任务
通过观看视频学习gnuradio-companion的基本用法后,尝试连接硬件HackRF板子进行实验,选取最安全有趣的方式,解调FM信号实现广播的收听.
但在起步阶段,软件配置方面遇到不小障碍,故在这里做总结,概况各阶段的原因:
- jack未启动(安装音频控制jackd)
- 天线选购
问题
层层推进,当将HackRF板接线至电脑后,输入hackrf_info已经可以读取到板子信息:固件版本/序列号等.
但根据教程中的步骤,可以先利用已有的平台gqrx快速测试收取电台信号.它的官网提供了丰富的帮助文档与下载步骤.
gqrx
- Discover devices attached to the computer.
- Process I/Q data from the supported devices.
- I/Q是一个射频信号,在极坐标上可以用振幅和相位来表示,在直角坐标上可以用X和Y的值来表示。但在数字通信系统中,一般X用I来代替,表示同相,而Y用Q来代替,表示90°相位。
- Change frequency, gain and apply various corrections (frequency, I/Q balance).
- AM, SSB, CW, FM-N and FM-W (mono and stereo) demodulators.
- AM:幅值调制
- SSB:单边带调制
- CW,等幅电报通信(continuous wave)简称CW方式。由于是形如“1、0”的二进制信号,故一般利用摩尔斯电码发送信息。
- P5:单声道与立体声
- mono:单声道,无位置信息
- stereo:立体声
- Special FM mode for NOAA APT.
- Variable band pass filter.
- AGC(自动增益控制), squelch(抑制噪声) and noise blankers.
- FFT plot and waterfall.
- Record and playback audio to / from WAV file.
- Record and playback raw baseband data.
- Spectrum analyzer mode where all signal processing is disabled.
- Basic remote control through TCP connection.
- Streaming audio output over UDP.
安装方式有两种,其一是通过命令行sudo apt install gqrx-sdr安装软件源中的最新版本;其二是下载源文件,自行编译.
problems with the current configuration
在窗口弹出报错信息,需要修改设定后,可以如教程选择HackRF板子作为输入设备
Gqrx has detected problems with the current configuration. Loading the configuration again could cause the application to crash. Do you want to edit the settings?
no fft audio
然而点击运行按钮后,无论怎么调节,窗口都没有波形,终端也一直打印no fft audio
出现的报错信息如下:
linux; GNU C++ version 7.3.0; Boost_106501; UHD_003.010.003.000-0-unknown
Controlport disabled
No user supplied config file. Using "default.conf"
gr-osmosdr 0.1.4 (0.1.4) gnuradio 3.7.11
built-in source types: file osmosdr fcd rtl rtl_tcp uhd miri hackrf bladerf rfspace airspy airspyhf soapy redpitaya freesrp
FM demod gain: 3.05577
Resampling audio 96000 -> 48000
IQ DCR alpha: 1.04166e-05
gr::log :INFO: audio source - Audio sink arch: alsa
Using audio backend: auto
BookmarksFile is /home/lazy/.config/gqrx/bookmarks.csv
Cannot connect to server socket err = No such file or directory
Cannot connect to server request channel
jack server is not running or cannot be started
JackShmReadWritePtr::~JackShmReadWritePtr - Init not done for -1, skipping unlock
JackShmReadWritePtr::~JackShmReadWritePtr - Init not done for -1, skipping unlock
RtApiAlsa::getDeviceInfo: snd_pcm_open error for device (hw:0,0), Device or resource busy.
getDeviceList : Available input devices:
"HackRF HackRF One 7061c3"
"RFSPACE SDR-IQ Receiver"
"RFSPACE SDR-IP Receiver"
"RFSPACE NetSDR Receiver"
"RFSPACE Cloud-IQ Receiver"
"hw:HDA Intel PCH,0"
"default"
"HackRF One #0 17c467dc2d7061c3"
"RTL-SDR Spectrum Server"
"Red Pitaya Transceiver Server"
"Complex Sampled (IQ) File"
Loading configuration from: "default.conf"
Configuration file: "/home/lazy/.config/gqrx/default.conf"
Crash guard triggered!
@font-face{ font-family:"Times New Roman"; } @font-face{ font-family:"宋体"; } @font-face{ font-family:"Calibri"; } p.MsoNormal{ mso-style-name:Normal; mso-style-parent:""; margin:0pt; margin-bottom:.0001pt; font-family:Calibri; mso-fareast-font-family:宋体; mso-bidi-font-family:'Times New Roman'; } span.msoIns{ mso-style-type:export-only; mso-style-name:""; text-decoration:underline; text-underline:single; color:blue; } span.msoDel{ mso-style-type:export-only; mso-style-name:""; text-decoration:line-through; color:red; } @page{mso-page-border-surround-header:no; mso-page-border-surround-footer:no;}@page Section0{ } div.Section0{page:Section0;}
Launching I/O device editor
firstTimeConfig
saveConfig
Loading configuration from: "/home/lazy/.config/gqrx/default.conf"
Configuration file: "/home/lazy/.config/gqrx/default.conf"
gr-osmosdr 0.1.4 (0.1.4) gnuradio 3.7.11
built-in source types: file osmosdr fcd rtl rtl_tcp uhd miri hackrf bladerf rfspace airspy airspyhf soapy redpitaya freesrp
[INFO] Opening HackRF One #0 17c467dc2d7061c3...
Number of USB devices: 9
USB device 1d50:6089: 000000000000000017c467dc2d7061c3 match
FATAL: setupStream invalid channel selection
Trying to fill up 1 missing channel(s) with null source(s).
This is being done to prevent the application from crashing
due to gnuradio bug #528.
********************
********************
No change in output device:
old:
new:
Failed to set RX input rate to 8e+06
Your device may not be working properly.
IQ DCR samp_rate: 8e+06
IQ DCR alpha: 1.25e-07
Changing NB_RX quad rate: 96000 -> 8e+06
Requested sample rate: 8000000
Actual sample rate : "8000000.000000"
New FFT rate: 25 Hz
Requested bandwidth: 0 Hz
Actual bandwidth : 0 Hz
setFreqCorr : 0 ppm
New LNB LO: -1000000 Hz
New LNB LO: -1000000 Hz
updateHWFrequencyRange failed fetching new hardware frequency range
New mode index: 4
FM demod gain: 0.509296
Filter preset for mode 4 LO: -80000 HI: 80000
Generating taps for new filter LO:-80000 HI:80000 TW:32000 Taps: 19
setFftRate to "25 fps"
New FFT rate: 25 Hz
New FFT rate: 25 Hz
setFftSize to "3840"
Changing baseband FFT size to 3840
New FFT rate: 25 Hz
New FFT rate: 25 Hz
Generating taps for new filter LO:-80000 HI:80000 TW:32000 Taps: 19
New FFT rate: 25 Hz
New FFT rate: 25 Hz
No audio FFT data.
No audio FFT data.
No audio FFT data.
No audio FFT data.
于是,我开始对其中出现的报错提示进行搜索,但怎奈资料稀缺,几乎唯一的对应都在github的issue板块,关闭者并没有给出明确的答复(这里是bug的记录区,而非支持论坛),只是表明需要追根溯源.在此略过我的整个寻求过程,最终解决方法是发现自己的jack(Linux中的一种音频接口)无法打开:jack server is not running or cannot be started,并且在网上找到了解决方法:
pulseaudio --kill
jack_control start由于jack_control需要软件jackd,则按照提示安装即可.另外需要注意,可以在之后不使用软件(gprx)后手动关闭:
jack_control exit
pulseaudio --start言归正传,在手动打开后,终端输出了一连串的OOOOO,让我感到不安,但启动后产生了频谱,终端又输出的是一连串的aUaUaU,当看到文章【无线安全1】HackRF接收广播中的截图后,我放下心来,是没有问题的.
过程
既然数据传输没有问题,我按照教程指导继续操作.首先验证在宿舍能接收到104.6MHz的新闻综合广播,于是在软件设定界面,将频率调至该频率附近,降低噪声处理,再调节其他增益值,仍然没有听到广播声音.
如此反复后,我才回过头来去查看自己的天线型号,发现在商品的详情页有如下参数:
频段:2400-2500M
它的用途是无线频段,2.4GHz左右,因此,当用osmocom_fft查看这部分的频谱时,可以看到某些频段会有周期性的峰值出现,想必是无线信号的发射.
下一步:
- 选购频段覆盖FM的天线
- 利用无线通信数据进行攻防实战
知识点
RX and TX
我们在ifconfig 查看网卡配置时或者嵌入式开发的时候,经常会看到rx/tx缩写,其含义如下:
RX==receive,接收,从开启到现在接收封包的情况,是下行流量。
TX==Transmit,发送,从开启到现在发送封包的情况,是上行流量。
网卡有收和发2个功能,你从其他服务器获取数据,这叫下载,是下行流量,反之,你本机向某个服务器发送数据,比如 FTP 上传、HTTP POST 或 PUT 数据 这叫发,也就是上传,上行流量。