IMSI-catcher is a tool that can help you find the IMSI number, country, brand and operator of nearby mobile phones.
The equipment you need
A PC
1 USB DVB-T key (RTL2832U) with antenna (approximately less than $15), or an OsmocomBB mobile phone and a HackRF device.
Set up
git clone https://github.com/Oros42/IMSI-catcher.git
# or wget https://github.com/Oros42/IMSI-catcher/archive/master.zip && unzip -q master.zip
sudo apt install python-numpy python-scipy python-scapyFor the installation of Debian Testing (10) and Ubuntu 18.04+ gr-gsm, please refer to: https://osmocom.org/projects/gr-gsm/wiki/Installation
The installation commands for older versions of Debian and Ubuntu are as follows:
sudo add-apt-repository -y ppa:ptrkrysik/gr-gsm
sudo apt update
sudo apt install gr-gsmIf gr-gsm setting fails, please refer to: https://github.com/ptrkrysik/gr-gsm/wiki/Installation for setting.
Debian: https://tracker.debian.org/pkg/gr-gsm
run
Use old version of gr-gsm
Open 2 terminals.
Enter in terminal 1:
sudo python simple_IMSI-catcher.py --sniffYou can add the -h parameter to display the available options.
In terminal 2, search frequency:
grgsm_scannerUse grgsm_livemon command to sniff the frequency you found:
grgsm_livemon -f <your_frequency>ME.g:
grgsm_livemon -f 938.2MAfter running, it should produce output similar to the following:
15 06 21 00 01 f0 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b
25 06 21 00 05 f4 f8 68 03 26 23 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b
49 06 1b 95 cc 02 f8 02 01 9c c8 03 1e 57 a5 01 79 00 00 1c 13 2b 2b
...You can change different frequencies according to your needs.
gr-gsm >= 0.41.2-1
Similarly, open 2 terminals.
Enter in terminal 1:
python simple_IMSI-catcher.pyYou can add the -h parameter to display the available options.
Enter in terminal 2:
python scan-and-livemonThis process may take several minutes. Because, it needs to run grgsm_scanner to find nearby base stations and request grgsm_livemon_headless to receive signals.
Or find the frequency of nearby base stations first.
grgsm_scannerNext, use the grgsm_livemon command to sniff the frequencies you found:
grgsm_livemon -f <your_frequency>ME.g:
grgsm_livemon -f 938.2MAfter running, it should produce output similar to the following:
15 06 21 00 01 f0 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b
25 06 21 00 05 f4 f8 68 03 26 23 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b
49 06 1b 95 cc 02 f8 02 01 9c c8 03 1e 57 a5 01 79 00 00 1c 13 2b 2b
...You can change different frequencies according to your needs.
After completing the above operations, the next thing we need to do is to wait for the result. In about a minute or so, we can see the IMSI number in terminal 1. If nothing appears after one minute, then please change your frequency.
Related documentation: https://fr.wikipedia.org/wiki/Global_System_for_Mobile_Communications
For example, the frequency in France is: 9.288e+08 Bouygues
View the captured packets:
sudo wireshark -k -Y '!icmp && gsmtap' -i lo
Optional
Get information about the signal tower:
sudo python find_cell_id.pyObtain Immediate Assignment signaling:
sudo python immediate_assignment_catcher.py
Find frequency
In addition to using the grgsm_scanner mentioned above to find the frequency, you can also use a tool like kalibrate-hackrf to find:
sudo apt-get install automake autoconf libhackrf-dev
git clone https://github.com/scateu/kalibrate-hackrf
cd kalibrate-hackrf/
./bootstrap
./configure
make
sudo make installrun
kal -s GSM900kal: Scanning for GSM-900 base stations.
GSM-900:
chan: 14 (937.8MHz + 10.449kHz) power: 3327428.82
chan: 15 (938.0MHz + 4.662kHz) power: 3190712.41Reference materials:
Gr-Gsm Set up:https://github.com/ptrkrysik/gr-gsm/wiki/Installation
frequency:http://www.worldtimezone.com/gsm.html(https://fr.wikipedia.org/wiki/Global_System_for_Mobile_Communications)
MNC:https://en.wikipedia.org/wiki/Mobile_Network_Code
Scapy:http://secdev.org/projects/scapy/doc/usage.html
IMSI:https://fr.wikipedia.org/wiki/IMSI
Realtek RTL2832U:https://osmocom.org/projects/sdr/wiki/rtl-sdr(http://doc.ubuntu-fr.org/rtl2832u)http://doc.ubuntu-fr.org/rtl-sdr
Reviews
There are no reviews yet.