Project

General

Profile

Mobile Network Assessment Tools » History » Version 5

Ben, 12/20/2013 03:11 PM

1 1 Linus
h2. Overview
2
3
This is a collection of tools for the assessment of mobile network security.
4
It includes:
5 3 Linus
6
* *[[SIMtester]]*
7 1 Linus
Find signature & encryption give-away bugs as well es unprotected or hidden TARs
8 3 Linus
9
* *[[xgoldscanner]]*
10
Actively collect 2G and 3G logs from Samsung Galaxy phones to your computer (Linux application)
11
12
* *[[catcher catcher]]*
13 2 Linus
Detect fake 2G base stations
14
15 3 Linus
* *[[GSMmap-apk]]*
16
Actively collect 2G and 3G logs using Samsung Galaxy phones (Android application)
17 1 Linus
18 3 Linus
All command-line tools are provided in the *GSMmap-live* system, which auto-submits data to "GSMmap.org":https://GSMmap.org
19
20 1 Linus
*****
21 2 Linus
22
h2. SIMtester
23 1 Linus
24
Assess SIM card security in 3 dimensions:
25
26 2 Linus
* *Cryptanalytic attack surface*
27
Collect signature giveaways
28
Collect encryption giveaways
29 3 Linus
30 2 Linus
* *Security level*
31
Detect "unprotected" TARs accepting unauthenticated commands (MSL=0)
32 3 Linus
33 1 Linus
* *Spec. compliance*
34
Create a comprehensive overview of all available TARs
35 2 Linus
36
h3. Requirements:
37
38
* PC/SC reader –or–
39
* Osmocom phone
40
* SOFTWARE JAVA? todo
41
42
h3. Download
43 1 Linus
44 3 Linus
Pre-compiled .jar TODO
45
Source Code TODO
46
Live System TODO
47 1 Linus
48
h3. Instructions
49 2 Linus
50
# Download
51
# unpack
52
# run: TODO call
53
* TODO command line parameters
54 1 Linus
55 3 Linus
h3. Mailing list
56
57
A public mailing list for announcements and discussion can be found TODO  "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 .
58 5 Ben
Please file bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers.
59 3 Linus
60
61 2 Linus
*****
62
63
h2. xgoldscanner
64 1 Linus
65 2 Linus
Actively collect 2G and 3G traces using Samsung Android phones.
66 3 Linus
Log files can be analyzed with Tobias Engel's "xgoldmon":https://github.com/2b-as/xgoldmon tool, which heavily inspired the development of xgoldscanner.
67 2 Linus
68
h3. Requirements:
69
70
* Samsung Galaxy S2 / S3  phone
71
* Micro-USB cable
72
* Linux Computer
73
74 1 Linus
h3. Download:
75 2 Linus
76 1 Linus
* Source Code (bash)
77
* Live System
78
79
h3. Instructions
80
81
# Download
82 2 Linus
# unpack
83 4 Linus
# run:  <pre>sudo ./xgoldscanner.sh -n [telephone number, e.g. +491234567]</pre>
84
Optional parameters:
85
*  -g  conduct GPRS test
86
*  -d  display debug messages
87
*  -o  offline mode [skip log upload for manual submission]
88
*  -3  conduct 3G tests only [skip 2G tests]
89
*  -y  assume "yes" to questions and confirmation dialogues [for automated testing]
90
*  -i  <n> repeat each test <n> times (default is 5)
91 2 Linus
92
h3. Advanced usage
93
94 3 Linus
Use Tobias Engel's "xgoldmon":https://github.com/2b-as/xgoldmon tool to analyze log files.
95 2 Linus
96 3 Linus
97
h3. Mailing list
98
99
A public mailing list for announcements and discussion can be found TODO  "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 .
100 5 Ben
Please file bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers.
101 3 Linus
102 2 Linus
*****
103
104 1 Linus
h2. catcher catcher
105
106 2 Linus
Display mobile network irregularities hinting at fake base station activity.
107
108
h3. Requirements:
109
110
* Osmocom phone
111
* Osmocom serial cable
112 1 Linus
* Linux Computer
113
114
h3. Download:
115
116
* Source Code
117 2 Linus
* Live System
118
119
h3. Instructions
120
121
# Download
122
# unpack
123
# run: TODO call
124
* TODO command line parameters
125
126 3 Linus
h3. Mailing list
127
128
A public mailing list for announcements and discussion can be found TODO  "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 .
129 5 Ben
Please file bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers.
130 3 Linus
131 1 Linus
*****
132
133 2 Linus
h2. GSMmap-apk
134
135
Actively collect 2G and 3G traces using Samsung Android phones.
136
137 1 Linus
h3. Requirements:
138
139
* Samsung Galaxy S2 / S3 phone
140
141
h3. Download:
142 2 Linus
143
* Pre-compiled .apk
144 1 Linus
* Source Code
145
146 2 Linus
h3. Instructions
147
148
# Install application from App Store
149
# Run
150
151 3 Linus
h3. Mailing list
152
153
A public mailing list for announcements and discussion can be found TODO  "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 .
154 5 Ben
Please file bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers.
155 3 Linus
156 2 Linus
*****
157
158 1 Linus
h2. GSMmap-live
159 2 Linus
160 3 Linus
This live linux system is equipped with all the assessment tools listed above. It furthermore includes
161
It facilitates their use and automatically uploads logs to GSMmap.org.
162 2 Linus
163 1 Linus
h3. Requirements:
164
165
* 64bit-compatible Computer
166
* For each test: Requirements listed above
167
168 2 Linus
h3. Download:
169
170
* Live system image
171
* Source Code
172
173
h3. Instructions
174
175
# Download
176
# Unpack: <pre>tar xvzf gsmmap-live.img.tar.gz</pre>
177
# Write to stick <pre>dd if=gsmmap-live.img of=/dev/[USB-stick] [bs=1M]</pre>
178
# Boot from stick
179 3 Linus
180
h3. Mailing list
181
182
A public mailing list for announcements and discussion can be found TODO  "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 .
183 5 Ben
Please file bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers.