What Is Software Defined Ratio? – So far, we have covered a number of topics for various kinds of software and hardware exploitation. In this chapter, we shift our attention to one of the other core components in any IoT device architecture, communication.
Communication is the key component for any IoT architecture and it is responsible for devices talking to each other and sharing and exchanging data. The communication can either happen through a wired or wireless medium. In this and the next chapter, we cover various types of wireless communication technologies and explore software defined radio.
We start by understanding the concept of wireless communications. Wireless communications are the core component that IoT devices need to talk with each other. The effective range of wireless technologies spans from an extremely small distance to a few miles.
In this and the next chapter, we cover some wireless technologies, including topics such as software defined radio (SDR), BLE, and ZigBee. However, we won’t be going into the concepts of electromagnetic theory and the nitty-gritty of wireless technologies or digital signal processing.
Anyone who is reading this book will most certainly have experienced a form of wireless communication with the many devices that we are surrounded with. Be it controlling a television with a remote, or accessing the Internet using Wi-Fi or syncing your smart wearable wristband to your smartphone, all of this is done via one or the other forms of wireless communication technologies.
Even if you have never worked with radios before, you will find this chapter fascinating, practical, and extremely actionable. You might have used FM radio in your early days or have seen your parents use it. The problem with FM radio or any similar medium is the limitation of tuning to an extremely narrow range of functionalities and performing a specific set of actions programmed by the developer initially.
Imagine the power you would have if you could build and use a radio that has an extremely large frequency range and you could change its functionality as you wish without touching the hardware at all. That is what SDR does. SDR allows you to implement radio processing functionalities that otherwise would have needed hardware implementation to be performed with the use of software.
With this basic foundational knowledge of SDR, let’s look into what these are exactly, how to implement them, and finally how to use them for our IoT security and exploitation research.
Before we begin looking into SDR, here’s a list of the tools that we will be using in this chapter:
What Is Software Defined Ratio?
By now, you will already have a lot of questions about SDR: How do these devices function? How we can create our own? We will take one step at a time, and try to understand the underlying principles of SDR first, and then move to further details.
I’ll start with an example. Imagine you are working on one of your IoT security penetration testing engagements and you have been given a wireless doorbell to pentest. You have tested all the hardware using the previous techniques we have discussed and now you need to look at the radio aspect. You look up the FCC ID of the device and find out that it communicates over 433 MHz. One of the things you can do is get a 433 MHz receiver to analyze the device’s radio properties and the kind of data it is transmitting. However, there is one limitation of this: What if the device transmits at 436 MHz or the next device you pentest transmits at 355 MHz?
A better solution to approach this particular scenario is to work with SDR, which will allow you to modify the radio frequency that you’re listening to and the way you decode the signal based on whichever device you are assessing. Therefore, you no longer need different hardware for different devices, but rather a combination of a single hardware and software utility that will allow you to make changes according to your requirements.
The first thing we should do, before we jump into analyzing frequencies and looking at all the finer details, is to set up our lab environment for the SDR. I strongly recommend setting up the lab for all the SDR exercises on Ubuntu, as other platforms might not be as easy to set up. In addition, Ubuntu is better able to work with advanced concepts when we go deeper later on.
Here are the things that need to be set up for our entire SDR lab.
3. Rtl-sdr utilities.
4. HackRF tools.
You will also need access to SDR hardware. There are a number of options to choose from and all of them have their own benefits. However, to keep things simple at the start, I have chosen the RTL-SDR, which is an extremely inexpensive ($20) piece of hardware that will allow us to perform a number of our SDR-related exercises.
One of the limitations of RTL-SDR is that it will only allow you to sniff and look at various frequencies, and not actually transmit your own data. Even though there are hardware modifications available for RTL-SDR with which you can transmit data, for those purposes, I would strongly recommend getting a tool such as HackRF.
As mentioned earlier, I recommend performing all of the SDR exercises on an Ubuntu machine. I would also recommend you have Ubuntu as your base operating system and not do these exercises inside a VM, unless that’s the only option.
Installing the tools from the apt repo is fairly straightforward and can be done as follows:
sudo apt install gqrx gnuradio rtl-sdr hackrf
It’s always preferable to build the tools from the source to avoid any dependency issues or bugs while working with them. Step-by-step guides for installing the tools you need from the source can be found at the following links:
If You Want To Know About All Things In Hacking Then Click Here