Note: This is a crosspost of a Cynthion update on Crowd Supply: https://www.crowdsupply.com/great-scott-gadgets/luna/updates/packetry-preview

Due to the delays caused by the chip shortage, there’s not been a lot to report on the LUNA hardware front recently – but behind the scenes, we’ve been hard at work on the software stack which will accompany it. Over the next few weeks, we’ll be making some more updates about that work.

One of LUNA’s key features is its ability to act as a passive sniffer: it can be connected between a computer and the USB devices connected to it, capturing all the traffic between them. This is a powerful capability for debugging, reverse engineering, security research, or just learning how things work.

Up until now, USB capture and analysis with LUNA has primarily used ViewSB, an open source USB-specific application developed here at GSG. ViewSB displays captured traffic as a tree view that follows the structure of the USB protocol: packets are grouped into transactions, which are grouped into transfers. The tree view makes a USB capture easy to understand at a glance. It’s also possible to view LUNA captures with Wireshark, but although that’s a popular and capable tool, Wireshark’s USB dissector provides only a packet-by-packet view of the capture.

As we started to test more and more demanding use cases with LUNA, we began to find that neither tool delivered the performance we wanted to see. Wireshark can take considerable time to load or filter captures with many millions of packets, despite its mature C implementation. ViewSB is written in Python, an interpreted language that generally relies on gluing together native libraries to attain high performance. As we started to deal with larger captures from LUNA, ViewSB’s speed became the bottleneck, and we began to work on moving more of its work into native code.

We started to prototype a new capture and decoding pipeline, focusing on a new data structure design that would be fast to both construct and access, and that would scale to large captures. Initially we worked in C, with some UI code in Python, and intended on integrating this work into ViewSB.

Another issue we wanted to address was the ordering of items in the view. When multiple transfers happen simultaneously, a conventional tree view can become confusing or misleading, as the tree structure may not match the chronological order of events. Fixing this needed deeper changes, especially when combined with the need for efficient handling of large captures.

As development on both issues progressed, we came to the conclusion that we could make quicker progress, and achieve a better end result, if we directed our efforts into a new application written in Rust. That project is now approaching readiness for its initial release, and we’ve named it Packetry.

Packetry isn’t just ViewSB rewritten in Rust; the underlying design is fundamentally different, and it has been redesigned from the ground up. Our goals when developing Packetry were:

• To provide the best possible end user experience for USB analysis with LUNA.

• To handle large captures effortlessly, with minimal loading time and instant UI response, regardless of capture size or complexity.

• To present a new visualization approach: one that maintains the hierarchical advantages of a tree view whilst keeping timing relationships visible.

As with everything we develop, Packetry is open source, and you can follow the work in progress on GitHub. Over the next few weeks, we’ll be merging in the various feature branches we’ve been working on as we get ready for the initial release. As we go along, we’ll make some further updates here on Crowd Supply, explaining the new design in more detail.

The September recipient for the Great Scott Gadgets Free Stuff Program is Brett! Brett volunteers at the Wasatch 100 in Utah. The Wasatch 100 is a 100 mile endurance run through the Wasatch National Forest. Brett is planning to use the HackRF One we are sending him to streamline the race aid station communications. We look forward to seeing the solution he comes up with.

Starting this week, we are shipping Opera Cake, our multi-use antenna-switching add-on for HackRF One!

This add-on board has two primary ports, each connected to any of eight secondary ports, and it is optimized for use as a pair of 1x4 switches or as a single 1x8 switch.

As a 1x8 switch, Opera Cake can connect your HackRF to a variety of antennas at once, such as a long wire antenna for HF bands, a discone for VHF and UHF, a dipole for 2.4 GHz, and a dish for a satellite band. Once connected to your Opera Cake you can switch between all of your antennas in software instead of making physical hardware swaps.

When set up as a pair of 1x4 switches you could use Opera Cake as a switched filter bank. To do this, connect port A1 to B1, A2 to B2, A3 to B3, and A4 to B4 through physical SMA filters and cables of your choosing. This setup allows you to change your transmit or receive to be through the filter of your choosing without having to reconnect hardware every time you would like to use a different filter.

You can control Opera Cake for HackRF One manually with our command-line software hackrf_operacake, or you can configure HackRF One’s firmware to automatically switch Opera Cake ports based on frequency or time. Automated antenna switching and hackrf_operacake are both available in the latest HackRF One release. You can learn more about Opera Cake’s modes of operation in our HackRF documentation.

If you are looking to pick up an Opera Cake of your own, please check our website for the list of Great Scott Gadgets Opera Cake resellers. We hope you enjoy Opera Cake and stop by our Discord, or tag us on Twitter or Instagram, to show us your Opera Cake projects!

Back in 2018 Michael Ossmann teamed up with Schuyler St. Leger at ShmooCon to present “Pseudo-Doppler Redux”; a talk about taking a modern approach to the implementation of pseudo-doppler direction finding (DF) with Software Defined Radio (SDR). This presentation demonstrates what pseudo-doppler direction finding is and gives an example of Opera Cake usage.

We hope you enjoy watching the presentation!

The August recipient for the Great Scott Gadgets Free Stuff Program is Trevor! Trevor is working on a project called Hack365 where he is attempting to blog about one hack (or make or break or fix or learn) each day until next DEF CON. We are excited by how enthusiastic Trevor is about documentation, sharing his experiences with the community, and learning new things. One of the projects Trevor plans to take on is learning about his ceiling fan’s RF receiver, which is an excellent place to start when you are learning about RF. Trevor plans to share his progress with the DEF CON group DC612 as he progresses. We wish Trevor happy hacking and hope he continues to share what he learns so all of the community can benefit!

Back in 2019 over on Hackaday, Mike Szczys wrote a piece called “Hands-On: GreatFET is an Embedded Tool That Does it All”. This article covers:

• a review of the GreatFET One hardware,
• our matching GreatFET One sticker,
• the wiggler,
• a test run of GreatFET One and an I2C OLED display,
• Facedancer and USB emulation, and
• how to do a quick recovery using DFU.

We hope you check it out!

The July recipient for the Great Scott Gadgets Free Stuff Program is Manoj Kumar Mondal from India! Manoj requested a HackRF so he could take some security courses at his university; having a HackRF is a pre-requisite for the course. We look forward to hearing from Manoj as he progresses through the course!

The June recipient for the Great Scott Gadgets Free Stuff Program is Kyle from SkullSpace. SkullSpace is a hackerspace located in Winnipeg, Manitoba, Canada. Kyle plans to put together a group of SDR and wireless enthusiasts. This group will put on classes, host labs, and lead projects that help the community learn more about SDR and wireless. If you are ever in Winnipeg on a Tuesday evening we hope you take advantage of SkullSpace’s open night and check out their hackerspace!

Note: This is a crosspost of a Cynthion update on Crowd Supply: https://www.crowdsupply.com/great-scott-gadgets/luna/updates/fpga-substitution

Global supply chain issues continue to be difficult to traverse, but once in a while we do get a little bit lucky! In a previous update [1] we mentioned that Lattice had pushed out the lead time on our FPGAs for LUNA from 30 weeks to 60 weeks. Well, the expected delivery date for those FPGAs got pushed out again. Thankfully, we were able to purchase another ECP5 part for the first batch of LUNAs from an authorized Lattice distributor in a 381-ball package rather than a 256-ball package. We already have the 381-ball FPGAs in hand, so we don’t have to worry about those lead times changing again. We are still waiting on other components though, so with this FPGA substitution our estimated shipping date for LUNA will still be December 2022.

Changes to LUNA

Both FPGAs are from the same manufacturer and are part of the same line. The firmware and software we are creating will work the same regardless of which of the FPGAs is present on a given LUNA board. The primary difference impacting LUNA is that the substitute FPGA is slightly bigger than the original FPGA we had picked out. The original FPGA was 14x14 mm and the substitute FPGA is 17x17 mm. To accommodate this change in size we expect to increase the board area of LUNA to 51x51 mm instead of its original 48x48 mm.

This change adds 297 millimetres squared of available space. 93 millimetres squared of the extra space will be taken up by the bigger FPGA which leaves 204 millimeteres squared to use. The Great Scott Gadgets team has not yet settled on what we will be doing with the extra space but we will update you all as soon as we finalize our decisions. If you would like to make requests for or share your thoughts on what to use this space for, please come discuss in our Discord server.

[1] https://www.crowdsupply.com/great-scott-gadgets/luna/updates/luna-delayed

The May recipient for the Great Scott Gadgets Free Stuff Program is C.J. who is a Broadway tour sound engineer that works backstage with wireless RF microphones. Every week the tour moves to a new location and C.J. has to re-coordinate wireless frequencies for the show. He’s hoping to use the HackRF we are sending him to improve his RF monitoring and create more precise RF layouts for the travelling shows.