OSINT: Tracking Live Aircraft Feeds using SDR

DeTaSECURE

5 min read
OSINT: Tracking Live Aircraft Feeds using SDR
Photo by Cibi Chakravarthi / Unsplash

Introduction

What is Software Defined Radio (SDR)? TL; DR;

Software-defined radio (SDR) is a radio communication system where components that have been traditionally implemented in hardware (e.g. mixers, filters, amplifiers, modulators/demodulators, detectors, etc.) are instead implemented by means of software on a personal computer or embedded system.

In this post, you will learn how to setup: -

1. Setting up SDR and listening to local radio stations &

2. Tracking Live Aircraft Feeds

Prerequisite

1. RTL-SDR USB Radio Receiver with ADS-B Support – For this practical, we are using Nooelec NESDR Mini 2+ This is a perfect device for learning software-defined radio, on the cheap Approx. $10-20 and it comes with amateur radio, ADS-B, police & fire scanning, trunking & satellite images. These units are based on the R820 (R820T2) tuner IC made by Rafael Micro. They have a frequency capability of approximately 25MHz-1750MHz and have USB Interface IC RTL2832U

2. Operating System to run SDR – For this practical, we are using Windows 10 else one can also work with Linux & Unix distributions. Nowadays researchers are also using Raspberry, Tinker Boards, and Arduino for developing Hacking gadgets or Robotics Projects based on SDR or implementing SDR as a communication channel between system and user.

3. SDR Software – For this practical, we are using SDRSharp < Download >

4. Why SDRSharp? TL; DR;

·         SDR# (read SDR Sharp) is a simple, intuitive, small, and fast PC-based DSP application for Software Defined Radio. It’s written in C# with both object design correctness and performance in mind. The main purpose is to offer a simple proof of concept application to get hands-on DSP techniques. < Ref-1>

5. Dump1090 < Download > - For our practical we are using RTLDump1090imu < Download >

Why Dump1090? TL; DR;

·         Dump 1090 is a Mode S decoder specifically designed for RTLSDR devices.

·         Network support: TCP30003 stream (MSG5...), Raw packets, HTTP.

·         Embedded HTTP server that displays the currently detected aircraft on Google Map.

·         Ability to decode DF message formats like DF0, DF4, DF5, DF11, DF17 DF16, DF20, and DF21 where the checksum is xored with the ICAO address by brute-forcing the checksum field using recently seen ICAO addresses.

·         Decode raw IQ samples from the file.

6. Radar Server – For this practical, we are using Virtual Radar Server < Download > - Virtual Radar Server is an open-source .NET application that runs a local web server. You can connect to the web server with any modern browser and see the aircraft plotted on a map. Virtual Radar Server runs on Windows 10, 8, 7, Vista, XP, and Linux (via Mono) TL; DR;

Let’s Begin: -

I. Setting up SDR and listening to the local radio station

·         Download SDRSharp < Download >

·         Extract SDRSharp into a folder

·         Open CMD as an administrator and go to SDRSharp Path

Command # cd C:\Users\raghav.bisht\Desktop\sdrsharp-x86

·         Now plugin in your SDR Device and download the drivers.

Command # install-rtlsdr.bat

·         Now once the command is complete you will find the “Zadig.exe” application in your folder

·         Run Zadig.exe and list devices you will find RTL devices then click install to install drivers w.r.t your RTL-SDR

·         Once your drivers are installed re-plug the device and start “SDRSharp.exe”

Settings 1: Select Source “RTL-SDR(USB)”

Settings 2: Select WFM on Radio

Settings 3: Select FM Stereo in Radio

Settings 4: Tune to the Frequency of your local radio station e.g. 94.3MHz (Convert MHz to Hz) so, 94.3 X 1000 X 1000 = 94300000Hz (000.094.300.000 in SDR software)

·         Now when everything is set click on start.

II.            Tracking Live Aircraft Feed

Great once you have got the basic idea of SDR, we can move to live Aircraft traffic, feeds capturing, and plotting the data on a map.

·         Plug your SDR Device

·         Download RTLDump1090imu < Download >

·         Extract the portable application into a folder and run “rtl1090imu.exe”

·         Follow the instruction and install drivers Just like we did with SDRSharp.

·         Once the application is installed you will notice a new application is created “rtl1090.exe”. Now run the application and click on start. If your drivers are installed properly you will see traffic/packets flow.

·         Now note down the Port Number your Dump1090 is listening, in my case, it was “31011”

·         Now Download Virtual Radar Server < Download >

·         Install the VRS on your PC and run it.

Settings 1: Click on Tools > Options and move to Receiver Tab and set Port to Dump1090 Listening Port e.g. 31011

Settings 2: Click on Wizard and select RTl1090

Settings 3: Click on Test Connection If you get the following message “Your Connection can be made with the following settings” then your VRS is ready.

·         Now Click on http://127.0.0.1/VirtualRadar Link and you will see the GUI interface with Live tracking of Aircraft in your area.

Conclusion

The largest data repository in human history is available on the Internet; the trick is to learn where to dig. There are many websites providing aircraft and flight data, however, my personal favorite is https://www.radarbox.com/ We can track every plane and flight in the world with this website. This is the ideal location to track a flight or an aircraft if your OSINT investigation involves doing so.

Raghav

Experienced Security Researcher with a demonstrated history of practicing Information Security and eGovernance consulting for Government organizations/sectors. Plus he also practices Cyber Security Consulting for the information technology and services industry. Skilled in Vulnerability Assessments & Penetration Testing, Cyber Security Intelligence, and OSINT. You can reach out to him by Clicking Here.