GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → Oros42 → Imsi Catcher

Oros42 / Imsi Catcher

Licence: cc0-1.0
This program show you IMSI numbers of cellphones around you.

Programming Languages

python
139335 projects - #7 most used programming language
Dockerfile
14818 projects

Labels

rtl-sdrgsmhackrffrequencyimsi-catchercellphonesosmocombbgr-gsmimsi-numbers

Projects that are alternatives of or similar to Imsi Catcher

Soapy power
Obtain power spectrum from SoapySDR devices (RTL-SDR, Airspy, SDRplay, HackRF, bladeRF, USRP, LimeSDR, etc.)
Stars: ✭ 88 (-96%)
Mutual labels:  rtl-sdr, hackrf
RFMap
RFMap - Radio Frequency Mapper
Stars: ✭ 23 (-98.95%)
Mutual labels:  rtl-sdr, gsm
urh
Universal Radio Hacker: Investigate Wireless Protocols Like A Boss
Stars: ✭ 9,060 (+312.19%)
Mutual labels:  rtl-sdr, hackrf
SDR-Detector
GSM Scanner, RTL-SDR, StingWatch, Meteor
Stars: ✭ 56 (-97.45%)
Mutual labels:  rtl-sdr, gsm
Qspectrumanalyzer
Spectrum analyzer for multiple SDR platforms (PyQtGraph based GUI for soapy_power, hackrf_sweep, rtl_power, rx_power and other backends)
Stars: ✭ 677 (-69.2%)
Mutual labels:  rtl-sdr, hackrf
Gqrx
Software defined radio receiver powered by GNU Radio and Qt.
Stars: ✭ 1,934 (-12.01%)
Mutual labels:  rtl-sdr, hackrf
gqrx
Software defined radio receiver powered by GNU Radio and Qt.
Stars: ✭ 2,345 (+6.69%)
Mutual labels:  rtl-sdr, hackrf
gsm-assessment-toolkit
GSM Assessment Toolkit - A security evaluation framework for GSM networks
Stars: ✭ 60 (-97.27%)
Mutual labels:  gsm, gr-gsm
Easy Sdr
This project is about creation of affordable and easy-to-manufacture prototypes of PCBs which are used to expand the capabilities of existing low-cost SDR receivers based on RTL2832U chip.
Stars: ✭ 275 (-87.49%)
Mutual labels:  rtl-sdr, hackrf
Sdrangel
SDR Rx/Tx software for Airspy, Airspy HF+, BladeRF, HackRF, LimeSDR, PlutoSDR, RTL-SDR, SDRplay RSP1 and FunCube
Stars: ✭ 1,058 (-51.87%)
Mutual labels:  rtl-sdr, hackrf
Frequensea
Visualizing the frequency spectrum.
Stars: ✭ 127 (-94.22%)
Mutual labels:  rtl-sdr, hackrf
R2cloud
Decode satellite signals on Raspberry PI or any other 64-bit intel.
Stars: ✭ 125 (-94.31%)
Mutual labels:  rtl-sdr
Readsb
Readsb is a Mode-S/ADSB/TIS decoder for RTLSDR, BladeRF, Modes-Beast and GNS5894 devices.
Stars: ✭ 91 (-95.86%)
Mutual labels:  rtl-sdr
Wavesdr
macOS native desktop Software Defined Radio app
Stars: ✭ 144 (-93.45%)
Mutual labels:  rtl-sdr
Adsb Out
📶 1090ES ADS-B Out Add-on
Stars: ✭ 74 (-96.63%)
Mutual labels:  hackrf
Awesome Cellular Hacking
Awesome-Cellular-Hacking
Stars: ✭ 1,827 (-16.88%)
Mutual labels:  gsm
Libosmocore
Mirrored from git://git.osmocom.org/libosmocore
Stars: ✭ 62 (-97.18%)
Mutual labels:  gsm
Gr Adsb
GNU Radio OOT module for demodulating and decoding ADS-B packets
Stars: ✭ 61 (-97.22%)
Mutual labels:  hackrf
Pysdr
A guide for using Python as a software-defined radio (SDR) framework, for extremely rapid development of SDR apps/research with beautiful GUIs
Stars: ✭ 60 (-97.27%)
Mutual labels:  rtl-sdr
Esp32 Pppos Example
Example of using ESP32 with GSM modem and lwip+pppos
Stars: ✭ 145 (-93.4%)
Mutual labels:  gsm
View All Similar Projects ➔

IMSI-catcher

This program shows you IMSI numbers, country, brand and operator of cellphones around you.

/!\ This program was made to understand how GSM network work. Not for bad hacking !

screenshot0

What you need

1 PC with Gnu/Linux. Tested with :

  • debian 10
  • Ubuntu 20.04/LinuxMint 20+
  • Kali 2020+

1 SDR receiver. Tested with :

Setup

git clone https://github.com/Oros42/IMSI-catcher.git
cd IMSI-catcher

or

wget https://github.com/Oros42/IMSI-catcher/archive/master.zip && unzip -q master.zip
cd IMSI-catcher-master
sudo apt install python3-numpy python3-scipy python3-scapy

Warning : don't use python 3.9 (ctypes bug)!

You have the choice with 2 types of gr-gsm's install : in your OS or with docker.

Install gr-gsm in your OS (recommended)

sudo apt-get install -y \
    cmake \
    autoconf \
    libtool \
    pkg-config \
    build-essential \
    python-docutils \
    libcppunit-dev \
    swig \
    doxygen \
    liblog4cpp5-dev \
    gnuradio-dev \
    gr-osmosdr \
    libosmocore-dev \
    liborc-0.4-dev \
    swig
gnuradio-config-info -v

if >= 3.8

git clone -b maint-3.8 https://github.com/velichkov/gr-gsm.git

else (3.7)

git clone https://git.osmocom.org/gr-gsm
cd gr-gsm
mkdir build
cd build
cmake ..
make -j 4
sudo make install
sudo ldconfig
echo 'export PYTHONPATH=/usr/local/lib/python3/dist-packages/:$PYTHONPATH' >> ~/.bashrc

Install gr-gsm with Docker

docker pull atomicpowerman/imsi-catcher
docker run -ti --net=host -e DISPLAY=$DISPLAY --privileged -v /dev/bus/usb:/dev/bus/usb  atomicpowerman/imsi-catcher bash

TODO : fix DISPLAY error
Run all grgsm_* in this docker.

Usage

We use grgsm_livemon to decode GSM signals and simple_IMSI-catcher.py to find IMSIs.

python3 simple_IMSI-catcher.py -h
Usage: simple_IMSI-catcher.py: [options]

Options:
  -h, --help            show this help message and exit
  -a, --alltmsi         Show TMSI who haven't got IMSI (default  : false)
  -i IFACE, --iface=IFACE
                        Interface (default : lo)
  -m IMSI, --imsi=IMSI  IMSI to track (default : None, Example:
                        123456789101112 or "123 45 6789101112")
  -p PORT, --port=PORT  Port (default : 4729)
  -s, --sniff           sniff on interface instead of listening on port
                        (require root/suid access)
  -w SQLITE, --sqlite=SQLITE
                        Save observed IMSI values to specified SQLite file
  -t TXT, --txt=TXT     Save observed IMSI values to specified TXT file
  -z, --mysql           Save observed IMSI values to specified MYSQL DB (copy
                        .env.dist to .env and edit it)

Open 2 terminals.

In terminal 1

sudo python3 simple_IMSI-catcher.py -s

In terminal 2

grgsm_livemon

Now, change the frequency until it display, in terminal, something like that :

15 06 21 00 01 f0 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b
25 06 21 00 05 f4 f8 68 03 26 23 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b
49 06 1b 95 cc 02 f8 02 01 9c c8 03 1e 57 a5 01 79 00 00 1c 13 2b 2b

Wireshark

You can watch GSM packets with wireshark.

sudo apt install wireshark
sudo wireshark -k -Y '!icmp && gsmtap' -i lo

Find frequencies

grgsm_scanner
ARFCN:  974, Freq:  925.0M, CID:     2, LAC:   1337, MCC: 208, MNC:  20, Pwr: -41
ARFCN:  976, Freq:  925.4M, CID:  4242, LAC:   1007, MCC: 208, MNC:  20, Pwr: -45

Now, you can set the frequency for grgsm_livemon :

grgsm_livemon -f 925.4M

Or, for hackrf, fetch the kalibrate-hackrf tool like this:

sudo apt-get install automake autoconf libhackrf-dev
git clone https://github.com/scateu/kalibrate-hackrf
cd kalibrate-hackrf/
./bootstrap
./configure
make
sudo make install

Run

kal -s GSM900
kal: Scanning for GSM-900 base stations.
GSM-900:
	chan:   14 (937.8MHz + 10.449kHz)	power: 3327428.82
	chan:   15 (938.0MHz + 4.662kHz)	power: 3190712.41
...

Log data in mysql

Use db-example.sql to create your DB.

cp .env.dist .env
nano .env
# set your config
sudo apt install python-decouple python3-mysqldb
sudo python3 simple_IMSI-catcher.py -s --mysql

scan-and-livemon (no longer used)

Scan frequencies and listen the 1st found :
In terminal 1

python3 scan-and-livemon

In terminal 2

python3 simple_IMSI-catcher.py

Links

Setup of Gr-Gsm : https://osmocom.org/projects/gr-gsm/wiki/Installation and https://github.com/velichkov/gr-gsm
Frequency : http://www.worldtimezone.com/gsm.html and https://fr.wikipedia.org/wiki/Global_System_for_Mobile_Communications
Mobile Network Code : https://en.wikipedia.org/wiki/Mobile_Network_Code
Scapy : http://secdev.org/projects/scapy/doc/usage.html
IMSI : https://fr.wikipedia.org/wiki/IMSI
Realtek RTL2832U : https://osmocom.org/projects/sdr/wiki/rtl-sdr and http://doc.ubuntu-fr.org/rtl2832u and http://doc.ubuntu-fr.org/rtl-sdr

Donate

To support my work, a tipee would be nice ;-)
https://liberapay.com/Oros/

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].