Recovering clock from Arduino.(Wlessly) (Originally published on Sunday, March 22, 2020)

 So with our previous post, we got a very basic introduction to EM and EMI. This post will concentrate mostly on hands-on working into EMI and data recovery from EMI. For this I am using a simple arduino, and trying to recover some clock signals that occur in the arduino. Now with my arduino uno the clock is 16MHz, and one can observe a harmoic @ the multiples of fundamental frequencies, so a simple test with your probe at those frequencies we will have peaks in the FFT spectrum. The images are attached below.


So the above attached images are the clock at the original frequency and it's odd and even harmonics, usually in MIL and AVI class equipments and instruments this type of harmonics is suppressed without mercy ruthlessly, like the same way conquistadors captures Mexico city (https://www.pastmedicalhistory.co.uk/smallpox-and-the-conquest-of-mexico/), I mean it took them 3 years to erase the entire fucking race for the race and urge for gold and the possible fountain of youth. So that shit aside, the same harmonic in the time domain will look like the following image, it's attached for reference purpose only not for use

So this aside, for this I use a hackRF clone available and works decently, for EM sniffer probe I use my oscilliscopes probe as a sniffer or an E Probe by simply gnding the gnd to signal.

When I get near the board my FFT spectrum looks like this

Let's discuss about how this hole and it's dimension can affect my signal sniffing capabilities in a later tutorial with some simulations of near and far field. For now lets get the clock. I have attached my flowgraph in here and uploaded it to my github repo as well. So, here goes something.

So, the idea is simple capture IQ raw data , get it's magnitude, do a MA, thresh it and see some thing, this is not as reliable due to my crude instruments and my crude knowledge in instrumentation, but the output image is seen below

 And here's the github link for all the things https://github.com/Infiltra/SCAandRadioStuff

 

Now I need to think on classifying these things, let me take some time.

Comments

Post a Comment

Popular posts from this blog

Software Defined Radio (SDR) 101(Originally published on Monday, June 8, 2020)

  Software Defined Radio (SDR) 101. What is an SDR? A Software-Defined Radio(SDR), is a radio environment that has all the front end devices(amplifiers, mixers, IQ units, CPLD, mod/demod equipment) in hardware and the operation of all these equipment including but not limited to signals processing is done using software.   How is it useful? Consider this scenario you are behind lines somewhere in a godforsaken land, and you need to have a very re-programmable front end and flexible signals processing software that can be swapped at will. Et Voila enter SDR, change the software, and modify the front end code you got real-time signals intelligence on the field.   Apart from that in the civvie world, it's used for the analysis of radio signals be it sub-1-GHz systems and analysis and security assessment of wireless systems.   Some SDR. RTL-SDR, cheap effective for understanding stuff regarding SDR and it's accompanying software which is mostly GnuRadio Companion(GRC), L...
Read more

Understanding IQ in Communication Systems: Complex Numbers (Originally posted on Wednesday, October 14, 2020)

Image
So, as far as this blog goes this is not going to be one of those other blogs where profanity runs amok (though it can be, and it will be in some points here and there). The concept of signals and application of IQ data in communication system math in our area is rather a in-depth and detailed concept heavy area. Like IQ modulation has it's roots in complex numbers, and how actually these things play a role in defining digital modulation concepts and how constellation points are actually defined in IQ mode, and what does that mean as an equivalent in it's analog domain. But first things as they go, understanding what is an complex number is an essential part of this blog post an not-so brief introduction is given here. At this point I frankly don't know how I am split up these parts and publish as an blog post article, but I'll make a decision about it as I go through that bolg post. Now with the second part of this. The following article can be considered a the theror...
Read more