Project

General

Profile

Wiki » History » Version 51

Patrick, 04/18/2018 01:38 PM
updates to reflect SnSn 2.0.

1 2 Alex
h1. SnoopSnitch
2 2 Alex
3 51 Patrick
SnoopSnitch is an open source Android app that offers users the opportunity to test the security of their mobile devices as well as of the mobile networks to which their devices connect. 
4 2 Alex
5 51 Patrick
!{width: 10%;}SnSn2_menu_yesroot.png!   !{width: 10%;}SnSn2_menu_yesroot03.png! !{width: 10%;}SnSn2_patch_results03.png! !{width: 10%;}SnSn2_patch_results01.png!
6 3 Alex
7 51 Patrick
SnoopSnitch offers two core security testing features:
8 1 Alex
9 51 Patrick
h3. SnoopSnitch - Android patch level analysis
10 1 Alex
11 51 Patrick
SnoopSnitch's latest feature are tests to analyze whether a device’s build of the Android mobile operating system is missing security patches. The goal of this test is to identify if any patches are missing that should be included relative to the device’s current security patch level date. 
12 51 Patrick
13 51 Patrick
This feature was introduced as part of the major 2.0 version update for SnoopSnitch. 
14 51 Patrick
For more information on our Android patch level analysis, you can review our presentation from Hack-in-the-box 2018 where we debuted and discussed the 2.0 version of SnoopSnitch [1]
15 51 Patrick
16 51 Patrick
h3. SnoopSnitch - Mobile network security tests
17 51 Patrick
18 51 Patrick
SnoopSnitch's original security tests focus on identifying potential attacks or surveillance against an individual device from the mobile network. SnoopSnitch collects and analyzes mobile radio data to make you aware of the overall security of the mobile network to which your device is connected and to warn you about threats like fake base stations (IMSI catchers), user tracking, and over-the-air updates. With SnoopSnitch you can use the data collected in the GSM Security Map at gsmmap.org and contribute your own data to GSM Map.
19 51 Patrick
20 51 Patrick
For more information about the mobile network security tests, you can review our presentation from 31c3 2014 where we debuted and discussed the initial 0.9 version of SnoopSnitch [2] 
21 51 Patrick
22 51 Patrick
[1] https://conference.hitb.org/hitbsecconf2018ams/sessions/mind-the-gap-uncovering-the-android-patch-gap-through-binary-only-patch-level-analysis/
23 51 Patrick
[2] https://www.youtube.com/watch?v=qpW9o4SP3K8&feature=youtu.be
24 51 Patrick
25 51 Patrick
26 51 Patrick
h2. Documentation
27 51 Patrick
28 51 Patrick
For additional details on SnoopSnitch please refer to our *[[FAQ]]*.
29 51 Patrick
30 51 Patrick
You can also review our [[Privacy_Policy]]
31 51 Patrick
32 1 Alex
See which [[Android application permissions]] are required to run SnoopSnitch.
33 1 Alex
34 51 Patrick
Learn about SnoopSnitch's [[IMSI Catcher Score| IMSI catcher metric]].
35 1 Alex
36 51 Patrick
37 51 Patrick
h2. Requirements:
38 51 Patrick
39 51 Patrick
SnoopSnitch is an app designed for use on *Android devices only*. SnoopSnitch will not work on Apple products. 
40 51 Patrick
41 51 Patrick
SnoopSnitch can be installed on devices with Android OS version 4.1.2 or higher. 
42 51 Patrick
43 51 Patrick
The *Android patch level analysis* tests are compatible with all devices.
44 51 Patrick
45 51 Patrick
The *mobile network security tests* are NOT compatible with all devices. 
46 51 Patrick
47 51 Patrick
If a device is not compatible for the mobile network security tests, the app will grey this area out and display a "network test and attack detection require root" notice. 
48 51 Patrick
49 51 Patrick
!{width: 10%;}SnSn2_menu_noroot.png! 
50 51 Patrick
51 51 Patrick
h3. Requirements for mobile network security tests
52 51 Patrick
53 51 Patrick
Due to the nature of the actions required to perform the mobile network security tests, these features are only compatible on devices with:
54 51 Patrick
55 51 Patrick
* *Root privileges* enabled
56 51 Patrick
* Qualcomm-based chipset (see [[DeviceList|device list]])
57 51 Patrick
* *Stock* Android ROM, version 4.1.2 or higher
58 1 Alex
Note: Custom Android ROMs like CyanogenMod may or may not work, depending on the availability of a Qualcomm DIAG kernel driver (DIAG_CHAR).
59 2 Alex
60 51 Patrick
For additional information specific to utilizing SnoopSnitch's mobile network security tests, please refer to our *[[FAQ]]*.
61 1 Alex
62 51 Patrick
*Incompatible Devices* for mobile network security tests:
63 1 Alex
64 51 Patrick
The following devices have been found to be incompatible and can *not* be used with SnoopSnitch's mobile network tests:
65 51 Patrick
66 51 Patrick
* *Unsupported.* Every device *without* Qualcomm chipset
67 22 Alex
* *Unsupported.* Devices with custom ROM such as CyanogenMod which lacks the Qualcomm DIAG kernel driver (DIAG_CHAR)
68 23 Alex
* *Unsupported.* Samsung Galaxy S2 & S3
69 2 Alex
* *Unsupported.* Nexus 5 with stock Android
70 12 Alex
* *Unsupported.* Huawei Ascend Y300
71 12 Alex
72 51 Patrick
*Disclaimer regarding mobile network security tests*
73 2 Alex
74 51 Patrick
The mobile network security tests include an active part. First, your phone will place outgoing calls to a dedicated number. This number will always be busy and never answer in order to rule out voice charges as best as we can.
75 2 Alex
76 17 Alex
Second, your phone will send SMS short messages to an invalid number. In some cases, we saw operators charging for these kind of transactions transactions. Hence, please have an eye on your phone bill when performing active tests using SnoopSnitch. To control for involuntary charges, we strongly advise the use of a dedicated pre-paid SIM card for these tests.
77 2 Alex
78 24 Alex
Furthermore, our call server will call your phone and send test SMS during the active test. To avoid unnecessary costs on our side, *DO NOT PICK UP OR REJECT AUTOMATIC CALLS FROM OUR SERVER*. If you pick up a call or have a mailbox or auto-answer feature configured that picks up the call automatically you may get blacklisted and cannot use our service anymore. Please see our [[Banned]] wiki page for details.
79 2 Alex
80 51 Patrick
For additional information specific to utilizing SnoopSnitch's mobile network security tests, please refer to our *[[FAQ]]*.
81 2 Alex
82 51 Patrick
h2. Download:
83 2 Alex
84 51 Patrick
* "Pre-compiled .apk from Google Play Store":https://play.google.com/store/apps/details?id=de.srlabs.snoopsnitch
85 51 Patrick
* "Pre-compiled .apk from F-Droid":https://f-droid.org/repository/browse/?fdid=de.srlabs.snoopsnitch
86 51 Patrick
* "Pre-compiled .apk":https://opensource.srlabs.de/attachments/download/136/SnoopSnitch-1.0.3.apk (SHA1: 221444eb1c63498bf045b5504d729023def51396)
87 51 Patrick
* Source Code: <pre>git clone --recursive https://opensource.srlabs.de/git/snoopsnitch.git</pre>
88 2 Alex
89 51 Patrick
SnoopSnitch is released under the GPL v3 license (cf. source:COPYING). The app is known to built under Linux and OS X, see source:README for build instructions.
90 51 Patrick
91 51 Patrick
h2. Mailing list
92 51 Patrick
93 50 Luca
A public mailing list for discussions is "here":https://lists.srlabs.de/cgi-bin/mailman/listinfo/gsmmap
94 50 Luca
For specific questions to the snoopsnitch-team that do not require or permit public discussion, please contact us directly at *snoopsnitch [you know what to put here] srlabs.de*
95 50 Luca
96 51 Patrick
h2. Version history
97 48 Luca
98 48 Luca
Version 1.0.3
99 48 Luca
100 48 Luca
* Improved error handling
101 48 Luca
102 44 Jakob
Version 1.0.2
103 44 Jakob
104 44 Jakob
* Improved compatibility with newer Android versions and devices
105 44 Jakob
* Configurable notifications
106 44 Jakob
107 44 Jakob
Version 1.0.1
108 40 Jakob
109 40 Jakob
* Android 5 and 6 support
110 40 Jakob
* Improved reliability of active test
111 40 Jakob
* Better support for LG phones
112 40 Jakob
113 40 Jakob
Version 1.0.0
114 40 Jakob
115 40 Jakob
* Wireshark/pcap export
116 35 Jakob
* Improved IMSI catcher metric
117 35 Jakob
* Lower battery impact
118 35 Jakob
* Autonomous upload option
119 35 Jakob
* Daily measurement option
120 35 Jakob
121 35 Jakob
Version 0.9.8
122 35 Jakob
123 32 Jakob
* Improved catcher detection
124 35 Jakob
* Reduced memory consumption
125 32 Jakob
* 4G data collection and basic analysis
126 32 Jakob
* Various enhancements and bug fixes 
127 32 Jakob
128 32 Jakob
Version 0.9.7
129 32 Jakob
130 28 Alex
* Improve detection of type 1 catchers and silent calls
131 28 Alex
* Reduce false positive rate
132 28 Alex
* Upload anonymized metadata additionally to radio traces
133 28 Alex
* Various enhancements and bug fixes
134 28 Alex
135 28 Alex
Version 0.9.5
136 26 Alex
137 26 Alex
* Make detection run automatically on boot
138 26 Alex
* Support LTE active tests
139 26 Alex
* Improve detection of 2G/3G catchers
140 26 Alex
* Detect empty WAP pushes
141 26 Alex
142 26 Alex
Version 0.9.4
143 25 Alex
144 25 Alex
* Improve type 1 catcher and silent SMS detection
145 25 Alex
* Implement network info screen
146 25 Alex
* Detect malfunctioning baseband interface
147 25 Alex
* Various enhancements and bug fixes
148 25 Alex
149 1 Alex
Version 0.9.3
150 21 Alex
151 21 Alex
* Support Android 5
152 21 Alex
* Fix initialization issue on newer devices
153 21 Alex
* Translation to German and Dutch
154 21 Alex
155 21 Alex
Version 0.9.2
156 13 Alex
157 13 Alex
* Fixed app lock-up issues
158 13 Alex
* Improved device compatibility check
159 13 Alex
* Handled unsupported LTE gracefully
160 13 Alex
161 2 Alex
Version 0.9.1
162 1 Alex
163 21 Alex
* Fix problem where SnoopSnitch would leave the phone muted after a test
164 2 Alex
* Remove issue with disappearing (Skype) dialing dialogs
165 42 Linus
* Resolved performance issue in analysis
166 42 Linus
167 42 Linus
Version 0.9.0
168 43 Linus
169 42 Linus
* Initial public release
170 1 Alex
171 1 Alex
h1. Training Material
172 1 Alex
173 1 Alex
As a primer to the snoopsnitch detection approach, we have prepared a set of hands-on "training material":https://opensource.srlabs.de/attachments/download/114/snoopsnitch_training_material.zip.
174 1 Alex
It contains network traces of IMSI catcher attacks and silent SMS and an analysis guide.