Interested to join the project

Drasko DRASKOVIC drasko.draskovic at
Fri Jun 3 23:10:25 UTC 2011

And yes, I just forgot, but I think it would be also very instructive
for you to study some of these video presentations :

27c3: Running your own GSM stack on a phone :

25c3: Anatomy of smartphone hardware :

DEFCON 18: Practical Cellphone Spying :

Intercepting GSM Traffic :

25c3: Running your own GSM network :

27C3] (en) Wideband GSM Sniffing :

Shmoocon 2010: GSM: SRSLY? :

HAR 2009: Airprobe :

Black Hat USA 2010: Attacking GSM Base Station Systems and Mobile
Phone Base Bands :

Blackhat 2010 Attacking Phone Privacy Karsten Nohl :

HAR 2009: Cracking A5 GSM encryption :

LayerOne 2008 - David Hulton - Intercepting Mobile Phone/GSM :

[27C3] (en) SMS-o-Death :

Brucon 2010: GSM security: fact and fiction :
and presentation slides for this one :

Some GSM lectures that might help :
RohitAcademy :

This should give you a broader picture what is this about and quickly
lead you to other sources...


On Sat, Jun 4, 2011 at 12:34 AM, Drasko DRASKOVIC
<drasko.draskovic at> wrote:
> On Thu, Jun 2, 2011 at 4:43 AM, pramod krishna <pramodcs47 at> wrote:
>> HI
>>  This is pramod. I am currently working with mobile platforms. How can i
>> contribute to your project or start working with your project.
> Hi Pramod,
> I can list few instructions how to quickly start with OsmocomBB project :
> 1) Get one of supported target phones. This will be your dev-board.
> List of the phones can be found on the OsmocomBB site. I reccomend you
> to start with Motorola C123 as it is the project's primary target and
> it is probably best supported.
> 2) Get the appropriate CalypsoSerialCable, or T191 Unlock Cable
> ( so you can
> connect your phone to the development host and upload your firmware. I
> suggest you USB variant, as I had problems with two RS232 models -
> none worked correctly giving 5V output instead of needed 3.3V.
> 3) Get crosss-compiler, if you not already have one. You can compile
> it your self (I personally prefer this method) - there various scripts
> and you can even use crosstool-ng for this
> ( In any case you will
> find instructions here :
> 4) Get and build OsmocomBB with your new toolchain. Insrtuctions are
> here :
> OK, now you are ready to start playing with OsmocomBB :
> 5) Check out if your equipment runs well by executing one Hello World
> on your phone. Locate osmocon program and do :
> $ ./osmocon -p /dev/ttyUSB1 -m c123xor
> ../../target/firmware/board/compal_e88/hello_world.compalram.bin
> Now press shortly ON button on your phone (do not hold, you don't
> really want to turn it on and start phone's bootloader which will load
> the Motorola's soft).
> As you can see from the command line, I am using USB cable connected
> to my phone, and I am using Motorola C123. This loads hello_world
> binary into the RAM and execute it. You should see "Hello World"
> message on your display, which will flash.
> N.B :Press "ON/OFF" button to turn this OFF __before__ disconnecting
> from osmocon program !
> 6) If all that works, you are ready to load some real protocol stack
> software. First :
> $ ./osmocon -p /dev/ttyUSB1 -m c123xor
> ../../target/firmware/board/compal_e88/layer1.compalram.bin
> (still do not press ON button)
> then :
> $ ./mobile -i
> It wil open a Unix socket and will be ready to exchange messages with
> Layer1 phone in your RAM via RS232 cable. You can now press ON button
> (shortly, again), and system will start running - Layer1 will be
> uploaded to phone's RAM and mobile application will act as Layer23
> part of the PS, getting all the measurements from neighbor cells,
> etc...
> 7) At this point you would probably want to telnet to OsmocomBB :
> $ telnet localhost 4247
> Trying ::1...
> Trying
> Connected to localhost.
> Escape character is '^]'.
> Welcome to the OsmocomBB control interface
> OsmocomBB>
> At this point probably nothing will work. It is because you either do
> not have SIM card inserted in your phone, or even if you have it -
> OsmocomBB code on the master branch has a broken SIM controller
> driver. You can get some more information here :
> At this point there are 3 existing strategies :
> 1. Check out Sylvain's testing branch for a working on-phone SIM driver
> 2. Use the SAP interface to a PC/SC smartcard reader with SIM inserted.
> 3. If you want to use GSM test set instead of real network, use test sim
>  functionality of mobile
> Since option 3) is out of the question for me, because I do not have
> private GSM network, and option 1) seems more advanced soulution for
> what I want to obtain, I am trying at this point to investigate option
> 2), i.e. to use PC/SC smartcard reader with SIM inserted.
> Seems like you will need the SIM to get any signal routed through
> Wireshark, but I am not sure. I will have to post this question to the
> list and see if someone can help us from here on.
> I hope this helps, and I encourage you to share your experiences and
> beginner problems at this list, as I am doing. Many people who are
> starting with this project will surely benefit from these experiences,
> and do not expect more advanced hackers to write these long
> explanations - this should be done by the people who are catching up
> and are helping others catch up fast.
> Best regards,
> Drasko

More information about the baseband-devel mailing list