ansbius
ansbius

SMS Sniffer

2017/04/23 2G - GSM - moto c118

0x00
连接线与TTL的接法
黑/黄:GND
红:TX
白:RX
安装依赖包

1
#sudo apt-get -y install libtool shtool autoconf git-core pkg-config make gcc

0x01
安装libosmocore源码包

1
2
3
4
5
# cd /opt
# git clone git://git.osmocom.org/libosmocore.git
# cd libosmocore/ $ autoreconf -i $ ./configure
# make $ sudo make install$ ldconfig
# cd ..

0x02
安装交叉编译环境(之后可以用精简编译环境)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# cd /opt
# mkdir GnuArmToolchain
# cd GnuArmToolchain
# wget http://bb.osmocom.org/trac/raw-attachment/wiki/\
GnuArmToolchain/gnu-arm-build.2.sh
# chmod +x gnu-arm-build.2.sh
# sudo apt-get -y install build-essential libgmp3-dev libmpfr-dev libx11-6 \
libx11-dev texinfo flex bison libncurses5 libncurses5-dbg libncurses5-dev \
libncursesw5 libncursesw5-dbg libncursesw5-dev zlibc zlib1g-dev \
libmpfr4 libmpc-dev
# mkdir build install src
# cd src/$ wget http://ftp.gnu.org/gnu/gcc/gcc-4.5.2/gcc-4.5.2.tar.bz2
# wget http://ftp.gnu.org/gnu/binutils/binutils-2.21.1a.tar.bz2
# wget ftp://sources.redhat.com/pub/newlib/newlib-1.19.0.tar.gz
# cd ..
# ./gnu-arm-build.2.sh

I will build an arm-elf cross-compiler:

Prefix: /install
Sources: /src
Build files: /build

Press ^C now if you do NOT want to do this.

按任意键编译 完成之后添加以下环境变量到~/.bashrc

1
# export PATH=$PATH:/opt/GnuArmToolchain/install/bin

重起

1
# bash -c 'echo "export PATH=$PATH:/opt/GnuArmToolchain/install/bin" > /etc/bash.bashrc'

0x03
安装osmocom-bb

1
2
3
4
5
6
# cd /opt
# git clone git://git.osmocom.org/osmocom-bb.git
# cd osmocom-bb
# git checkout --track origin/luca/gsmmap
# cd src
# make

0x04
模块连接

1.连接USB

1
# lsusb

2.刷固件

1
2
3
4
5
# cd /opt/osmocom-bb/src/host/osmocon/
# ./osmocon -m c123xor -p /dev/ttyUSB0 ../../target/firmware/board/\
compal_e88/layer1.compalram.bin
# cd /opt/osmocom-bb/src/host/layer23/src/misc
# ./cell_log -O

找一个PWR绝对值在75以下的,绝对值越低表明信号越强,为下一步ccch_scan -a的参数做准备

1
# ./ccch_scan -i 127.0.0.1 -a 64

再打开一窗口运行

1
# wireshark -k -i lo -f 'port 4729'

Author: xssor

Link: https://blog.xssor.net/2017/04/23/SMS Sniffer/

Copyright: ansbius

< PreviousPost
IP段和常见端口
NextPost >
无线审计
CATALOG