We aim to develop open-source GSM sniffer as presented on 29C3, including multichannel hardware sniffer “brmbora”, optimized keystream guesser “napalmex” (peaking at 99% success rate on insecure networks and with approx. 50% success rate even on secured networks), own A5/1 cracker “deka” and a fancy GUI. This is very WIP. Basically, we have a prototype of a $400 affordable 8-channel sniffer capable of monitoring several BTSs at once, we can crack recorded .dat files (send us some!) and currently we are working on an OpenCL A5/1 cracker. You can see the project architecture on the image below and download some source and CAD files.
The project is currently in the active stage.
Current tarbal containing various script and modifications is here:
This tarball is provided “as is”, poor coding quality guranteed, etc, etc.
This shield is used in combination with FT4232HQMiniModule to attach 4 Motorola C series GSM phones to computer using 4 serial connections.
When assembled, it should look somehow like this:
Basic idea is to put multiple (8) phones into 3,5“ HDD box. Only one usb cable as interface.