Back to my SDR again. I pick up from where I left off.
After moving my antenna around and listening to pilots landing at Birmingham, I decided to give my signal another go.
I went back to SDR++ and immediately noticed something very strange! The same pulse, every second, was visible around three different frequencies. I could see the two spikes around 432MHz, 433MHz and 434MHz. Once I moved left or right of that, it disappeared.
This made me think I really didn’t have a clue. What could be happening that would make the signal appear in there places??
Could the CC1101 be sending on three evenly frequencies? Different channels??
I took another recording at 433.015MHz and got four nice packets over four seconds, which looked something like this.
I then tweaked the recording frequency and tried again. This time I got this:
Four discreet packets, but no real amplitude.
I played around with the gain value and in the spectrum analyser too, trying to get more pronounced peaks.
When I recorded using the same settings, I got nothing but noise, with no clean pulses.
I find this very, very confusing!
I tried a completely different tool called Spektrum. This gave me a much better peak, but it wasn’t detecting the pulses every second.
Perhaps this was some a configuration problem?
Getting a little closer??
A gain of 22 in Spektrum seemed to provide a pretty clean signal. I moved the antenna a little closer to my ESP32 and moved my ESP32 a little closer to the antenna.
I ran a recording again, this time with a smaller sample rate of only 250kHz.
URH decoded it automatically, detecting the FSK and demodulation settings.
This gave me two same sized binary strings.
If you haven’t read the previous posts, I have a CC1101 that is transmitting the string “Hello World” every second. There is a number of ticks in the message, but it always started “Hello World”. The sync word is two bytes, 199,10
Under the Analysis tab, I *actually* found the sync word in each packet, repeated twice! This was a good start.
I then searched for the letter H, which is 72 in decimal
It only appeared once, in the second payload, but the packet above it was suspiciously close…
Checking for ‘e’, which is 101, popped up twice immediately after the H…..
Finally, I checked for ‘l’ and amazingly, that appeared twice, after the ‘e’.
This had to be more than a coincidence! Had I actually recorded and decoded something??
Decoding!
I switched over the ASCII characters and assigned the synchronisation payload. You can actually see that appears twice.
The word “Hello” was even visible in the second packet.
The wheels come off after that, with a random 1 in between the two words 😂
001101111 is ‘o’ and 00100000 is the space character.
Not sure what the bit in position 114 is. Noise? The letter ‘W’ is there along with ‘o’, but ‘r’ can’t be found.
Progress of sorts
I’ll consider this some progress of sorts. I think the signal quality is clearly an issue here and it might be down to interference. I’m sending one message every second, meaning it would be very susceptible to interference.
As an idea, I’ll try and send three or four pulses in rapid succession and then pause.
I’m still not convinced my Universal Radio Hacker setup is correct, but it is doing something correctly!
@tomasmcguinness 
Leave a comment