Friday, December 12, 2014

RTL-SDR with SDR# Setup

When I was reluctant to post such basic post my friend forced me to write this article saying "people love basics articles also. Which you think would be known to all." So here goes nothing

1) What is RTL-SDR

If you know about RTL-SDR Skip to 3rd point directly.

RTL - Realtek
SDR - Software Defined Radio

2) History and Discovery of RTLSDR (Source)

It turns out that Antti Palosaari is perhaps not entirely responsible alone in getting credit for the discovery of Realtek 2832U tuners being used for SDR. The RTL2382U parts were always intended by design for SDR as the dongles come with closed SDR software in Windows for DAB+ and FM reception on the mini CD. I think the credit for uncovering of what the Windows software does lies with a fellow named Eric Fry originally sniffing the USB packets from the Windows application in FM and DAB mode way back in March of 2010. He had hoped to get a DAB+ or FM receiver working in Linux (he had originally been providing unofficial support for Linux and this Quad Realtek DVB tuner). Eric and I discussed this privately at length and I made some reflections about this SDR feature in 2011 on the linux-tv mailing lists and discussed SDR potential on the associated #linux-tv IRC channel. Realtek had sent me some alpha FM SDR software for Linux with a promise of DAB+ to come. Antti's infamous email followed in early 2012. Very quickly the Realtek RTL2382U Linux driver and and some independent work by Osmocom (who were making their own E4000 based SDR) collided and in RTL-SDR as we know it exploded onto the scene.

So, the original 'discovery' lies with Eric. Much of the work getting the RTL2382U and it's associated tuners tamed in between then and now lies with Antti and Osmocom.

3) On Windows You Say ?

Yes, I know lots of people keep talking about RTL-SDR on linux and all gnu-Radio and other softwares. But wait I found some great softwares on windows also for RTL-SDR. So why not share those. I will also write something about linux setups in some later post. I had got my first RTL-SDR Dongle from (Exact model)

I opened Kali and wanted it working and listen something. But at first gnu-radio gave me some trouble getting started with basic FM also. So in hurry to listen something on dongle booted a windows machine. To my surprise there were lots of program available in windows also for the SDR. Some of them supported RTL-SDR via dierect USB some supported via a TCPIP bridge for RTLSDR. The best one I would dare say would be SDR# or SDRsharp. This is very cool software for SDR written in C# by Youssef Touil which directly detects RTLSDR from USB and can use it directly without any bridge. SDR# is free software and can be downloaded from HERE
  So I downloaded SDR# plugged in my RTLSDR usb dongle and I was good to go. Oh ya one glitch I forgot to tell about the RF gain. Which is simple thing but no one tells you about. My dongle didnt started reception on first go I couldnt get anything not even Local FM radio stations in my town. So digged little bit around. I went to the official IRC channel of SDR# which is #sdrsharp on freenode . There after asking questions for some time some one asked me about RF gain settings. So when you starting your first run with RTLSDR and SDR# first thing to be done use configure button near the device dropdown.  Choose NFM in band and open configure window then start with less gain and turn it higher till you start hearing FM channel at your known frequency. You can directly enter frequency on the right hand side area of the configure button.

Once you have set RF Gain for you RTLSDR USB you are good to go. SDR# is very easy to use software. I already told you about setting frequency. It has lots of good plugins also which one can download at their website. One of the most needed module I would say is Frequency Manager. I think author has added that module to the default set of modules which comes with software. If you have not got it by default download it from author site. Frequency Manager Allows you to store and tune again to the stored frequencies. You dont want to forget where you had listened some important channel do you ?

For tuning to frequency one can click on the right hand side black pane. You can also use arrow keys to control frequency tuning. To choose desired band one can just select the band radio button.

  So this is basics about starting RTLSDR dongle in windows with SDR#. Do comment on any questions you have about it.

Wednesday, October 1, 2014

Clearing some doubts about lock picking gun

Well I had ordered my first lock picking kit months ago which was this
But this was lying around from lots of months and I had not touched it out of my laziness.
I had also ordered this lock picking gun

This was also lying around and not used ... Ya ya ya I know I am pretty lazy.

So what happened was at one meet with my fellow hackers at, the topic was lockpicking. A hacker friend of mine had bring his lock picking tools and practice locks. So he just gave a brief into to lock picking and showed how to open some of his practice locks. I had also taken my tools and gun to show him. But he was not much fond of picking guns. But I had seen some videos of this gun picking up locks easily. There were lots of discussions and practice regarding guns but. Today I am gonna stick to only some points about this lock picking gun.
  Basically my friend said that what the gun will work similar to rake. If you dont know what is recking watch this 4 minute video to understand idea. I am not gonna discuss about lock picking techniques in this blog-post.

So since I was not sure about the lock picking gun. I made some search on net read some books/ saw some videos/ and then what I found was actually this gun was not doing anything in the line of picking with rake.
   This kind of manual gun does picking on the principle of bump keying. Check out this basic info about bump keying if you are not aware about it. Again I am not covering bump keying in details in this blog post.

So if you see the basic videos of this manual locking picking gun working in the field. It gets clear that it does not try to rake the keys but tries to bump the keys. (Push all keys at a time with the help of vibration created by gun)

So it makes clear that this kind of manual gun works on the principle of key bumping. Well a lot of pros would be already knowing this but since I am beginner in the lock picking area it was news for me. So I thought I would write down on my blog so it might help some other new comer of lock picking.
  Well I also tried out the gun with the practice lock that I had brought.

 Well it was little bit difficult that the lock on my drawer. Since it was having spring action which was snap opening lock.

I had opened both locks with the picking tools. So I went on trying the gun on these locks today. So on the both locks it worked quiet well. So as newbie in to lock picking I was very happy with my work. I shall keep posting further lesson I get into lock picking in the future (Possibly if not feeling lazy).

Wednesday, August 13, 2014

7 things about embedded/electronics projects that you might have mistaken

Well I have not invested lots of years into embedded electronics. I was electronic enthusiastic but never done much into microcontroller and embedded stuff before 2011. By the end of 2011, I had ordered my Teensy (atmega based circuit with built in USB programmer interface). I had ordered Teensy basically to try USB based attack vectors by programming teensy as USB keyboard and trying to create a batch file on the victim computer and run it etc. Some good tools and frameworks have been written about the use of Teensy like devices as attack vector. (E.g. by @nikhil_mitt) So I am not going into details of embedded device as attack vector on computers.

 I had done some small projects using this Teensy like Remote Controlling PC via TV Remote. But I started programming of Atmega Chips (microcontroller) due to an incidence. My nephew had done some robotics class where they had taught (really?) them about atmega16 based line follower robot. Also gave each one a piece of hardware. But my nephew was given a further difficult challenge to complete on his own… To solve a maze. But neither my nephew nor other friends in class were able to complete task. They were not able to re-produce normal line following ability of robot at home. So my nephew called me expressed his problem. So, first I gave him general idea how the code should work. Then sent a partial code to help him but he couldn’t do it. So I and a friend of mine took this challenge. I was sure that it should work but we needed to get information about coding and sensor as well as prepare algorithm of the robot. So we started collecting datasheets and information about the tools and coding softwares etc. Within 8-10 days we were able to run the robot perfectly as per the requirements of the challenge. Reason telling you this story is embedded device is not that hard as you think. The person who knows any one programming language can easily use embedded device. That’s why I thought to write about 7 things you never knew were easy about Embedded Hardware devices projects.

1)      Embedded Hardware is not as difficult as you think!
2)      You don’t need to do soldering!
3)      You don’t need low level language like Assembly!
4)      It’s not as expensive as you think
5)      Simulators are your best friends!
6)      Don’t be afraid of PCB designing!

7)      Manufacturing like a pro

Embedded Hardware is not as difficult as you think!

I have been arranging Hardware training trying to get people involved into hardware hacking projects. But I have seen lots of people having the fear of hardware or embedded projects as if touching any microcontroller will give them -A.C. 240V electric current. Very less number of people were interested in the trainings even if some were free of cost. It is not as difficult as people think. I am telling this from my own experience. I had started programming with a line follower robot without any previous knowledge about these microcontrollers then also I had succeeded in completing the challenge of solving maze using line follower robot. If I can do it so do you can do it too isn’t it? This is not rocket science though people have created rockets using thisJ . Just see at some sample codes get some basic compliers or programming IDE for microcontrollers and start with simple codes. Most of the microchips would allow you to code in C or C++ language.

You don’t need to do soldering!

I have also seen people saying oh electronics you need wires you need to do soldering. I can’t user soldering gun etc. But hey you are in to new era of electronics and embedded devices. Lots of microcontroller devices come with the basic development kits readymade. Some times by the device manufacturers or sometimes by some local vendors.
For Ex. Atmega8 Development kit

You just need to plug-in cables and you can use these boards for GPIO (General Purpose Input Output). Some of these boards have basic input as switches and out puts as LED or Buzzer etc. So even if you don’t know soldering and you never have built electronics circuits… don’t be afraid.

You don’t need low level language like Assembly!

            One more reason people put forward for not doing embedded projects is they don’t know low level language like Assembly and they don’t want to take the trouble to learn assembly language. Wake up people. Almost all generally used Microcontrollers give us option to code in to higher level language such as C / C++. Most popular open-source hardware platform Ardiuno uses C++ as its base language in its IDE. Other major share or chips from Atmel use C or C++ both and also come with full visual studio based development environment.

It’s not as expensive as you think

            Normally we use most of the free software. So to start embedded project people are not ready to spend cash. But we don’t need lots of cash to start a microcontroller project. Lots of time a development kit could be brought for around 10$ to 20$ (600 to 1200 INR). So to start off you don’t need all big gadgets and don’t need to empty your pocketsJ. After starting some small projects you can check if you are embedded into it and want to spend more on it or not.

Simulators are your best friends!

            If you want to check circuits or microcontrollers without assembling any circuits then it is also possible. There are very good software simulators available these days which not only simulate most of the electronics circuits but lots of microcontrollers also. The normal hardware development cycle consist of following stages
Schematic Design -> PCB Layout –(wait for pcb)--> Physical Prototype -> Software development  --> System Testing

Instead of wasting time in more tedious development cycle system simulation can be used to do development in a rapid way.

There are free simulators like Simulator in Atmel Studio. There are some good professional quality simulators like Proteus (from 

Using simulator helps for quicker development of the electronics or embedded project.

Don’t afraid of PCB designing!

            In the old days the PCB designing used to be done via laborious manual processes. But PCB designing softwares have changed that a lot. There are some great PCB design software both Free (List of Free PCB design softwares) and Commercial (Like Proteus).

 Eagle ( is also one more free software which is pretty good for designing PCBs they have their commercial version for more than 2 layered PCB. We can do circuit design and convert it to a PCB design in some professional software like Proteus. Some other PCB designing software are also good for quickly creating PCB designs and generating manufacturing files for PCB manufacturer.

Manufacturing like pros.

As well as PCB designing the manufacturing of PCB has also became easy. There are lots of online services where you can design and order a PCB online.
For ex. - Indian website with Global reach of customers - They have their own software using which one can design a PCB and order directly online for manufacturing.
   - Cheap rates
There are a lot other websites (Just google for “order PCB online”!) you can choose the one suitable for your need or a local one PCB manufacturer nearby you.
For assembly of the electronic circuits also, there are lots of online services available (like screamingcircuits or 7pcbassembly) but I found that the online services for the assembly of circuit are much more costly. Better option is to check for a local vendor who is doing assembly. Local vendors I found near-by give rate of around 0.004086$ which is like a quarter of 1 INR per soldering point. So I recommend to check for some local vendor rather than wasting too much money on online services of assembling circuits.
Always keep in mind that the PCB manufacturers and Assembly service providers would normally don’t give your order on time. So always keep good buffer time while giving order or bulk quantities to these vendors.


So get your feet wet in the fields of electronics (in electronic fluid) and embedded devices and you will find it good as hobby or business also.

Saturday, August 9, 2014

Garage4Hackers Ranchoddas Webcast on XSS Protection Bypass By Ashar Javed

Great talk about XSS filter bypass in the Ranchoddas Webcast by