[Gsmmap] Trouble triggering snoopsnitch
brindle at quarksecurity.com
Mon Nov 28 15:37:17 CET 2016
Yes, pcap is attached.
Luca Melette wrote:
> Hi Joshua,
> The logic that detects rejected location updates should work for both
> GSM and UMTS.
> I can imagine a single case that would stay under the radar, that is,
> if a mobile already sends the IMSI in the LUR message and the network
> then rejects it.
> Would you be able to collect a pcap and share it via mail?
>> I am attempting to trigger an alert on Snoopsnitch 1.0.1. It is
>> running on a Nexus 5 running CM and seems to be working (runs
>> analysis, can run active test).
>> The phone is running with a valid SIM card and connects to its normal
>> network fine.
>> I an running OpenBTS-UMTS into a Ramsey box. I put the phone in the
>> box and run OpenBTS and when the phone tries to connect I see the
>> IMSI when the authentication fails (so I successfully caught the
>> IMSI) but nothing in Snoopsnitch ever triggers.
>> Is this expected to trigger it? If not, why not? Is there a more
>> efficient way to show it working?
>> Thank you.
>> Gsmmap mailing list
>> Gsmmap at lists.srlabs.de
> Gsmmap mailing list
> Gsmmap at lists.srlabs.de
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 26864 bytes
Desc: not available
More information about the Gsmmap