Difference between revisions of "Eth0:2012 Winter/GSM hacking"
From Eth0Wiki
(Created page with 'We already know for a while that GSM is [http://events.ccc.de/congress/2009/Fahrplan/events/3654.en.html insecure], that it's possible to sniff with [http://events.ccc.de/congres…') |
|||
(One intermediate revision by one other user not shown) | |||
Line 9: | Line 9: | ||
The RFX1800 also supports the DECT band, so it might also be possible to play with DECT. I'm currently looking into what other hardware is needed to get a decent coverage with OpenBTS, the biggest problem is sending/receiving crosstalk. As far as I understand a duplexer and low-noise amplifier will give a bigger range, but I don't have a background in RF engineering and still learning a lot of things about RF. References: [http://sourceforge.net/mailarchive/message.php?msg_id=27953143] [http://246tnt.com/openbts/frontend.html] [http://gnuradio.org/redmine/projects/gnuradio/wiki/OpenBTSBM2009RF] | The RFX1800 also supports the DECT band, so it might also be possible to play with DECT. I'm currently looking into what other hardware is needed to get a decent coverage with OpenBTS, the biggest problem is sending/receiving crosstalk. As far as I understand a duplexer and low-noise amplifier will give a bigger range, but I don't have a background in RF engineering and still learning a lot of things about RF. References: [http://sourceforge.net/mailarchive/message.php?msg_id=27953143] [http://246tnt.com/openbts/frontend.html] [http://gnuradio.org/redmine/projects/gnuradio/wiki/OpenBTSBM2009RF] | ||
+ | |||
+ | [[User:DrWhax|DrWhax]] will bring an motorola c115 and usb <-> serial cable. (hopefully I got all this shipped before saturday.) | ||
+ | |||
+ | We need a computer/laptop with 2 e-SATA ports to make backups of files which are spread across 3 hard disks. [[User:Vicarious|Vicarious]] 14:25, 14 January 2012 (CET) |
Latest revision as of 13:25, 14 January 2012
We already know for a while that GSM is insecure, that it's possible to sniff with inexpensive hardware and that operators don't care. It's also possible to run a completely open source GSM base station using OpenBTS and not-so expensive hardware. Time to start playing with GSM!
Dekkers will bring the following hardware for playing with GSM to eth0:
- USRP B100 with RFX1800 daughterboard.[1]
- I've already managed to get OpenBTS running and do voice calls (using the DECT guard band that doesn't need a permit), but the range for doing voice calls without duplexer/amplifier/etc. is about 2 metres.
- A motorola C115 and a C118
- A Sysmocom USB serial cable (CP2102) [2]
- 2 TB hard disk with partially downloaded A5/1 rainbow tables
The RFX1800 also supports the DECT band, so it might also be possible to play with DECT. I'm currently looking into what other hardware is needed to get a decent coverage with OpenBTS, the biggest problem is sending/receiving crosstalk. As far as I understand a duplexer and low-noise amplifier will give a bigger range, but I don't have a background in RF engineering and still learning a lot of things about RF. References: [3] [4] [5]
DrWhax will bring an motorola c115 and usb <-> serial cable. (hopefully I got all this shipped before saturday.)
We need a computer/laptop with 2 e-SATA ports to make backups of files which are spread across 3 hard disks. Vicarious 14:25, 14 January 2012 (CET)