Finding Spy Bugs with an RTL-SDR & Salamandra

With the explosion of Internet of Things (IoT) devices, and some hardware now being banned from certain facilities due to spying concerns, it would be nice if there was an easy way to scan your office to see if there are any hidden microphone “spy” devices.

Salamandra is a tool to detect and locate spy microphone devices in closed environments. Usually the “Spy” microphones you can find online will record audio and then re-broadcast it at a certain frequency. Salamandra displays any detected microphone type devices along with its broadcasting frequency. Using a displayed signal strength, it is possible to find the general location of the device.

In this article we will use Kali Linux, an RTL-SDR (I used a NooElec Nesdr Smart with the included extendible antennae), and Salamandra.

Installing RTL-SDR software

On the Kali system, connect your RTL-SDR card. Open a Terminal window and install rtl-sdr:

  • apt install rtl-sdr

Spy_Microphone_SDR1

  • Run “rtl_test” to make sure Kali correctly sees the card.

You should see an output as below:

Spy_Microphone_SDR2

  • Press “Ctrl-c” to stop test.

Installing Salamandra

Tool authors: Sebastian Garcia, Veronic Valeros
Tool Website: https://github.com/eldraco/Salamandra

Download Salamandra with git clone:

Spy_Microphone_SDR3

Change to the Salamandra directory.

You will need to install “pygame” as it is required by Salamandra and is not installed by default in Kali:

  • pip install pygame

Spy_Microphone_SDR4

Now, just run Salamandra with the recommended options:

  • ./salamandra.py -t 0 -a 100 -b 200 -s -S

Spy_Microphone_SDR5

Salamandra will then automatically detect any RF bugs it can find. The display includes the frequency and the signal power. Power is displayed by “#” signs. The stronger the signal, the more “#” signs that will be shown:

Spy_Microphone_SDR6

  • Press “q” to quit.

Listening to a Detected Signal

Now that you have the frequency of the bug, you can listen to and/or record it using Gqrx.

To install Gqrx:

  • apt install gqrx

Spy_Microphone_SDR7

Now run the program:

Spy_Microphone_SDR8

On the “Configure I/O devices” screen, select your device. Mine was the Realtek RTL2838UHID device, as seen below:

Spy_Microphone_SDR9

You may want to drop your sampling rate if you have any issues.

When you click “OK”, you will then see the main Gqrx program interface. Just hit the “Play” icon in the upper left corner to turn it on, and then select your frequency by clicking on the large frequency numbers on the top of the screen:

Spy_Microphone_SDR10

Picking a live radio station (as shown above) is usually the best way to figure these programs out if you are not familiar with them.

Change your mode to the correct signal type. Usually it is one of the FM signals (WFM, NFM). Click in the middle of the graphical signal wave to put the red line in the middle of the highest peak. Then drag the sides to the right and left of the signal slopes, as seen above.

And that is it! If you have the correct settings you should have audio.

  • Now that you know it works using a radio station, tune in to the frequencies that were detected by Salamandra

You may need to play with the setting some to get a clean signal. Most likely there may be nothing there, it may be picking up your headset microphone or something else. But it is very good at picking up analog listening devices.

To Record Signal

In Gqrx, hit “Rec” at bottom right to record.

  • The file will record and save in the “Root” folder.

You can hit the Play button in Gqrx to listen to the file that you just recorded. You could also install a program like Audacity to listen to the saved file.

Conclusion

In this article we covered how to use an SDR-RTL device as a bug scanner. With Internet of Things type devices becoming more common place in the home and office, it isn’t a bad idea to scan to see if any of these may have a built-in microphone. For more information on the tool, see RTL-SDR’s article, which includes a link to a white paper written by the tool authors.

 

Advertisements

Making a 16-Bit Computer ALU in Minecraft

So what do you do when you are bored? Watch Football? Golf?

How about creating a fully functional 16 bit arithmetic logic unit in a video game? 

This is kinda scary. But he is not stopping with the ALU. The guy is planning on creating a fully functional 16 bit computer INSIDE a video game. He also wants to include compilers to make it actually do something useful. 

This would make for a great Intel commercial; “This is what our employees do for fun, what do yours do?”

Okay, bonus points to anyone who can figure out what the pigs are for.

How to Build a Virtual System with VMWare Workstation

Well, recently the power board on my laptop smoked. Maybe it was over worked, maybe it just needed a break, not sure. The problem is, I used said laptop as my virtual hacking playground. It had 3 OS’s available at the boot menu, 4 virtual Microsoft OS’s and several virtual versions of Linux. Yeah, I know, I need a hobby.

Well, I have backups of the virtual machines, but I wanted to create some new ones anyways. So, I figured I would create a follow along type blog post for those who have not created a Virtual Machine yet. So, if you want to know how to create a virtual operating system and run it on top of your current one, here goes!

1. Get VMWare Workstation. (Others are available, but I like this, it is quick and easy). If you do not own VMWare workstation you can get a 30 day trial key. Once you create a virtual machine, you can run it in the free version of VMWare player. You can also download “VMWare appliances”. These are virtual machines that someone else has already made. I prefer to make my own, as I know what is in it and that it is safe.

 You will need to create an account with VMWare to get the 30 day trial key. After installing VMWare workstation, go ahead and run it. You will get a screen that looks like this:

2. Now, click “Create a new Virtual Machine”. We are just creating a Windows 7 Pro Virtual Machine, so just hit “Typical” at the next prompt and select “Next”.

Step 3. We are going to install from Disk, so go ahead and put your OS disk in. You can also install from an ISO if you have one. Select Next.

Sweet! Look at this next screen, it recognizes the Windows 7 Pro CD, and it allows an EASY install. This means that the VMWare system knows the OS and the install will be pretty much automated.

Step 4. Put in your Windows key, and choose your version of Windows 7 from the pull down menu. Next, put in your username & password and confirm password. You can put in the product key later if you want. Hit next.

Step 5. Name your virtual Machine and give it a location to save the data files. Click Next.

Step 6. Specify how big you want the virtual drive to be and if you want it to be a single file or split. I just chose the defaults here. Click Next.

Step 7. VMWare workstation is now ready to create the virtual machine. Check out the virtual hardware settings. I want to be able to do more than just log in so I want to allocate more memory. To do so, click “Customize Hardware…”

Step 8. Select Memory and then slide the memory button up to 2 GB. Hit “OK”. Alright! almost done, Click “Finish”.

Step 9. Now, Click on POWER ON THE VIRTUAL MACHINE

Step 10. That’s it! When the Virtual Machine is power up, it will install the OS from your source disk. The next screen shots are of the install in progress:

And when the install finishes, Viola! Done!

 

If you click the Full Screen button, on the menu bar you get this, a full OS running on top of your current OS:

From here you can finish setting it up just like a regular OS install. Security updates, anti-virus, auto-updates, etc. To shutdown the virtual machine, you can shutdown the virtual OS, or to suspend the OS, just close the whole virtual OS window.

That is all there is to it. I hope you enjoyed this.