广岛秋泽
TA的个人档案
个人介绍
暂无个人介绍
擅长的技术
- 高分内容
- 最新动态
- 文章
- 问答
-
发表了文章 2017-07-29
SIMTRACE环境搭建
搭建simtrace环境 工具环境搭建 仅作参考,具有时效性,请以官方文档为准。 跨平台编译工具arm-elf 参考链接:https://osmocom.org/projects/baseband/wiki/GnuArmToolchain 新建三个目录 mkdir build src install 安装依赖 sudo apt-get install build-essential libgmp3-dev libmpfr-dev libx11-6 libx11-dev texinfo flex bison libncurses5 libncurses5-dbg libncurses5-dev libncursesw5 libncursesw5-dbg libncursesw5-dev zlibc zlib1g-dev libmpfr4 libmpc-dev 将文件夹中 binutils-2.21.1a.tar.bz2,gcc-4.5.2.tar.bz2,newlib-1.19.0.tar.gz 放在src中 脚本工具gnu-arm-build.2.sh 放在当前目录,执行 gnu-arm-build.2.sh $bash gnu-arm-build.2.sh 目录结构如下: 报错处理: 先卸载 texinfo (apt remove texinfo) 安装低版本texinfo dpkg –i texinfo_4.13a.dfsg.1-8ubuntu2_amd64.deb 再运行./gnu-arm-build.2.sh 编译库文件libosmocore 参考链接:https://osmocom.org/projects/libosmocore/wiki/Libosmocore 安装依赖 sudo apt-get install build-essential libtool libtalloc-dev shtool autoconf automake git-core pkg-config make gcc libpcsclite-dev git clone git://git.osmocom.org/libosmocore.git cd libosmocore/ autoreconf -i ./configure make sudo make install sudo ldconfig -i cd .. 安装pc客户端simtrace 参考链接:https://osmocom.org/projects/simtrace/wiki/SIMtrace 下载simtrace源码 git clone git://git.osmocom.org/simtrace.git 依赖 $sudo apt-get install libusb-1.0-0-dev cd simtrace/host/ make 编译simtrace 固件 参考链接:https://osmocom.org/projects/simtrace/wiki/SIMtrace_Firmware 下载源码及编译 (osmocom最新修改的openpcd源码无法正常使用,其头文件中结构体变量声明类型有误,或者是交叉编译工具版本较旧(uint8_t/ u_int8_t 两个定义),使用旧的可编译通过的源码,openpcd.zip) 源码修改链接:http://git.osmocom.org/openpcd/commit/?id=373c172ab858102e1818c8476ab1a2b290685cda 在交叉编译工具中的头文件( #include ) 源代码中最近一次修改是将所有文件中的数据类型u_int8_t、u_int16_t全部修改为uint8_t、uint16_t,但是使用的交叉编译工具(arm-elf-gcc)中的对该数据类型的定义为u_int8_t、u_int16_t。这导致新代码编译出错。 git clone git://git.osmocom.org/openpcd.git cd openpcd/firmware 设置环境变量(arm-elf-gcc所在目录) exportPATH = PATH:/home/mtq/simtrace/arm-elf-toolchain/install/bin make -f Makefile.dfu BOARD=SIMTRACE make BOARD=SIMTRACE DEBUG=1 TARGET=main_simtrace cat dfu.bin main_simtrace.bin > main_simtrace.samba cd ../.. 其中生成的文件 dfu.bin -- the sam7dfu 2nd level bootloader. It implements the USB DFU (Device Firmware Upgrade) profile. main_simtrace.bin -- the actual simtrace program. To be loaded via DFU, using dfu-util. main_simtrace.samba -- sam7dfu + simtrace image. to be loaded via SAM-BA, using sam7utils (see below). 两种给板子刷固件的方法 1.DFU模式 该模式是在固件可用下,需要升级固件时使用 安装工具 sudo apt-get install dfu-util 刷固件 sudo dfu-util -d 16c0:0762 -a0 -D ./main_simtrace.bin –R 2.SAM-BA 该模式用于板子固件丢失,需要重新刷入底层固件 wget http://www.openpcd.org/dl/sam7utils-0.2.1-bm.tar.bz2(该链接已经失效) tar xf sam7utils-*.tar.bz2 cd sam7utils ./configure –prefix=/usr/local make AM_CFLAGS=”” 编译生成工具,将板子进入SAM-BA模式
-
发表了文章 2017-04-13
LimeSDR Getting Started Quickly | LimeSDR上手指南
0x00 概览 LimeSDR部分特性: USB 3.0 ; 4 x Tx 发射天线接口 6 x Rx 接收天线接口; 可用于Wi-Fi, GSM, UMTS, LTE, LoRa, Bluetooth, Zigbee, RFID等开发测试环境中。 RTL电视棒、HackRF、BladeRF、USRP、LimeSDR参数对比表: HackRF One的价格,性能参数却能跟BladeRF甚至USRP媲美! LimeSDR核心组件: 先上几张特写: 主板长10cm,算上USB接口11.5cm: 主板宽5.7cm: 相对于HackRF、BladeRF、USRP这三款主流SDR硬件(USRP mini除外),体积已经很小巧了。LimeSDR其体积实测只有一个iPhone5s的体积大小! 当插上USB供电后,除了上图显示的两颗绿色LED灯,还有一颗一闪一闪的红色LED灯也在工作。 接下来将分一键快速安装和源码编译安装来使用LimeSDR硬件,推荐使用源码编译安装。 0x01 Mac OSX 1.1 搭建开发环境 Mac OSX当中强烈推荐通过Mac Port 搭建SDR环境,配合源码编译达到最佳效果。 1.通过AppStore安装Xcode https://itunes.apple.com/cn/app/xcode/id497799835?mt=12 2.下载安装 XQuartz/X11 http://xquartz.macosforge.org/landing 3.下载安装 MacPorts https://trac.macports.org/wiki/InstallingMacPorts sudo port search sdr sudo port install rtl-sdr hackrf bladeRF uhd gnuradio gqrx gr-osmosdr gr-fosphor 完成之后便可从GayHub上clone源码并进行编译安装。 1.2 源码编译LimeSuite git clone https://github.com/myriadrf/LimeSuite.git cd LimeSuite mkdir builddir && cd builddir cmake ../ make -j4 sudo make install 1.3 源码编译UHD驱动&&增加UHD对LimeSDR的支持 jocover基于UHD给LimeSDR开发了LimeSDR的驱动支持OpenUSRP,把LimeSDR来模拟成USRP B210来使用。 git clone https://github.com/EttusResearch/uhd.git cd uhd/host/lib/usrp git clone https://github.com/jocover/OpenUSRP.git echo "INCLUDE_SUBDIRECTORY(OpenUSRP)">>CMakeLists.txt mkdir build && cd build cmake .. make -j4 sudo make install 1.4 添加环境变量 echo 'export UHD_MODULE_PATH=/usr/lib/uhd/modules' >> ~/.bashrc 如果用的是iTerm2+zsh则执行: echo 'export UHD_MODULE_PATH=/usr/lib/uhd/modules' >> ~/.zshrc 1.5 检测LimeSDR模拟USRP是否成功: LimeSDR模拟成USRP B210之后最终的效果跟USRP是一样的: uhd_find_devices uhd_usrp_probe Mac OS; Clang version 8.1.0 (clang-802.0.38); Boost_105900; UHD_003.010.001.001-MacPorts-Release Using OpenUSRP [WARNING] Gateware version mismatch! Expected gateware version 2, revision 8 But found version 2, revision 6 Follow the FW and FPGA upgrade instructions: http://wiki.myriadrf.org/Lime_Suite#Flashing_images Or run update on the command line: LimeUtil --update [INFO] Estimated reference clock 30.7195 MHz [INFO] Selected reference clock 30.720 MHz [INFO] LMS7002M cache /Users/cn0xroot/.limesuite/LMS7002M_cache_values.db MCU algorithm time: 10 ms MCU Ref. clock: 30.72 MHz MCU algorithm time: 163 ms MCU algorithm time: 1 ms MCU Ref. clock: 30.72 MHz MCU algorithm time: 104 ms MCU algorithm time: 1 ms MCU Ref. clock: 30.72 MHz MCU algorithm time: 167 ms MCU algorithm time: 1 ms MCU Ref. clock: 30.72 MHz MCU algorithm time: 104 ms _____________________________________________________ / | Device: B-Series Device | _____________________________________________________ | / | | Mboard: B210 | | revision: 4 | | product: 2 | | serial: 243381F | | FW Version: 3 | | FPGA Version: 2.6 | | | | Time sources: none, internal, external | | Clock sources: internal, external | | Sensors: ref_locked | | _____________________________________________________ | | / | | | RX DSP: 0 | | | | | | Freq range: -10.000 to 10.000 MHz | | _____________________________________________________ | | / | | | RX DSP: 1 | | | | | | Freq range: -10.000 to 10.000 MHz | | _____________________________________________________ | | / | | | RX Dboard: A | | | _____________________________________________________ | | | / | | | | RX Frontend: A | | | | Name: FE-RX1 | | | | Antennas: TX/RX, RX2 | | | | Sensors: temp, lo_locked, rssi | | | | Freq range: 30.000 to 3800.000 MHz | | | | Gain range PGA: 0.0 to 76.0 step 1.0 dB | | | | Bandwidth range: 1000000.0 to 60000000.0 step 1.0 Hz | | | | Connection Type: IQ | | | | Uses LO offset: No | | | _____________________________________________________ | | | / | | | | RX Frontend: B | | | | Name: FE-RX2 | | | | Antennas: TX/RX, RX2 | | | | Sensors: temp, lo_locked, rssi | | | | Freq range: 30.000 to 3800.000 MHz | | | | Gain range PGA: 0.0 to 76.0 step 1.0 dB | | | | Bandwidth range: 1000000.0 to 60000000.0 step 1.0 Hz | | | | Connection Type: IQ | | | | Uses LO offset: No | | | _____________________________________________________ | | | / | | | | RX Codec: A | | | | Name: B210 RX dual ADC | | | | Gain Elements: None | | _____________________________________________________ | | / | | | TX DSP: 0 | | | | | | Freq range: -10.000 to 10.000 MHz | | _____________________________________________________ | | / | | | TX DSP: 1 | | | | | | Freq range: -10.000 to 10.000 MHz | | _____________________________________________________ | | / | | | TX Dboard: A | | | _____________________________________________________ | | | / | | | | TX Frontend: A | | | | Name: FE-TX1 | | | | Antennas: TX/RX | | | | Sensors: temp, lo_locked | | | | Freq range: 30.000 to 3800.000 MHz | | | | Gain range PGA: 0.0 to 89.8 step 0.2 dB | | | | Bandwidth range: 800000.0 to 60000000.0 step 1.0 Hz | | | | Connection Type: IQ | | | | Uses LO offset: No | | | _____________________________________________________ | | | / | | | | TX Frontend: B | | | | Name: FE-TX2 | | | | Antennas: TX/RX | | | | Sensors: temp, lo_locked | | | | Freq range: 30.000 to 3800.000 MHz | | | | Gain range PGA: 0.0 to 89.8 step 0.2 dB | | | | Bandwidth range: 800000.0 to 60000000.0 step 1.0 Hz | | | | Connection Type: IQ | | | | Uses LO offset: No | | | _____________________________________________________ | | | / | | | | TX Codec: A | | | | Name: B210 RX dual ADC | | | | Gain Elements: None ~ 1.6 捕获遥控信号 osmocom_fft -F -f 315e6 -s 2e6 0x02 Ubuntu 2.1 更新软件包 sudo add-apt-repository -y ppa:myriadrf/drivers sudo apt-get update apt-cache search sdr 2.2 安装SDR常用软件: sudo apt-get update sudo apt-get install git sudo apt-get install python-pip pip install --upgrade pip pip install git+https://github.com/gnuradio/pybombs.git pybombs recipes add gr-recipes git+https://github.com/gnuradio/gr-recipes.git pybombs recipes add gr-etcetera git+https://github.com/gnuradio/gr-etcetera.git pybombs prefix init /usr/local -a myprefix -R gnuradio-default pybombs install gqrx gr-osmosdr uhd 2.3 安装Lime_Suite所需依赖包 #packages for soapysdr available at myriadrf PPA sudo add-apt-repository -y ppa:myriadrf/drivers sudo apt-get update #install core library and build dependencies sudo apt-get install git g++ cmake libsqlite3-dev #install hardware support dependencies sudo apt-get install libsoapysdr-dev libi2c-dev libusb-1.0-0-dev #install graphics dependencies sudo apt-get install libwxgtk3.0-dev freeglut3-dev 接下来的源码编译过程与在OSX下源码编译过程一样: 2.4 源码编译LimeSuite git clone https://github.com/myriadrf/LimeSuite.git cd LimeSuite mkdir builddir && cd builddir cmake ../ make -j4 sudo make install 执行LimeSuiteGUI启动LimeSDR的软件图形化界面: 2.5 源码编译UHD驱动&&增加UHD对LimeSDR的支持 源码编译UHD+OpenUSRP git clone https://github.com/EttusResearch/uhd.git cd uhd/host/lib/usrp git clone https://github.com/jocover/OpenUSRP.git echo "INCLUDE_SUBDIRECTORY(OpenUSRP)">>CMakeLists.txt cd ../../ mkdir build && cd build cmake .. make -j4 sudo make install sudo ldconfig 2.6 添加环境变量 echo 'export UHD_MODULE_PATH=/usr/lib/uhd/modules' >> ~/.bashrc 2.7 GNURadio使用测试 wget http://www.0xroot.cn/SDR/signal-record.grc gnuradio-companion signal-record.grc 0x03 Reference http://www.cnx-software.com/2016/04/29/limesdr-open-source-hardware-software-defined-radio-goes-for-199-and-up-crowdfunding/ https://wiki.myriadrf.org/Lime_Suite http://linuxgizmos.com/open-source-sdr-sbc-runs-snappy-ubuntu-on-cyclone-v/
-
发表了文章 2017-04-12
Getting started with 3G | ip.access nano3G+OpenBSC+Osmocom-bb Part 1
English Version could be find at Osmocom.org https://osmocom.org/projects/cellular-infrastructure/wiki/Accelerate3g5_--_unicornteam 0x01环境搭建 PC:Ubuntu16.04 HardWare:ip.access nano3G SoftWare:Osmocom 1.1 安装交叉编译环境 sudo apt-get update sudo apt-get install libtool shtool autoconf git-core pkg-config make gcc build-essential libgmp3-dev libmpfr-dev libx11-6 libx11-dev texinfo flex bison libncurses5 libncurses5-dbg libusb-0.1-4 libpcsclite1 libccid pcscd libncurses5-dev libncursesw5 libncursesw5-dbg libncursesw5-dev zlibc zlib1g-dev libmpfr4 libmpc-dev libpcsclite-dev sudo ldconfig mkdir osm cd osm mkdir build install src wget http://bb.osmocom.org/trac/raw-attachment/wiki/GnuArmToolchain/gnu-arm-build.3.sh cd src wget http://ftp.gnu.org/gnu/gcc/gcc-4.8.2/gcc-4.8.2.tar.bz2 wget http://ftp.gnu.org/gnu/binutils/binutils-2.21.1a.tar.bz2 wget ftp://sources.redhat.com/pub/newlib/newlib-1.19.0.tar.gz cd .. chmod +x gnu-arm-build.3.sh sudo bash gnu-arm-build.3.sh 1.2 设置交叉编译环境变量 cd install/bin pwd vi ~/./.bashrc export PATH=$PATH:/home/$username(change this to your name)/osm/install/bin #save and quit source ~/.bashrc 0x02 源码编译CalypsoBTS 2.1 编译libosmo-dsp git clone git://git.osmocom.org/libosmo-dsp.git cd libosmo-dsp/ autoreconf -i ./configure make sudo make install cd .. 2.2 编译osmocom-bb git clone git://git.osmocom.org/osmocom-bb.git trx cd trx/ git checkout jolly/testing cd src/ # 需要 TX 功能支持 # 取消target/firmware/Makefile代码中'CFLAGS += -DCONFIG_TX_ENABLE' 前边的注释 # 并在make时启用transceiver功能支持 make HOST_layer23_CONFARGS=--enable-transceiver 2.3 安装依赖包 sudo apt-get install sqlite3 libdbi-dev libdbd-sqlite3 libsctp-dev 2.4 编译 Ortp wget http://download.savannah.gnu.org/releases/linphone/ortp/sources/ortp-0.22.0.tar.gz tar -xvf ortp-0.22.0.tar.gz cd ortp-0.22.0/ ./configure make sudo make install sudo ldconfig cd .. 2.5 编译libosmo-abis git clone git://git.osmocom.org/libosmo-abis.git cd libosmo-abis autoreconf -i ./configure make sudo make install sudo ldconfig cd .. 2.6 编译libosmo-netif git clone git://git.osmocom.org/libosmo-netif.git cd libosmo-netif/ autoreconf -i ./configure make sudo make install sudo ldconfig cd .. 2.7 编译openbsc 编译Openbsc时需用到PCAP库文件,编译前先搜索&安装依赖包: apt-cache search PCAP sudo pat-get install libpcap-dev libpcap0.8 libpcap0.8-dbg libpcap0.8-dev sudo ldconfig git clone git://git.osmocom.org/openbsc.git cd openbsc/openbsc/ autoreconf -i ./configure make sudo make install cd ../.. git clone git://git.osmocom.org/openbsc.git cd openbsc/openbsc/ autoreconf -i ./configure make sudo make install cd ../.. 2.8 编译osmo-bts git clone git://git.osmocom.org/osmo-bts.git cd osmo-bts autoreconf -i ./configure --enable-trx make sudo make install cd .. 2.9 创建OpenBSC配置文件 #如果配置文件不存在需要先创建 Create the configuration folder if it isn't exist yet mkdir ~/.osmocom cd ~/.osmocom touch ~/.osmocom/open-bsc.cfg touch ~/.osmocom/osmo-bts.cfg 0x03 源码编译Cellular Infrastructure 3.1 克隆源码 git clone git://git.osmocom.org/libosmocore git clone git://git.osmocom.org/libosmo-abis git clone git://git.osmocom.org/openbsc git clone git://git.osmocom.org/libosmo-netif git clone git://git.osmocom.org/libosmo-sccp git clone git://git.osmocom.org/libsmpp34 git clone git://git.osmocom.org/openggsn 3.2 下载&执行自动编译脚本 wget https://osmocom.org/attachments/download/2438/build_2G.sh chmod 777 build_2G.sh sudo bash build_2G.sh 0x04 配置OpenBSC 4.1 启动BTS 终端1: osmo-nitb -c ~/.osmocom/open-bsc.cfg -l ~/.osmocom/hlr.sqlite3 -P -C --debug=DRLL:DCC:DMM:DRR:DRSL:DNM 终端2: telnet localhost 4242 4.2 配置IP PC IP:192.168.31.147 (通过WiFi连接) 路由器 IP:192.168.31.1 3G Access Point IP:未知 方法1:进入路由后台,查找3G Access Point IP 方法2:通过abissip-find找到3G Access Point IP cd openbsc/openbsc/src/ipaccess #or cd openbsc/openbsc/build-2G/src/ipaccess sudo ./abisip-find 4.3 Telnet连入3G Access Point telnet 3G Access Point's IP 8090 4.4 SSH连入 ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 root@192.168.31.136 password:newsys ipaccess-config init3@0xroot:~/osm/openbsc/openbsc/src/ipaccess$ ./ipaccess-config --help ipaccess-config (C) 2009-2010 by Harald Welte and others This is FREE SOFTWARE with ABSOLUTELY NO WARRANTY Usage: ipaccess-config IP_OF_BTS Commands for writing to the BTS: -u --unit-id UNIT_ID Set the Unit ID of the BTS -o --oml-ip IP Set primary OML IP (IP of your BSC) -i --ip-address IP/MASK Set static IP address + netmask of BTS -g --ip-gateway IP Set static IP gateway of BTS -r --restart Restart the BTS (after other operations) -n --nvram-flags FLAGS/MASK Set NVRAM attributes -S --nvattr-set FLAG Set one additional NVRAM attribute -U --nvattr-unset FLAG Set one additional NVRAM attribute -l --listen TESTNR Perform specified test number -L --Listen TEST_NAME Perform specified test -s --stream-id ID Set the IPA Stream Identifier for OML -d --software FIRMWARE Download firmware into BTS Miscellaneous commands: -h --help this text -H --HELP Print parameter details. -f --firmware FIRMWARE Provide firmware information -w --write-firmware This will dump the firmware parts to the filesystem. Use with -f. -p --loop Loop the tests executed with the --listen command. ipaccess-proxy init3@0xroot:~/osm/openbsc/openbsc/src/ipaccess$ ./ipaccess-proxy --help Usage: ipaccess-proxy [options] ipaccess-proxy is a proxy BTS. -h --help. This help text. -l --listen IP. The ip to listen to. -b --bsc IP. The BSC IP address. -g --gprs IP. Take GPRS NS from that IP. -s --disable-color. Disable the color inside the logging message. -e --log-level number. Set the global loglevel. -T --timestamp. Prefix every log message with a timestamp. -V --version. Print the version of OpenBSC. 0x05 Reference https://osmocom.org/projects/cellular-infrastructure/wiki/Build_from_Sourcehttp://osmocom.org/projects/baseband/wiki/CalypsoBTShttps://osmocom.org/projects/cellular-infrastructure/wiki/Getting_Started_with_3Ghttps://osmocom.org/projects/osmocscn/wiki/Osmocom_3G_-_Getting_Started/3https://osmocom.org/projects/cellular-infrastructure/wiki/Configuring_the_ipaccess_nano3G
-
发表了文章 2016-12-31
Moto C118 基于 Osmocom-BB 和 OpenBTS 搭建小型GSM短信基站
此文章PDF文档下载地址:点击下载 0x00 写在前面 大家应该都听说过摩托罗拉C118配合Osmocom-BB实现GSM网络下的短信拦截功能吧,在14年左右新出了一种玩法就是Osmocom-BB的sylvain/testing分支固件可以配合OpenBTS,,借助周围信号强度较大的ARFCN伪造出一个新的基站信号。不过由于摩托罗拉C118的问题,无法实现语音通话功能只可以发送短信(默认只可以发送英文短信,修改源码可以实现发送中文短信) 以下内容将会指导你怎样用Osmocom-bb兼容的手机(如c115,c118,c123等)当作OpenBTS的无线收发机. 0x01 环境 已顺利编译运行过Osmocombb的可继续往下看,否则请参考官方链接或优秀文章 首先安装libosmo-dsp库 先下载 $ git clone git://git.osmocom.org/libosmo-dsp.git 编译前需要安装fftw3 $ apt-get install libfftw3-3 libfftw3-dev libfftw3-doc 然后编译 $ cd libosmo-dsp $ autoreconf -i $ ./configure $ make $ make install 0x02 Osmocom-BB 采用sylvain/testing分支(具体可看WIKI) 先下载 $ git clone git://git.osmocom.org/osmocom-bb.git 再切换分支编译 $ cd osmocom-bb $ git checkout sylvain/testing 默认编译出的版本发送信号相关的功能是被注释掉的,用mobile启动layer23后会一直于搜信号的过程中,因为无法发送信号。 如果需要进行实网测试需要打开src/target/firmware/Makefile文件中的编译开关 把osmocom-bb/src/target/firmware下的Makefile中的DCONFIG_TX_ENABLE宏打开: # Uncomment this line if you want to enable Tx (Transmit) Support. #CFLAGS += -DCONFIG_TX_ENABLE 然后到src目录下编译 $ cd src make HOST_layer23_CONFARGS=--enable-transceiver 0x03 OpenBTS 这里使用的OpenBTS的版本是OpenBts-p2.8(嫌手动编译麻烦的可以找我要DEB安装的教程),首先安装依赖 $ sudo apt-get install autoconf libtool libosip2-dev libortp-dev libusb-1.0-0-dev g++ sqlite3 libsqlite3-dev erlang libreadline6-dev libncurses5-dev 下载源码 $ svn co http://wush.net/svn/range/software/public(svn版本必须 <= 1.7) 然后编译安装(有不懂的可以前往WIKI查看详细资料) $ cd a53/trunk $ make install $ cd openbts/trunk $ autoreconf -i $ ./configure $ make $ mkdir /etc/OpenBTS $ sqlite3 -init ./apps/OpenBTS.example.sql /etc/OpenBTS/OpenBTS.db ".quit" $ mkdir -p /var/lib/asterisk/sqlite3dir $ cd subscriberRegistry/trunk $ make $ sqlite3 -init subscriberRegistry.example.sql /etc/OpenBTS/sipauthserve.db ".quit" $ cd smqueue/trunk $ autoreconf -i $ ./configure $ make $ sqlite3 -init smqueue/smqueue.example.sql /etc/OpenBTS/smqueue.db ".quit" 安装OpenBTS后按照WIKI的说明配置/etc/OpenBTS/OpenBTS.db $ apt-get install sqlite3 sqliteman(ubuntu系统安装,Kali自带sqlitebrowser无需安装) 然后在终端内输入sqliteman启动软件,打开/etc/OpenBTS/目录下的OpenBTS.db文件 Control.GSMTAP.TargetIP = 127.0.0.1 GSM.Radio.NeedBSIC = 1 GSM.Radio.Band = 900 GSM.CellSelection.Neighbors =(留空) GSM.RACH.MaxRetrans = 3 GSM.RACH.TxInteger = 8 GSM.Radio.C0 = (发射的频点,数值1-124之间) Control.LUR.OpenRegistration =.* 0x04 刷入固件 用osmocon程序将trx.compalram.bin刷入手机 命令 $ sudo ./osmocon -p /dev/ttyUSB0 -m c123xor ../../target/firmware/board/compal_e88/trx.compalram.bin 0x05 开始执行 到OpenBTS/apps目录下,将transceiver重命名为transceiver.bak新建脚本文件transceiver内容如下 #!/bin/bash exec <your path to osmocom-bb>/src/host/layer23/src/transceiver/transceiver <ARFCN> <your path to osmocom-bb>替换成你自己的路径,<ARFCN>替换成附近信号最强的ARFCN号 赋予执行权限 chmod +x transceiver 然后开4个终端窗口分别执行 $ cd openbts/trunk/apps $ ./OpenBTS $ cd subscriberRegistry/trunk $ ./sipauthserve(开启注册服务) $ cd smqueue/trunk/smqueue/ $ ./smqueue(开启短信功能) $ cd openbts/trunk/apps $ ./OpenBTSCLI(打开OpenBTS控制台) 如果一切运行顺利打开手机进入 设置-移动网络-网络运营商 即可看到我们创建的基站 在OpenBTSCLI的终端窗口可以输入 help 查看命令帮助 输入 tmsis 可以查看当前基站用户的IMSI 输入 sendsms IMSI 电话号码 短信内容 即可发送任意显示号码的短信 0x06 结语 一入GSM深似海,作者不是学通信的,只是业余爱好,第一次写文章投稿,文中不免纰漏和不妥之处,有任何建议或意见欢迎留言! 0x07参考资料 http://osmocom.org/projects/baseband/wiki/Transceiverhttps://wush.net/trac/rangepublic/wiki/BuildInstallRunhttps://wush.net/trac/rangepublic/wiki/DebOpenBTShttp://bb.osmocom.org/trac/blog/PHD2012http://www.h-online.com/open/news/item/29C3-Budget-mobile-turns-into-GSM-base-station-1775204.htmlhttp://blog.0x7678.com/2014/03/osmocombbopenbtsgsmcalypso.html 0x08效果演示 http://www.cnblogs.com/k1two2/p/5176030.html(此文章中含视频演示)
-
发表了文章 2016-11-08
Python学习之运算符
Python运算符 算术运算符 运算符 描述 + 相加 - 相减 * 相乘 / 相除 % 取模 ** 幂 // 整除 比较运算符 运算符 描述 == 等于 != 不等于 <> 不等于 > 大于 < 小于 >= 大于或等于 <= 小于或等于 赋值运算符 运算符 描述 = 赋值 += a += b 等价于 a = a + b -= a -= b 等价于 a = a - b *= a *= b 等价于 a = a * b /= a /= b 等价于 a = a / b %= a %= b 等价于 a = a % b **= a **= b 等价于 a = a ** b //= a //= b 等价于 a = a // b 逻辑运算符 运算符 描述 and 与关系,类似于C++的&& or 或关系,类似于C++的|| not 非,类似于C++的! 成员运算符 运算符 描述 in 在指定容器中找到返回True,否则返回False not in 在指定容器中未找到返回True,否则返回False 身份运算符 运算符 描述 is 两个变量引用自同一个对象则返回True not is 两个变量不是引用自同一个对象返回True 位运算符 运算符 描述 & 与运算 | 或运算 ^ 异或运算 ~ 取反运算 << 左移运算 >> 右移运算
滑动查看更多
暂无更多信息
-
发表了文章
2015-05-29
利用烧鹅制作简单BadUSB,插谁谁怀孕
-
发表了文章
2015-05-29
KeySweeper 微软无线键盘嗅探装置
-
发表了文章
2015-05-30
Motorola C118修改滤波器组件
-
发表了文章
2015-06-07
Kali Linux更新源以及设置中文
-
发表了文章
2015-06-08
将PS/2接口鼠标改造成USB接口鼠标
-
发表了文章
2015-06-09
《头文字D》热门同人插画欣赏
-
发表了文章
2015-06-12
一张图让你理清渗透思路
-
发表了文章
2015-06-22
Nexus设备渗透测试平台 – Kali Linux NetHunter
-
发表了文章
2015-06-30
几种开源许可证的区别
-
发表了文章
2015-06-30
12个有趣的 XSS Vector
-
发表了文章
2015-07-15
TV-B-Gone Kit - Universal v1.2
-
发表了文章
2015-07-27
强大的安卓手机远程管理工具 – Droidjack
-
发表了文章
2015-08-05
一张图让你学会Python
-
发表了文章
2015-08-26
逆向路由器固件之解包 Part1
-
发表了文章
2015-08-28
逆向路由器固件之敏感信息泄露 Part2
-
发表了文章
2015-09-01
逆向路由器固件之SQL注入 Part3
-
发表了文章
2015-09-18
玩转树莓派:OpenHAB的入门(一)
-
发表了文章
2015-10-07
Motorola C118 PCB原理高清图
-
发表了文章
2015-10-21
Osmocom-bb系统编译
-
发表了文章
2015-11-06
封装定制的Kali Live ISO
滑动查看更多
暂无更多信息