Project

General

Profile

Mobile Network Assessment Tools » History » Version 14

Karsten, 12/23/2013 05:15 PM

1 1 Linus
h2. Overview
2 1 Linus
3 1 Linus
This is a collection of tools for the assessment of mobile network security.
4 1 Linus
It includes:
5 3 Linus
6 8 Karsten
* *[[GSMmap-apk]]*
7 8 Karsten
Android application that collects 2G and 3G network traces from Samsung Galaxy phones
8 8 Karsten
9 3 Linus
* *[[xgoldscanner]]*
10 8 Karsten
Linux application that collects 2G and 3G network traces from Samsung Galaxy phones
11 2 Linus
12 10 Karsten
* *[[CatcherCatcher]]*
13 8 Karsten
Collect evidence of 2G fake base station activity (requires Osmocom phone)
14 1 Linus
15 1 Linus
16 14 Karsten
The tools are included in the *[[GSMmap-live]]* system, which auto-submits data for analysis at "GSMmap.org":https://GSMmap.org
17 13 Karsten
Also on the live system lives:
18 1 Linus
19 13 Karsten
* "*SIMtester*":https://opensource.srlabs.de/projects/simtester/wiki
20 13 Karsten
Finds configuration bugs in SIM cards
21 1 Linus
22 14 Karsten
A public mailing list for discussions and occasional announcements is found "here":https://lists.srlabs.de/cgi-bin/mailman/listinfo/gsmmap
23 2 Linus
24 1 Linus
*****
25 1 Linus
26 14 Karsten
h1. xgoldscanner
27 2 Linus
28 14 Karsten
This script collects 2G and 3G traces using Samsung Android phones.
29 14 Karsten
The trace log files can be analyzed with Tobias Engel's "xgoldmon":https://github.com/2b-as/xgoldmon tool, which heavily inspired the development of xgoldscanner.
30 1 Linus
31 14 Karsten
h3. Requirements
32 1 Linus
33 1 Linus
* Samsung Galaxy S2 / S3  phone
34 2 Linus
* Micro-USB cable
35 14 Karsten
* Linux computer
36 1 Linus
37 14 Karsten
h3. Download
38 1 Linus
39 14 Karsten
TODO:
40 14 Karsten
41 7 Karsten
* Source Code (bash)
42 6 Linus
* Live System
43 6 Linus
44 6 Linus
h3. Disclaimer
45 6 Linus
46 14 Karsten
The tests include an active part. First, your phone will place outgoing calls to a dedicated number. This number will always be busy and never answer in order to rule out voice charges as best as we can.
47 6 Linus
48 14 Karsten
Second, your phone will send SMS short messages via an invalid SMS-C to an invalid number.
49 6 Linus
50 14 Karsten
During our tests (in Europe) we have not encounter any network that would charge for these transactions. However, we can not rule out that you may be charged in specific settings.
51 6 Linus
52 14 Karsten
To control for involuntary charges, we strongly advise the use of a dedicated pre-paid SIM card for these tests.
53 1 Linus
54 1 Linus
h3. Instructions
55 1 Linus
56 14 Karsten
# Download TODO
57 14 Karsten
# unpack TODO
58 1 Linus
# run:  <pre>sudo ./xgoldscanner.sh -n [telephone number, e.g. +491234567]</pre>
59 4 Linus
Optional parameters:
60 1 Linus
*  -g  conduct GPRS test
61 4 Linus
*  -d  display debug messages
62 1 Linus
*  -o  offline mode [skip log upload for manual submission]
63 4 Linus
*  -3  conduct 3G tests only [skip 2G tests]
64 1 Linus
*  -y  assume "yes" to questions and confirmation dialogues [for automated testing]
65 1 Linus
*  -i  <n> repeat each test <n> times (default is 5)
66 2 Linus
67 1 Linus
h3. Advanced usage
68 1 Linus
69 14 Karsten
Use Tobias Engel's "xgoldmon":https://github.com/2b-as/xgoldmon tool to analyze the trace log files.
70 3 Linus
71 3 Linus
h3. Mailing list
72 3 Linus
73 14 Karsten
A public mailing list for discussions is found "here":https://lists.srlabs.de/cgi-bin/mailman/listinfo/gsmmap
74 2 Linus
75 2 Linus
*****
76 1 Linus
77 10 Karsten
h2. CatcherCatcher
78 2 Linus
79 14 Karsten
The CatcherCatcher tool detects mobile network irregularities hinting at fake base station activity.
80 2 Linus
81 14 Karsten
h3. Requirements
82 2 Linus
83 2 Linus
* Osmocom phone
84 14 Karsten
* Osmocom cable
85 14 Karsten
* Linux computer
86 1 Linus
87 1 Linus
h3. Download:
88 1 Linus
89 14 Karsten
* Source Code TODO
90 14 Karsten
* Live System TODO
91 1 Linus
92 1 Linus
h3. Instructions
93 2 Linus
94 14 Karsten
# Download TODO
95 14 Karsten
# unpack TODO
96 11 Karsten
# run: TODO call
97 1 Linus
* TODO command line parameters
98 2 Linus
99 1 Linus
h3. Mailing list
100 1 Linus
101 2 Linus
A public mailing list discussion is "here":https://lists.srlabs.de/cgi-bin/mailman/listinfo/catchercatcher
102 1 Linus
103 2 Linus
*****
104 1 Linus
105 1 Linus
h2. GSMmap-apk
106 2 Linus
107 1 Linus
Actively collect 2G and 3G traces using Samsung Android phones.
108 1 Linus
109 1 Linus
h3. Requirements:
110 1 Linus
111 2 Linus
* Samsung Galaxy S2 / S3 phone
112 1 Linus
113 1 Linus
h3. Download:
114 1 Linus
115 14 Karsten
* Pre-compiled .apk TODO
116 14 Karsten
* Source Code TODO
117 1 Linus
118 6 Linus
h3. Disclaimer
119 6 Linus
120 14 Karsten
The tests include an active part. First, your phone will place outgoing calls to a dedicated number. This number will always be busy and never answer in order to rule out voice charges as best as we can.
121 6 Linus
122 14 Karsten
Second, your phone will send SMS short messages via an invalid SMS-C to an invalid number.
123 2 Linus
124 14 Karsten
During our tests (in Europe) we have not encounter any network that would charge for these transactions. However, we can not rule out that you may be charged in specific settings.
125 2 Linus
126 14 Karsten
To control for involuntary charges, we strongly advise the use of a dedicated pre-paid SIM card for these tests.
127 1 Linus
128 3 Linus
h3. Instructions
129 5 Ben
130 14 Karsten
# Install application from Google Play app store TODO
131 2 Linus
# Run
132 2 Linus
133 1 Linus
h3. Mailing list
134 2 Linus
135 3 Linus
A public mailing list for discussions is "here":https://lists.srlabs.de/cgi-bin/mailman/listinfo/gsmmap
136 3 Linus
137 2 Linus
*****
138 1 Linus
139 1 Linus
h2. GSMmap-live
140 1 Linus
141 14 Karsten
This live Linux system is equipped with all the assessment tools listed above. It furthermore includes TODO
142 14 Karsten
The live system facilitates their use and automatically uploads logs to GSMmap.org.
143 2 Linus
144 14 Karsten
h3. Requirements
145 2 Linus
146 14 Karsten
* Computer capable of running 64bit Linus
147 14 Karsten
* For each test: Requirements listed in the respective tool wiki pages
148 6 Linus
149 14 Karsten
h3. Download
150 6 Linus
151 14 Karsten
* Live system image TODO
152 6 Linus
153 14 Karsten
154 6 Linus
h3. Disclaimer
155 6 Linus
156 14 Karsten
The tests include an active part. First, your phone will place outgoing calls to a dedicated number. This number will always be busy and never answer in order to rule out voice charges as best as we can.
157 6 Linus
158 14 Karsten
Second, your phone will send SMS short messages via an invalid SMS-C to an invalid number.
159 6 Linus
160 14 Karsten
During our tests (in Europe) we have not encounter any network that would charge for these transactions. However, we can not rule out that you may be charged in specific settings.
161 6 Linus
162 14 Karsten
To control for involuntary charges, we strongly advise the use of a dedicated pre-paid SIM card for these tests.
163 2 Linus
164 2 Linus
h3. Instructions
165 2 Linus
166 14 Karsten
# Download TODO
167 2 Linus
# Unpack: <pre>tar xvzf gsmmap-live.img.tar.gz</pre>
168 1 Linus
# Write to stick <pre>dd if=gsmmap-live.img of=/dev/[USB-stick] [bs=1M]</pre>
169 2 Linus
# Boot from stick
170 2 Linus
171 3 Linus
h3. Mailing list
172 3 Linus
173 3 Linus
A public mailing list for discussions is "here":https://lists.srlabs.de/cgi-bin/mailman/listinfo/gsmmap
174 14 Karsten
175 14 Karsten
Please file bugs and support requests through the "issue tracker":https://opensource.srlabs.de/projects/mobile-network-assessment-tools/issues/new as they may be of little relevance to the majority of the mailing list subscribers.