tested on Ubuntu/bionic
An FTDI USB/serial converter e.g.
check w/
tail -F /var/log/kern.log ls -alkF /dev/ttyUSB0
apt install build-essential libgmp3-dev libmpfr-dev libx11-6 libx11-dev texinfo flex bison libncurses5 libncurses5-dbg libncurses5-dev libncursesw5 libncursesw5-dbg libncursesw5-dev zlibc zlib1g-dev libmpfr6 libmpc-dev mkdir gnu-arm-toolchain/ cd gnu-arm-toolchain/ mkdir build/ install/ src/ cd src/ wget http://ftp.gnu.org/gnu/gcc/gcc-4.9.4/gcc-4.9.4.tar.bz2 wget http://ftp.gnu.org/gnu/binutils/binutils-2.21.1a.tar.bz2 wget ftp://sources.redhat.com/pub/newlib/newlib-1.19.0.tar.gz tar xjf gcc-4.9.4.tar.bz2 tar xjf binutils-2.21.1a.tar.bz2 tar xfz newlib-1.19.0.tar.gz ll cd ../
use that script
wget https://raw.githubusercontent.com/DrLafa/gnu-arm-toolchain-installer/master/gnu-arm-build.sh chmod +x gnu-arm-build.sh ./gnu-arm-build.sh
after a while it gives
Build complete! Add /root/tp/radio/gnu-arm-toolchain/install/bin to your PATH to make arm-none-eabi-gcc and friends accessible directly.
dpkg -l | grep osmocore apt purge libosmocore libosmocore-utils libosmocore6 apt-get install build-essential libtool libtalloc-dev shtool autoconf automake git-core pkg-config make gcc libpcsclite-dev git clone git://git.osmocom.org/libosmocore.git cd libosmocore/ autoreconf -i ./configure --help ./configure --enable-pcsc make clean make -j8 make install ldconfig -i cd ../
dpkg -l | grep osmovty apt purge libosmovty3 #apt install libmpc-dev libgnutls-dev texinfo git clone git://git.osmocom.org/osmocom-bb.git cd osmocom-bb/ git pull --rebase cd src/ vi target/firmware/Makefile CFLAGS += -DCONFIG_TX_ENABLE CFLAGS += -DCONFIG_FLASH_WRITE CFLAGS += -DCONFIG_FLASH_WRITE_LOADER ll /root/tp/radio/gnu-arm-toolchain/install/bin/ echo $PATH export PATH=/root/tp/radio/gnu-arm-toolchain/install/bin:$PATH make clean make -j8
- RX TX - - GND #apt install minicom #minicom --device /dev/ttyUSB0 #^A X #screen /dev/ttyUSB0 115200 #busybox microcom -t 5000 /dev/ttyUSB0 #^X apt install tio tio -h tio --baudrate 115200 /dev/ttyUSB0 ^T Q
==> you should get @ftmtoolerror
Choose your firmware. For Motorola C123/C121/C118 it is E88. Now that USB/serial is plugged, turn the phone off and unplug power supply. Proceed without chainloading (-c).
host/osmocon/osmocon -v host/osmocon/osmocon -h host/osmocon/osmocon -p /dev/ttyUSB0 -m c123 target/firmware/board/compal_e88/layer1.compalram.bin
AND DO A SHORT PUSH ON THE POWER BUTTON
OsmocomBB Layer 1 (revision osmocon_v0.0.0-2427-g5fed799d-modified)
you can now put power supply back and you should see it confirmed in the output.
wireshark -k -Y '!icmp && !tcp' -i lo &
Sniff some channels
arfcn= host/layer23/src/misc/ccch_scan -h host/layer23/src/misc/ccch_scan --arfcn $arfcn --gsmtap-ip 127.0.0.1
Eventually get a valid IMEI from another phone
*#06#
Now this is probably where you need a SIM card in the phone. And you will see your own traffic decrypted
mkdir -p ~/.osmocom/bb/ cp ../doc/examples/mobile/default.cfg ~/.osmocom/bb/mobile.cfg vi ~/.osmocom/bb/mobile.cfg imei IMEI-HERE 0 host/layer23/src/mobile/mobile -i 127.0.0.1 telnet 127.0.0.1 4247 enable list show ? show ba 1 show cell 1 !network search 1 network show 1 !network select 1 250 20 show ms show subscriber
draft
Send an SMS and voice call
sms 1 hello this is `whoami`@osmocom-bb call 1 MSISDN-HERE
When trying to build BB
Requested 'libosmovty >= 0.10.0' but version of Osmocom VTY Interface Library is 0.9.0
==> build libosmocore first
Baseband: MS ‘1’ is up, service is limited http://lists.osmocom.org/pipermail/baseband-devel/2013-April/004176.html
Trouble in making CALL https://baseband-devel.osmocom.narkive.com/7urp6v8P/trouble-in-making-call
Motorola C123 https://osmocom.org/projects/baseband/wiki/MotorolaC123
Hardware » Phones https://osmocom.org/projects/baseband/wiki/Phones
Active analysis of a GSM call through osmocom-bb https://payatu.com/active-analysis-gsm-call-osmocom-bb/
Hardware » Serial Cable https://osmocom.org/projects/baseband/wiki/Serial_Cable
FTDI FT232RL USB to TTL Serial Adapter - 3.3V and 5V Operation https://stak.com/USB_to_TTL_Serial_Adapter__FTDI_FT232RL_chipset__3.3V_and_5V_compatible
Why does USB have Vcc=5V and high=3.3V? https://electronics.stackexchange.com/questions/190592/why-does-usb-have-vcc-5v-and-high-3-3v
Supply derives 5 and 3.3V from USB port https://www.edn.com/design/analog/4347956/Supply-derives-5-and-3-3V-from-USB-port
How do I connect to TTY/COM (/dev/ttyUSB0)? https://askubuntu.com/questions/40959/how-do-i-connect-to-tty-com-dev-ttyusb0
screen /dev/ttyUSB0 with different options such as databit, parity, etc https://stackoverflow.com/questions/41266001/screen-dev-ttyusb0-with-different-options-such-as-databit-parity-etc
Branches description https://osmocom.org/projects/baseband/wiki/Branches
RU Знакомство с OsmocomBB: 0x03 Software https://habr.com/ru/post/260213/
OsmocomBB Firmware » Toolchain https://osmocom.org/projects/baseband/wiki/Toolchain
OsmocomBB Getting Started Guide https://osmocom.org/projects/baseband/wiki/Software_Getting_Started
OsmocomBB Getting Started Guide https://www.pentestingshop.com/osmocombb-getting-started-guide/
GSM 900 sniffing https://retrohax.net/gsm-900-sniffing/
faster for gnu arm? – How to build up osmocomBB in Ubuntu https://aleen42.github.io/PersonalWiki/qa/osmocombbonlinux.html
How do I connect to TTY/COM (/dev/ttyUSB0)? https://askubuntu.com/questions/40959/how-do-i-connect-to-tty-com-dev-ttyusb0
Software » Host Software » Osmocon https://osmocom.org/projects/baseband/wiki/Osmocon
ramloader has aborted… https://osmocom.org/issues/3907 https://baseband-devel.osmocom.narkive.com/6hFtFCi2/please-advice-c115-fmtool-ramloader-aborted https://gist.github.com/NinjaComics/46dca3f4ff2d66198a3f https://www.google.com/search?q=%22Received+FTMTOOL+from+phone%2C+ramloader+has+aborted%22
Baseband: MS ‘1’ is up, service is limited http://baseband-devel.722152.n3.nabble.com/Baseband-MS-1-is-up-service-is-limited-td4025964.html
Software » Host Software » mobile https://osmocom.org/projects/baseband/wiki/mobile
[PATCH] osmocom-bb[master]: mobile: clean up and share example configs http://lists.osmocom.org/pipermail/gerrit-log/2017-October/020189.html
BastusIII/osmocom-config-files https://github.com/BastusIII/osmocom-config-files
OsmoBOX https://brmlab.cz/project/gsm/shield
Valid IMEI Numbers List for Android Phones http://www.99mediasector.com/valid-imei-numbers-list-android-phone/
Program to check for a Valid IMEI Number https://www.geeksforgeeks.org/program-check-valid-imei-number/
IMEI CHECK https://www.imei.info/