GSM Hacking Pentester Guide
GSM is an ancient technology and nowadays is totally insecure, many countries are removing GSM infrastructure and reusing the frequencies for 5G and other transmissions technologies. Here I will explain the most common public attacks against GSM networks using cheap hardware.
SS7 attacks and attacks using Rogue BTSs are not in scope. (for now…)
what hardware is necessary to capture GSM downstream packets and decrypt SMS and Voice traffic on specific channel. First the hardware is described with a few technical details, then is necessary to understand how the spectrum works and what frequencies we need to use in our own country.
After we know what frequency and downstream channel we want monitor we will capture live data on specific channel and decrypt traffic channel and at the end I will explain how to crack A5/1 encryption using rainbow tables.
GSM SIM Cards
GSM Mobile Station
Capture BTS Broadcast Unencrypted Data
Decrypt SMS Data
Decrypt Voice Channel
GSM A5/1 Decryption
git clone git://git.srlabs.de/kraken
GSM IMSI Catchers