John's Musings


Yeah, Me Neither

Reading Other Peoples Pager Traffic And Shit

Did you know a lot of people still used pagers? I had no clue. Did you know that all that pager traffic and all those messages are sent unencrypted and can be easily decoded? All you need for hardware is a $10 USB SDR radio stick with a cheap indoor whip antenna.


NOTE: Reading pager traffic is NOT against the law, however retransmitting it or acting on any information you learn from it is. Decode for good. Not evil.


And much like any other Linux techie project I've ever done following the directions somewhere else DIDN'T WORK. Oh, it mostly worked but something is always missing. This page is for the first timer trying to figure this out. And for me to recreate this once I screw it up or my computer dies.


Doing this on Windows is easiest and the directions I found here DID WORK. This will be a tutorial on Ubuntu (Or LinuxMint) Again most everything worked but the actual decoding process didn't until I changed a thing or two. Also one major step was left out that almost caused this to epic fail for me. YMMV. Depends on the Decoder your system is using.


First of all you need a few dependencies on Linux. Open a terminal and do this. (one command per line).


sudo apt-get update
sudo apt-get install git cmake build-essential libusb-1.0 libusb-1.0-0-dev qt4-qmake libpulse-dev libx11-dev sox


After that installs lets get gqrx


sudo add-apt-repository -y ppa:bladerf/bladerf
sudo add-apt-repository -y ppa:ettusresearch/uhd
sudo add-apt-repository -y ppa:myriadrf/drivers
sudo add-apt-repository -y ppa:myriadrf/gnuradio
sudo add-apt-repository -y ppa:gqrx/gqrx-sdr
sudo apt-get update
sudo apt-get install gqrx-sdr


You have to be able to pipe the audio to multimon-ng so depending on your system you may need this. (I didn't need it).


sudo apt-get install pavucontrol


Now you need rtf-sdr


git clone git://git.osmocom.org/rtl-sdr.git
cd rtl-sdr/
mkdir build
cd build
cmake ../
make
sudo make install 
sudo ldconfig


Lastly we get multimon-ng


git clone https://github.com/EliasOenal/multimon-ng.git
cd multimon-ng
mkdir build
cd build
qmake ../multimon-ng.pro
make
sudo make install


Almost there. Now open GQRX and find a pager signal. Set the settings on the right hand side the same as mine (obviously your frequency may be different) and be sure and push the UDP button in. No UDP streaming, no pager traffic.



Okay we have a good signal and we are streaming it over port 7355 on UDP. Time to decode.


In a terminal type the following command (or cut and paste it, its a doozy). make sure it is all one one line and one command as well.


nc -l -u 7355 | sox -r 48000 -t raw -b 16 -c 1 -e signed-integer /dev/stdin -r 22050 -t raw -b 16 -c 1 -e signed-integer - | multimon-ng -t raw -c -a POCSAG512 -a POCSAG1200 -a POCSAG2400 -a FLEX -a SCOPE -f alpha /dev/stdin


See near the end of that command where is says "-a FLEX"? Go to any tutorial on the internet and they have ONLY the POCSAG decoders in the command line. I ran the command and sat and waited and not one thing happened. It was only when I installed this on Windows (the link near the top of the page) that I discovered our local pager system was using FLEX as a decoder. About one second after I added -a FLEX to my command I started getting messages. EVERYBODY ALWAYS LEAVES SOMETHING OUT. Here's what it looks like. Note, that if you are not getting a signal in the white box.........something ain't right.




Notice that I redacted the decoded pager messages. The law, remember?


Now you don't want to type that command every single time lets make a super easy script file to launch it. Go to the folder where you want to store the script and do this. I'm going to name my file "pager" but you can name it anything you want.


touch pager.sh


That makes an empty file. Open it with the following command:


sudo nano pager.sh

Now paste in this:


#!/bin/sh

nc -l -u 7355 | sox -r 48000 -t raw -b 16 -c 1 -e signed-integer /dev/stdin -r 22050 -t raw -b 16 -c 1 -e signed-integer - | multimon-ng -t raw -c -a POCSAG512 -a POCSAG1200 -a POCSAG2400 -a FLEX -a SCOPE -f alpha /dev/stdin


Hit the Control key plus the X key. It will ask you if you want to save it. Hit Y and then Enter. Done.


Now lets make it executable.


sudo chmod +x pager.sh


Now you can just click on that file. Now you can read other people's pagers and shit.


blog comments powered by Disqus
55,618