Software Defined Radio (SDR) for Hackers: Setting Up Your HackRF One

Welcome back, my aspiring SDR hackers!

In the previous tutorials in this series, we used the inexpensive but capable RTL-SDR for our radio hacking adventures. Although the RTL-SDR is very capable of receiving a wide variety of radio signals, it is not capable of sending radio signals. In addition, the frequency range of the RTL-SDR is limited (see my tutorial on SDR hardware comparison here).

 

In the next few tutorials, we will be using the HackRF One transceiver. The HackRF One is capable of both sending and receiving radio signals. Its biggest limitation–compared to the much more expensive hardware– is that its is only half-duplex meaning it can only send or receive and not both simultaneously. Despite this limitation, it is great for a lot of great hacks such as replay attacks where we capture a transmission and then resend it.

 

Step #1: Connect Your HackRF One

In this first step, you will need to connect your HackRF to a USB port. Then download the HackRF utilities from the Kali repository.

kali > sudo apt install hackrf

Now, with these utilities installed, let’s check on the version of our HackRF One.

kali > sudo hackrf_info

 

This should supply us with some basic info on our device, most importantly the firmware version. As you can see, my HackRF One came with firmware from 2017. There have been a few updates since then so let’s update ours to the most current version.

 

Michael Ossmann, the developer of the HackRF maintains a github repository for all things HackRF at https://github.com/mossmann/hackrf. From there we navigate to the releases directory and see that there is brand new release of the firmware for 2021.03.1. Let’s get that firmware and update our HackRF.

Step #2: Update the firmware

Download and extract the new firmware from Ossmann’s repository to your Kali system. It will create a directory named appropriately enough, hackrf-2021.03.1. Navigate to that directory and you will see a file named firmware-bin. Change (cd) to that directory.

Now we need to update the firmware. To update the firmware, enter the following command;

kali > hackrf_spiflash -w hackrf_one_usb.bin

 

Once the firmware has been updated, disconnect and then reconnect the HackRF One.

Now, when we ask the HackRF One device for details using the hackrf_info command, we can see that it has been updated to the most current firmware.

 

Step #3: Preparing the HackRF One for Windows

We will be using Linux for the HackRF hacks in future tutorials (HackRF doesn’t transmit in Windows), but if you want to use your HackRF in Windows, here’s how to do it.

First, plug your HackRF One into the USB port. Now, open Zadig and look for the HackRF One under devices. Select HackRF One.

 

Next, click on the Install Driver.

 

 

When the driver installation is complete, Zadig should look like this.

 

Finally, we need to install a new ExtIO.dll for the HackRF. You can find it at https://github.com/ExtIO_HackRF/releases like below.

 

Summary

The HackRF One is a powerful and inexpensive radio transceiver excellent for both sending and receiving radio signals in the 1Mhz to 6 GHZ frequency range. Although it is only half-duplex and USB2.0, it is adequate for many of the hacks we will be doing, such as replay attacks where we capture a signal and replay it. In these circumstances, high performance is not required.

Look for more SDR for Hackers tutorials such as signal jamming, GPS spoofing, remote replay attacks and more.