Git Product home page Git Product logo

Comments (8)

romankh avatar romankh commented on May 19, 2024

Hi,

if it doesnt find the key, it should just print out that the key could not be found.
Are the bursts 1179171,...,1179175 in the burst file you provided ?

from gsm-assessment-toolkit.

hncaga avatar hncaga commented on May 19, 2024

Hi, i dont know exactly if those bursts are in the file. for testing purposes, i just saved the bursts file in /tmp/ directory. this happens to me everytime i run the a51_kraken module. always throwing the:

ERROR: unhandled exception in Plugin command a51_kraken.
Message was:

not just this sample bursts file. so im wondering if im doing it wrong. or is it a bug. i also encountered this in a fresh installed ubuntu 16.04 but the error is still the same. before, im also encountering the same error in #10 but its working now after the commit.

thanks a lot
HNC

from gsm-assessment-toolkit.

romankh avatar romankh commented on May 19, 2024

Bug is likely, there were some changes in gr-gsm, I need to do some more investigations, that will take a few days. For example, it looks like the data decoded of at least some of my testdata changed since my last update of gr-gsm.

The easiest way to check if those bursts are in the file:

  • start a wireshark recording session, if wireshark is installed, use wireshark in gat
  • run decode -t 1 --bursts /tmp/sample.bursts
  • see if those framenumbers are in the wireshark capture

If you like, you can also send me a capture that is producing the error, I wont publish or use it for anything other than debugging

from gsm-assessment-toolkit.

hncaga avatar hncaga commented on May 19, 2024

Hello, i tried to use the a51_kraken module again. here are the commands and output that ive got. where can i send the burst file?

gat > capture_rtlsdr -b P-GSM -f 941740000 --bursts /tmp/sample.bursts --length 120
gr-osmosdr v0.1.4-77-g2a2236cc (0.1.5git) gnuradio 3.7.11
built-in source types: file fcd rtl rtl_tcp uhd hackrf bladerf rfspace airspy redpitaya 
Using device #0 Generic RTL2832U SN: 77771111153705700
Detached kernel driver
Found Rafael Micro R820T tuner
[R82XX] PLL not locked!
Exact sample rate is: 2000000.052982 Hz
[R82XX] PLL not locked!

gat > analyze immediate --bursts /tmp/sample.bursts -m BCCH_SDCCH4
FNR  TYPE  TIMESLOT  TIMING ADVANCE  SUBCHANNEL HOPPING

=============================================================================
| FNR     | TYPE     | TIMESLOT  | TIMING ADVANCE  | SUBCHANNEL  | HOPPING  |
=============================================================================
| 338152  | SDCCH/8  | 1         | 0               | 4           | N        |
-----------------------------------------------------------------------------
| 337534  | SDCCH/8  | 3         | 1               | 1           | Y        |
-----------------------------------------------------------------------------
| 328425  | SDCCH/8  | 1         | 1               | 5           | N        |
-----------------------------------------------------------------------------

gat > analyze cipher --bursts /tmp/sample.bursts -m SDCCH8 -t 1
CMCs:
Framenumber: 328613   A5/1
Framenumber: 338350   A5/1

gat > a51_kraken --bursts /tmp/sample.bursts --frame-cmc 328613 -m SDCCH8 -t 1 -v
Cipher Mode Command at 328613
Using SDCCH message bursts 328664 - 328668
Cracking Burst : 100000011101010000010111101100000010001110111111100000011101011111001101000110010001001111110110000001111011010101
Cracking Burst : 111010000101101000110101011010011111001110011000001111011001110001111011100001010011000101100100011010001000010111
Cracking Burst : 000101100100000110111011011010110110100001000111101010101110101011001011101011001101011111101110011011001011110101
Cracking Burst : 010001110001111010000110100001000101010011111001011110111011100100001100011110010111111011010100110100101111000100
Using SDCCH message bursts 328715 - 328719
Cracking Burst : 110000000111010101010111001001100011111110110101110100100100110000001111110101010110100110111101100010111101110101
Cracking Burst : 101000001000001110010101111010000101110001010000011010001101111100101000011011110001011010110100101101011111110000
Cracking Burst : 110110110110100100010010111111100110011100000101101101010111010110011101000010000000010100111111100111000000101100
Cracking Burst : 000110111000011000001000111110001010101100000001101100010001000111001010010011101010111110001100100001100110000110
Using SDCCH message bursts 328766 - 328770
Cracking Burst : 011111010111010000100101111100010011100110000100110000000111011110011000010101010101110101010000010100111101011110
Cracking Burst : 010110011111000011110011010011001111101100111011010010010111100100111001001001011001011000110010010111101100101011
Cracking Burst : 000000011110001101001000110110101100110111101001101010111101111010010111011111101100000110101111010011001001000010
Cracking Burst : 111010101110101101100111011001010111110001101111100010011101111010010101100111101101001101101001101110000110011010
Using SDCCH message bursts 328817 - 328821
Cracking Burst : 001001111001010001111001010000001101111110000010101110000100110101000011000001111011110010110110100010010100000111
Cracking Burst : 101111100100100100000101000010001011100000000101010101011001100001011001110001001100110111100110000010101110101111
Cracking Burst : 000111111010000100100011011011101000011000000100110110010000101010000110000101001101100010110000101100101000110010
Cracking Burst : 010000100100000101111111010001011111111100100100111100010001111111000110011000000100011111100011111000100101111011
Using SDCCH message bursts 328868 - 328872
Cracking Burst : 001000011111100111100100100001111011100101111101110001101110110111100110010111011110001111100111111111000100111010
Cracking Burst : 011010110010110110101101001111000001101000001001100111110011000101011101100110001101000111101100010001111011011010
Cracking Burst : 010101100000011011100001110110010010010100100111011010010101100000101000001000010001001010010100110110000100110001
Cracking Burst : 000101011101001000100011110001000001110011111100100100011010101000101101010111011100110100101001010100001000011010
ERROR: unhandled exception in Plugin command a51_kraken.
Message was: 

gat >

i modified the a51_kraken temporarily to show the current bursts while testing.

by the way, i have a bladerf sdr and if theres anything that i can do to make it compatible to gat, im willing to contribute. thanks

HNC

from gsm-assessment-toolkit.

romankh avatar romankh commented on May 19, 2024

Please send it to [email protected]
It could take until the weekend until I have a fix

Regarding bladerf and contribution:
I would like to have more hardware supported, so that would be great.
Do you have any working flowgraph for gr-gsm, that uses hackrf and you could provide ?
I think it shouldnt be a problem to support bladerf,

from gsm-assessment-toolkit.

hncaga avatar hncaga commented on May 19, 2024

Email sent sir. I will try to generate cfile and burst file using bladerf this afternoon. will also send you the .grc
Thanks

from gsm-assessment-toolkit.

romankh avatar romankh commented on May 19, 2024

Ok, I found the reason for that exception.
I missed to document a dependency, i.e. a external library that must be installed on your computer for the SACCH attack.

What you need to do is download, build and install gsmframecoder.tar.gz on your system. It needs to be in the path, so that you can call it from commandline.

I will add some documentation about that tomorrow, and will open an issue to find a better solution for that.

from gsm-assessment-toolkit.

hncaga avatar hncaga commented on May 19, 2024

yap! got it. I thought the function of gsmframecoder is already coded in gat, Before, even in manual cracking, i used to place gsmframecoder (including find_kc) in the same working directory.

i forgot that i also encountered the same error here in gat when i forgot to copy the find_kc file in the same folder. I think this issue has been resolved. I will send the bladerf sample bursts and other files including .grc later. Thanks a lot

from gsm-assessment-toolkit.

Related Issues (15)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.