IF YOU HAVE RECENTLY PURCHASED A HACKRF ONE AND PORTAPACK H2 AND CANNOT GET THE DEVICE WORKING, PLEASE FOLLOW THE STEPS BELOW.
New HackRF One Hardware Revision
One of the many casualties to the recent global microchip shortage was Great Scott Gadgets’ HackRF One, leaving many a hacker and SDR enthusiast without access to new devices for most of 2022. Fortunately, the company was able to redesign the board around replacement components and has recently released the new r9 variation of the HackRF to the market. For a full walkthrough of the changes, check out the GitHub updates and GSG’s blog post on the topic. In summary, the MAX2837 and Si5351C were replaced with MAX2839 and Si5351A chips.
PortaPack Firmware Incompatible
The hardware revisions have no impact on the functionality of the device itself, but official releases of the PortaPack firmware have not yet caught up to the hardware changes – this includes the popular MAYHEM and Sharebrained PortaPack variations. Many users have experienced difficulties with their new HackRF r9 and PortaPack H2 configurations due to this issue and have been unable to get device up and running.
Luckily, the development community has already made the necessary updates to the source code for both of these firmware variants. These updates have not yet been integrated into official releases, but this article will provide a step-by-step walkthrough of the update procedure required to get the latest version of these PortaPack firmware distros running on your HackRF One r9.
Getting Back to the Default Firmware
If you have already tried flashing your HackRF r9 with the official PortaPack/MAYHEM firmware, then your device will not be recoverable via the SPI flashing process typically used to change firmware. Don’t worry – you did not brick your HackRF, you will just have to revert to the default firmware via DFU boot mode before proceeding with the steps below.
To reflash the HackRF from DFU-Mode, you will need a Linux workstation with DFU-UTIL installed. If you are using a Debian-based distribution, this utility can be installed through the terminal emulator by executing the following command:
sudo apt-get install dfu-util
For other Linux distributions, refer to the DFU-UTIL documentation for full build instructions.
Once installed, you will need to download the most recent official release of the HackRF One firmware from the project’s GitHub page. Extract this directory archive to the desired location on your system, open a terminal, and cd to the directory labelled “firmware-bin” containing the file called “hackrf_one_USB.dfu“.
While holding down the left-most button on the top of the HackRF, plug the device into you Linux system via USB. The device should powerup with a single green LED indicating that it is in DFU boot mode. From here you will execute the following command via the terminal emulator:
dfu-util --device 1fc9:000c --alt 0 --download hackrf_one_usb.dfu
Once the DFU file is flashed, you will need to reflash the SPI firmware in memory by executing the command:
hackrf_spiflash -w hackrf_one_usb.bin
Your HackRF One will now be restored to its factory default state and ready for the updated MAYHEM/PortaPack firmware.
MAYHEM Firmware Nightly Update
Now that your HackRF One r9 is in its factory default state, you will need to locate the most recent update of the MAYHEM firmware for the PortaPack via the project’s GitHub page. This project features nightly releases of the most recent build, and although it is typically recommended to rely on official releases, you will need to download any version from 2023-02-17 on, where pull request 805 was merged to address the incompatibility. This archive contains everything you will need to flash the MAYHEM firmware from both Linux and Windows systems.
For Linux users, the process is exactly the same as flashing the SPI memory with the default HackRF firmware, except you will be using the file called “portapack-h1_h2_mayhem.bin” located in the “firmware-bin” directory of the MAYHEM firmware archive. Just plug the HackRF into your system via USB, open a terminal emulator, cd into the location where this was extracted, and execute the command:
hackrf_spiflash -w portapack-h1_h2-mayhem.bin
Once complete, disconnect and reboot your device with the PortaPack H2 board mounted and you should be greeted with the MAYHEM UI on the screen. Note that you may have to press the LEFT or UP button on the PortaPack to activate the LED screen drivers for your first bootup depending on the board variant.
Windows users will be happy to find an automated software tool for flashing the device included in the MAYHEM/PortaPack firmware. Download and extract this to your PC and locate the file called “flash_portapack_mayhem.bat“. You will need to have the HackRF and NXP LPC DFU drivers installed – if you do not, these are included with the firmware archive in a folder called “driver“. Just plug the device into your PC, run the file, and follow the directions in the command prompt window – that’s it!
Sharebrained Firmware Update
The original PortaPack firmware project by Sharebrained is essentially deprecated at this point due to lack of development and maintenence, with most of the major developers having moved on to HAVOC or MAYHEM forks. That said, mossmann himself made several commits to the project in an updated branch of the project. If you must have the Sharebraied version of the firmware for some reason, you will have to download the archive and compile your own .bin file from the source code itself. Check out pull request 187 for all the patch details.
The compilation procedure is a bit on the technical side for the uninitiated and beyond the scope of this article, but an excellent guide to customizing and compiling PortaPack source code can be found in the MAYHEM wiki. You will need to modify the procedure slightly to align with the Sharebrained source code, but pretty much everything you need to know is accessible through this guide.
Hopefully this article solved your PortaPack problems and you are ready to get the device out into the field! Make sure to check out our assembly guide if you haven’t already. For the most reliable PortaPack boards and the genuine GSG HackRF One, go to Hacker Warehouse first. Until next time, keep it between the laws and keep it between the LOLs.
