MENU

利用c118进行GSM嗅探

August 13, 2019 • Read: 6 • • 阅读设置

[Toc]

0x01 硬件连接


红 TXD   //TXD是发送数据的引脚

白 RXD   //RXD是接收数据的引脚

蓝 GND  //GND是接地引脚

_

0x02 更新Kali环境


sudo apt-key adv --keyserver pgp.mit.edu --recv-keys ED444FF07D8D0BF6

sudo apt-get update

_

0x03 安装依赖环境


sudo apt-get install build-essential libgmp3-dev libmpfr-dev libx11-6 libx11-dev texinfo flex bison libncurses5 libncurses5-dbg libncurses5-dev libncursesw5 libncursesw5-dbg libncursesw5-dev zlibc zlib1g-dev libmpfr4 libmpc-dev



sudo apt install libtool shtool automake autoconf git-core pkg-config make gcc



sudo apt-get install build-essential libtool libtalloc-dev shtool autoconf automake git-core pkg-config make gcc



sudo apt-get install libpcsclite-dev


0x04 创建ARM编译环境


mkdir armtoolchain

cd armtoolchain

wget https://osmocom.org/attachments/download/2052/gnu-arm-build.3.sh

sudo chmod +x gnu-arm-build.3.sh



mkdir build install src

cd src

wget https://ftp.gnu.org/gnu/gcc/gcc-4.8.2/gcc-4.8.2.tar.bz2(报错就换gcc-7.2.0.tar.gz)

wget https://ftp.gnu.org/gnu/binutils/binutils-2.21.1a.tar.bz2

wget ftp://sources.redhat.com/pub/newlib/newlib-1.19.0.tar.gz



cd ..

./gnu-arm-build.3.sh



export PATH=$PATH:home/kbdancer/armtoolchain/install/bin

source /home/kbdancer/.bashrc

__

0x05 编译osmocombb


git clone git://git.osmocom.org/libosmocore.git

cd libosmocore/

autoreconf -i

./configure

make

sudo make install

sudo ldconfig -i

cd ..

git clone git://git.osmocom.org/osmocom-bb.git

cd osmocom-bb

git pull --rebase

cd src

make

_

0x06 运行测试


lsusb //查看usb设备



cd host/osmocon/

sudo ./osmocon -p /dev/ttyUSB0 -m c123xor ../../target/firmware/board/compal_e88/layer1.compalram.bin (如果出现问题使用-m c123参数。)



然后轻触手机的开机键,屏幕上会显示刷入固件的一些信息,至此固件刷入成功。

_

0x07 测试ARFCN频点扫描


cd armtoolchain/osmocom-bb/src/host/layer23/src/misc/

sudo ./cell_log -O

CTRL+C结束掉ARFCN(注意:有的分支不需要手动结束,扫描完成之后会自动结束),直接如下命令进行嗅探测试 

sudo ./ccch_scan -i 127.0.0.1 -a 2



sudo wireshark

输入gsm_sms过滤


_

0x08 引用

[Ubuntu 编译 OsmocomBB 环境 [更新2017-10-24]](https://www.92ez.com/?action=show&id=23458)

GSM Hacker详解(SMS)

GSMSniffer

GSM Sniffer环境--c118+osmocombb