DragonOS FocalX Cellular Security Research + IMSI Capture w/ LTESniffer (X310, srsRAN) part 3
The purpose of this video is to support security and analysis research on cellular networks. It's also created from an educational perspective to help learn more about cellular networks in ...general by means of a controlled lab environment and software defined radios. Privacy is respected at all times and any use of this tool or software defined radios in general is on the user to follow all local regulations.
LTESniffer is now included in the latest DragonOS FocalX ISO, but it can also be installed to current DragonOS FocalX systems by using the following PPA.
https://github.com/alphafox02/focalx_ppa
To learn more about LTESniffer please see the following project page
https://github.com/SysSec-KAIST/LTESniffer
In this 3rd and most expensive video I've ever done in terms of hardware (thanks to all those who donated the hardware), we take a look at setting up the same srsRAN network w/ PinePhone attached, but this time the Ettus X310 with 2x Ubx-160 daughterboards is used to run the LTESniffer Security API mode set to three. This utilizes both radios to sniff the downlink and uplink at the same time.
Spectran's RTSA Pro software w/ the SpectranV6 also makes a short appearance when I use it to have a look at the srsRAN downlink.
https://aaronia.com/software/rtsa-suite/
Once LTESniffer is ran we can see that it's capable of identifying the PinePhone's IMSI passively once it turns on and connects to the srsRAN network. I think this is incredible as it's the only working open source solution that I know of that's capable of passively identifying such information. While IMSI's on LTE networks are rare to show themselves, so I hear, it's still important to understand the security implications of an exposed IMSI. I guess a recommendation based on observation is to try and limit turning on/off your phone when you’re stationary.
If you find this video helpful consider the following,
Follow @cemaxecuter on Twitter for more DragonOS and SDR info.
Become a patron @ https://www.patreon.com/cemaxecuter[+] Show More
LTESniffer is now included in the latest DragonOS FocalX ISO, but it can also be installed to current DragonOS FocalX systems by using the following PPA.
https://github.com/alphafox02/focalx_ppa
To learn more about LTESniffer please see the following project page
https://github.com/SysSec-KAIST/LTESniffer
In this 3rd and most expensive video I've ever done in terms of hardware (thanks to all those who donated the hardware), we take a look at setting up the same srsRAN network w/ PinePhone attached, but this time the Ettus X310 with 2x Ubx-160 daughterboards is used to run the LTESniffer Security API mode set to three. This utilizes both radios to sniff the downlink and uplink at the same time.
Spectran's RTSA Pro software w/ the SpectranV6 also makes a short appearance when I use it to have a look at the srsRAN downlink.
https://aaronia.com/software/rtsa-suite/
Once LTESniffer is ran we can see that it's capable of identifying the PinePhone's IMSI passively once it turns on and connects to the srsRAN network. I think this is incredible as it's the only working open source solution that I know of that's capable of passively identifying such information. While IMSI's on LTE networks are rare to show themselves, so I hear, it's still important to understand the security implications of an exposed IMSI. I guess a recommendation based on observation is to try and limit turning on/off your phone when you’re stationary.
If you find this video helpful consider the following,
Follow @cemaxecuter on Twitter for more DragonOS and SDR info.
Become a patron @ https://www.patreon.com/cemaxecuter[+] Show More
DragonOS FocalX Cellular Security Research + IMSI Capture w/ LTESniffer (X310, srsRAN) part 3
The purpose of this video is to support security and analysis research ...
DragonOS FocalX Cellular Security Research w/ LTESniffer (ANTSDR E200, B205mini, PinePhone) part 2
The purpose of this video is to support security and analysis research ...
DragonOS FocalX Cellular Security Research w/ LTESniffer (srsRan, LimeSDR, B205mini) part 1
The purpose of this video is to support security and analysis research ...
DragonOS FocalX Running OpenWiFi + Kismet on ANTSDR (E200, MicroPhase)
Here's how to flash and setup the AntSDR E200 ...
DragonOS Pi64 CalypsoBTS w/ C118, RustDesk, and Kalibrate-RTL (RTLSDR, Motorola, Pi4)
This video takes another look at CalypsoBTS, this time running on a ...
DragonOS FocalX Hunt Fake eNodeBs w/ Crocodile Hunter + AntSDR E200 (OpenCellid/Wigle API, GPS)
It's 2023 and Crocodile Hunter is still working w/ Wigle and ...
DragonOS FocalX Config/Operate Cell Base Stations w/ Promother Project GUI (ANTSDR E200)
This video covers how to setup the Promother Project, which is labeled ...
DragonOS FocalX GPSD w/ Remote Kismet Wi-Fi Survey (Python-Kismet-Metagpsd, Alfa, BU-353S4)
This video explains how to use several tools included in DragonOS in ...
DragonOS FocalX RedHawk Domain Manager Setup w/ Remote RTLSDR Client (RTLSDR v3, Docker)
"REDHAWK is a software-defined radio (SDR) framework designed to ...
DragonOS FocalX OTA Upgrades + Decode WSPR w/ SparkSDR (SDRPlay RSP1A)
Here's some good news, there's now a way to upgrade currently ...
DragonOS FocalX SDRAngel Quick Fix for GPS + Heat Map Setup (RTLSDR)
This custom built .so file was built by one of the SDRAngel developers ...
DragonOS FocalX Generate RF Heat Maps w/ Aaronia RTSA Pro + Spectran V6 (2000X, BU353-S4)
This video shows how to setup DragonOS FocalX w/ USB GPS, Spectran V6, ...
1
of 20