or laptop. It does not, however, provide for permanent installation.
It is supplied as an ISO image to be downloaded and burned onto a recordable DVD disc or copied to a USB flash drive using a utility such as the Ubuntu Startup Disk Creator (Ubuntu Linux OS) or Unetbootin (Windows, MacOS, Linux). Creating a USB drive from the image will provide much faster booting and operation, and allow making changes and storing files. Finally, the ISO image may be booted within a virtual environment such as VirtualBox, QEMU/kvm, VMware, or Parallels.

RTL-SDR/HackRF Live DVD

ubuntu-12.04.2-custom-sdr-amd64.iso
ubuntu-12.04.3-desktop-amd64-gnuradio-2013-0926.iso
ubuntu-12.04.3-desktop-amd64-gnuradio-2013-1110.iso

Description: If you’ve been wanting to use your RTL-SDR or HackRF on Linux, but didn’t know how to or couldn’t be bothered installing all the software, there is now a live DVD downloadable thanks to Reddit user rtl_sdr_is_fun. With a live DVD you can boot into an Ubuntu OS (with many pre-installed SDR related programs) directly from the DVD without the need to install anything.
The Live DVD is only available for 64-bit CPUs.

SigintOS

sigintos.iso
sigintos-1.1.iso

Description: SigintOS; as the name suggests, SIGINT is an improved Linux distribution for Signal Intelligence. This distribution is based on Ubuntu Linux. It has its own software called SigintOS. With this software, many SIGINT operations can be performed via a single graphical interface.
Hardware and software installation problems faced by many people interested in signal processing are completely eliminated with SigintOS. HackRF, BladeRF, USRP, RTL-SDR are already installed, and the most used Gnuradio, Gsm and Gps applications are also included in the distribution.

Skywavelinux

skywavelinux-1.0.iso
skywavelinux-2.1.iso
skywavelinux-2.2.iso

Description: Skywave Linux is an operating system using bleeding-edge technology to robustly access broadcast, utility, military, and amateur radio signals from almost anywhere in the world, including countries with restrictive internet environments. Skywave Linux connects to a large and growing network of state-of-the art software defined radio (SDR) servers, making it possible to experience high performance SDR operation without your own large antennas or on-site radio hardware. All you need to do is boot the system on a computer with internet connectivity. Skywave Linux can also operate numerous types of SDR hardware, plugged in or on the local network. Downloading, installing and configuring SDR software can be difficult for many computer users; Skywave Linux eliminates the hassle by including several applications installed, configured, and ready to run.

Ubuntu-remix

ubuntu-remix-14-32bit.iso
ubuntu-remix-14-64bit.iso

Description: This is a remastered version of Ubuntu Linux. There are 32-bit and 64-bit versions available, as well as an (older) image for the PengPod 1000.
This version contains a lot of amateur radio software including Fldigi, NBEMS, Gpredict, earthtrack, xcwcp and qrq, XLog and cqrlog, flrig and grig, xnec2c, fl_moxgen, aa-analyzer, owx, VOACAP, glfer, Xastir, gqrx, gEDA, GNU Radio Companion, quisk, direwolf, linamc, FreeDV, wsjt-x, Micro-Fox 15 Config, and a TinyTrak3 configuration program.
Version 16 is updated to match Ubuntu 14.01.1 LTS, including updated packet radio software and repairs to VOACAP.
This software collection uses the icewm window manager with menus customized for Amateur Radio use. It is designed to be light weight to run on older computers, while still having modern functionality.
Recommended: 1GHz CPU and 1GB memory at an absolute bare minimum (SDR applications will require more).

KB1OIQ - Andy's Ham Radio Linux

andy-v17-32bit.iso
andy-v17-64bit.iso

debian-live-8.5.0-amd64-hamradio.iso
debian-live-8.5.0-i386-hamradio.iso

Description: The Debian Hamradio Pure Blend is a project of the Debian Hamradio Maintainers Team who collaborate on maintenance of amateur-radio related packages for Debian. Every Pure Blend is a subset of Debian that is configured to support a particular target group out-of-the-box. This blend aims to support the needs of radio amateurs.

Shackbox

shackbox_premium.iso

Description: Shackbox is an open source, out-of-the-box and totally free Live Linux distribution that provides over 150 applications for Ham radio operators, trunking software, antenna design apps, and a lot of other applications related to electronics.
Shackbox is based on the Ubuntu Linux operating system, but without the Unity user interface and all the KDE related applications. In addition the distro offers SDR support for rtl2832 devices and a GNU Radio companion plugin.

Tetra Live Monitor

Description: telive - Tetra Live Monitor (c) 2014-2015 Jacek Lipkowski sq5bpf@lipkowski.org
telive is a program which can be used to display information like signalling, calls etc from a Tetra network. It is also possible to log the signalling information, listen to the audio in realtime and to record the audio. Playing the audio and recompressing it into ogg is done via external scripts.

LilacSat2

lilacsat-2_livecd_20151010.iso

Pentoo

pentoo-i686-default-2015.0_RC3.7.iso
pentoo-i686-hardened-2015.0_RC3.7.iso

AttifyOS

AttifyOS1.3.ova

Description: AttifyOS is a penetration testing distro for security professionals to assess the security of Internet of Things (IoT) devices. The distro is based on LUbuntu and contains pre-configured tools to help you with your next IoT pentest.
Embedded software such as Binwalk, Attify Badge tool, Baudrate.py, Openocd, Flashrom, Spiflash.py.
Firmware and Software software such as Binwalk, Firmware-Mod-Kit (FMK), Firmware Analysis Toolkit (FAT), radare2, IDA Demo, Dex2Jar, JADx, ROPGadget.
Radio software such as GQRX, GNURadio, Ubertooth-Utils, HackRF, KillerBee / Attify ZigBee Framework,

Other famous Pentest LiveOS with SDR support package:

Kali
NetHunter
BackTrack

Virtual Machine Image:

KickSat
Ubuntu R36
Ubuntu R37

giovedì 6 giugno 2019

How to catch Charging station interface Device online with search engine like zoomeye shodan censys fofa

To capture Charging station interface Device online via search engines for Internet-connected devices is not difficult.

https://en.wikipedia.org/wiki/Charging_station

An electric vehicle charging station, also called EV charging station, electric recharging point, charging point, charge point, ECS (electronic charging station), and EVSE (electric vehicle supply equipment), is an element in an infrastructure that supplies electric energy for the recharging of plug-in electric vehicles—including electric cars, neighborhood electric vehicles and plug-in hybrids.
For charging at home or work, some EVs have onboard converters that can plug into a standard electrical outlet or a high-capacity appliance outlet. Others either require or can use a charging station that provides electrical conversion, monitoring, or safety functionality. These stations are also needed when traveling, and many support faster charging at higher voltages and currents than are available from residential EVSEs. Public charging stations are typically on-street facilities provided by electric utility companies or located at retail shopping centers, restaurants and parking places, operated by a range of private companies.
Charging stations provide a range of heavy duty or special connectors that conform to the variety of standards. For common rapid charging and DC, the Combined Charging System (CCS) is becoming the universal standard. Others are CHAdeMO, and the Type 2 connector.

Example link of search engines:

www.shodan.io

www.zoomeye.org

https://censys.io/

https://fofa.so/

Example code to search:

Charging station
Charging station interface
Charging station interface 4.32-4932
Charging station interface 4.33-4964
Charging station interface 4.40-5038
Charging station interface 4.31-4881
Charging station interface 4.34-4979
Charging station interface 4.52-5419

Fast search:

https://www.shodan.io/search?query=%22Charging+station%22
https://www.zoomeye.org/searchResult?q=%22Charging%20station%22
https://censys.io/ipv4?q=%22Charging+station%22
https://fofa.so/result?q="Charging+station"

https://www.shodan.io/search?query=%22Charging+station+interface%22
https://www.zoomeye.org/searchResult?q=%22Charging%20station%20interface%22
https://censys.io/ipv4?q=%22Charging+station+interface%22
https://fofa.so/result?q="Charging+station+interface"

https://www.shodan.io/search?query=%22Charging+station+interface+4.32-4932%22
https://www.zoomeye.org/searchResult?q=%22Charging%20station%20interface%204.32-4932%22
https://censys.io/ipv4?q=%22Charging+station+interface+4.32-4932%22
https://fofa.so/result?q="Charging+station+interface+4.32-4932"

https://www.shodan.io/search?query=%22Charging+station+interface+4.33-4964%22
https://www.zoomeye.org/searchResult?q=%22Charging%20station%20interface%204.33-4964%22
https://censys.io/ipv4?q=%22Charging+station+interface+4.33-4964%22
https://fofa.so/result?q="Charging+station+interface+4.33-4964"

https://www.shodan.io/search?query=%22Charging+station+interface+4.40-5038%22
https://www.zoomeye.org/searchResult?q=%22Charging%20station%20interface%204.40-5038%22
https://censys.io/ipv4?q=%22Charging+station+interface+4.40-5038%22
https://fofa.so/result?q="Charging+station+interface+4.40-5038"

it is very interesting to observe how the search results of the various search engines are very different ....

venerdì 19 aprile 2019

How to catch GPS Device online with search engine like shodan

How to catch GPS Device online with search engine like shodan

To capture GPS Device online via search engines for Internet-connected devices is not difficult.

Example link of search engines:

www.shodan.io
www.zoomeye.org

Example code to search:

AIVDM
AIVDO
NMEA
GPRMC
GPGGA
GPZDA
GPVTG
GPGSA
GPGLL
GPGSA
GPGSV
GNSS
RTCM3
RTCM3X
RTCM2
RTCM
GPS
GLONASS
BKGNtripcaster
FFFREMONT
Leica+GPS
Leica+GNSS
TMP_OUTERNET
POPNet+GNSS
GLONASS
Galileo
BeiDou
QZSS
IRNSS
SBAS
GNSS
GLO
Trimble+GPS
Trimble+GNSS
DGNSS
SWEPOS
GNSS Server
VRS+GPS
FReDNet
ETRF2000

giovedì 11 aprile 2019

TRACKING DICTATORS AROUND THE WORLD WITH ADS-B DATA - SHODANnoDICTATORSHIPS

martedì 2 aprile 2019

ZR6AIC: How to use AI (Artificial Intelligence) to identify Radio signals using a RTL SDR dongle and Linux (Ubuntu) Identifying Radio stations

ZR6AIC: How to use AI (Artificial Intelligence) to identif...: How to use AI (Artificial Intelligence) to identify Radio signals using a RTL SDR dongle and Linux (Ubuntu) Identifying Radio stations ...

How to use AI (Artificial Intelligence) to identify Radio signals using a RTL SDR dongle and Linux (Ubuntu)

Identifying Radio stations

I was wondering if there is not a good framework to identify RF signals
as I wanted to add some capabilities to my SDR's to identify RF signal.

I was thinking of a way to recognize Satellite signals and the
automatically apply the necessary Demodulator's and decoders for the
specific satellite.

I was looking at AI Deep Learning library to be able to identify RF
Radio signals. There are countless deep learning frameworks available
today.

By using Python3 and rtl-sdr dongle it would be possible to scan a frequency range trying to identify a satellite.

Here is a graph with all the most used Deep learning frameworks available.

Deep Learning Frameworks.

I found this opensource project called cnn-rtlsdr and it is available from github here https://github.com/randaller/cnn-rtlsdr

This framework is using Keras and TensorFlow to learn and recognize the RF signals.

So how dose it work?

You first need take an clean RF signal and digitize it and then let the
framework learn its signature. The more you letting the AI framework
learn a specific signal the more accurate it will able to recognize the
RF Signal.

Here is my instillation procedure to get it working on my Ubuntu 18.10 Laptop

Installation Procedure.

Lets check if you have version 2 or 3 of python.

You need version 3
python -V

apt-get install git
git clone https://github.com/randaller/cnn-rtlsdr.git
cd cnn-rtlsdr

sudo apt-get update

sudo apt-get install python3-pip
sudo apt-get install rtl-sdr

sudo apt-get install build-essential libssl-dev libffi-dev python-dev

sudo pip3 install --upgrade pip

sudo pip3 install tensorflow
sudo pip3 install pyrtlsdr

sudo pip3 install scipy

[remove dongle]
rmmod dvb_usb_rtl28xxu rtl2832
[insert dongle]

Installing rtl-sdr and calibrating the frequency offset.

Using the Kal utility to calibrate your dongle offset using the GSM network.

Installing Kal

sudo apt-get install automake
sudo apt-get install libtool
sudo apt-get install libfftw3–dev
sudo apt-get install librtlsdr-dev
sudo apt-get install libusb1.0.0-dev

git clone https://github.com/steve-m/kalibrate-rtl.git

cd kalibrate-rtl/

./bootstrap
./configure
make
sudo make install

In south Africa we can use the GSM900 frequency

Lets run Kal

kal -s GSM900
Found 1 device(s):
0: Generic RTL2832U OEM

Using device 0: Generic RTL2832U OEM
Found Rafael Micro R820T tuner
Exact sample rate is: 270833.002142 Hz
[R82XX] PLL not locked!
kal: Scanning for GSM-900 base stations.
GSM-900:
    chan: 40 (943.0MHz - 736Hz)    power: 25909.17
    chan: 47 (944.4MHz - 817Hz)    power: 28430.99
    chan: 63 (947.6MHz - 128Hz)    power: 29010.57
    chan: 69 (948.8MHz - 597Hz)    power: 32479.73

We now select the strongest Station to measure the average frequency offset

kal -c 69
Found 1 device(s):
0: Generic RTL2832U OEM

Using device 0: Generic RTL2832U OEM
Found Rafael Micro R820T tuner
Exact sample rate is: 270833.002142 Hz
[R82XX] PLL not locked!
kal: Calculating clock frequency offset.
Using GSM-900 channel 69 (948.8MHz)
average        [min, max]    (range, stddev)
- 413Hz        [-460, -354]    (106, 30.402500)
overruns: 0
not found: 0
average absolute error: 0.435 ppm

We now need to test to see if we can identify any signals using the default test learn data.

Final test

The Default script will scan the normal FM broadcast band 88 to 108Mhz.

Although it detects the radio stations as TV is ok as the test data id was tv.

sudo python3 predict_scan.py
Found Rafael Micro R820T tuner
[R82XX] PLL not locked!
88.400 MHz - tv 99.98%
89.600 MHz - tv 99.91%
91.500 MHz - tv 99.99%
92.700 MHz - tv 99.93%
94.700 MHz - tv 99.13%
95.900 MHz - tv 98.04%
98.000 MHz - tv 100.00%
99.200 MHz - tv 99.95%
99.600 MHz - tv 81.13%
101.500 MHz - tv 99.91%
102.700 MHz - tv 100.00%
105.100 MHz - tv 100.00%
106.300 MHz - tv 99.56%

We now need to learn the different Rf signals so we can identify it.

Best way to do this is with an rtl dongle and your signal of interest.

Learning from existing RF signal Database.

1) "wfm" Wide band FM
2) "tv" TV signal
3) "gsm" GSM signal
4) "tetra" Tetra DMR
5) "dmr" DMR
5) "other"

Link to database https://drive.google.com/file/d/1PuhzXkk6AVwXPPKjtFUCpQVsqOOlszu8/view

Some
RF signals have been learned by other users so you don't need to learn
the common RF signals but just import the learn database.

Unzip the file in the cnn-rtlsdr directory

Then run the following command to learn the RF signal

It takes about 80secons to learn a sample. So go and have a coffee or a bear :-)

Make sure you have your rtl_sdr dongle connected as the code will do a test at the end of the learning procedure.

python3 train_keras.py

You
will need a lot of memory for your application tu run so close all
necessary applications otherwise you will get an out of memory error..


Learning RF samples for the following RF signals.

When the learning is complete the script will do a test with the RTL-sdr dongle.

Testing signals with the new database.

Lets learn our own signal not yet in database.

I want to learn a Satellite Telemetry signal from Satellite.

Learning my own unique signal.

python3 train_keras.py
Using TensorFlow backend.
WARNING:tensorflow:From

/usr/local/lib/python3.6/dist-packages/keras/backend/tensorflow_backend.py:1062:
calling reduce_prod (from tensorflow.python.ops.math_ops) with
keep_dims is deprecated and will be removed in a future version.
Instructions for updating:
keep_dims is deprecated, use keepdims instead
WARNING:tensorflow:From

/usr/local/lib/python3.6/dist-packages/keras/backend/tensorflow_backend.py:2550:
calling reduce_sum (from tensorflow.python.ops.math_ops) with keep_dims
is deprecated and will be removed in a future version.
Instructions for updating:
keep_dims is deprecated, use keepdims instead
WARNING:tensorflow:From

/usr/local/lib/python3.6/dist-packages/keras/backend/tensorflow_backend.py:1123:
calling reduce_mean (from tensorflow.python.ops.math_ops) with
keep_dims is deprecated and will be removed in a future version.
Instructions for updating:
keep_dims is deprecated, use keepdims instead
Train on 64972 samples, validate on 27844 samples
Epoch 1/50
64972/64972 [==============================] - 70s - loss: 0.3469 - acc: 0.8527 - val_loss: 0.0716 - val_acc: 0.9836
Epoch 2/50
64972/64972 [==============================] - 72s - loss: 0.0575 - acc: 0.9839 - val_loss: 0.0731 - val_acc: 0.9791

...

64972/64972 [==============================] - 79s - loss: 0.0016 - acc: 0.9995 - val_loss: 0.0069 - val_acc: 0.9984
Epoch 49/50
64972/64972 [==============================] - 80s - loss: 7.5126e-04 - acc: 0.9998 - val_loss: 0.0093 - val_acc: 0.9981
Epoch 50/50
64972/64972 [==============================] - 78s - loss: 0.0065 - acc: 0.9983 - val_loss: 0.0357 - val_acc: 0.9923

Found Rafael Micro R820T tuner
[R82XX] PLL not locked!
92.9 wfm 99.9636411667
49.25 other 99.8086333275
95.0 other 99.9997735023
104.0 other 99.9999880791
422.6 other 99.9927401543
100.5 other 99.9997496605
120.0 other 100.0
106.3 wfm 100.0
942.2 other 99.999666214
107.8 other 100.0
Validation: 30.0

How to catch various Petrol information online with search engine like shodan - PetrolShodan

Online you can find interesting information about traffic, storage and management of petroleum products.

Example link of search engines:

www.shodan.io
www.zoomeye.org

Example code to search:

fuel tank
TC-VOLUME
TANK PRODUCT
TANK VOLUME
TANK PETROL
VOLUME PETROL
Oil Terminals
TANK PORT
Diesel Kero
US Oil
I20100

mercoledì 13 marzo 2019

How to catch IoT NB-IOT Network online Device, Client, Server, API, Gateway , Simulator, Platform developer like Sigfox Lora LoraWAN with search engine like Shodan

How to catch IoT NB-IOT Network online Device, Client, Server, API, Gateway , Simulator, Platform developer like Sigfox Lora LoraWAN with search engine like Shodan

Example link of search engines:

www.shodan.io
www.zoomeye.org

Example code to search:

lora smart -GIT
IoT Device Simulator
iot gateway
sigfox
lora
lorawan
lora gateway
lorawan server
NB-IOT
gateway IOT network
IoT Network Gateway
ESP8266

LPWAN
6LoWPAN
Sigfox
LoRa / LoRaWAN
NB-Fi
Weightless
DASH7
LTE User Equipment Categories
Multefire
LTE sidelink
NB-IOT

Link:

https://en.wikipedia.org/wiki/Narrowband_IoT