User Controls

Anyone here got a good amount of experience with RF?

  1. #1
    MLT Yung Blood
    So, my friend and I were brainstorming and came up with an idea... we just need someone who's a radio geek to confirm whether or not this will actually work (I don't see any reason why it shouldn't).
    I was recently reading a paper on connecting via SSH over radio frequencies. Similar to the stuff seen here or here
    The fact you are abler to connect to SSH via radio got us thinking... what if we were to build an RF-Based device that used SSH over radio as a data exfiltration channel on a network that we compromised via physical access?

    So, for example, there is a took made via hak5 known as the "LAN Turtle" - https://hak5.org/products/lan-turtle
    this is a sneaky data exfiltration hardware device, that you would plug in somewhere on the target network... it would then collect data from that network and allow a remote attacker to be able to view such data.. so, obviously the LAN Turtle works via sending traffic over their network.. meaning that if they caught wind of a cyberattack, they could just analyze local network traffic in order to figure out the point of data exfil, and then remove the hardware implant for the LAN turtle from there.. well, we want to essentially create the same thing, except rather than it exfiltrating the data via LAN, it will do so via radio frequencies over SSH. We will use something like a HackRF, or even an Ardunio with an added radio transmitter. Once the device is made, we can enter the target building, hook it up on their network somewhere, and then we can sit a few miles away from their building with a secondary device which handles SSh. So, itt'l exfiltrate data from the network via RF, and, even if teh admin is aware data is being exfiltrated, they will attempt to find out the source using traditional methods e.g. analyzing network traffic, except since everything is happening over RF there won't be anything within the traffic to indicate where the data exfil point is, making it a lot harder to detect.

    Thoughts? We plan to build an initial prototype and see how it goes from there.
    I didn't do the best job of explaining this, so if anyone has any questions then ask away and I'll do my best to clear things up.
    Also, if anyone can think of any reason why this WOULDN'T work, then please do let me know.
  2. #2
    cryptographiccontrarian African Astronaut
    yea idk maybe but it would be much easier to just make a cockroach into a robot slave and have it spy on them and report back and/or set up a numbers station inside
  3. #3
    MLT Yung Blood
    Originally posted by cryptographiccontrarian yea idk maybe but it would be much easier to just make a cockroach into a robot slave and have it spy on them and report back and/or set up a numbers station inside

    lol, I only recently found out about those zombie cockroaches. Crazy shit... tempted to order one of those RoboRoach kits.
  4. #4
    aldra JIDF Controlled Opposition
    I've done some low-level arduino radio projects; trasmitting data back and forth isn't difficult once you've got the connection set up but trying to adapt SSH to work that way would be a lot of work
    The following users say it would be alright if the author of this post didn't die in a fire!
  5. #5
    MLT Yung Blood
    Originally posted by aldra I've done some low-level arduino radio projects; trasmitting data back and forth isn't difficult once you've got the connection set up but trying to adapt SSH to work that way would be a lot of work

    Well, my friend who's into radio stuff actually sent me a library which has already fully implemented SSH on a HackRF :) so I don't think too much work would actually be required on my behalf to be able to get it to connect to SSH.

    Also, I've been looking at some remote access features for software-defined radios... some of the tools here could be useful for what im doing for sure: https://0xfeed.tech/2017/04/remote-access-tools-for-sdr-receivers/ (these ones arent over SSH, I'll find that for you tomorrow... but here it shows a few other ways of remote access via SDR)
  6. #6
    cryptographiccontrarian African Astronaut
    i had an sdr but some retarded tweaker disassembled all the pieces and scattered them across the land for no good reason other than he was high as shit, and i never recovered them all, although i'm sure they are here somewhere
  7. #7
    MLT Yung Blood
    Originally posted by cryptographiccontrarian i had an sdr but some retarded tweaker disassembled all the pieces and scattered them across the land for no good reason other than he was high as shit, and i never recovered them all, although i'm sure they are here somewhere

    looool, that's just such fucking typical tweaker behaviour XDDD made me chuckle
  8. #8
    aldra JIDF Controlled Opposition
    Originally posted by MLT Well, my friend who's into radio stuff actually sent me a library which has already fully implemented SSH on a HackRF :) so I don't think too much work would actually be required on my behalf to be able to get it to connect to SSH.

    Also, I've been looking at some remote access features for software-defined radios… some of the tools here could be useful for what im doing for sure: https://0xfeed.tech/2017/04/remote-access-tools-for-sdr-receivers/ (these ones arent over SSH, I'll find that for you tomorrow… but here it shows a few other ways of remote access via SDR)

    I haven't done much with SDR; I might get one when I have some money again

    if you're using SDRs connected directly to the computers you want to send data between you don't need to worry about coding for a different platform, so as long as you have them set to reliably transmit digital then it shouldn't be too hard to connect SSH via raw sockets, don't even need to worry about TCP

    I was thinking about having to build SSH for the radio module itself
  9. #9
    Iron Ree African Astronaut [my flyspeck near-blind refund]
    HACK THE PLANET!
  10. #10
    Grimace motherfucker [my enumerable hindi guideword]
    Originally posted by MLT So, my friend and I were brainstorming and came up with an idea… we just need someone who's a radio geek to confirm whether or not this will actually work (I don't see any reason why it shouldn't).
    I was recently reading a paper on connecting via SSH over radio frequencies. Similar to the stuff seen here or here
    The fact you are abler to connect to SSH via radio got us thinking… what if we were to build an RF-Based device that used SSH over radio as a data exfiltration channel on a network that we compromised via physical access?

    So, for example, there is a took made via hak5 known as the "LAN Turtle" - https://hak5.org/products/lan-turtle
    this is a sneaky data exfiltration hardware device, that you would plug in somewhere on the target network… it would then collect data from that network and allow a remote attacker to be able to view such data.. so, obviously the LAN Turtle works via sending traffic over their network.. meaning that if they caught wind of a cyberattack, they could just analyze local network traffic in order to figure out the point of data exfil, and then remove the hardware implant for the LAN turtle from there.. well, we want to essentially create the same thing, except rather than it exfiltrating the data via LAN, it will do so via radio frequencies over SSH. We will use something like a HackRF, or even an Ardunio with an added radio transmitter. Once the device is made, we can enter the target building, hook it up on their network somewhere, and then we can sit a few miles away from their building with a secondary device which handles SSh. So, itt'l exfiltrate data from the network via RF, and, even if teh admin is aware data is being exfiltrated, they will attempt to find out the source using traditional methods e.g. analyzing network traffic, except since everything is happening over RF there won't be anything within the traffic to indicate where the data exfil point is, making it a lot harder to detect.

    Thoughts? We plan to build an initial prototype and see how it goes from there.
    I didn't do the best job of explaining this, so if anyone has any questions then ask away and I'll do my best to clear things up.
    Also, if anyone can think of any reason why this WOULDN'T work, then please do let me know.

    Hi, Sophie.
  11. #11
    Iron Ree African Astronaut [my flyspeck near-blind refund]
    hello!
  12. #12
    Iron Ree African Astronaut [my flyspeck near-blind refund]
    I found the roof access to my building and I've been wondering how good of a setup I can get with a big antennae on top of a high rise apartment, there are buildings blocking my north and south but otherwise I basically have a straight shot with minimal interference to the Lake of Ontario

    So basically what I want to do is run a cord from the roof antennae to my window and plug it into a radio and have that plugged into my computer so I can just press a button on my keyboard and scan channels on the ghostnet

  13. #13
    Iron Ree African Astronaut [my flyspeck near-blind refund]
  14. #14
    Grimace motherfucker [my enumerable hindi guideword]
    Originally posted by Iron Ree

    Hey big baws, could you like, not spam/troll the technical forums at least? That would be cool.
  15. #15
    Iron Ree African Astronaut [my flyspeck near-blind refund]
    Is modifying a quangsheng for use with custom firmware that allows use with computers not RF related? I'm pretty new to the hobby of radio frequency modification and hacking

    73!
Jump to Top