Fake GPS with a HackRF One
With the HackRF One it is posible to send a fake GPS signal to other devices.
You need the following parts:
– HackRF One (can also be a Chinese clone)
– External TCXO (as GPS needs high precision)
– Antenna (best is a dedicated GPS antenna)
– GNU Radio and HackRF tools
sudo apt install gnuradio libhackrf0 hackrf libhackrf-dev
Check if you see 0x01 with (means TXCO is installed):
hackrf_debug --si5351c -n 0 -r
1. Download the GPS-SDR-SIM software
mkdir GPS_SDR_SIM
cd GPS_SDR_SIM
git clone https://github.com/osqzss/gps-sdr-sim.git
2. Compile it
make
3. Get the current satellite positions from NASA
*New: Updated URL, 03.03.2021* (Thanks for the information Ye-Sheng Kuo)
- Create an account on https://urs.earthdata.nasa.gov/
- Make a file called .netrc with the following content:
machine urs.earthdata.nasa.gov login <username> password <password>
replace <username> and <password> with your credentials on Earthdata.
- Change the file permission with
sudo chmod 004 .netrc
so that no one can access your username and password.
You can automate this with this script (inside an .sh file):
#!/bin/sh day=$(date +%j) year=$(date +%Y) yr=$(date +%y) curl -c /tmp/cookie -n -L -o "brdc""$day""0.$yr""n.Z" "https://cddis.nasa.gov/archive/gnss/data/daily/$year""/brdc/brdc""$day""0.$yr""n.gz" uncompress "brdc""$day""0.$yr""n.Z" echo "brdc""$day""0.$yr""n.Z"
4. Generate the signal file with the static position (coordinates) you want to send
./gps-sdr-sim -b 8 -e YOUR_BRDC_FILE_HERE -l 40.812800,-60.005900,100
5. Send the signal
sudo hackrf_transfer -t gpssim.bin -f 1575420000 -s 2600000 -a 1 -x 0
You can also generate routes in the form of an NMEA file with the Labsat simulator: https://www.labsat.co.uk/index.php/en/free-gps-nmea-simulator-software
More information: https://github.com/osqzss/gps-sdr-sim
Please use this responsively. Bear in mind that it can have an impact on other devices if you send it outside a closed circuit.