As you already know, it is possible to spoof both your IP address and MAC address. You can even spoof your global position (GPS). This is one of the beauties of becoming knowledgeable and skilled in Software Defined Radio (SDR).
There are several reasons why you might not want your global location to be known.
In this guide, we'll show you how to spoof your GPS location using SDR and the cheap HackRF One.
Step #1: Install HackRF One
Step #2: Install GPS Spoof
Then create a directory named GPS_SPOOF…
kali > mkdir GPS_SPOOF
….and then navigate to the new directory.
kali > cd GPS_SPOOF
Then download gps spoof software from github.com
kali > sudo git clone https://github.com/osqzss/gps-sdr-sim.git
Now, navigate to the newly created directory
kali > cd gps-sdr-sim
GPSsim.c needs to be compiled into a file named gps-sdr-sim and to be able to use motion files we need to compile it with -DUSER_MOTION_SIZE=400 (this allows the GPS spoof to appear to be moving instead of remaining static , which would likely signal to a receiver that this is a spurious signal).
kali> sudo gcc gpssim.c -lm -O3 -o gps-sdr-sim -DUSER_MOTION_SIZE=4000
Where:
- gcc is the GNU C compiler
- gpssim.c is the C file that needs to be compiled
- -lm is one connection with the bookcase math.c
- -O3 optimizes compilation to a higher level
- -o places the output in a file named gps-sdr-sim
Step #3: Locate the satellite
The next step is the localization of the GPS satellite. This is done using the GPS ephemeris file. The file can be downloaded from here (you must register).
https://cddis.nasa.gov/archive/gnss/data/daily/
These files are then used for the creation a simulation pseudorange and Doppler for satellites in your range.
This data is then used to generate a simulated data range to generate digitized I/Q samples for the GPS signal. Make sure you have downloaded the latest file.
https://cddis.nasa.gov/archive/gnss/data/daily/2022/brdc/
Then select a location you want to spoof. In my case, I want it to appear that I am in Moscow, specifically the Kremlin. You can go to Google maps to get the GPS coordinates.
Now, to start your GPS spoof, simply enter the following command with the ephemeris file and GPS coordinates as shown below:
kali > sudo ./gps-sdr-sim -b 8 -e brdc0010.22n -l 55.75911686948662, 37.616404140886715, 100
This creates a simulation file named gpssim.bin
Now, to send a fake GPS signal that simulates my location to the Kremlin, I can simply type,
kali > sudo hackrf_transfer -t gpssim.bin -f 1575420000 -s 2600000 -a 1 -x 0
Done successfully! Now anyone tracking my GPS signal thinks I'm in the Kremlin!
Summary
Radio frequency hacking is one of the most important and least appreciated areas of cyber security.
There are actually so many devices and systems that send and receive radio signals that are vulnerable to exploitation.
One of these ubiquitous radio signals is universal system positioning or GPS. While it's a wonderful tool for finding our way around the streets, it can also be used maliciously to track our every step. By spoofing GPS, we can hide our location and avoid detection by governments and other malicious actors.
