in

Assembling spy gear

The content of the article

  • Choice of disguise
  • Assembly
  • conclusions

You’ve probably heard that almost anything can be turned into a spy device, including charging cables. In this article, I will show you how to build and program a GSM bug on Arduino, which you can call from a specific number and listen to everything that happens. We will disguise our invention as a portable battery.

WARNING

The author of the article and the editors do not call for illegal activities. The information in this article is for educational purposes only. We warn you that illegal traffic in technical equipment and violation of privacy are punishable in accordance with your national Criminal Code and legislation.

Only firms that have state licenses for this can officially manufacture equipment for covert wiretapping, video surveillance, and information retrieval from a computer. By design, these firms should only fulfill government orders. But spy devices are easier for anyone to acquire. You can make them yourself if you know how to handle a soldering iron. Parts for such devices are easy to buy at any electronics store.

There are several types of surveillance devices:

  • radio bugs;
  • mini-voice recorders;
  • hidden video cameras;
  • laser wiretapping.

CHOICE OF DISGUISE

The easiest way is to hide something in the most conspicuous place, in something that does not attract attention. Here are some fun ways to disguise a listening device.

Computer mouse with built-in GSM bug
Charger for a smartphone with a built-in GSM bug
Keyboard with built-in dictaphone

These eavesdropping options are also interesting in that the objects into which the bugs were introduced are almost always connected to the network: this way the bug will never be discharged, which means that it will take longer to perform its function – to transmit information.

If the bug works only on its own battery, you will have to think about how to recharge it. In spy films, this always causes additional problems. We don’t need this.

Therefore, my option is to introduce a bug into an external battery to charge a smartphone. It is often carried around, charged, and if not charged, it itself becomes a power source for the bug. For my taste, this is a very good place to place a bug.

ASSEMBLY

To assemble the device, we need:

  • GSM module Sim 800;
  • Arduino Pro mini;
  • Power Bank case for four Li-ion 18650 batteries;
  • two or three 18650 batteries (I used two);
  • Microphone;
  • SIM card.
Components for assembly

To correctly assemble the device, you need to know the pin assignments on the GSM Sim 800 and Arduino Pro mini modules.

Sim 800 Pin Assignments
Arduino Pro mini pin assignments

Next, we solder the antenna to the GSM module into the socket NET.

  1. For outputs MIC+, and  MIC-solder-in microphone.
  2. RXDand  TXDon the GSM module to the sixth and seventh contact on the Arduino.
  3. We solder Vccboth  GNDfrom the module to the Arduino and to the contacts on the external battery.
Build for the test

After sealing all the components in their places, you need to make sure that the sealing is correct – flash the controller.

// Сonnect the library for the software implementation of the UART protocol exchange
#include <SoftwareSerial.h>
SoftwareSerial SIM800(7, 6); // RX, TX
// Setting a variable to store the module's response
String _response = "";
void setup() {
  // Data exchange rate with computer
  Serial.begin(19200);
  // Data exchange rate with modem
  SIM800.begin(19200);
  Serial.println("Start!");
  // Send AT to configure the baud rate
  sendATCommand("AT", true);
  // Modem configuration commands on every startup
  // Turn on АОН
  _response = sendATCommand("AT+CLIP=1", true);
  // Option with DTMF
  //_response = sendATCommand("AT+DDET=1", true);
}
String sendATCommand(String cmd, bool waiting) {
  // Setting a variable to store the result
  String _resp = "";
  // Duplicate the command to the port monitor
  Serial.println(cmd);
  // Sending a command to the module
  SIM800.println(cmd);
  // If its needed to wait for an answer, waiting for the answer to be sent
  if (waiting) {
    _resp = waitResponse();
    // If Echo Mode is off (ATE0), then these three lines can be commented out
    if (_resp.startsWith(cmd)) {
      _resp = _resp.substring(_resp.indexOf("\r", cmd.length()) + 2);
    }
    // Duplicate the command to the port monitor
    Serial.println(_resp);
  }
  // Return the result. Empty if problem
  return _resp;
}
// The function of waiting for a response and returning the result
String waitResponse() {
  // Variable for storing the resultа
  String _resp = "";
  // Variable for tracking timeout (10 seconds)
  long _timeout = millis() + 10000;
  // Waiting for an answer for 10 seconds and check the answer or timeout
  while (!SIM800.available() && millis() < _timeout)  {};
  // If there is something to read, read and remember
  if (SIM800.available()) {
    _resp = SIM800.readString();
  }
  // If a timeout has come, then we notify about it and return the result
  else {
    Serial.println("Timeout...");
  }
  return _resp;
}
void loop() {
  // If the modem sent something, we get a response for analysis
  if (SIM800.available())   {
    _response = waitResponse();
    // Remove the extra spaces at the beginning and end and display the answer in the port monitor
    _response.trim();
    Serial.println(_response);
    // White list of phones, you can specify several of them separated by commas
    String whiteListPhones = "+3807133378xx";
    // If there is an incoming call, we check if there is information about the identification of the number. If yes, then phoneindex> -1
    if (_response.startsWith("RING")) {
      int phoneindex = _response.indexOf("+CLIP: \"");
      // Variable to store a specific number
      String innerPhone = "";
      // If the information was found, parse the line and get the number
      if (phoneindex >= 0) {
        phoneindex += 8;
        innerPhone = _response.substring(phoneindex, _response.indexOf("\"", phoneindex));
        // Display the number in the port monitor
        Serial.println("Number: " + innerPhone);
      }
      // We check that the length of the number is more than six digits 
      // and the number was in the list. If yes, then we answer the call, 
      // if not, then reject
      if (innerPhone.length() >= 7 && whiteListPhones.indexOf(innerPhone) >= 0) {
        sendATCommand("ATA", true);
      }
      else {
        sendATCommand("ATH", true);
      }
    }
  }
  // Waiting for Serial commands and sending the received command to the modem
  if (Serial.available())  {
    SIM800.write(Serial.read());
  };
}

With proper sealing and firmware, our bug, when powered on, will only answer incoming calls from authorized mobile numbers that are registered in the firmware.

Now it’s time to remove the long connecting wires, unsolder the LEDs from the Arduino board. We insulate the microphone with heat shrinkage, drill a hole for it in the case of the external battery and attach it and two boards to hot melt glue, instead of one 18650 battery.

In my assembly, I used two batteries, but you can use three – there will be enough space.

Final components assembling
Fitting and fixing the filling in the case
Ready to use device

So, we have assembled a GSM bug into an external battery case. It is, of course, not perfect, but there are several ways to improve it.

  1. Take a case with a larger battery capacity.
  2. For greater autonomy, put the GSM module into sleep mode, and when you press the battery power button, activate the wiretap.
  3. Send a message to the wiretap owner when pressing a button on an external battery.

CONCLUSIONS

So, we have designed and assembled a GSM bug disguised as an external battery. Its cost is much lower than that of bugs that can be bought on the Internet and in specialized stores. You can replicate my device or modify it. Most importantly, remember that privacy is inviolable, and do not use your knowledge for bad purposes!

What do you think?

26 Points
Upvote Downvote
Black Hat Professional

Written by Admin

NewbieAvatar uploadFirst contentFirst commentPublishing content 3 times

Comments

Leave a Reply

Loading…

0

Yara. Writing rules to search for malware

Pivoting. Post-exploitation