Project

General

Profile

Mobile Network Assessment Tools » History » Revision 4

Revision 3 (Linus, 12/19/2013 03:32 PM) → Revision 4/32 (Linus, 12/19/2013 03:54 PM)

h2. Overview 

 This is a collection of tools for the assessment of mobile network security. 
 It includes: 

 * *[[SIMtester]]* 
 Find signature & encryption give-away bugs as well es unprotected or hidden TARs 

 * *[[xgoldscanner]]* 
 Actively collect 2G and 3G logs from Samsung Galaxy phones to your computer (Linux application) 

 * *[[catcher catcher]]* 
 Detect fake 2G base stations 

 * *[[GSMmap-apk]]* 
 Actively collect 2G and 3G logs using Samsung Galaxy phones (Android application) 

 All command-line tools are provided in the *GSMmap-live* system, which auto-submits data to "GSMmap.org":https://GSMmap.org 

 ***** 

 h2. SIMtester 

 Assess SIM card security in 3 dimensions: 

 * *Cryptanalytic attack surface* 
 Collect signature giveaways 
 Collect encryption giveaways 

 * *Security level* 
 Detect "unprotected" TARs accepting unauthenticated commands (MSL=0) 

 * *Spec. compliance* 
 Create a comprehensive overview of all available TARs 

 h3. Requirements: 

 * PC/SC reader –or– 
 * Osmocom phone 
 * SOFTWARE JAVA? todo 

 h3. Download 

 Pre-compiled .jar TODO 
 Source Code TODO 
 Live System TODO 

 h3. Instructions 

 # Download 
 # unpack 
 # run: TODO call 
 * TODO command line parameters 

 h3. Mailing list 

 A public mailing list for announcements and discussion can be found TODO    "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 . 
 Please fill bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers. 


 ***** 

 h2. xgoldscanner 

 Actively collect 2G and 3G traces using Samsung Android phones. 
 Log files can be analyzed with Tobias Engel's "xgoldmon":https://github.com/2b-as/xgoldmon tool, which heavily inspired the development of xgoldscanner. 

 h3. Requirements: 

 * Samsung Galaxy S2 / S3    phone 
 * Micro-USB cable 
 * Linux Computer 

 h3. Download: 

 * Source Code (bash) 
 * Live System 

 h3. Instructions 

 # Download 
 # unpack 
 # run:    <pre>sudo ./xgoldscanner.sh -n [telephone number, e.g. +491234567]</pre> TODO call 
 Optional parameters: 
 *    -g    conduct GPRS test 
 *    -d    display debug messages 
 *    -o    offline mode [skip log upload for manual submission] 
 *    -3    conduct 3G tests only [skip 2G tests] 
 *    -y    assume "yes" to questions and confirmation dialogues [for automated testing] 
 *    -i    <n> repeat each test <n> times (default is 5) TODO command line parameters 

 h3. Advanced usage 

 Use Tobias Engel's "xgoldmon":https://github.com/2b-as/xgoldmon tool to analyze log files. 


 h3. Mailing list 

 A public mailing list for announcements and discussion can be found TODO    "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 . 
 Please fill bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers. 

 ***** 

 h2. catcher catcher 

 Display mobile network irregularities hinting at fake base station activity. 

 h3. Requirements: 

 * Osmocom phone 
 * Osmocom serial cable 
 * Linux Computer 

 h3. Download: 

 * Source Code 
 * Live System 

 h3. Instructions 

 # Download 
 # unpack 
 # run: TODO call 
 * TODO command line parameters 

 h3. Mailing list 

 A public mailing list for announcements and discussion can be found TODO    "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 . 
 Please fill bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers. 

 ***** 

 h2. GSMmap-apk 

 Actively collect 2G and 3G traces using Samsung Android phones. 

 h3. Requirements: 

 * Samsung Galaxy S2 / S3 phone 

 h3. Download: 

 * Pre-compiled .apk 
 * Source Code 

 h3. Instructions 

 # Install application from App Store 
 # Run 

 h3. Mailing list 

 A public mailing list for announcements and discussion can be found TODO    "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 . 
 Please fill bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers. 

 ***** 

 h2. GSMmap-live 

 This live linux system is equipped with all the assessment tools listed above. It furthermore includes 
 It facilitates their use and automatically uploads logs to GSMmap.org. 

 h3. Requirements: 

 * 64bit-compatible Computer 
 * For each test: Requirements listed above 

 h3. Download: 

 * Live system image 
 * Source Code 

 h3. Instructions 

 # Download 
 # Unpack: <pre>tar xvzf gsmmap-live.img.tar.gz</pre> 
 # Write to stick <pre>dd if=gsmmap-live.img of=/dev/[USB-stick] [bs=1M]</pre> 
 # Boot from stick 

 h3. Mailing list 

 A public mailing list for announcements and discussion can be found TODO    "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 . 
 Please fill bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers.