Project

General

Profile

Actions

Mobile Network Assessment Tools » History » Revision 17

« Previous | Revision 17/32 (diff) | Next »
Linus, 12/23/2013 05:24 PM


Overview

This is a collection of tools for the assessment of mobile network security.
It includes:

  • GSMmap-apk
    Android application that collects 2G and 3G network traces from Samsung Galaxy phones
  • xgoldscanner
    Linux application that collects 2G and 3G network traces from Samsung Galaxy phones
  • CatcherCatcher
    Collect evidence of 2G fake base station activity (requires Osmocom phone)

The tools are included in the GSMmap-live system, which auto-submits data for analysis at GSMmap.org
Also on the live system lives:

A public mailing list for discussions and occasional announcements is found here



CatcherCatcher


GSMmap-apk

Actively collect 2G and 3G traces using Samsung Android phones.

Requirements:

  • Samsung Galaxy S2 / S3 phone

Download:

  • Pre-compiled .apk TODO
  • Source Code TODO

Disclaimer

The tests include an active part. First, your phone will place outgoing calls to a dedicated number. This number will always be busy and never answer in order to rule out voice charges as best as we can.

Second, your phone will send SMS short messages via an invalid SMS-C to an invalid number.

During our tests (in Europe) we have not encounter any network that would charge for these transactions. However, we can not rule out that you may be charged in specific settings.

To control for involuntary charges, we strongly advise the use of a dedicated pre-paid SIM card for these tests.

Instructions

  1. Install application from Google Play app store TODO
  2. Run

Mailing list

A public mailing list for discussions is here


GSMmap-live

This live Linux system is equipped with all the assessment tools listed above. It furthermore includes TODO
The live system facilitates their use and automatically uploads logs to GSMmap.org.

Requirements

  • Computer capable of running 64bit Linus
  • For each test: Requirements listed in the respective tool wiki pages

Download

  • Live system image TODO

Disclaimer

The tests include an active part. First, your phone will place outgoing calls to a dedicated number. This number will always be busy and never answer in order to rule out voice charges as best as we can.

Second, your phone will send SMS short messages via an invalid SMS-C to an invalid number.

During our tests (in Europe) we have not encounter any network that would charge for these transactions. However, we can not rule out that you may be charged in specific settings.

To control for involuntary charges, we strongly advise the use of a dedicated pre-paid SIM card for these tests.

Instructions

  1. Download TODO
  2. Unpack:
    tar xvzf gsmmap-live.img.tar.gz
  3. Write to stick
    dd if=gsmmap-live.img of=/dev/[USB-stick] [bs=1M]
  4. Boot from stick

Mailing list

A public mailing list for discussions is here

Please file bugs and support requests through the issue tracker as they may be of little relevance to the majority of the mailing list subscribers.

Updated by Linus about 11 years ago · 17 revisions