Hello All,
Pls help me, any one who can
Kindly give me code or even binary file for sniff code which Sylvain
demonstrated in chao meeting, it will solve my purpose,
i can See, in video he made the same interface to tune to a ARFCN,
TS , and hopping sequence as i requested a long time back to mailling
list It will
be great help for poor students.
my project don't required any a5 creaking so it wont be used as unlawful means.
so far i have arranged 12 USRP1 to run openBTS.
I just wanted to do the same, which Sylvain have done in video @ chao
presentation, except cracking the encryption as i will configure
openBTS as a5/0
coz it’s education transmission not necessary to encrypt kindly do me a
favour in shake of charity.
Pls reply to my query pls help me in the shake of poor students.
I promise will keep that code secret and will not disclose to any one else.
or pls advise me how i can modify existing code up to that level.
Kindly reply on my request , can you pls provide me Sniff software?
it will help me allot, my NGO can deploy a pilot project at least
Kind Regards,
Hi,
I'm trying to get the burst_ind branch working at the higher speed baud rates. I
have a USB to Serial FTDI Cable (FT232R) plus the T191. This setup works fine
with the main trunk of osmocombb. When I fire up osmocon, layer1 appears to
download to the phone and runs successfully. Osmocon then logs 'Received
DOWNLOAD ACK from phone, your code is running now!'. The phone has layer1.bin
displayed as usual. However it goes no further and just hangs.
Could anyone please give any advice on what to try next?
Thanks,
Matt.
Thanks to Tomas and ton, I can run osmocombb on the phone. But the phone
can't attach the network, can't make a call, can't recognise the SIM card. I
found that this was no BCCH received in wireshark.
And when I type some command via telnet localhost, it always output "Command
incomplete"
Anybody can give me some solution? Thanks!
--
View this message in context: http://baseband-devel.722152.n3.nabble.com/Why-my-phone-can-t-attach-the-ne…
Sent from the baseband-devel mailing list archive at Nabble.com.
I guess you have the default configuration:
"No Mobile Station defined, creating: MS '1'"
After you start "mobile" application, select "enable" and then "write". This will write your configuration to /etc/osmocom/osmocom.cfg After that edit this file and set from no sim to sim reader. Restart the mobile application and it should work.
Hello everydoby
I have Motorola-branded prolific usb cable. This cable, once inserted in
a port, claims to be a 0307 chipset adapter, and Linux kernel doesn't
recognize it: not working. Someone told me that Motorola has changed the
label in those cables that claim to be 0307, but they are pl2303.
Does anyone have one of these cables working? I've tried many ways,
including udev, to make it work, but no success. My next step is to
recompile the kernel module, but I was wondering if someone has solved
it in another way.
Bye
Dario.
Hi all,
last weekend I have grinded down a DP-L10 pcb and traced the TSPACT
wiring of this board. I've added support for this phone, along with a
few other changes in my branch steve-m/testing.
Changes include:
* Add support for Pirelli DP-L10
* Add TX support for the gta0x devices
* separate board images for the Compal E86 (Motorola C139/C140)
(display/keypad backlight now works by default)
If anyone wants to test those changes (especially the freerunner TX
support, since I have no freerunner), please feel free to do so. I
tested the other changes and didn't find any regressions, so if no one
else does, we can merge it to master soon.
One thing I noticed during testing: The C139/C140 seem to have a
different SYSTEM_INHERENT_GAIN, I compared the RX levels of several
C118/C123/C155 with several C139/C140, and the reported rx level was
always at around 18-20dBm worse than with the C123.
Regards,
Steve
Hi,
I tried to follow instruction on SIM Reader wiki, but seems I got different result.
OsmocomBB> enable
OsmocomBB# sim reader 1
OsmocomBB# show subscriber
Mobile Subscriber of MS '1':
IMSI:
Status: U2_NOT_UPDATED IMSI detached LAI: invalid
Access barred cells: no
Access classes:
OsmocomBB# show support
Supported features of MS '1':
Phase 2 mobile station
R-GSM : yes
E-GSM : yes
P-GSM : yes
GSM900 Class: 4
DCS 1800 : yes
DCS Class : 1
CECS : no
VGCS : no
VBS : no
SMS : yes
SS_IND : yes
PS_CAP : no
CMSP : no
SoLSA : no
LCSVA : no
LOC_SERV : no
A5/1 : yes
A5/2 : yes
A5/3 : no
A5/4 : no
A5/5 : no
A5/6 : no
A5/7 : no
A5/1 : yes
Channels : SDCCH + TCH/F + TCH/H
Full-Rate V1: yes
Full-Rate V2: yes
Full-Rate V3: no
Half-Rate V1: yes
Half-Rate V3: no
Min RXLEV : -106
OsmocomBB# show ms
MS '1' is down, radio is not started
IMEI: 000000000000000
IMEISV: 0000000000000000
IMEI generation: fixed
automatic network selection state: A0 null
cell selection state: C0 null
radio ressource layer state: idle
mobility management layer state: MM idle, PLMN search
from the layer23 part,
$ ./mobile -i 127.0.0.1 -d
Copyright (C) 2008-2010 ...
Contributions by ...
License GPLv2+: GNU GPL version 2 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
mobile: option requires an argument -- d
VTY available on port 4247.
No Mobile Station defined, creating: MS '1'
<000e> sim.c:1206 init SIM client
<0005> gsm48_cc.c:61 init Call Control
<0001> gsm48_rr.c:4944 init Radio Ressource process
<0004> gsm48_mm.c:1220 init Mobility Management process
<0004> gsm48_mm.c:971 Selecting PLMN SEARCH state, because no SIM.
<0002> gsm322.c:3471 init PLMN process
<0003> gsm322.c:3472 init Cell Selection process
<0003> gsm322.c:3526 No stored BA list
Mobile '1' initialized, please start phone now!
<0004> subscriber.c:556 Requesting SIM file 0x2fe2
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:697 go MF
<000e> sim.c:241 SELECT (file=0x3f00)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
can't perform location update, and from the error, is that mean the application failed to read the simcard correctly?
and what's the meaning of "Mobile '1' initialized, please start phone now!", is it starting the phone by push the power button? if so, since the firmware is loaded I can't make the phone start like using original firmware. If i push the button, it will show message like
Found flash of 2097152 bytes at 0x0 with 2 regions
Region 0 of 31 pages with 65536 bytes each.
Region 1 of 8 pages with 8192 bytes each.
key=20 pressed
Powering off due to keypress.
I am using motorola c118 anw. any clue about this error?
Thanks.
Best Regards,
Rasyid
Hi all,
i noticed that article
http://www.eetimes.com/electronics-news/4212228/Picochip-shares-femtocell-r…
speaking about 3G basestation on USB dongle.
That's really cool, i don't know about the hardware, but for sure when
those device will be out the hacking perspective would be really
interesting for projects like OpenBSC and OsmocomBB .
-naif
Hi all!
In order to avoid the most common problems, I propose exporting something like
a feature bitmask on the L1CTL, i.e.
* L1CTL user code (layer23) can send a L1CTL_GET_FEAT_REQ request
* laye1 in the phone sends a L1CTL_GET_FEAT_RESP with all the bits
set to 1 for the features it supports
* L1CTL user code (layer23) can then check if all the features it needs are
supported by the L1. IF not, it can simply abort or print a warning to the
user.
We can simply extend the size of the bitmask over time if we need more bits.
Obvious bits I would consider are:
- is this firmware compiled with TX support?
- does this firmware contain a SIM reader driver?
- does this firmware support BURST_IND?
Maybe we could also include a static header containing a compile timestamp or
the git date/revision that the firmware was built, as well as a name of the
board.
Now I know, nice idea, who will implement it? I currently have othe
priorities, but if somebody lurking on this list is looking for a relatively
simple way to contribute back to the project (without knowing anything about
GSM!) this might be something useful you could do.
Thanks in advance,
Harald
--
- Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
On Mon, Jan 17, 2011 at 11:46:50AM -0800, Bogdan Alecu wrote:
> Hello,
>
> Sorry for writing you directly to your email. Thank you very much for the wiki. I was wondering if you have some knowledge about the "sim test" mode. I tried it by filling in the IMSI and MCC MNC. After I start the layer2 in a few seconds layer1 crashes. What I am trying to achieve is to send a IMSI detach to the network for the specified IMSI. Maybe you could give me a hand with this.
This is often second question after getting SIM working, so I want to
share what I know. However, I'm not an expert, and most of this is
gathered from presentations and speaking with people who know more than
I do, so I wanted to bounce this against mailing list for additional
comments.
As far as I understand it, to connect to provider network, you need
provider's ki which is shared secret between network and sim card.
There are some practical attacks on older sim cards which are used by
multi-network sim cards. It seems there is limited number of brute-force
interations that cards support before disabling themself and that
changed somehow in recent cards.
Best SIM explanation I found so far is on 27C3 wiki about GSM network:
http://events.ccc.de/congress/2010/wiki/GSM#Why_do_I_need_to_buy_your_SIM_c…
> --- On Mon, 1/17/11, Dobrica Pavlinusic <dpavlin(a)rot13.org> wrote:
>
>
> From: Dobrica Pavlinusic <dpavlin(a)rot13.org>
> Subject: wiki: SIMReader Was: Sim on C115 & C118
> To: "Bogdan Alecu" <b.alecu(a)yahoo.com>
> Cc: dario.lombardo(a)libero.it, baseband-devel(a)lists.osmocom.org
> Date: Monday, January 17, 2011, 7:05 PM
>
>
> On Mon, Jan 17, 2011 at 10:24:51AM -0800, Bogdan Alecu wrote:
> > I was going to ask the same question because I have same problem with sim reader mode. However I haven't used Sylvain test. I will and come back with an update.
>
> There seems to be sufficiant interest for using SIM reader, so I created
> page on wiki which might serve as good pointer:
>
> http://bb.osmocom.org/trac/wiki/SIMReader
>
> --
> Dobrica Pavlinusic 2share!2flame dpavlin(a)rot13.org
> Unix addict. Internet consultant. http://www.rot13.org/~dpavlin
>
>
>
>
--
Dobrica Pavlinusic 2share!2flame dpavlin(a)rot13.org
Unix addict. Internet consultant. http://www.rot13.org/~dpavlin
