IMSI-catcher: Realtime Extracter for GMS Data, IMSI Numbers and more Info of Cellphones around you
 |
| Picture from t17lab |
This program shows you IMSI numbers, country, brand and operator of cellphones around you.
/!\ This program was made to understand how GSM network work. Not for bad hacking ! :)
What you need: One computer, one USB DVB-T key (RTL2832U) with antenna (less than 15$) or a OsmocomBB phone or HackRF.
Install IMSI-catcher:
For Ubuntu
For Debian: Download IMSI-catcher
1, Download and extract IMSI-catcher from here.
2, Open IMSI-catcher-master folderand open Terminal in that folder.
3, Enter this commands: sudo apt install python-numpy python-scipy python-scapy
For Debian Testing and Ubuntu 18.04+: Read Installation - gr-gsm - Open Source Mobile Communications
If gr-gsm failled to setup. Try this:
Details in: Installation · ptrkrysik/gr-gsm Wiki · GitHub
Run ISMI-catcher:
1, Open 2 terminals in IMSI-catcher-master folder (You can download it here).
2, In terminal 1, enter sudo python simple_IMSI-catcher.py --sniff. In terminal 2, enter grgsm_scanner search a frequency to listen.
3, Next, ask grgsm_livemon to use one of these frequencies:
grgsm_livemon -f
Example: grgsm_livemon -f 938.2M
It should start producing output like :
15 06 21 00 01 f0 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b
25 06 21 00 05 f4 f8 68 03 26 23 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b
49 06 1b 95 cc 02 f8 02 01 9c c8 03 1e 57 a5 01 79 00 00 1c 13 2b 2b
...
You can change the frequency if you want.
Optional for IMSI-catcher
Information about the cell tower: sudo python find_cell_id.py
Get immediate assignment: sudo python immediate_assignment_catcher.py
Find frequencies
You can either use the grgsm_scanner program from gr-gsm mentioned above, or fetch the kalibrate-hackrf tool like this:
Run: gitkernel@hilda:-$ kal -s GSM900
kal: Scanning for GSM-900 base stations.
GSM-900:
chan: 14 (937.8MHz + 10.449kHz) power: 3327428.82
chan: 15 (938.0MHz + 4.662kHz) power: 3190712.41
...
Links
* International Mobile Subscriber Identity — Wikipédia.
* Setup of Gr-Gsm: Installation · ptrkrysik/gr-gsm Wiki · GitHub.
kal: Scanning for GSM-900 base stations.
GSM-900:
chan: 14 (937.8MHz + 10.449kHz) power: 3327428.82
chan: 15 (938.0MHz + 4.662kHz) power: 3190712.41
...
Links
* International Mobile Subscriber Identity — Wikipédia.
* Setup of Gr-Gsm: Installation · ptrkrysik/gr-gsm Wiki · GitHub.
* Frequency: GSM World Coverage Map- GSM Country List by frequency bands and Global System for Mobile Communications — Wikipédia.
* Mobile Network Code: Mobile country code - Wikipedia.
* Scapy: Welcome to Scapy’s documentation! — Scapy 2.4.0-dev documentation.
* Realtek RTL2832U: Rtl-sdr - rtl-sdr - Open Source Mobile Communications and rtl2832u [Wiki ubuntu-fr] and rtl-sdr [Wiki ubuntu-fr].
How to make a simple $7 IMSI Catcher?
* Mobile Network Code: Mobile country code - Wikipedia.
* Scapy: Welcome to Scapy’s documentation! — Scapy 2.4.0-dev documentation.
* Realtek RTL2832U: Rtl-sdr - rtl-sdr - Open Source Mobile Communications and rtl2832u [Wiki ubuntu-fr] and rtl-sdr [Wiki ubuntu-fr].
How to make a simple $7 IMSI Catcher?
