Developing an FSK transmitter step-by-step
If you have captured some data from a target system using a receiver and you now wish to modify that data and re-transmit it (for example if you are developing an RF-based fuzzer) the following process can be followed. This transmitter is assumed to use FSK modulation (this example is actually a transmitter developed for the io-homecontrol protocol)
Data source
The assumption is that you start with a data file containing the binary data bytes you want to send
Create a new flow-graph and set the "samp_rate_tx" variable to 4e6
Add a "File Source" block and set the file to be your data file. Ensure that "Repeat" is set to "No" (unless you specifically want it to repeat)
Set the Baud rate
Having received the data, you should already know what the Baud rate should be set to. Add a new "Variable" block called "baud_rate" and set it to the correct value.
Modulation
Add a new "Variable" called "sps" (samples per symbol) and set it's value to be 10
Change the default "samp_rate" "Variable" block to 384000 (10 x Baud rate, as we want 10 samples per symbol)
Add a "GFSK Mod" block, which will modulate the data using FSK. Configure the following settings:
- "Samples/Symbol": sps
- "Sensitivity": 1
- "BT": 1 (this will effectively remove the Gaussian filter and make it FSK rather than GFSK)
Your flow-graph should now look like this:
Resampling
We now need to match the sample rate of the data with the transmitter (as it is the final sample rate of the transmitter that will actually determine the rate that the data is transmitted).
Add a "Rational Resampler" block with the following settings:
- "Interpolation": samp_rate_tx (the output sample rate)
- "Decimation": samp_rate (the input sample rate)
Adjust the signal level
We don't want to overload the input to the transmitter so we need to attenuate (reduce) the signal level.
Add a "Multiply Const" block and set "Constant" to be 0.8
Configure the transmitter
We are now ready to transmit the signal.
Add a "Variable" block with the name "freq" and value equal to the transmit frequency:
Add an "osmocom Sink" block with the following settings:
- "Ch0: Frequency": freq
- "Ch0: RF Gain (dB)": 30 (can be changed as required)
- "Ch0: IF Gain (dB)": 20 (can be changed as required)
- "Ch0: BB Gain (dB)": 20 (can be changed as required)
The complete transmitter flow-graph should now look like this:
Communicating with the transmitter in real-time
Rather than using a file as a source you can use a "TCP Sink" block, bind it to a socket and send it data via TCP