GSM decoding with Nokia 3310 phoneGsmdecode is used to decode the gsm messages from the gammu trace log and a Nokia DCT3 mobile phone. Nokia used a simple remote logging facility for debugging their DCT3 firmwares remotely, but apparently forgot to remove this when going into production. So you can enable it back with a special software described below. Hardware needed
 Software needed In Linux (for instance Ubuntu) we need to install gammu (from console): sudo apt-get install gammu sudo apt-get install dialog Then we need to setup gammu: gammu-config Sometimes gammu-config doesn't work correctly and switches model and connection, so we must edit ~/.gammurc file: nano ~/.gammurc File must have the following content: [gammu] port = /dev/ttyS0 model = 6110 connection = mbus synchronizetime = yes logfile = logformat = nothing use_locking = yes gammuloc = Then we create subdirectory for data files... mkdir ~/GSM cd ~/GSM ...and either download and install Wireshark 1.1.2 or later http://www.wireshark.org
...or alternatively use gsmdecode; download source code of gsmdecode-0.7bis.tar.gz (direct download here cd gsmdecode-0.7bis/ sudo apt-get install gcc g++ cpp gpp make automake ./configure make all According to THC wiki, gsmdecode has:
Now we need file nhm5_587.txt which helps us decode trace types and save it to GSM subdirectory. File was found here:
However, you cah simply download file here: How to connect the hardware We need to open Nokia mobile phone, take out the battery, insert SIM card, insert battery into cable and then connect cable to the mobile phone. The other part of the cable should be connected to computer (COM port - /dev/ttyS0), or we use USB to serial converter for instance USB-serial DB09 Aten (then we have emulated serial port under Linux - /dev/ttyUSB0).
Now we can switch on the mobile phone and start recording trace log.  Logging the tracelog Please note that this step could be leggaly problematic, so I did not run the following code, however, there are some traces available on the internet: cd ~/GSM gammu --nokiadebug nhm5_587.txt v20-25,v18-19 Viewing the tracelog in Wireshark The files can be loaded directly by Wireshark 1.1.2 or later: wireshark ~/GSM/out.xml Decoding the tracelog Simple decoding (output is printed on screen): ~/GSM/gsmdecode-0.7bis/src/gsmdecode -x <~/GSM/out.xml If you are interested in the BCCH messages (BCCH - Broadcast Control Channel carries a repeating pattern of system information messages that describe the identity, configuration and available features of the BTS (Base transceiver station), run gsmdecode with the -i command. These messages also provide a list of ARFCN's used by neighboring BTS's. Printed out is BBis LAPDm frame format, Immediate Assignment, etc. ~/GSM/gsmdecode-0.7bis/src/gsmdecode -i <~/GSM/out.xml List of "catched" IMSI numbers with frequency of IMSI number in tracelog: Please note that this is theory only, because I did not run the tracelog command: ~/GSM/gsmdecode-0.7bis/src/gsmdecode -x <~/GSM/out.xml | grep 7/odd | awk '{ print $5 }' | sort | uniq -c
Someone could do tracelog while driwing (wardriving) and collect Local Area Codea which could be printed out: Please note that this is theory only, because I did not run the tracelog command: ~/GSM/gsmdecode-0.7bis/src/gsmdecode -x <out.xml | grep "Local Area Code" | awk '{ print $3 }'
Possible bugs 1) The 3390b was not supported in gammu until today. The nokiadebug command would quit without an error. See this bug 2) I'm currently receiving a segmentation fault (gammu 1.25.92) after making phone calls. If I add a "break;" after case 0x22 and case 0x23 in gammu/depend/nokia/dct3trac/wmx.c it is possible to prevent the crash from happening. It seems to be related to decoding SIM commands. Here is the bug report Sample traces See sample traces in XML format in an attachments below. Sample traces are from old website.
注:TraceLOG(原文出处,翻译整理仅供参考!) |
|
|
