Techcoderadio

  9.3.2025 Tachographs and more Tachograph BT. Apps for those can be found e.g. from Google Play Store. In some systems the default key = (abbreviation of the device manufacturer name) + number string?!   BT device found near Gatsos. Food for thought: https://www.pemicro.com/partners/index.cfm?manufacturer_id=12 DFU enabled devs there are many BT HW vendor update apps

1.1.2025 Python: Inspecting ActiveGPS Python + PySerial: Inspecting AD-Teknik ActiveGPS # show eeprom import serial ser = serial.Serial('COM6', 9600, timeout=4) print("&A") ser.write(b'&A\r\n') b = ser.read(256) print(b) print("&B") ser.write(b'&B\r\n') b = ser.read(256) print(b) print("&J") ser.write(b'&J\r\n') b = ser.read(280) print(b) print("&D") ser.write(b'&D\r\n') b = ser.read(16) print(b) ser.close()     # show flash import serial ser = serial.Serial('COM6', 9600, timeout=4) print("&A") ser.write(b'&A\r\n') b = ser.read(16) print(b) print("&B") ser.write(b'&B\r\n') b = ser.read(256) print(b) print("&F") ser.write(b'&F\r\n') b = ser.read(3072) print(b) ser.write(b'&F\r\n') b = ser.read(3072) print(b) ser.write(b'&F\r\n') b = ser.read(3072) print(b) ser.write(b...

23.1.2025 Some ActiveGPS PyMocking Far from complete. By using USB to serial converter + USB serial null modem adapter it is possbile to mimick more or less serial controlled devices without SW virtual serial ports. Wireshark used for analyzing USB serial traffic with ActiveGPS Windows software and my (really old) ActiveGPS device.   import serial A = b'00' B = b'06036F72AD18F8BF4B07DA01120B3215AF00' C = b'0000' D = b'00' E = b'00' J = [      b'18F8BF4B07DA01120B3215AFFFFFFFFF',      b'409CA961000050124EF175426C73AE41',      b'14060D0907DB5B58421D474A4A00FFFF',      b'FFFFFFF133FB33FB33FA33FA33FA33FA',      b'33FA33FA33FA33FA33FA33FA33FA33FA',      b'33FA33FFFFFFFFFFFFFFFFFFFFFFFFFF',      b'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF',      b'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000',     ] ser = serial.Serial('COM19', 9600...

 10.1.2025 ActiveGPS firmware update process ActiveGPS MCU is PIC18F2455 &A   start op &B   device info &J    read EEPROM content Read FLASH content &E000000 &F ... &F Update firmware &H0108 &G001 ... &G00B Wireshark, export pcapng as plain text with data bytes Frame 2178: 27 bytes on wire (216 bits), 27 bytes captured (216 bits) on interface \\.\USBPcap5, id 0 0000  1b 00 60 15 59 06 05 d4 ff ff 00 00 00 00 09 00   ..`.Y........... 0010  00 05 00 01 00 83 03 00 00 00 00                  ........... Frame 2179: 565 bytes on wire (4520 bits), 565 bytes captured (4520 bits) on interface \\.\USBPcap5, id 0 0000  1b 00 a0 58 bc 09 05 d4 ff ff 00 00 00 00 09 00   ...X............ 0010  00 05 00 01 00 03 03 1a 02 00 00 26 47 30 30 30   ...........&G000 0020  30 30 30 30 30 ...

16.2.2025 ActiveGPS exe By using DetectItEasy found commands &D &J &C01 &E &F &C33 &C67 &H &I &G &H0020 &B &E000000 &A Map;http://www.adteknik.com/map.htm?lat=%lat%&lng=%lon%&r=%radius% 7686    00136945    00537b45    Section(1)['.data']    09    A    MyMap.txt 7687    00136957    00537b57    Section(1)['.data']    08    A    placemap 7688    00136960    00537b60    Section(1)['.data']    07    A    loggmap 7689    00136968    00537b68    Section(1)['.data']    07    A    map.txt 7690    00136978    00537b78    Section(1)['.da...

21.4.2024 Var devs of BT BLE Helvar lighting system, one can try Helvar apps ....   Unknown IoT system     Bottle returning automaton machine telephone system

 8.9.2024 Var systems BT BLE Some fast food restaurants use digital spread spectrum FHSS 2.4 GHz drive-thru systems with Bluetooth connectivity. and LED systems with Bluetooth   Management system in shopping centre area (Serial, CAN, BT ...) https://play.google.com/store/apps/dev?id=6884634465415948252&hl=en   Connectable with e.g. serial bluetooth terminal app.

12.11.2024 Bearmock Python 3 and virtual serial port mods https://recon.cx/2013/slides/Recon2013-Gabriel%20Tremblay-Reversing%20P25%20Radios.pdf Hardware used: USB to serial adapter (Aten UC-232A) + USB serial null modem adapter (S6618, cheap device from eBay). Probably it would be quite easy to write Arduino code and use two Arduinos connected with software serial. I modified this code https://github.com/gabtremblay/Bearmock to run in Python 3 (3.13, pyserial 3.5) and without com0com software virtual serial port.     from time import sleep from serial import Serial __MODEL = 'BCD296D' __PORT = 'COM21' __SPEED = 9600 __TIMEOUT = 0  # non-blocking __READ_SLEEP_SECS = 0 __OUT = 'decoded.s19' __ACTIONS = {     '\r': 'UNKNOWN COMMAND\r',  # Empty, just reply     '*SUM\r': 'CHECKSUM= DEADH\r',  # Fake checksum     '*SPD 1\r': 'SPEED 9600 bps\r',     '*SPD 2\r': 'SPEED 19200 bps\r',     '*SPD 3...

 12.7.2024 Sahara - Huawei E1552 mobile broadband modem Ubuntu 18.04 LTS Huawei E1552. Diag port enabled AT$QCDMG https://github.com/openpst/sahara sudo apt-get install build-essential qt5-default qt5-qmake libboost-dev & https://github.com/openpst/sahara/releases  

 28.3.2024 Uniden UBC-125XLT test modes 6+HOLD+POWER   LCD pixel test 4+HOLD+POWER   Close Call test 5+HOLD+POWER   USB port test 7+HOLD+POWER   Load test data 1+7+POWER          Battery save test 3+HOLD+POWER   Display contrast 2+5+9+POWER      Firmware version 3+9+POWER          Scan test 6+LO+POWER       Boot mode for flashing firmware 3+0+POWER          Key touch test 2+7+POWER          Battery charge test 1+0+POWER          All memory clear

23.3.2024 Uniden UBC-125XLT close call test mode To activate Close Call test mode, turn off scanner and press 4 + HOLD + POWER. In CC test mode PWR remote command returns xxx, 00000000 (xxx = signal strength value) whether there is CC hit or not SLS and GLG commands return LCD screen info/reception status ok.

17.9.2024 TIDRADIO TD-H3 firmware H3_240625.BIN 8051 disassemblerWin10 Windows app produces nice and (maybe) correct looking 8051 table define and asm files Reference.a51 Disassembly.a51

 18.2.2024 SX1278: testing SDRAngel LoRa demodulator Arduino Uno Dragino Lora Shield Semtech SX1278 SDRAngel 7.17.1 SDRAngel LoRa demodulator manages to properly decode TX with spreading factor 12. Spreading factor 11 produces wrong decoding of payload (FEC fix without ok correction)

 1.6.2024 Inspecting radar based speed info display device Sierzega Android app Shellypro3 smart switch

 24.6.2024 SCAT: cheap 4G LTE Wifi modem https://github.com/fgsect/scat http://192.168.100.1 - login admin/admin http://192.168.100.1/usbdebug.html -- shows blank screen and activates ADB server/roots the device   scat -t qc -u -a 001:003 -i 3

 17.5.2024 QCSuper - Huawei E1552 mobile broadband USB stick VirtualBox Ubuntu 22.04 LTS Huawei E1552 mobile broadband HSDPA USB stick works with QCSuper AT$QCDMG - enable Diag Port sudo ./qcsuper.py --usb-modem 12d1:1001 --pcap-dump pc.cap   Wireshark live view started to work after stopping ModemManager sudo systemctl stop ModemManager