regarding gr-gsm capture.py and gr-gsm decode

[mamoo...@gmail.com]

Dear sir,
           1.        I am trying to capture and decode gsm  packets using gr-gsm capture.py in a .cfile..captured file size is 320 mb. its size is the same even if i give a frequency of capture wherein nothing is being transmitted.
                 a)   why?
                 b)  does it mean packets are not captured?
                 c)   i used the followig command -- (   grgsm_capture.py -f 945.1e6 -g 50 -s 2M -p 0 -b BURST_FILE -c /root/gr-gsm/apps/capture875.cfile -T 20  )
                 d)   i am using kali rolling 2016 and RTL-SDR.
     
         2.        I now opened a new window terminal for wireshark with command --  (  wireshark -k -f udp -Y 'gsmtap && !icmp' -i lo )
          
         3.     for decoding i used gr-gsm decode. for this i use following command now-(  grgsm_decode -c /root/gr-gsm/apps/capture875.cfile -s $((200000000/64)) -f 945.1e6 -m BCCH -t 0 )
  
                a)    no output comes in the wireshark.  why?
                b)    if i use live packet capture at 945.1 Mhz by gr-gsm_livemon.grc packets are captured in terminal and also in wireshark but not through step 1,2 & 3..why?
               
              4.      please guide me on the above problems and also tell me a a way to decode voice also. Is there any other way of decoding gsm voice or sms?  waiting for a reply urgently. i will b obliged.

[Tomcsányi, Domonkos]

Hi,

2016. ápr. 20. dátummal, 21:30 időpontban mamoo...@gmail.com írta:

Dear sir,
           1.        I am trying to capture and decode gsm  packets using gr-gsm capture.py in a .cfile..captured file size is 320 mb. its size is the same even if i give a frequency of capture wherein nothing is being transmitted.
                 a)   why?
                 b)  does it mean packets are not captured?
                 c)   i used the followig command -- (   grgsm_capture.py -f 945.1e6 -g 50 -s 2M -p 0 -b BURST_FILE -c /root/gr-gsm/apps/capture875.cfile -T 20  )
                 d)   i am using kali rolling 2016 and RTL-SDR.

It is expected to be the same size regardless of the frequency, this is the way SDR works.

     
         2.        I now opened a new window terminal for wireshark with command --  (  wireshark -k -f udp -Y 'gsmtap && !icmp' -i lo )
          
         3.     for decoding i used gr-gsm decode. for this i use following command now-(  grgsm_decode -c /root/gr-gsm/apps/capture875.cfile -s $((200000000/64)) -f 945.1e6 -m BCCH -t 0 )
  
                a)    no output comes in the wireshark.  why?

You are using a wrong samplerate value.

                b)    if i use live packet capture at 945.1 Mhz by gr-gsm_livemon.grc packets are captured in terminal and also in wireshark but not through step 1,2 & 3..why?
               
              4.      please guide me on the above problems and also tell me a a way to decode voice also. Is there any other way of decoding gsm voice or sms?  waiting for a reply urgently. i will b obliged.

What other way do you mean?

Cheers.

[Tomcsányi Domonkos]

I think I answered all your questions.

But to be even more clear: use the same -s parameter on both capture and decode. I think that’ll get you going.

Cheers,

Domi

2016. ápr. 21. dátummal, 11:45 időpontban Mamoon Ali <mamoo...@gmail.com> írta:

I hv rtl-sdr and kali rolling 2016

---

From: Tomcsányi, Domonkos
Sent: ‎21-‎04-‎2016 13:06
To: mamoo...@gmail.com
Cc: gr-gsm
Subject: Re: regarding gr-gsm capture.py and gr-gsm decode

[Tomcsányi, Domonkos]

2 more things:

1. always hit reply-all to send your message to the list as well

2. I don't think rtl-sdr is capable of receiving 2 MHz (-s 2 million). Try to lower it to 1 million.

Cheers,

Domi

2016. ápr. 21. dátummal, 11:45 időpontban Mamoon Ali <mamoo...@gmail.com> írta:

I hv rtl-sdr and kali rolling 2016

---

From: Tomcsányi, Domonkos
Sent: ‎21-‎04-‎2016 13:06
To: mamoo...@gmail.com
Cc: gr-gsm
Subject: Re: regarding gr-gsm capture.py and gr-gsm decode

[Piotr Krysik]

Hi all,

RTL-SDR supports sample rates up to 3.2MHz. This is not reliable setting
usually. However 2MHz shouldn't be a problem (unless you use a virtual
machine).

Best Regards,
Piotr Krysik

W dniu 21.04.2016 o 13:44, Tomcsányi, Domonkos pisze:

> 2 more things:
> 1. always hit reply-all to send your message to the list as well
>
> 2. I don't think rtl-sdr is capable of receiving 2 MHz (-s 2 million).
> Try to lower it to 1 million.
>
> Cheers,
> Domi
>
> 2016. ápr. 21. dátummal, 11:45 időpontban Mamoon Ali

> <mamoo...@gmail.com <mailto:mamoo...@gmail.com>> írta:

>
>> I hv rtl-sdr and kali rolling 2016

>> ------------------------------------------------------------------------
>> From: Tomcsányi, Domonkos <mailto:do...@tomcsanyi.net>

>> Sent: ‎21-‎04-‎2016 13:06

>> To: mamoo...@gmail.com <mailto:mamoo...@gmail.com>
>> Cc: gr-gsm <mailto:gr-...@googlegroups.com>

>> Subject: Re: regarding gr-gsm capture.py and gr-gsm decode
>>
>> Hi,
>>
>> 2016. ápr. 20. dátummal, 21:30 időpontban mamoo...@gmail.com

>> <mailto:mamoo...@gmail.com> írta:

> --
> Otrzymujesz tę wiadomość, bo subskrybujesz grupę „gr-gsm” w Grupach
> dyskusyjnych Google.
> Aby anulować subskrypcję tej grupy i przestać otrzymywać od niej
> wiadomości, wyślij e-maila na gr-gsm+un...@googlegroups.com
> <mailto:gr-gsm+un...@googlegroups.com>.
> Aby opublikować wpis w tej grupie, wyślij e-maila na
> gr-...@googlegroups.com <mailto:gr-...@googlegroups.com>.
> Aby wyświetlić tę dyskusję w internecie, otwórz
> https://groups.google.com/d/msgid/gr-gsm/88801FED-D529-4AE8-ABC0-E9CC31B91721%40tomcsanyi.net
> <https://groups.google.com/d/msgid/gr-gsm/88801FED-D529-4AE8-ABC0-E9CC31B91721%40tomcsanyi.net?utm_medium=email&utm_source=footer>.
> Więcej opcji znajdziesz na https://groups.google.com/d/optout.


--
Piotr Krysik

[Mamoon Ali]

1.  thanx a lot sir for your help.it worked.

2.  how to get Kc key?

     a)    i have a blackberry phone

     b)    I am able to access engineering screen of my phone but not being able to find /identify Kc key in the options.

     c)    so how to get Kc key from engineering screen of blackberry phone?
 

                                       with regards

                                       Mamoon

--
Piotr Krysik

--
Otrzymujesz tę wiadomość, ponieważ subskrybujesz temat w grupie „gr-gsm” w Grupach dyskusyjnych Google.
Aby anulować subskrypcję tego tematu, otwórz https://groups.google.com/d/topic/gr-gsm/GNdlL5mi0Rc/unsubscribe.
Aby anulować subskrypcję tej grupy i wszystkich jej tematów, wyślij e-maila na gr-gsm+un...@googlegroups.com.
Aby zamieszczać posty w tej grupie, wyślij e-mail na adres gr-...@googlegroups.com.
Aby wyświetlić tę dyskusję w internecie, odwiedź stronę https://groups.google.com/d/msgid/gr-gsm/5718BFD8.9050108%40gmail.com.

[Tomcsányi, Domonkos]

Go to SIM browser and find the EF_Kc file.

Disregard the unnecessary 00 byte at the end.

Cheers.

Aby anulować subskrypcję tej grupy i przestać otrzymywać od niej wiadomości, wyślij e-maila na gr-gsm+un...@googlegroups.com.
Aby opublikować wpis w tej grupie, wyślij e-maila na gr-...@googlegroups.com.
Aby wyświetlić tę dyskusję w internecie, otwórz https://groups.google.com/d/msgid/gr-gsm/CAAJzy-kY%3DrST4PA%2BBX8bpCXHKtqHF7uM_3cCzJ71wOYui1Ju6A%40mail.gmail.com.

[Mamoon Ali]

thanx a lot sir,

 i got Kc-- A252C6370E644C0F01,

 THOUGH THERE WASN'T ANY 00 BYTES AT THE END.
 

  THANXX AGAIN FOR YOUR GUIDANCE..I AM OBLIGED.

IF I HAVE FURTHER PROBLEMS CAN I GET BACK TO YOU?

[Mamoon Ali]

DEAR SIR,

   Kc I HAVE GOT IS -- B68072EC4C318BD305

   IT IS AN INVALID Kc.

   PLZ TELL ME THE MISTAKE.

       REGARDS

       MAMOON

[Mamoon Ali]

DEAR SIR,
   

                  Kc KEY I AM GETTING
                  FROM BLACKBERRY ENGINEERING SCREEN VIA -- SIM BROWSER --> SIM_EF_KC IS B68072EC4C318BD305

                        1.  IT IS OF 18 DIGITS.AND I HAVE INSERTED OTHER SIM CARDS AS WELL. ALL Kc I  GET IS OF 18 DIGITS.

                        2.  BUT Kc IS OF 16 DIGITS.

                        3.  WHAT IS MY MISTAKE?
          

                                                  BEST REGARDS

                                           

[Tomcsányi, Domonkos]

Told you to discard the last two bytes....

Cheers.

[Mamoon Ali]

Dear sir,

1. I was able to intercept unencrypted message..thanks to your guidance.

2. but sir i am facing few problems as under--
 

    a)   i am capturing packets of encrypted network . But change ciphering mode packet is not appearing.

    b)   I use the command to capture--
            ( grgsm_capture.py -f 945.3e6 -g 50 -s 1M -p 0 -b BURST_FILE -c /root/gr-gsm/apps/capturerel22.cfile -T 100)

    c)   i m decoding it with commands as follws:

    
          grgsm_decode -c /root/gr-gsm/apps/capturerel22.cfile -s 1000000 -f 945.3e6 -t 1 -m SDCCH8( bcoz immediate assignment packet had time slot1 and channel sdcch8)

    d)   change ciphering mode command is not coming? why?can i send you the .cfile to diagnose ?

                                           best regards

[lion b.n]

https://github.com/ptrkrysik/gr-gsm/wiki/Usage:-Decoding-How-To

U can find all details in this link

[Mamoon Ali]

dear sir,
       

1.  if my network operator uses hopping then is it possible to intercept voice?

2.  if my network uses half bit rate voice then is it possible to intercept voice?

3.  is it possible to decrypt A5/2 and A5/3 encryptions?
 

                            best regards

                            mamoon

2016-04-24 13:41 GMT+05:30 lion b.n <maikel.1...@gmail.com>:

https://github.com/ptrkrysik/gr-gsm/wiki/Usage:-Decoding-How-To

U can find all details in this link

--
Otrzymujesz tę wiadomość, ponieważ subskrybujesz temat w grupie „gr-gsm” w Grupach dyskusyjnych Google.
Aby anulować subskrypcję tego tematu, otwórz https://groups.google.com/d/topic/gr-gsm/GNdlL5mi0Rc/unsubscribe.
Aby anulować subskrypcję tej grupy i wszystkich jej tematów, wyślij e-maila na gr-gsm+un...@googlegroups.com.
Aby zamieszczać posty w tej grupie, wyślij e-mail na adres gr-...@googlegroups.com.

Aby wyświetlić tę dyskusję w internecie, odwiedź stronę https://groups.google.com/d/msgid/gr-gsm/76bc0d31-1342-42f8-a468-a0ad562078df%40googlegroups.com.

[Mamoon Ali]

dear sir,
 

1.  my project is GSM call interception.(using rti-sdr in kali rolling 2016)

2.  i have intercepted SMS in a unencrypted network.

3.  i am able to get the caller's no. in a voice call through the call set up packet in wireshark.

4.  i am able to see the assignment command in SDCCH8 channel(LAPDm protocol),in which i am getting the TCH and timeslot no. of the downlink ch.

5.  but i am unable to extract voice from it.

6.  command used is (to intercept voice)

      grgsm_decode -c /root/gr-gsm/apps/project/capture88.cfile -s 1000000 -f 939.5e6 -m TCHF -t 1 -d FR -o /tmp/speech91.au.gsm
 

 7.   but sir its not working. is speech codec and output file parameters correct?

8.   and sir, in encrypted mobilenetwork i am not getting the CHANGE TO CIPHERING MODE message. why?

9.   looking forward for your guidance .plzz reply.

 

                                                                                     best regards

                                                                                     Mamoon

[David kaibeka]

Hello Mamoon,

Did you succeed in decoding the voice.  I am having a similar situation and your advise on how you got it to work will help.

Thanks,
David