From robert.steve07 at gmail.com Mon Aug 1 06:53:04 2016 From: robert.steve07 at gmail.com (robert) Date: Mon, 1 Aug 2016 09:53:04 +0300 Subject: rx sensitivity issue In-Reply-To: References: Message-ID: <97034CB9-DB0A-4945-B2D4-29CB1C9A677F@gmail.com> Hi, I found out that the main reason for not being able to connect is TX power and not RX gain. By setting tx-power to ?0' instead of ?auto? I solved my issue. Although I still think that the sensitivity is not perfect. Best regards, On Jul 30, 2016, at 4:31 PM, Vadim Yanitskiy wrote: > Hi Robert, > > There are many possible issues, which can cause your problem. > So, it would be good to see more details. Please, prepare two > measurements using cell_log application: one inside any > building, and another one outside. Attach both outputs from > the cell_log and from the osmocon. > > I have several phones, and some of them have different RX > signal level. I think, it's due to individual calibration > tables, which aren't used in OsmocomBB firmware. > > BTW: if your phone's case is open, make sure that antenna is > connected to the phone's board. > > With best regards, > Vadim Yanitskiy. From sami.0jacob0 at gmail.com Mon Aug 1 14:22:26 2016 From: sami.0jacob0 at gmail.com (sami) Date: Mon, 1 Aug 2016 17:22:26 +0300 Subject: osmocombb paging group problem In-Reply-To: References: <60EA8F12-AB37-4BB2-BDFA-51F5ADB39655@gmail.com> Message-ID: <445C1E56-B9FB-4BF3-BC1B-EE2A6E4EB987@gmail.com> Can anyone guide me through the steps for modifying the code to fix this issue ? On Jul 25, 2016, at 7:34 PM, sami wrote: > Dear all, > > I have been testing the mobile app for some time but I faced a small problem where not all my sim cards work fine when listening to paging messages. I have seen the patch presented by Harald Welte and I printed the value of ?tn? and found out that it is always 0 whatever the IMSI of the sim card is. Did I miss something or is the paging group part still not implemented in the mobile app. > > I really appreciate any help. > From axilirator at gmail.com Fri Aug 5 07:06:36 2016 From: axilirator at gmail.com (Vadim Yanitskiy) Date: Fri, 5 Aug 2016 13:06:36 +0600 Subject: osmocombb paging group problem Message-ID: Hi, My advice you is to stop waiting for someone, who will help you. Just try to dig into the source code yourself, it's interesting! And in case of any successes, patches are welcome. With best regards, Vadim Yanitskiy. -------------- next part -------------- An HTML attachment was scrubbed... URL: From sami.0jacob0 at gmail.com Fri Aug 5 07:13:49 2016 From: sami.0jacob0 at gmail.com (sami) Date: Fri, 5 Aug 2016 10:13:49 +0300 Subject: osmocombb paging group problem In-Reply-To: References: Message-ID: <89546DA8-D64F-4590-AE58-C8E8AE801032@gmail.com> Hi, I?m reading the code, just wanted to know if anyone has already addressed this issue so that he could give some instructions. Best regards, On Aug 5, 2016, at 10:06 AM, Vadim Yanitskiy wrote: > Hi, > > My advice you is to stop waiting for someone, who will help you. > Just try to dig into the source code yourself, it's interesting! > And in case of any successes, patches are welcome. > > With best regards, > Vadim Yanitskiy. From gerardfly9 at gmail.com Fri Aug 12 02:19:14 2016 From: gerardfly9 at gmail.com (Gerard Pinto) Date: Thu, 11 Aug 2016 19:19:14 -0700 (MST) Subject: OsmocomBB - C155 - stuck at flashing firmware Message-ID: <1470968354729-4026747.post@n3.nabble.com> Greetings, I have been working with OsmocomBB with C155 model. After a lot of reading and understanding issues on mailing list, following the right instructions I am unable to understand where the problem is - cable or the locked tracfone C155 or my setup. I was successfully able to build the project. I am stuck on executing the following command ~/osmocom-bb/src/host/osmocon# ./osmocon -p /dev/ttyUSB0 -m c155 ../../target/firmware/board/compal_e99/layer1.compalram.bin Please find my specifications and findings below: 1. C155 locked tracfone. 2. FTDI adapter USB serial from - Fonefunshop Is there a way to test the FTDI adapter ? dmesg - list that FTDI adapter attached to ttyUSB0. FTDI VCP driver is built into the Linux kernel. Do I need D2XX driver ? 3. I'm trying to write the firmware (layer1) with a working GSM sim inside and not tracfone sim card. 4. strace gives me no trouble other than this access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) - Is it a worry ? 5. When I execute ./osmocon with all necessary params. I open a new console and type the following ./osmoload memdump 0x000000 0x2000 dump. - Is this valid at this point? just to see where the actual firmware is located at? Dumping 12288 bytes of memory at 0x0 to file dump - Nothing gets dumped into file dump Although, I see some output - 'got 2 bytes from modem... ' in the osmocon window - ./osmocon It would be very kind if someone could guide me. How do I verify there is a cable issue since I have bought these and if not the cable them am I doing something wrong ? Looking forward to the reply! Thanks, Gerard. -- View this message in context: http://baseband-devel.722152.n3.nabble.com/OsmocomBB-C155-stuck-at-flashing-firmware-tp4026747.html Sent from the baseband-devel mailing list archive at Nabble.com. From 246tnt at gmail.com Fri Aug 12 05:57:06 2016 From: 246tnt at gmail.com (Sylvain Munaut) Date: Fri, 12 Aug 2016 07:57:06 +0200 Subject: OsmocomBB - C155 - stuck at flashing firmware In-Reply-To: <1470968354729-4026747.post@n3.nabble.com> References: <1470968354729-4026747.post@n3.nabble.com> Message-ID: Hi, > Please find my specifications and findings below: > 1. C155 locked tracfone. tracfone use a different unsupported bootloader. won't work with osmocon loader. Cheers, Sylvain From memoryfair at gmail.com Fri Aug 5 04:14:58 2016 From: memoryfair at gmail.com (sillymonkey) Date: Thu, 4 Aug 2016 21:14:58 -0700 (MST) Subject: layer2/3 ported to target? paging attack code? In-Reply-To: <1456524930528-4026725.post@n3.nabble.com> References: <1378227662.93957.YahooMailNeo@web121005.mail.ne1.yahoo.com> <1378232842.92551.YahooMailNeo@web121004.mail.ne1.yahoo.com> <1378299933-sup-2371@dennou> <1378325214-sup-34@dennou> <1436034083323-4026717.post@n3.nabble.com> <1456524930528-4026725.post@n3.nabble.com> Message-ID: <1470370498894-4026746.post@n3.nabble.com> I'm facing a problem. I applied the patch and compiled successfully. However, whenever I tried to load the firmware into the phone I got ftmtool error. I thought it was because the cable so I try to load the original firmware with original osmocon app, same cable of course, it worked perfectly. So I reversed what I did and compiled again and run osmocon and still ftmtool error? So the problem is not the cable,not the patch. The problem is osmocon app itself. Am I right? Anyone knows what problem is it? Is it some kind of code changing prevention? -- View this message in context: http://baseband-devel.722152.n3.nabble.com/layer2-3-ported-to-target-paging-attack-code-tp4026139p4026746.html Sent from the baseband-devel mailing list archive at Nabble.com. From GNUtoo at no-log.org Fri Aug 12 19:00:19 2016 From: GNUtoo at no-log.org (Denis 'GNUtoo' Carikli) Date: Fri, 12 Aug 2016 21:00:19 +0200 Subject: layer 1 port to nuttx-bb progress? In-Reply-To: <62573346.6913351.1469984752125.JavaMail.yahoo@mail.yahoo.com> References: <62573346.6913351.1469984752125.JavaMail.yahoo.ref@mail.yahoo.com> <62573346.6913351.1469984752125.JavaMail.yahoo@mail.yahoo.com> Message-ID: <20160812210019.1c64eac3.GNUtoo@no-log.org> On Sun, 31 Jul 2016 17:05:52 +0000 (UTC) Craig Comstock wrote: > I have fernvale-nuttx running on a couple of MTK6260-based watch > phones and plan on working on porting layer1 to these devices. [...] Port story: ----------- Here's the story behind the Nuttx port of osmocomBB: Me and Alan[1] worked together to: - Adapt the previously existing Nuttx port to run on the devices we had. - Upstream such support, and add more drivers. We both stopped working on it for different reasons. Personally I didn't have time anymore, because of my day job and other reasons. Still, I attempted to make a quick and *very* dirty port of the layer1 as a Nuttx application in order to show people that it was possible. I thought that there was more probability of someone being interested in picking my work or restarting it from scratch once something was working. However I only succeeded at making the device scan the network and then hang unexpectedly while scanning. I don't remember which toolchain I was using for that, but there is a huge probability that I didn't use the one advised by the wiki (gnuarm): The 32bit[5] version of gnuarm couldn't properly link nuttx and outputed some message about code being compiled with both -msoft-float and some other floating point ABI. I might have used a codesourcey toolchain instead. Using another toolchain to compile osmocomBB resulted in the same behavior: the device hanged when scanning the network. Years later, I learned, thanks to the osmocomBB wiki[2], that the issue preventing to use other toolchains issue had been resolved. Since the interest in osmocomBB seem to have progressively faded away, and I still didn't have time for it, I didn't even try to update the layer1 port, and to run it[6]. Since the layer1 port was unspeakably dirty, it's preferable to re-port it from scratch. My attempt was only made in a desperate way, to foster interest. If made to work, it could still be used as a reference code that is known to work, in order to help debugging potential issues with a cleaner code. After that, I started to do try to port it correctly but I never found the time to finish it. I can try to find the cleaner attempt if you want, but I fear it won't be that helpful: It mostly consisted in making a very thin compatibility layer in the form of a header, wrapping nuttx semantics(function names, etc) to match osmocomBB's. I also pushed some of the previous code on gitorious[3]. Note that the gitorious repositories URL now point to a read-only mirror of gitorious[4]. Code separation, and licensing: ------------------------------- Nuttx is under a permissive license while osmocomBB is copyleft. With Alan, to be able to upstream some of the osmocomBB code, we had to ask its original authors the permission to relicense it. You can find the exact terms of such relicensing in the baseband-devel mailing list archives. Some authors gave us very clear limitations on what part of the code they relicensed. Practically speaking some of the drivers for usual peripherals were relicensed(like serial port, and so on), but at least one author was very clear on the fact that he wound not relicense any of the GSM related drivers and application code he wrote. I clearly support such views, and it's not a problem at all: While you need to have the same license than Nuttx to upstream code in the OS part of Nuttx, you have no such requirements for applications: Nuttx even has, in its repositories, applications under different licenses. Since you want to run the layer1 on the Fernvale, you will then need to adapt it to your hardware, and have some hardware abstraction done in the application for the GSM related hardware. OsmocomBB already have some hardware abstraction in it, as the RF frontend weren't always the same across supported phones. References: ----------- [1] Alan Carvallo De Assis. He is now actively contributing to Nuttx for his work. [2]http://osmocom.org/projects/baseband/wiki/Toolchain [3]https://gitorious.org/gnutoo-s-for-upstream-osmocom-bb-and-nuttx-bb/nuttx-bb-gta02.git [4]Gitorious was shut down. [5]I had to relocate in a hurry, the laptops I had with me were 32bit only (The I945 Thinkpads supported by coreboot). [6]I'm not saying that the "toolchain bug" was the cause, but rather that it could have been. Since I didn't test, I've no way to know. Denis. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From todaysaobe at gmail.com Sat Aug 27 09:23:55 2016 From: todaysaobe at gmail.com (superben) Date: Sat, 27 Aug 2016 02:23:55 -0700 (MST) Subject: osmocom+c118+openbts send sms Message-ID: <1472289835436-4026749.post@n3.nabble.com> osmocom+c118+openbts send sms : youtube: https://youtu.be/r_U7DKFYuqo blog: http://gsmsuperben.blogspot.my/2016/07/osmocomc118openbts-send-sms.html First you need to successfully install osmocom? http://gsmsuperben.blogspot.my/2016/07/osmocombbc118-gsm-sniffer.html Assuming you have installed the gnu-arm-build.3.sh 1?Download and compile osmocomBB and libosmo-dsp $ git clone git://git.osmocom.org/libosmocore.git $ git clone git://git.osmocom.org/libosmo-dsp.git $ git clone git://git.osmocom.org/osmocom-bb.git $ sudo apt-get install libfftw3-dev libfftw3-doc When installing libosmocore execute ./configure many people will encounter No package 'talloc' found such a mistake , because they can not talloc, Here is the solution $ wget https://www.samba.org/ftp/talloc/talloc-2.1.7.tar.gz $ tar -zxvf talloc-2.1.7.tar.gz $ cd talloc-2.1.7/ $ ./configure $ make $ sudo make install install libosmocore $ cd libosmocore/ $ autoreconf -i $ ./configure $ make $ sudo make install $ cd .. install libosmo-dsp $ cd libosmo-dsp/ $ autoreconf -i $ ./configure $ make $ sudo make install Compile osmocombb $ cd osmocom-bb $ git checkout sylvain/testing $ cd src $ make HOST_layer23_CONFARGS=--enable-transceiver 2:Download openbts and install dependencies?The best use of root privileges? $ su $ apt-get install subversion $ svn co http://wush.net/svn/range/software/public $ sudo apt-get install autoconf libtool libosip2-dev libortp-dev libusb-1.0-0-dev g++ sqlite3 libsqlite3-dev erlang libreadline6-dev libncurses5-dev 3:install openbts $ cd pubilc $ cd a53/trunk $ make install $ cd openbts/trunk $ autoreconf -i $ ./configure $ make $ cd apps $ ln -s ../TransceiverRAD1/transceiver . $ cd .. $ sudo mkdir /etc/OpenBTS $ sudo sqlite3 -init ./apps/OpenBTS.example.sql /etc/OpenBTS/OpenBTS.db ".quit" $ sqlite3 /etc/OpenBTS/OpenBTS.db .dump $ sudo mkdir -p /var/lib/asterisk/sqlite3dir 4:install sipauthserve in pubilc $ cd subscriberRegistry/trunk $ make $ sudo sqlite3 -init subscriberRegistry.example.sql /etc/OpenBTS/sipauthserve.db ".quit" 5:install smqueue in public $ cd smqueue/trunk $ autoreconf -i $ ./configure $ make $ sudo sqlite3 -init smqueue/smqueue.example.sql /etc/OpenBTS/smqueue.db ".quit" 6:open all osmocom: $ osmocom-bb/src/host/osmocon/osmocon -p /dev/ttyUSB0 -m c123xor ../../target/firmware/board/compal_e88/trx.compalram.bin transceiver: $ osmocom-bb/src/host/layer23/src/transceiver/transceiver ARFCN smqueue: $ public/smqueue/trunk/smqueue/smqueue sipauthserve: $ public/subscriberRegistry/trunk/sipauthserve OpenBTS: $ public/openbts/trunk/apps/OpenBTS $ public/openbts/trunk/apps/OpenBTSCLI 7:Configuration openbts OpenBTSCLI $ config $ config Control.LUR.OpenRegistration .* $ config GSM.Radio.Band 900 $ config GSM.Radio.C0 YOU transceiver ARFCN $ config GSM.Identity.MCC 001 $ config GSM.Identity.MNC 01 ?001 01 test? Configuration is complete, reboot your openbts 8:Mobile search and access OpenBTS 9:View tmsis OpenBTSCLI $ tmsis 10:try send sms OpenBTSCLI $ sendsms YOUTMSIS number messege -- View this message in context: http://baseband-devel.722152.n3.nabble.com/osmocom-c118-openbts-send-sms-tp4026749.html Sent from the baseband-devel mailing list archive at Nabble.com. From todaysaobe at gmail.com Sat Aug 27 09:23:03 2016 From: todaysaobe at gmail.com (superben) Date: Sat, 27 Aug 2016 02:23:03 -0700 (MST) Subject: smocombb+c118 gsm-sniffer Message-ID: <1472289783482-4026748.post@n3.nabble.com> osmocombb+c118 gsm-sniffer? youtube: https://youtu.be/ZDToZIYHmJM blog: http://gsmsuperben.blogspot.my/2016/07/osmocombbc118-gsm-sniffer.html System ? ubuntu12.04-i386?or kali? ??update system update?or vi /etc/apt/sources.list ? settings Inside find software update source download from modifying their own country Then save the exit now open terminal $ sudo apt-get update $ sudo apt-get upgrade ??Then install a series of dependency $ sudo apt-get install libusb-0.1-4 libpcsclite1 libccid pcscd $ sudo apt-get install libtool shtool autoconf git-core pkg-config make gcc build-essential libgmp3-dev libmpfr-dev libx11-6 libx11-dev texinfo flex bison libncurses5 libncurses5-dbg libncurses5-dev libncursesw5 libncursesw5-dbg libncursesw5-dev zlibc zlib1g-dev libmpfr4 libmpc-dev libpcsclite-dev ?copy? ??Create several directories , download ARM compiler $ mkdir osmocombb $ cd osmocombb $ mkdir build install src $ cd src $ wget ftp://sources.redhat.com/pub/newlib/newlib-1.19.0.tar.gz ??install gnu-arm-build.3.sh $ cd .. $ chmod +x gnu-arm-build.3.sh $ ./gnu-arm-build.3.sh See here you can directly enter ??After you install the add environment $ cd install/bin $ pwd $ vi ~/./. bashrc export PATH=$PATH:/osmocombb/ install/bin $ source ~/.bashrc ??Download and compile osmocomBB back osmocombb download osmocom $ git clone git://git.osmocom.org/libosmocore.git $ git clone git://git.osmocom.org/osmocom-bb.git When installing libosmocore execute ./configure many people will encounter No package 'talloc' found such a mistake , because they can not talloc, Here is the solution $ wget https://www.samba.org/ftp/talloc/talloc-2.1.7.tar.gz $ tar -zxvf talloc-2.1.7.tar.gz $ cd talloc-2.1.7/ $ ./configure $ make $ sudo make install install libosmocore $ cd libosmocore/ $ autoreconf -i $ ./configure $ make $ sudo make install $ cd .. Compile osmocombb $ cd osmocom-bb $ git checkout --track origin/luca/gsmmap $ cd src $ make ??Modify the problem file ( if you are gnu-arm-build.2.sh and no cell scanning immobile problem , skip this step ) Enter osmocom-bb find these files and modify them vi osmocom-bb/ src/target/firmware/board/compal/highram.lds vi osmocom-bb/ src/target/firmware/board/compal/ram.lds vi osmocom-bb/ src/target/firmware/board/compal_e88/flash.lds vi osmocom-bb/ src/target/firmware/board/compal_e88/loader.lds vi osmocom-bb/ src/target/firmware/board/mediatek/ram.lds Found inside this string of code KEEP(*(SORT(.ctors))) In the following is added KEEP(*(SORT(.init_array))) Listed as? To save , all changes well in entering osmocom-bb / src recompile $ make -e CROSS_TOOL_PREFIX=arm-none-eabi- ??Insert your brush into the firmware 118 in osmocom-bb directory $ cd src/host/osmocon $ sudo ./osmocon -m c123xor -p /dev/ttyUSB0 ../../target/firmware/board/compal_e88/layer1.compalram.bin Enter appear so wait when you click c118 power button , click on it If this is the brush into failure , look at your c118 cable, if you are buying a new phone line proposed to insert a little tight . . Best to shell removed ??Scanning station information Open a new terminal or in osmocom-bb directory $ cd src/host/layer23/src/misc $ sudo ./cell_log -O Then enter $ sudo ./ccch_scan -i 127.0.0.1 -a ARFCN ARFCN is circled out above that value , such as column $ sudo ./ccch_scan -i 127.0.0.1 -a 59 ??install wireshark Open a new terminal $ sudo apt-get install wireshark $ sudo wireshark -k -i lo -f 'port 4729' In the filter input gsm_sms Then quietly wait for it??? -- View this message in context: http://baseband-devel.722152.n3.nabble.com/smocombb-c118-gsm-sniffer-tp4026748.html Sent from the baseband-devel mailing list archive at Nabble.com.