GSM Sniffing: A Full YouTube Tutorial
Over on YouTube user Crazy Danish Hacker has been working on uploading an entire series on GSM Sniffing with an RTL-SDR. His series is explained in a slow and clear presenting style, and it starts at the very beginning from installing the RTL-SDR. The tutorial series is not yet complete, however he is uploading a new video almost daily. Presumably the series will end with showing you how to receive text messages and voice calls originating from your own cellphone.
So far he has shown how to install the RTL-SDR, identify GSM downlinks, install and use GQRX and kalibrate, locate nearby cell towers, install and use GR-GSM and how to extract the TMSI & KC keys from your cell phone. To obtain the TMSI & KC keys he shows us how to use an Android tool called usbswitcher which forces the phone to use its USB modem interface, from which the keys can be obtained.
The video below shows his teaser video on the series. Check out his GSM playlist to view the full series.
Thanks a lot for featuring me on RTL-SDR.com 🙂 I’m definitely planning on releasing videos showing how to decode and decrypt SMS and Voice next. In the case of voice calls, there are a few hiccups (frequency hopping over ~7MHz), but the process of decoding voice calls will nonetheless be shown.
In the near future, I’ll get a BladeRF to deal with frequency hopping and do other cool SDR hacks.
More GSM Sniffing videos are planned at the moment, as I’ve obtained a mobile device that prefers to talk A5/1.