Everyone, from first responders to hotel staff, uses sub-megahertz radios to communicate, often without encrypting the transmission. While coding and encryption are increasingly used in wireless communication, an RTL SDR adapter and a smartphone are all that is needed to hear the radio conversations around you.
Why SDR matters
A software-defined radio (SDR) handles the parts of the radio tuning that are usually done by crystals or local oscillators and does it with software instead. The basic requirements for using an SDR are a computer, a sound card or a signal processor and a radio frequency receiver (RF receiver) to receive the signal. As a result, many processes executed by dedicated hardware are now executed by a computer, making the entire radio system very cost effective, flexible, and easily accessible.
The ability to use a cheap tuner that was originally provided digital TV, such as the DVB-T COFDM modulator from Realtek (RTL) allows the reception of radio frequencies over a large area. For a hacker, this means that he can access unencoded radio messages with most commercial two-way radios. To hear employee reviews, a hacker can use an RTL SDR dongle to silently listen to radio conversations before determining the best course of action.
Typically, an RTL SDR setup requires that a computer interpret input from the receiver. Once this is done, you can easily find analog voice transmissions to listen to. For some reason, a lot of police transit is both unencrypted and unencrypted.
While encrypted transmissions share the digital signature of a "waterfall", it looks like a stripe of digital data rather than a wavy line that makes analog voice transmission relatively easy to decode. With a Linux computer, you can pass the audio (which sounds like a random sound) through an encoder to render it back to normal-sounding audio.
For a hacker, this means everything a simple piece of hardware can bring in the amount of $ 20 access to the entire radio frequency range from 500 kHz to 1.7 GHz.
SDR on the Go
To use a $ 20 RTL SDR dongle, GQRX is normally installed on a Linux computer to interpret input from the receiver. Although convenient, not everyone wants or wants to take a desktop or laptop computer wherever they want to listen to radio broadcasts. Most laptops are much larger than the receiver itself, so the inconvenience of carrying an RTL SDR dongle with you can be daunting.
Fortunately, there are drivers that allow Android phones to use and understand the RTL-SDR receiver, so you do not have to carry a Linux computer around to use your RTL-SDR on the go. Instead, you can use an OTG adapter to connect your RTL SDR to an Android app and listen directly to your smartphone.
You need an RTL SDR dongle for the hardware. We recommend the RTL-SDR blog RTL2832U R820T2 1PPM TCXO SMA V3 for $ 21.95. You will also need an OTG adapter that converts the USB type A output for the RTL SDR dongle to the type of USB input used by your phone. My Samsung Galaxy S8 uses USB Type-C, but possibly also Micro-USB.
Not all Android phones can power the RTL-SDR itself, even if it does. For a long time, the battery runs flat. In these cases, it is advisable to search for an OTG adapter with an additional USB-C or micro-USB port to enable charging at the same time. If you are traveling, a portable energy bank may be a good idea.
You also need an antenna. Each antenna is suitable for connection to the SMA connector of the RTL SDR dongle, provided it has a coaxial connection (an SMA connector ( and not RP-SMA).) If you are not sure are what antenna you should get, you should buy the RTL SDR dongle with an antenna.
- RTL SDR Blog RTL2832U R820T2 with Antenna – RRP $ 27.95 (Amazon)
Connect the RSL SDR dongle (which should already be connected to the antenna) to the USB port type A of the OTG adapter, and then connect the USB type. You may need to remove any case to get a fit, if you're connected to your phone, you may be asked what to do with your connected USB device. Therefore, select the appropriate option.
Note that this A dapter can get really hot during work. Make sure you are aware of this because the aluminum heatsink can heat up quickly.
Step 2: Install the RTL SDR Driver
In order for any app to communicate with the RTL SDR, you need to install the appropriate drivers that allow a number of apps to retrieve data from the RTL SDR To use dongle.
To get the drivers, install the " RTL2832U driver" from Martin Martinov of the Google Play Store. The app does not need many permissions, so it should be quick and easy. Then open the app and the drivers should be automatically installed on your phone. If not, follow the instructions to install the drivers. When the process is complete, you should see a message that says "The driver was successfully installed!"
Using You can continue with this step to select an application to use.
Step 3: Install the SDRoid App
Next, set the drivers to work by downloading an application to use. While there are many Android applications to connect to the RTL SDR, many require payment after a few minutes of use. My application of choice is SDRoid by hOne, which is completely free but also requires more permissions than you may need. I make a habit of rejecting these requests because I see no reason to access my internal storage.
- Play Store Link: SDRoid (free)
After installation, you open SDRoid but refuse all permission requests for location data and photos, media, and files that are displayed. They are also not required for the functioning of the SDR software.
Then tap "Start Radio" to begin. Tap the Playback button (arrow) at the top of the screen and you will be asked to allow the RTL-SDR driver to access the connected USB device. Tap "OK" (You can also choose "Use default" for this USB device, so you will not have to do it again next time.)
If you agree, the recipient should start and You can see the tuning and waterfall data.
If all goes well, you have the full spectrum at your fingertips with the RTL SDR For practice purposes, set a channel between 88 MHz and 102 MHz (the default range for FM radio).
Set your device to mono or stereo, depending on the sound, and tap a strong signal in this area You should hear the audio as you tune in to public broadcasts.Use the frequency up and down to find other unencoded broadcasts.
If you look at the transmission pattern, you may find that you are watching That something is more analog than digital, as you can see the rise and fall as the audio gets louder and quieter. From the screenshots below, the left is analog. In a digital transmission, the entire channel width is full the entire time, as seen in the right screenshot. Recognizing the difference between these transmissions is part of the fun of software-defined radio!
The left screenshot above is the art from analogue transmission that we are looking for, in my case a classical song on the radio. By searching for conversations with the characteristics of human language, you can identify conversations in which you can listen.
Some signs of human language to be found in signal patterns are human-like behaviors, such as transmissions that turn on and off at irregular intervals. People do not speak constantly or on a regular basis. This makes it easier to ignore automated transmissions. It's also important to look for the telltale ups and downs of analog transmissions, as tuning to digital waterfall transmissions will make a terrible noise.
Step 5: Tuning to Two-Way Radio and Narrowband FM Radio  If you've found a broadcast that interests you, the default "Wide FM" filter may be too wide to match to recieve. Let's say you're a red team, and you've focused on a hotel cleaner's radios, so you know which rooms are open and when. To connect a radio and avoid interference, you must switch the radio to narrowband FM mode.
Narrow FM allows you to select and listen to the radio calls you have found. Often these are security companies, bar staff and cleaning teams. To switch to narrow FM, tap the "Wide FM" button. A selection menu for the demodulation opens. Select "narrowband VHF" in the list.
Now you can listen to every two Walk radio conference you see, enlarge and tune with a radio station narrow FM filter. I suggest you look up the city's first-responder channels and see which ones are encrypted. In Los Angeles, the vast majority of radio transmissions are not encrypted or encrypted.
Everything from garage door openers to logistics operations uses wireless signals that can be captured with an RTL -SDR connected to a smartphone. Regardless of your destination, it is useful to detect local transmissions and tune nearby analog broadcasts. Knowing where security and cleaning personnel are and what they think can give any hacker an edge, and it only costs about $ 20 to get started with RTL-SDR.
I hope you liked this guide for using software Radio on an Android smartphone! If you have questions about this SDR tutorial or have a comment, please contact Twitter @KodyKinzie .
Do not Miss: Kidnap FM Radio with a Raspberry Pi & Wire