Jump to content


Active Members
  • Content Count

  • Joined

About etherxrally

  • Rank
    Hak5 Fan

Recent Profile Visitors

542 profile views
  1. Take a look at how networks communicate and you may get a better understanding on how and where you would want to place your device. Look at how layer 2 and layer 3 devices communicate. If you are trying to capture traffic going form one device to another on the same network or are you after traffic going to a different network? Depending on what you are after it will help dictate where you place your tap. For instance, Say you have a home network with a NAS and computers all on the same network and you want to see traffic going to the NAS. Putting your tap on the routers interface wouldn't ma
  2. Shark Jack only has one interface. I suppose you could look at running tcpdump but it would be only traffic that the shark sees. Normally with packet captures you are looking at a target device or major points of interest. There are other tools that are made to do that.
  3. etherxrally


    What software are you looking to use? Typically you start your software after you have installed drivers and then select the SDR source in the software. The hardware does nothing without the software and the HackRF does not come with software, you would need to seek out software that meets your needs.
  4. SMS is not RF but rather traffic that travels over RF. If you are looking at seeing SMS over the air you would need to look at cellular RF vulnerabilities which would need something like a LimeSDR etc. Then from their work you way into targeting just the SMS traffic. The yard stick one is probably not the tool you are looking for.
  5. Running payload Network Recon Payload with email exfiltration, I am getting traffic from the SharkJack that i am trying to understand. I am monitoring the traffic and when it runs the payload I get two ICMP type 3 code 3 messages. Each message is to a different address. Each time I run the payload the destination address changes to seemingly random addresses. the source port is 123 and the destination port is random (also seems backward to me). I don't see where any of this is part of the script. So i have some questions: 1. Does anyone know if this is part of Sharkjack normal behavior? (
  6. If you have a HAM license you can transmit at much higher levels and achive long distance links. However it is not ok to send secure (encrypted) traffic on HAM frequencies. I wouldn't call this SDR because its just programming it to be out of band. If you could get the IQ samples and use software to change modulation etc then it could make things more interesting.
  7. good call. I wonder what kind of range those would have though. Seems like it would have to be in close proximity like a apartment building or office setting.
  8. sdr sharp has some plugins that act like a scanner. more info here....http://www.rtl-sdr.com/sdrsharp-frequency-manager-scanner-v1-31-update/
  9. Im not sure about the e4000 sets but iirc these usb sdr sticks are using 75ohm. I think this traces back to the fact that they were used for tv which uses 75ohm coax. RG59 may be a better choice and is available at home depot etc. where RG58 (50 ohms) is a little harder to find at local shops. Specs can be found here http://www.rtl-sdr.com/about-rtl-sdr/
  10. I dont know what is more common. Most of the time i set the decoder to decode both and didn't pay much attention to what mode was detected. I can say that the two pagers I have to have for work are FLEX. I suspect that Elfnetcommunications would know more about which is more popular and maybe will chime in with a little better idea of what we see here. I was playing around with PDW and found that there is a filter built in that I didnt see ealier. Its much like a wireshark for paging.
  11. It could be they are way off freq. The only other thing I would suggest would be to check with other narrow band stations (you may have done this already) rather than broadcast wide band FM. The reason for this is that it is easier to find the center frequency on a narrow band channel giving better resolution. Again you may have already done this and if so you found a station way out of band, a good find if so!
  12. If you are looking for frequencies in your area check out radioreference.com. Dont be alarmed if the frequencies are off a bit like TN.Frank said. If fact the frequencies are more than likely right on but the sdr isn't. It should be close enough to find the signal anyway.
  13. I have found with my RTL that the auto gain is too hot. I normally set the gain manually but I am using SDR# or HDSDR. GNU radio may have similar issues. With no exposure to GNU radio I don't know if you can set it manually but if you can I would try to set it to somewhere around 30db for a start. The other option may be that the waterfall is set to sensitive and may need adjusting as well as the audio gain. I had to play around with SDR# and HDSDR to make the output worth anything. I know this isn't much help but maybe GNU radio is similar. Let me know what you find, sounds like you are close
  14. If you are in the bay area you could try looking between 928 and 931 mhz and you should see some action.
  15. What you are talking about is the First, second, third, etc.... harmonic frequencies. This is exactly what I was referring to. Normally you don't worry about it because these harmonics are being broadcast at such a low power compared to the primary that you wont see them. If you are near a high power broadcast transmitter though you may end up picking up on these. There can also be things such as your VFO mixing with A RF signal and producing a image. RF can be funny like that and these cheap SDR's don't have much hardware to combat that sort of thing.
  • Create New...