Project

General

Profile

Mobile Network Assessment Tools » History » Version 3

Linus, 12/19/2013 03:32 PM

1 1 Linus
h2. Overview
2 1 Linus
3 1 Linus
This is a collection of tools for the assessment of mobile network security.
4 1 Linus
It includes:
5 3 Linus
6 3 Linus
* *[[SIMtester]]*
7 1 Linus
Find signature & encryption give-away bugs as well es unprotected or hidden TARs
8 3 Linus
9 3 Linus
* *[[xgoldscanner]]*
10 3 Linus
Actively collect 2G and 3G logs from Samsung Galaxy phones to your computer (Linux application)
11 3 Linus
12 3 Linus
* *[[catcher catcher]]*
13 2 Linus
Detect fake 2G base stations
14 2 Linus
15 3 Linus
* *[[GSMmap-apk]]*
16 3 Linus
Actively collect 2G and 3G logs using Samsung Galaxy phones (Android application)
17 1 Linus
18 3 Linus
All command-line tools are provided in the *GSMmap-live* system, which auto-submits data to "GSMmap.org":https://GSMmap.org
19 3 Linus
20 1 Linus
*****
21 2 Linus
22 2 Linus
h2. SIMtester
23 1 Linus
24 1 Linus
Assess SIM card security in 3 dimensions:
25 1 Linus
26 2 Linus
* *Cryptanalytic attack surface*
27 2 Linus
Collect signature giveaways
28 2 Linus
Collect encryption giveaways
29 3 Linus
30 2 Linus
* *Security level*
31 2 Linus
Detect "unprotected" TARs accepting unauthenticated commands (MSL=0)
32 3 Linus
33 1 Linus
* *Spec. compliance*
34 1 Linus
Create a comprehensive overview of all available TARs
35 2 Linus
36 2 Linus
h3. Requirements:
37 2 Linus
38 2 Linus
* PC/SC reader –or–
39 2 Linus
* Osmocom phone
40 2 Linus
* SOFTWARE JAVA? todo
41 2 Linus
42 2 Linus
h3. Download
43 1 Linus
44 3 Linus
Pre-compiled .jar TODO
45 3 Linus
Source Code TODO
46 3 Linus
Live System TODO
47 1 Linus
48 1 Linus
h3. Instructions
49 2 Linus
50 2 Linus
# Download
51 2 Linus
# unpack
52 2 Linus
# run: TODO call
53 2 Linus
* TODO command line parameters
54 1 Linus
55 3 Linus
h3. Mailing list
56 3 Linus
57 3 Linus
A public mailing list for announcements and discussion can be found TODO  "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 .
58 3 Linus
Please fill bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers.
59 3 Linus
60 3 Linus
61 2 Linus
*****
62 2 Linus
63 2 Linus
h2. xgoldscanner
64 1 Linus
65 2 Linus
Actively collect 2G and 3G traces using Samsung Android phones.
66 3 Linus
Log files can be analyzed with Tobias Engel's "xgoldmon":https://github.com/2b-as/xgoldmon tool, which heavily inspired the development of xgoldscanner.
67 2 Linus
68 2 Linus
h3. Requirements:
69 2 Linus
70 2 Linus
* Samsung Galaxy S2 / S3  phone
71 2 Linus
* Micro-USB cable
72 2 Linus
* Linux Computer
73 2 Linus
74 1 Linus
h3. Download:
75 2 Linus
76 1 Linus
* Source Code (bash)
77 1 Linus
* Live System
78 1 Linus
79 1 Linus
h3. Instructions
80 1 Linus
81 1 Linus
# Download
82 2 Linus
# unpack
83 2 Linus
# run: TODO call
84 2 Linus
* TODO command line parameters
85 2 Linus
86 2 Linus
h3. Advanced usage
87 2 Linus
88 3 Linus
Use Tobias Engel's "xgoldmon":https://github.com/2b-as/xgoldmon tool to analyze log files.
89 2 Linus
90 3 Linus
91 3 Linus
h3. Mailing list
92 3 Linus
93 3 Linus
A public mailing list for announcements and discussion can be found TODO  "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 .
94 3 Linus
Please fill bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers.
95 3 Linus
96 2 Linus
*****
97 2 Linus
98 1 Linus
h2. catcher catcher
99 1 Linus
100 2 Linus
Display mobile network irregularities hinting at fake base station activity.
101 2 Linus
102 2 Linus
h3. Requirements:
103 2 Linus
104 2 Linus
* Osmocom phone
105 2 Linus
* Osmocom serial cable
106 1 Linus
* Linux Computer
107 1 Linus
108 1 Linus
h3. Download:
109 1 Linus
110 1 Linus
* Source Code
111 2 Linus
* Live System
112 2 Linus
113 2 Linus
h3. Instructions
114 2 Linus
115 2 Linus
# Download
116 2 Linus
# unpack
117 2 Linus
# run: TODO call
118 2 Linus
* TODO command line parameters
119 2 Linus
120 3 Linus
h3. Mailing list
121 3 Linus
122 3 Linus
A public mailing list for announcements and discussion can be found TODO  "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 .
123 3 Linus
Please fill bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers.
124 3 Linus
125 1 Linus
*****
126 1 Linus
127 2 Linus
h2. GSMmap-apk
128 2 Linus
129 2 Linus
Actively collect 2G and 3G traces using Samsung Android phones.
130 2 Linus
131 1 Linus
h3. Requirements:
132 1 Linus
133 1 Linus
* Samsung Galaxy S2 / S3 phone
134 1 Linus
135 1 Linus
h3. Download:
136 2 Linus
137 2 Linus
* Pre-compiled .apk
138 1 Linus
* Source Code
139 1 Linus
140 2 Linus
h3. Instructions
141 2 Linus
142 2 Linus
# Install application from App Store
143 2 Linus
# Run
144 2 Linus
145 3 Linus
h3. Mailing list
146 3 Linus
147 3 Linus
A public mailing list for announcements and discussion can be found TODO  "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 .
148 3 Linus
Please fill bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers.
149 3 Linus
150 2 Linus
*****
151 2 Linus
152 1 Linus
h2. GSMmap-live
153 2 Linus
154 3 Linus
This live linux system is equipped with all the assessment tools listed above. It furthermore includes
155 3 Linus
It facilitates their use and automatically uploads logs to GSMmap.org.
156 2 Linus
157 1 Linus
h3. Requirements:
158 1 Linus
159 1 Linus
* 64bit-compatible Computer
160 1 Linus
* For each test: Requirements listed above
161 1 Linus
162 2 Linus
h3. Download:
163 2 Linus
164 2 Linus
* Live system image
165 2 Linus
* Source Code
166 2 Linus
167 2 Linus
h3. Instructions
168 2 Linus
169 2 Linus
# Download
170 2 Linus
# Unpack: <pre>tar xvzf gsmmap-live.img.tar.gz</pre>
171 2 Linus
# Write to stick <pre>dd if=gsmmap-live.img of=/dev/[USB-stick] [bs=1M]</pre>
172 2 Linus
# Boot from stick
173 3 Linus
174 3 Linus
h3. Mailing list
175 3 Linus
176 3 Linus
A public mailing list for announcements and discussion can be found TODO  "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 .
177 3 Linus
Please fill bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers.