Welcome back, my aspiring cyberwarrior!
As you already know, it is possible to spoof both your IP address and MAC address, but can you spoof my global position (GPS)? The answer, of course, is YES! This is one of the beauties of becoming conversant and skilled in Software Defined Radio (SDR).
There are a number of reasons why you may not want your global position known. As most of you know, we have been active in assisting Ukraine repel the brutal aggression of its neighbor and former colonial master, Russia (I think it goes without saying that Russia is the aggressor and needs to be reminded that invading and killing your neighbors is wrong). In this war, global positions are key to finding and destroying the opposing army. In addition, early in the war, we used GPS to geo-locate the yachts of the Russia oligarchs that we then seized by the NATO nations. Soon thereafter, the remaining yachts began to spoof their global position to evade our detection.
What if the troops on the ground could send out a spoofed GPS signal to hide their location from artillery and rockets? More importantly, war ships and aircraft send out a GPS signal that can be tracked by missiles and other weapons. Wouldn’t they gain stealth by sending out a spoofed position? These are just a few of the real-life examples of the value of spoofing a GPS signal.
In this tutorial, we will demonstrate how to spoof your GPS position using SDR and the inexpensive HackRF One.
Step #1: Install HackRF One
The first step is to purchase and install a HackRF One. The less expensive SDR receivers such as SDR-RTL are exclusively receivers and are incapable of transmitting signal.
Step #2: Install GPS Spoof
Next, create a directory named GPS_SPOOF…
kali > mkdir GPS_SPOOF
….and then navigate to the new directory.
kali > cd GPS_SPOOF
Then, download the gps spoof software from github.com
kali > sudo git clone https://github.com/osqzss/gps-sdr-sim.git
kali > cd gps-sdr-sim
We need compile the gpssim.c to a file named gps-sdr-sim and in order to be able to use motion files, we need to compile it with -DUSER_MOTION_SIZE=400 (this enables the GPS spoof to appear to be moving rather than remaining static which would likely signal to a receiver that it was false signal).
kali> sudo gcc gpssim.c -lm -O3 -o gps-sdr-sim -DUSER_MOTION_SIZE=4000
gcc is the GNU C compiler
gpssim.c is the C file that we need to compile
-lm is a link to the math.c library
-O3 optimizes the compilation to higher level
-o places the output into a file named gps-sdr-sim
Step #3: Locate the Satellite
The next step is to locate the GPS satellite. This is done through the use of the GPS broadcast ephemeris file. The archive of the daily file can be downloaded here (you must register).
https://cddis.nasa.gov/archive/gnss/data/daily/
These files then are used to generate a simulated pseudorange and Doppler for the satellites in your range. This data is then used to create a simulated range data to generate digitized I/Q samples for the GPS signal. Make certain you download the most recent daily file.
https://cddis.nasa.gov/archive/gnss/data/daily/2022/brdc/
kali > sudo ./gps-sdr-sim -b 8 -e brdc0010.22n -l 55.75911686948662, 37.616404140886715, 100
kali > sudo hackrf_transfer -t gpssim.bin -f 1575420000 -s 2600000 -a 1 -x 0
Summary
Radio Frequency hacking is one of the most important and least appreciated cybersecurity field. There really are so many devices and systems that send and receive radio signals that are vulnerable to exploitation. One of those ubiquitous radio signals is the global positioning system or GPS. While it is a wonderful tool for finding our way around the world, it can also be used maliciously to track our every step. By spoofing the GPS, we can hide our position and avoid tracking by governments and other malicious actors.
