RUB-SysSec/mobile_sentinel

Stars
187
Rank 205,315 (Top 5 %)
Language
Python
License
GNU General Publi...
Created about 4 years ago
Updated over 3 years ago

RUB-SysSec/mobile_sentinel

RUB-SysSec

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Mobile Sentinel

Mobile Sentinel is an Android App that allows you to detect vulnerabilities in deployed LTE and (future) 5G networks. With the current release, Mobile Sentinel focuses on the detection of the ReVoLTE vulnerability (www.revolte-attack.net). Mobile Sentinel requires a Qualcomm based Android phone with root access as it builds upon the Qualcomm's mdlog tool.

The application includes:

An automized test run to detect the ReVoLTE vulnerability
A logging view to capture cellular traffic (currently RRC only) and view protocol messages in-app
Writing the captured traffic into PCAP files
Upload function of logs to an http server (under development)

Installation

Download the latest APK build from here and install it directly on the device.

adb install MobileSentinel.apk

Alternatively, the app can be installed directly from the device's file system.

Settings

Configure Log Upload Setting: This setting allows you to change the behavior for uploading the log files to the server. Options:
- Ask for Upload: Will ask after each test run if you would upload the data (Default).
- Never Upload: Will never upload the logs.
- Always Upload: Will always upload the logs.
Change Call Number: This setting allows you to change the phone number that is called for testing. Important note: there may be a risk of expense. Default number is a german phone number.

Build instructions

You can build the application from source as well however, you will need a Chaquopy SDK license to be able to deploy the app outside of Android Studio.

Requirements

Rooted Android Phone with a Qualcomm Baseband
The phone AND the used SIM Card must support VoLTE
Currently requires minimum Android Pie (9.0)

Make sure to grant Superuser rights to the application and accept the requested permissions, as the application will not work without.

Tested Devices

Xiaomi Mi A3 (Android 9.0)
One Plus 6T (Android 9.0)
Xiaomi Mix 3 5G (Android 9.0)

Used Libraries

Mobile Sentinel uses the following libraries:

Known Bugs

Some phones with a Qualcomm baseband do not allow extracting cellular network traffic from the DIAG interface

DroneSecurity

DroneSecurity (NDSS 2023)

kAFL

Code for the USENIX 2017 paper: kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels

redqueen

OMEN

OMEN: Ordered Markov ENumerator - Password Guesser

Microcode

Microcode Updates for the USENIX 2017 paper: Reverse Engineering x86 Processor Microcode

syntia

Program synthesis based deobfuscation framework for the USENIX 2017 paper "Syntia: Synthesizing the Semantics of Obfuscated Code"

nyx-net

Nyx

USENIX 2021 - Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types

ijon

GANDCTAnalysis

Code for the ICML 2020 paper: Leveraging Frequency Analysis for Deep Fake Image Recognition.

nautilus

a grammar based feedback fuzzer

aurora

Usenix Security 2021 - AURORA: Statistical Crash Analysis for Automated Root Cause Explanation

grimoire

loki

Hardening code obfuscation against automated attacks

Password-Guessing-Framework

A Framework for Comparing Password Guessing Strategies

Marx

Uncovering Class Hierarchies in C++ Programs

antifuzz

AntiFuzz: Impeding Fuzzing Audits of Binary Executables

EthBMC

The code repository for the 2020 Usenix Security paper "EthBMC: A Bounded Model Checker for Smart Contracts"

WaveFake

NEMO

Modeling Password Guessability Using Markov Models

SiemensS7-Bootloader

Client utility for Siemens S7 bootloader special access feature

gadget_synthesis

Esorics 2021 - Towards Automating Code-Reuse Attacks Using Synthesized Gadget Chains

EvilCoder

Code for the paper EvilCoder: Automated Bug Insertion at ACSAC 2016

JIT-Picker

cupid

Cupid: Automatic Fuzzer Selection for Collaborative Fuzzing

Probfuscator

An Obfuscation Approach using Probabilistic Control Flows

Hypercube

NDSS 2020 - HYPER-CUBE: High-Dimensional Hypervisor Fuzzing

ijon-data

PrimGen

ACSAC 2018 paper: Towards Automated Generation of Exploitation Primitives for Web Browsers

adversarial-papers

DroneSecurity-Fuzzer

DroneSecurity Fuzzer (NDSS 2023)

dompteur

we-value-your-privacy

Results and data from the paper "We Value Your Privacy ... Now Take Some Cookies: Measuring the GDPR’s Impact on Web Privacy"

VPS

VTable Pointer Separation

WindowsVTV

MinGW for 32bit with Vtable pointer verification (VTV)

APC

Android (Unlock) Pattern Classifier

nyx-net-profuzzbench

PriDi

xTag-mtalloc

SUCI-artifacts

some PCAPs and logs

ASSS

Application-Specific Software Stacks

xTag

MiddleboxProtocolStudy

Auxiliary material for NDSS'20 paper: On Using Application-Layer Middlebox Protocols for Peeking Behind NAT Gateways

Password-Strength-Meter-Accuracy

Measuring the Accuracy of Password Strength Meters

uninformed-consent

Repo for material related to the CCS 2019 paper, "(Un)informed Consent: Studying GDPR Consent Notices in the Field"

be-the-phisher

Code related to the study presented in "Be the Phisher - Understanding Users’ Perception of Malicious Domains" @ AsiaCCS 2020

Jupyter Notebook

symtegrity

Code for the DIMVA 2018 paper "On the Weaknesses of Function Table Randomization"

MastersOfTime

libXSGS

Implementation of Delerablée and Pointcheval's eXtremely Short Group Signatures (XSGS)

xTag-llvm

MachineCodeTimings

tropyhunter

GDPR-fines

Supplemental Material for the PETS 2022 Paper "Investigating GDPR Fines in the Light of Data Flows"

Jupyter Notebook

GeneratedMediaSurvey

Jupyter Notebook