This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
misc:hacks:hackrf [2015-06-05 15:55] arnaud [Sniffing nRF24 with GNU Radio and HackRF] |
misc:hacks:hackrf [2021-06-24 16:44] kimberly |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | <WRAP center round important 60%> | ||
+ | This page has deprecated and will be archived. Please go to [[https:// | ||
+ | </ | ||
+ | ====== Sniffing nRF24 with GNU Radio and HackRF ====== | ||
+ | |||
+ | {{ : | ||
+ | |||
+ | Thanks to a software from [[http:// | ||
+ | |||
+ | Though the original method is using rtl-sdr with the rtl-fm program. This page aims at documenting how to setup an NRF sniffer with the [[http:// | ||
+ | |||
+ | The procedure should be very similar with any GnuRadio-compatible SDR receiver. | ||
+ | |||
+ | |||
+ | ===== Setting-up hackRF ===== | ||
+ | |||
+ | To setup HackRF on Ubuntu the following packages needs to be installed: | ||
+ | < | ||
+ | sudo apt-get install gnuradio gr-osmosdr hackrf gqrx | ||
+ | </ | ||
+ | |||
+ | Then you can verify that it works with: | ||
+ | |||
+ | < | ||
+ | $ hackrf_info | ||
+ | Found HackRF board. | ||
+ | Board ID Number: 2 (HackRF One) | ||
+ | Firmware Version: 2014.08.1 | ||
+ | Part ID Number: 0xa000cb3c 0x005c4746 | ||
+ | Serial Number: 0x00000000 0x00000000 0x321864c8 0x3852321d | ||
+ | $ | ||
+ | </ | ||
+ | |||
+ | On my Ubuntu I need to remove a hackrf module for it to actually work: | ||
+ | < | ||
+ | $ hackrf_info | ||
+ | hackrf_open() failed: HACKRF_ERROR_LIBUSB (-1000) | ||
+ | $ sudo rmmod hackrf | ||
+ | $ hackrf_info | ||
+ | Found HackRF board. | ||
+ | Board ID Number: 2 (HackRF One) | ||
+ | Firmware Version: 2014.08.1 | ||
+ | Part ID Number: 0xa000cb3c 0x005c4746 | ||
+ | Serial Number: 0x00000000 0x00000000 0x321864c8 0x3852321d | ||
+ | $ | ||
+ | </ | ||
+ | |||
+ | To test that it is working well you can run gqrx: | ||
+ | |||
+ | {{: | ||
+ | |||
+ | ===== Sniffing ===== | ||
+ | |||
+ | Clone and make the NRF24-BTLE-Decoder program from [[https:// | ||
+ | |||
+ | < | ||
+ | $ git clone https:// | ||
+ | Cloning into ' | ||
+ | remote: Counting objects: 25, done. | ||
+ | remote: Total 25 (delta 0), reused 0 (delta 0), pack-reused 25 | ||
+ | Unpacking objects: 100% (25/25), done. | ||
+ | Checking connectivity... done. | ||
+ | $ cd NRF24-BTLE-Decoder | ||
+ | NRF24-BTLE-Decoder $ make | ||
+ | gcc -std=gnu99 -Wall -O3 -o ./ | ||
+ | nrf24-btle-decoder.c: | ||
+ | nrf24-btle-decoder.c: | ||
+ | if (strcmp(" | ||
+ | ^ | ||
+ | NRF24-BTLE-Decoder $ cd bin | ||
+ | bin $ ls | ||
+ | nrf24-btle-decoder | ||
+ | bin $ | ||
+ | </ | ||
+ | |||
+ | The nrf24-btle-decoder software is designed to get sample at 2Msps via the standard input. To get data from gnuradio instead we create a fifo and cat this fifo in nrf24-btle-decoder: | ||
+ | |||
+ | < | ||
+ | bin $ mkfifo /tmp/fifo | ||
+ | bin $ cat /tmp/fifo | ./ | ||
+ | </ | ||
+ | |||
+ | The GNUradio companion receiver is a simple quadrature demodulator: | ||
+ | |||
+ | {{: | ||
+ | |||
+ | The source file can be downloaded there: {{: | ||
+ | |||
+ | This GNU Radio program will write the demodulated samples in the fifo, | ||
+ | it will then be read by ' | ||
+ | When connected to a Crazyflie the output is: | ||
+ | |||
+ | < | ||
+ | bin $ cat /tmp/fifo | ./ | ||
+ | nrf24-btle-decoder, | ||
+ | |||
+ | 1433238474.737783 NRF24 Packet start sample 20935, Threshold: | ||
+ | 1433238474.758950 NRF24 Packet start sample 37532, Threshold: | ||
+ | 1433238474.778575 NRF24 Packet start sample 94927, Threshold: | ||
+ | 1433238474.778681 NRF24 Packet start sample 95320, Threshold: | ||
+ | 1433238474.819749 NRF24 Packet start sample 186219, Threshold: | ||
+ | 1433238474.853860 NRF24 Packet start sample 249975, Threshold: | ||
+ | 1433238474.879752 NRF24 Packet start sample 294095, Threshold: | ||
+ | 1433238474.881214 NRF24 Packet start sample 298150, Threshold: | ||
+ | 1433238474.882156 NRF24 Packet start sample 301571, Threshold: | ||
+ | 1433238474.896965 NRF24 Packet start sample 321818, Threshold: | ||
+ | 1433238474.898889 NRF24 Packet start sample 325754, Threshold: | ||
+ | 1433238474.943326 NRF24 Packet start sample 403294, Threshold: | ||
+ | 1433238474.966901 NRF24 Packet start sample 504654, Threshold: | ||
+ | </ | ||
+ | |||
+ | To stop sniffing, stop the GNURadio program and to re-run, run the decoder and then the gnuradio program. |