Project

General

Profile

Wiki » History » Version 66

Daniel, 05/11/2022 09:14 PM
Replace repository url

1 2 Alex
h1. SnoopSnitch
2
3 51 Patrick
SnoopSnitch is an open source Android app that offers users the opportunity to test the security of their mobile devices as well as of the mobile networks to which their devices connect. 
4 2 Alex
5 51 Patrick
!{width: 10%;}SnSn2_menu_yesroot.png!   !{width: 10%;}SnSn2_menu_yesroot03.png! !{width: 10%;}SnSn2_patch_results03.png! !{width: 10%;}SnSn2_patch_results01.png!
6 3 Alex
7 51 Patrick
SnoopSnitch offers two core security testing features:
8 1 Alex
9 51 Patrick
h3. SnoopSnitch - Android patch level analysis
10 1 Alex
11 51 Patrick
SnoopSnitch's latest feature are tests to analyze whether a device’s build of the Android mobile operating system is missing security patches. The goal of this test is to identify if any patches are missing that should be included relative to the device’s current security patch level date. 
12
13
This feature was introduced as part of the major 2.0 version update for SnoopSnitch. 
14
For more information on our Android patch level analysis, you can review our presentation from Hack-in-the-box 2018 where we debuted and discussed the 2.0 version of SnoopSnitch [1]
15
16
h3. SnoopSnitch - Mobile network security tests
17
18
SnoopSnitch's original security tests focus on identifying potential attacks or surveillance against an individual device from the mobile network. SnoopSnitch collects and analyzes mobile radio data to make you aware of the overall security of the mobile network to which your device is connected and to warn you about threats like fake base stations (IMSI catchers), user tracking, and over-the-air updates. With SnoopSnitch you can use the data collected in the GSM Security Map at gsmmap.org and contribute your own data to GSM Map.
19
20
For more information about the mobile network security tests, you can review our presentation from 31c3 2014 where we debuted and discussed the initial 0.9 version of SnoopSnitch [2] 
21
22
[1] https://conference.hitb.org/hitbsecconf2018ams/sessions/mind-the-gap-uncovering-the-android-patch-gap-through-binary-only-patch-level-analysis/
23
[2] https://www.youtube.com/watch?v=qpW9o4SP3K8&feature=youtu.be
24
25
26
h2. Documentation
27
28
For additional details on SnoopSnitch please refer to our *[[FAQ]]*.
29
30
You can also review our [[Privacy_Policy]]
31
32 1 Alex
See which [[Android application permissions]] are required to run SnoopSnitch.
33
34 51 Patrick
Learn about SnoopSnitch's [[IMSI Catcher Score| IMSI catcher metric]].
35 1 Alex
36 51 Patrick
37
h2. Requirements:
38
39
SnoopSnitch is an app designed for use on *Android devices only*. SnoopSnitch will not work on Apple products. 
40
41 65 Daniel
SnoopSnitch can be installed on devices with Android OS version 4.4 or higher. 
42 51 Patrick
43
The *Android patch level analysis* tests are compatible with all devices.
44
45
The *mobile network security tests* are NOT compatible with all devices. 
46
47
If a device is not compatible for the mobile network security tests, the app will grey this area out and display a "network test and attack detection require root" notice. 
48
49
!{width: 10%;}SnSn2_menu_noroot.png! 
50
51
h3. Requirements for mobile network security tests
52
53
Due to the nature of the actions required to perform the mobile network security tests, these features are only compatible on devices with:
54
55
* *Root privileges* enabled
56
* Qualcomm-based chipset (see [[DeviceList|device list]])
57 65 Daniel
* *Stock* Android ROM, version 4.4 or higher
58 1 Alex
Note: Custom Android ROMs like CyanogenMod may or may not work, depending on the availability of a Qualcomm DIAG kernel driver (DIAG_CHAR).
59 2 Alex
60 51 Patrick
For additional information specific to utilizing SnoopSnitch's mobile network security tests, please refer to our *[[FAQ]]*.
61 1 Alex
62 51 Patrick
*Incompatible Devices* for mobile network security tests:
63 1 Alex
64 51 Patrick
The following devices have been found to be incompatible and can *not* be used with SnoopSnitch's mobile network tests:
65
66
* *Unsupported.* Every device *without* Qualcomm chipset
67 22 Alex
* *Unsupported.* Devices with custom ROM such as CyanogenMod which lacks the Qualcomm DIAG kernel driver (DIAG_CHAR)
68 23 Alex
* *Unsupported.* Samsung Galaxy S2 & S3
69 2 Alex
* *Unsupported.* Nexus 5 with stock Android
70 12 Alex
* *Unsupported.* Huawei Ascend Y300
71
72 51 Patrick
*Disclaimer regarding mobile network security tests*
73 2 Alex
74 51 Patrick
The mobile network security tests include an active part. First, your phone will place outgoing calls to a dedicated number. This number will always be busy and never answer in order to rule out voice charges as best as we can.
75 2 Alex
76 17 Alex
Second, your phone will send SMS short messages to an invalid number. In some cases, we saw operators charging for these kind of transactions transactions. Hence, please have an eye on your phone bill when performing active tests using SnoopSnitch. To control for involuntary charges, we strongly advise the use of a dedicated pre-paid SIM card for these tests.
77 2 Alex
78 24 Alex
Furthermore, our call server will call your phone and send test SMS during the active test. To avoid unnecessary costs on our side, *DO NOT PICK UP OR REJECT AUTOMATIC CALLS FROM OUR SERVER*. If you pick up a call or have a mailbox or auto-answer feature configured that picks up the call automatically you may get blacklisted and cannot use our service anymore. Please see our [[Banned]] wiki page for details.
79 2 Alex
80 51 Patrick
For additional information specific to utilizing SnoopSnitch's mobile network security tests, please refer to our *[[FAQ]]*.
81 2 Alex
82 51 Patrick
h2. Download:
83 2 Alex
84 51 Patrick
* "Pre-compiled .apk from Google Play Store":https://play.google.com/store/apps/details?id=de.srlabs.snoopsnitch
85
* "Pre-compiled .apk from F-Droid":https://f-droid.org/repository/browse/?fdid=de.srlabs.snoopsnitch
86 65 Daniel
* "Pre-compiled .apk":https://opensource.srlabs.de/attachments/download/188/SnoopSnitch-2.0.12.apk (SHA256: f7f76d4888cdf01877573e578f30a6f9fb6e2cc6f08e8541668f563c6127980e)
87 66 Daniel
* Source Code: <pre>git clone --recursive git@github.com:srlabs/snoopsnitch.git</pre>
88 2 Alex
89 51 Patrick
SnoopSnitch is released under the GPL v3 license (cf. source:COPYING). The app is known to built under Linux and OS X, see source:README for build instructions.
90
91
h2. Mailing list
92
93 50 Luca
A public mailing list for discussions is "here":https://lists.srlabs.de/cgi-bin/mailman/listinfo/gsmmap
94
For specific questions to the snoopsnitch-team that do not require or permit public discussion, please contact us directly at *snoopsnitch [you know what to put here] srlabs.de*
95
96 1 Alex
h2. Version history
97 63 Daniel
98
Version 2.0.12:
99 1 Alex
100 65 Daniel
* Now supports twice as many security patch tests
101
* Adds security patch tests for Android 12 (tests for 12L will follow in the next months) 
102 63 Daniel
* Significant performance improvements
103
* Various bug fixes
104 62 Daniel
105
Version 2.0.11:
106
107
* Support for new test type
108
* Restricted upload of certain build properties
109
* Integrated Privacy Policy and updated Prominent Disclosure
110
* Stability improvements
111
* Bug fixes
112 52 Patrick
113 60 Daniel
Version 2.0.10:
114
115
* Support 64-bit architectures
116
117 58 Jonas
Version 2.0.9:
118
119
* Fixed autostarting mobile network security test on boot 
120
* Fixed notifications on Android OS versions >= 8.0
121
* Minor bugfix
122
123 56 Jonas
Version 2.0.8:
124
125
* Support for new patch analysis test type
126
* Performance improvements of patch analysis
127
* Bugfixes
128
* Additional status messages when performing patch analysis tests
129
130
Version 2.0.7:
131
132
* improved network technology detection
133
* small UI fixes
134
135 55 Lukas
Version 2.0.1 - 2.0.6:
136 52 Patrick
137
* bugfixes and stability improvements
138
* additional UI/UX improvements
139
140
Version 2.0:
141
142
* introduction of Android patch analysis feature (+ restructuring and improving UI )
143
* reduced battery consumption 
144 48 Luca
145
Version 1.0.3
146
147
* Improved error handling
148
149 44 Jakob
Version 1.0.2
150
151
* Improved compatibility with newer Android versions and devices
152
* Configurable notifications
153
154
Version 1.0.1
155 40 Jakob
156
* Android 5 and 6 support
157
* Improved reliability of active test
158
* Better support for LG phones
159
160
Version 1.0.0
161
162
* Wireshark/pcap export
163 35 Jakob
* Improved IMSI catcher metric
164
* Lower battery impact
165
* Autonomous upload option
166
* Daily measurement option
167
168
Version 0.9.8
169
170 32 Jakob
* Improved catcher detection
171 35 Jakob
* Reduced memory consumption
172 32 Jakob
* 4G data collection and basic analysis
173
* Various enhancements and bug fixes 
174
175
Version 0.9.7
176
177 28 Alex
* Improve detection of type 1 catchers and silent calls
178
* Reduce false positive rate
179
* Upload anonymized metadata additionally to radio traces
180
* Various enhancements and bug fixes
181
182
Version 0.9.5
183 26 Alex
184
* Make detection run automatically on boot
185
* Support LTE active tests
186
* Improve detection of 2G/3G catchers
187
* Detect empty WAP pushes
188
189
Version 0.9.4
190 25 Alex
191
* Improve type 1 catcher and silent SMS detection
192
* Implement network info screen
193
* Detect malfunctioning baseband interface
194
* Various enhancements and bug fixes
195
196 1 Alex
Version 0.9.3
197 21 Alex
198
* Support Android 5
199
* Fix initialization issue on newer devices
200
* Translation to German and Dutch
201
202
Version 0.9.2
203 13 Alex
204
* Fixed app lock-up issues
205
* Improved device compatibility check
206
* Handled unsupported LTE gracefully
207
208 2 Alex
Version 0.9.1
209 1 Alex
210 21 Alex
* Fix problem where SnoopSnitch would leave the phone muted after a test
211 2 Alex
* Remove issue with disappearing (Skype) dialing dialogs
212 42 Linus
* Resolved performance issue in analysis
213
214
Version 0.9.0
215 43 Linus
216 42 Linus
* Initial public release
217 1 Alex
218
h1. Training Material
219
220
As a primer to the snoopsnitch detection approach, we have prepared a set of hands-on "training material":https://opensource.srlabs.de/attachments/download/114/snoopsnitch_training_material.zip.
221
It contains network traces of IMSI catcher attacks and silent SMS and an analysis guide.