EDIT: Please see my latest GSM cracking video that showcases a more streamlined workflow and eliminates the requirement of Airprobe!    • Not Sentenced To Prison Yet? Cracking...  

My GSM cracking content has been getting quite a lot of attention lately. Previous videos of mine relating to this topic were only boring screen recordings with no real explanation on what steps are required to crack the A5/1 stream cipher and decrypt GSM traffic by obtaining the Kc value.

I was bored one day and decided to present a livestyle workflow of how hackers and security researchers 'crack' 2G cellular communications in realtime. Be warned that if you don't have an interest in cryptography or cellular network security, you might find this video rather boring.

The GSM capture file used in this video, to my knowledge, has never been publicly cracked before. 'capture_941.8M_112.cfile' was recorded and uploaded with permission by the owner of the data themselves as a decoding example for testing Airprobe.

I make a few mistakes in the video that I can't be bothered editing out. But they are not critical, just myself misreading a number at the 10 minute mark somewhere, and saying the wrong name of a software tool at 17 minutes.

Additionally, l am not a GSM technology engineer, nor a cryptography expert. I do my best to explain these concepts in a simple and easy to understand way. But due to my limited knowledge of these subjects, it's possible that some of this information may be incorrect or lacking context.

However, this video will still allow you to crack a real GSM capture file if you are able to follow along with my flipflopping style of presentation. Haha. But please, only replicate this tutorial on GSM data that originated from YOUR OWN mobile phone. Do not attempt to decrypt private telecommunications from any other cellular subscriber, EVER.

Thanks for watching!

Archive Download (GSM capture file, cracking notes etc.)
https://drive.google.com/file/d/1yeMo...



LAUNCH WIRESHARK:

sudo wireshark k Y '!icmp && gsmtap' i lo


AIRPROBE DECODING USAGE:

cd /home/username/airprobe/gsmreceiver/src/python

sudo ./go.sh capture_941.8M_112.cfile 112 0B

sudo ./go.sh capture_941.8M_112.cfile 112 1S & bursts.txt
(put a greaterthan symbol after the '&')


XOR.PY USAGE:

cd /home/username/kraken/Utilities/

./xor.py 000000011111010101010000100000010001010111010101000010100001010001111101010001000010000000000101110101010100000010 100011101110001001000110001101001001111100001001010110010011000010101111111010010011101101110000100110100111000111


KRAKEN USAGE:

cd kraken/Kraken

sudo ./kraken ../indexes/

crack 100011110001011100010110101101011000101011011100010100110010010011010010101011010001101101110101010011110011000101


FIND_KC USAGE:

cd /home/username/kraken/Utilities/

./find_kc 10931293685685996799x 11 2580567 2580534 100101111101011101100011100001001101001010111110000011110101110000010010011100000100001000100010111110010101100000


AIRPROBE DECYPTION USAGE:

sudo ./go.sh capture_941.8M_112.cfile 112 1S 10A29FC292C8D7EF

A (VERY STRONG) DISCLAIMER:
THIS VIDEO WAS MADE FOR THE PURPOSES OF EDUCATION AND EXPERIMENTATION ONLY. IMSICATCHING, SMSSNIFFING AND VOICE CALL INTERCEPTION ON CELLULAR NETWORKS IS ILLEGAL AND PUNISHABLE BY HEFTY FINES AND IMPRISONMENT!