• Stars
    star
    187
  • Rank 206,464 (Top 5 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created over 4 years ago
  • Updated over 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Mobile Sentinel

Mobile Sentinel is an Android App that allows you to detect vulnerabilities in deployed LTE and (future) 5G networks. With the current release, Mobile Sentinel focuses on the detection of the ReVoLTE vulnerability (www.revolte-attack.net). Mobile Sentinel requires a Qualcomm based Android phone with root access as it builds upon the Qualcomm's mdlog tool.

The application includes:

  • An automized test run to detect the ReVoLTE vulnerability
  • A logging view to capture cellular traffic (currently RRC only) and view protocol messages in-app
  • Writing the captured traffic into PCAP files
  • Upload function of logs to an http server (under development)

Installation

Download the latest APK build from here and install it directly on the device.

adb install MobileSentinel.apk

Alternatively, the app can be installed directly from the device's file system.

Settings

  • Configure Log Upload Setting: This setting allows you to change the behavior for uploading the log files to the server. Options:
    • Ask for Upload: Will ask after each test run if you would upload the data (Default).
    • Never Upload: Will never upload the logs.
    • Always Upload: Will always upload the logs.
  • Change Call Number: This setting allows you to change the phone number that is called for testing. Important note: there may be a risk of expense. Default number is a german phone number.

Build instructions

You can build the application from source as well however, you will need a Chaquopy SDK license to be able to deploy the app outside of Android Studio.

Requirements

  • Rooted Android Phone with a Qualcomm Baseband
  • The phone AND the used SIM Card must support VoLTE
  • Currently requires minimum Android Pie (9.0)

Make sure to grant Superuser rights to the application and accept the requested permissions, as the application will not work without.

Tested Devices

  • Xiaomi Mi A3 (Android 9.0)
  • One Plus 6T (Android 9.0)
  • Xiaomi Mix 3 5G (Android 9.0)

Used Libraries

Mobile Sentinel uses the following libraries:

Known Bugs

  • Some phones with a Qualcomm baseband do not allow extracting cellular network traffic from the DIAG interface

More Repositories

1

DroneSecurity

DroneSecurity (NDSS 2023)
Python
945
star
2

kAFL

Code for the USENIX 2017 paper: kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels
Python
550
star
3

redqueen

Python
339
star
4

OMEN

OMEN: Ordered Markov ENumerator - Password Guesser
C
313
star
5

Microcode

Microcode Updates for the USENIX 2017 paper: Reverse Engineering x86 Processor Microcode
Python
297
star
6

syntia

Program synthesis based deobfuscation framework for the USENIX 2017 paper "Syntia: Synthesizing the Semantics of Obfuscated Code"
Python
296
star
7

nyx-net

Python
176
star
8

Nyx

USENIX 2021 - Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types
C
169
star
9

ijon

C
164
star
10

GANDCTAnalysis

Code for the ICML 2020 paper: Leveraging Frequency Analysis for Deep Fake Image Recognition.
Python
161
star
11

nautilus

a grammar based feedback fuzzer
Rust
158
star
12

aurora

Usenix Security 2021 - AURORA: Statistical Crash Analysis for Automated Root Cause Explanation
Rust
146
star
13

grimoire

Python
125
star
14

loki

Hardening code obfuscation against automated attacks
Python
125
star
15

Password-Guessing-Framework

A Framework for Comparing Password Guessing Strategies
Python
120
star
16

Marx

Uncovering Class Hierarchies in C++ Programs
C++
114
star
17

antifuzz

AntiFuzz: Impeding Fuzzing Audits of Binary Executables
C
101
star
18

EthBMC

The code repository for the 2020 Usenix Security paper "EthBMC: A Bounded Model Checker for Smart Contracts"
Rust
91
star
19

WaveFake

Python
71
star
20

SiemensS7-Bootloader

Client utility for Siemens S7 bootloader special access feature
Python
55
star
21

NEMO

Modeling Password Guessability Using Markov Models
Python
54
star
22

gadget_synthesis

Esorics 2021 - Towards Automating Code-Reuse Attacks Using Synthesized Gadget Chains
Python
54
star
23

EvilCoder

Code for the paper EvilCoder: Automated Bug Insertion at ACSAC 2016
Java
42
star
24

JIT-Picker

Swift
34
star
25

cupid

Cupid: Automatic Fuzzer Selection for Collaborative Fuzzing
C
29
star
26

Probfuscator

An Obfuscation Approach using Probabilistic Control Flows
C#
28
star
27

Hypercube

NDSS 2020 - HYPER-CUBE: High-Dimensional Hypervisor Fuzzing
C
24
star
28

ijon-data

14
star
29

PrimGen

ACSAC 2018 paper: Towards Automated Generation of Exploitation Primitives for Web Browsers
HTML
13
star
30

adversarial-papers

TeX
12
star
31

DroneSecurity-Fuzzer

DroneSecurity Fuzzer (NDSS 2023)
11
star
32

dompteur

C++
10
star
33

we-value-your-privacy

Results and data from the paper "We Value Your Privacy ... Now Take Some Cookies: Measuring the GDPR’s Impact on Web Privacy"
9
star
34

VPS

VTable Pointer Separation
C++
7
star
35

APC

Android (Unlock) Pattern Classifier
Kotlin
6
star
36

WindowsVTV

MinGW for 32bit with Vtable pointer verification (VTV)
C++
6
star
37

nyx-net-profuzzbench

Shell
6
star
38

PriDi

Python
5
star
39

xTag-mtalloc

C
5
star
40

SUCI-artifacts

some PCAPs and logs
5
star
41

ASSS

Application-Specific Software Stacks
4
star
42

xTag

4
star
43

MiddleboxProtocolStudy

Auxiliary material for NDSS'20 paper: On Using Application-Layer Middlebox Protocols for Peeking Behind NAT Gateways
Python
4
star
44

Password-Strength-Meter-Accuracy

Measuring the Accuracy of Password Strength Meters
Python
3
star
45

uninformed-consent

Repo for material related to the CCS 2019 paper, "(Un)informed Consent: Studying GDPR Consent Notices in the Field"
3
star
46

be-the-phisher

Code related to the study presented in "Be the Phisher - Understanding Users’ Perception of Malicious Domains" @ AsiaCCS 2020
Jupyter Notebook
2
star
47

symtegrity

Code for the DIMVA 2018 paper "On the Weaknesses of Function Table Randomization"
2
star
48

MastersOfTime

2
star
49

libXSGS

Implementation of Delerablée and Pointcheval's eXtremely Short Group Signatures (XSGS)
Shell
2
star
50

xTag-llvm

C++
1
star
51

MachineCodeTimings

JavaScript
1
star
52

tropyhunter

TODO
Python
1
star
53

GDPR-fines

Supplemental Material for the PETS 2022 Paper "Investigating GDPR Fines in the Light of Data Flows"
Jupyter Notebook
1
star
54

GeneratedMediaSurvey

Jupyter Notebook
1
star