Mobile Network Assessment Tools » History » Revision 4
Revision 3 (Linus, 12/19/2013 03:32 PM) → Revision 4/32 (Linus, 12/19/2013 03:54 PM)
h2. Overview This is a collection of tools for the assessment of mobile network security. It includes: * *[[SIMtester]]* Find signature & encryption give-away bugs as well es unprotected or hidden TARs * *[[xgoldscanner]]* Actively collect 2G and 3G logs from Samsung Galaxy phones to your computer (Linux application) * *[[catcher catcher]]* Detect fake 2G base stations * *[[GSMmap-apk]]* Actively collect 2G and 3G logs using Samsung Galaxy phones (Android application) All command-line tools are provided in the *GSMmap-live* system, which auto-submits data to "GSMmap.org":https://GSMmap.org ***** h2. SIMtester Assess SIM card security in 3 dimensions: * *Cryptanalytic attack surface* Collect signature giveaways Collect encryption giveaways * *Security level* Detect "unprotected" TARs accepting unauthenticated commands (MSL=0) * *Spec. compliance* Create a comprehensive overview of all available TARs h3. Requirements: * PC/SC reader –or– * Osmocom phone * SOFTWARE JAVA? todo h3. Download Pre-compiled .jar TODO Source Code TODO Live System TODO h3. Instructions # Download # unpack # run: TODO call * TODO command line parameters h3. Mailing list A public mailing list for announcements and discussion can be found TODO "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 . Please fill bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers. ***** h2. xgoldscanner Actively collect 2G and 3G traces using Samsung Android phones. Log files can be analyzed with Tobias Engel's "xgoldmon":https://github.com/2b-as/xgoldmon tool, which heavily inspired the development of xgoldscanner. h3. Requirements: * Samsung Galaxy S2 / S3 phone * Micro-USB cable * Linux Computer h3. Download: * Source Code (bash) * Live System h3. Instructions # Download # unpack # run: <pre>sudo ./xgoldscanner.sh -n [telephone number, e.g. +491234567]</pre> TODO call Optional parameters: * -g conduct GPRS test * -d display debug messages * -o offline mode [skip log upload for manual submission] * -3 conduct 3G tests only [skip 2G tests] * -y assume "yes" to questions and confirmation dialogues [for automated testing] * -i <n> repeat each test <n> times (default is 5) TODO command line parameters h3. Advanced usage Use Tobias Engel's "xgoldmon":https://github.com/2b-as/xgoldmon tool to analyze log files. h3. Mailing list A public mailing list for announcements and discussion can be found TODO "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 . Please fill bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers. ***** h2. catcher catcher Display mobile network irregularities hinting at fake base station activity. h3. Requirements: * Osmocom phone * Osmocom serial cable * Linux Computer h3. Download: * Source Code * Live System h3. Instructions # Download # unpack # run: TODO call * TODO command line parameters h3. Mailing list A public mailing list for announcements and discussion can be found TODO "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 . Please fill bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers. ***** h2. GSMmap-apk Actively collect 2G and 3G traces using Samsung Android phones. h3. Requirements: * Samsung Galaxy S2 / S3 phone h3. Download: * Pre-compiled .apk * Source Code h3. Instructions # Install application from App Store # Run h3. Mailing list A public mailing list for announcements and discussion can be found TODO "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 . Please fill bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers. ***** h2. GSMmap-live This live linux system is equipped with all the assessment tools listed above. It furthermore includes It facilitates their use and automatically uploads logs to GSMmap.org. h3. Requirements: * 64bit-compatible Computer * For each test: Requirements listed above h3. Download: * Live system image * Source Code h3. Instructions # Download # Unpack: <pre>tar xvzf gsmmap-live.img.tar.gz</pre> # Write to stick <pre>dd if=gsmmap-live.img of=/dev/[USB-stick] [bs=1M]</pre> # Boot from stick h3. Mailing list A public mailing list for announcements and discussion can be found TODO "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 . Please fill bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers.