GSM Decoding Part One: Hardware/Software Setup And Finding GSM Base Stations With 'grgsm_scanner'

Ever since I associated an email address with my YouTube channel back in February of this year, I have been inundated with emails requesting help with decoding GSM data and questions about the usage of gr-gsm.

So in response to this, I thought I would put together a four or five part video tutorial series on how exactly GSM cellular data is decoded in Linux with the gr-gsm software suite, starting with how to find GSM base transceiver stations (More commonly known as cell towers) with an application called 'grgsm_scanner'.

But before we delve into the usage of the GSM cell scanning feature of gr-gsm, I go through the software and hardware requirements which will enable you to to be able to decode GSM cellular data.

I need to make a distinction between decoding and decrypting here. There is plenty of unencrypted data that can be viewed on GSM control channels. But generally, private mobile subscriber data such as voice calls, SMS messages and GPRS data are sent over encrypted traffic channels.

Unless you know the encryption key (known as the 'Kc' value) gr-gsm will not allow you to arbitrarily listen to voice traffic or read SMS messages, unless the cellular carrier doesn't enable encryption on their network (Very rare in the current day, I would imagine) Some older phones tell you the Kc encryption key via a special 'engineering screen' and you can decrypt your own traffic for experimentation purposes.

If the 'Kc' value is not known to you previously, the method of obtaining it is called 'cracking'. I have done plenty of videos on that topic in the past and it is beyond the scope of this video. This instructional series will be a very basic tutorial on how to use the most commonly known features of gr-gsm and get your started in the world of GSM decoding. So please don't comment "bro how to get kc with gr-gsm" because it is not possible!

Stay tuned for part 2 in the coming days, which will cover the usage of 'grgsm_livemon' and it's role in decoding a GSM base stations control channel in real time.

Thanks for watching!