Project

General

Profile

Mobile Network Assessment Tools » History » Version 5

Ben, 12/20/2013 03:11 PM

1 1 Linus
h2. Overview
2 1 Linus
3 1 Linus
This is a collection of tools for the assessment of mobile network security.
4 1 Linus
It includes:
5 3 Linus
6 3 Linus
* *[[SIMtester]]*
7 1 Linus
Find signature & encryption give-away bugs as well es unprotected or hidden TARs
8 3 Linus
9 3 Linus
* *[[xgoldscanner]]*
10 3 Linus
Actively collect 2G and 3G logs from Samsung Galaxy phones to your computer (Linux application)
11 3 Linus
12 3 Linus
* *[[catcher catcher]]*
13 2 Linus
Detect fake 2G base stations
14 2 Linus
15 3 Linus
* *[[GSMmap-apk]]*
16 3 Linus
Actively collect 2G and 3G logs using Samsung Galaxy phones (Android application)
17 1 Linus
18 3 Linus
All command-line tools are provided in the *GSMmap-live* system, which auto-submits data to "GSMmap.org":https://GSMmap.org
19 3 Linus
20 1 Linus
*****
21 2 Linus
22 2 Linus
h2. SIMtester
23 1 Linus
24 1 Linus
Assess SIM card security in 3 dimensions:
25 1 Linus
26 2 Linus
* *Cryptanalytic attack surface*
27 2 Linus
Collect signature giveaways
28 2 Linus
Collect encryption giveaways
29 3 Linus
30 2 Linus
* *Security level*
31 2 Linus
Detect "unprotected" TARs accepting unauthenticated commands (MSL=0)
32 3 Linus
33 1 Linus
* *Spec. compliance*
34 1 Linus
Create a comprehensive overview of all available TARs
35 2 Linus
36 2 Linus
h3. Requirements:
37 2 Linus
38 2 Linus
* PC/SC reader –or–
39 2 Linus
* Osmocom phone
40 2 Linus
* SOFTWARE JAVA? todo
41 2 Linus
42 2 Linus
h3. Download
43 1 Linus
44 3 Linus
Pre-compiled .jar TODO
45 3 Linus
Source Code TODO
46 3 Linus
Live System TODO
47 1 Linus
48 1 Linus
h3. Instructions
49 2 Linus
50 2 Linus
# Download
51 2 Linus
# unpack
52 2 Linus
# run: TODO call
53 2 Linus
* TODO command line parameters
54 1 Linus
55 3 Linus
h3. Mailing list
56 3 Linus
57 3 Linus
A public mailing list for announcements and discussion can be found TODO  "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 .
58 5 Ben
Please file bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers.
59 3 Linus
60 3 Linus
61 2 Linus
*****
62 2 Linus
63 2 Linus
h2. xgoldscanner
64 1 Linus
65 2 Linus
Actively collect 2G and 3G traces using Samsung Android phones.
66 3 Linus
Log files can be analyzed with Tobias Engel's "xgoldmon":https://github.com/2b-as/xgoldmon tool, which heavily inspired the development of xgoldscanner.
67 2 Linus
68 2 Linus
h3. Requirements:
69 2 Linus
70 2 Linus
* Samsung Galaxy S2 / S3  phone
71 2 Linus
* Micro-USB cable
72 2 Linus
* Linux Computer
73 2 Linus
74 1 Linus
h3. Download:
75 2 Linus
76 1 Linus
* Source Code (bash)
77 1 Linus
* Live System
78 1 Linus
79 1 Linus
h3. Instructions
80 1 Linus
81 1 Linus
# Download
82 2 Linus
# unpack
83 4 Linus
# run:  <pre>sudo ./xgoldscanner.sh -n [telephone number, e.g. +491234567]</pre>
84 4 Linus
Optional parameters:
85 4 Linus
*  -g  conduct GPRS test
86 4 Linus
*  -d  display debug messages
87 4 Linus
*  -o  offline mode [skip log upload for manual submission]
88 4 Linus
*  -3  conduct 3G tests only [skip 2G tests]
89 4 Linus
*  -y  assume "yes" to questions and confirmation dialogues [for automated testing]
90 4 Linus
*  -i  <n> repeat each test <n> times (default is 5)
91 2 Linus
92 2 Linus
h3. Advanced usage
93 2 Linus
94 3 Linus
Use Tobias Engel's "xgoldmon":https://github.com/2b-as/xgoldmon tool to analyze log files.
95 2 Linus
96 3 Linus
97 3 Linus
h3. Mailing list
98 3 Linus
99 3 Linus
A public mailing list for announcements and discussion can be found TODO  "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 .
100 5 Ben
Please file bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers.
101 3 Linus
102 2 Linus
*****
103 2 Linus
104 1 Linus
h2. catcher catcher
105 1 Linus
106 2 Linus
Display mobile network irregularities hinting at fake base station activity.
107 2 Linus
108 2 Linus
h3. Requirements:
109 2 Linus
110 2 Linus
* Osmocom phone
111 2 Linus
* Osmocom serial cable
112 1 Linus
* Linux Computer
113 1 Linus
114 1 Linus
h3. Download:
115 1 Linus
116 1 Linus
* Source Code
117 2 Linus
* Live System
118 2 Linus
119 2 Linus
h3. Instructions
120 2 Linus
121 2 Linus
# Download
122 2 Linus
# unpack
123 2 Linus
# run: TODO call
124 2 Linus
* TODO command line parameters
125 2 Linus
126 3 Linus
h3. Mailing list
127 3 Linus
128 3 Linus
A public mailing list for announcements and discussion can be found TODO  "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 .
129 5 Ben
Please file bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers.
130 3 Linus
131 1 Linus
*****
132 1 Linus
133 2 Linus
h2. GSMmap-apk
134 2 Linus
135 2 Linus
Actively collect 2G and 3G traces using Samsung Android phones.
136 2 Linus
137 1 Linus
h3. Requirements:
138 1 Linus
139 1 Linus
* Samsung Galaxy S2 / S3 phone
140 1 Linus
141 1 Linus
h3. Download:
142 2 Linus
143 2 Linus
* Pre-compiled .apk
144 1 Linus
* Source Code
145 1 Linus
146 2 Linus
h3. Instructions
147 2 Linus
148 2 Linus
# Install application from App Store
149 2 Linus
# Run
150 2 Linus
151 3 Linus
h3. Mailing list
152 3 Linus
153 3 Linus
A public mailing list for announcements and discussion can be found TODO  "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 .
154 5 Ben
Please file bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers.
155 3 Linus
156 2 Linus
*****
157 2 Linus
158 1 Linus
h2. GSMmap-live
159 2 Linus
160 3 Linus
This live linux system is equipped with all the assessment tools listed above. It furthermore includes
161 3 Linus
It facilitates their use and automatically uploads logs to GSMmap.org.
162 2 Linus
163 1 Linus
h3. Requirements:
164 1 Linus
165 1 Linus
* 64bit-compatible Computer
166 1 Linus
* For each test: Requirements listed above
167 1 Linus
168 2 Linus
h3. Download:
169 2 Linus
170 2 Linus
* Live system image
171 2 Linus
* Source Code
172 2 Linus
173 2 Linus
h3. Instructions
174 2 Linus
175 2 Linus
# Download
176 2 Linus
# Unpack: <pre>tar xvzf gsmmap-live.img.tar.gz</pre>
177 2 Linus
# Write to stick <pre>dd if=gsmmap-live.img of=/dev/[USB-stick] [bs=1M]</pre>
178 2 Linus
# Boot from stick
179 3 Linus
180 3 Linus
h3. Mailing list
181 3 Linus
182 3 Linus
A public mailing list for announcements and discussion can be found TODO  "here":http://lists.srlabs.de/cgi-bin/mailman/listinfo/a51 .
183 5 Ben
Please file bugs and support requests through the "issue tracker TODO ":http://opensource.srlabs.de/projects/a51-decrypt/issues/new as they may be of little relevance to the majority of the mailing list subscribers.