Author Topic: "Hack" an Commercial Airline Groundstation Radio?  (Read 10781 times)

0 Members and 1 Guest are viewing this topic.

Offline Lord of nothingTopic starter

  • Super Contributor
  • ***
  • Posts: 1591
  • Country: at
"Hack" an Commercial Airline Groundstation Radio?
« on: March 28, 2016, 08:11:40 pm »
Hey
An crcy German sold me on Ebay an Commercial Airline Radio for less than noting.  :scared:
Its from "Harris". There are NO information about the Box in on the Internet.  :wtf: Thankfully the also send me the Manual.
Chaing Channel and all that stuff work. The should supprt "Digital" (ACARS, VDL) but i cant swtich to digital mode.

The have an ROM?! You know that small chip who is removal and a square.
So its possible to hack that stuff and unlock the digital processing?

THX!
Made in Japan, destroyed in Sulz im Wienerwald.
 

Offline Lord of nothingTopic starter

  • Super Contributor
  • ***
  • Posts: 1591
  • Country: at
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #1 on: April 17, 2016, 03:04:30 pm »
 :=\ can someone help me to get the Data out?
I have no idea how to do it.  :-//
Made in Japan, destroyed in Sulz im Wienerwald.
 

Offline uncle_bob

  • Supporter
  • ****
  • Posts: 2441
  • Country: us
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #2 on: April 17, 2016, 03:17:36 pm »
Hi

Well, Harris has been making various radios for over 50 years now. They have made at least a few hundred different models of radios and possibly over a thousand. *Some* sort of information on the radio you have will be needed to track things down. Is it bigger than a small car (some of theirs are)? Is it smaller than a shoe box? Maybe a picture? A shot of the name plate would help quite a bit. If the name plate and all ID have been stripped from the radio (they *were* there at one time), you will probably need to shoot a number of pictures of the radio.

Bob
 

Offline Howardlong

  • Super Contributor
  • ***
  • Posts: 5405
  • Country: gb
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #3 on: April 17, 2016, 03:46:19 pm »
The other question is, what are your intentions to do with it?

It will be of no surprise that a dim view is taken of unlicensed operation particularly when safety of life is on the cards.

For example I have an FRTOL but I am only licensed to use it as crew, I am not even authorised to operate on the ground unless I am in an aircraft as crew.
 
The following users thanked this post: Kilrah

Offline Lord of nothingTopic starter

  • Super Contributor
  • ***
  • Posts: 1591
  • Country: at
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #4 on: April 17, 2016, 04:39:58 pm »
Its an Commercial Radio everyone here should understand that not an good idea say exactly what kind of freq the Radio could receive.

Maybe the Data outout work when i put something one other "Serial" Ports?

Quote
The other question is, what are your intentions to do with it?
Get the Data out of the Box who are transmitted over the Air. Yes there are Software for SDR Dongle but hey it an commercial Radio the work 100x better than an Cheap SDR Dongle.  :bullshit:

Quote
It will be of no surprise that a dim view is taken of unlicensed operation particularly when safety of life is on the cards.
hmm its just an receiver and nothing special with (expect that someone sold it who have no idea what the actual sold.  :-DD). If the Company who sold it would know what a product like that cost one the free Market the would drive insane.  :scared:
Quote
FRTOL
???


You know that ADSB Reception are ilegal in quite all EU Country? So look on FR24 and other sides. Million People share it. The same with AIS its illegal to receive and share in many Country but hey...  :popcorn:

So trust me that what i want to do is what i also could do with SDR Software but with less effort. I dont want to share that data or give it out of my Hand. Its just for Recording. When i cold modified the Data to make it an Format who can be read by another program it will be fine.
Made in Japan, destroyed in Sulz im Wienerwald.
 

Offline Howardlong

  • Super Contributor
  • ***
  • Posts: 5405
  • Country: gb
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #5 on: April 17, 2016, 07:51:16 pm »
You did not state it was a receiver only, nor much else for that matter in your OP, just saying.
 

Offline janoc

  • Super Contributor
  • ***
  • Posts: 3871
  • Country: de
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #6 on: April 17, 2016, 08:27:47 pm »
Its an Commercial Radio everyone here should understand that not an good idea say exactly what kind of freq the Radio could receive.

The frequencies are public information, there you really don't need to worry. The bandplans are published and you can even get the specific frequencies in use from the airport maps, frequently even from the websites of the airports.


You know that ADSB Reception are ilegal in quite all EU Country? So look on FR24 and other sides. Million People share it. The same with AIS its illegal to receive and share in many Country but hey...  :popcorn:

It is certainly not illegal to receive these signals. However, you are not allowed to share/disclose the communication not intended for you because then you may be breaking the telecommunication secrecy. Which *is* illegal. Some countries also prohibit possessing the radio equipment without the corresponding license, but that is rare.

Don't know about FR24, but I think they operate under the premise that the ADSB signals are broadcasts (not a "communication" having a specific recipient), so they are a free game, being public information. But that's just my speculation - do check the telecom rules in your area if not sure!

Their forum also seems to confirm this:
http://forum.flightradar24.com/threads/5685-Is-Feeding-ADS-B-Signals-Legal

But again, IANAL. Do check your local laws.

« Last Edit: April 17, 2016, 08:42:00 pm by janoc »
 

Offline Lord of nothingTopic starter

  • Super Contributor
  • ***
  • Posts: 1591
  • Country: at
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #7 on: April 17, 2016, 08:41:42 pm »
Sure I know the Freq but its better not to talk about that. For the Radio Box is not necessary on which freq is run.  :-BROKE

Quote
but I think they operate under the premise that the ADSB signals are broadcasts
sure but receiving is ilegal also sharing is highly illegal. Some People ask the Authoriys in different European Country and you can think what the say.  :blah:...

So back to Topic. How can I see what kind of Data the Box send out over the Physical Ports?
Made in Japan, destroyed in Sulz im Wienerwald.
 

Offline Howardlong

  • Super Contributor
  • ***
  • Posts: 5405
  • Country: gb
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #8 on: April 17, 2016, 08:50:41 pm »
It depends on the local laws, certainly in the UK the default is that it is technically illegal to receive anying which you don't have a licence for. In practice, certainly for aviation stuff such as AM VHF and secondary radar on L band a blind eye is turned.

However this is why, for example, LiveATC generally doesn't cover the UK.

You don't need a licence to be in possession of equipment capable of receiving or indeed transmitting anywhere in the spectrum, it's only an offence if you use it without an appropriate licence.

I'm well aware there are different rules in other jusrisdictions, that's just how it's applied in the UK.
« Last Edit: April 17, 2016, 09:04:06 pm by Howardlong »
 

Offline janoc

  • Super Contributor
  • ***
  • Posts: 3871
  • Country: de
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #9 on: April 17, 2016, 09:00:00 pm »
Sure I know the Freq but its better not to talk about that. For the Radio Box is not necessary on which freq is run.  :-BROKE

Sorry, that's just BS. The frequencies are public information posted by the government and coordinated worldwide. For example:
http://www.erodocdb.dk/docs/doc98/official/pdf/ERCRep025.pdf

You get also info like this:
http://ourairports.com/airports/LFPG/pilot-info.html#comm

5 seconds of googling. That info has to be public, because, surprise, the pilots need to actually know which frequency to use when coming into that airport. It is not like the tower or ground handling frequencies are some sort of security sensitive information.

There is nothing secret or taboo that must not be talked about there.

Quote
but I think they operate under the premise that the ADSB signals are broadcasts
sure but receiving is ilegal also sharing is highly illegal. Some People ask the Authoriys in different European Country and you can think what the say.  :blah:...

Sorry, you are just making wild assumptions based on hear-say. Do actually check the law and you will be surprised. I have actually taken an exam from the telecom regulations for my HAM license, so I guess I should know something about the regs.

If your country allows owning the receiver without license (some don't - e.g. Belgium, I believe), then you shouldn't have any issues as long as you don't disclose the information received - that is the only thing where you could theoretically have problems.
 

Offline janoc

  • Super Contributor
  • ***
  • Posts: 3871
  • Country: de
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #10 on: April 17, 2016, 09:06:23 pm »
It depends on the local laws, certainly in the UK the default is that it is technically illegal to receive anying which you don't have a licence for. In practice, certainly for aviation stuff such as AM VHF and secondary radar on L band a blind eye is turned.

However this is why, for example, LiveATC generally doesn't cover the UK.

I think the difference here is that AM VHF (and the ATC chatter in general) are covered under the communication secrecy - it is not something intended for you. So something like LiveATC cannot legally operate there because it would be breaking the law by disseminating that information.

ADS-B are automatic beacons carried by the aircraft broadcasting their identification and position. There is no "communication" happening normally and the signals are intended for anyone who can receive them. So it isn't exactly apples to apples comparison.  I would say that these fall under the "weather and navigation transmissions" as it is mostly collision avoidance info: http://stakeholders.ofcom.org.uk/enforcement/spectrum-enforcement/guidance

But I am certainly no expert on UK law.
« Last Edit: April 17, 2016, 09:16:06 pm by janoc »
 

Offline Lord of nothingTopic starter

  • Super Contributor
  • ***
  • Posts: 1591
  • Country: at
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #11 on: April 17, 2016, 09:12:58 pm »
Quote
If your country allows owning the receiver without license (some don't - e.g. Belgium, I believe), then you shouldn't have any issues as long as you don't disclose the information received - that is the only thing where you could theoretically have problems.
haha  :-DD do you realy think the Authority can control who buy which Hardware?
Baofengs, SDRs, Ebay,... Some People sneak SDR Hardware into North Korea.  :phew:

The Point is the Receiver is made for something I should not receive but  :=\. So can we return back to Topic? I will get "Data" out of this thing.  :rant:
Made in Japan, destroyed in Sulz im Wienerwald.
 

Offline janoc

  • Super Contributor
  • ***
  • Posts: 3871
  • Country: de
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #12 on: April 17, 2016, 09:26:32 pm »
haha  :-DD do you realy think the Authority can control who buy which Hardware?
Baofengs, SDRs, Ebay,... Some People sneak SDR Hardware into North Korea.  :phew:

You will be surprised, but yes, they can. Ignorance does not make it any more legal. It used to be like that in the former Czechoslovakia - you could buy HAM radio gear only if you brought a valid license in store with you. Earlier it was like that for CB too - you had to register it and have a permit for it. And if the police found a radio in your car or home, you could have been heavily fined if you didn't have the proper papers for it, simply based on possession, e.g. because a "helpful" neighbor didn't like the shadow of your antenna over their property. You didn't need to actually operate it.

Fortunately this has changed in the late 90s. However, there are still many places forbidding the ownership of communication receivers ("scanners") and you will get fined if caught with one.

Quote
The Point is the Receiver is made for something I should not receive but  :=\. So can we return back to Topic? I will get "Data" out of this thing.  :rant:

No point in ranting if you don't actually post photos or description of what exactly you have, as asked before. Without that pretty much nobody can help you.

 
« Last Edit: April 17, 2016, 09:29:36 pm by janoc »
 

Offline Lord of nothingTopic starter

  • Super Contributor
  • ***
  • Posts: 1591
  • Country: at
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #13 on: April 17, 2016, 09:32:45 pm »
Quote
It used to be like that in the former Czechoslovakia
My Dad was born there.  :-+
Quote
in store
sure but nowadays I could travel across the Boarder without any Passport Check or so.
I could smuggle anything in Europe.  :-DD The same at the Airport the last time I saw someone from the Custom it was on a TV Show.
Quote
And if the police found a radio in your car or home,
Why should a Police visit my House? The Stasi Time (ok ok it was East Germany...) are over.
Quote
No point in ranting if you don't actually post photos or description of what exactly you have, as asked before. Without that pretty much nobody can help you, no matter how much you rant.
So there are no Information about the Receiver. It was part on an bigger Solution.
Made in Japan, destroyed in Sulz im Wienerwald.
 

Offline janoc

  • Super Contributor
  • ***
  • Posts: 3871
  • Country: de
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #14 on: April 18, 2016, 10:01:44 pm »
Why should a Police visit my House? The Stasi Time (ok ok it was East Germany...) are over.

You have obviously no idea and have never had to deal with neighbors, for example. Try to erect an antenna in your house or apartment and you will discover "new world" of human relationships very quickly.

So there are no Information about the Receiver. It was part on an bigger Solution.

Too bad then.
 

Offline Lord of nothingTopic starter

  • Super Contributor
  • ***
  • Posts: 1591
  • Country: at
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #15 on: April 18, 2016, 10:05:42 pm »
I have some Antenna on the Rooftop but nobody care about.  :-+

Anyone here have experience with readout some unknown data?!
Made in Japan, destroyed in Sulz im Wienerwald.
 

Offline Melt-O-Tronic

  • Frequent Contributor
  • **
  • Posts: 265
  • Country: us
  • Brilliant with a slaughtering iron in my hand!
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #16 on: April 18, 2016, 10:57:06 pm »
If we ignore all the off-topic noise about legal & illegal stuff, it's still not clear what exactly you're trying to do.  Are you asking how to connect to the serial port and look at the data coming out of it?  If so, I believe the images you posted provide the information you need.  If that is not helpful to you, it sounds like you may need very introductory-level education on the topic.
 

Offline Lord of nothingTopic starter

  • Super Contributor
  • ***
  • Posts: 1591
  • Country: at
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #17 on: April 18, 2016, 11:23:49 pm »
I need some application to see what going over the ports. Also the Cabling. That isnt that easy for an beginner.  :scared:
Made in Japan, destroyed in Sulz im Wienerwald.
 

Offline janoc

  • Super Contributor
  • ***
  • Posts: 3871
  • Country: de
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #18 on: April 19, 2016, 10:09:12 pm »
Well, the pins of the connector seem to be described well. Seems like regular RS232 is available - good old serial port.

Software - RS232 can be handled using any terminal emulator. Putty, Hyperterminal, RealTerm - all can do it.

And the protocol - if it isn't described in the documents you have, then you will either need to google more or reverse engineer it. It is fairly likely it is going to be something ASCII text based, though.

However, you may not be able to get the actual received data over RS232 - that signal is on the maintenance connector, so it is possible you will have only diagnostics/service info there and the data are available only through RS-422/485. Nothing a microcontroller with a receiver chip couldn't handle, though.

There is also audio output there - that would be probably the first thing to connect to make sure you are actually receiving anything to begin with.

You will likely have to make your own cable based on those documents unless you can source an original one somewhere (but then it is likely to have a normal serial port which today's PCs don't have).

« Last Edit: April 19, 2016, 10:16:55 pm by janoc »
 

Offline Lord of nothingTopic starter

  • Super Contributor
  • ***
  • Posts: 1591
  • Country: at
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #19 on: April 19, 2016, 10:19:56 pm »
changing to an Audio Channel work also Audio.
Serial do also work but have no real output.
Made in Japan, destroyed in Sulz im Wienerwald.
 

Offline Lord of nothingTopic starter

  • Super Contributor
  • ***
  • Posts: 1591
  • Country: at
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #20 on: June 01, 2016, 11:48:07 am »
So i found out that i have this inside:
http://pdf1.alldatasheet.com/datasheet-pdf/view/93786/MOTOROLA/MC68HC711P2CFN4.html
www.ic37.com/AMD/AM29F010-120_datasheet_1065184/

so its possible to read out the program and edit it?
Made in Japan, destroyed in Sulz im Wienerwald.
 

Offline uncle_bob

  • Supporter
  • ****
  • Posts: 2441
  • Country: us
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #21 on: June 01, 2016, 11:48:06 pm »
So i found out that i have this inside:
http://pdf1.alldatasheet.com/datasheet-pdf/view/93786/MOTOROLA/MC68HC711P2CFN4.html
www.ic37.com/AMD/AM29F010-120_datasheet_1065184/

so its possible to read out the program and edit it?

Hi

It probably is. It's likely written in assembly language with no symbol tables. Unless you do a lot of HC11 code, figure on it taking a while to work out what's what.  For somebody who does HC11 all the time, a couple of months should do the trick. Maybe 4X that if you only have done firmware on other MCU's.

Bob
 

Offline Lord of nothingTopic starter

  • Super Contributor
  • ***
  • Posts: 1591
  • Country: at
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #22 on: June 02, 2016, 12:08:14 am »
 :o ...
I want to figure out which funktion checks what kind of licence is using or so.
Made in Japan, destroyed in Sulz im Wienerwald.
 

Offline uncle_bob

  • Supporter
  • ****
  • Posts: 2441
  • Country: us
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #23 on: June 02, 2016, 12:14:54 am »
:o ...
I want to figure out which funktion checks what kind of licence is using or so.

Hi

How much experience do you have doing firmware on small MCU's?

How much time have you spent working with the output of reverse assemblers?

For that matter, how familiar are you with assembly language programming?

Bob
 

Offline Lord of nothingTopic starter

  • Super Contributor
  • ***
  • Posts: 1591
  • Country: at
Re: "Hack" an Commercial Airline Groundstation Radio?
« Reply #24 on: June 03, 2016, 12:08:54 am »
0, 0, 0  ::)

So is that so hard to find the function who desired what run?
Made in Japan, destroyed in Sulz im Wienerwald.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf