车机--无线安全[攻防]

FM测试

一、运行hackrf_info，记录Serial number的最后6位数字8d895f
bing@Xstorm:~$ sudo hackrf_info
[sudo] password for bing: 
hackrf_info version: unknown
libhackrf version: unknown (0.5)
Found HackRF
Index: 0
Serial number: 0000000000000000a06063c8258d895f
Board ID Number: 2 (HackRF One)
Firmware Version: 2017.02.1 (API:1.02)
Part ID Number: 0xa000cb3c 0x00714367

二、运行gqrx接收信号, 进行配置; 如下图:

三、设置好如下图所示的频率103.9MHz后，并按照下图右边的Receiver Options中所示的来设置。

Frequency: 100365.000
Filter Width：Normal，
Filter Shape：Normal，
Mode：WFM（Mono），
AGC：Fast

慢慢调整Squelch的值,消除杂音

四、在听到吱吱杂音之后，我们需要通过调整Input controls选项来实现听清的效果。当你把Hardware AGC前的框中的对号取消后，你就可以随便调整RF、IF和BB Gain了。通过加大这三者的值，你就可以清楚的听到103.9MHz北京交通广播的声音

信号录制：
hackrf_transfer -r 1.raw -f 104304000 -g 30 -l 24 -a 1 -p 1 -s 8000000 -b 4000000
信号重放:
hackrf_transfer -t 1.raw -f 98000000 -x 32 -a 1 -p 1 -s 8000000 -b 4000000 -R

这时收音机里会重复播放你刚刚录制的那一段声音。

Usage:
  -h # this help
  [-d serial_number] # Serial number of desired HackRF.
  -r <filename> # Receive data into file (use '-' for stdout).
  -t <filename> # Transmit data from file (use '-' for stdin).
  -w # Receive data into file with WAV header and automatic name.
     # This is for SDR# compatibility and may not work with other software.
  [-f freq_hz] # Frequency in Hz [0MHz to 7250MHz].
  [-i if_freq_hz] # Intermediate Frequency (IF) in Hz [2150MHz to 2750MHz].
  [-o lo_freq_hz] # Front-end Local Oscillator (LO) frequency in Hz [84MHz to 5400MHz].
  [-m image_reject] # Image rejection filter selection, 0=bypass, 1=low pass, 2=high pass.
  [-a amp_enable] # RX/TX RF amplifier 1=Enable, 0=Disable.
  [-p antenna_enable] # Antenna port power, 1=Enable, 0=Disable.
  [-l gain_db] # RX LNA (IF) gain, 0-40dB, 8dB steps
  [-g gain_db] # RX VGA (baseband) gain, 0-62dB, 2dB steps
  [-x gain_db] # TX VGA (IF) gain, 0-47dB, 1dB steps
  [-s sample_rate_hz] # Sample rate in Hz (4/8/10/12.5/16/20MHz, default 10MHz).
  [-n num_samples] # Number of samples to transfer (default is unlimited).
  [-S buf_size] # Enable receive streaming with buffer size buf_size.
  [-c amplitude] # CW signal source mode, amplitude 0-127 (DC value to DAC).
  [-R] # Repeat TX mode (default is off) 
  [-b baseband_filter_bw_hz] # Set baseband filter bandwidth in Hz.
  Possible values: 1.75/2.5/3.5/5/5.5/6/7/8/9/10/12/14/15/20/24/28MHz, default <= 0.75 * sample_rate_hz.
  [-C ppm] # Set Internal crystal clock error in ppm.
  [-H hw_sync_enable] # Synchronise USB transfer using GPIO pins.

GSM测试

蓝牙测试