The Long Awaited Osmocom-BB Tutorial (Part 3): GSMTK - The Final Piece Of The Puzzle!

Regular viewers of my channel will know that I am a huge fan of the Osmocom-BB toolset. In this video, I thought I would throw together a tutorial on how exactly Osmocom-BB is used in the context of hobbyist GSM security research.

In part three today, I showcase the usage of GSMTK and how it can be used to converge all the hardware and software of Osmocom-BB, so that a functional amateur hobbyist GSM security research tool can be constructed. Firstly, I document all the hardware and software required, and then I show a complete installation and configuration of GSMTK and it's dependencies. Lastly, I show my viewers the practical usage of this tool with a complete GSM decoding workflow.

This will conclude my series of Osmocom-BB tutorial videos. If you would like to learn more about this awesome software project, go and checkout my other videos on the subject in this playlist:    • Osmocom-BB   You can also find parts 1 and 2 of this instructional video series in this playlist:    • OsmocomBB How-To  

This video (and channel) wouldn't be possible without the amazing Linux distribution, DragonOS FocalX. Friend of the channel, Aaron from the ‪@cemaxecuter7783‬ YouTube channel works far too hard to provide this incredible Linux distro for us, free of charge. So please, go and subscribe to his channel, like his videos and follow him on Twitter/X!

Thanks for reading and watching!


DOWNLOADS:

Gsmtk:
https://drive.google.com/file/d/1Du1l...

Burst Files:
https://drive.google.com/file/d/1oGJn...


LINKS

Virus Total Scan Report:
https://www.virustotal.com/gui/file/f...


COMMANDS:

sudo apt-get install tshark -y

perl -MCPAN -e shell

install DBD::SQLite

sudo add-apt-repository -y ppa:linuxgndu/sqlitebrowser

sudo apt-get install sqlitebrowser -y

cp -r -v ~/gsmtk/.omgsm ~/.omgsm

sudo iptables -A INPUT -p UDP --dport 4729 -j DROP

sudo ip6tables -A INPUT -p UDP --dport 4729 -j DROP

sudo leafpad ~/.bashrc

export PATH=$PATH:/home/username/gsmtk/bin

mkdir tktest

cd tktest

tkinit.sh

tkadd.sh

tkgenstat.pl -u -s . -o stat.db

sqlitebrowser -R ~/tktest/keys.db

sqlitebrowser -R ~/tktest/stat.db

[Replace the 2x '▓' with a 'greater than' symbol]
sudo tshark -i lo -Y "gsm_a.dtap.msg_cc_type" -V 2▓&1 | sed 's/^[ \t]*//;s/[ \t]*$//' 2▓&1 | grep "DTAP Call Control Message Type:"

[Replace the 2x '▓' with a 'greater than' symbol]
sudo tshark -i lo -Y "gsm_sms" -V 2▓&1 | sed 's/^[ \t]*//;s/[ \t]*$//' 2▓&1 | grep "SMS text:"

sudo wireshark -k -Y '!icmp && gsmtap' -i lo

tkplay.sh

tkconvert -h

tkconvert -4 -d -f ~/tktest/new/bursts_20230302_1332_0_2215354_0a.dat


SOFTWARE:

- DragonOS LTS Final 18.04
- VMWare Workstation 15.5.6
- GSMTK
- Wireshark/TShark
- DB Browser for SQLite


A (VERY STRONG) DISCLAIMER:
THIS VIDEO WAS MADE FOR THE PURPOSES OF EDUCATION AND EXPERIMENTATION ONLY. IMSI-CATCHING, SMS-SNIFFING AND VOICE CALL INTERCEPTION ON CELLULAR NETWORKS IS ILLEGAL AND PUNISHABLE BY HEFTY FINES AND IMPRISONMENT!